Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Web Browsing Not Showing Images in IE and Avant Browser Launches but Does Not Display Any Pages. JAVA Will Not Install


  • Please log in to reply
23 replies to this topic

#1 jonxps

jonxps

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:11:44 AM

Posted 02 February 2013 - 07:44 PM

Using Windows Vista w latest updates Feb 1, 2013
Recently I noticed my computer was slower than normal and received an error when installing JAVA (JAVA is probably another problem that I'm not concerned about resolving, just a symptom of what else might be happening). I updated windows vista and download AVG. AVG found a virus named XF/Noisy. I already had AdAware installed and it found Trojans Win30/Heur and Generic 28.62I.
I normally use Avant Browser. After the AVG scan Avant would launch, but wouldn’t display any web pages. I reinstalled Avant and it’s still not opening any pages. Now in IE version 7, pictures/icons do not load. For instance when I go to google, the google graphic does not load. I get a rectangle where the graphic should be with an X in the upper left corner. I reset IE 7 to the default settings and nothing changed.

Update Feb 3 2013. I decided to try to install Charter Security Suite and it told me to uninstall other security software, which I had done. I called Charter and they told me that AVG does not completely uninstall. I called AVG and they ran some scans and said the PC needed an $80 service to fix it. As much as I would like to save my 4 year old PC; it isn't worth what they wanted to charge. From what I can tell there aren't any hardware problems, just software.

Edited by jonxps, 03 February 2013 - 05:40 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:44 AM

Posted 03 February 2013 - 05:31 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 jonxps

jonxps
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:11:44 AM

Posted 03 February 2013 - 05:56 PM

Results of TDSSkiller(aswMBR to follow):

17:50:25.0850 5664 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:50:26.0316 5664 ============================================================
17:50:26.0316 5664 Current date / time: 2013/02/03 17:50:26.0316
17:50:26.0316 5664 SystemInfo:
17:50:26.0316 5664
17:50:26.0316 5664 OS Version: 6.0.6002 ServicePack: 2.0
17:50:26.0316 5664 Product type: Workstation
17:50:26.0316 5664 ComputerName: MAIN-PC
17:50:26.0316 5664 UserName: main
17:50:26.0316 5664 Windows directory: C:\Windows
17:50:26.0316 5664 System windows directory: C:\Windows
17:50:26.0316 5664 Processor architecture: Intel x86
17:50:26.0316 5664 Number of processors: 4
17:50:26.0316 5664 Page size: 0x1000
17:50:26.0316 5664 Boot type: Normal boot
17:50:26.0316 5664 ============================================================
17:50:34.0081 5664 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:50:34.0112 5664 Drive \Device\Harddisk1\DR1 - Size: 0x3A70C70000 (233.76 Gb), SectorSize: 0x200, Cylinders: 0x7733, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:50:34.0151 5664 ============================================================
17:50:34.0151 5664 \Device\Harddisk0\DR0:
17:50:34.0151 5664 MBR partitions:
17:50:34.0151 5664 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0x1E00000
17:50:34.0151 5664 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E1F800, BlocksNum 0x38566000
17:50:34.0151 5664 \Device\Harddisk1\DR1:
17:50:34.0151 5664 MBR partitions:
17:50:34.0151 5664 ============================================================
17:50:34.0162 5664 C: <-> \Device\Harddisk0\DR0\Partition2
17:50:34.0195 5664 D: <-> \Device\Harddisk0\DR0\Partition1
17:50:34.0195 5664 ============================================================
17:50:34.0196 5664 Initialize success
17:50:34.0196 5664 ============================================================
17:51:07.0029 5020 ============================================================
17:51:07.0029 5020 Scan started
17:51:07.0029 5020 Mode: Manual; TDLFS;
17:51:07.0029 5020 ============================================================
17:51:07.0179 5020 ================ Scan system memory ========================
17:51:07.0180 5020 System memory - ok
17:51:07.0180 5020 ================ Scan services =============================
17:51:07.0297 5020 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
17:51:07.0299 5020 ACPI - ok
17:51:07.0326 5020 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:51:07.0332 5020 adp94xx - ok
17:51:07.0350 5020 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:51:07.0352 5020 adpahci - ok
17:51:07.0372 5020 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:51:07.0373 5020 adpu160m - ok
17:51:07.0389 5020 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:51:07.0390 5020 adpu320 - ok
17:51:07.0425 5020 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:51:07.0425 5020 AeLookupSvc - ok
17:51:07.0469 5020 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
17:51:07.0472 5020 AFD - ok
17:51:07.0503 5020 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:51:07.0504 5020 agp440 - ok
17:51:07.0513 5020 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:51:07.0514 5020 aic78xx - ok
17:51:07.0536 5020 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
17:51:07.0537 5020 ALG - ok
17:51:07.0559 5020 [ 3A99CB23A2D326FD532618705D6E3048 ] aliide C:\Windows\system32\drivers\aliide.sys
17:51:07.0560 5020 aliide - ok
17:51:07.0570 5020 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:51:07.0570 5020 amdagp - ok
17:51:07.0578 5020 [ 4333C133DBD71C7D7FE4FB1B83F9EE3E ] amdide C:\Windows\system32\drivers\amdide.sys
17:51:07.0578 5020 amdide - ok
17:51:07.0590 5020 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
17:51:07.0591 5020 AmdK7 - ok
17:51:07.0607 5020 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:51:07.0608 5020 AmdK8 - ok
17:51:07.0692 5020 [ C4D2B444FF83CF348EC6589DE5D09386 ] APC UPS Service C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
17:51:07.0696 5020 APC UPS Service - ok
17:51:07.0733 5020 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
17:51:07.0734 5020 Appinfo - ok
17:51:07.0780 5020 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:51:07.0781 5020 Apple Mobile Device - ok
17:51:07.0800 5020 [ 0FE769CAE5855B53C90E23F85E7E89FF ] AppMgmt C:\Windows\System32\appmgmts.dll
17:51:07.0802 5020 AppMgmt - ok
17:51:07.0806 5020 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
17:51:07.0807 5020 arc - ok
17:51:07.0818 5020 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:51:07.0818 5020 arcsas - ok
17:51:07.0849 5020 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:51:07.0850 5020 AsyncMac - ok
17:51:07.0880 5020 [ A779CA2C76DA4FCB595E692C05E8E4EB ] atapi C:\Windows\system32\drivers\atapi.sys
17:51:07.0881 5020 atapi - ok
17:51:07.0908 5020 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:51:07.0910 5020 AudioEndpointBuilder - ok
17:51:07.0924 5020 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:51:07.0926 5020 Audiosrv - ok
17:51:07.0960 5020 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
17:51:07.0960 5020 Beep - ok
17:51:07.0992 5020 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
17:51:07.0994 5020 BFE - ok
17:51:08.0034 5020 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
17:51:08.0050 5020 BITS - ok
17:51:08.0054 5020 blbdrive - ok
17:51:08.0088 5020 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:51:08.0089 5020 bowser - ok
17:51:08.0101 5020 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:51:08.0102 5020 BrFiltLo - ok
17:51:08.0109 5020 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:51:08.0110 5020 BrFiltUp - ok
17:51:08.0139 5020 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
17:51:08.0141 5020 Browser - ok
17:51:08.0161 5020 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
17:51:08.0161 5020 Brserid - ok
17:51:08.0167 5020 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:51:08.0167 5020 BrSerWdm - ok
17:51:08.0179 5020 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:51:08.0179 5020 BrUsbMdm - ok
17:51:08.0194 5020 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:51:08.0195 5020 BrUsbSer - ok
17:51:08.0233 5020 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
17:51:08.0234 5020 BthEnum - ok
17:51:08.0252 5020 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:51:08.0252 5020 BTHMODEM - ok
17:51:08.0282 5020 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:51:08.0283 5020 BthPan - ok
17:51:08.0317 5020 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:51:08.0323 5020 BTHPORT - ok
17:51:08.0339 5020 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
17:51:08.0340 5020 BthServ - ok
17:51:08.0345 5020 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:51:08.0345 5020 BTHUSB - ok
17:51:08.0379 5020 [ FC23E3A7AE18B02DCC1A34CBEF3F80AF ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
17:51:08.0379 5020 btwaudio - ok
17:51:08.0384 5020 [ 5E14C92763E51130BFB9A670AFD7EDDF ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
17:51:08.0385 5020 btwavdt - ok
17:51:08.0388 5020 [ AC3FD5A3BBFA114098F75B80C4C1F3E7 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
17:51:08.0389 5020 btwrchid - ok
17:51:08.0476 5020 catchme - ok
17:51:08.0514 5020 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:51:08.0514 5020 cdfs - ok
17:51:08.0537 5020 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:51:08.0537 5020 cdrom - ok
17:51:08.0571 5020 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
17:51:08.0571 5020 CertPropSvc - ok
17:51:08.0588 5020 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
17:51:08.0589 5020 circlass - ok
17:51:08.0618 5020 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
17:51:08.0621 5020 CLFS - ok
17:51:08.0663 5020 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:51:08.0664 5020 clr_optimization_v2.0.50727_32 - ok
17:51:08.0734 5020 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:51:08.0736 5020 clr_optimization_v4.0.30319_32 - ok
17:51:08.0761 5020 [ DFB94A6FC3A26972B0461AB5F1D8272B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:51:08.0761 5020 cmdide - ok
17:51:08.0765 5020 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:51:08.0765 5020 Compbatt - ok
17:51:08.0771 5020 COMSysApp - ok
17:51:08.0775 5020 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:51:08.0776 5020 crcdisk - ok
17:51:08.0813 5020 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
17:51:08.0856 5020 Crusoe - ok
17:51:08.0890 5020 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:51:08.0892 5020 CryptSvc - ok
17:51:08.0941 5020 [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C ] CSC C:\Windows\system32\drivers\csc.sys
17:51:08.0945 5020 CSC - ok
17:51:08.0999 5020 [ 0A2095F92F6AE4FE6484D911B0C21E95 ] CscService C:\Windows\System32\cscsvc.dll
17:51:09.0002 5020 CscService - ok
17:51:09.0034 5020 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:51:09.0039 5020 DcomLaunch - ok
17:51:09.0059 5020 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:51:09.0059 5020 DfsC - ok
17:51:09.0125 5020 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
17:51:09.0165 5020 DFSR - ok
17:51:09.0223 5020 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:51:09.0225 5020 Dhcp - ok
17:51:09.0237 5020 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
17:51:09.0238 5020 disk - ok
17:51:09.0266 5020 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:51:09.0268 5020 Dnscache - ok
17:51:09.0289 5020 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:51:09.0292 5020 dot3svc - ok
17:51:09.0317 5020 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
17:51:09.0319 5020 DPS - ok
17:51:09.0349 5020 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:51:09.0350 5020 drmkaud - ok
17:51:09.0393 5020 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:51:09.0409 5020 DXGKrnl - ok
17:51:09.0460 5020 [ 04944F4FC4F0477185F5D26AE0DDB90E ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
17:51:09.0462 5020 e1express - ok
17:51:09.0520 5020 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
17:51:09.0521 5020 E1G60 - ok
17:51:09.0560 5020 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
17:51:09.0562 5020 EapHost - ok
17:51:09.0603 5020 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
17:51:09.0604 5020 Ecache - ok
17:51:09.0642 5020 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:51:09.0645 5020 ehRecvr - ok
17:51:09.0683 5020 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
17:51:09.0684 5020 ehSched - ok
17:51:09.0703 5020 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
17:51:09.0703 5020 ehstart - ok
17:51:09.0730 5020 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:51:09.0733 5020 elxstor - ok
17:51:09.0772 5020 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:51:09.0776 5020 EMDMgmt - ok
17:51:09.0803 5020 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
17:51:09.0805 5020 EventSystem - ok
17:51:09.0834 5020 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
17:51:09.0835 5020 exfat - ok
17:51:09.0850 5020 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:51:09.0852 5020 fastfat - ok
17:51:09.0885 5020 [ DFBA0F60FA301E5B1BFB1403A93EE23E ] Fax C:\Windows\system32\fxssvc.exe
17:51:09.0899 5020 Fax - ok
17:51:09.0912 5020 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:51:09.0913 5020 fdc - ok
17:51:09.0929 5020 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
17:51:09.0930 5020 fdPHost - ok
17:51:09.0939 5020 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
17:51:09.0939 5020 FDResPub - ok
17:51:09.0956 5020 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:51:09.0957 5020 FileInfo - ok
17:51:09.0983 5020 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:51:09.0983 5020 Filetrace - ok
17:51:09.0997 5020 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:51:09.0997 5020 flpydisk - ok
17:51:10.0028 5020 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:51:10.0030 5020 FltMgr - ok
17:51:10.0080 5020 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
17:51:10.0085 5020 FontCache - ok
17:51:10.0132 5020 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:51:10.0133 5020 FontCache3.0.0.0 - ok
17:51:10.0159 5020 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:51:10.0160 5020 Fs_Rec - ok
17:51:10.0165 5020 [ FECF4C2E42440A8D132BF94EEE3C3FC9 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:51:10.0166 5020 fvevol - ok
17:51:10.0186 5020 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:51:10.0187 5020 gagp30kx - ok
17:51:10.0212 5020 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:51:10.0212 5020 GEARAspiWDM - ok
17:51:10.0251 5020 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
17:51:10.0255 5020 gpsvc - ok
17:51:10.0328 5020 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:51:10.0330 5020 gupdate - ok
17:51:10.0334 5020 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:51:10.0334 5020 gupdatem - ok
17:51:10.0369 5020 [ 408DDD80EEDE47175F6844817B90213E ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:51:10.0371 5020 gusvc - ok
17:51:10.0403 5020 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:51:10.0407 5020 HDAudBus - ok
17:51:10.0444 5020 [ 1EEA61828EB0263B97252842C07E5A1C ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:51:10.0444 5020 HidBatt - ok
17:51:10.0461 5020 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:51:10.0462 5020 HidBth - ok
17:51:10.0475 5020 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
17:51:10.0476 5020 HidIr - ok
17:51:10.0495 5020 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
17:51:10.0496 5020 hidserv - ok
17:51:10.0527 5020 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:51:10.0527 5020 HidUsb - ok
17:51:10.0549 5020 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:51:10.0551 5020 hkmsvc - ok
17:51:10.0572 5020 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:51:10.0572 5020 HpCISSs - ok
17:51:10.0621 5020 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:51:10.0625 5020 HTTP - ok
17:51:10.0642 5020 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:51:10.0643 5020 i2omp - ok
17:51:10.0692 5020 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:51:10.0692 5020 i8042prt - ok
17:51:10.0741 5020 [ 72B53E9C8924949DEC8F3799BCBA2251 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
17:51:10.0744 5020 IAANTMON - ok
17:51:10.0766 5020 [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor C:\Windows\system32\drivers\iastor.sys
17:51:10.0768 5020 iaStor - ok
17:51:10.0784 5020 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:51:10.0786 5020 iaStorV - ok
17:51:10.0847 5020 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:51:10.0862 5020 idsvc - ok
17:51:10.0904 5020 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:51:10.0905 5020 iirsp - ok
17:51:10.0932 5020 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
17:51:10.0948 5020 IKEEXT - ok
17:51:11.0022 5020 [ 1C60617D54BC9F035671A44B75D9F7CC ] intelide C:\Windows\system32\drivers\intelide.sys
17:51:11.0022 5020 intelide - ok
17:51:11.0049 5020 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:51:11.0050 5020 intelppm - ok
17:51:11.0090 5020 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
17:51:11.0091 5020 IntuitUpdateService - ok
17:51:11.0141 5020 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
17:51:11.0141 5020 IntuitUpdateServiceV4 - ok
17:51:11.0158 5020 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:51:11.0160 5020 IPBusEnum - ok
17:51:11.0184 5020 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:51:11.0184 5020 IpFilterDriver - ok
17:51:11.0220 5020 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:51:11.0222 5020 iphlpsvc - ok
17:51:11.0225 5020 IpInIp - ok
17:51:11.0242 5020 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:51:11.0242 5020 IPMIDRV - ok
17:51:11.0275 5020 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:51:11.0276 5020 IPNAT - ok
17:51:11.0322 5020 [ CA1972397B845B2F53F5DC63C22FD98A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:51:11.0339 5020 iPod Service - ok
17:51:11.0361 5020 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:51:11.0361 5020 IRENUM - ok
17:51:11.0403 5020 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:51:11.0404 5020 isapnp - ok
17:51:11.0430 5020 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:51:11.0432 5020 iScsiPrt - ok
17:51:11.0450 5020 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:51:11.0450 5020 iteatapi - ok
17:51:11.0467 5020 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:51:11.0467 5020 iteraid - ok
17:51:11.0489 5020 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:51:11.0489 5020 kbdclass - ok
17:51:11.0535 5020 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:51:11.0535 5020 kbdhid - ok
17:51:11.0588 5020 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
17:51:11.0590 5020 KeyIso - ok
17:51:11.0616 5020 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:51:11.0621 5020 KSecDD - ok
17:51:11.0649 5020 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:51:11.0653 5020 KtmRm - ok
17:51:11.0672 5020 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
17:51:11.0674 5020 LanmanServer - ok
17:51:11.0698 5020 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:51:11.0701 5020 LanmanWorkstation - ok
17:51:11.0716 5020 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:51:11.0717 5020 lltdio - ok
17:51:11.0744 5020 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:51:11.0747 5020 lltdsvc - ok
17:51:11.0765 5020 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:51:11.0766 5020 lmhosts - ok
17:51:11.0788 5020 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:51:11.0789 5020 LSI_FC - ok
17:51:11.0796 5020 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:51:11.0796 5020 LSI_SAS - ok
17:51:11.0811 5020 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:51:11.0811 5020 LSI_SCSI - ok
17:51:11.0843 5020 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
17:51:11.0844 5020 luafv - ok
17:51:11.0864 5020 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:51:11.0866 5020 Mcx2Svc - ok
17:51:11.0921 5020 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
17:51:11.0923 5020 MDM - ok
17:51:11.0944 5020 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
17:51:11.0945 5020 megasas - ok
17:51:11.0969 5020 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
17:51:11.0970 5020 MMCSS - ok
17:51:11.0995 5020 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
17:51:11.0996 5020 Modem - ok
17:51:12.0030 5020 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:51:12.0030 5020 monitor - ok
17:51:12.0048 5020 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:51:12.0049 5020 mouclass - ok
17:51:12.0055 5020 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:51:12.0055 5020 mouhid - ok
17:51:12.0069 5020 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:51:12.0069 5020 MountMgr - ok
17:51:12.0074 5020 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
17:51:12.0074 5020 mpio - ok
17:51:12.0101 5020 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:51:12.0102 5020 mpsdrv - ok
17:51:12.0135 5020 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
17:51:12.0138 5020 MpsSvc - ok
17:51:12.0154 5020 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:51:12.0155 5020 Mraid35x - ok
17:51:12.0171 5020 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:51:12.0172 5020 MRxDAV - ok
17:51:12.0191 5020 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:51:12.0192 5020 mrxsmb - ok
17:51:12.0204 5020 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:51:12.0206 5020 mrxsmb10 - ok
17:51:12.0211 5020 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:51:12.0211 5020 mrxsmb20 - ok
17:51:12.0231 5020 [ F0EC3A4E0693A34B148723B4DA31668C ] msahci C:\Windows\system32\drivers\msahci.sys
17:51:12.0232 5020 msahci - ok
17:51:12.0240 5020 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:51:12.0240 5020 msdsm - ok
17:51:12.0266 5020 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
17:51:12.0268 5020 MSDTC - ok
17:51:12.0286 5020 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:51:12.0287 5020 Msfs - ok
17:51:12.0293 5020 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:51:12.0293 5020 msisadrv - ok
17:51:12.0316 5020 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:51:12.0318 5020 MSiSCSI - ok
17:51:12.0321 5020 msiserver - ok
17:51:12.0358 5020 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:51:12.0359 5020 MSKSSRV - ok
17:51:12.0373 5020 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:51:12.0373 5020 MSPCLOCK - ok
17:51:12.0381 5020 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:51:12.0381 5020 MSPQM - ok
17:51:12.0398 5020 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:51:12.0400 5020 MsRPC - ok
17:51:12.0406 5020 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:51:12.0406 5020 mssmbios - ok
17:51:12.0430 5020 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:51:12.0430 5020 MSTEE - ok
17:51:12.0450 5020 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
17:51:12.0450 5020 Mup - ok
17:51:12.0474 5020 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
17:51:12.0478 5020 napagent - ok
17:51:12.0509 5020 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:51:12.0510 5020 NativeWifiP - ok
17:51:12.0554 5020 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:51:12.0560 5020 NDIS - ok
17:51:12.0575 5020 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:51:12.0576 5020 NdisTapi - ok
17:51:12.0609 5020 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:51:12.0610 5020 Ndisuio - ok
17:51:12.0632 5020 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:51:12.0634 5020 NdisWan - ok
17:51:12.0654 5020 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:51:12.0654 5020 NDProxy - ok
17:51:12.0658 5020 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:51:12.0659 5020 NetBIOS - ok
17:51:12.0665 5020 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:51:12.0667 5020 netbt - ok
17:51:12.0681 5020 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
17:51:12.0682 5020 Netlogon - ok
17:51:12.0705 5020 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
17:51:12.0708 5020 Netman - ok
17:51:12.0732 5020 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
17:51:12.0735 5020 netprofm - ok
17:51:12.0752 5020 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:51:12.0753 5020 NetTcpPortSharing - ok
17:51:12.0778 5020 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:51:12.0779 5020 nfrd960 - ok
17:51:12.0799 5020 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:51:12.0802 5020 NlaSvc - ok
17:51:12.0807 5020 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:51:12.0808 5020 Npfs - ok
17:51:12.0823 5020 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
17:51:12.0825 5020 nsi - ok
17:51:12.0833 5020 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:51:12.0833 5020 nsiproxy - ok
17:51:12.0868 5020 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:51:12.0894 5020 Ntfs - ok
17:51:12.0919 5020 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
17:51:12.0919 5020 ntrigdigi - ok
17:51:12.0943 5020 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
17:51:12.0944 5020 Null - ok
17:51:13.0158 5020 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:51:13.0214 5020 nvlddmkm - ok
17:51:13.0241 5020 [ 6F785DB62A6D8F3FAFD3E5695277E849 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:51:13.0242 5020 nvraid - ok
17:51:13.0255 5020 [ 4A5FCAB82D9BF6AF8A023A66802FE9E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:51:13.0256 5020 nvstor - ok
17:51:13.0310 5020 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:51:13.0315 5020 nvsvc - ok
17:51:13.0386 5020 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:51:13.0410 5020 nvUpdatusService - ok
17:51:13.0426 5020 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:51:13.0427 5020 nv_agp - ok
17:51:13.0430 5020 NwlnkFlt - ok
17:51:13.0434 5020 NwlnkFwd - ok
17:51:13.0469 5020 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:51:13.0470 5020 ohci1394 - ok
17:51:13.0485 5020 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:51:13.0486 5020 ose - ok
17:51:13.0515 5020 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:51:13.0532 5020 p2pimsvc - ok
17:51:13.0541 5020 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
17:51:13.0547 5020 p2psvc - ok
17:51:13.0567 5020 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
17:51:13.0568 5020 Parport - ok
17:51:13.0599 5020 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:51:13.0599 5020 partmgr - ok
17:51:13.0617 5020 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
17:51:13.0618 5020 Parvdm - ok
17:51:13.0646 5020 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
17:51:13.0648 5020 PcaSvc - ok
17:51:13.0658 5020 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
17:51:13.0660 5020 pci - ok
17:51:13.0682 5020 [ 20B869152448F80AC49CF10264E91F5E ] pciide C:\Windows\system32\drivers\pciide.sys
17:51:13.0683 5020 pciide - ok
17:51:13.0700 5020 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:51:13.0701 5020 pcmcia - ok
17:51:13.0740 5020 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:51:13.0755 5020 PEAUTH - ok
17:51:13.0811 5020 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
17:51:13.0844 5020 pla - ok
17:51:13.0877 5020 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:51:13.0880 5020 PlugPlay - ok
17:51:13.0891 5020 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:51:13.0896 5020 PNRPAutoReg - ok
17:51:13.0905 5020 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:51:13.0910 5020 PNRPsvc - ok
17:51:13.0930 5020 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:51:13.0935 5020 PolicyAgent - ok
17:51:13.0961 5020 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:51:13.0962 5020 PptpMiniport - ok
17:51:13.0975 5020 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
17:51:13.0975 5020 Processor - ok
17:51:13.0993 5020 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
17:51:13.0996 5020 ProfSvc - ok
17:51:14.0006 5020 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
17:51:14.0007 5020 ProtectedStorage - ok
17:51:14.0028 5020 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:51:14.0029 5020 PSched - ok
17:51:14.0046 5020 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
17:51:14.0047 5020 PxHelp20 - ok
17:51:14.0082 5020 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:51:14.0099 5020 ql2300 - ok
17:51:14.0130 5020 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:51:14.0130 5020 ql40xx - ok
17:51:14.0157 5020 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
17:51:14.0160 5020 QWAVE - ok
17:51:14.0179 5020 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:51:14.0179 5020 QWAVEdrv - ok
17:51:14.0204 5020 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:51:14.0204 5020 RasAcd - ok
17:51:14.0224 5020 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
17:51:14.0227 5020 RasAuto - ok
17:51:14.0242 5020 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:51:14.0242 5020 Rasl2tp - ok
17:51:14.0266 5020 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
17:51:14.0269 5020 RasMan - ok
17:51:14.0285 5020 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:51:14.0286 5020 RasPppoe - ok
17:51:14.0298 5020 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:51:14.0298 5020 RasSstp - ok
17:51:14.0314 5020 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:51:14.0316 5020 rdbss - ok
17:51:14.0332 5020 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:51:14.0332 5020 RDPCDD - ok
17:51:14.0352 5020 [ 943B18305EAE3935598A9B4A3D560B4C ] rdpdr C:\Windows\system32\DRIVERS\rdpdr.sys
17:51:14.0354 5020 rdpdr - ok
17:51:14.0358 5020 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:51:14.0358 5020 RDPENCDD - ok
17:51:14.0392 5020 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:51:14.0393 5020 RDPWD - ok
17:51:14.0419 5020 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:51:14.0421 5020 RemoteAccess - ok
17:51:14.0435 5020 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:51:14.0438 5020 RemoteRegistry - ok
17:51:14.0459 5020 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:51:14.0461 5020 RFCOMM - ok
17:51:14.0514 5020 [ EB9717ACDB9B70CCF61684EBCF9DA6A3 ] RoxLiveShare10 C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
17:51:14.0516 5020 RoxLiveShare10 - ok
17:51:14.0546 5020 [ 64A8759E9B7E5467F60CB729B1EC352E ] RoxMediaDB10 C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
17:51:14.0563 5020 RoxMediaDB10 - ok
17:51:14.0604 5020 [ 2884DDA6ED8E8FD88568D924A79A9B30 ] RoxWatch10 C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
17:51:14.0605 5020 RoxWatch10 - ok
17:51:14.0625 5020 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
17:51:14.0626 5020 RpcLocator - ok
17:51:14.0643 5020 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
17:51:14.0647 5020 RpcSs - ok
17:51:14.0665 5020 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:51:14.0666 5020 rspndr - ok
17:51:14.0681 5020 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
17:51:14.0682 5020 SamSs - ok
17:51:14.0712 5020 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:51:14.0713 5020 sbp2port - ok
17:51:14.0733 5020 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:51:14.0735 5020 SCardSvr - ok
17:51:14.0762 5020 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
17:51:14.0767 5020 Schedule - ok
17:51:14.0779 5020 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:51:14.0780 5020 SCPolicySvc - ok
17:51:14.0801 5020 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:51:14.0804 5020 SDRSVC - ok
17:51:14.0818 5020 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:51:14.0819 5020 secdrv - ok
17:51:14.0837 5020 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
17:51:14.0839 5020 seclogon - ok
17:51:14.0854 5020 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
17:51:14.0856 5020 SENS - ok
17:51:14.0872 5020 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:51:14.0873 5020 Serenum - ok
17:51:14.0883 5020 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
17:51:14.0884 5020 Serial - ok
17:51:14.0911 5020 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:51:14.0911 5020 sermouse - ok
17:51:14.0941 5020 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
17:51:14.0944 5020 SessionEnv - ok
17:51:14.0964 5020 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:51:14.0965 5020 sffdisk - ok
17:51:14.0974 5020 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:51:14.0974 5020 sffp_mmc - ok
17:51:14.0986 5020 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:51:14.0986 5020 sffp_sd - ok
17:51:14.0992 5020 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:51:14.0992 5020 sfloppy - ok
17:51:15.0014 5020 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:51:15.0018 5020 SharedAccess - ok
17:51:15.0044 5020 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:51:15.0047 5020 ShellHWDetection - ok
17:51:15.0064 5020 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:51:15.0065 5020 sisagp - ok
17:51:15.0083 5020 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:51:15.0084 5020 SiSRaid2 - ok
17:51:15.0100 5020 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:51:15.0101 5020 SiSRaid4 - ok
17:51:15.0184 5020 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
17:51:15.0203 5020 slsvc - ok
17:51:15.0219 5020 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:51:15.0221 5020 SLUINotify - ok
17:51:15.0240 5020 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:51:15.0241 5020 Smb - ok
17:51:15.0262 5020 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:51:15.0264 5020 SNMPTRAP - ok
17:51:15.0284 5020 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
17:51:15.0285 5020 spldr - ok
17:51:15.0307 5020 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
17:51:15.0310 5020 Spooler - ok
17:51:15.0362 5020 [ E8B705F9ABE446AAF7A315EF8B4AEA5A ] sptd C:\Windows\system32\Drivers\sptd.sys
17:51:15.0362 5020 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: E8B705F9ABE446AAF7A315EF8B4AEA5A
17:51:15.0364 5020 sptd ( LockedFile.Multi.Generic ) - warning
17:51:15.0364 5020 sptd - detected LockedFile.Multi.Generic (1)
17:51:15.0382 5020 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:51:15.0385 5020 srv - ok
17:51:15.0398 5020 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:51:15.0400 5020 srv2 - ok
17:51:15.0404 5020 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:51:15.0405 5020 srvnet - ok
17:51:15.0445 5020 [ D5DFFEAA1E15D4EFFABB9D9A3068AC5B ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
17:51:15.0446 5020 sscdbus - ok
17:51:15.0482 5020 [ 8A1BE0C347814F482F493AEA619D57F6 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
17:51:15.0482 5020 sscdmdfl - ok
17:51:15.0513 5020 [ 5AB0B1987F682A59B15B78F84C6AD7D0 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
17:51:15.0514 5020 sscdmdm - ok
17:51:15.0543 5020 [ 751E66EB32EFA80633B80F5D7FF0A1D8 ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys
17:51:15.0543 5020 sscdserd - ok
17:51:15.0564 5020 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:51:15.0566 5020 SSDPSRV - ok
17:51:15.0604 5020 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:51:15.0607 5020 SstpSvc - ok
17:51:15.0633 5020 [ B218068EBA6F46F102B4218BDB81BE0B ] STacSV C:\Windows\system32\STacSV.exe
17:51:15.0635 5020 STacSV - ok
17:51:15.0690 5020 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:51:15.0692 5020 Stereo Service - ok
17:51:15.0716 5020 [ 167909A1C36AA3E8F2582962F0CCC748 ] STHDA C:\Windows\system32\drivers\stwrt.sys
17:51:15.0719 5020 STHDA - ok
17:51:15.0747 5020 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
17:51:15.0752 5020 stisvc - ok
17:51:15.0791 5020 [ 7489520E98A119B5A9A00857F4F87D16 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
17:51:15.0791 5020 stllssvr - ok
17:51:15.0806 5020 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:51:15.0807 5020 swenum - ok
17:51:15.0829 5020 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
17:51:15.0835 5020 swprv - ok
17:51:15.0862 5020 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:51:15.0862 5020 Symc8xx - ok
17:51:15.0877 5020 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:51:15.0877 5020 Sym_hi - ok
17:51:15.0893 5020 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:51:15.0893 5020 Sym_u3 - ok
17:51:15.0928 5020 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
17:51:15.0933 5020 SysMain - ok
17:51:15.0951 5020 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:51:15.0953 5020 TabletInputService - ok
17:51:15.0972 5020 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:51:15.0975 5020 TapiSrv - ok
17:51:15.0997 5020 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
17:51:15.0999 5020 TBS - ok
17:51:16.0035 5020 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:51:16.0052 5020 Tcpip - ok
17:51:16.0066 5020 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:51:16.0071 5020 Tcpip6 - ok
17:51:16.0094 5020 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:51:16.0095 5020 tcpipreg - ok
17:51:16.0117 5020 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:51:16.0117 5020 TDPIPE - ok
17:51:16.0147 5020 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:51:16.0148 5020 TDTCP - ok
17:51:16.0171 5020 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:51:16.0172 5020 tdx - ok
17:51:16.0284 5020 [ 33966A658FF37E0C65D46E59F37E2380 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
17:51:16.0299 5020 TeamViewer7 - ok
17:51:16.0314 5020 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:51:16.0315 5020 TermDD - ok
17:51:16.0345 5020 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
17:51:16.0349 5020 TermService - ok
17:51:16.0361 5020 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
17:51:16.0364 5020 Themes - ok
17:51:16.0377 5020 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
17:51:16.0378 5020 THREADORDER - ok
17:51:16.0446 5020 [ 0407143F2BBC1A5DD5B518AC0704FCBF ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
17:51:16.0446 5020 TomTomHOMEService - ok
17:51:16.0463 5020 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
17:51:16.0466 5020 TrkWks - ok
17:51:16.0507 5020 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:51:16.0508 5020 TrustedInstaller - ok
17:51:16.0522 5020 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:51:16.0522 5020 tssecsrv - ok
17:51:16.0571 5020 [ CA997947767A06535BDDF1B562ED5E70 ] TunerFreeMCEService C:\Program Files\MillieSoft\TunerFreeMCE\TunerFreeMCEService.exe
17:51:16.0571 5020 TunerFreeMCEService - ok
17:51:16.0582 5020 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:51:16.0583 5020 tunmp - ok
17:51:16.0607 5020 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:51:16.0607 5020 tunnel - ok
17:51:16.0632 5020 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:51:16.0633 5020 uagp35 - ok
17:51:16.0661 5020 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:51:16.0664 5020 udfs - ok
17:51:16.0694 5020 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:51:16.0697 5020 UI0Detect - ok
17:51:16.0717 5020 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:51:16.0718 5020 uliagpkx - ok
17:51:16.0737 5020 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:51:16.0739 5020 uliahci - ok
17:51:16.0757 5020 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:51:16.0758 5020 UlSata - ok
17:51:16.0778 5020 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:51:16.0779 5020 ulsata2 - ok
17:51:16.0794 5020 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:51:16.0794 5020 umbus - ok
17:51:16.0814 5020 [ 8A66360F38F81E960E2367B428CBD5D9 ] UmRdpService C:\Windows\System32\umrdp.dll
17:51:16.0818 5020 UmRdpService - ok
17:51:16.0839 5020 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
17:51:16.0842 5020 upnphost - ok
17:51:16.0874 5020 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
17:51:16.0874 5020 USBAAPL - ok
17:51:16.0915 5020 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:51:16.0916 5020 usbccgp - ok
17:51:16.0929 5020 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:51:16.0930 5020 usbcir - ok
17:51:16.0947 5020 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:51:16.0947 5020 usbehci - ok
17:51:16.0964 5020 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:51:16.0966 5020 usbhub - ok
17:51:16.0987 5020 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:51:16.0988 5020 usbohci - ok
17:51:17.0013 5020 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:51:17.0013 5020 usbprint - ok
17:51:17.0028 5020 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:51:17.0029 5020 USBSTOR - ok
17:51:17.0053 5020 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:51:17.0053 5020 usbuhci - ok
17:51:17.0067 5020 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
17:51:17.0070 5020 UxSms - ok
17:51:17.0092 5020 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
17:51:17.0107 5020 vds - ok
17:51:17.0143 5020 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:51:17.0144 5020 vga - ok
17:51:17.0170 5020 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
17:51:17.0171 5020 VgaSave - ok
17:51:17.0187 5020 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:51:17.0187 5020 viaagp - ok
17:51:17.0198 5020 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
17:51:17.0199 5020 ViaC7 - ok
17:51:17.0225 5020 [ 58C8D5AC5C3EEF40E7E704A5CED7987D ] viaide C:\Windows\system32\drivers\viaide.sys
17:51:17.0226 5020 viaide - ok
17:51:17.0243 5020 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:51:17.0244 5020 volmgr - ok
17:51:17.0269 5020 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:51:17.0272 5020 volmgrx - ok
17:51:17.0290 5020 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:51:17.0292 5020 volsnap - ok
17:51:17.0317 5020 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:51:17.0318 5020 vsmraid - ok
17:51:17.0348 5020 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
17:51:17.0373 5020 VSS - ok
17:51:17.0383 5020 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
17:51:17.0387 5020 W32Time - ok
17:51:17.0406 5020 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:51:17.0407 5020 WacomPen - ok
17:51:17.0429 5020 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:51:17.0430 5020 Wanarp - ok
17:51:17.0433 5020 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:51:17.0433 5020 Wanarpv6 - ok
17:51:17.0458 5020 [ 20B23332885DFB93FE0185362EE811E9 ] wbengine C:\Windows\system32\wbengine.exe
17:51:17.0474 5020 wbengine - ok
17:51:17.0492 5020 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:51:17.0497 5020 wcncsvc - ok
17:51:17.0519 5020 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:51:17.0522 5020 WcsPlugInService - ok
17:51:17.0539 5020 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
17:51:17.0540 5020 Wd - ok
17:51:17.0572 5020 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:51:17.0578 5020 Wdf01000 - ok
17:51:17.0594 5020 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:51:17.0596 5020 WdiServiceHost - ok
17:51:17.0599 5020 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:51:17.0602 5020 WdiSystemHost - ok
17:51:17.0617 5020 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
17:51:17.0621 5020 WebClient - ok
17:51:17.0640 5020 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:51:17.0643 5020 Wecsvc - ok
17:51:17.0654 5020 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:51:17.0657 5020 wercplsupport - ok
17:51:17.0673 5020 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
17:51:17.0675 5020 WerSvc - ok
17:51:17.0721 5020 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:51:17.0723 5020 WinDefend - ok
17:51:17.0728 5020 WinHttpAutoProxySvc - ok
17:51:17.0771 5020 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:51:17.0772 5020 Winmgmt - ok
17:51:17.0813 5020 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
17:51:17.0837 5020 WinRM - ok
17:51:17.0858 5020 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.SYS
17:51:17.0858 5020 WinUsb - ok
17:51:17.0884 5020 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:51:17.0900 5020 Wlansvc - ok
17:51:17.0972 5020 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:51:17.0981 5020 wlidsvc - ok
17:51:18.0005 5020 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:51:18.0006 5020 WmiAcpi - ok
17:51:18.0030 5020 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:51:18.0031 5020 wmiApSrv - ok
17:51:18.0063 5020 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:51:18.0069 5020 WMPNetworkSvc - ok
17:51:18.0083 5020 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:51:18.0086 5020 WPCSvc - ok
17:51:18.0101 5020 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:51:18.0104 5020 WPDBusEnum - ok
17:51:18.0145 5020 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
17:51:18.0146 5020 WpdUsb - ok
17:51:18.0246 5020 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:51:18.0263 5020 WPFFontCache_v0400 - ok
17:51:18.0285 5020 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:51:18.0286 5020 ws2ifsl - ok
17:51:18.0313 5020 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
17:51:18.0316 5020 wscsvc - ok
17:51:18.0319 5020 WSearch - ok
17:51:18.0375 5020 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
17:51:18.0416 5020 wuauserv - ok
17:51:18.0443 5020 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:51:18.0444 5020 WudfPf - ok
17:51:18.0460 5020 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:51:18.0461 5020 WUDFRd - ok
17:51:18.0486 5020 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:51:18.0489 5020 wudfsvc - ok
17:51:18.0506 5020 XDva190 - ok
17:51:18.0518 5020 XDva279 - ok
17:51:18.0525 5020 ================ Scan global ===============================
17:51:18.0540 5020 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
17:51:18.0561 5020 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
17:51:18.0578 5020 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
17:51:18.0593 5020 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
17:51:18.0596 5020 [Global] - ok
17:51:18.0596 5020 ================ Scan MBR ==================================
17:51:18.0612 5020 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:51:19.0022 5020 \Device\Harddisk0\DR0 - ok
17:51:19.0025 5020 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
17:51:19.0333 5020 \Device\Harddisk1\DR1 - ok
17:51:19.0333 5020 ================ Scan VBR ==================================
17:51:19.0353 5020 [ DFF09456B36E83C124B8DEF607EC9032 ] \Device\Harddisk0\DR0\Partition1
17:51:19.0355 5020 \Device\Harddisk0\DR0\Partition1 - ok
17:51:19.0357 5020 [ E598DA87EBDE07460CDDE575A4C01D4D ] \Device\Harddisk0\DR0\Partition2
17:51:19.0358 5020 \Device\Harddisk0\DR0\Partition2 - ok
17:51:19.0358 5020 ============================================================
17:51:19.0358 5020 Scan finished
17:51:19.0358 5020 ============================================================
17:51:19.0366 5692 Detected object count: 1
17:51:19.0366 5692 Actual detected object count: 1
17:52:11.0129 5692 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:52:11.0129 5692 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:52:24.0055 2168 Deinitialize success

#4 jonxps

jonxps
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:11:44 AM

Posted 03 February 2013 - 06:12 PM

aswMBR log:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-03 17:58:28
-----------------------------
17:58:28.488 OS Version: Windows 6.0.6002 Service Pack 2
17:58:28.489 Number of processors: 4 586 0xF0B
17:58:28.489 ComputerName: MAIN-PC UserName: main
17:58:52.665 Initialize success
17:59:55.670 AVAST engine defs: 13020300
18:01:00.664 The log file has been saved successfully to "C:\Users\main\Desktop\aswMBR.txt"
18:01:53.319 The log file has been saved successfully to "C:\Users\main\Desktop\New Folder\aswMBR.txt"
18:02:19.070 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:02:19.073 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
18:02:19.075 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
18:02:19.077 Disk 1 Vendor: Maxtor_6 YAR5 Size: 239372MB BusType: 3
18:02:19.089 Disk 0 MBR read successfully
18:02:19.091 Disk 0 MBR scan
18:02:19.107 Disk 0 Windows VISTA default MBR code
18:02:19.110 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 62 MB offset 63
18:02:19.122 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 129024
18:02:19.138 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 461516 MB offset 31586304
18:02:19.143 Disk 0 scanning sectors +976771072
18:02:19.224 Disk 0 scanning C:\Windows\system32\drivers
18:02:26.213 Service scanning
18:02:36.877 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
18:02:41.997 Modules scanning
18:02:44.488 Disk 0 trace - called modules:
18:02:44.508 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x859431e8]<<
18:02:44.512 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x879a6ac8]
18:02:44.516 3 CLASSPNP.SYS[8c1ce8b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86a1f028]
18:02:44.520 \Driver\iaStor[0x863b37f8] -> IRP_MJ_CREATE -> 0x859431e8
18:02:46.566 AVAST engine scan C:\Windows
18:02:49.758 AVAST engine scan C:\Windows\system32
18:05:36.929 AVAST engine scan C:\Windows\system32\drivers
18:05:51.430 AVAST engine scan C:\Users\main
18:06:43.682 AVAST engine scan C:\ProgramData
18:07:28.869 Scan finished successfully
18:08:24.584 Disk 0 MBR has been saved successfully to "C:\Users\main\Desktop\New Folder\MBR.dat"
18:08:24.588 The log file has been saved successfully to "C:\Users\main\Desktop\New Folder\aswMBR.txt"
18:08:43.883 Disk 0 MBR has been saved successfully to "C:\Users\main\Desktop\MBR.dat"
18:08:43.887 The log file has been saved successfully to "C:\Users\main\Desktop\aswMBRlog.txt"


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-03 17:58:28
-----------------------------
17:58:28.488 OS Version: Windows 6.0.6002 Service Pack 2
17:58:28.489 Number of processors: 4 586 0xF0B
17:58:28.489 ComputerName: MAIN-PC UserName: main
17:58:52.665 Initialize success
17:59:55.670 AVAST engine defs: 13020300
18:01:00.664 The log file has been saved successfully to "C:\Users\main\Desktop\aswMBR.txt"
18:01:53.319 The log file has been saved successfully to "C:\Users\main\Desktop\New Folder\aswMBR.txt"
18:02:19.070 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:02:19.073 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
18:02:19.075 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
18:02:19.077 Disk 1 Vendor: Maxtor_6 YAR5 Size: 239372MB BusType: 3
18:02:19.089 Disk 0 MBR read successfully
18:02:19.091 Disk 0 MBR scan
18:02:19.107 Disk 0 Windows VISTA default MBR code
18:02:19.110 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 62 MB offset 63
18:02:19.122 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 129024
18:02:19.138 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 461516 MB offset 31586304
18:02:19.143 Disk 0 scanning sectors +976771072
18:02:19.224 Disk 0 scanning C:\Windows\system32\drivers
18:02:26.213 Service scanning
18:02:36.877 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
18:02:41.997 Modules scanning
18:02:44.488 Disk 0 trace - called modules:
18:02:44.508 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x859431e8]<<
18:02:44.512 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x879a6ac8]
18:02:44.516 3 CLASSPNP.SYS[8c1ce8b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86a1f028]
18:02:44.520 \Driver\iaStor[0x863b37f8] -> IRP_MJ_CREATE -> 0x859431e8
18:02:46.566 AVAST engine scan C:\Windows
18:02:49.758 AVAST engine scan C:\Windows\system32
18:05:36.929 AVAST engine scan C:\Windows\system32\drivers
18:05:51.430 AVAST engine scan C:\Users\main
18:06:43.682 AVAST engine scan C:\ProgramData
18:07:28.869 Scan finished successfully

#5 jonxps

jonxps
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:11:44 AM

Posted 04 February 2013 - 03:25 PM

I didn't see where I could export the Eset Log so I'm retyping it below

G:\$RECYCLE.BINS\S-1-5-21-2115564945-400052552-2971327345-1005\$RXMVBC5\cd1.iso
C:\Programs Files\Vuze\.install4j\i4j_extf_32_5p83tu.dll
C:\$RECYCLE.BIN\S-1-5-21-2115564945-400052552-2971327345-1005\$R73WNY.eve

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:44 AM

Posted 04 February 2013 - 09:21 PM

Please remove the threats by eset scan

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 jonxps

jonxps
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:11:44 AM

Posted 05 February 2013 - 05:06 PM

I downlowaded Malwarebytes and attempted to install. I received the following error:

Internal error: Failed to expand shell folder constant "userappdata"

Should I move onto mini toolbox application or resolve this error first?

Thank you for your help!!

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:44 AM

Posted 05 February 2013 - 05:16 PM

Run this fixit

http://go.microsoft.com/?linkid=9708107

Restart the PC and install malwarebytes

#9 jonxps

jonxps
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:11:44 AM

Posted 05 February 2013 - 07:01 PM

Malwarebytes Log (fortunately it looks clean):

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.05.11

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
Home :: MAIN-PC [limited]

2/5/2013 5:32:10 PM
mbam-log-2013-02-05 (17-32-10).txt

Scan type: Full scan (C:\|D:\|F:\|G:\|M:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 528999
Time elapsed: 1 hour(s), 23 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Edited by jonxps, 05 February 2013 - 07:01 PM.


#10 jonxps

jonxps
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:11:44 AM

Posted 05 February 2013 - 07:05 PM

Minitoolbox Logs:

MiniToolBox by Farbar Version:10-01-2013
Ran by Home (ATTENTION: The logged in user is not administrator) on 05-02-2013 at 19:03:12
Running from "C:\Users\Home\Desktop"
Windows Vista ™ Ultimate Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
The requested operation requires elevation.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® 82566DC-2 Gigabit Network Connection = Local Area Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : main-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-1C-26-DD-7E-A7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82566DC-2 Gigabit Network Connection
Physical Address. . . . . . . . . : 00-1D-09-2A-A4-17
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3548:dce5:e87a:d391%7(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.17.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, February 05, 2013 5:31:26 PM
Lease Expires . . . . . . . . . . : Wednesday, February 06, 2013 5:31:25 PM
Default Gateway . . . . . . . . . : 192.168.17.1
DHCP Server . . . . . . . . . . . : 192.168.17.1
DHCPv6 IAID . . . . . . . . . . . : 184556809
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-E9-EA-BD-00-1D-09-2A-A4-17
DNS Servers . . . . . . . . . . . : 192.168.17.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection*:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:281f:341e:3f57:eefd(Preferred)
Link-local IPv6 Address . . . . . : fe80::281f:341e:3f57:eefd%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{1CC4FF52-1D23-4865-AAEE-12AC265D69B8}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 8:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{151A6F04-2AE0-4FF7-88B9-9E7C5D7CFC92}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.17.1

Name: google.com
Addresses: 2607:f8b0:4004:803::1006
74.125.130.138
74.125.130.101
74.125.130.102
74.125.130.100
74.125.130.139
74.125.130.113



Pinging google.com [173.194.37.37] with 32 bytes of data:

Reply from 173.194.37.37: bytes=32 time=27ms TTL=51

Reply from 173.194.37.37: bytes=32 time=33ms TTL=51



Ping statistics for 173.194.37.37:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 27ms, Maximum = 33ms, Average = 30ms

Server: UnKnown
Address: 192.168.17.1

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
206.190.36.45



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=146ms TTL=42

Reply from 206.190.36.45: bytes=32 time=266ms TTL=42



Ping statistics for 206.190.36.45:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 146ms, Maximum = 266ms, Average = 206ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
9 ...00 1c 26 dd 7e a7 ...... Bluetooth Device (Personal Area Network)
7 ...00 1d 09 2a a4 17 ...... Intel® 82566DC-2 Gigabit Network Connection
1 ........................... Software Loopback Interface 1
11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
14 ...00 00 00 00 00 00 00 e0 isatap.{1CC4FF52-1D23-4865-AAEE-12AC265D69B8}
15 ...00 00 00 00 00 00 00 e0 isatap.{151A6F04-2AE0-4FF7-88B9-9E7C5D7CFC92}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.17.1 192.168.17.2 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.17.0 255.255.255.0 On-link 192.168.17.2 276
192.168.17.2 255.255.255.255 On-link 192.168.17.2 276
192.168.17.255 255.255.255.255 On-link 192.168.17.2 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.17.2 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.17.2 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 18 ::/0 On-link
1 306 ::1/128 On-link
11 18 2001::/32 On-link
11 266 2001:0:9d38:953c:281f:341e:3f57:eefd/128
On-link
7 276 fe80::/64 On-link
11 266 fe80::/64 On-link
11 266 fe80::281f:341e:3f57:eefd/128
On-link
7 276 fe80::3548:dce5:e87a:d391/128
On-link
1 306 ff00::/8 On-link
11 266 ff00::/8 On-link
7 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/05/2013 05:28:02 PM) (Source: APC UPS Service) (User: BUILTIN)
Description: PowerChute not communicating with the battery backup.

Error: (02/05/2013 05:25:20 PM) (Source: APC UPS Service) (User: BUILTIN)
Description: PowerChute not communicating with the battery backup.

Error: (02/03/2013 05:26:03 PM) (Source: Application Error) (User: )
Description: Faulting application Adaware_Installer.exe, version 10.4.49.4168, time stamp 0x50cb710a, faulting module kernel32.dll, version 6.0.6002.18704, time stamp 0x5065ccb6, exception code 0xe06d7363, fault offset 0x0003fc16,
process id 0xf3c, application start time 0xAdaware_Installer.exe0.

Error: (02/03/2013 05:07:06 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 7.0.6002.18005 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: b88
Start Time: 01ce025aba1638c9
Termination Time: 15

Error: (02/03/2013 04:28:15 PM) (Source: Application Error) (User: )
Description: Faulting application Adaware_Installer.exe, version 10.4.49.4168, time stamp 0x50cb710a, faulting module kernel32.dll, version 6.0.6002.18704, time stamp 0x5065ccb6, exception code 0xe06d7363, fault offset 0x0003fc16,
process id 0xf08, application start time 0xAdaware_Installer.exe0.

Error: (02/03/2013 04:28:01 PM) (Source: Application Error) (User: )
Description: Faulting application Adaware_Installer.exe, version 10.4.49.4168, time stamp 0x50cb710a, faulting module kernel32.dll, version 6.0.6002.18704, time stamp 0x5065ccb6, exception code 0xe06d7363, fault offset 0x0003fc16,
process id 0x1768, application start time 0xAdaware_Installer.exe0.

Error: (02/02/2013 07:42:37 PM) (Source: MsiInstaller) (User: main-PC)
Description: Product: Java 7 Update 11 -- Error 1606.Could not access network location %APPDATA%\.

Error: (02/02/2013 07:42:36 PM) (Source: MsiInstaller) (User: main-PC)
Description: Product: Java 7 Update 11 -- Error 1606.Could not access network location %APPDATA%\.

Error: (02/02/2013 03:28:10 PM) (Source: MsiInstaller) (User: main-PC)
Description: Product: Java 7 Update 11 -- Error 1606.Could not access network location %APPDATA%\.

Error: (02/02/2013 03:28:09 PM) (Source: MsiInstaller) (User: main-PC)
Description: Product: Java 7 Update 11 -- Error 1606.Could not access network location %APPDATA%\.


System errors:
=============
Error: (02/05/2013 05:34:11 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (02/05/2013 05:34:11 PM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (02/05/2013 05:00:34 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (02/05/2013 05:00:34 PM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (02/04/2013 11:54:35 AM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (02/04/2013 11:54:35 AM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (02/03/2013 05:27:31 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (02/03/2013 05:27:31 PM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (02/03/2013 05:07:34 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (02/03/2013 05:07:34 PM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330


Microsoft Office Sessions:
=========================
Error: (02/05/2013 05:28:02 PM) (Source: APC UPS Service)(User: BUILTIN)
Description:

Error: (02/05/2013 05:25:20 PM) (Source: APC UPS Service)(User: BUILTIN)
Description:

Error: (02/03/2013 05:26:03 PM) (Source: Application Error)(User: )
Description: Adaware_Installer.exe10.4.49.416850cb710akernel32.dll6.0.6002.187045065ccb6e06d73630003fc16f3c01ce025d728ca6a0

Error: (02/03/2013 05:07:06 PM) (Source: Application Hang)(User: )
Description: iexplore.exe7.0.6002.18005b8801ce025aba1638c915

Error: (02/03/2013 04:28:15 PM) (Source: Application Error)(User: )
Description: Adaware_Installer.exe10.4.49.416850cb710akernel32.dll6.0.6002.187045065ccb6e06d73630003fc16f0801ce02555f84b77a

Error: (02/03/2013 04:28:01 PM) (Source: Application Error)(User: )
Description: Adaware_Installer.exe10.4.49.416850cb710akernel32.dll6.0.6002.187045065ccb6e06d73630003fc16176801ce025556602bca

Error: (02/02/2013 07:42:37 PM) (Source: MsiInstaller)(User: main-PC)
Description: Product: Java 7 Update 11 -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)

Error: (02/02/2013 07:42:36 PM) (Source: MsiInstaller)(User: main-PC)
Description: Product: Java 7 Update 11 -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)

Error: (02/02/2013 03:28:10 PM) (Source: MsiInstaller)(User: main-PC)
Description: Product: Java 7 Update 11 -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)

Error: (02/02/2013 03:28:09 PM) (Source: MsiInstaller)(User: main-PC)
Description: Product: Java 7 Update 11 -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
Date: 2013-02-05 18:13:41.414
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-05 18:13:41.221
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-05 18:13:40.980
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-05 18:13:40.788
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-05 18:13:40.595
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-05 18:13:40.404
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-05 18:13:40.157
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-05 18:13:39.959
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-05 18:13:39.727
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-02-05 18:13:39.535
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

7-Zip 4.65
Adobe AIR (Version: 2.7.0.19530)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
APC PowerChute Personal Edition (Version: 2.1.1)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Avant Browser (remove only) (Version: 12.0.0.0)
Browser Address Error Redirector (Version: 1.00.0000)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Dell Getting Started Guide (Version: 1.00.0000)
DirectXInstallService (Version: 9.0.2)
DivX Setup (Version: 2.6.1.8)
DriverTuner 3.1.0.0 (Version: 3.1.0.0)
Dropbox (Version: 1.6.16)
EasyCleaner (Version: 2.0.6.380)
EDocs
ESET Online Scanner v3
F.lux
FileOpen Client Installer (Version: 3.0.6.878)
Foxit Reader 5.0 (Version: 5.0.1.523)
Google Update Helper (Version: 1.3.21.123)
Intel® Matrix Storage Manager
Intel® PRO Network Connections 12.1.12.4 (Version: )
iTunes (Version: 10.5.1.42)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft XML Parser (Version: 8.0.7820.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music, Photos & Videos Launcher (Version: 1.00.0000)
NVIDIA 3D Vision Driver 306.97 (Version: 306.97)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Pdf995
PeerBlock 1.0+ (r484) (Version: 1.0.0.484)
Product Documentation Launcher (Version: 1.00.0000)
QuickTime (Version: 7.66.71.0)
Revo Uninstaller 1.92 (Version: 1.92)
Roxio Activation Module (Version: 1.0)
Roxio CinePlayer Decoder Pack (Version: 4.3.0)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator Premier (Version: 10.1)
Roxio Creator Premier (Version: 3.7.0)
Roxio Creator Premier 10 (Version: 1.1.010)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler (Version: 3.2)
Roxio Update Manager (Version: 6.0.0)
Safari (Version: 5.34.52.7)
TeamViewer 7 (Version: 7.0.12313)
TomTom HOME (Version: 2.9.2)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
TunerFree MCE (Version: 3.8.2)
TurboTax 2009
TurboTax 2009 WinPerFedFormset (Version: 009.000.1645)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0298)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0222)
TurboTax 2009 wrapper (Version: 009.000.0145)
TurboTax 2009 wsciper (Version: 009.000.0594)
TurboTax 2010
TurboTax 2010 WinPerFedFormset (Version: 010.000.4495)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0501)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0216)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2010 wsciper (Version: 010.000.1221)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.2596)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0424)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0209)
TurboTax 2011 wrapper (Version: 011.000.0120)
TurboTax 2011 wsciper (Version: 011.000.1397)
TurboTax 2012 (Version: 2012.0)
TurboTax 2012 WinPerFedFormset (Version: 012.000.1723)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0379)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0164)
TurboTax 2012 wrapper (Version: 012.000.0127)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
ViewSonic Monitor Drivers
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 1.0.1 (Version: 1.0.1)
Vuze (Version: 4.7)
WIDCOMM Bluetooth Software 6.0.1.4300 (Version: 6.0.1.4300)
WinAID (Version: 2.0)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Sign-in Assistant (Version: 5.000.818.6)
Windows Sound Schemes
WinRAR archiver
XPS MiniView Gadget (Version: 1.00.0000)

========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 3325.03 MB
Available physical RAM: 1745.58 MB
Total Pagefile: 6869.04 MB
Available Pagefile: 5272.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.4 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:450.7 GB) (Free:329.33 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:9.25 GB) NTFS
4 Drive f: (Mirror Backup of C: Files) (Fixed) (Total:78.12 GB) (Free:20.13 GB) NTFS
5 Drive g: () (Fixed) (Total:155.63 GB) (Free:80.09 GB) NTFS
10 Drive m: (Elements) (Fixed) (Total:298.08 GB) (Free:46.44 GB) NTFS

========================= Users: ========================================

User accounts for \\MAIN-PC

Administrator Guest Home
main Test UpdatusUser

========================= Restore Points ==================================


**** End of log ****

#11 jonxps

jonxps
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:11:44 AM

Posted 05 February 2013 - 07:07 PM

FSS Log:

Farbar Service Scanner Version: 30-01-2013
Ran by Home (ATTENTION: The logged in user is not administrator) on 05-02-2013 at 19:06:32
Running from "C:\Users\Home\Desktop"
Windows Vista ™ Ultimate Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
Checking LEGACY_SDRSVC: ATTENTION!=====> Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:44 AM

Posted 05 February 2013 - 08:22 PM

Please run the scans from administrator account

#13 jonxps

jonxps
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:11:44 AM

Posted 05 February 2013 - 10:21 PM

I'll start over with Malwarebytes on my admin acct. Please let me know if I should start back with TDSSkiller. I appreciate your help and I want to do whatever I can do to help organize the data better. Thanks again!!

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:44 AM

Posted 05 February 2013 - 10:22 PM

Ignore TDSSkiller and aswmbr.Run other scans.

#15 jonxps

jonxps
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:11:44 AM

Posted 06 February 2013 - 11:44 AM

Malwarebytes Log as Administrator:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.05.11

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
main :: MAIN-PC [administrator]

2/5/2013 10:10:40 PM
mbam-log-2013-02-05 (22-10-40).txt

Scan type: Full scan (C:\|D:\|F:\|G:\|M:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 667839
Time elapsed: 7 hour(s), 15 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users