Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

unable to download anything and MSE has been disabled


  • Please log in to reply
12 replies to this topic

#1 cdunscomp

cdunscomp

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 04 June 2013 - 07:52 PM

I am having the same problem as kellyg79 in the Win 7 forum. I am Running Win Vista sp2. was EI7 now EI9 and Chrome. Both browsers show file donloading to 100% in ei red popup bar say file was infected and deleted, in chrome just says scan failed. Computer was infected with rogue  "internet security" virus. Installed antimalware bytes via flash and ran in safe mode. This eliminated the virus on the front end so I am able to use the computer, but still can't download and all mse functions including defender and firewall disabled. Ran rkill from flash, didn't find anything. ran kaspersky 2011 virus tool from flash reported no infections, did rkill\malwarebytes again. Ran Vipre rescue tool from flash, no infections found. Followed Microsofts instructions for removing mse and microsoft malware from regisrty ( was unable to delete any of the "class" keys). MSE no longer appears in cp programs list. tried to download mse again no luck. I have uninstalled every av program I could find, not sure what is scanning. And still computer appears infected.

  This is a relatives computer I am trying to fix. She took it somewhere to have it fixed last year and they must have reinstalled Vista. When I got it the OS still had not been validated and was 6 mo. out of date, running IE7. Validated, updated Vista and IE, still having problems that nothing I've run can find. Any help would be appreciated. 

Attached Files


Edited by hamluis, 05 June 2013 - 08:30 AM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:22 AM

Posted 13 June 2013 - 10:05 PM

Hello

Did you run MBAM (Malwarebytes) immediately after RKIll before a reboot?


lets run these next (from Flash or Safe Mode with Networking) and see how it is.


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Last run ESET. f you can from a normal boot.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by boopme, 13 June 2013 - 10:07 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 cdunscomp

cdunscomp
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 14 June 2013 - 12:40 AM

Thanks for the reply. the earliest I will be able to run the above will be fri afternoon. will post logs.



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:22 AM

Posted 14 June 2013 - 11:57 AM

OK, I'll look back.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 cdunscomp

cdunscomp
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 14 June 2013 - 01:51 PM

here is farbar report.

 

MiniToolBox by Farbar  Version:21-04-2013
Ran by User (administrator) on 14-06-2013 at 14:32:54
Running from "C:\Users\User\Desktop"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0) = Local Area Connection (Connected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : User-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : att.net

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : att.net
   Description . . . . . . . . . . . : Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0)
   Physical Address. . . . . . . . . : 00-1E-8C-05-F5-3D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2602:306:32e1:6a40:dd18:3e3b:e462:1d5e(Preferred)
   Temporary IPv6 Address. . . . . . : 2602:306:32e1:6a40:419c:1833:97d6:2e44(Preferred)
   Link-local IPv6 Address . . . . . : fe80::dd18:3e3b:e462:1d5e%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.155(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, June 14, 2013 2:14:52 PM
   Lease Expires . . . . . . . . . . : Friday, June 14, 2013 2:33:23 PM
   Default Gateway . . . . . . . . . : fe80::92b1:34ff:fee4:3950%10
                                       192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 234888844
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-0E-59-3E-00-1E-8C-05-F5-3D
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.netgear.com
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dsldevice.att.net
Address:  192.168.1.254

Name:    google.com
Addresses:  2607:f8b0:4007:801::1003
   74.125.224.166
   74.125.224.167
   74.125.224.168
   74.125.224.169
   74.125.224.174
   74.125.224.160
   74.125.224.161
   74.125.224.162
   74.125.224.163
   74.125.224.164
   74.125.224.165

 

Pinging google.com [2001:4860:4007:800::1007] from 2602:306:32e1:6a40:419c:1833:97d6:2e44 with 32 bytes of data:

Reply from 2001:4860:4007:800::1007: time=77ms

Reply from 2001:4860:4007:800::1007: time=76ms

 

Ping statistics for 2001:4860:4007:800::1007:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 76ms, Maximum = 77ms, Average = 76ms

Server:  dsldevice.att.net
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24

 

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=109ms TTL=46

Reply from 206.190.36.45: bytes=32 time=110ms TTL=46

 

Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 109ms, Maximum = 110ms, Average = 109ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 10 ...00 1e 8c 05 f5 3d ...... Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0)
  1 ........................... Software Loopback Interface 1
 12 ...00 00 00 00 00 00 00 e0  isatap.netgear.com
 11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.155     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.155    276
    192.168.1.155  255.255.255.255         On-link     192.168.1.155    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.155    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.155    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.155    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10    276 ::/0                     fe80::92b1:34ff:fee4:3950
  1    306 ::1/128                  On-link
 10     28 2602:306:32e1:6a40::/64  On-link
 10    276 2602:306:32e1:6a40:419c:1833:97d6:2e44/128
                                    On-link
 10    276 2602:306:32e1:6a40:dd18:3e3b:e462:1d5e/128
                                    On-link
 10    276 fe80::/64                On-link
 10    276 fe80::dd18:3e3b:e462:1d5e/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/14/2013 02:15:13 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (06/04/2013 07:37:17 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service NisSrv since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (06/04/2013 07:29:04 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16483, time stamp 0x515df825, faulting module MSHTML.dll, version 9.0.8112.16483, time stamp 0x515dfd32, exception code 0xc0000005, fault offset 0x003b0b97,
process id 0x514, application start time 0xiexplore.exe0.

Error: (06/04/2013 07:28:58 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16483, time stamp 0x515df825, faulting module MSHTML.dll, version 9.0.8112.16483, time stamp 0x515dfd32, exception code 0xc0000005, fault offset 0x00289b57,
process id 0x8cc, application start time 0xiexplore.exe0.

Error: (06/04/2013 07:28:56 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16483, time stamp 0x515df825, faulting module MSHTML.dll, version 9.0.8112.16483, time stamp 0x515dfd32, exception code 0xc0000005, fault offset 0x003b0b97,
process id 0xa20, application start time 0xiexplore.exe0.

Error: (06/04/2013 07:28:54 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16483, time stamp 0x515df825, faulting module MSHTML.dll, version 9.0.8112.16483, time stamp 0x515dfd32, exception code 0xc0000005, fault offset 0x003b0b97,
process id 0x44c, application start time 0xiexplore.exe0.

Error: (06/04/2013 07:28:47 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16483, time stamp 0x515df825, faulting module MSHTML.dll, version 9.0.8112.16483, time stamp 0x515dfd32, exception code 0xc0000005, fault offset 0x003b0b97,
process id 0xf9c, application start time 0xiexplore.exe0.

Error: (06/04/2013 07:28:40 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16483, time stamp 0x515df825, faulting module MSHTML.dll, version 9.0.8112.16483, time stamp 0x515dfd32, exception code 0xc0000005, fault offset 0x003b0b97,
process id 0xdb8, application start time 0xiexplore.exe0.

Error: (06/04/2013 04:03:55 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (06/03/2013 01:35:12 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service NisSrv since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

System errors:
=============
Error: (06/14/2013 02:15:44 PM) (Source: Service Control Manager) (User: )
Description: i8042prt
MpFilter
spldr
Wanarpv6

Error: (06/14/2013 02:15:44 PM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE

Error: (06/14/2013 02:15:44 PM) (Source: Service Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE

Error: (06/14/2013 02:15:44 PM) (Source: Service Control Manager) (User: )
Description: Computer BrowserServer%%1068

Error: (06/14/2013 02:15:20 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (06/14/2013 02:15:19 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (06/14/2013 02:15:14 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (06/14/2013 02:15:13 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (06/14/2013 02:15:05 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Microsoft Office Sessions:
=========================
Error: (06/14/2013 02:15:13 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (06/04/2013 07:37:17 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service NisSrv since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (06/04/2013 07:29:04 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16483515df825MSHTML.dll9.0.8112.16483515dfd32c0000005003b0b9751401ce617b4cab915d

Error: (06/04/2013 07:28:58 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16483515df825MSHTML.dll9.0.8112.16483515dfd32c000000500289b578cc01ce617b497656fd

Error: (06/04/2013 07:28:56 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16483515df825MSHTML.dll9.0.8112.16483515dfd32c0000005003b0b97a2001ce617b47c9df7d

Error: (06/04/2013 07:28:54 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16483515df825MSHTML.dll9.0.8112.16483515dfd32c0000005003b0b9744c01ce617b46f6051d

Error: (06/04/2013 07:28:47 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16483515df825MSHTML.dll9.0.8112.16483515dfd32c0000005003b0b97f9c01ce617b43025cbd

Error: (06/04/2013 07:28:40 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.16483515df825MSHTML.dll9.0.8112.16483515dfd32c0000005003b0b97db801ce617b3dc173dd

Error: (06/04/2013 04:03:55 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (06/03/2013 01:35:12 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service NisSrv since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

CodeIntegrity Errors:
===================================
  Date: 2013-06-03 12:28:02.017
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\5951580drv.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-03 12:28:01.783
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\5951580drv.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-03 12:28:01.362
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\5951580drv.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-03 12:28:00.987
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\5951580drv.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-03 12:28:00.816
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\5951580drv.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-03 12:28:00.426
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\5951580drv.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-02 22:54:50.878
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-02 22:54:50.759
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-02 22:54:50.635
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-02 22:54:50.513
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system.

=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.7.637)
Google Chrome (Version: 27.0.1453.94)
Google Update Helper (Version: 1.3.21.145)
Intel® Graphics Media Accelerator Driver
LG USB Modem driver
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
OpenOffice.org 3.4 (Version: 3.4.9590)
Realtek High Definition Audio Driver (Version: 6.0.1.5789)
Soft Data Fax Modem with SmartCP (Version: 7.74.00)
swMSM (Version: 12.0.0.1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 17%
Total physical RAM: 2038.64 MB
Available physical RAM: 1681.11 MB
Total Pagefile: 4312.57 MB
Available Pagefile: 4108.06 MB
Total Virtual: 2047.88 MB
Available Virtual: 1961.21 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.88 GB) (Free:212.71 GB) NTFS
3 Drive e: (USB20FD) (Removable) (Total:3.73 GB) (Free:3.59 GB) FAT32

========================= Users: ========================================

User accounts for \\USER-PC

Admin                    Administrator            Guest                   
User                    

**** End of log ****



#6 cdunscomp

cdunscomp
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 14 June 2013 - 01:59 PM

TDSSKiller

 

14:53:42.0317 1712  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:53:42.0832 1712  ============================================================
14:53:42.0832 1712  Current date / time: 2013/06/14 14:53:42.0832
14:53:42.0832 1712  SystemInfo:
14:53:42.0832 1712 
14:53:42.0832 1712  OS Version: 6.0.6002 ServicePack: 2.0
14:53:42.0832 1712  Product type: Workstation
14:53:42.0832 1712  ComputerName: USER-PC
14:53:42.0832 1712  UserName: User
14:53:42.0832 1712  Windows directory: C:\Windows
14:53:42.0832 1712  System windows directory: C:\Windows
14:53:42.0832 1712  Processor architecture: Intel x86
14:53:42.0832 1712  Number of processors: 2
14:53:42.0832 1712  Page size: 0x1000
14:53:42.0832 1712  Boot type: Safe boot with network
14:53:42.0832 1712  ============================================================
14:53:43.0674 1712  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:53:43.0674 1712  Drive \Device\Harddisk1\DR2 - Size: 0xEF000000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:53:43.0674 1712  ============================================================
14:53:43.0674 1712  \Device\Harddisk0\DR0:
14:53:43.0674 1712  MBR partitions:
14:53:43.0674 1712  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
14:53:43.0674 1712  \Device\Harddisk1\DR2:
14:53:43.0674 1712  MBR partitions:
14:53:43.0674 1712  \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x30, BlocksNum 0x777FD0
14:53:43.0674 1712  ============================================================
14:53:43.0690 1712  C: <-> \Device\Harddisk0\DR0\Partition1
14:53:43.0690 1712  ============================================================
14:53:43.0690 1712  Initialize success
14:53:43.0690 1712  ============================================================
14:54:14.0827 0516  ============================================================
14:54:14.0827 0516  Scan started
14:54:14.0827 0516  Mode: Manual; TDLFS;
14:54:14.0827 0516  ============================================================
14:54:16.0699 0516  ================ Scan system memory ========================
14:54:16.0699 0516  System memory - ok
14:54:16.0699 0516  ================ Scan services =============================
14:54:16.0824 0516  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
14:54:16.0824 0516  ACPI - ok
14:54:16.0886 0516  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:54:16.0886 0516  AdobeARMservice - ok
14:54:16.0918 0516  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:54:16.0918 0516  adp94xx - ok
14:54:16.0949 0516  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:54:16.0949 0516  adpahci - ok
14:54:16.0964 0516  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
14:54:16.0964 0516  adpu160m - ok
14:54:16.0996 0516  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:54:16.0996 0516  adpu320 - ok
14:54:17.0042 0516  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:54:17.0058 0516  AeLookupSvc - ok
14:54:17.0105 0516  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
14:54:17.0105 0516  AFD - ok
14:54:17.0152 0516  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:54:17.0152 0516  agp440 - ok
14:54:17.0167 0516  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
14:54:17.0167 0516  aic78xx - ok
14:54:17.0183 0516  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
14:54:17.0198 0516  ALG - ok
14:54:17.0198 0516  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:54:17.0198 0516  aliide - ok
14:54:17.0214 0516  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
14:54:17.0214 0516  amdagp - ok
14:54:17.0245 0516  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:54:17.0245 0516  amdide - ok
14:54:17.0245 0516  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
14:54:17.0261 0516  AmdK7 - ok
14:54:17.0261 0516  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:54:17.0261 0516  AmdK8 - ok
14:54:17.0323 0516  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
14:54:17.0323 0516  Appinfo - ok
14:54:17.0339 0516  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
14:54:17.0339 0516  arc - ok
14:54:17.0370 0516  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:54:17.0370 0516  arcsas - ok
14:54:17.0386 0516  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:54:17.0386 0516  AsyncMac - ok
14:54:17.0417 0516  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:54:17.0417 0516  atapi - ok
14:54:17.0464 0516  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:54:17.0464 0516  AudioEndpointBuilder - ok
14:54:17.0464 0516  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
14:54:17.0479 0516  Audiosrv - ok
14:54:17.0495 0516  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:54:17.0495 0516  Beep - ok
14:54:17.0542 0516  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
14:54:17.0557 0516  BITS - ok
14:54:17.0573 0516  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
14:54:17.0588 0516  blbdrive - ok
14:54:17.0604 0516  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:54:17.0604 0516  bowser - ok
14:54:17.0635 0516  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
14:54:17.0635 0516  BrFiltLo - ok
14:54:17.0651 0516  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
14:54:17.0651 0516  BrFiltUp - ok
14:54:17.0682 0516  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
14:54:17.0682 0516  Browser - ok
14:54:17.0698 0516  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
14:54:17.0698 0516  Brserid - ok
14:54:17.0713 0516  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
14:54:17.0729 0516  BrSerWdm - ok
14:54:17.0744 0516  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
14:54:17.0744 0516  BrUsbMdm - ok
14:54:17.0760 0516  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
14:54:17.0760 0516  BrUsbSer - ok
14:54:17.0791 0516  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:54:17.0791 0516  BTHMODEM - ok
14:54:17.0807 0516  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:54:17.0822 0516  cdfs - ok
14:54:17.0838 0516  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:54:17.0838 0516  cdrom - ok
14:54:17.0854 0516  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:54:17.0854 0516  CertPropSvc - ok
14:54:17.0869 0516  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
14:54:17.0885 0516  circlass - ok
14:54:17.0900 0516  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
14:54:17.0900 0516  CLFS - ok
14:54:17.0963 0516  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:54:17.0963 0516  clr_optimization_v2.0.50727_32 - ok
14:54:18.0010 0516  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:54:18.0010 0516  cmdide - ok
14:54:18.0010 0516  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:54:18.0010 0516  Compbatt - ok
14:54:18.0025 0516  COMSysApp - ok
14:54:18.0041 0516  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:54:18.0041 0516  crcdisk - ok
14:54:18.0056 0516  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
14:54:18.0056 0516  Crusoe - ok
14:54:18.0103 0516  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:54:18.0103 0516  CryptSvc - ok
14:54:18.0134 0516  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:54:18.0150 0516  DcomLaunch - ok
14:54:18.0166 0516  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:54:18.0166 0516  DfsC - ok
14:54:18.0244 0516  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
14:54:18.0275 0516  DFSR - ok
14:54:18.0306 0516  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
14:54:18.0322 0516  Dhcp - ok
14:54:18.0322 0516  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
14:54:18.0322 0516  disk - ok
14:54:18.0368 0516  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:54:18.0368 0516  Dnscache - ok
14:54:18.0400 0516  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:54:18.0400 0516  dot3svc - ok
14:54:18.0431 0516  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
14:54:18.0431 0516  DPS - ok
14:54:18.0462 0516  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:54:18.0462 0516  drmkaud - ok
14:54:18.0493 0516  [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:54:18.0509 0516  DXGKrnl - ok
14:54:18.0540 0516  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
14:54:18.0540 0516  E1G60 - ok
14:54:18.0571 0516  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
14:54:18.0571 0516  EapHost - ok
14:54:18.0602 0516  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
14:54:18.0602 0516  Ecache - ok
14:54:18.0649 0516  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:54:18.0665 0516  ehRecvr - ok
14:54:18.0680 0516  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
14:54:18.0680 0516  ehSched - ok
14:54:18.0696 0516  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
14:54:18.0696 0516  ehstart - ok
14:54:18.0727 0516  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:54:18.0727 0516  elxstor - ok
14:54:18.0774 0516  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
14:54:18.0774 0516  EMDMgmt - ok
14:54:18.0805 0516  [ A81AB23EDDB4693612014D87367D014C ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:54:18.0805 0516  ErrDev - ok
14:54:18.0821 0516  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
14:54:18.0836 0516  EventSystem - ok
14:54:18.0852 0516  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
14:54:18.0852 0516  exfat - ok
14:54:18.0883 0516  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:54:18.0883 0516  fastfat - ok
14:54:18.0899 0516  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:54:18.0914 0516  fdc - ok
14:54:18.0930 0516  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:54:18.0946 0516  fdPHost - ok
14:54:18.0946 0516  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:54:18.0961 0516  FDResPub - ok
14:54:18.0977 0516  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:54:18.0977 0516  FileInfo - ok
14:54:18.0992 0516  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:54:19.0008 0516  Filetrace - ok
14:54:19.0024 0516  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:54:19.0024 0516  flpydisk - ok
14:54:19.0024 0516  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:54:19.0039 0516  FltMgr - ok
14:54:19.0086 0516  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
14:54:19.0086 0516  FontCache - ok
14:54:19.0148 0516  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:54:19.0148 0516  FontCache3.0.0.0 - ok
14:54:19.0164 0516  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:54:19.0164 0516  Fs_Rec - ok
14:54:19.0195 0516  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:54:19.0195 0516  gagp30kx - ok
14:54:19.0242 0516  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:54:19.0242 0516  gpsvc - ok
14:54:19.0304 0516  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
14:54:19.0304 0516  gupdate - ok
14:54:19.0304 0516  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
14:54:19.0304 0516  gupdatem - ok
14:54:19.0336 0516  [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:54:19.0336 0516  HdAudAddService - ok
14:54:19.0382 0516  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:54:19.0382 0516  HDAudBus - ok
14:54:19.0398 0516  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:54:19.0398 0516  HidBth - ok
14:54:19.0429 0516  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:54:19.0429 0516  HidIr - ok
14:54:19.0460 0516  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
14:54:19.0460 0516  hidserv - ok
14:54:19.0476 0516  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:54:19.0476 0516  HidUsb - ok
14:54:19.0507 0516  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:54:19.0507 0516  hkmsvc - ok
14:54:19.0523 0516  [ 7EBEC5EB56B90ED65A8BBD91464E5CFB ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
14:54:19.0523 0516  HpCISSs - ok
14:54:19.0585 0516  [ 88749FBF8BEB18C90E7D6626C8C1910B ] HSF_DP          C:\Windows\system32\DRIVERS\HSX_DP.sys
14:54:19.0601 0516  HSF_DP - ok
14:54:19.0616 0516  [ FE440536BD98AF772130DC3A6FE1915F ] HSXHWBS2        C:\Windows\system32\DRIVERS\HSXHWBS2.sys
14:54:19.0616 0516  HSXHWBS2 - ok
14:54:19.0663 0516  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:54:19.0663 0516  HTTP - ok
14:54:19.0679 0516  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
14:54:19.0679 0516  i2omp - ok
14:54:19.0710 0516  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:54:19.0710 0516  i8042prt - ok
14:54:19.0804 0516  [ 62F534791AE488A475A3E508D92AF4CC ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
14:54:19.0835 0516  ialm - ok
14:54:19.0866 0516  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
14:54:19.0866 0516  iaStorV - ok
14:54:19.0928 0516  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:54:19.0944 0516  idsvc - ok
14:54:20.0022 0516  [ 62F534791AE488A475A3E508D92AF4CC ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
14:54:20.0038 0516  igfx - ok
14:54:20.0069 0516  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:54:20.0069 0516  iirsp - ok
14:54:20.0100 0516  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
14:54:20.0116 0516  IKEEXT - ok
14:54:20.0209 0516  [ 84ED2154239F9D013BBD3220755ADA8B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:54:20.0240 0516  IntcAzAudAddService - ok
14:54:20.0256 0516  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:54:20.0256 0516  intelide - ok
14:54:20.0287 0516  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:54:20.0287 0516  intelppm - ok
14:54:20.0318 0516  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:54:20.0318 0516  IPBusEnum - ok
14:54:20.0334 0516  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:54:20.0334 0516  IpFilterDriver - ok
14:54:20.0334 0516  IpInIp - ok
14:54:20.0365 0516  [ 4B9C0F4D4A3ACC535F9771039ECD6365 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
14:54:20.0365 0516  IPMIDRV - ok
14:54:20.0381 0516  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
14:54:20.0381 0516  IPNAT - ok
14:54:20.0396 0516  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:54:20.0396 0516  IRENUM - ok
14:54:20.0412 0516  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:54:20.0428 0516  isapnp - ok
14:54:20.0443 0516  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
14:54:20.0443 0516  iScsiPrt - ok
14:54:20.0459 0516  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
14:54:20.0474 0516  iteatapi - ok
14:54:20.0490 0516  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
14:54:20.0490 0516  iteraid - ok
14:54:20.0506 0516  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:54:20.0506 0516  kbdclass - ok
14:54:20.0521 0516  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:54:20.0521 0516  kbdhid - ok
14:54:20.0537 0516  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
14:54:20.0537 0516  KeyIso - ok
14:54:20.0568 0516  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:54:20.0584 0516  KSecDD - ok
14:54:20.0615 0516  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:54:20.0615 0516  KtmRm - ok
14:54:20.0646 0516  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:54:20.0646 0516  LanmanServer - ok
14:54:20.0693 0516  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:54:20.0693 0516  LanmanWorkstation - ok
14:54:20.0724 0516  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:54:20.0724 0516  lltdio - ok
14:54:20.0755 0516  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:54:20.0755 0516  lltdsvc - ok
14:54:20.0771 0516  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:54:20.0771 0516  lmhosts - ok
14:54:20.0802 0516  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:54:20.0802 0516  LSI_FC - ok
14:54:20.0818 0516  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:54:20.0818 0516  LSI_SAS - ok
14:54:20.0833 0516  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:54:20.0849 0516  LSI_SCSI - ok
14:54:20.0864 0516  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
14:54:20.0864 0516  luafv - ok
14:54:20.0880 0516  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:54:20.0880 0516  Mcx2Svc - ok
14:54:20.0896 0516  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
14:54:20.0896 0516  mdmxsdk - ok
14:54:20.0927 0516  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:54:20.0927 0516  megasas - ok
14:54:20.0942 0516  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
14:54:20.0942 0516  MegaSR - ok
14:54:20.0974 0516  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
14:54:20.0974 0516  MMCSS - ok
14:54:20.0989 0516  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
14:54:20.0989 0516  Modem - ok
14:54:21.0005 0516  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:54:21.0005 0516  monitor - ok
14:54:21.0020 0516  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:54:21.0020 0516  mouclass - ok
14:54:21.0052 0516  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:54:21.0052 0516  mouhid - ok
14:54:21.0067 0516  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
14:54:21.0067 0516  MountMgr - ok
14:54:21.0083 0516  [ FEE0BADED54222E9F1DAE9541212AAB1 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
14:54:21.0083 0516  MpFilter - ok
14:54:21.0130 0516  [ 5DA347912FD3AF24D7BFB3DE519D4BD0 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:54:21.0130 0516  mpio - ok
14:54:21.0145 0516  [ 2C3489660D4A8D514C123C3F0D67DF46 ] MpNWMon         C:\Windows\system32\DRIVERS\MpNWMon.sys
14:54:21.0145 0516  MpNWMon - ok
14:54:21.0161 0516  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:54:21.0161 0516  mpsdrv - ok
14:54:21.0176 0516  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
14:54:21.0176 0516  Mraid35x - ok
14:54:21.0192 0516  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:54:21.0192 0516  MRxDAV - ok
14:54:21.0223 0516  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:54:21.0223 0516  mrxsmb - ok
14:54:21.0239 0516  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:54:21.0239 0516  mrxsmb10 - ok
14:54:21.0239 0516  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:54:21.0239 0516  mrxsmb20 - ok
14:54:21.0254 0516  [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:54:21.0270 0516  msahci - ok
14:54:21.0270 0516  [ 2C563AEF15B8D0014C36C5F27742AC7B ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:54:21.0270 0516  msdsm - ok
14:54:21.0286 0516  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
14:54:21.0286 0516  MSDTC - ok
14:54:21.0301 0516  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:54:21.0317 0516  Msfs - ok
14:54:21.0332 0516  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:54:21.0332 0516  msisadrv - ok
14:54:21.0348 0516  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:54:21.0348 0516  MSiSCSI - ok
14:54:21.0348 0516  msiserver - ok
14:54:21.0395 0516  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:54:21.0395 0516  MSKSSRV - ok
14:54:21.0395 0516  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:54:21.0395 0516  MSPCLOCK - ok
14:54:21.0426 0516  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:54:21.0426 0516  MSPQM - ok
14:54:21.0442 0516  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:54:21.0442 0516  MsRPC - ok
14:54:21.0457 0516  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:54:21.0457 0516  mssmbios - ok
14:54:21.0473 0516  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:54:21.0473 0516  MSTEE - ok
14:54:21.0488 0516  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
14:54:21.0488 0516  Mup - ok
14:54:21.0520 0516  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
14:54:21.0535 0516  napagent - ok
14:54:21.0566 0516  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:54:21.0566 0516  NativeWifiP - ok
14:54:21.0582 0516  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:54:21.0598 0516  NDIS - ok
14:54:21.0613 0516  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:54:21.0613 0516  NdisTapi - ok
14:54:21.0613 0516  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:54:21.0613 0516  Ndisuio - ok
14:54:21.0644 0516  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:54:21.0644 0516  NdisWan - ok
14:54:21.0660 0516  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:54:21.0660 0516  NDProxy - ok
14:54:21.0676 0516  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:54:21.0676 0516  NetBIOS - ok
14:54:21.0691 0516  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
14:54:21.0691 0516  netbt - ok
14:54:21.0707 0516  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
14:54:21.0707 0516  Netlogon - ok
14:54:21.0738 0516  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
14:54:21.0738 0516  Netman - ok
14:54:21.0754 0516  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
14:54:21.0769 0516  netprofm - ok
14:54:21.0785 0516  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:54:21.0800 0516  NetTcpPortSharing - ok
14:54:21.0832 0516  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:54:21.0832 0516  nfrd960 - ok
14:54:21.0863 0516  [ 7B01C6172CFD0B10116175E09200D4B4 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:54:21.0863 0516  NisDrv - ok
14:54:21.0894 0516  NisSrv - ok
14:54:21.0925 0516  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:54:21.0925 0516  NlaSvc - ok
14:54:21.0941 0516  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:54:21.0941 0516  Npfs - ok
14:54:21.0941 0516  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
14:54:21.0941 0516  nsi - ok
14:54:21.0956 0516  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:54:21.0956 0516  nsiproxy - ok
14:54:22.0019 0516  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:54:22.0034 0516  Ntfs - ok
14:54:22.0066 0516  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
14:54:22.0066 0516  ntrigdigi - ok
14:54:22.0081 0516  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
14:54:22.0081 0516  Null - ok
14:54:22.0112 0516  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:54:22.0112 0516  nvraid - ok
14:54:22.0112 0516  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:54:22.0128 0516  nvstor - ok
14:54:22.0128 0516  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:54:22.0144 0516  nv_agp - ok
14:54:22.0144 0516  NwlnkFlt - ok
14:54:22.0144 0516  NwlnkFwd - ok
14:54:22.0175 0516  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:54:22.0175 0516  ohci1394 - ok
14:54:22.0222 0516  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
14:54:22.0222 0516  p2pimsvc - ok
14:54:22.0237 0516  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:54:22.0253 0516  p2psvc - ok
14:54:22.0268 0516  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
14:54:22.0268 0516  Parport - ok
14:54:22.0284 0516  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:54:22.0284 0516  partmgr - ok
14:54:22.0300 0516  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
14:54:22.0300 0516  Parvdm - ok
14:54:22.0315 0516  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:54:22.0315 0516  PcaSvc - ok
14:54:22.0331 0516  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
14:54:22.0331 0516  pci - ok
14:54:22.0346 0516  [ 1636D43F10416AEB483BC6001097B26C ] pciide          C:\Windows\system32\drivers\pciide.sys
14:54:22.0346 0516  pciide - ok
14:54:22.0362 0516  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:54:22.0362 0516  pcmcia - ok
14:54:22.0409 0516  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:54:22.0424 0516  PEAUTH - ok
14:54:22.0502 0516  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
14:54:22.0534 0516  pla - ok
14:54:22.0565 0516  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:54:22.0565 0516  PlugPlay - ok
14:54:22.0596 0516  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
14:54:22.0596 0516  PNRPAutoReg - ok
14:54:22.0612 0516  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
14:54:22.0612 0516  PNRPsvc - ok
14:54:22.0658 0516  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:54:22.0658 0516  PolicyAgent - ok
14:54:22.0690 0516  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:54:22.0690 0516  PptpMiniport - ok
14:54:22.0705 0516  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
14:54:22.0705 0516  Processor - ok
14:54:22.0721 0516  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:54:22.0736 0516  ProfSvc - ok
14:54:22.0736 0516  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
14:54:22.0736 0516  ProtectedStorage - ok
14:54:22.0752 0516  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
14:54:22.0752 0516  PSched - ok
14:54:22.0799 0516  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:54:22.0814 0516  ql2300 - ok
14:54:22.0830 0516  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:54:22.0846 0516  ql40xx - ok
14:54:22.0877 0516  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
14:54:22.0877 0516  QWAVE - ok
14:54:22.0892 0516  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:54:22.0892 0516  QWAVEdrv - ok
14:54:22.0908 0516  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:54:22.0908 0516  RasAcd - ok
14:54:22.0924 0516  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
14:54:22.0924 0516  RasAuto - ok
14:54:22.0939 0516  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:54:22.0939 0516  Rasl2tp - ok
14:54:22.0955 0516  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
14:54:22.0955 0516  RasMan - ok
14:54:22.0970 0516  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:54:22.0970 0516  RasPppoe - ok
14:54:23.0002 0516  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:54:23.0002 0516  RasSstp - ok
14:54:23.0017 0516  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:54:23.0017 0516  rdbss - ok
14:54:23.0033 0516  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:54:23.0033 0516  RDPCDD - ok
14:54:23.0064 0516  [ 943B18305EAE3935598A9B4A3D560B4C ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
14:54:23.0064 0516  rdpdr - ok
14:54:23.0080 0516  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:54:23.0080 0516  RDPENCDD - ok
14:54:23.0111 0516  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:54:23.0111 0516  RDPWD - ok
14:54:23.0142 0516  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:54:23.0158 0516  RemoteAccess - ok
14:54:23.0173 0516  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:54:23.0189 0516  RemoteRegistry - ok
14:54:23.0189 0516  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
14:54:23.0204 0516  RpcLocator - ok
14:54:23.0220 0516  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
14:54:23.0220 0516  RpcSs - ok
14:54:23.0251 0516  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:54:23.0251 0516  rspndr - ok
14:54:23.0282 0516  [ 283392AF1860ECDB5E0F8EBD7F3D72DF ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
14:54:23.0282 0516  RTL8169 - ok
14:54:23.0282 0516  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
14:54:23.0298 0516  SamSs - ok
14:54:23.0298 0516  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:54:23.0298 0516  sbp2port - ok
14:54:23.0376 0516  [ 1FD538C4FEB36B793D2121F20BBDC16F ] SBRE            C:\Windows\system32\drivers\SBREdrv.sys
14:54:23.0376 0516  SBRE - ok
14:54:23.0407 0516  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:54:23.0407 0516  SCardSvr - ok
14:54:23.0454 0516  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
14:54:23.0470 0516  Schedule - ok
14:54:23.0485 0516  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:54:23.0485 0516  SCPolicySvc - ok
14:54:23.0501 0516  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:54:23.0501 0516  SDRSVC - ok
14:54:23.0516 0516  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:54:23.0516 0516  secdrv - ok
14:54:23.0548 0516  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
14:54:23.0548 0516  seclogon - ok
14:54:23.0548 0516  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
14:54:23.0563 0516  SENS - ok
14:54:23.0563 0516  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
14:54:23.0563 0516  Serenum - ok
14:54:23.0579 0516  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
14:54:23.0579 0516  Serial - ok
14:54:23.0610 0516  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:54:23.0610 0516  sermouse - ok
14:54:23.0641 0516  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:54:23.0641 0516  SessionEnv - ok
14:54:23.0657 0516  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:54:23.0657 0516  sffdisk - ok
14:54:23.0672 0516  [ E5EAFE85815BD89095FEF3144A09AB68 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:54:23.0688 0516  sffp_mmc - ok
14:54:23.0688 0516  [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:54:23.0688 0516  sffp_sd - ok
14:54:23.0704 0516  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:54:23.0704 0516  sfloppy - ok
14:54:23.0735 0516  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:54:23.0750 0516  ShellHWDetection - ok
14:54:23.0766 0516  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
14:54:23.0766 0516  sisagp - ok
14:54:23.0782 0516  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
14:54:23.0782 0516  SiSRaid2 - ok
14:54:23.0797 0516  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:54:23.0797 0516  SiSRaid4 - ok
14:54:23.0891 0516  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
14:54:23.0938 0516  slsvc - ok
14:54:23.0953 0516  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
14:54:23.0953 0516  SLUINotify - ok
14:54:24.0000 0516  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:54:24.0000 0516  Smb - ok
14:54:24.0016 0516  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:54:24.0031 0516  SNMPTRAP - ok
14:54:24.0047 0516  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
14:54:24.0047 0516  spldr - ok
14:54:24.0078 0516  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
14:54:24.0078 0516  Spooler - ok
14:54:24.0094 0516  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:54:24.0094 0516  srv - ok
14:54:24.0125 0516  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:54:24.0125 0516  srv2 - ok
14:54:24.0125 0516  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:54:24.0140 0516  srvnet - ok
14:54:24.0172 0516  [ D5DFFEAA1E15D4EFFABB9D9A3068AC5B ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
14:54:24.0172 0516  sscdbus - ok
14:54:24.0187 0516  [ 8A1BE0C347814F482F493AEA619D57F6 ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
14:54:24.0187 0516  sscdmdfl - ok
14:54:24.0203 0516  [ 5AB0B1987F682A59B15B78F84C6AD7D0 ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
14:54:24.0203 0516  sscdmdm - ok
14:54:24.0234 0516  [ 751E66EB32EFA80633B80F5D7FF0A1D8 ] sscdserd        C:\Windows\system32\DRIVERS\sscdserd.sys
14:54:24.0250 0516  sscdserd - ok
14:54:24.0265 0516  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:54:24.0265 0516  SSDPSRV - ok
14:54:24.0296 0516  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:54:24.0296 0516  SstpSvc - ok
14:54:24.0343 0516  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
14:54:24.0343 0516  stisvc - ok
14:54:24.0374 0516  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:54:24.0374 0516  swenum - ok
14:54:24.0421 0516  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
14:54:24.0437 0516  swprv - ok
14:54:24.0437 0516  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
14:54:24.0452 0516  Symc8xx - ok
14:54:24.0452 0516  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
14:54:24.0452 0516  Sym_hi - ok
14:54:24.0468 0516  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
14:54:24.0468 0516  Sym_u3 - ok
14:54:24.0499 0516  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
14:54:24.0499 0516  SysMain - ok
14:54:24.0515 0516  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:54:24.0515 0516  TabletInputService - ok
14:54:24.0546 0516  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:54:24.0562 0516  TapiSrv - ok
14:54:24.0577 0516  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
14:54:24.0593 0516  TBS - ok
14:54:24.0640 0516  [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:54:24.0640 0516  Tcpip - ok
14:54:24.0671 0516  [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
14:54:24.0671 0516  Tcpip6 - ok
14:54:24.0702 0516  [ CD21572F83F7EC6E2C20C465967BEDD9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:54:24.0702 0516  tcpipreg - ok
14:54:24.0733 0516  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:54:24.0733 0516  TDPIPE - ok
14:54:24.0749 0516  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:54:24.0764 0516  TDTCP - ok
14:54:24.0764 0516  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:54:24.0764 0516  tdx - ok
14:54:24.0796 0516  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:54:24.0796 0516  TermDD - ok
14:54:24.0827 0516  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
14:54:24.0842 0516  TermService - ok
14:54:24.0858 0516  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
14:54:24.0874 0516  Themes - ok
14:54:24.0889 0516  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
14:54:24.0889 0516  THREADORDER - ok
14:54:24.0905 0516  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
14:54:24.0905 0516  TrkWks - ok
14:54:24.0936 0516  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:54:24.0936 0516  TrustedInstaller - ok
14:54:24.0967 0516  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:54:24.0967 0516  tssecsrv - ok
14:54:24.0983 0516  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
14:54:24.0983 0516  tunmp - ok
14:54:25.0014 0516  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:54:25.0014 0516  tunnel - ok
14:54:25.0014 0516  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:54:25.0014 0516  uagp35 - ok
14:54:25.0045 0516  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:54:25.0045 0516  udfs - ok
14:54:25.0076 0516  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:54:25.0076 0516  UI0Detect - ok
14:54:25.0108 0516  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:54:25.0123 0516  uliagpkx - ok
14:54:25.0139 0516  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
14:54:25.0139 0516  uliahci - ok
14:54:25.0170 0516  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
14:54:25.0170 0516  UlSata - ok
14:54:25.0186 0516  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
14:54:25.0186 0516  ulsata2 - ok
14:54:25.0201 0516  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:54:25.0201 0516  umbus - ok
14:54:25.0232 0516  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
14:54:25.0248 0516  upnphost - ok
14:54:25.0279 0516  [ 9419FAAC6552A51542DBBA02971C841C ] usbbus          C:\Windows\system32\DRIVERS\lgusbbus.sys
14:54:25.0279 0516  usbbus - ok
14:54:25.0326 0516  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:54:25.0326 0516  usbccgp - ok
14:54:25.0342 0516  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:54:25.0342 0516  usbcir - ok
14:54:25.0373 0516  [ C0A466FA4FFEC464320E159BC1BBDC0C ] UsbDiag         C:\Windows\system32\DRIVERS\lgusbdiag.sys
14:54:25.0373 0516  UsbDiag - ok
14:54:25.0388 0516  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:54:25.0388 0516  usbehci - ok
14:54:25.0420 0516  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:54:25.0420 0516  usbhub - ok
14:54:25.0435 0516  [ F74A54774A9B0AFEB3C40ADEC68AA600 ] USBModem        C:\Windows\system32\DRIVERS\lgusbmodem.sys
14:54:25.0435 0516  USBModem - ok
14:54:25.0451 0516  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:54:25.0451 0516  usbohci - ok
14:54:25.0482 0516  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:54:25.0482 0516  usbprint - ok
14:54:25.0498 0516  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:54:25.0498 0516  usbscan - ok
14:54:25.0529 0516  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:54:25.0529 0516  USBSTOR - ok
14:54:25.0560 0516  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:54:25.0560 0516  usbuhci - ok
14:54:25.0576 0516  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
14:54:25.0576 0516  UxSms - ok
14:54:25.0607 0516  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
14:54:25.0607 0516  vds - ok
14:54:25.0622 0516  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:54:25.0622 0516  vga - ok
14:54:25.0638 0516  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:54:25.0638 0516  VgaSave - ok
14:54:25.0669 0516  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
14:54:25.0669 0516  viaagp - ok
14:54:25.0685 0516  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
14:54:25.0685 0516  ViaC7 - ok
14:54:25.0700 0516  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
14:54:25.0700 0516  viaide - ok
14:54:25.0732 0516  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:54:25.0732 0516  volmgr - ok
14:54:25.0747 0516  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:54:25.0747 0516  volmgrx - ok
14:54:25.0763 0516  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:54:25.0763 0516  volsnap - ok
14:54:25.0794 0516  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:54:25.0794 0516  vsmraid - ok
14:54:25.0841 0516  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
14:54:25.0856 0516  VSS - ok
14:54:25.0888 0516  [ C466021D31FF6C0A6069D12299D80C0B ] VSTHWBS2        C:\Windows\system32\DRIVERS\VSTBS23.SYS
14:54:25.0888 0516  VSTHWBS2 - ok
14:54:25.0919 0516  [ EC36F1D542ED4252390D446BF6D4DFD0 ] VST_DPV         C:\Windows\system32\DRIVERS\VSTDPV3.SYS
14:54:25.0919 0516  VST_DPV - ok
14:54:25.0950 0516  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
14:54:25.0950 0516  W32Time - ok
14:54:25.0981 0516  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:54:25.0981 0516  WacomPen - ok
14:54:25.0997 0516  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
14:54:25.0997 0516  Wanarp - ok
14:54:26.0012 0516  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:54:26.0012 0516  Wanarpv6 - ok
14:54:26.0044 0516  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:54:26.0059 0516  wcncsvc - ok
14:54:26.0075 0516  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:54:26.0075 0516  WcsPlugInService - ok
14:54:26.0090 0516  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
14:54:26.0090 0516  Wd - ok
14:54:26.0122 0516  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:54:26.0137 0516  Wdf01000 - ok
14:54:26.0137 0516  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:54:26.0153 0516  WdiServiceHost - ok
14:54:26.0153 0516  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:54:26.0153 0516  WdiSystemHost - ok
14:54:26.0184 0516  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
14:54:26.0184 0516  WebClient - ok
14:54:26.0215 0516  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:54:26.0215 0516  Wecsvc - ok
14:54:26.0246 0516  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:54:26.0246 0516  wercplsupport - ok
14:54:26.0262 0516  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:54:26.0262 0516  WerSvc - ok
14:54:26.0293 0516  [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
14:54:26.0293 0516  winachsf - ok
14:54:26.0309 0516  WinHttpAutoProxySvc - ok
14:54:26.0356 0516  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:54:26.0356 0516  Winmgmt - ok
14:54:26.0418 0516  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:54:26.0434 0516  WinRM - ok
14:54:26.0465 0516  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:54:26.0480 0516  Wlansvc - ok
14:54:26.0512 0516  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:54:26.0512 0516  WmiAcpi - ok
14:54:26.0543 0516  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:54:26.0543 0516  wmiApSrv - ok
14:54:26.0605 0516  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
14:54:26.0605 0516  WMPNetworkSvc - ok
14:54:26.0636 0516  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:54:26.0636 0516  WPCSvc - ok
14:54:26.0668 0516  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:54:26.0668 0516  WPDBusEnum - ok
14:54:26.0699 0516  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
14:54:26.0714 0516  WpdUsb - ok
14:54:26.0730 0516  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:54:26.0730 0516  ws2ifsl - ok
14:54:26.0746 0516  WSearch - ok
14:54:26.0808 0516  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
14:54:26.0839 0516  wuauserv - ok
14:54:26.0870 0516  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:54:26.0870 0516  WudfPf - ok
14:54:26.0902 0516  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:54:26.0902 0516  WUDFRd - ok
14:54:26.0917 0516  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:54:26.0917 0516  wudfsvc - ok
14:54:26.0933 0516  [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
14:54:26.0933 0516  XAudio - ok
14:54:26.0964 0516  [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
14:54:26.0980 0516  XAudioService - ok
14:54:27.0058 0516  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
14:54:27.0058 0516  YahooAUService - ok
14:54:27.0073 0516  ================ Scan global ===============================
14:54:27.0089 0516  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
14:54:27.0120 0516  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
14:54:27.0136 0516  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
14:54:27.0151 0516  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
14:54:27.0167 0516  [Global] - ok
14:54:27.0167 0516  ================ Scan MBR ==================================
14:54:27.0167 0516  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:54:27.0619 0516  \Device\Harddisk0\DR0 - ok
14:54:27.0619 0516  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR2
14:54:30.0926 0516  \Device\Harddisk1\DR2 - ok
14:54:30.0926 0516  ================ Scan VBR ==================================
14:54:30.0926 0516  [ E610172A8D60257A500C0F266E9243F9 ] \Device\Harddisk0\DR0\Partition1
14:54:30.0926 0516  \Device\Harddisk0\DR0\Partition1 - ok
14:54:30.0926 0516  [ 6001C521CD847A80FF6B05CB0B45A4C3 ] \Device\Harddisk1\DR2\Partition1
14:54:30.0942 0516  \Device\Harddisk1\DR2\Partition1 - ok
14:54:30.0942 0516  ============================================================
14:54:30.0942 0516  Scan finished
14:54:30.0942 0516  ============================================================
14:54:30.0958 1560  Detected object count: 0
14:54:30.0958 1560  Actual detected object count: 0
14:55:38.0006 1376  Deinitialize success
 



#7 cdunscomp

cdunscomp
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 14 June 2013 - 03:12 PM

eset scan log.

C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G55NVO0I\vogelzang-double-barrel-stove-adapter-kit-bk50e-bk50e[1].html JS/Kryptik.AH trojan cleaned by deleting - quarantined
 


Edited by boopme, 14 June 2013 - 09:16 PM.


#8 cdunscomp

cdunscomp
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 14 June 2013 - 03:55 PM

rebooted, went to cnet/downloads(IE), clicked on direct link for io malware download (just to see if it worked). after showing progress bar same popup with red security shield saying imf.exe contained a virus and was deleted. clicked on more info, microsoft help window popped up saying this version had no info. Link provided went to software protection info on microsoft site.



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:22 AM

Posted 14 June 2013 - 09:24 PM

This looks clean now.

There is a problem with some CNET downloads .. we have removed malware from their installers.

 

IOlo will probably conflict with  MSFT Antimalware

 

What tool is reporting this as malware? MSFT Antimalware


Edited by boopme, 14 June 2013 - 09:29 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 cdunscomp

cdunscomp
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 15 June 2013 - 01:36 PM

When I go to control panel and select security, the spalsh screen says MSE is turned off.When I try to turn it on it says can't be accessed. When I go to microsoft website and try to download and reinstall MSE I get the same "file contained a virus and was deleted" message. How do I turn off microsoft antimalware when it says it isn't running. Also keeps saying I don't have permission even when running in admin mode. BTW, I believe the free AVG was installed on here before.



#11 cdunscomp

cdunscomp
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 15 June 2013 - 03:59 PM

Somewhat resolved. Hitman Pro found and removed (serfif) zero access virus. was able to download and install microsoft fixit tool. stiil trying to repair remove mse though.

HitmanPro 3.7.6.201
www.hitmanpro.com
   Computer name . . . . : USER-PC
   Windows . . . . . . . : 6.0.2.6002.X86/2
   User name . . . . . . : User-PC\User
   UAC . . . . . . . . . : Disabled
   License . . . . . . . : Trial (30 days left)
   Scan date . . . . . . : 2013-06-15 16:16:20
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 54s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
   Threats . . . . . . . : 48
   Traces  . . . . . . . : 1476
   Objects scanned . . . : 976,636
   Files scanned . . . . : 25,501
   Remnants scanned  . . : 158,604 files / 792,531 keys
Malware remnants ____________________________________________________________
   C:\$Recycle.Bin\S-1-5-18\$769c1ad65ef6835bee6711fe6786a43a\@ (ZeroAccess) -> Deleted
   C:\$Recycle.Bin\S-1-5-18\$769c1ad65ef6835bee6711fe6786a43a\L\ (ZeroAccess) -> Deleted
   C:\$Recycle.Bin\S-1-5-18\$769c1ad65ef6835bee6711fe6786a43a\U\ (ZeroAccess) -> Deleted
   C:\$Recycle.Bin\S-1-5-21-1223489780-3941291375-3118656199-1000\$769c1ad65ef6835bee6711fe6786a43a\@ (ZeroAccess) -> Deleted
   C:\$Recycle.Bin\S-1-5-21-1223489780-3941291375-3118656199-1000\$769c1ad65ef6835bee6711fe6786a43a\L\ (ZeroAccess) -> Deleted
   C:\$Recycle.Bin\S-1-5-21-1223489780-3941291375-3118656199-1000\$769c1ad65ef6835bee6711fe6786a43a\U\ (ZeroAccess) -> Deleted
Repairs _____________________________________________________________________
   Redirection: Antimalware -> c:\windows\system32\config
   Disables Microsoft Security Essentials (C:\Program Files\Microsoft Security Client)
   Redirection: Backup -> c:\windows\system32\config
   Disables Microsoft Security Essentials (C:\Program Files\Microsoft Security Client)
   Redirection: CleanUpPolicy.xml -> c:\windows\system32\config
   Disables Microsoft Security Essentials (C:\Program Files\Microsoft Security Client)
   Redirection: ConfigSecurityPolicy.exe -> c:\windows\system32\config
   Disables Microsoft Security Essentials (C:\Program Files\Microsoft Security Client)
   Redirection: en-us -> c:\windows\system32\config
   Disables Microsoft Security Essentials (C:\Program Files\Microsoft Security Client)
   Redirection: eppmanifest.dll -> c:\windows\system32\config
   Disables Microsoft Security Essentials (C:\Program Files\Microsoft Security Client)
   Redirection: MsMpRes.dll -> c:\windows\system32\config
   Disables Microsoft Security Essentials (C:\Program Files\Microsoft Security Client)
   Redirection: msseces.exe -> c:\windows\system32\config
   Disables Microsoft Security Essentials (C:\Program Files\Microsoft Security Client)
   Redirection: MsseWat.dll -> c:\windows\system32\config
   Disables Microsoft Security Essentials (C:\Program Files\Microsoft Security Client)
   Redirection: setup.exe -> c:\windows\system32\config
   Disables Microsoft Security Essentials (C:\Program Files\Microsoft Security Client)
   Redirection: setupres.dll -> c:\windows\system32\config
   Disables Microsoft Security Essentials (C:\Program Files\Microsoft Security Client)
   Redirection: shellext.dll -> c:\windows\system32\config
   Disables Microsoft Security Essentials (C:\Program Files\Microsoft Security Client)
   Redirection: sqmapi.dll -> c:\windows\system32\config
   Disables Microsoft Security Essentials (C:\Program Files\Microsoft Security Client)
   Redirection: en-US -> c:\windows\system32\config
   Disables Windows Defender (C:\Program Files\Windows Defender)
   Redirection: MpAsDesc.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Program Files\Windows Defender)
   Redirection: MpClient.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Program Files\Windows Defender)
   Redirection: MpCmdRun.exe -> c:\windows\system32\config
   Disables Windows Defender (C:\Program Files\Windows Defender)
   Redirection: MpEvMsg.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Program Files\Windows Defender)
   Redirection: MpOAV.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Program Files\Windows Defender)
   Redirection: MpRtMon.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Program Files\Windows Defender)
   Redirection: MpRtPlug.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Program Files\Windows Defender)
   Redirection: MpSigDwn.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Program Files\Windows Defender)
   Redirection: MpSoftEx.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Program Files\Windows Defender)
   Redirection: MpSvc.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Program Files\Windows Defender)
   Redirection: MSASCui.exe -> c:\windows\system32\config
   Disables Windows Defender (C:\Program Files\Windows Defender)
   Redirection: MsMpCom.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Program Files\Windows Defender)
   Redirection: MsMpLics.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Program Files\Windows Defender)
   Redirection: MsMpRes.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Program Files\Windows Defender)
   Redirection: MpEvMsg.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Windows\winsxs\x86_security-malware-windows-defender-events_31bf3856ad364e35_6.0.6000.16386_none_b3613e39beae266f)
   Redirection: MpAsDesc.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411)
   Redirection: MpClient.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411)
   Redirection: MpCmdRun.exe -> c:\windows\system32\config
   Disables Windows Defender (C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411)
   Redirection: MpOAV.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411)
   Redirection: MpRtMon.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411)
   Redirection: MpRtPlug.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411)
   Redirection: MpSigDwn.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411)
   Redirection: MpSoftEx.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411)
   Redirection: MpSvc.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411)
   Redirection: MSASCui.exe -> c:\windows\system32\config
   Disables Windows Defender (C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411)
   Redirection: MsMpCom.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411)
   Redirection: MsMpLics.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411)
   Redirection: MsMpRes.dll -> c:\windows\system32\config
   Disables Windows Defender (C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411)

Cookies _____________________________________________________________________
   C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.undertone.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:kontera.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:stat.onestat.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:verizontelecom.112.2o7.net
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\01ZTIUKO.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\0S7PZ1R5.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\13TXMAJD.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\14767U3D.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\1D00WAWA.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\1OOXK1N0.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\249MYBUN.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\2A0GQ6JI.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\3NOM1RZ8.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\3P9920E9.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\3Y0ERIU3.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\4TGPR33J.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\50HQ6TSO.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\50OBCZPN.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\524DT2VY.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\55DAN319.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\56XA2OR6.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\5EY8E2QH.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\6H9CB04B.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\6Q6I6DV8.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\8QZ8PVCP.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\9ASC3XOA.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\ABOPUX7I.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\AMDWDHK9.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\B8NGCRY3.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\BFYBBYAA.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\BW4XK66H.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\C7KW6ZE7.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\CKB7NPWJ.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\CNEIE7UJ.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\CR8VJUO8.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\CT5K340E.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\D08X9WHX.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\E0PVQ0T7.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\EOIQWTAG.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\FDN54IBA.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\FXMSLQR5.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\GGPJHYLA.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\GJ5ZXHZD.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\GNNEPJ93.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\GSAGP4Y1.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\H6SAMMTY.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\H91MMCL2.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\HH93RHC6.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\HMZ5KRQG.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\HOTBSONS.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\HTSCZT6R.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\I88XDPM7.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\IL5VC4P0.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\IWE5N9AR.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\J4PCBNO1.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\K7Q1QB0H.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\KK5EIBFF.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\KUGLBVFU.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\KWBWVQAM.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\L7FNM503.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\LMTCYK5J.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\LXYOJ2PN.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\NAHNRJ4D.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\NBNZTH4E.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\NNHE3AVM.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\NQOMKVBH.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\NTZU7FZV.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\O0ZP01PI.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\OCJZA0WH.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\OGT1CEY0.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\OPN92X4F.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\P3X28HRP.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\REVF6TCN.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\RKH1VGJQ.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\RSTT078M.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\S8N5RJKY.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\SDGSQ9G5.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\SGE0YHUG.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\T8CBUSFD.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\T8LTPLRZ.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\TIXZDJDW.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\U0VE60JX.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\V1J6FENV.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\V5KP15EM.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\VI6D56OH.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\W41YL7NY.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\WCIXQ3I6.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\XERF8PQ7.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\XVX352SD.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Y0643OCZ.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Y4V92DN3.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\YH1LC41Z.txt
   C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\ZLWE4NHC.txt


#12 cdunscomp

cdunscomp
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 15 June 2013 - 04:15 PM

So now how do I find and remove all of the tools and programs rkill tddsk antimalweare bites ect that are on my computer but not listed in add /remove?



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:22 AM

Posted 17 June 2013 - 08:21 PM

Just delete the desktop items.

Lets look at this
Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users