Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

internet explorer opening randomly


  • This topic is locked This topic is locked
19 replies to this topic

#1 Rony173

Rony173

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 03 August 2013 - 09:33 AM

Plzz help::;

my internet explorer opening randomly .... this is due to virus or else???

I use avast, kaspersky, avg, nod 32, McAfee (all latest version ) but neither can detect that virus while avg detect that its location is in "temp" folder but cant' delete it....

I format my whole PC several times with different boot disk but after format as soon as home screen appears , internet explorer again opening randomly......
now what to do???????


Edited by hamluis, 03 August 2013 - 11:23 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Rony173

Rony173
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 03 August 2013 - 09:34 AM

Plz help i was so upset for a month then i heard about this site...

#3 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:33 PM

Posted 03 August 2013 - 09:43 AM

:welcome:

 

Give this a try:

 

:step1: Install and run MBAM

:step2:  Running TDSSKiller to obtain log

 

Note: Don't cure or delete a threat, but choose skip for all instead.

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters

tds2.jpg

  • In the Additional options: Check Detect TDLFS file system
  • Click Start Scan and allow the scan process to run

tds4-1.jpg

  • Choose for all threats to Skip for all of them.
  • Click Continue
  • Please post the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)

===================================================

:step3:  ESET Online Scanner

==================

Note: If your AV is blocking Eset online scanner, please temporarily disable your AV.

 

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and » UNCHECK "Remove found threats" <== Important
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. (If no malware was found you will not be presented with a log).
  • Click the Back button.
  • Click the Finish button.

===================================================


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#4 Rony173

Rony173
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 03 August 2013 - 01:25 PM

Tdsss report==


14:54:51.0375 3424 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:54:51.0389 3424 ============================================================
14:54:51.0389 3424 Current date / time: 2013/08/03 14:54:51.0389
14:54:51.0389 3424 SystemInfo:
14:54:51.0389 3424
14:54:51.0389 3424 OS Version: 6.1.7601 ServicePack: 1.0
14:54:51.0389 3424 Product type: Workstation
14:54:51.0389 3424 ComputerName: 4U-PC
14:54:51.0389 3424 UserName: 4u
14:54:51.0389 3424 Windows directory: C:\Windows
14:54:51.0389 3424 System windows directory: C:\Windows
14:54:51.0389 3424 Processor architecture: Intel x86
14:54:51.0389 3424 Number of processors: 4
14:54:51.0389 3424 Page size: 0x1000
14:54:51.0389 3424 Boot type: Normal boot
14:54:51.0389 3424 ============================================================
14:54:52.0291 3424 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:54:52.0296 3424 ============================================================
14:54:52.0296 3424 \Device\Harddisk0\DR0:
14:54:52.0296 3424 MBR partitions:
14:54:52.0297 3424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1701D000
14:54:52.0297 3424 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1701D800, BlocksNum 0x61A7800
14:54:52.0297 3424 ============================================================
14:54:52.0310 3424 C: <-> \Device\Harddisk0\DR0\Partition1
14:54:52.0352 3424 E: <-> \Device\Harddisk0\DR0\Partition2
14:54:52.0352 3424 ============================================================
14:54:52.0352 3424 Initialize success
14:54:52.0352 3424 ============================================================
14:55:43.0443 3348 ============================================================
14:55:43.0443 3348 Scan started
14:55:43.0443 3348 Mode: Manual; TDLFS;
14:55:43.0443 3348 ============================================================
14:55:44.0022 3348 ================ Scan system memory ========================
14:55:44.0022 3348 System memory - ok
14:55:44.0023 3348 ================ Scan services =============================
14:55:44.0150 3348 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:55:44.0151 3348 1394ohci - ok
14:55:44.0169 3348 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:55:44.0171 3348 ACPI - ok
14:55:44.0187 3348 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:55:44.0188 3348 AcpiPmi - ok
14:55:44.0213 3348 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:55:44.0217 3348 adp94xx - ok
14:55:44.0226 3348 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:55:44.0228 3348 adpahci - ok
14:55:44.0238 3348 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:55:44.0239 3348 adpu320 - ok
14:55:44.0266 3348 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:55:44.0267 3348 AeLookupSvc - ok
14:55:44.0281 3348 [ 1151FD4FB0216CFED887BFDE29EBD516 ] AFD C:\Windows\system32\drivers\afd.sys
14:55:44.0284 3348 AFD - ok
14:55:44.0302 3348 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
14:55:44.0302 3348 agp440 - ok
14:55:44.0323 3348 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
14:55:44.0324 3348 aic78xx - ok
14:55:44.0350 3348 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
14:55:44.0351 3348 ALG - ok
14:55:44.0367 3348 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
14:55:44.0368 3348 aliide - ok
14:55:44.0378 3348 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:55:44.0379 3348 amdagp - ok
14:55:44.0382 3348 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
14:55:44.0383 3348 amdide - ok
14:55:44.0394 3348 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:55:44.0395 3348 AmdK8 - ok
14:55:44.0399 3348 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:55:44.0400 3348 AmdPPM - ok
14:55:44.0410 3348 [ E7F4D42D8076EC60E21715CD11743A0D ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:55:44.0411 3348 amdsata - ok
14:55:44.0421 3348 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:55:44.0422 3348 amdsbs - ok
14:55:44.0426 3348 [ 146459D2B08BFDCBFA856D9947043C81 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:55:44.0426 3348 amdxata - ok
14:55:44.0444 3348 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
14:55:44.0444 3348 AppID - ok
14:55:44.0471 3348 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:55:44.0472 3348 AppIDSvc - ok
14:55:44.0483 3348 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
14:55:44.0484 3348 Appinfo - ok
14:55:44.0518 3348 [ 205958759F914EE79A9BBDD539587FE4 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
14:55:44.0518 3348 AppleCharger - ok
14:55:44.0528 3348 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
14:55:44.0529 3348 AppleChargerSrv - ok
14:55:44.0561 3348 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
14:55:44.0562 3348 AppMgmt - ok
14:55:44.0587 3348 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
14:55:44.0588 3348 arc - ok
14:55:44.0592 3348 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:55:44.0593 3348 arcsas - ok
14:55:44.0662 3348 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:55:44.0662 3348 aspnet_state - ok
14:55:44.0691 3348 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:55:44.0692 3348 AsyncMac - ok
14:55:44.0702 3348 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
14:55:44.0703 3348 atapi - ok
14:55:44.0737 3348 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:55:44.0741 3348 AudioEndpointBuilder - ok
14:55:44.0754 3348 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:55:44.0757 3348 Audiosrv - ok
14:55:44.0770 3348 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:55:44.0771 3348 AxInstSV - ok
14:55:44.0795 3348 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
14:55:44.0798 3348 b06bdrv - ok
14:55:44.0824 3348 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
14:55:44.0826 3348 b57nd60x - ok
14:55:44.0853 3348 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
14:55:44.0854 3348 BDESVC - ok
14:55:44.0869 3348 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
14:55:44.0869 3348 Beep - ok
14:55:44.0893 3348 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
14:55:44.0897 3348 BFE - ok
14:55:44.0923 3348 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
14:55:44.0929 3348 BITS - ok
14:55:44.0947 3348 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:55:44.0947 3348 blbdrive - ok
14:55:44.0952 3348 [ FCAFAEF6798D7B51FF029F99A9898961 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:55:44.0953 3348 bowser - ok
14:55:44.0967 3348 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:55:44.0967 3348 BrFiltLo - ok
14:55:44.0971 3348 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:55:44.0972 3348 BrFiltUp - ok
14:55:44.0992 3348 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
14:55:44.0993 3348 Browser - ok
14:55:44.0999 3348 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:55:45.0000 3348 Brserid - ok
14:55:45.0004 3348 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:55:45.0005 3348 BrSerWdm - ok
14:55:45.0008 3348 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:55:45.0009 3348 BrUsbMdm - ok
14:55:45.0012 3348 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:55:45.0013 3348 BrUsbSer - ok
14:55:45.0025 3348 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:55:45.0025 3348 BTHMODEM - ok
14:55:45.0044 3348 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
14:55:45.0044 3348 bthserv - ok
14:55:45.0067 3348 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:55:45.0067 3348 cdfs - ok
14:55:45.0091 3348 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:55:45.0092 3348 cdrom - ok
14:55:45.0106 3348 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
14:55:45.0107 3348 CertPropSvc - ok
14:55:45.0140 3348 [ DCE71AFF23661DB0BC0AE096CDCD23F7 ] Change Modem Device Service C:\ProgramData\ChgService.exe
14:55:45.0141 3348 Change Modem Device Service - ok
14:55:45.0171 3348 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
14:55:45.0171 3348 circlass - ok
14:55:45.0196 3348 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
14:55:45.0198 3348 CLFS - ok
14:55:45.0229 3348 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:55:45.0229 3348 clr_optimization_v2.0.50727_32 - ok
14:55:45.0260 3348 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:55:45.0261 3348 clr_optimization_v4.0.30319_32 - ok
14:55:45.0280 3348 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:55:45.0281 3348 CmBatt - ok
14:55:45.0297 3348 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:55:45.0298 3348 cmdide - ok
14:55:45.0328 3348 [ CE0D4EAC1CD08ECF5FB9EAB4B1E403C7 ] cmnsusbser C:\Windows\system32\DRIVERS\cmnsusbser.sys
14:55:45.0329 3348 cmnsusbser - ok
14:55:45.0356 3348 [ 1B675691ED940766149C93E8F4488D68 ] CNG C:\Windows\system32\Drivers\cng.sys
14:55:45.0359 3348 CNG - ok
14:55:45.0371 3348 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:55:45.0371 3348 Compbatt - ok
14:55:45.0385 3348 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:55:45.0386 3348 CompositeBus - ok
14:55:45.0392 3348 COMSysApp - ok
14:55:45.0425 3348 [ 45098C38F484C158ACB77D2AAE3954AF ] cphs C:\Windows\system32\IntelCpHeciSvc.exe
14:55:45.0429 3348 cphs - ok
14:55:45.0447 3348 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:55:45.0448 3348 crcdisk - ok
14:55:45.0487 3348 [ A585BEBF7D054BD9618EDA0922D5484A ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:55:45.0488 3348 CryptSvc - ok
14:55:45.0512 3348 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
14:55:45.0515 3348 CSC - ok
14:55:45.0534 3348 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
14:55:45.0538 3348 CscService - ok
14:55:45.0560 3348 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
14:55:45.0565 3348 DcomLaunch - ok
14:55:45.0585 3348 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
14:55:45.0588 3348 defragsvc - ok
14:55:45.0605 3348 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:55:45.0606 3348 DfsC - ok
14:55:45.0631 3348 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:55:45.0633 3348 Dhcp - ok
14:55:45.0637 3348 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
14:55:45.0638 3348 discache - ok
14:55:45.0656 3348 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
14:55:45.0657 3348 Disk - ok
14:55:45.0686 3348 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
14:55:45.0687 3348 dmvsc - ok
14:55:45.0716 3348 [ 2FE30D71919C51131405797620E0A714 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:55:45.0717 3348 Dnscache - ok
14:55:45.0740 3348 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
14:55:45.0742 3348 dot3svc - ok
14:55:45.0757 3348 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
14:55:45.0759 3348 DPS - ok
14:55:45.0777 3348 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:55:45.0777 3348 drmkaud - ok
14:55:45.0822 3348 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:55:45.0827 3348 DXGKrnl - ok
14:55:45.0845 3348 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
14:55:45.0846 3348 EapHost - ok
14:55:45.0944 3348 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
14:55:45.0960 3348 ebdrv - ok
14:55:45.0976 3348 [ F42309C4191C506B71DB5D1126D26318 ] EFS C:\Windows\System32\lsass.exe
14:55:45.0978 3348 EFS - ok
14:55:46.0081 3348 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:55:46.0085 3348 ehRecvr - ok
14:55:46.0093 3348 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
14:55:46.0094 3348 ehSched - ok
14:55:46.0123 3348 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:55:46.0127 3348 elxstor - ok
14:55:46.0136 3348 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:55:46.0136 3348 ErrDev - ok
14:55:46.0168 3348 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
14:55:46.0171 3348 EventSystem - ok
14:55:46.0193 3348 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
14:55:46.0194 3348 exfat - ok
14:55:46.0200 3348 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:55:46.0201 3348 fastfat - ok
14:55:46.0233 3348 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
14:55:46.0237 3348 Fax - ok
14:55:46.0242 3348 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
14:55:46.0242 3348 fdc - ok
14:55:46.0254 3348 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
14:55:46.0255 3348 fdPHost - ok
14:55:46.0262 3348 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
14:55:46.0264 3348 FDResPub - ok
14:55:46.0278 3348 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:55:46.0279 3348 FileInfo - ok
14:55:46.0283 3348 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:55:46.0284 3348 Filetrace - ok
14:55:46.0288 3348 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:55:46.0288 3348 flpydisk - ok
14:55:46.0299 3348 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:55:46.0300 3348 FltMgr - ok
14:55:46.0324 3348 [ FA6C66E4364D7DA57AADE5DCC03BB999 ] FontCache C:\Windows\system32\FntCache.dll
14:55:46.0328 3348 FontCache - ok
14:55:46.0380 3348 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:55:46.0381 3348 FontCache3.0.0.0 - ok
14:55:46.0401 3348 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:55:46.0401 3348 FsDepends - ok
14:55:46.0405 3348 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:55:46.0406 3348 Fs_Rec - ok
14:55:46.0412 3348 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:55:46.0413 3348 fvevol - ok
14:55:46.0432 3348 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:55:46.0432 3348 gagp30kx - ok
14:55:46.0451 3348 gdrv - ok
14:55:46.0477 3348 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
14:55:46.0480 3348 gpsvc - ok
14:55:46.0537 3348 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:55:46.0538 3348 gupdate - ok
14:55:46.0546 3348 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:55:46.0547 3348 gupdatem - ok
14:55:46.0571 3348 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:55:46.0572 3348 hcw85cir - ok
14:55:46.0610 3348 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:55:46.0613 3348 HdAudAddService - ok
14:55:46.0635 3348 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:55:46.0637 3348 HDAudBus - ok
14:55:46.0648 3348 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:55:46.0649 3348 HidBatt - ok
14:55:46.0654 3348 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:55:46.0655 3348 HidBth - ok
14:55:46.0668 3348 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
14:55:46.0668 3348 HidIr - ok
14:55:46.0685 3348 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
14:55:46.0686 3348 hidserv - ok
14:55:46.0696 3348 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:55:46.0696 3348 HidUsb - ok
14:55:46.0719 3348 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:55:46.0721 3348 hkmsvc - ok
14:55:46.0734 3348 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:55:46.0737 3348 HomeGroupListener - ok
14:55:46.0759 3348 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:55:46.0762 3348 HomeGroupProvider - ok
14:55:46.0786 3348 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:55:46.0787 3348 HpSAMD - ok
14:55:46.0798 3348 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:55:46.0802 3348 HTTP - ok
14:55:46.0806 3348 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:55:46.0806 3348 hwpolicy - ok
14:55:46.0826 3348 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:55:46.0827 3348 i8042prt - ok
14:55:46.0838 3348 [ A3CAE5D281DB4CFF7CFF8233507EE5AD ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:55:46.0841 3348 iaStorV - ok
14:55:46.0900 3348 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:55:46.0906 3348 idsvc - ok
14:55:47.0089 3348 [ 3EE2D527E11239AB3F329AB03A242FEE ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
14:55:47.0119 3348 igfx - ok
14:55:47.0145 3348 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:55:47.0146 3348 iirsp - ok
14:55:47.0183 3348 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
14:55:47.0189 3348 IKEEXT - ok
14:55:47.0312 3348 [ F2C17D2C3D70C389193D9954E375E5E3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:55:47.0333 3348 IntcAzAudAddService - ok
14:55:47.0345 3348 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
14:55:47.0346 3348 intelide - ok
14:55:47.0379 3348 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:55:47.0380 3348 intelppm - ok
14:55:47.0393 3348 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:55:47.0394 3348 IPBusEnum - ok
14:55:47.0410 3348 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:55:47.0411 3348 IpFilterDriver - ok
14:55:47.0427 3348 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:55:47.0430 3348 iphlpsvc - ok
14:55:47.0433 3348 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:55:47.0434 3348 IPMIDRV - ok
14:55:47.0438 3348 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:55:47.0439 3348 IPNAT - ok
14:55:47.0454 3348 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:55:47.0454 3348 IRENUM - ok
14:55:47.0457 3348 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:55:47.0458 3348 isapnp - ok
14:55:47.0474 3348 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:55:47.0475 3348 iScsiPrt - ok
14:55:47.0489 3348 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:55:47.0489 3348 kbdclass - ok
14:55:47.0495 3348 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:55:47.0495 3348 kbdhid - ok
14:55:47.0509 3348 [ F42309C4191C506B71DB5D1126D26318 ] KeyIso C:\Windows\system32\lsass.exe
14:55:47.0510 3348 KeyIso - ok
14:55:47.0514 3348 [ 412CEA1AA78CC02A447F5C9E62B32FF1 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:55:47.0514 3348 KSecDD - ok
14:55:47.0530 3348 [ 26C046977E85B95036453D7B88BA1820 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:55:47.0531 3348 KSecPkg - ok
14:55:47.0558 3348 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
14:55:47.0561 3348 KtmRm - ok
14:55:47.0576 3348 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
14:55:47.0578 3348 LanmanServer - ok
14:55:47.0594 3348 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:55:47.0596 3348 LanmanWorkstation - ok
14:55:47.0621 3348 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:55:47.0622 3348 lltdio - ok
14:55:47.0647 3348 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:55:47.0649 3348 lltdsvc - ok
14:55:47.0665 3348 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
14:55:47.0666 3348 lmhosts - ok
14:55:47.0684 3348 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:55:47.0685 3348 LSI_FC - ok
14:55:47.0697 3348 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:55:47.0698 3348 LSI_SAS - ok
14:55:47.0702 3348 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:55:47.0702 3348 LSI_SAS2 - ok
14:55:47.0706 3348 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:55:47.0707 3348 LSI_SCSI - ok
14:55:47.0721 3348 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
14:55:47.0722 3348 luafv - ok
14:55:47.0759 3348 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:55:47.0760 3348 MBAMProtector - ok
14:55:47.0794 3348 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:55:47.0798 3348 MBAMScheduler - ok
14:55:47.0825 3348 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:55:47.0830 3348 MBAMService - ok
14:55:47.0846 3348 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:55:47.0848 3348 Mcx2Svc - ok
14:55:47.0874 3348 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
14:55:47.0874 3348 megasas - ok
14:55:47.0894 3348 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:55:47.0896 3348 MegaSR - ok
14:55:47.0917 3348 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
14:55:47.0919 3348 MMCSS - ok
14:55:47.0927 3348 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
14:55:47.0928 3348 Modem - ok
14:55:47.0942 3348 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:55:47.0942 3348 monitor - ok
14:55:47.0950 3348 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:55:47.0952 3348 mouclass - ok
14:55:47.0964 3348 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:55:47.0964 3348 mouhid - ok
14:55:47.0976 3348 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:55:47.0977 3348 mountmgr - ok
14:55:47.0982 3348 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
14:55:47.0983 3348 mpio - ok
14:55:47.0988 3348 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:55:47.0989 3348 mpsdrv - ok
14:55:48.0024 3348 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:55:48.0029 3348 MpsSvc - ok
14:55:48.0043 3348 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:55:48.0045 3348 MRxDAV - ok
14:55:48.0051 3348 [ B272B4C3E085EA860C12F2E4FAF2FFA2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:55:48.0052 3348 mrxsmb - ok
14:55:48.0056 3348 [ 9AC33EF26C8A3AD0F117D00EB7301D03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:55:48.0058 3348 mrxsmb10 - ok
14:55:48.0062 3348 [ E0ABDB5ED7E199E242A7D028E76C1D3A ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:55:48.0063 3348 mrxsmb20 - ok
14:55:48.0066 3348 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
14:55:48.0067 3348 msahci - ok
14:55:48.0071 3348 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:55:48.0072 3348 msdsm - ok
14:55:48.0086 3348 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
14:55:48.0088 3348 MSDTC - ok
14:55:48.0093 3348 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:55:48.0093 3348 Msfs - ok
14:55:48.0101 3348 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:55:48.0101 3348 mshidkmdf - ok
14:55:48.0104 3348 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:55:48.0104 3348 msisadrv - ok
14:55:48.0131 3348 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:55:48.0133 3348 MSiSCSI - ok
14:55:48.0136 3348 msiserver - ok
14:55:48.0156 3348 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:55:48.0156 3348 MSKSSRV - ok
14:55:48.0166 3348 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:55:48.0167 3348 MSPCLOCK - ok
14:55:48.0170 3348 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:55:48.0170 3348 MSPQM - ok
14:55:48.0174 3348 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:55:48.0175 3348 MsRPC - ok
14:55:48.0179 3348 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:55:48.0180 3348 mssmbios - ok
14:55:48.0193 3348 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:55:48.0193 3348 MSTEE - ok
14:55:48.0204 3348 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:55:48.0204 3348 MTConfig - ok
14:55:48.0207 3348 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
14:55:48.0208 3348 Mup - ok
14:55:48.0238 3348 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
14:55:48.0241 3348 napagent - ok
14:55:48.0261 3348 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:55:48.0262 3348 NativeWifiP - ok
14:55:48.0272 3348 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:55:48.0275 3348 NDIS - ok
14:55:48.0299 3348 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:55:48.0300 3348 NdisCap - ok
14:55:48.0302 3348 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:55:48.0303 3348 NdisTapi - ok
14:55:48.0306 3348 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:55:48.0307 3348 Ndisuio - ok
14:55:48.0310 3348 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:55:48.0311 3348 NdisWan - ok
14:55:48.0314 3348 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:55:48.0315 3348 NDProxy - ok
14:55:48.0318 3348 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:55:48.0319 3348 NetBIOS - ok
14:55:48.0325 3348 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:55:48.0326 3348 NetBT - ok
14:55:48.0334 3348 [ F42309C4191C506B71DB5D1126D26318 ] Netlogon C:\Windows\system32\lsass.exe
14:55:48.0335 3348 Netlogon - ok
14:55:48.0361 3348 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
14:55:48.0363 3348 Netman - ok
14:55:48.0395 3348 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:55:48.0396 3348 NetMsmqActivator - ok
14:55:48.0400 3348 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:55:48.0401 3348 NetPipeActivator - ok
14:55:48.0408 3348 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
14:55:48.0410 3348 netprofm - ok
14:55:48.0414 3348 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:55:48.0415 3348 NetTcpActivator - ok
14:55:48.0420 3348 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:55:48.0421 3348 NetTcpPortSharing - ok
14:55:48.0458 3348 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:55:48.0459 3348 nfrd960 - ok
14:55:48.0475 3348 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:55:48.0477 3348 NlaSvc - ok
14:55:48.0480 3348 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:55:48.0481 3348 Npfs - ok
14:55:48.0495 3348 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
14:55:48.0497 3348 nsi - ok
14:55:48.0499 3348 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:55:48.0500 3348 nsiproxy - ok
14:55:48.0533 3348 [ 33C3093D09017CFE2E219F2472BFF6EB ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:55:48.0538 3348 Ntfs - ok
14:55:48.0544 3348 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
14:55:48.0544 3348 Null - ok
14:55:48.0549 3348 [ AF2EEC9580C1D32FB7EAF105D9784061 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:55:48.0550 3348 nvraid - ok
14:55:48.0554 3348 [ 9283C58EBAA2618F93482EB5DABCEC82 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:55:48.0555 3348 nvstor - ok
14:55:48.0574 3348 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:55:48.0575 3348 nv_agp - ok
14:55:48.0593 3348 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:55:48.0594 3348 ohci1394 - ok
14:55:48.0619 3348 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:55:48.0622 3348 p2pimsvc - ok
14:55:48.0641 3348 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
14:55:48.0645 3348 p2psvc - ok
14:55:48.0693 3348 [ 1011C779C9FCD01AFA96490C86A50421 ] PanService C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
14:55:48.0698 3348 PanService - ok
14:55:48.0723 3348 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:55:48.0724 3348 Parport - ok
14:55:48.0728 3348 [ BF8F6AF06DA75B336F07E23AEF97D93B ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:55:48.0729 3348 partmgr - ok
14:55:48.0743 3348 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
14:55:48.0744 3348 Parvdm - ok
14:55:48.0764 3348 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:55:48.0768 3348 PcaSvc - ok
14:55:48.0774 3348 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
14:55:48.0775 3348 pci - ok
14:55:48.0784 3348 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
14:55:48.0784 3348 pciide - ok
14:55:48.0797 3348 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:55:48.0799 3348 pcmcia - ok
14:55:48.0803 3348 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
14:55:48.0805 3348 pcw - ok
14:55:48.0828 3348 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:55:48.0833 3348 PEAUTH - ok
14:55:48.0878 3348 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:55:48.0887 3348 PeerDistSvc - ok
14:55:48.0947 3348 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
14:55:48.0960 3348 pla - ok
14:55:48.0993 3348 [ 92DC6E68D2C856C5C2F21AE9E22112B8 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:55:48.0997 3348 PlugPlay - ok
14:55:49.0007 3348 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:55:49.0010 3348 PNRPAutoReg - ok
14:55:49.0028 3348 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:55:49.0032 3348 PNRPsvc - ok
14:55:49.0066 3348 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:55:49.0070 3348 PolicyAgent - ok
14:55:49.0077 3348 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
14:55:49.0081 3348 Power - ok
14:55:49.0105 3348 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:55:49.0106 3348 PptpMiniport - ok
14:55:49.0120 3348 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
14:55:49.0121 3348 Processor - ok
14:55:49.0157 3348 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
14:55:49.0160 3348 ProfSvc - ok
14:55:49.0167 3348 [ F42309C4191C506B71DB5D1126D26318 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:55:49.0168 3348 ProtectedStorage - ok
14:55:49.0189 3348 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:55:49.0190 3348 Psched - ok
14:55:49.0236 3348 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:55:49.0247 3348 ql2300 - ok
14:55:49.0252 3348 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:55:49.0252 3348 ql40xx - ok
14:55:49.0267 3348 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
14:55:49.0269 3348 QWAVE - ok
14:55:49.0280 3348 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:55:49.0280 3348 QWAVEdrv - ok
14:55:49.0283 3348 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:55:49.0284 3348 RasAcd - ok
14:55:49.0302 3348 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:55:49.0302 3348 RasAgileVpn - ok
14:55:49.0315 3348 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
14:55:49.0316 3348 RasAuto - ok
14:55:49.0329 3348 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:55:49.0329 3348 Rasl2tp - ok
14:55:49.0360 3348 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
14:55:49.0362 3348 RasMan - ok
14:55:49.0366 3348 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:55:49.0366 3348 RasPppoe - ok
14:55:49.0380 3348 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:55:49.0380 3348 RasSstp - ok
14:55:49.0392 3348 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:55:49.0393 3348 rdbss - ok
14:55:49.0406 3348 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:55:49.0407 3348 rdpbus - ok
14:55:49.0415 3348 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:55:49.0415 3348 RDPCDD - ok
14:55:49.0440 3348 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:55:49.0441 3348 RDPDR - ok
14:55:49.0454 3348 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:55:49.0454 3348 RDPENCDD - ok
14:55:49.0478 3348 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:55:49.0478 3348 RDPREFMP - ok
14:55:49.0492 3348 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:55:49.0493 3348 RdpVideoMiniport - ok
14:55:49.0498 3348 [ 288B06960D78428FF89E811632684E20 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:55:49.0499 3348 RDPWD - ok
14:55:49.0518 3348 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:55:49.0519 3348 rdyboost - ok
14:55:49.0553 3348 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
14:55:49.0555 3348 RemoteAccess - ok
14:55:49.0569 3348 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:55:49.0572 3348 RemoteRegistry - ok
14:55:49.0597 3348 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:55:49.0599 3348 RpcEptMapper - ok
14:55:49.0607 3348 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
14:55:49.0609 3348 RpcLocator - ok
14:55:49.0625 3348 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
14:55:49.0629 3348 RpcSs - ok
14:55:49.0668 3348 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:55:49.0668 3348 rspndr - ok
14:55:49.0692 3348 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:55:49.0693 3348 s3cap - ok
14:55:49.0708 3348 [ F42309C4191C506B71DB5D1126D26318 ] SamSs C:\Windows\system32\lsass.exe
14:55:49.0710 3348 SamSs - ok
14:55:49.0725 3348 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:55:49.0726 3348 sbp2port - ok
14:55:49.0753 3348 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:55:49.0755 3348 SCardSvr - ok
14:55:49.0765 3348 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:55:49.0765 3348 scfilter - ok
14:55:49.0788 3348 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
14:55:49.0795 3348 Schedule - ok
14:55:49.0804 3348 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:55:49.0805 3348 SCPolicySvc - ok
14:55:49.0822 3348 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:55:49.0825 3348 SDRSVC - ok
14:55:49.0854 3348 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:55:49.0854 3348 secdrv - ok
14:55:49.0869 3348 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
14:55:49.0871 3348 seclogon - ok
14:55:49.0892 3348 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
14:55:49.0894 3348 SENS - ok
14:55:49.0913 3348 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:55:49.0915 3348 SensrSvc - ok
14:55:49.0924 3348 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:55:49.0925 3348 Serenum - ok
14:55:49.0934 3348 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:55:49.0935 3348 Serial - ok
14:55:49.0953 3348 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:55:49.0953 3348 sermouse - ok
14:55:49.0972 3348 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
14:55:49.0975 3348 SessionEnv - ok
14:55:49.0979 3348 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:55:49.0979 3348 sffdisk - ok
14:55:49.0983 3348 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:55:49.0983 3348 sffp_mmc - ok
14:55:49.0988 3348 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:55:49.0989 3348 sffp_sd - ok
14:55:49.0992 3348 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:55:49.0993 3348 sfloppy - ok
14:55:50.0017 3348 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:55:50.0019 3348 SharedAccess - ok
14:55:50.0035 3348 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:55:50.0037 3348 ShellHWDetection - ok
14:55:50.0056 3348 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:55:50.0056 3348 sisagp - ok
14:55:50.0072 3348 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:55:50.0072 3348 SiSRaid2 - ok
14:55:50.0077 3348 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:55:50.0077 3348 SiSRaid4 - ok
14:55:50.0091 3348 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:55:50.0092 3348 Smb - ok
14:55:50.0117 3348 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:55:50.0118 3348 SNMPTRAP - ok
14:55:50.0121 3348 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
14:55:50.0121 3348 spldr - ok
14:55:50.0142 3348 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
14:55:50.0145 3348 Spooler - ok
14:55:50.0239 3348 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
14:55:50.0254 3348 sppsvc - ok
14:55:50.0262 3348 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:55:50.0264 3348 sppuinotify - ok
14:55:50.0279 3348 [ 112127C3B2E64D7680CC39CD0A39DD7E ] srv C:\Windows\system32\DRIVERS\srv.sys
14:55:50.0281 3348 srv - ok
14:55:50.0287 3348 [ E5DD784A4EE5EBC72A86C677C988FCDB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:55:50.0288 3348 srv2 - ok
14:55:50.0292 3348 [ CDBE627E16CC9E98F343D73F8E81D258 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:55:50.0293 3348 srvnet - ok
14:55:50.0309 3348 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:55:50.0311 3348 SSDPSRV - ok
14:55:50.0314 3348 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:55:50.0316 3348 SstpSvc - ok
14:55:50.0319 3348 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:55:50.0319 3348 stexstor - ok
14:55:50.0353 3348 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
14:55:50.0357 3348 StiSvc - ok
14:55:50.0379 3348 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:55:50.0380 3348 storflt - ok
14:55:50.0397 3348 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:55:50.0397 3348 storvsc - ok
14:55:50.0411 3348 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:55:50.0412 3348 swenum - ok
14:55:50.0427 3348 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
14:55:50.0429 3348 swprv - ok
14:55:50.0445 3348 [ F2AD8960812FD111E20E84659EF19D43 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
14:55:50.0445 3348 Synth3dVsc - ok
14:55:50.0482 3348 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
14:55:50.0492 3348 SysMain - ok
14:55:50.0500 3348 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:55:50.0503 3348 TabletInputService - ok
14:55:50.0515 3348 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
14:55:50.0517 3348 TapiSrv - ok
14:55:50.0524 3348 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
14:55:50.0525 3348 TBS - ok
14:55:50.0558 3348 [ 37E8FA3779668837CA9E2C36D2415949 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:55:50.0564 3348 Tcpip - ok
14:55:50.0608 3348 [ 37E8FA3779668837CA9E2C36D2415949 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:55:50.0614 3348 TCPIP6 - ok
14:55:50.0634 3348 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:55:50.0634 3348 tcpipreg - ok
14:55:50.0648 3348 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:55:50.0649 3348 TDPIPE - ok
14:55:50.0652 3348 [ 2C10395BAA4847F83042813C515CC289 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:55:50.0652 3348 TDTCP - ok
14:55:50.0656 3348 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:55:50.0656 3348 tdx - ok
14:55:50.0660 3348 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:55:50.0660 3348 TermDD - ok
14:55:50.0679 3348 [ 052306FD76793D5D5AB5D9891FD1ADBB ] terminpt C:\Windows\system32\drivers\terminpt.sys
14:55:50.0679 3348 terminpt - ok
14:55:50.0707 3348 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
14:55:50.0711 3348 TermService - ok
14:55:50.0722 3348 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
14:55:50.0724 3348 Themes - ok
14:55:50.0732 3348 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
14:55:50.0733 3348 THREADORDER - ok
14:55:50.0752 3348 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
14:55:50.0754 3348 TrkWks - ok
14:55:50.0794 3348 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:55:50.0795 3348 TrustedInstaller - ok
14:55:50.0809 3348 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:55:50.0810 3348 tssecsrv - ok
14:55:50.0819 3348 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:55:50.0819 3348 TsUsbFlt - ok
14:55:50.0829 3348 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:55:50.0830 3348 TsUsbGD - ok
14:55:50.0842 3348 [ 045ACB987C650D8186C6B4A692223860 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
14:55:50.0842 3348 tsusbhub - ok
14:55:50.0852 3348 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:55:50.0853 3348 tunnel - ok
14:55:50.0864 3348 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:55:50.0865 3348 uagp35 - ok
14:55:50.0878 3348 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:55:50.0879 3348 udfs - ok
14:55:50.0899 3348 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:55:50.0901 3348 UI0Detect - ok
14:55:50.0919 3348 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:55:50.0919 3348 uliagpkx - ok
14:55:50.0932 3348 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:55:50.0932 3348 umbus - ok
14:55:50.0946 3348 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
14:55:50.0946 3348 UmPass - ok
14:55:50.0973 3348 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
14:55:50.0975 3348 UmRdpService - ok
14:55:50.0997 3348 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
14:55:50.0999 3348 upnphost - ok
14:55:51.0021 3348 [ 7E72E7D7E0757D59481D530FD2B0BFAE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:55:51.0022 3348 usbccgp - ok
14:55:51.0032 3348 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:55:51.0033 3348 usbcir - ok
14:55:51.0046 3348 [ CFBCE999C057D78979A181C9C60F208E ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:55:51.0046 3348 usbehci - ok
14:55:51.0065 3348 [ 9D22AAD9AC6A07C691A1113E5F860868 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:55:51.0067 3348 usbhub - ok
14:55:51.0082 3348 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:55:51.0083 3348 usbohci - ok
14:55:51.0103 3348 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:55:51.0104 3348 usbprint - ok
14:55:51.0123 3348 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:55:51.0124 3348 usbscan - ok
14:55:51.0135 3348 [ BF63EBFC6979FEFB2BC03DF7989A0C1A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:55:51.0135 3348 USBSTOR - ok
14:55:51.0148 3348 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:55:51.0149 3348 usbuhci - ok
14:55:51.0166 3348 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
14:55:51.0168 3348 UxSms - ok
14:55:51.0174 3348 [ F42309C4191C506B71DB5D1126D26318 ] VaultSvc C:\Windows\system32\lsass.exe
14:55:51.0175 3348 VaultSvc - ok
14:55:51.0217 3348 [ A0D2E1EE9177C19472FA83D3EB6A74D8 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
14:55:51.0218 3348 VBoxNetAdp - ok
14:55:51.0220 3348 VBoxNetFlt - ok
14:55:51.0252 3348 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:55:51.0253 3348 vdrvroot - ok
14:55:51.0275 3348 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
14:55:51.0278 3348 vds - ok
14:55:51.0291 3348 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:55:51.0292 3348 vga - ok
14:55:51.0301 3348 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:55:51.0302 3348 VgaSave - ok
14:55:51.0304 3348 VGPU - ok
14:55:51.0309 3348 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:55:51.0310 3348 vhdmp - ok
14:55:51.0317 3348 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:55:51.0317 3348 viaagp - ok
14:55:51.0329 3348 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
14:55:51.0329 3348 ViaC7 - ok
14:55:51.0338 3348 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
14:55:51.0338 3348 viaide - ok
14:55:51.0357 3348 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:55:51.0358 3348 vmbus - ok
14:55:51.0370 3348 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:55:51.0371 3348 VMBusHID - ok
14:55:51.0374 3348 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:55:51.0375 3348 volmgr - ok
14:55:51.0380 3348 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:55:51.0381 3348 volmgrx - ok
14:55:51.0388 3348 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:55:51.0389 3348 volsnap - ok
14:55:51.0399 3348 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:55:51.0400 3348 vsmraid - ok
14:55:51.0447 3348 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
14:55:51.0457 3348 VSS - ok
14:55:51.0470 3348 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:55:51.0470 3348 vwifibus - ok
14:55:51.0492 3348 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
14:55:51.0497 3348 W32Time - ok
14:55:51.0513 3348 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:55:51.0513 3348 WacomPen - ok
14:55:51.0529 3348 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:55:51.0530 3348 WANARP - ok
14:55:51.0534 3348 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:55:51.0535 3348 Wanarpv6 - ok
14:55:51.0587 3348 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
14:55:51.0598 3348 wbengine - ok
14:55:51.0614 3348 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:55:51.0618 3348 WbioSrvc - ok
14:55:51.0640 3348 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:55:51.0643 3348 wcncsvc - ok
14:55:51.0663 3348 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:55:51.0665 3348 WcsPlugInService - ok
14:55:51.0679 3348 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
14:55:51.0679 3348 Wd - ok
14:55:51.0689 3348 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:55:51.0693 3348 Wdf01000 - ok
14:55:51.0698 3348 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:55:51.0702 3348 WdiServiceHost - ok
14:55:51.0706 3348 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:55:51.0709 3348 WdiSystemHost - ok
14:55:51.0719 3348 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
14:55:51.0721 3348 WebClient - ok
14:55:51.0745 3348 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:55:51.0747 3348 Wecsvc - ok
14:55:51.0756 3348 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:55:51.0758 3348 wercplsupport - ok
14:55:51.0777 3348 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
14:55:51.0779 3348 WerSvc - ok
14:55:51.0800 3348 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:55:51.0800 3348 WfpLwf - ok
14:55:51.0811 3348 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:55:51.0811 3348 WIMMount - ok
14:55:51.0853 3348 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:55:51.0856 3348 WinDefend - ok
14:55:51.0860 3348 WinHttpAutoProxySvc - ok
14:55:51.0912 3348 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:55:51.0913 3348 Winmgmt - ok
14:55:51.0954 3348 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
14:55:51.0966 3348 WinRM - ok
14:55:52.0014 3348 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:55:52.0021 3348 Wlansvc - ok
14:55:52.0036 3348 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:55:52.0036 3348 WmiAcpi - ok
14:55:52.0049 3348 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:55:52.0050 3348 wmiApSrv - ok
14:55:52.0116 3348 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:55:52.0124 3348 WMPNetworkSvc - ok
14:55:52.0141 3348 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:55:52.0144 3348 WPCSvc - ok
14:55:52.0153 3348 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:55:52.0156 3348 WPDBusEnum - ok
14:55:52.0178 3348 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:55:52.0179 3348 ws2ifsl - ok
14:55:52.0192 3348 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
14:55:52.0196 3348 wscsvc - ok
14:55:52.0200 3348 WSearch - ok
14:55:52.0268 3348 [ 3026418A50C5B4761BEFA632CEDB7406 ] wuauserv C:\Windows\system32\wuaueng.dll
14:55:52.0282 3348 wuauserv - ok
14:55:52.0286 3348 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:55:52.0287 3348 WudfPf - ok
14:55:52.0310 3348 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:55:52.0311 3348 WUDFRd - ok
14:55:52.0317 3348 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:55:52.0319 3348 wudfsvc - ok
14:55:52.0331 3348 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
14:55:52.0334 3348 WwanSvc - ok
14:55:52.0344 3348 ================ Scan global ===============================
14:55:52.0362 3348 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
14:55:52.0378 3348 [ A9F564F254E9DDDE120A7135767EC24B ] C:\Windows\system32\winsrv.dll
14:55:52.0384 3348 [ A9F564F254E9DDDE120A7135767EC24B ] C:\Windows\system32\winsrv.dll
14:55:52.0400 3348 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
14:55:52.0428 3348 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
14:55:52.0431 3348 [Global] - ok
14:55:52.0431 3348 ================ Scan MBR ==================================
14:55:52.0440 3348 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:55:52.0804 3348 \Device\Harddisk0\DR0 - ok
14:55:52.0805 3348 ================ Scan VBR ==================================
14:55:52.0807 3348 [ 87F1A73E69069CA23684DF5D46F06F20 ] \Device\Harddisk0\DR0\Partition1
14:55:52.0808 3348 \Device\Harddisk0\DR0\Partition1 - ok
14:55:52.0823 3348 [ A998072EBA7083BBA090EBC55FE541A6 ] \Device\Harddisk0\DR0\Partition2
14:55:52.0825 3348 \Device\Harddisk0\DR0\Partition2 - ok
14:55:52.0825 3348 ============================================================
14:55:52.0825 3348 Scan finished
14:55:52.0825 3348 ============================================================
14:55:52.0835 0776 Detected object count: 0
14:55:52.0836 0776 Actual detected object count: 0

#5 Rony173

Rony173
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 03 August 2013 - 01:26 PM

MBAM REPORT=

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.03.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
4u :: 4U-PC [administrator]

Protection: Enabled

8/3/2013 2:15:15 PM
mbam-log-2013-08-03 (14-15-15).txt

Scan type: Full scan (C:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 246548
Time elapsed: 12 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\4u\Desktop\Malwarebytes Anti-Malware 1.70.0.1100 PRO Final [Cyclonoid].rar (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
C:\Users\4u\Desktop\Malwarebytes Anti-Malware PRO 2013 v1.70.0.1100 Final + Keymaker\KeyMaker\KeyMaker.exe (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.

(end)

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:33 PM

Posted 03 August 2013 - 08:55 PM

Your copy of MBAm is pirated and probably came with malware installed.

Please post the ESET log and these..

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



When done, download CKScanner:
http://downloads.malwareremoval.com/CKScanner.exe

Important: - Save it to your Desktop

Double-click CKScanner.exe, then, click: Search For Files
When a list appears, click: Save List To File
A message box verifies the file saved.

Double-click the CKFiles.txt on your Desktop, and copy/paste the contents in your reply.

Edited by boopme, 21 December 2014 - 09:57 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Rony173

Rony173
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 03 August 2013 - 11:58 PM

MiniToolBox by Farbar Version: 13-07-2013
Ran by 4u (administrator) on 04-08-2013 at 10:08:49
Running from "C:\Users\4u\Desktop"
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================



# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="ethernet_6" address=192.168.56.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : 4u-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 5ms, Average = 3ms
===========================================================================
Interface List
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/04/2013 10:06:04 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2013 08:54:17 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2013 07:57:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2013 07:51:36 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2013 11:40:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2013 03:20:45 AM) (Source: PandoraService.exe) (User: )
Description: Socket Error # 11001
Host not found.

Error: (08/04/2013 03:03:07 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2013 01:33:42 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2013 00:09:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2013 10:41:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/04/2013 07:55:02 AM) (Source: Service Control Manager) (User: )
Description: The Change Modem Device Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/02/2013 10:27:58 PM) (Source: Service Control Manager) (User: )
Description: The Change Modem Device Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (08/02/2013 05:17:40 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (08/02/2013 05:17:39 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (08/02/2013 05:17:38 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (08/01/2013 08:27:06 AM) (Source: Service Control Manager) (User: )
Description: The Intel® Content Protection HECI Service service terminated with the following error:
%%-2147024637

Error: (08/01/2013 08:26:19 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (08/01/2013 08:00:10 AM) (Source: Service Control Manager) (User: )
Description: The PandoraService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (08/01/2013 07:30:24 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (08/01/2013 07:25:23 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.


Microsoft Office Sessions:
=========================
Error: (08/04/2013 10:06:04 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2013 08:54:17 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2013 07:57:39 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2013 07:51:36 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2013 11:40:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2013 03:20:45 AM) (Source: PandoraService.exe)(User: )
Description: Socket Error # 11001
Host not found.

Error: (08/04/2013 03:03:07 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2013 01:33:42 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2013 00:09:39 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2013 10:41:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2013-08-04 04:41:10.280
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\HDD\Rony\Software\NEW ICONSSSSSSSSSSSSSSS\MY ICON\New Pakag\avgwsc.exe because the set of per-page image hashes could not be found on the system.

Date: 2013-08-04 04:41:10.249
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\HDD\Rony\Software\NEW ICONSSSSSSSSSSSSSSS\MY ICON\New Pakag\avgwsc.exe because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Bridge From Special K
Chessmaster 10th Edition (Version: 1.0.0)
EPSON Drivers Update Utility For Windows 7
EPSON Scan
Foxit Reader (Version: 5.4.5.124)
Google Chrome (Version: 18.0.1025.142)
Google Update Helper (Version: 1.3.21.99)
Hard Disk Sentinel PRO
Intel® Processor Graphics (Version: 9.17.10.2843)
Intel® SDK for OpenCL - CPU Only Runtime Package (Version: 2.0.0.37149)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
K-Lite Codec Pack 8.2.0 (Full) (Version: 8.2.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
MMX352G 3G USB Manager version 5.490
Net Meter 3.6 build 437 (Version: 3.6 build 437)
ON_OFF Charge B12.0308.1 (Version: 1.00.0001)
Pandora Service
Realtek High Definition Audio Driver (Version: 6.0.1.6662)
The KMPlayer (remove only) (Version: 3.4.0.59)
Ubuntu (Version: 12.04-rev269)
WinRAR 4.10 beta 2 (32-bit) (Version: 4.10.2)

========================= Memory info: ===================================

Percentage of memory in use: 19%
Total physical RAM: 3487.64 MB
Available physical RAM: 2802.73 MB
Total Pagefile: 6973.57 MB
Available Pagefile: 6221.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1939.24 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:184.06 GB) (Free:164.47 GB) NTFS
3 Drive e: (New Volume) (Fixed) (Total:48.83 GB) (Free:47.24 GB) NTFS

========================= Users: ========================================

User accounts for \\4U-PC

4u Administrator Guest


**** End of log ****

#8 Rony173

Rony173
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 04 August 2013 - 12:01 AM

# AdwCleaner v2.306 - Logfile created 08/04/2013 at 10:10:56
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : 4u - 4U-PC
# Boot Mode : Normal
# Running from : C:\Users\4u\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\PIP
Key Deleted : HKLM\Software\PIP

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Google Chrome v18.0.1025.142

File : C:\Users\4u\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [744 octets] - [04/08/2013 10:10:56]

########## EOF - C:\AdwCleaner[S1].txt - [803 octets] ##########

CKScanner 2.3 - Additional Security Risks - These are not necessarily bad
scanner sequence 3.MN.11.WJAPMW
----- EOF -----

#9 Rony173

Rony173
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 04 August 2013 - 12:47 AM

I install essetonline scanner nd it take about 60mb to update but after downloading database i scan as i tlod but no infection found nd there was no log .... So i cant't copy anything

#10 Rony173

Rony173
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 04 August 2013 - 01:18 AM

I scan by Mbam then i found this log


Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.03.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
4u :: 4U-PC [administrator]

Protection: Enabled

8/4/2013 11:24:11 AM
mbam-log-2013-08-04 (11-24-11).txt

Scan type: Full scan (C:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 246807
Time elapsed: 15 minute(s), 14 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\HT (Rogue.Antispy) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#11 Rony173

Rony173
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 04 August 2013 - 01:20 AM

I thought my prblm solved then again after few hours same problem happens n i search again it detects the same file again

#12 Rony173

Rony173
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 04 August 2013 - 01:28 AM

Here is the snap of my problem

http://m.facebook.com/photo.php?fbid=485627034863614&id=100002489653096&set=p.485627034863614&_mn_=5&refid=18



http://m.facebook.com/photo.php?fbid=485627771530207&id=100002489653096&set=p.485627771530207&_mn_=5&refid=18

#13 Rony173

Rony173
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 04 August 2013 - 02:02 PM

Need suuport ,, plz help

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:33 PM

Posted 04 August 2013 - 10:32 PM

Both those images are just black Facebook pages..

I think there is deeper malware as your logs do not look right.. WE need to start a new topic.
Include this link back here
http://www.bleepingcomputer.com/forums/t/503196/internet-explorer-opening-randomly/#entry3121345

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Rony173

Rony173
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 05 August 2013 - 12:08 PM

Dds

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.17.2
Run by 4u at 21:35:53 on 2013-08-05
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3488.2767 [GMT 5.5:30]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\ProgramData\ChgService.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\PANDORA.TV\PanService\PanProcess.exe
C:\Program Files\HT\SystemA\svconn.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\HooTech\NetMeter\HooNetMeter.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\explorer.exe
C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://easy-google-search.blogspot.com/
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [NetMeter] c:\program files\hootech\netmeter\HooNetMeter.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [svconn] c:\program files\ht\systema\svconn.exe /STARTUP
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-13 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-5-8 119024]
R2 Change Modem Device Service;Change Modem Device Service;c:\programdata\ChgService.exe [2013-8-2 135168]
R2 PanService;PandoraService;c:\program files\pandora.tv\panservice\PandoraService.exe [2013-8-1 625304]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-19 130384]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-8-4 418376]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-8-4 701512]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\drivers\cmnsusbser.sys [2013-8-2 105984]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-8-4 22856]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 15872]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 25600]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-21 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 27264]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]
.
=============== Created Last 30 ================
.
2013-08-05 16:01:42 -------- d-----w- c:\windows\ERUNT
2013-08-05 10:04:01 -------- d-----w- c:\programdata\SUPERSetup
2013-08-05 10:00:23 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-08-05 10:00:23 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-08-05 09:33:02 -------- d-----w- c:\users\4u\appdata\roaming\SUPERAntiSpyware.com
2013-08-04 05:06:11 -------- d-----w- c:\program files\ESET
2013-08-04 02:25:01 -------- d-----w- C:\_OTL
2013-08-03 21:37:53 -------- d-----w- c:\windows\system32\appmgmt
2013-08-03 21:10:40 -------- d-----w- c:\users\4u\appdata\roaming\HTNetMeter
2013-08-03 21:10:40 -------- d-----w- c:\program files\HooTech
2013-08-03 19:42:34 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-03 19:42:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-08-03 18:36:30 -------- d-----w- c:\users\4u\appdata\roaming\HTML Executable
2013-08-03 18:35:31 -------- d-----w- c:\users\4u\appdata\roaming\Malwarebytes
2013-08-03 18:35:28 -------- d-----w- c:\programdata\Malwarebytes
2013-08-03 18:35:21 -------- d-----w- c:\users\4u\appdata\local\Programs
2013-08-02 19:23:42 -------- d-----w- c:\users\4u\appdata\roaming\Hard Disk Sentinel
2013-08-02 19:23:36 -------- d-----w- c:\program files\Hard Disk Sentinel
2013-08-02 19:13:07 -------- d-----w- c:\users\4u\VirtualBox VMs
2013-08-02 19:12:08 -------- d-----w- c:\users\4u\.VirtualBox
2013-08-02 19:11:52 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2013-08-02 19:11:45 91952 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2013-08-02 16:57:57 135168 ----a-w- c:\programdata\ChgService.exe
2013-08-02 16:57:57 105984 ----a-w- c:\windows\system32\drivers\cmnsusbser.sys
2013-08-02 16:57:57 103424 ----a-w- c:\windows\system32\MyDIT_GenClassCoInst.dll
2013-08-02 16:57:57 -------- d-----w- c:\program files\MMX352G 3G USB Manager
2013-08-01 23:40:05 -------- d-----w- c:\windows\pss
2013-08-01 02:59:41 31272 ----a-w- c:\windows\system32\AppleChargerSrv.exe
2013-08-01 02:59:41 19056 ----a-w- c:\windows\system32\drivers\AppleCharger.sys
2013-08-01 02:59:26 753664 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll
2013-08-01 02:59:26 69714 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll
2013-08-01 02:59:26 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll
2013-08-01 02:59:26 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll
2013-08-01 02:59:26 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll
2013-08-01 02:59:26 184320 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll
2013-08-01 02:49:49 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2013-08-01 02:48:05 -------- d-----w- c:\users\4u\appdata\local\Google
2013-08-01 02:39:33 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-08-01 02:39:33 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-01 02:39:29 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-08-01 02:39:17 -------- d-sh--w- c:\windows\Installer
2013-08-01 02:37:38 71680 ----a-w- c:\windows\system32\escwiad.dll
2013-08-01 02:37:38 -------- d-----w- c:\program files\epson
2013-08-01 02:37:11 -------- d-----w- c:\program files\Foxit Software
2013-08-01 02:36:57 -------- d-----w- c:\users\4u\appdata\local\EPSON Drivers Update Utility For Windows 7
2013-08-01 02:36:25 80024 ----a-w- c:\windows\system32\PICSDK.dll
2013-08-01 02:36:25 71840 ----a-w- c:\windows\system32\EPPicMgr.dll
2013-08-01 02:36:25 501912 ----a-w- c:\windows\system32\PICSDK2.dll
2013-08-01 02:36:25 120992 ----a-w- c:\windows\system32\EpPicPrt.dll
2013-08-01 02:36:25 108704 ----a-w- c:\windows\system32\PICEntry.dll
2013-08-01 02:31:56 -------- d-----w- c:\program files\Chessmaster 10th Edition
2013-08-01 02:31:19 -------- d-----w- c:\users\4u\appdata\roaming\Special K Software
2013-08-01 02:31:13 -------- d-----w- c:\program files\Bridge From Special K
2013-08-01 02:30:09 -------- d-----w- c:\program files\PANDORA.TV
2013-08-01 02:30:04 -------- d-----w- c:\program files\The KMPlayer
2013-08-01 02:29:54 839680 ----a-w- c:\windows\system32\lameACM.acm
2013-08-01 02:29:54 79360 ----a-w- c:\windows\system32\ff_vfw.dll
2013-08-01 02:29:54 650752 ----a-w- c:\windows\system32\xvidcore.dll
2013-08-01 02:29:54 243200 ----a-w- c:\windows\system32\xvidvfw.dll
2013-08-01 02:29:54 175616 ----a-w- c:\windows\system32\unrar.dll
2013-08-01 02:29:54 151552 ----a-w- c:\windows\system32\ac3acm.acm
2013-08-01 02:29:53 -------- d-----w- c:\program files\K-Lite Codec Pack
2013-08-01 02:24:34 -------- d-----w- c:\users\4u\appdata\local\Microsoft Games
2013-08-01 02:23:03 -------- d-----w- c:\programdata\hsa
2013-08-01 02:23:03 -------- d-----w- c:\program files\HEM
2013-08-01 02:23:01 -------- d-----w- c:\program files\HT
2013-08-01 02:14:57 -------- d-----w- c:\users\4u\appdata\local\Diagnostics
2013-07-31 08:38:43 -------- d-----w- c:\windows\Panther
2013-07-31 08:38:30 -------- d-sh--w- C:\Boot
.
==================== Find3M ====================
.
.
============= FINISH: 21:36:04.19 ===============




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users