Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PC , Running extremely slow in browser


  • Please log in to reply
13 replies to this topic

#1 Franconian

Franconian

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:16 AM

Posted 20 February 2012 - 09:10 PM

Hello, I think my PC has a virus. IE is running at about 1/10 speed or less. I get a security popup ( on almost every page ) that I only used to see on Paypal or a simular Webpage . Stating "Your about to leave a secure internet connection" and the counterpart to that warning "Your viewing on a secure connection" or something like that. Tryed several freeware virus programs ( to try to rid the Virus ) and no luck. I run (AVG free) normally. If I could get some help , I would greatly appreciate it .

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 60,047 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:16 AM

Posted 21 February 2012 - 03:20 PM

Hello and welcome.


Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.
Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.



Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now reboot to Normal and run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#3 Franconian

Franconian
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:16 AM

Posted 21 February 2012 - 08:31 PM

Ok , done with scans. here are the logs. PC still slow in browsers.


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 02/21/2012 at 07:47 PM

Application Version : 5.0.1144

Core Rules Database Version : 8262
Trace Rules Database Version: 6074

Scan type : Complete Scan
Total Scan Time : 03:12:25

Operating System Information
Windows Vista Home Premium 64-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User

Memory items scanned : 673
Memory threats detected : 0
Registry items scanned : 68344
Registry threats detected : 51
File items scanned : 422560
File threats detected : 6

Adware.HBHelper
(x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
(x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32
(x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32#ThreadingModel
(x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ProgID
(x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\TypeLib
(x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\VersionIndependentProgID
(x86) HKLM\Software\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
(x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
(x86) HKCR\URLSearchHook.ToolbarURLSearchHook.1
(x86) HKCR\URLSearchHook.ToolbarURLSearchHook.1\CLSID
(x86) HKCR\URLSearchHook.ToolbarURLSearchHook
(x86) HKCR\URLSearchHook.ToolbarURLSearchHook\CLSID
(x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
(x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0
(x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\0
(x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\0\win32
(x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\FLAGS
(x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\HELPDIR
C:\PROGRAM FILES (X86)\SOMUD DB TOOLBAR\TBHELPER.DLL

Browser Hijacker.Deskbar
(x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
(x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid
(x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid32
(x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib
(x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib#Version

PUP.Whitesmoke
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator#Build
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator#ContentVersion
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator#Dir
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator#DistID
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator#ProductID
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator#SerialKeyOld
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator#TellFriendNum
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator#TellFriendStr
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator#Version
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls#Demo
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls#DictExpired
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls#DictLanding
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls#DictURL
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls#FAQ
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls#PostURL
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls#Purchase
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls#RegistrationForm
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls#RegistrationURL
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls#Support
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls#UpgradeProfile
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls#UseIt
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls#UserGuide
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls#WebClient
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls#WebTemplateWelcome
(x86) HKLM\SOFTWARE\WhiteSmokeTranslator\SoftwareUrls#WelcomeURL
(x86) HKU\S-1-5-21-350077714-118987829-3844419159-1000\Software\WhiteSmokeTranslator

Trojan.Agent/Gen-Frauder
C:\PROGRAM FILES (X86)\EA GAMES\KINGDOMS OF AMALUR RECKONING\LAUNCHER.EXE

Adware.Tracking Cookie
C:\USERS\GUEST\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\[email protected][1].TXT [ /ADS.POINTROLL ]
C:\USERS\GUEST\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GUEST@APMEBF[1].TXT [ /APMEBF ]
C:\USERS\GUEST\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\[email protected][1].TXT [ /MICROSOFTWINDOWS.112.2O7 ]
C:\USERS\GUEST\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\GUEST@STATCOUNTER[2].TXT [ /STATCOUNTER ]









MBAM


Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.21.06

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Admin :: MAX [administrator]

Protection: Disabled

2/21/2012 8:18:20 PM
mbam-log-2012-02-21 (20-18-20).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 223496
Time elapsed: 4 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 60,047 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:16 AM

Posted 21 February 2012 - 09:02 PM

Hello again, lets clear out more..
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.


clear my web browser's cache



Run TFC by OT (Temp File Cleaner)
Please download TFC by Old Timer and save it to your desktop.
alternate download link

Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#5 Franconian

Franconian
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:16 AM

Posted 21 February 2012 - 09:54 PM

Ok, I did as you said.




21:25:00.0687 4760 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
21:25:00.0982 4760 ============================================================
21:25:00.0982 4760 Current date / time: 2012/02/21 21:25:00.0982
21:25:00.0982 4760 SystemInfo:
21:25:00.0982 4760
21:25:00.0982 4760 OS Version: 6.0.6002 ServicePack: 2.0
21:25:00.0982 4760 Product type: Workstation
21:25:00.0982 4760 ComputerName: MAX
21:25:00.0983 4760 UserName: Admin
21:25:00.0983 4760 Windows directory: C:\Windows
21:25:00.0983 4760 System windows directory: C:\Windows
21:25:00.0983 4760 Running under WOW64
21:25:00.0983 4760 Processor architecture: Intel x64
21:25:00.0983 4760 Number of processors: 4
21:25:00.0983 4760 Page size: 0x1000
21:25:00.0983 4760 Boot type: Normal boot
21:25:00.0983 4760 ============================================================
21:25:01.0970 4760 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:25:01.0976 4760 Drive \Device\Harddisk1\DR1 - Size: 0x11C0000 (0.02 Gb), SectorSize: 0x200, Cylinders: 0x2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:25:01.0998 4760 \Device\Harddisk0\DR0:
21:25:01.0998 4760 MBR used
21:25:01.0998 4760 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
21:25:01.0998 4760 \Device\Harddisk1\DR1:
21:25:02.0001 4760 Invalid mbr signature
21:25:02.0026 4760 Initialize success
21:25:02.0026 4760 ============================================================
21:25:07.0304 2904 ============================================================
21:25:07.0304 2904 Scan started
21:25:07.0304 2904 Mode: Manual;
21:25:07.0304 2904 ============================================================
21:25:08.0636 2904 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
21:25:08.0640 2904 ACPI - ok
21:25:08.0671 2904 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
21:25:08.0677 2904 adp94xx - ok
21:25:08.0694 2904 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
21:25:08.0698 2904 adpahci - ok
21:25:08.0720 2904 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
21:25:08.0723 2904 adpu160m - ok
21:25:08.0746 2904 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
21:25:08.0749 2904 adpu320 - ok
21:25:08.0801 2904 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
21:25:08.0805 2904 AFD - ok
21:25:08.0825 2904 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
21:25:08.0826 2904 agp440 - ok
21:25:08.0861 2904 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
21:25:08.0863 2904 aic78xx - ok
21:25:08.0888 2904 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
21:25:08.0889 2904 aliide - ok
21:25:08.0923 2904 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
21:25:08.0924 2904 amdide - ok
21:25:08.0950 2904 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
21:25:08.0952 2904 amdiox64 - ok
21:25:08.0974 2904 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
21:25:08.0976 2904 AmdK8 - ok
21:25:09.0166 2904 amdkmdag (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
21:25:09.0307 2904 amdkmdag - ok
21:25:09.0522 2904 amdkmdap (b9e1c7b7f1865f99b16ff2e1bb94edb6) C:\Windows\system32\DRIVERS\atikmpag.sys
21:25:09.0526 2904 amdkmdap - ok
21:25:09.0699 2904 AODDriver4.01 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
21:25:09.0711 2904 AODDriver4.01 - ok
21:25:09.0735 2904 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
21:25:09.0737 2904 arc - ok
21:25:09.0753 2904 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
21:25:09.0755 2904 arcsas - ok
21:25:09.0790 2904 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
21:25:09.0802 2904 AsyncMac - ok
21:25:09.0842 2904 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
21:25:09.0843 2904 atapi - ok
21:25:10.0069 2904 AtiHDAudioService (1a872ab76d00f52643bb0f81792bbf3b) C:\Windows\system32\drivers\AtihdLH6.sys
21:25:10.0072 2904 AtiHDAudioService - ok
21:25:10.0117 2904 AtiHdmiService (a48798722f2a9654e22226f3eadb203b) C:\Windows\system32\drivers\AtiHdmi.sys
21:25:10.0119 2904 AtiHdmiService - ok
21:25:10.0340 2904 atikmdag (9e3b4946f7e1bca0b763e19d81edbf2c) C:\Windows\system32\DRIVERS\atikmdag.sys
21:25:10.0399 2904 atikmdag - ok
21:25:10.0443 2904 AVGIDSDriver (fa46adf6e497cf185160f09e603ce2a3) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
21:25:10.0445 2904 AVGIDSDriver - ok
21:25:10.0495 2904 AVGIDSEH (d6b93e5d8b96a66f55a4d2ee7f24667c) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
21:25:10.0495 2904 AVGIDSEH - ok
21:25:10.0510 2904 AVGIDSFilter (ff6551f1ab0da3b30c9dec923f21b504) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
21:25:10.0511 2904 AVGIDSFilter - ok
21:25:10.0559 2904 Avgldx64 (dadfccfb036da99fa83e7e1d29290a6c) C:\Windows\system32\DRIVERS\avgldx64.sys
21:25:10.0562 2904 Avgldx64 - ok
21:25:10.0570 2904 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
21:25:10.0570 2904 Avgmfx64 - ok
21:25:10.0600 2904 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
21:25:10.0601 2904 Avgrkx64 - ok
21:25:10.0660 2904 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
21:25:10.0665 2904 Avgtdia - ok
21:25:10.0730 2904 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
21:25:10.0732 2904 blbdrive - ok
21:25:10.0778 2904 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
21:25:10.0780 2904 bowser - ok
21:25:10.0803 2904 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
21:25:10.0805 2904 BrFiltLo - ok
21:25:10.0824 2904 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
21:25:10.0825 2904 BrFiltUp - ok
21:25:10.0846 2904 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
21:25:10.0848 2904 Brserid - ok
21:25:10.0867 2904 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
21:25:10.0868 2904 BrSerWdm - ok
21:25:10.0964 2904 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
21:25:10.0965 2904 BrUsbMdm - ok
21:25:11.0003 2904 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
21:25:11.0004 2904 BrUsbSer - ok
21:25:11.0025 2904 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
21:25:11.0026 2904 BTHMODEM - ok
21:25:11.0046 2904 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
21:25:11.0047 2904 cdfs - ok
21:25:11.0094 2904 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
21:25:11.0096 2904 cdrom - ok
21:25:11.0116 2904 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
21:25:11.0117 2904 circlass - ok
21:25:11.0166 2904 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
21:25:11.0170 2904 CLFS - ok
21:25:11.0194 2904 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
21:25:11.0195 2904 cmdide - ok
21:25:11.0208 2904 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
21:25:11.0210 2904 Compbatt - ok
21:25:11.0249 2904 cpuz132 (c9c25778efe890baa4087e32937016a0) C:\Windows\system32\drivers\cpuz132_x64.sys
21:25:11.0250 2904 cpuz132 - ok
21:25:11.0267 2904 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
21:25:11.0267 2904 crcdisk - ok
21:25:11.0329 2904 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
21:25:11.0330 2904 DfsC - ok
21:25:11.0342 2904 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
21:25:11.0343 2904 disk - ok
21:25:11.0370 2904 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
21:25:11.0372 2904 drmkaud - ok
21:25:11.0433 2904 DrvAgent64 (1ed08a6264c5c92099d6d1dae5e8f530) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
21:25:11.0434 2904 DrvAgent64 - ok
21:25:11.0500 2904 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
21:25:11.0510 2904 DXGKrnl - ok
21:25:11.0559 2904 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
21:25:11.0561 2904 E1G60 - ok
21:25:11.0610 2904 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
21:25:11.0611 2904 Ecache - ok
21:25:11.0638 2904 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
21:25:11.0643 2904 elxstor - ok
21:25:11.0665 2904 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
21:25:11.0666 2904 ErrDev - ok
21:25:11.0724 2904 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
21:25:11.0727 2904 exfat - ok
21:25:11.0750 2904 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
21:25:11.0752 2904 fastfat - ok
21:25:11.0774 2904 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
21:25:11.0775 2904 fdc - ok
21:25:11.0788 2904 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
21:25:11.0789 2904 FileInfo - ok
21:25:11.0805 2904 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
21:25:11.0806 2904 Filetrace - ok
21:25:11.0828 2904 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
21:25:11.0830 2904 flpydisk - ok
21:25:11.0877 2904 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
21:25:11.0880 2904 FltMgr - ok
21:25:11.0920 2904 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
21:25:11.0921 2904 fssfltr - ok
21:25:11.0944 2904 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
21:25:11.0946 2904 Fs_Rec - ok
21:25:11.0972 2904 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
21:25:11.0973 2904 gagp30kx - ok
21:25:11.0995 2904 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:25:11.0996 2904 GEARAspiWDM - ok
21:25:12.0047 2904 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
21:25:12.0051 2904 HdAudAddService - ok
21:25:12.0103 2904 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:25:12.0113 2904 HDAudBus - ok
21:25:12.0143 2904 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
21:25:12.0144 2904 HidBth - ok
21:25:12.0160 2904 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
21:25:12.0162 2904 HidIr - ok
21:25:12.0187 2904 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
21:25:12.0189 2904 HidUsb - ok
21:25:12.0233 2904 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
21:25:12.0234 2904 HpCISSs - ok
21:25:12.0285 2904 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
21:25:12.0292 2904 HTTP - ok
21:25:12.0309 2904 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
21:25:12.0310 2904 i2omp - ok
21:25:12.0330 2904 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
21:25:12.0332 2904 i8042prt - ok
21:25:12.0357 2904 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
21:25:12.0361 2904 iaStorV - ok
21:25:12.0383 2904 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
21:25:12.0384 2904 iirsp - ok
21:25:12.0437 2904 IntcAzAudAddService (e5c695ecc8d7b732b3d180c37dac099a) C:\Windows\system32\drivers\RTKVHD64.sys
21:25:12.0467 2904 IntcAzAudAddService - ok
21:25:12.0485 2904 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
21:25:12.0486 2904 intelide - ok
21:25:12.0507 2904 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
21:25:12.0508 2904 intelppm - ok
21:25:12.0550 2904 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:25:12.0552 2904 IpFilterDriver - ok
21:25:12.0561 2904 IpInIp - ok
21:25:12.0581 2904 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
21:25:12.0582 2904 IPMIDRV - ok
21:25:12.0601 2904 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
21:25:12.0604 2904 IPNAT - ok
21:25:12.0630 2904 irda (86583188c7157ffda249529423fc3e6f) C:\Windows\system32\DRIVERS\irda.sys
21:25:12.0633 2904 irda - ok
21:25:12.0641 2904 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
21:25:12.0642 2904 IRENUM - ok
21:25:12.0702 2904 irsir (d2ca12736624ba636f8357dc3ef0757e) C:\Windows\system32\DRIVERS\irsir.sys
21:25:12.0703 2904 irsir - ok
21:25:12.0726 2904 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
21:25:12.0728 2904 isapnp - ok
21:25:12.0776 2904 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
21:25:12.0778 2904 iScsiPrt - ok
21:25:12.0798 2904 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
21:25:12.0799 2904 iteatapi - ok
21:25:12.0816 2904 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
21:25:12.0818 2904 iteraid - ok
21:25:12.0840 2904 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
21:25:12.0841 2904 kbdclass - ok
21:25:12.0892 2904 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
21:25:12.0893 2904 kbdhid - ok
21:25:12.0946 2904 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
21:25:12.0951 2904 KSecDD - ok
21:25:12.0966 2904 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
21:25:12.0967 2904 ksthunk - ok
21:25:12.0991 2904 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
21:25:12.0992 2904 lltdio - ok
21:25:13.0012 2904 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
21:25:13.0015 2904 LSI_FC - ok
21:25:13.0054 2904 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
21:25:13.0056 2904 LSI_SAS - ok
21:25:13.0080 2904 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
21:25:13.0082 2904 LSI_SCSI - ok
21:25:13.0104 2904 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
21:25:13.0106 2904 luafv - ok
21:25:13.0132 2904 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
21:25:13.0133 2904 megasas - ok
21:25:13.0164 2904 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
21:25:13.0169 2904 MegaSR - ok
21:25:13.0193 2904 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
21:25:13.0195 2904 Modem - ok
21:25:13.0218 2904 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
21:25:13.0219 2904 monitor - ok
21:25:13.0230 2904 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
21:25:13.0232 2904 mouclass - ok
21:25:13.0243 2904 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
21:25:13.0244 2904 mouhid - ok
21:25:13.0253 2904 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
21:25:13.0254 2904 MountMgr - ok
21:25:13.0279 2904 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
21:25:13.0281 2904 mpio - ok
21:25:13.0304 2904 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
21:25:13.0306 2904 mpsdrv - ok
21:25:13.0328 2904 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
21:25:13.0329 2904 Mraid35x - ok
21:25:13.0370 2904 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
21:25:13.0372 2904 MRxDAV - ok
21:25:13.0414 2904 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:25:13.0416 2904 mrxsmb - ok
21:25:13.0473 2904 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:25:13.0476 2904 mrxsmb10 - ok
21:25:13.0494 2904 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:25:13.0495 2904 mrxsmb20 - ok
21:25:13.0515 2904 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
21:25:13.0517 2904 msahci - ok
21:25:13.0537 2904 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
21:25:13.0539 2904 msdsm - ok
21:25:13.0600 2904 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
21:25:13.0601 2904 Msfs - ok
21:25:13.0608 2904 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
21:25:13.0609 2904 msisadrv - ok
21:25:13.0633 2904 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
21:25:13.0634 2904 MSKSSRV - ok
21:25:13.0645 2904 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
21:25:13.0646 2904 MSPCLOCK - ok
21:25:13.0656 2904 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
21:25:13.0657 2904 MSPQM - ok
21:25:13.0710 2904 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
21:25:13.0714 2904 MsRPC - ok
21:25:13.0725 2904 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
21:25:13.0726 2904 mssmbios - ok
21:25:13.0751 2904 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
21:25:13.0752 2904 MSTEE - ok
21:25:13.0777 2904 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
21:25:13.0778 2904 Mup - ok
21:25:13.0813 2904 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
21:25:13.0815 2904 NativeWifiP - ok
21:25:13.0870 2904 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
21:25:13.0877 2904 NDIS - ok
21:25:13.0885 2904 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
21:25:13.0886 2904 NdisTapi - ok
21:25:13.0929 2904 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
21:25:13.0930 2904 Ndisuio - ok
21:25:13.0974 2904 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
21:25:13.0977 2904 NdisWan - ok
21:25:13.0991 2904 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
21:25:13.0993 2904 NDProxy - ok
21:25:14.0010 2904 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
21:25:14.0011 2904 NetBIOS - ok
21:25:14.0026 2904 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
21:25:14.0029 2904 netbt - ok
21:25:14.0072 2904 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
21:25:14.0073 2904 nfrd960 - ok
21:25:14.0121 2904 NPF (3ceee0be85d24d911b9c02714817774c) C:\Windows\system32\drivers\npf.sys
21:25:14.0122 2904 NPF - ok
21:25:14.0130 2904 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
21:25:14.0130 2904 Npfs - ok
21:25:14.0170 2904 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
21:25:14.0171 2904 nsiproxy - ok
21:25:14.0246 2904 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
21:25:14.0271 2904 Ntfs - ok
21:25:14.0279 2904 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
21:25:14.0280 2904 Null - ok
21:25:14.0299 2904 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
21:25:14.0302 2904 nvraid - ok
21:25:14.0323 2904 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
21:25:14.0324 2904 nvstor - ok
21:25:14.0348 2904 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
21:25:14.0350 2904 nv_agp - ok
21:25:14.0357 2904 NwlnkFlt - ok
21:25:14.0366 2904 NwlnkFwd - ok
21:25:14.0417 2904 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
21:25:14.0418 2904 ohci1394 - ok
21:25:14.0451 2904 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
21:25:14.0457 2904 Parport - ok
21:25:14.0527 2904 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
21:25:14.0528 2904 partmgr - ok
21:25:14.0558 2904 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
21:25:14.0559 2904 pci - ok
21:25:14.0586 2904 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
21:25:14.0586 2904 pciide - ok
21:25:14.0607 2904 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
21:25:14.0610 2904 pcmcia - ok
21:25:14.0634 2904 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
21:25:14.0641 2904 PEAUTH - ok
21:25:14.0716 2904 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
21:25:14.0718 2904 PptpMiniport - ok
21:25:14.0734 2904 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\DRIVERS\processr.sys
21:25:14.0735 2904 Processor - ok
21:25:14.0752 2904 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
21:25:14.0754 2904 PSched - ok
21:25:14.0791 2904 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
21:25:14.0816 2904 ql2300 - ok
21:25:14.0837 2904 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
21:25:14.0840 2904 ql40xx - ok
21:25:14.0856 2904 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
21:25:14.0857 2904 QWAVEdrv - ok
21:25:14.0871 2904 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
21:25:14.0872 2904 RasAcd - ok
21:25:14.0923 2904 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:25:14.0925 2904 Rasl2tp - ok
21:25:14.0968 2904 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
21:25:14.0970 2904 RasPppoe - ok
21:25:14.0978 2904 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
21:25:14.0980 2904 RasSstp - ok
21:25:15.0025 2904 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
21:25:15.0028 2904 rdbss - ok
21:25:15.0036 2904 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:25:15.0037 2904 RDPCDD - ok
21:25:15.0059 2904 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
21:25:15.0063 2904 rdpdr - ok
21:25:15.0071 2904 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
21:25:15.0072 2904 RDPENCDD - ok
21:25:15.0102 2904 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
21:25:15.0105 2904 RDPWD - ok
21:25:15.0117 2904 RemoveAny - ok
21:25:15.0158 2904 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
21:25:15.0159 2904 rspndr - ok
21:25:15.0234 2904 SANDRA (993380d8f17822a3c91efb71ea238ce1) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3a\WNt500x64\Sandra.sys
21:25:15.0235 2904 SANDRA - ok
21:25:15.0318 2904 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:25:15.0319 2904 SASDIFSV - ok
21:25:15.0363 2904 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:25:15.0364 2904 SASKUTIL - ok
21:25:15.0386 2904 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
21:25:15.0388 2904 sbp2port - ok
21:25:15.0429 2904 SCDEmu (6ce6f98ea3d07a9c2ce3cd0a5a86352d) C:\Windows\system32\drivers\SCDEmu.sys
21:25:15.0431 2904 SCDEmu - ok
21:25:15.0456 2904 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:25:15.0463 2904 secdrv - ok
21:25:15.0523 2904 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
21:25:15.0524 2904 Serenum - ok
21:25:15.0532 2904 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
21:25:15.0534 2904 Serial - ok
21:25:15.0557 2904 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
21:25:15.0559 2904 sermouse - ok
21:25:15.0583 2904 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
21:25:15.0585 2904 sffdisk - ok
21:25:15.0604 2904 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
21:25:15.0605 2904 sffp_mmc - ok
21:25:15.0622 2904 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
21:25:15.0623 2904 sffp_sd - ok
21:25:15.0642 2904 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
21:25:15.0644 2904 sfloppy - ok
21:25:15.0664 2904 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
21:25:15.0665 2904 SiSRaid2 - ok
21:25:15.0683 2904 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
21:25:15.0684 2904 SiSRaid4 - ok
21:25:15.0729 2904 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
21:25:15.0731 2904 Smb - ok
21:25:15.0782 2904 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
21:25:15.0783 2904 spldr - ok
21:25:15.0820 2904 sptd (88e5162e58c8919cc873f5d8946197cf) C:\Windows\System32\Drivers\sptd.sys
21:25:15.0830 2904 sptd - ok
21:25:15.0883 2904 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
21:25:15.0888 2904 srv - ok
21:25:15.0913 2904 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
21:25:15.0915 2904 srv2 - ok
21:25:15.0944 2904 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
21:25:15.0945 2904 srvnet - ok
21:25:15.0969 2904 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
21:25:15.0970 2904 swenum - ok
21:25:15.0990 2904 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
21:25:15.0992 2904 Symc8xx - ok
21:25:16.0012 2904 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
21:25:16.0013 2904 Sym_hi - ok
21:25:16.0031 2904 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
21:25:16.0032 2904 Sym_u3 - ok
21:25:16.0117 2904 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
21:25:16.0142 2904 Tcpip - ok
21:25:16.0176 2904 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
21:25:16.0183 2904 Tcpip6 - ok
21:25:16.0227 2904 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
21:25:16.0228 2904 tcpipreg - ok
21:25:16.0248 2904 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
21:25:16.0249 2904 TDPIPE - ok
21:25:16.0274 2904 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
21:25:16.0276 2904 TDTCP - ok
21:25:16.0323 2904 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
21:25:16.0325 2904 tdx - ok
21:25:16.0376 2904 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
21:25:16.0377 2904 TermDD - ok
21:25:16.0413 2904 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:25:16.0415 2904 tssecsrv - ok
21:25:16.0423 2904 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
21:25:16.0424 2904 tunmp - ok
21:25:16.0466 2904 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
21:25:16.0474 2904 tunnel - ok
21:25:16.0517 2904 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
21:25:16.0519 2904 uagp35 - ok
21:25:16.0565 2904 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
21:25:16.0569 2904 udfs - ok
21:25:16.0598 2904 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
21:25:16.0600 2904 uliagpkx - ok
21:25:16.0617 2904 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
21:25:16.0620 2904 uliahci - ok
21:25:16.0643 2904 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
21:25:16.0645 2904 UlSata - ok
21:25:16.0667 2904 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
21:25:16.0670 2904 ulsata2 - ok
21:25:16.0678 2904 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
21:25:16.0679 2904 umbus - ok
21:25:16.0723 2904 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
21:25:16.0725 2904 usbaudio - ok
21:25:16.0749 2904 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
21:25:16.0751 2904 usbccgp - ok
21:25:16.0775 2904 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
21:25:16.0777 2904 usbcir - ok
21:25:16.0819 2904 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
21:25:16.0821 2904 usbehci - ok
21:25:16.0837 2904 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
21:25:16.0841 2904 usbhub - ok
21:25:16.0854 2904 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
21:25:16.0855 2904 usbohci - ok
21:25:16.0874 2904 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
21:25:16.0875 2904 usbprint - ok
21:25:16.0901 2904 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
21:25:16.0902 2904 usbscan - ok
21:25:16.0912 2904 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:25:16.0914 2904 USBSTOR - ok
21:25:16.0929 2904 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
21:25:16.0930 2904 usbuhci - ok
21:25:16.0968 2904 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
21:25:16.0969 2904 vga - ok
21:25:16.0991 2904 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
21:25:16.0992 2904 VgaSave - ok
21:25:17.0014 2904 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
21:25:17.0015 2904 viaide - ok
21:25:17.0025 2904 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
21:25:17.0026 2904 volmgr - ok
21:25:17.0070 2904 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
21:25:17.0075 2904 volmgrx - ok
21:25:17.0086 2904 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
21:25:17.0089 2904 volsnap - ok
21:25:17.0108 2904 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
21:25:17.0110 2904 vsmraid - ok
21:25:17.0132 2904 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
21:25:17.0134 2904 WacomPen - ok
21:25:17.0176 2904 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
21:25:17.0178 2904 Wanarp - ok
21:25:17.0182 2904 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
21:25:17.0183 2904 Wanarpv6 - ok
21:25:17.0210 2904 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
21:25:17.0211 2904 Wd - ok
21:25:17.0239 2904 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
21:25:17.0248 2904 Wdf01000 - ok
21:25:17.0293 2904 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:25:17.0294 2904 WmiAcpi - ok
21:25:17.0342 2904 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
21:25:17.0344 2904 WpdUsb - ok
21:25:17.0358 2904 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
21:25:17.0360 2904 ws2ifsl - ok
21:25:17.0385 2904 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:25:17.0386 2904 WUDFRd - ok
21:25:17.0503 2904 X6va002 - ok
21:25:17.0557 2904 yukonx64 (eac900019d31fd79d400ae8626da640d) C:\Windows\system32\DRIVERS\yk60x64.sys
21:25:17.0561 2904 yukonx64 - ok
21:25:17.0581 2904 zntport (c32acb6d3fb23ebf528b676f7b8197b7) C:\Windows\system32\drivers\zntport.sys
21:25:17.0583 2904 zntport - ok
21:25:17.0595 2904 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:25:17.0643 2904 \Device\Harddisk0\DR0 - ok
21:25:17.0684 2904 MBR (0x1B8) (b440bf9f01f09bc245e1b68d7e3a7e38) \Device\Harddisk1\DR1
21:25:18.0741 2904 \Device\Harddisk1\DR1 - ok
21:25:18.0745 2904 Boot (0x1200) (fd36be1e6cc8f2c59525a407a3d86f34) \Device\Harddisk0\DR0\Partition0
21:25:18.0746 2904 \Device\Harddisk0\DR0\Partition0 - ok
21:25:18.0747 2904 ============================================================
21:25:18.0747 2904 Scan finished
21:25:18.0747 2904 ============================================================
21:25:18.0756 5300 Detected object count: 0
21:25:18.0756 5300 Actual detected object count: 0
21:29:52.0058 5640 Deinitialize success





Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
AMD APP SDK Runtime (Version: 10.0.851.4)
AMD Catalyst Install Manager (Version: 3.0.859.0)
AMD Fuel (Version: 2011.1205.2215.39827)
Apple Mobile Device Support (Version: 4.0.0.97)
AVG 2012 (Version: 12.0.1831)
AVG 2012 (Version: 12.0.2090)
AVG 2012 (Version: 2012.0.1831)
Bonjour (Version: 3.0.0.10)
ccc-utility64 (Version: 2011.1205.2215.39827)
CPUID CPU-Z 1.51
DriverAgent by eSupport.com
iCloud (Version: 1.0.1.29)
iTunes (Version: 10.5.1.42)
magicJack (Version: 2.0.6073.4252)
Marvell Miniport Driver (Version: 9.12.4.3)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Automated Troubleshooting Services Shim
Microsoft Fix it Center (Version: 1.0.0100)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server Native Client (Version: 9.00.4035.00)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.58298)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.30729)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (Version: 3.5.30729)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (Version: 6.1.5295.17011)
MobileMe Control Panel (Version: 3.1.8.0)
PeerGuardian 2.0 (Version: 2.1.0.2)
SiSoftware Sandra Lite 2009.SP3a (Version: 15.97.2009.5)
SUPERAntiSpyware (Version: 5.0.1144)
TeamSpeak 3 Client
Ventrilo Client for Windows x64 (Version: 3.0.5.0)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
WinZip 16.0 (Version: 16.0.9661)

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 4094.56 MB
Available physical RAM: 1930.62 MB
Total Pagefile: 8405.65 MB
Available Pagefile: 5532.68 MB
Total Virtual: 4095.88 MB
Available Virtual: 3996.25 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:931.51 GB) (Free:50.19 GB) NTFS
8 Drive k: (PHONE) (Removable) (Total:0.02 GB) (Free:0.02 GB) FAT

========================= Users: ========================================

User accounts for \\MAX

Admin Administrator ASPNET
Guest


**** End of log ****

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 60,047 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:16 AM

Posted 21 February 2012 - 10:41 PM

Hello for some reason we didn't get the top of the Minitoolbox log.. These
•Flush DNS

•Report IE Proxy Settings

•Reset IE Proxy Settings

•Report FF Proxy Settings

•Reset FF Proxy Settings

•List content of Hosts

•List IP configuration

•List Winsock Entries


How is it running now?

We should do a last scan....

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#7 Franconian

Franconian
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:16 AM

Posted 21 February 2012 - 11:11 PM

Not any faster yet, doing ESETscan now, here is another minitoolbox result (complete I hope ).ESET coming . Thanks for your time.





MiniToolBox by Farbar Version: 18-01-2012
Ran by Admin (administrator) on 21-02-2012 at 23:00:23
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Generic Marvell Yukon 88E8053 based Ethernet Controller = Local Area Connection 2 (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Max
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Generic Marvell Yukon 88E8053 based Ethernet Controller
Physical Address. . . . . . . . . : 00-50-43-00-97-FD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a1a2:b535:3f8f:5a7e%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, February 21, 2012 9:39:35 PM
Lease Expires . . . . . . . . . . : Wednesday, February 22, 2012 9:39:35 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 302010435
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-9C-CF-0C-00-01-29-A6-21-A4
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{530DE2CD-F83E-4BDB-9DDA-F96D2BEA7457}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:cba:4c1:9de1:ae19(Preferred)
Link-local IPv6 Address . . . . . : fe80::cba:4c1:9de1:ae19%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: my.router
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.225.101
74.125.225.102
74.125.225.103
74.125.225.104
74.125.225.105
74.125.225.106
74.125.225.107
74.125.225.108
74.125.225.109
74.125.225.110
74.125.225.111
74.125.225.96
74.125.225.97
74.125.225.98
74.125.225.99
74.125.225.100



Pinging google.com [74.125.225.101] with 32 bytes of data:

Reply from 74.125.225.101: bytes=32 time=42ms TTL=54

Reply from 74.125.225.101: bytes=32 time=45ms TTL=54



Ping statistics for 74.125.225.101:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 42ms, Maximum = 45ms, Average = 43ms

Server: my.router
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.127.62
98.139.183.24
209.191.122.70



Pinging yahoo.com [98.139.127.62] with 32 bytes of data:

Reply from 98.139.127.62: bytes=32 time=138ms TTL=51

Reply from 98.139.127.62: bytes=32 time=164ms TTL=51



Ping statistics for 98.139.127.62:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 138ms, Maximum = 164ms, Average = 151ms

Server: my.router
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
15 ...00 50 43 00 97 fd ...... Generic Marvell Yukon 88E8053 based Ethernet Controller
1 ........................... Software Loopback Interface 1
19 ...00 00 00 00 00 00 00 e0 isatap.{530DE2CD-F83E-4BDB-9DDA-F96D2BEA7457}
13 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
17 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
18 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 276
192.168.1.2 255.255.255.255 On-link 192.168.1.2 276
192.168.1.255 255.255.255.255 On-link 192.168.1.2 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 18 ::/0 On-link
1 306 ::1/128 On-link
12 18 2001::/32 On-link
12 266 2001:0:4137:9e76:cba:4c1:9de1:ae19/128
On-link
15 276 fe80::/64 On-link
12 266 fe80::/64 On-link
12 266 fe80::cba:4c1:9de1:ae19/128
On-link
15 276 fe80::a1a2:b535:3f8f:5a7e/128
On-link
1 306 ff00::/8 On-link
12 266 ff00::/8 On-link
15 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/21/2012 09:41:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/21/2012 07:52:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/21/2012 04:25:01 PM) (Source: Application Error) (User: )
Description: Faulting application SUPERAntiSpyware.exe, version 5.0.0.1144, time stamp 0x4ef36d2f, faulting module SUPERAntiSpyware.exe, version 5.0.0.1144, time stamp 0x4ef36d2f, exception code 0xc0000005, fault offset 0x0007712c,
process id 0x17b4, application start time 0xSUPERAntiSpyware.exe0.

Error: (02/21/2012 11:41:08 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/21/2012 11:14:04 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/21/2012 03:19:55 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/20/2012 09:56:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/20/2012 08:13:27 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1b30
Start Time: 01ccf035d34faa09
Termination Time: 10

Error: (02/20/2012 08:07:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/20/2012 06:54:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/21/2012 09:41:04 PM) (Source: Service Control Manager) (User: )
Description: RemoveAny

Error: (02/21/2012 09:39:30 PM) (Source: amdkmdag) (User: )
Description: EDID does not contain the range limitation

Error: (02/21/2012 09:39:21 PM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\SysWow64\Drivers\removeany.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (02/21/2012 09:35:11 PM) (Source: Service Control Manager) (User: )
Description: Advanced SystemCare Service 51

Error: (02/21/2012 07:52:38 PM) (Source: Service Control Manager) (User: )
Description: RemoveAny

Error: (02/21/2012 07:50:54 PM) (Source: amdkmdag) (User: )
Description: EDID does not contain the range limitation

Error: (02/21/2012 07:50:46 PM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\SysWow64\Drivers\removeany.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (02/21/2012 11:41:09 AM) (Source: Service Control Manager) (User: )
Description: RemoveAny

Error: (02/21/2012 11:39:31 AM) (Source: amdkmdag) (User: )
Description: EDID does not contain the range limitation

Error: (02/21/2012 11:39:23 AM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\SysWow64\Drivers\removeany.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


Microsoft Office Sessions:
=========================
Error: (10/08/2011 03:15:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
AMD APP SDK Runtime (Version: 10.0.851.4)
AMD Catalyst Install Manager (Version: 3.0.859.0)
AMD Fuel (Version: 2011.1205.2215.39827)
Apple Mobile Device Support (Version: 4.0.0.97)
AVG 2012 (Version: 12.0.1831)
AVG 2012 (Version: 12.0.2090)
AVG 2012 (Version: 2012.0.1831)
Bonjour (Version: 3.0.0.10)
ccc-utility64 (Version: 2011.1205.2215.39827)
CPUID CPU-Z 1.51
DriverAgent by eSupport.com
iCloud (Version: 1.0.1.29)
iTunes (Version: 10.5.1.42)
magicJack (Version: 2.0.6073.4252)
Marvell Miniport Driver (Version: 9.12.4.3)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Automated Troubleshooting Services Shim
Microsoft Fix it Center (Version: 1.0.0100)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server Native Client (Version: 9.00.4035.00)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.58298)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.30729)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (Version: 3.5.30729)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (Version: 6.1.5295.17011)
MobileMe Control Panel (Version: 3.1.8.0)
PeerGuardian 2.0 (Version: 2.1.0.2)
SiSoftware Sandra Lite 2009.SP3a (Version: 15.97.2009.5)
SUPERAntiSpyware (Version: 5.0.1144)
TeamSpeak 3 Client
Ventrilo Client for Windows x64 (Version: 3.0.5.0)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
WinZip 16.0 (Version: 16.0.9661)

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 4094.56 MB
Available physical RAM: 1977.84 MB
Total Pagefile: 8405.65 MB
Available Pagefile: 5346.38 MB
Total Virtual: 4095.88 MB
Available Virtual: 3996.25 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:931.51 GB) (Free:50.16 GB) NTFS
8 Drive k: (PHONE) (Removable) (Total:0.02 GB) (Free:0.02 GB) FAT

========================= Users: ========================================

User accounts for \\MAX

Admin Administrator ASPNET
Guest


**** End of log ****

#8 Franconian

Franconian
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:16 AM

Posted 21 February 2012 - 11:29 PM

I can't get passed ESET terms of service. Page wont load all the way It says "install" at bottom , but wants the page reloaded whe I selct install .

#9 Franconian

Franconian
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:16 AM

Posted 21 February 2012 - 11:50 PM

ok ESET popped on after about 15 mins , Ill let you know if it turns out

#10 Franconian

Franconian
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:16 AM

Posted 22 February 2012 - 12:08 PM

hear is ESET scan




C:\Users\Admin\AppData\Local\temp(319)\nseA057.tmp Win32/Adware.Somoto.A application deleted - quarantined
C:\Users\Admin\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\110203165919017.rsc Win32/Toolbar.Zugo application deleted - quarantined
C:\Users\Admin\Documents\SoMud\downloads\lawn-service-assistant-2.0.exe a variant of Win32/Sefnit.AL trojan deleted - quarantined
C:\Users\Admin\Documents\SoMud\downloads\php_mysql.(video.for.beginners).iso a variant of Win32/Packed.Sign0fMisery.A application deleted - quarantined
C:\Users\Admin\Documents\SoMud\downloads\AUTODESK.3DSMAX.V2012-ISO\3dsmax2012.iso Win32/Keygen.BL application deleted - quarantined
C:\Users\Admin\Documents\SoMud\downloads\Essential Plugins for 3DS Max 2010\Autodesk_Mudbox_2010_64bit\xf-maya2010_64bit.exe a variant of Win32/Keygen.BL application cleaned by deleting - quarantined

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 60,047 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:16 AM

Posted 22 February 2012 - 01:14 PM

Win32/Sefnit was a big trouble maker. Apears it was installed via a keygen/cracked application.

IMPORTANT NOTE: The practice of using cracking tools, keygens, warez or any pirated software is not only considered illegal activity but it is a serious security risk.

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

trendmicro.com/vinfo

...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV

...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study

...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

Before we can continue, I need you to remove all cracks and keygens immediately to reduce the risk of infection/reinfection. If not, then we are just wasting time trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so we need to ensure they have been removed.

Using these types of programs or the websites you visited to get them is almost a guaranteed way to get yourself infected!!


How is it running?

Edited by boopme, 22 February 2012 - 01:14 PM.

How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#12 Franconian

Franconian
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:16 AM

Posted 22 February 2012 - 01:23 PM

I was not prompted to reset , so I didn't , PC not any faster , I guess I need to talk to kids about what they download or whatever it was .

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 60,047 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:16 AM

Posted 22 February 2012 - 04:34 PM

Take a lloke here// Slow Computer/browser? Check Here First; It May Not Be Malware

Or ask in Vista to look at what's in your Startup.
Also remonove any old unwanted apps as you are down to 50MB left on the Hard drive this will start to slow you down.
Maybe move some songs and/or pics to another drive or Discs.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#14 Franconian

Franconian
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:16 AM

Posted 22 February 2012 - 04:41 PM

Hmmmm.... I show 53 GB left on Hard drive. I did the PC cleaning and defrag last Sat, allready, Before I bothered the Techs. I was telling my wife that I thought about 50 gigs reapeared on C drive all the sudden last week. So on to Vista Forums ?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users