Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

commercial music and noises, google redirect, MBAM failure - different from those in the troubleshooting page


  • This topic is locked This topic is locked
8 replies to this topic

#1 MsYvaine

MsYvaine

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:uk-london
  • Local time:08:48 AM

Posted 28 December 2011 - 11:38 AM

hello,

thanks in advance for helping me, after removing several infections with the use of forums this one is over my capabilities .

symptoms:

1. couple of days ago MBAM (full version) stopped working and shows this message: (translation)
(OpenEvent): the execution of required process was not successfull: error code: 2
would not run even in safe mode

2. google search results redirect to random sites (please note that i have removed (TDSSKiller from Kaspersky)this one more than 2 months ago, following forum instructions, all the searches were clean and everything was running perfectly before now)

3. last night laptop switched off out of the blue, could finally run it with win7 repair (got overheated)

4. strange ad like noise start - eg. part of an advertisement for "Beechamps" flu pill - part of a car insurance ad etc., only music and voice and for a couple of seconds

what i did so far:

tried to run MBAM in safe mode - no success

run CCleaner - temporary files, junk files etc. cleaned

run Uniblue Registry booster - no errors found

run Advance System Care (deep care) - while running it there came an error message : CAPICOM 2.1.0.2 Command line syntax error. Type Command /? for Help.

also there came win messages of compatibility aid, saying that microsoft visual c++ 2010 x86 redistributable setup was not correctly installed, comming up wit two files in Advance System care:
KB2467173.exe and KB2538243.exe

it fixed over 10K problems found on my computer.


after all these scans i could finally run MBAM - downloaded the latest version, did a thorough search, found 21 objects, details could be attached. After reboot everything seemed to be fine for a couple of minutes.
also, i could do a search with google, the first one was not redirected, the next one was.

Please note that i checked the MBAM troubleshooting page and my error code 2 is not like the one on that page, also i did what was said there and after rebooting, i still have the same error code and no running MBAM.


the strange ad like voices still appear - a car retailer one for a couple of seconds, an ad for Strepsils warm.

My OP system&machine details: MS Win7 ultimate 32 bit, IntelCore2 CPU T5200, 1.6ghz

What should be the next step? Any logs should be posted?
Thanks in advance!

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:48 AM

Posted 04 January 2012 - 03:12 PM

Hello, please post that MBAM log. Do nOT run a Registry cleaner now

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

>>>>>>

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 MsYvaine

MsYvaine
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:uk-london
  • Local time:08:48 AM

Posted 17 January 2012 - 08:22 PM

hello,

thanks for the reply and sorry for being away for so long, it was because of my job

i will perform what i was requested only tomorrow, as i just got home and could read the post, also there has been another problem, i turned the computer on and windows just shut it down, it performed the automatic repair thing and said it couldnt repair itself, i checked the log and it said the "boot file was corrupted", also at startup i could save this log:
(sorry, it was in hungarian originally, but see my homemade translation)
problem description:
events name: BlueScreen
op sys version: 6.1.7600.2.0.0.256.1
location details: 1038
further info regarding the prblem:
BCCode: c000021a
BCP1: 8AC76920
BCP2: 00000001
BCP3: C0000001
BCP4: 0010051C
OS Version: 6_1_7600
Service Pack: 0_0
Product: 256_1

files that help describe the problem:
C:\Windows\Minidump\011812-13977-01.dmp
C:\Users\Babuci\AppData\Local\Temp\WER-88795-0.sysdata.xml

so in 24hrs im posting the required log files

thank you for your time and help

#4 MsYvaine

MsYvaine
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:uk-london
  • Local time:08:48 AM

Posted 17 January 2012 - 08:28 PM

here is the mbam log file - once again i translated what i could from hungarian to english, but i think the core of it is straighforward anyway

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Adatbázis verzió: v2011.12.28.02

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Babuci :: BABUCI-PC [admin]

2011.12.28. 14:31:47
mbam-log-2011-12-28 (14-31-47).txt

type of scan: full scan
Engedélyezett vizsgálati beállítások: Memória | Indítópult | Rendszerleíró | Fájlrendszer | Heurisztikus/Extra | Heurisztikus/Shuriken | PUP | PUM
Letiltott vizsgálati beállítások: P2P
scanned objects: 286155
ellapsed time: 1 hr, 4 mins, 58 secs

affected memory processes: 4
C:\ProgramData\27l4ozqjbh.exe (Trojan.Dropper) -> 2748 -> delete at startup.
C:\Windows\Temp\hki4122.exe (Trojan.Email) -> 2844 -> delete at startup.
C:\Windows\Temp\hki4122.exe (Trojan.Email) -> 3416 -> delete at startup.
C:\Windows\Temp\hki4122.exe (Trojan.Email) -> 4284 -> delete at startup.

infected memory modules: 0
(no malwares found)

infected process description modules: 0
(no malwares)

Fertőzött Rendszerleíró értékek: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|27l4ozqjbh (Trojan.Dropper) -> Adat: C:\ProgramData\27l4ozqjbh.exe -> A karanténba helyezés, és a törlés sikerült.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|27l4ozqjbh (Trojan.Dropper) -> Adat: C:\Users\Babuci\27l4ozqjbh.exe -> A karanténba helyezés, és a törlés sikerült.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Backdoor.Agent) -> Adat: C:\Users\Babuci\AppData\Local\b9dc94c5\X -> A karanténba helyezés, és a törlés sikerült.

Fertőzött Rendszerleíró adatelemek: 0
(Nem találhatók rosszindulatú elemek)

Fertőzött mappák: 0
(Nem találhatók rosszindulatú elemek)

infected files: 14
C:\ProgramData\27l4ozqjbh.exe (Trojan.Dropper) -> delete at startup.
C:\Windows\Temp\hki4122.exe (Trojan.Email) -> delete at startup.
C:\Users\Babuci\27l4ozqjbh.exe (Trojan.Dropper) -> caranteened and deleted successfully.
C:\Users\Babuci\AppData\Local\b9dc94c5\X (Trojan.Agent.PE3) -> caranteened and deleted successfully.
C:\Users\Babuci\AppData\Local\b9dc94c5\U\00000001.@ (Backdoor.0Access) -> caranteened and deleted successfully.
C:\Users\Babuci\AppData\Local\b9dc94c5\U\80000000.@ (Trojan.Agent) -> caranteened and deleted successfully.
C:\Users\Babuci\AppData\Local\b9dc94c5\U\800000cb.@ (Backdoor.0Access) -> caranteened and deleted successfully.
C:\Users\Babuci\AppData\Local\b9dc94c5\U\800000cf.@ (Backdoor.0Access) -> caranteened and deleted successfully.
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\dc54b0c-19c4d5ac (Trojan.Downloader) -> caranteened and deleted successfully.
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\dc54b0c-7ade085a (Trojan.Downloader) -> caranteened and deleted successfully.
C:\ProgramData\02BfSM1a.exe (Trojan.Email) -> caranteened and deleted successfully.
C:\ProgramData\02BfSM1a.exe_ (Trojan.Email) -> caranteened and deleted successfully.
C:\Windows\System32\K44Ylltw.exe (Trojan.Email) -> caranteened and deleted successfully.
C:\Windows\System32\K44Ylltw.exe_ (Trojan.Email) -> caranteened and deleted successfully.

(befejezés)

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:48 AM

Posted 17 January 2012 - 08:45 PM

Thank you I can usually make heads or tails from the logs.

EDIT: Take your time..

The first ones that led to ... Temp\WER-88795-0.sysdata.xml

are registry corruptions,probably from the Chinese malware you have.

We will know more from the other 2 scans and this..


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices <<-- SKIP
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Edited by boopme, 17 January 2012 - 08:46 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 MsYvaine

MsYvaine
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:uk-london
  • Local time:08:48 AM

Posted 19 January 2012 - 01:10 PM

hello

here we go with the logs, i couldnt find any attach files button, so in here:

1. tdsskiller

15:13:06.0770 5148 TDSS rootkit removing tool 2.7.5.0 Jan 18 2012 09:26:24
15:13:06.0897 5148 ============================================================
15:13:06.0897 5148 Current date / time: 2012/01/19 15:13:06.0897
15:13:06.0897 5148 SystemInfo:
15:13:06.0897 5148
15:13:06.0897 5148 OS Version: 6.1.7600 ServicePack: 0.0
15:13:06.0897 5148 Product type: Workstation
15:13:06.0897 5148 ComputerName: BABUCI-PC
15:13:06.0898 5148 UserName: Babuci
15:13:06.0898 5148 Windows directory: C:\Windows
15:13:06.0898 5148 System windows directory: C:\Windows
15:13:06.0898 5148 Processor architecture: Intel x86
15:13:06.0898 5148 Number of processors: 2
15:13:06.0898 5148 Page size: 0x1000
15:13:06.0898 5148 Boot type: Normal boot
15:13:06.0898 5148 ============================================================
15:13:08.0074 5148 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:13:08.0143 5148 Initialize success
15:13:38.0225 3100 ============================================================
15:13:38.0225 3100 Scan started
15:13:38.0225 3100 Mode: Manual; SigCheck; TDLFS;
15:13:38.0225 3100 ============================================================
15:13:38.0885 3100 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
15:13:39.0021 3100 1394ohci - ok
15:13:39.0058 3100 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
15:13:39.0083 3100 ACPI - ok
15:13:39.0115 3100 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
15:13:39.0182 3100 AcpiPmi - ok
15:13:39.0233 3100 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
15:13:39.0269 3100 adp94xx - ok
15:13:39.0311 3100 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
15:13:39.0337 3100 adpahci - ok
15:13:39.0374 3100 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
15:13:39.0395 3100 adpu320 - ok
15:13:39.0463 3100 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
15:13:39.0533 3100 AFD - ok
15:13:39.0570 3100 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
15:13:39.0589 3100 agp440 - ok
15:13:39.0635 3100 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
15:13:39.0654 3100 aic78xx - ok
15:13:39.0711 3100 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
15:13:39.0730 3100 aliide - ok
15:13:39.0763 3100 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
15:13:39.0782 3100 amdagp - ok
15:13:39.0805 3100 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
15:13:39.0820 3100 amdide - ok
15:13:39.0855 3100 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
15:13:39.0891 3100 AmdK8 - ok
15:13:39.0932 3100 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
15:13:39.0965 3100 AmdPPM - ok
15:13:40.0008 3100 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
15:13:40.0027 3100 amdsata - ok
15:13:40.0069 3100 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
15:13:40.0090 3100 amdsbs - ok
15:13:40.0126 3100 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
15:13:40.0142 3100 amdxata - ok
15:13:40.0188 3100 ApfiltrService (e8a8e6072cb7e2032e85e7735daa511f) C:\Windows\system32\DRIVERS\Apfiltr.sys
15:13:40.0246 3100 ApfiltrService - ok
15:13:40.0275 3100 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
15:13:40.0370 3100 AppID - ok
15:13:40.0466 3100 AR5416 (c413e2e549488a5f1969decb5b03187a) C:\Windows\system32\DRIVERS\athw.sys
15:13:40.0585 3100 AR5416 - ok
15:13:40.0636 3100 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
15:13:40.0654 3100 arc - ok
15:13:40.0697 3100 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
15:13:40.0715 3100 arcsas - ok
15:13:40.0771 3100 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
15:13:40.0891 3100 AsyncMac - ok
15:13:40.0926 3100 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
15:13:40.0941 3100 atapi - ok
15:13:40.0995 3100 athr (76bab0c824e2d05b940c4dd40a9b08bf) C:\Windows\system32\DRIVERS\athr.sys
15:13:41.0073 3100 athr - ok
15:13:41.0148 3100 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
15:13:41.0199 3100 b06bdrv - ok
15:13:41.0246 3100 b57nd60x (1fd21000184a9fe91b14b8b542a301c1) C:\Windows\system32\DRIVERS\b57nd60x.sys
15:13:41.0268 3100 b57nd60x - ok
15:13:41.0308 3100 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
15:13:41.0359 3100 Beep - ok
15:13:41.0394 3100 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
15:13:41.0415 3100 blbdrive - ok
15:13:41.0452 3100 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
15:13:41.0490 3100 bowser - ok
15:13:41.0519 3100 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:13:41.0557 3100 BrFiltLo - ok
15:13:41.0574 3100 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:13:41.0609 3100 BrFiltUp - ok
15:13:41.0671 3100 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
15:13:41.0714 3100 Brserid - ok
15:13:41.0751 3100 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
15:13:41.0791 3100 BrSerWdm - ok
15:13:41.0818 3100 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:13:41.0839 3100 BrUsbMdm - ok
15:13:41.0862 3100 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
15:13:41.0897 3100 BrUsbSer - ok
15:13:41.0928 3100 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
15:13:41.0965 3100 BTHMODEM - ok
15:13:42.0004 3100 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
15:13:42.0047 3100 cdfs - ok
15:13:42.0072 3100 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
15:13:42.0093 3100 cdrom - ok
15:13:42.0121 3100 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
15:13:42.0159 3100 circlass - ok
15:13:42.0201 3100 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
15:13:42.0224 3100 CLFS - ok
15:13:42.0257 3100 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
15:13:42.0280 3100 CmBatt - ok
15:13:42.0301 3100 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
15:13:42.0326 3100 cmdide - ok
15:13:42.0357 3100 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
15:13:42.0412 3100 CNG - ok
15:13:42.0431 3100 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
15:13:42.0447 3100 Compbatt - ok
15:13:42.0491 3100 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:13:42.0533 3100 CompositeBus - ok
15:13:42.0586 3100 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
15:13:42.0603 3100 crcdisk - ok
15:13:42.0659 3100 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
15:13:42.0710 3100 CSC - ok
15:13:42.0766 3100 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
15:13:42.0814 3100 DfsC - ok
15:13:42.0850 3100 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
15:13:42.0896 3100 discache - ok
15:13:42.0931 3100 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
15:13:42.0947 3100 Disk - ok
15:13:43.0000 3100 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
15:13:43.0031 3100 drmkaud - ok
15:13:43.0079 3100 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
15:13:43.0126 3100 DXGKrnl - ok
15:13:43.0233 3100 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
15:13:43.0369 3100 ebdrv - ok
15:13:43.0421 3100 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
15:13:43.0451 3100 elxstor - ok
15:13:43.0482 3100 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
15:13:43.0515 3100 ErrDev - ok
15:13:43.0573 3100 ew_hwusbdev (57c171ea22f0a7f068fcb0caedd1e8e7) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
15:13:43.0642 3100 ew_hwusbdev - ok
15:13:43.0682 3100 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
15:13:43.0725 3100 exfat - ok
15:13:43.0748 3100 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
15:13:43.0792 3100 fastfat - ok
15:13:43.0820 3100 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
15:13:43.0841 3100 fdc - ok
15:13:43.0883 3100 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
15:13:43.0900 3100 FileInfo - ok
15:13:43.0920 3100 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
15:13:43.0958 3100 Filetrace - ok
15:13:43.0986 3100 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
15:13:44.0022 3100 flpydisk - ok
15:13:44.0059 3100 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
15:13:44.0079 3100 FltMgr - ok
15:13:44.0118 3100 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
15:13:44.0135 3100 FsDepends - ok
15:13:44.0166 3100 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
15:13:44.0180 3100 fssfltr - ok
15:13:44.0208 3100 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
15:13:44.0225 3100 Fs_Rec - ok
15:13:44.0264 3100 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
15:13:44.0287 3100 fvevol - ok
15:13:44.0317 3100 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:13:44.0335 3100 gagp30kx - ok
15:13:44.0368 3100 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:13:44.0381 3100 GEARAspiWDM - ok
15:13:44.0413 3100 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
15:13:44.0443 3100 hcw85cir - ok
15:13:44.0481 3100 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
15:13:44.0510 3100 HdAudAddService - ok
15:13:44.0533 3100 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:13:44.0567 3100 HDAudBus - ok
15:13:44.0591 3100 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
15:13:44.0626 3100 HidBatt - ok
15:13:44.0654 3100 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
15:13:44.0678 3100 HidBth - ok
15:13:44.0704 3100 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
15:13:44.0734 3100 HidIr - ok
15:13:44.0768 3100 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
15:13:44.0789 3100 HidUsb - ok
15:13:44.0827 3100 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
15:13:44.0845 3100 HpSAMD - ok
15:13:44.0900 3100 HSF_DPV (227c3ba25012752bb7450235392c719f) C:\Windows\system32\DRIVERS\HSX_DPV.sys
15:13:44.0979 3100 HSF_DPV - ok
15:13:45.0023 3100 HSXHWAZL (4df5c76302dc2f8f3465966c8426a292) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
15:13:45.0056 3100 HSXHWAZL - ok
15:13:45.0090 3100 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
15:13:45.0157 3100 HTTP - ok
15:13:45.0202 3100 huawei_cdcacm (42a64382a0607b80c99c37170911b346) C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
15:13:45.0247 3100 huawei_cdcacm - ok
15:13:45.0289 3100 huawei_enumerator (f44461e66f1b7dd267957fe9baa63ed0) C:\Windows\system32\DRIVERS\ew_jubusenum.sys
15:13:45.0374 3100 huawei_enumerator - ok
15:13:45.0417 3100 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
15:13:45.0432 3100 hwpolicy - ok
15:13:45.0465 3100 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
15:13:45.0495 3100 i8042prt - ok
15:13:45.0536 3100 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
15:13:45.0564 3100 iaStorV - ok
15:13:45.0750 3100 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
15:13:45.0965 3100 igfx - ok
15:13:46.0006 3100 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
15:13:46.0025 3100 iirsp - ok
15:13:46.0057 3100 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
15:13:46.0073 3100 intelide - ok
15:13:46.0096 3100 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
15:13:46.0116 3100 intelppm - ok
15:13:46.0145 3100 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:13:46.0184 3100 IpFilterDriver - ok
15:13:46.0211 3100 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:13:46.0232 3100 IPMIDRV - ok
15:13:46.0255 3100 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
15:13:46.0297 3100 IPNAT - ok
15:13:46.0326 3100 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
15:13:46.0400 3100 IRENUM - ok
15:13:46.0428 3100 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
15:13:46.0447 3100 isapnp - ok
15:13:46.0485 3100 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
15:13:46.0506 3100 iScsiPrt - ok
15:13:46.0528 3100 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:13:46.0547 3100 kbdclass - ok
15:13:46.0568 3100 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
15:13:46.0601 3100 kbdhid - ok
15:13:46.0631 3100 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
15:13:46.0649 3100 KSecDD - ok
15:13:46.0684 3100 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
15:13:46.0702 3100 KSecPkg - ok
15:13:46.0742 3100 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
15:13:46.0790 3100 lltdio - ok
15:13:46.0834 3100 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:13:46.0853 3100 LSI_FC - ok
15:13:46.0878 3100 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:13:46.0896 3100 LSI_SAS - ok
15:13:46.0915 3100 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:13:46.0933 3100 LSI_SAS2 - ok
15:13:46.0955 3100 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:13:46.0974 3100 LSI_SCSI - ok
15:13:46.0994 3100 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
15:13:47.0048 3100 luafv - ok
15:13:47.0088 3100 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
15:13:47.0102 3100 LVPr2Mon - ok
15:13:47.0139 3100 LVUSBSta (23f8ef78bb9553e465a476f3cee5ca18) C:\Windows\system32\drivers\LVUSBSta.sys
15:13:47.0153 3100 LVUSBSta - ok
15:13:47.0199 3100 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
15:13:47.0212 3100 MBAMProtector - ok
15:13:47.0256 3100 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
15:13:47.0273 3100 mdmxsdk - ok
15:13:47.0309 3100 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
15:13:47.0325 3100 megasas - ok
15:13:47.0358 3100 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
15:13:47.0380 3100 MegaSR - ok
15:13:47.0415 3100 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
15:13:47.0471 3100 Modem - ok
15:13:47.0498 3100 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
15:13:47.0532 3100 monitor - ok
15:13:47.0556 3100 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
15:13:47.0578 3100 mouclass - ok
15:13:47.0604 3100 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
15:13:47.0625 3100 mouhid - ok
15:13:47.0644 3100 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
15:13:47.0662 3100 mountmgr - ok
15:13:47.0690 3100 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
15:13:47.0710 3100 mpio - ok
15:13:47.0737 3100 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
15:13:47.0789 3100 mpsdrv - ok
15:13:47.0806 3100 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
15:13:47.0834 3100 MRxDAV - ok
15:13:47.0875 3100 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:13:47.0924 3100 mrxsmb - ok
15:13:47.0955 3100 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:13:47.0996 3100 mrxsmb10 - ok
15:13:48.0028 3100 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:13:48.0048 3100 mrxsmb20 - ok
15:13:48.0077 3100 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
15:13:48.0093 3100 msahci - ok
15:13:48.0118 3100 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
15:13:48.0144 3100 msdsm - ok
15:13:48.0184 3100 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
15:13:48.0220 3100 Msfs - ok
15:13:48.0241 3100 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
15:13:48.0293 3100 mshidkmdf - ok
15:13:48.0323 3100 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
15:13:48.0339 3100 msisadrv - ok
15:13:48.0378 3100 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
15:13:48.0430 3100 MSKSSRV - ok
15:13:48.0460 3100 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
15:13:48.0507 3100 MSPCLOCK - ok
15:13:48.0531 3100 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
15:13:48.0584 3100 MSPQM - ok
15:13:48.0624 3100 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
15:13:48.0644 3100 MsRPC - ok
15:13:48.0674 3100 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
15:13:48.0690 3100 mssmbios - ok
15:13:48.0715 3100 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
15:13:48.0763 3100 MSTEE - ok
15:13:48.0793 3100 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
15:13:48.0828 3100 MTConfig - ok
15:13:48.0853 3100 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
15:13:48.0869 3100 Mup - ok
15:13:48.0918 3100 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
15:13:48.0960 3100 NativeWifiP - ok
15:13:49.0007 3100 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
15:13:49.0055 3100 NDIS - ok
15:13:49.0080 3100 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
15:13:49.0133 3100 NdisCap - ok
15:13:49.0156 3100 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
15:13:49.0196 3100 NdisTapi - ok
15:13:49.0223 3100 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
15:13:49.0262 3100 Ndisuio - ok
15:13:49.0284 3100 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
15:13:49.0325 3100 NdisWan - ok
15:13:49.0355 3100 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
15:13:49.0395 3100 NDProxy - ok
15:13:49.0417 3100 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
15:13:49.0468 3100 NetBIOS - ok
15:13:49.0501 3100 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
15:13:49.0550 3100 NetBT - ok
15:13:49.0618 3100 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
15:13:49.0635 3100 nfrd960 - ok
15:13:49.0730 3100 nnfwdk (5d2c822c2851acd7d78f4cf5e966ccd3) C:\Program Files\NetRatingsNetSight\NetSight\meter1\nnfwdk.sys
15:13:49.0754 3100 nnfwdk - ok
15:13:49.0777 3100 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
15:13:49.0831 3100 Npfs - ok
15:13:49.0866 3100 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
15:13:49.0913 3100 nsiproxy - ok
15:13:49.0970 3100 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
15:13:50.0031 3100 Ntfs - ok
15:13:50.0058 3100 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
15:13:50.0097 3100 Null - ok
15:13:50.0121 3100 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
15:13:50.0140 3100 nvraid - ok
15:13:50.0170 3100 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
15:13:50.0190 3100 nvstor - ok
15:13:50.0290 3100 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
15:13:50.0318 3100 nv_agp - ok
15:13:50.0416 3100 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
15:13:50.0457 3100 ohci1394 - ok
15:13:50.0551 3100 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
15:13:50.0592 3100 Parport - ok
15:13:50.0628 3100 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
15:13:50.0644 3100 partmgr - ok
15:13:50.0670 3100 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
15:13:50.0699 3100 Parvdm - ok
15:13:50.0730 3100 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
15:13:50.0749 3100 pci - ok
15:13:50.0769 3100 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
15:13:50.0785 3100 pciide - ok
15:13:50.0808 3100 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
15:13:50.0829 3100 pcmcia - ok
15:13:50.0860 3100 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
15:13:50.0876 3100 pcw - ok
15:13:50.0919 3100 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
15:13:50.0986 3100 PEAUTH - ok
15:13:51.0098 3100 PID_PEPI (4bb5ac2dd485b8eefccb977ee66a68ad) C:\Windows\system32\DRIVERS\LV302V32.SYS
15:13:51.0200 3100 PID_PEPI - ok
15:13:51.0271 3100 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
15:13:51.0325 3100 PptpMiniport - ok
15:13:51.0355 3100 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
15:13:51.0388 3100 Processor - ok
15:13:51.0428 3100 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
15:13:51.0478 3100 Psched - ok
15:13:51.0528 3100 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
15:13:51.0598 3100 ql2300 - ok
15:13:51.0630 3100 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
15:13:51.0649 3100 ql40xx - ok
15:13:51.0674 3100 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
15:13:51.0697 3100 QWAVEdrv - ok
15:13:51.0720 3100 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
15:13:51.0772 3100 RasAcd - ok
15:13:51.0805 3100 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:13:51.0846 3100 RasAgileVpn - ok
15:13:51.0875 3100 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:13:51.0930 3100 Rasl2tp - ok
15:13:51.0968 3100 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
15:13:52.0020 3100 RasPppoe - ok
15:13:52.0061 3100 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
15:13:52.0103 3100 RasSstp - ok
15:13:52.0135 3100 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
15:13:52.0195 3100 rdbss - ok
15:13:52.0223 3100 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
15:13:52.0254 3100 rdpbus - ok
15:13:52.0287 3100 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:13:52.0326 3100 RDPCDD - ok
15:13:52.0368 3100 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
15:13:52.0425 3100 RDPDR - ok
15:13:52.0451 3100 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
15:13:52.0498 3100 RDPENCDD - ok
15:13:52.0541 3100 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
15:13:52.0587 3100 RDPREFMP - ok
15:13:52.0616 3100 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
15:13:52.0667 3100 RDPWD - ok
15:13:52.0701 3100 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
15:13:52.0721 3100 rdyboost - ok
15:13:52.0792 3100 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
15:13:52.0832 3100 rspndr - ok
15:13:52.0857 3100 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
15:13:52.0894 3100 s3cap - ok
15:13:52.0960 3100 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:13:52.0983 3100 SASDIFSV - ok
15:13:53.0012 3100 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:13:53.0027 3100 SASKUTIL - ok
15:13:53.0058 3100 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
15:13:53.0078 3100 sbp2port - ok
15:13:53.0103 3100 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
15:13:53.0145 3100 scfilter - ok
15:13:53.0193 3100 sdbus (7b48cff3a475fe849dea65ec4d35c425) C:\Windows\system32\DRIVERS\sdbus.sys
15:13:53.0217 3100 sdbus - ok
15:13:53.0245 3100 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:13:53.0295 3100 secdrv - ok
15:13:53.0339 3100 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
15:13:53.0359 3100 Serenum - ok
15:13:53.0381 3100 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
15:13:53.0416 3100 Serial - ok
15:13:53.0452 3100 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
15:13:53.0483 3100 sermouse - ok
15:13:53.0529 3100 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
15:13:53.0565 3100 sffdisk - ok
15:13:53.0597 3100 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:13:53.0633 3100 sffp_mmc - ok
15:13:53.0655 3100 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
15:13:53.0677 3100 sffp_sd - ok
15:13:53.0707 3100 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
15:13:53.0726 3100 sfloppy - ok
15:13:53.0805 3100 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
15:13:53.0822 3100 sisagp - ok
15:13:53.0850 3100 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:13:53.0867 3100 SiSRaid2 - ok
15:13:53.0900 3100 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
15:13:53.0919 3100 SiSRaid4 - ok
15:13:53.0942 3100 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
15:13:53.0982 3100 Smb - ok
15:13:54.0033 3100 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
15:13:54.0048 3100 spldr - ok
15:13:54.0107 3100 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
15:13:54.0154 3100 srv - ok
15:13:54.0189 3100 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
15:13:54.0225 3100 srv2 - ok
15:13:54.0266 3100 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
15:13:54.0292 3100 SrvHsfHDA - ok
15:13:54.0338 3100 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
15:13:54.0399 3100 SrvHsfV92 - ok
15:13:54.0440 3100 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
15:13:54.0486 3100 SrvHsfWinac - ok
15:13:54.0510 3100 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
15:13:54.0532 3100 srvnet - ok
15:13:54.0581 3100 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
15:13:54.0597 3100 stexstor - ok
15:13:54.0635 3100 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
15:13:54.0652 3100 storflt - ok
15:13:54.0679 3100 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
15:13:54.0695 3100 storvsc - ok
15:13:54.0726 3100 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
15:13:54.0743 3100 swenum - ok
15:13:54.0827 3100 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
15:13:54.0894 3100 Tcpip - ok
15:13:54.0951 3100 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
15:13:54.0996 3100 TCPIP6 - ok
15:13:55.0028 3100 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
15:13:55.0076 3100 tcpipreg - ok
15:13:55.0110 3100 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
15:13:55.0162 3100 TDPIPE - ok
15:13:55.0193 3100 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
15:13:55.0232 3100 TDTCP - ok
15:13:55.0259 3100 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
15:13:55.0300 3100 tdx - ok
15:13:55.0323 3100 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
15:13:55.0340 3100 TermDD - ok
15:13:55.0402 3100 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:13:55.0445 3100 tssecsrv - ok
15:13:55.0503 3100 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
15:13:55.0558 3100 tunnel - ok
15:13:55.0599 3100 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
15:13:55.0617 3100 uagp35 - ok
15:13:55.0644 3100 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
15:13:55.0698 3100 udfs - ok
15:13:55.0737 3100 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
15:13:55.0755 3100 uliagpkx - ok
15:13:55.0777 3100 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
15:13:55.0806 3100 umbus - ok
15:13:55.0836 3100 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
15:13:55.0857 3100 UmPass - ok
15:13:55.0920 3100 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
15:13:55.0959 3100 USBAAPL - ok
15:13:56.0010 3100 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
15:13:56.0045 3100 usbaudio - ok
15:13:56.0073 3100 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
15:13:56.0095 3100 usbccgp - ok
15:13:56.0120 3100 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
15:13:56.0158 3100 usbcir - ok
15:13:56.0190 3100 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
15:13:56.0211 3100 usbehci - ok
15:13:56.0241 3100 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
15:13:56.0267 3100 usbhub - ok
15:13:56.0287 3100 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
15:13:56.0320 3100 usbohci - ok
15:13:56.0351 3100 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
15:13:56.0373 3100 usbprint - ok
15:13:56.0400 3100 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:13:56.0422 3100 USBSTOR - ok
15:13:56.0438 3100 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
15:13:56.0462 3100 usbuhci - ok
15:13:56.0496 3100 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
15:13:56.0513 3100 vdrvroot - ok
15:13:56.0552 3100 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
15:13:56.0581 3100 vga - ok
15:13:56.0612 3100 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
15:13:56.0651 3100 VgaSave - ok
15:13:56.0684 3100 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
15:13:56.0704 3100 vhdmp - ok
15:13:56.0730 3100 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
15:13:56.0748 3100 viaagp - ok
15:13:56.0778 3100 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
15:13:56.0811 3100 ViaC7 - ok
15:13:56.0839 3100 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
15:13:56.0855 3100 viaide - ok
15:13:56.0896 3100 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
15:13:56.0920 3100 vmbus - ok
15:13:56.0943 3100 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
15:13:56.0962 3100 VMBusHID - ok
15:13:56.0985 3100 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
15:13:57.0003 3100 volmgr - ok
15:13:57.0036 3100 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
15:13:57.0060 3100 volmgrx - ok
15:13:57.0088 3100 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
15:13:57.0111 3100 volsnap - ok
15:13:57.0157 3100 Vsdatant (24334b105bde93d82495358b219f7b76) C:\Windows\system32\DRIVERS\vsdatant.sys
15:13:57.0191 3100 Vsdatant - ok
15:13:57.0226 3100 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
15:13:57.0246 3100 vsmraid - ok
15:13:57.0282 3100 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
15:13:57.0304 3100 vwifibus - ok
15:13:57.0323 3100 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
15:13:57.0360 3100 vwififlt - ok
15:13:57.0407 3100 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
15:13:57.0429 3100 WacomPen - ok
15:13:57.0449 3100 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
15:13:57.0488 3100 WANARP - ok
15:13:57.0495 3100 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
15:13:57.0534 3100 Wanarpv6 - ok
15:13:57.0580 3100 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
15:13:57.0597 3100 Wd - ok
15:13:57.0626 3100 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
15:13:57.0654 3100 Wdf01000 - ok
15:13:57.0719 3100 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
15:13:57.0758 3100 WfpLwf - ok
15:13:57.0790 3100 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
15:13:57.0806 3100 WIMMount - ok
15:13:57.0852 3100 winachsf (8b976d4ca270110111df4f313da0e6e8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
15:13:57.0904 3100 winachsf - ok
15:13:57.0985 3100 winusb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\winusb.sys
15:13:58.0008 3100 winusb - ok
15:13:58.0053 3100 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:13:58.0085 3100 WmiAcpi - ok
15:13:58.0150 3100 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
15:13:58.0200 3100 ws2ifsl - ok
15:13:58.0242 3100 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
15:13:58.0283 3100 WudfPf - ok
15:13:58.0307 3100 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:13:58.0365 3100 WUDFRd - ok
15:13:58.0413 3100 XAudio (894f963be999ba9db5aac3aed55b115d) C:\Windows\system32\DRIVERS\XAudio32.sys
15:13:58.0432 3100 XAudio - ok
15:13:58.0475 3100 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:13:58.0659 3100 \Device\Harddisk0\DR0 - ok
15:13:58.0668 3100 Boot (0x1200) (aa9ea497a6f19eabb389c3117e8182d4) \Device\Harddisk0\DR0\Partition0
15:13:58.0670 3100 \Device\Harddisk0\DR0\Partition0 - ok
15:13:58.0718 3100 Boot (0x1200) (21530b00e29bdc844b379adb97aa9938) \Device\Harddisk0\DR0\Partition1
15:13:58.0720 3100 \Device\Harddisk0\DR0\Partition1 - ok
15:13:58.0736 3100 Boot (0x1200) (78f7f4ca6c828cd6352d38ca7eaf0a3d) \Device\Harddisk0\DR0\Partition2
15:13:58.0738 3100 \Device\Harddisk0\DR0\Partition2 - ok
15:13:58.0740 3100 ============================================================
15:13:58.0740 3100 Scan finished
15:13:58.0740 3100 ============================================================
15:13:58.0760 4288 Detected object count: 0
15:13:58.0760 4288 Actual detected object count: 0

2. Esetscan

C:\Program Files\Bonjour\mDNSResponder.exe Win32/Patched.HN trojan cleaned - quarantined
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe Win32/Patched.HN trojan cleaned - quarantined
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe Win32/Patched.HN trojan cleaned - quarantined
C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe Win32/Patched.HN trojan error while cleaning
C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE Win32/Patched.HN trojan cleaned - quarantined
C:\Program Files\Uniblue\RegistryBooster\Launcher.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files\Uniblue\RegistryBooster\rbnotifier.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files\Uniblue\RegistryBooster\rb_move_serial.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files\Uniblue\RegistryBooster\rb_ubm.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files\Uniblue\SpeedUpMyPC\Launcher.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
C:\Program Files\Uniblue\SpeedUpMyPC\spnotifier.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
C:\Program Files\Uniblue\SpeedUpMyPC\sp_move_serial.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
C:\Users\Babuci\AppData\Local\b9dc94c5\U\800000c0.@ a variant of Win32/Sirefef.EF trojan cleaned by deleting - quarantined
C:\Users\Babuci\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G1BEYJT0\index-functions[1].js Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\7e4db740-2173fdf5 multiple threats deleted - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\78604eca-62317971 a variant of Win32/Kryptik.YYY trojan deleted - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\598a308e-6aeb7de9 Java/TrojanDownloader.OpenStream.NCA trojan deleted - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\17d17812-6bbdfef3 Java/Agent.DW trojan deleted - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\63077302-759a032e multiple threats deleted - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\7dedd258-733b6979 Java/Exploit.CVE-2011-3544.X trojan deleted - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\3d7cc899-6f1c861c a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\4898a519-7033433d Win32/TrojanDownloader.Small.PHW trojan cleaned by deleting - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\33902703-367ff2f3 multiple threats deleted - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\55296943-1c69f82b multiple threats deleted - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\5ce87960-205d8165 Java/Exploit.CVE-2011-3544.Y trojan deleted - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\585bed27-68ffdc2f Java/Exploit.CVE-2011-3544.K trojan deleted - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\65f46ec-234ea184 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\381d032d-2260a410 multiple threats deleted - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\4edb8db0-68ae2801 Java/Exploit.CVE-2011-3544.X trojan deleted - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\3514e385-36d9ef74 multiple threats deleted - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\12e7a8b3-2acd2843 Java/Exploit.CVE-2011-3544.W trojan deleted - quarantined
C:\Users\Babuci\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\2f6967b3-1a02433a multiple threats deleted - quarantined
C:\Users\Babuci\AppData\Roaming\Uniblue\RegistryBooster\_temp\ub.exe Win32/RegistryBooster application deleted - quarantined
C:\Users\Babuci\AppData\Roaming\Uniblue\SpeedUpMyPC\_temp\ub.exe Win32/SpeedUpMyPC application deleted - quarantined
C:\Windows\System32\brccoinst.dll a variant of Win32/BHO.ODP trojan cleaned by deleting - quarantined
C:\Windows\System32\IconCCodecService.dll Win32/BHO.ODP trojan cleaned by deleting - quarantined
C:\Windows\System32\netfxpperf.dll Win32/BHO.ODP trojan cleaned by deleting - quarantined
C:\Windows\System32\ZoneLabs\vsmon.exe Win32/Patched.HN trojan error while cleaning
D:\downloads\asc-setup.exe a variant of Win32/Toolbar.Widgi application deleted - quarantined
D:\downloads\rhood_bh.zip a variant of Win32/HackTool.Patcher.C application deleted - quarantined

(wow, i thought i had a decent firewall and protection, but this shows im...hm...incompetent)

3.minitoolbox

MiniToolBox by Farbar Version: 18-01-2012
Ran by Babuci (administrator) on 19-01-2012 at 17:58:31
Microsoft Windows 7 Ultimate (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP konfigur ci˘

A DNS-felold si gyorsˇt˘t r kirˇt‚se sikeresen megt”rt‚nt.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


94.63.240.135 www.google.com
94.63.240.136 www.bing.com


========================= IP Configuration: ================================

Atheros AR5007EG Wireless Network Adapter = Vezeték nélküli hálózati kapcsolat (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Helyi kapcsolat (Media disconnected)


# ----------------------------------
# IPv4-konfigur ci˘
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=enabled


popd
# IPv4-konfigur ci˘ v‚ge



Windows IP konfigur ci˘

ľllom sn‚v. . . . . . . . . . . . : Babuci-PC
Els‹dleges DNS-ut˘tag . . . . . . :
Csom˘ponttˇpus. . . . . . . . . . : Kevert
IP-Łtv laszt s enged‚lyezve . . . : Nem
WINS-proxy enged‚lyezve . . . . . : Nem

Ethernet-adapter Helyi kapcsolat:

Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
Kapcsolatspecifikus DNS-ut˘tag. . :
Leˇr s. . . . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Fizikai cˇm . . . . . . . . . . . : 00-1B-38-25-C5-A7
DHCP enged‚lyezve . . . . . . . . : Igen
Automatikus konfigur ci˘ enged‚lyezve : Igen

Vezet‚k n‚lkli h l˘zati kapcsolat vezet‚k n‚lkli h l˘zati adapter:

Kapcsolatspecifikus DNS-ut˘tag. . :
Leˇr s. . . . . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter
Fizikai cˇm . . . . . . . . . . . : 00-19-7E-BD-61-1C
DHCP enged‚lyezve . . . . . . . . : Igen
Automatikus konfigur ci˘ enged‚lyezve : Igen
IPv4-cˇm. . . . . . . . . . . . . : 192.168.148.100(Kˇv nt)
Alh l˘zati maszk. . . . . . . . . : 255.255.255.0
B‚rleti jog kezdete . . . . . . . : 2012. janu r 19. 1:31:22
B‚rleti jog v‚ge. . . . . . . . . : 2012. janu r 22. 14:56:12
Alap‚rtelmezett  tj r˘. . . . . . : 192.168.148.254
DHCP-kiszolg l˘ . . . . . . . . . : 192.168.148.254
DNS-kiszolg l˘k . . . . . . . . . : 212.42.162.1
212.42.162.2
NetBIOS a TCP/IP felett . . . . . : Enged‚lyezve
Kiszolgáló: ns0.fast.net.uk
Address: 212.42.162.1

Név: google.com
Addresses: 209.85.147.105
209.85.147.106
209.85.147.103
209.85.147.147
209.85.147.99
209.85.147.104


google.com [209.85.147.104] pingel‚se - 32 b jtnyi adattal:
V lasz 209.85.147.104: b jt=32 id‹=35 ms TTL=55
V lasz 209.85.147.104: b jt=32 id‹=38 ms TTL=55

209.85.147.104 ping-statisztik ja:
Csomagok: kld”tt = 2, fogadott = 2, elveszett = 0
(0% vesztes‚g),
Oda-vissza Łt ideje k”zelˇt‹legesen, milliszekundumban:
minimum = 35ms, maximum = 38ms,  tlag = 36ms
Kiszolgáló: ns0.fast.net.uk
Address: 212.42.162.1

Név: yahoo.com
Addresses: 98.139.180.149
209.191.122.70
72.30.2.43
98.137.149.56


yahoo.com [98.137.149.56] pingel‚se - 32 b jtnyi adattal:
V lasz 98.137.149.56: b jt=32 id‹=191 ms TTL=48
V lasz 98.137.149.56: b jt=32 id‹=201 ms TTL=48

98.137.149.56 ping-statisztik ja:
Csomagok: kld”tt = 2, fogadott = 2, elveszett = 0
(0% vesztes‚g),
Oda-vissza Łt ideje k”zelˇt‹legesen, milliszekundumban:
minimum = 191ms, maximum = 201ms,  tlag = 196ms
Kiszolgáló: ns0.fast.net.uk
Address: 212.42.162.1

Név: bleepingcomputer.com
Address: 208.43.87.2


bleepingcomputer.com [208.43.87.2] pingel‚se - 32 b jtnyi adattal:
A k‚r‚sre nem ‚rkezett v lasz a hat rid‹n bell.
A k‚r‚sre nem ‚rkezett v lasz a hat rid‹n bell.

208.43.87.2 ping-statisztik ja:
Csomagok: kld”tt = 2, fogadott = 0, elveszett = 2
(100% vesztes‚g),

127.0.0.1 pingel‚se - 32 b jtnyi adattal:
V lasz 127.0.0.1: b jt=32 id‹<10 ezredmp. TTL=128
V lasz 127.0.0.1: b jt=32 id‹<10 ezredmp. TTL=128

127.0.0.1 ping-statisztik ja:
Csomagok: kld”tt = 2, fogadott = 2, elveszett = 0
(0% vesztes‚g),
Oda-vissza Łt ideje k”zelˇt‹legesen, milliszekundumban:
minimum = 0ms, maximum = 0ms,  tlag = 0ms
===========================================================================
Kapcsolatlista
12...00 1b 38 25 c5 a7 ......Broadcom NetLink ™ Gigabit Ethernet
11...00 19 7e bd 61 1c ......Atheros AR5007EG Wireless Network Adapter
1...........................Software Loopback Interface 1
===========================================================================

IPv4 Łtvonalt bla
===========================================================================
Aktˇv Łtvonalak:
H l˘zati c‚l H l˘zati maszk ľtj r˘ Kapcsolat Metrika
0.0.0.0 0.0.0.0 192.168.148.254 192.168.148.100 25
127.0.0.0 255.0.0.0 Kapcsolaton belli 127.0.0.1 306
127.0.0.1 255.255.255.255 Kapcsolaton belli 127.0.0.1 306
127.255.255.255 255.255.255.255 Kapcsolaton belli 127.0.0.1 306
192.168.148.0 255.255.255.0 Kapcsolaton belli 192.168.148.100 281
192.168.148.100 255.255.255.255 Kapcsolaton belli 192.168.148.100 281
192.168.148.255 255.255.255.255 Kapcsolaton belli 192.168.148.100 281
224.0.0.0 240.0.0.0 Kapcsolaton belli 127.0.0.1 306
224.0.0.0 240.0.0.0 Kapcsolaton belli 192.168.148.100 281
255.255.255.255 255.255.255.255 Kapcsolaton belli 127.0.0.1 306
255.255.255.255 255.255.255.255 Kapcsolaton belli 192.168.148.100 281
===========================================================================
ľlland˘ Łtvonalak:
Nincs

IPv6 Łtvonalt bla
===========================================================================
Aktˇv Łtvonalak:
Kapcs. Metrika H l˘zati c‚l ľtj r˘
1 306 ::1/128 Kapcsolaton belli
1 306 ff00::/8 Kapcsolaton belli
===========================================================================
ľlland˘ Łtvonalak:
Nincs
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 mswsock.dll [File Not found] ()
Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/19/2012 02:56:35 PM) (Source: SignInAssistant) (User: )
Description: StartService failed with hr = 0x8007041d

Error: (01/19/2012 02:56:35 PM) (Source: Application Error) (User: )
Description: A hibát okozó alkalmazás neve: WLIDSVC.EXE, verzió: 7.250.4232.0, időbélyeg: 0x4d915296
A hibát okozó modul neve: unknown, verzió: 0.0.0.0, időbélyeg: 0x00000000
Kivételkód: 0xc0000005
Hiba pozíciója: 0x00493c00
A hibát okozó folyamat azonosítója: 0x16ac
A hibát okozó alkalmazás indításának időpontja: 0xWLIDSVC.EXE0
A hibát okozó alkalmazás elérési útja: WLIDSVC.EXE1
A hibát okozó modul elérési útja: WLIDSVC.EXE2
Jelentés azonosítója: WLIDSVC.EXE3

Error: (01/19/2012 03:51:14 AM) (Source: SignInAssistant) (User: )
Description: StartService failed with hr = 0x8007041d

Error: (01/19/2012 03:51:13 AM) (Source: Application Error) (User: )
Description: A hibát okozó alkalmazás neve: WLIDSVC.EXE, verzió: 7.250.4232.0, időbélyeg: 0x4d915296
A hibát okozó modul neve: unknown, verzió: 0.0.0.0, időbélyeg: 0x00000000
Kivételkód: 0xc0000005
Hiba pozíciója: 0x00493c00
A hibát okozó folyamat azonosítója: 0x53c
A hibát okozó alkalmazás indításának időpontja: 0xWLIDSVC.EXE0
A hibát okozó alkalmazás elérési útja: WLIDSVC.EXE1
A hibát okozó modul elérési útja: WLIDSVC.EXE2
Jelentés azonosítója: WLIDSVC.EXE3

Error: (01/19/2012 02:32:50 AM) (Source: SideBySide) (User: )
Description: Az aktiválási környezet létrehozása "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1" esetében nem sikerült. Hiba a(z) "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" jegyzék- vagy házirendfájl Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3. sorában.
A jegyzékben talált összetevő identitása nem egyezik meg a kért összetevő identitásával.
Hivatkozás: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definíció: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Használja a sxstrace.exe fájlt a részletes diagnosztikához.

Error: (01/19/2012 02:31:05 AM) (Source: SideBySide) (User: )
Description: Az aktiválási környezet létrehozása "1" esetében nem sikerült. Hiba a(z) "2" jegyzék- vagy házirendfájl 3. sorában.
A requestedPrivileges elem többszöri előfordulása nem megengedett a jegyzékben.

Error: (01/19/2012 01:33:21 AM) (Source: SignInAssistant) (User: )
Description: StartService failed with hr = 0x8007041d

Error: (01/19/2012 01:33:20 AM) (Source: Application Error) (User: )
Description: A hibát okozó alkalmazás neve: WLIDSVC.EXE, verzió: 7.250.4232.0, időbélyeg: 0x4d915296
A hibát okozó modul neve: unknown, verzió: 0.0.0.0, időbélyeg: 0x00000000
Kivételkód: 0xc0000005
Hiba pozíciója: 0x00493c00
A hibát okozó folyamat azonosítója: 0x928
A hibát okozó alkalmazás indításának időpontja: 0xWLIDSVC.EXE0
A hibát okozó alkalmazás elérési útja: WLIDSVC.EXE1
A hibát okozó modul elérési útja: WLIDSVC.EXE2
Jelentés azonosítója: WLIDSVC.EXE3

Error: (01/19/2012 01:33:19 AM) (Source: SignInAssistant) (User: )
Description: StartService failed with hr = 0x8007041d

Error: (01/19/2012 01:33:19 AM) (Source: Application Error) (User: )
Description: A hibát okozó alkalmazás neve: WLIDSVC.EXE, verzió: 7.250.4232.0, időbélyeg: 0x4d915296
A hibát okozó modul neve: unknown, verzió: 0.0.0.0, időbélyeg: 0x00000000
Kivételkód: 0xc0000005
Hiba pozíciója: 0x00493c00
A hibát okozó folyamat azonosítója: 0x91c
A hibát okozó alkalmazás indításának időpontja: 0xWLIDSVC.EXE0
A hibát okozó alkalmazás elérési útja: WLIDSVC.EXE1
A hibát okozó modul elérési útja: WLIDSVC.EXE2
Jelentés azonosítója: WLIDSVC.EXE3


System errors:
=============
Error: (01/19/2012 02:56:35 PM) (Source: Service Control Manager) (User: )
Description: A szolgáltatás (Windows Live ID Sign-in Assistant) a következő hiba következtében leállt:
%%1053

Error: (01/19/2012 02:56:35 PM) (Source: Service Control Manager) (User: )
Description: Letelt egy időkorlát (30000 ms) a(z) Windows Live ID Sign-in Assistant szolgáltatás kapcsolódására való várakozás közben.

Error: (01/19/2012 09:33:47 AM) (Source: Microsoft-Windows-HAL) (User: )
Description: A platform belső vezérlőprogramja memóriahibát okozott a rendszer energiaállapotának korábbi módosítása során. Ellenőrizze, hogy nincsenek-e elérhető belsővezérlőprogram-frissítések a rendszerhez.

Error: (01/19/2012 03:51:14 AM) (Source: Service Control Manager) (User: )
Description: A szolgáltatás (Windows Live ID Sign-in Assistant) a következő hiba következtében leállt:
%%1053

Error: (01/19/2012 03:51:14 AM) (Source: Service Control Manager) (User: )
Description: Letelt egy időkorlát (30000 ms) a(z) Windows Live ID Sign-in Assistant szolgáltatás kapcsolódására való várakozás közben.

Error: (01/19/2012 03:50:52 AM) (Source: Service Control Manager) (User: )
Description: A szolgáltatás (TrueVector Internet Monitor) a következő hiba következtében leállt:
%%577

Error: (01/19/2012 02:37:45 AM) (Source: Microsoft-Windows-HAL) (User: )
Description: A platform belső vezérlőprogramja memóriahibát okozott a rendszer energiaállapotának korábbi módosítása során. Ellenőrizze, hogy nincsenek-e elérhető belsővezérlőprogram-frissítések a rendszerhez.

Error: (01/19/2012 02:37:43 AM) (Source: Service Control Manager) (User: )
Description: A szolgáltatás (TrueVector Internet Monitor) a következő hiba következtében leállt:
%%577

Error: (01/19/2012 02:37:41 AM) (Source: Service Control Manager) (User: )
Description: A szolgáltatás (TrueVector Internet Monitor) a következő hiba következtében leállt:
%%577

Error: (01/19/2012 02:37:39 AM) (Source: Service Control Manager) (User: )
Description: A szolgáltatás (TrueVector Internet Monitor) a következő hiba következtében leállt:
%%577


Microsoft Office Sessions:
=========================
Error: (01/19/2012 02:56:35 PM) (Source: SignInAssistant)(User: )
Description: StartService failed with hr = 0x8007041d

Error: (01/19/2012 02:56:35 PM) (Source: Application Error)(User: )
Description: WLIDSVC.EXE7.250.4232.04d915296unknown0.0.0.000000000c000000500493c0016ac01ccd6ba811e285bC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEunknownc7c0c54d-42ad-11e1-879d-00197ebd611c

Error: (01/19/2012 03:51:14 AM) (Source: SignInAssistant)(User: )
Description: StartService failed with hr = 0x8007041d

Error: (01/19/2012 03:51:13 AM) (Source: Application Error)(User: )
Description: WLIDSVC.EXE7.250.4232.04d915296unknown0.0.0.000000000c000000500493c0053c01ccd65d8dfa5f12C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEunknownd49e82a5-4250-11e1-879d-00197ebd611c

Error: (01/19/2012 02:32:50 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files\Uniblue\driverscanner\DriverInstaller64.exec:\program files\Uniblue\driverscanner\Microsoft.VC90.CRT.MANIFEST11

Error: (01/19/2012 02:31:05 AM) (Source: SideBySide)(User: )
Description: C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (01/19/2012 01:33:21 AM) (Source: SignInAssistant)(User: )
Description: StartService failed with hr = 0x8007041d

Error: (01/19/2012 01:33:20 AM) (Source: Application Error)(User: )
Description: WLIDSVC.EXE7.250.4232.04d915296unknown0.0.0.000000000c000000500493c0092801ccd64a53cbcb1fC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEunknown917d18c0-423d-11e1-879d-00197ebd611c

Error: (01/19/2012 01:33:19 AM) (Source: SignInAssistant)(User: )
Description: StartService failed with hr = 0x8007041d

Error: (01/19/2012 01:33:19 AM) (Source: Application Error)(User: )
Description: WLIDSVC.EXE7.250.4232.04d915296unknown0.0.0.000000000c000000500493c0091c01ccd64a52e9a865C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEunknown909af606-423d-11e1-879d-00197ebd611c


=========================== Installed Programs ============================

888poker
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.26)
Adobe Flash Player 10 Plugin (Version: 10.3.183.7)
Adobe Reader X (10.1.0) (Version: 10.1.0)
Advanced SystemCare 5 (Version: 5.0.0)
Apple Application Support (Version: 1.5.1)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.3.127)
ľTorrent (Version: 1.7.1)
ľTorrent (Version: 2.2.1)
Azada In Libro Collectors Edition 1.00
Bonjour (Version: 2.0.5.0)
CCleaner (Version: 3.13)
CleanMyPC - Registry Cleaner
D3DX10 (Version: 15.4.2368.0902)
Dell Touchpad (Version: 7.1007.101.210)
DivX Setup (Version: 2.6.1.3)
ESET Online Scanner v3
Gold Miner Vegas
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.79)
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.58)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1930)
iTunes (Version: 10.2.2.14)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
Junk Mail filter update (Version: 15.4.3502.0922)
Logitech Webcam Software (Version: 12.10.1113)
Malwarebytes Anti-Malware 1.60.0.1800 verzió (Version: 1.60.0.1800)
Mesh Runtime (Version: 15.4.5722.2)
Messenger kísérő (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox (3.6.25) (Version: 3.6.25 (hu))
MSVCRT (Version: 15.4.2862.0708)
MySQL Connector/ODBC 3.51 (Version: 3.51.12)
Nielsen
OpenOffice.org 3.3 (Version: 3.3.9567)
PokerStars
PokerStove version 1.23
QuickTime (Version: 7.69.80.9)
Royal Envoy II Collector's Edition 1.0 verzió (Version: 1.0)
Sherlock Holmes - The Mystery of the Persian Carpet 1.00
Sky Poker (Version: 1.74)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.5 (Version: 5.5.124)
Super HUD
SUPERAntiSpyware (Version: 5.0.1142)
SyTools Open Office Writer Recovery
T-Mobile Internet Manager (Version: 11.301.05.06.105)
Total Commander (Remove or Repair) (Version: 7.56a)
Uniblue DriverScanner
Uniblue RegistryBooster (Version: 6.0.3.6)
Uniblue SpeedUpMyPC
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VLC media player 1.1.11 (Version: 1.1.11)
VoiceOver Kit (Version: 1.40.128.0)
Winamp (Version: 5.601 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
WinRAR 4.00 beta 7 (32-bit) (Version: 4.00.7)
Xvid 1.2.1 final uninstall (Version: 1.2)
ZoneAlarm (Version: 9.2.105.000)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 2038.12 MB
Available physical RAM: 1227.95 MB
Total Pagefile: 5095.12 MB
Available Pagefile: 4076.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1930.75 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:25 GB) (Free:0.39 GB) NTFS
2 Drive d: () (Fixed) (Total:207 GB) (Free:97.22 GB) NTFS
3 Drive e: (THE_SCARLET_PIMPERNELL_VOL_1) (CDROM) (Total:4.01 GB) (Free:0 GB) UDF

========================= Users: ========================================

\\BABUCI-PC felhaszn l˘i fi˘kjai

Babuci Rendszergazda Vend‚g
A parancs sikeresen v‚grehajtva.

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

(please note that i am aware of the risk of ľTorrent, i havent used it in the last 6-8 months and i only use when it is absolutely necessary and it was partially the reason why i got the full version of MBAM, to monitor P2P trafic as well)

i reckon these logs tell you a lot and thanks a lot for the help

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:48 AM

Posted 19 January 2012 - 03:15 PM

Hello, We still have a buried ZeroaccessRootkit. It will require specific help.

We need a deeper look. Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If Gmer won't run,skip it and move on.
Include a link back to this topic.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 MsYvaine

MsYvaine
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:uk-london
  • Local time:08:48 AM

Posted 19 January 2012 - 05:45 PM

thanks for the prompt reply, i had a funny feeling you'd come back, so did i

there are some improvements: not all searches get redirected, less noise and mbam is working sometimes
however, my computer switched off out of the blue twice, which is the worst of all this as i dont want to loose it
or get another one, etc.

i did the steps, everything was fine, but took a long time, posted the logs and now waiting, ill keep you up-to-date

and last, but not least, i like your dedication, guys!

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:48 AM

Posted 19 January 2012 - 09:05 PM

Thank you. In a few days all we be fine.

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 5 days and ALL logs are amswered.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users