Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirect virus very stubborn


  • Please log in to reply
29 replies to this topic

#1 Roxma

Roxma

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 17 April 2012 - 09:41 PM

Hello guys and gals,

Almost a week ago my system became infecteded with what I've come to know as the "smart hdd" virus. I was able to remove this with malwarebytes. However, I then found myself infected with a virus that keeps sending me to bogus sites when I try and use search engines. I've also found that my Facebook has been compromised, as I apparently "liked" several dog food ads or random blogs. I've updated and run mbam, avast, superantispyware, all with no luck. I've updated and run these scans daily for the past several days.

Please keep in mind I am NOT a computer person. I tried to resolve the issue myself but I have no idea about logs from these virus scanners or anything of that nature, so please talk to me like a total idiot; I wont mind if it cleanses my computer. I almost ran combo fix from reading forms, but it's many, many warnings caused me to chicken out at the last second (probably for the best.)

Please help, I want my computer back to normal! I have even removed my p2p software (and will NEVER be reinstalling it after all this!!!)

Thank you so much in advance

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:48 AM

Posted 17 April 2012 - 10:01 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Roxma

Roxma
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 18 April 2012 - 09:58 AM

Hello Broni! Thanks for the quick reply! I ran everything you asked me to run in order, here are the results:

1) Security check
I originally thought this wasn't working as it sat on the "preparing done!" screen for a while, so I just let it run in the background while I ran Farbar scanner. At that point I realized it is running, just slowly. Here are the results:

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is disabled!)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
avast! Free Antivirus
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 31
````````````````````````````````
Process Check:
objlist.exe by Laurent

Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 AvastUI.exe
``````````End of Log````````````



2) Farbar service scanner


Farbar Service Scanner Version: 16-04-2012
Ran by Owner (administrator) on 18-04-2012 at 10:35:35
Running from "C:\Users\Owner\Downloads"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-16 02:09] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 20:09] - [2009-07-13 21:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 19:36] - [2009-07-13 21:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2009-07-13 20:36] - [2009-07-13 21:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****





3) MiniToolBox

MiniToolBox by Farbar Version: 18-01-2012
Ran by Owner (administrator) on 18-04-2012 at 10:41:32
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Owner-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : cgocable.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : cgocable.net
Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
Physical Address. . . . . . . . . : 00-26-18-0E-3B-1E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9111:5a76:b68d:b890%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.13(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : April-17-12 12:16:10 AM
Lease Expires . . . . . . . . . . : April-24-12 1:15:07 PM
Default Gateway . . . . . . . . . : fe80::224:1ff:fe78:bfa1%9
192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.cgocable.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : cgocable.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:c11:2284:e7db:dd4f(Preferred)
Link-local IPv6 Address . . . . . : fe80::c11:2284:e7db:dd4f%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 74.125.226.3
74.125.226.4
74.125.226.14
74.125.226.5
74.125.226.8
74.125.226.1
74.125.226.9
74.125.226.7
74.125.226.0
74.125.226.2
74.125.226.6


Pinging google.com [74.125.226.6] with 32 bytes of data:
Reply from 74.125.226.6: bytes=32 time=10ms TTL=57
Reply from 74.125.226.6: bytes=32 time=12ms TTL=57

Ping statistics for 74.125.226.6:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 12ms, Average = 11ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
9...00 26 18 0e 3b 1e ......NVIDIA nForce 10/100 Mbps Ethernet
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
10...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.13 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.13 276
192.168.0.13 255.255.255.255 On-link 192.168.0.13 276
192.168.0.255 255.255.255.255 On-link 192.168.0.13 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.13 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.13 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 58 ::/0 On-link
9 276 ::/0 fe80::224:1ff:fe78:bfa1
1 306 ::1/128 On-link
10 58 2001::/32 On-link
10 306 2001:0:5ef5:79fd:c11:2284:e7db:dd4f/128
On-link
9 276 fe80::/64 On-link
10 306 fe80::/64 On-link
10 306 fe80::c11:2284:e7db:dd4f/128
On-link
9 276 fe80::9111:5a76:b68d:b890/128
On-link
1 306 ff00::/8 On-link
10 306 ff00::/8 On-link
9 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/18/2012 00:32:21 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/18/2012 00:31:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (04/17/2012 02:16:42 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/17/2012 02:15:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (04/17/2012 00:16:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2012 04:51:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2012 02:59:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2012 02:19:30 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/16/2012 02:17:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (04/15/2012 01:16:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (04/18/2012 07:33:49 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.123.1936.0).

Error: (04/18/2012 07:33:37 AM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (04/17/2012 01:16:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.123.1936.0).

Error: (04/17/2012 01:16:07 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (04/17/2012 00:16:19 AM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (04/17/2012 00:16:06 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:14:12 AM on ?4/?17/?2012 was unexpected.

Error: (04/16/2012 04:50:52 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (04/14/2012 04:33:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80004005: Windows 7 Service Pack 1 for x64-based Systems (KB976932).

Error: (04/14/2012 04:21:21 AM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (04/14/2012 04:01:50 AM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}


Microsoft Office Sessions:
=========================
Error: (04/18/2012 00:32:21 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files (x86)\Python\Lib\distutils\command\wininst-8_d.exe

Error: (04/18/2012 00:31:32 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (04/17/2012 02:16:42 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files (x86)\Python\Lib\distutils\command\wininst-8_d.exe

Error: (04/17/2012 02:15:52 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (04/17/2012 00:16:45 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2012 04:51:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2012 02:59:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2012 02:19:30 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files (x86)\Python\Lib\distutils\command\wininst-8_d.exe

Error: (04/16/2012 02:17:52 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (04/15/2012 01:16:35 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files (x86)\Python\Lib\distutils\command\wininst-8_d.exe


=========================== Installed Programs ============================

Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe AIR (Version: 1.5.3.9120)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.233)
Adobe Reader 9.5.1 (Version: 9.5.1)
Agere Systems PCI-SV92EX Soft Modem
Android-Sync v0.387
ANIWZCS2 Service
Antares Auto-Tune 5 VST (Version: 5.00.0007)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.710.0)
AudioBox USB driver
avast! Free Antivirus (Version: 7.0.1426.0)
Battlefield 3™ Open Beta (Version: 1.0.0.0)
Battlelog Web Plugins (Version: 0.80.0)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.35)
BlackBerry Device Software Updater (Version: 6.0.1.37)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0127.2137.38780)
Catalyst Control Center Graphics Full Existing (Version: 2009.0127.2137.38780)
Catalyst Control Center Graphics Full New (Version: 2009.0127.2137.38780)
Catalyst Control Center Graphics Light (Version: 2009.0127.2137.38780)
Catalyst Control Center Graphics Previews Common (Version: 2009.0127.2137.38780)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0127.2137.38780)
Catalyst Control Center InstallProxy (Version: 2009.0127.2137.38780)
Catalyst Control Center Localization All (Version: 2009.0127.2137.38780)
ccc-core-static (Version: 2009.0127.2137.38780)
ccc-utility64 (Version: 2009.0127.2137.38780)
CCC Help Chinese Standard (Version: 2009.0127.2136.38780)
CCC Help Chinese Traditional (Version: 2009.0127.2136.38780)
CCC Help Czech (Version: 2009.0127.2136.38780)
CCC Help Danish (Version: 2009.0127.2136.38780)
CCC Help Dutch (Version: 2009.0127.2136.38780)
CCC Help English (Version: 2009.0127.2136.38780)
CCC Help Finnish (Version: 2009.0127.2136.38780)
CCC Help French (Version: 2009.0127.2136.38780)
CCC Help German (Version: 2009.0127.2136.38780)
CCC Help Greek (Version: 2009.0127.2136.38780)
CCC Help Hungarian (Version: 2009.0127.2136.38780)
CCC Help Italian (Version: 2009.0127.2136.38780)
CCC Help Japanese (Version: 2009.0127.2136.38780)
CCC Help Korean (Version: 2009.0127.2136.38780)
CCC Help Norwegian (Version: 2009.0127.2136.38780)
CCC Help Polish (Version: 2009.0127.2136.38780)
CCC Help Portuguese (Version: 2009.0127.2136.38780)
CCC Help Russian (Version: 2009.0127.2136.38780)
CCC Help Spanish (Version: 2009.0127.2136.38780)
CCC Help Swedish (Version: 2009.0127.2136.38780)
CCC Help Thai (Version: 2009.0127.2136.38780)
CCC Help Turkish (Version: 2009.0127.2136.38780)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CyberLink DVD Suite Deluxe (Version: 6.0.2602)
D-Link Wireless N DWA-130 (Version: 1.00.0000)
Default Manager (Version: 1.0.105.0)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
eLicenser Control
ESN Sonar (Version: 0.70.0)
Google Chrome (Version: 18.0.1025.162)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
Hardware Diagnostic Tools (Version: 5.1.5144.16)
HP Active Support Library (Version: 3.1.10.1)
HP Customer Experience Enhancements (Version: 5.7.0.2945)
HP Games (Version: 1.0.0.66)
HP MediaSmart DVD (Version: 2.2.2719)
HP MediaSmart Music/Photo/Video (Version: 2.2.2809)
HP MediaSmart SmartMenu (Version: 2.1.12)
HP Odometer (Version: 2.10.0000)
HP Picasso Media Center Add-In (Version: 1.0.0)
HP Recovery Manager RSS (Version: 92.0.0.11)
HP Remote Software (Version: 1.0.5.0)
HP Support Information (Version: 10.1.0001)
HP Total Care Setup (Version: 1.2.2854.2975)
HP Update (Version: 4.000.013.003)
HPAsset component for HP Active Support Library (Version: 3.0.0.7)
iCloud (Version: 1.0.2.17)
iTunes (Version: 10.5.1.42)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
LabelPrint (Version: 2.5.1402)
LightScribe System Software (Version: 1.18.3.2)
Logitech GamePanel Software 3.03.133 (Version: 3.03.133)
LSI PCI-SV92EX Soft Modem (Version: 2.2.98)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Live Search Toolbar (Version: 3.0.552.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.0.61118.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA 3D Vision Controller Driver 285.62 (Version: 285.62)
NVIDIA 3D Vision Driver 285.62 (Version: 285.62)
NVIDIA Control Panel 285.62 (Version: 285.62)
NVIDIA Drivers (Version: 1.6)
NVIDIA Graphics Driver 285.62 (Version: 285.62)
NVIDIA HD Audio Driver 1.2.24.0 (Version: 1.2.24.0)
NVIDIA Install Application (Version: 2.1002.46.235)
NVIDIA PhysX (Version: 9.11.0621)
NVIDIA PhysX System Software 9.11.0621 (Version: 9.11.0621)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.8562)
NVIDIA Update 1.5.20 (Version: 1.5.20)
NVIDIA Update Components (Version: 1.5.20)
OF Dragon Rising (Version: 1.00.0000)
Origin (Version: 8.2.6.475)
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
Power2Go (Version: 6.0.2602)
PowerDirector (Version: 7.0.2611)
PrimoPDF -- by Nitro PDF Software (Version: 5.0.0.19)
PunkBuster Services (Version: 0.991)
Python 2.6 pywin32-212 (Version: 2.12)
Python 2.6.1 (Version: 2.6.1150)
QuickTime (Version: 7.69.80.9)
RangeBooster G WUA-2340
Realtek High Definition Audio Driver (Version: 6.0.1.5910)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.8.0)
Seagate Dashboard (Version: 1.1.0.1421)
Seagate DiscWizard (Version: 11.0.8326)
Skins (Version: 2009.0127.2137.38780)
Star Wars: The Old Republic (Version: 1.00)
StarCraft II (Version: 1.0.2.16223)
Steinberg Cubase LE AI Elements 6 64bit (Version: 6.0.2)
Steinberg Drum Loop Expansion 01 (Version: 2.0.0.0)
Steinberg Groove Agent ONE Content (Version: 1.0.0.003)
Steinberg Groove Agent ONE Vintage Beatboxes (Version: 1.0.0.000)
Steinberg HALion Sonic SE 64bit (Version: 1.5.2)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (Version: 1.5.2.000)
SUPERAntiSpyware (Version: 5.0.1146)
System Requirements Lab
System Requirements Lab (Version: 4.1.72.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Ventrilo Client (Version: 3.0.5)
VLC media player 1.1.7 (Version: 1.1.7)
Windows Driver Package - SteelSeries (HidUsb) HIDClass (11/06/2008 1.0.0.0) (Version: 11/06/2008 1.0.0.0)
World of Warcraft (Version: 4.1.0.13914)
World of Warcraft MMO Gaming Mouse (Version: 1.12.0000)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 49%
Total physical RAM: 8191.22 MB
Available physical RAM: 4115.59 MB
Total Pagefile: 16380.59 MB
Available Pagefile: 11966.25 MB
Total Virtual: 4095.88 MB
Available Virtual: 3954.95 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:684.56 GB) (Free:123.81 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:14.07 GB) (Free:1.98 GB) NTFS
8 Drive j: (KINGSTON) (Removable) (Total:3.73 GB) (Free:0.13 GB) FAT32

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator ASPNET Guest
Mcx1-OWNER-PC Owner UpdatusUser


**** End of log ****


4) Malwarebytes

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.18.05

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Owner :: OWNER-PC [administrator]

18/04/2012 10:43:34 AM
mbam-log-2012-04-18 (10-43-34).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 242945
Time elapsed: 3 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


5) aswMBR

This program wouldn't run.... I had my avast real time shields off before running any of the other programs (it was still off from when I almost ran combofix), and my mouse would show the loading symbol, but nothing would happen. I turned my avast shields back on, and the loading symbol lasted longer, but still nothing. It's been several minutes, and nothing has happened.

That should be all of them! Thank you so much, I'm on the edge of my seat!

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:48 AM

Posted 18 April 2012 - 10:54 AM

Download Bootkit Remover to your desktop.

  • Unzip downloaded file to your Desktop.
  • Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
  • It will show a Black screen with some data on it.
  • Right click on the screen and click Select All.
  • Press CTRL+C
  • Open a Notepad and press CTRL+V
  • Post the output back here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 Roxma

Roxma
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 18 April 2012 - 11:27 AM

Ok, when I opened bootkit I got an error message, although it still opened. Message said:
ATA_PASS_THROUGH_DIRECT is not supported by your disk controller.
SCSI_PASS_THROUGH_DIRECT will be use for disk I/O

Only option was to click OK, which I did. Here's the log.

Bootkit Remover
© 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows 7 Home Premium Edition (build 7600), 64-bit

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
ATA_Read(): DeviceIoControl() ERROR 1
Boot sector MD5 is: bb4f1627d8b9beda49ac0d010229f3ff

Size Device Name MBR Status
--------------------------------------------
698 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)


Done;
Press any key to quit...

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:48 AM

Posted 18 April 2012 - 11:29 AM

Which browser is getting redirected?

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 Roxma

Roxma
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 18 April 2012 - 11:42 AM

Both internet explorer and google chrome are being redirected. I thought I had firefox but aparently I don't...

I'll try the next step now and post when it's done, thanks!

#8 Roxma

Roxma
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 18 April 2012 - 12:18 PM

So it's done, and gave me a message saying it didn't find any modifications. I clicked OK and then save, saved the log, but when I open it, it is blank...

And the only things that were checked at the side are servies, registry, and files. It came that way, and I can't check any additional boxes

#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:48 AM

Posted 18 April 2012 - 12:19 PM

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#10 Roxma

Roxma
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 18 April 2012 - 12:42 PM

Good sir, you've done it!!! It found a file, I rebooted, and ta-da! No more redirect virus! I just want to say thank you so much! The fact that there are people like you on this site helping others clear their computers of nasty viruses is really quite amazing. Thank you so much, your help is very, very appreciated!


Here's the log:

13:24:34.0839 1844 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
13:24:35.0083 1844 ============================================================
13:24:35.0083 1844 Current date / time: 2012/04/18 13:24:35.0083
13:24:35.0083 1844 SystemInfo:
13:24:35.0083 1844
13:24:35.0083 1844 OS Version: 6.1.7600 ServicePack: 0.0
13:24:35.0083 1844 Product type: Workstation
13:24:35.0083 1844 ComputerName: OWNER-PC
13:24:35.0084 1844 UserName: Owner
13:24:35.0084 1844 Windows directory: C:\Windows
13:24:35.0084 1844 System windows directory: C:\Windows
13:24:35.0084 1844 Running under WOW64
13:24:35.0084 1844 Processor architecture: Intel x64
13:24:35.0084 1844 Number of processors: 4
13:24:35.0084 1844 Page size: 0x1000
13:24:35.0084 1844 Boot type: Normal boot
13:24:35.0084 1844 ============================================================
13:24:36.0323 1844 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:24:36.0370 1844 \Device\Harddisk0\DR0:
13:24:36.0370 1844 MBR partitions:
13:24:36.0370 1844 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x5591C514
13:24:36.0370 1844 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x5591C553, BlocksNum 0x1C2519D
13:24:36.0393 1844 C: <-> \Device\Harddisk0\DR0\Partition0
13:24:36.0437 1844 D: <-> \Device\Harddisk0\DR0\Partition1
13:24:36.0438 1844 Initialize success
13:24:36.0438 1844 ============================================================
13:24:57.0153 3896 ============================================================
13:24:57.0153 3896 Scan started
13:24:57.0153 3896 Mode: Manual;
13:24:57.0153 3896 ============================================================
13:24:57.0817 3896 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
13:24:57.0819 3896 !SASCORE - ok
13:24:57.0935 3896 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
13:24:57.0941 3896 1394ohci - ok
13:24:57.0977 3896 61883 (e0a8525a951addb4655bc2068566407d) C:\Windows\system32\DRIVERS\61883.sys
13:24:57.0981 3896 61883 - ok
13:24:58.0039 3896 A5AGU (4365ccab66ceb1b831abef450a23176b) C:\Windows\system32\DRIVERS\AGUx64.sys
13:24:58.0074 3896 A5AGU - ok
13:24:58.0145 3896 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
13:24:58.0150 3896 ACPI - ok
13:24:58.0186 3896 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
13:24:58.0187 3896 AcpiPmi - ok
13:24:58.0277 3896 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:24:58.0282 3896 AdobeFlashPlayerUpdateSvc - ok
13:24:58.0326 3896 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:24:58.0338 3896 adp94xx - ok
13:24:58.0362 3896 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:24:58.0368 3896 adpahci - ok
13:24:58.0386 3896 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:24:58.0390 3896 adpu320 - ok
13:24:58.0421 3896 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:24:58.0423 3896 AeLookupSvc - ok
13:24:58.0483 3896 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
13:24:58.0486 3896 AFD - ok
13:24:58.0551 3896 AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
13:24:58.0552 3896 AgereModemAudio - ok
13:24:58.0615 3896 AgereSoftModem (a6ab6f0ace87da76b4c401813d18be95) C:\Windows\system32\DRIVERS\agrsm64.sys
13:24:58.0667 3896 AgereSoftModem - ok
13:24:58.0903 3896 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:24:58.0907 3896 agp440 - ok
13:24:58.0936 3896 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:24:58.0939 3896 ALG - ok
13:24:58.0960 3896 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:24:58.0962 3896 aliide - ok
13:24:58.0991 3896 AMD External Events Utility (6290ba92ca8a23db6bed83397cf97002) C:\Windows\system32\atiesrxx.exe
13:24:58.0994 3896 AMD External Events Utility - ok
13:24:59.0016 3896 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:24:59.0018 3896 amdide - ok
13:24:59.0042 3896 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:24:59.0044 3896 AmdK8 - ok
13:24:59.0069 3896 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:24:59.0071 3896 AmdPPM - ok
13:24:59.0106 3896 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
13:24:59.0108 3896 amdsata - ok
13:24:59.0120 3896 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:24:59.0124 3896 amdsbs - ok
13:24:59.0146 3896 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
13:24:59.0148 3896 amdxata - ok
13:24:59.0185 3896 anodlwf (126188e4f5f457b0e8336f1781229ee1) C:\Windows\system32\DRIVERS\anodlwfx.sys
13:24:59.0187 3896 anodlwf - ok
13:24:59.0218 3896 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
13:24:59.0220 3896 AppID - ok
13:24:59.0239 3896 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:24:59.0241 3896 AppIDSvc - ok
13:24:59.0253 3896 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
13:24:59.0256 3896 Appinfo - ok
13:24:59.0310 3896 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:24:59.0312 3896 Apple Mobile Device - ok
13:24:59.0343 3896 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:24:59.0345 3896 arc - ok
13:24:59.0362 3896 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:24:59.0365 3896 arcsas - ok
13:24:59.0408 3896 aspnet_state - ok
13:24:59.0434 3896 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
13:24:59.0435 3896 aswFsBlk - ok
13:24:59.0479 3896 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
13:24:59.0482 3896 aswMonFlt - ok
13:24:59.0513 3896 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
13:24:59.0515 3896 aswRdr - ok
13:24:59.0613 3896 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
13:24:59.0631 3896 aswSnx - ok
13:24:59.0654 3896 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
13:24:59.0660 3896 aswSP - ok
13:24:59.0684 3896 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
13:24:59.0686 3896 aswTdi - ok
13:24:59.0707 3896 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:24:59.0709 3896 AsyncMac - ok
13:24:59.0755 3896 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:24:59.0757 3896 atapi - ok
13:24:59.0930 3896 atikmdag (29623db7e23b65f0c50ca19d7e0dfd03) C:\Windows\system32\DRIVERS\atikmdag.sys
13:25:00.0050 3896 atikmdag - ok
13:25:00.0125 3896 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
13:25:00.0141 3896 AudioEndpointBuilder - ok
13:25:00.0156 3896 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
13:25:00.0162 3896 AudioSrv - ok
13:25:00.0254 3896 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
13:25:00.0257 3896 avast! Antivirus - ok
13:25:00.0291 3896 Avc (16fabe84916623d0607e4a975544032c) C:\Windows\system32\DRIVERS\avc.sys
13:25:00.0295 3896 Avc - ok
13:25:00.0336 3896 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
13:25:00.0341 3896 AxInstSV - ok
13:25:00.0381 3896 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:25:00.0392 3896 b06bdrv - ok
13:25:00.0424 3896 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:25:00.0431 3896 b57nd60a - ok
13:25:00.0455 3896 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:25:00.0489 3896 BDESVC - ok
13:25:00.0506 3896 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:25:00.0509 3896 Beep - ok
13:25:00.0585 3896 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
13:25:00.0597 3896 BFE - ok
13:25:00.0634 3896 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
13:25:00.0645 3896 BITS - ok
13:25:00.0675 3896 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:25:00.0677 3896 blbdrive - ok
13:25:00.0718 3896 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
13:25:00.0726 3896 Bonjour Service - ok
13:25:00.0753 3896 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
13:25:00.0757 3896 bowser - ok
13:25:00.0777 3896 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:25:00.0780 3896 BrFiltLo - ok
13:25:00.0802 3896 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:25:00.0805 3896 BrFiltUp - ok
13:25:00.0863 3896 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
13:25:00.0867 3896 BridgeMP - ok
13:25:01.0130 3896 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
13:25:01.0135 3896 Browser - ok
13:25:01.0160 3896 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:25:01.0168 3896 Brserid - ok
13:25:01.0191 3896 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:25:01.0194 3896 BrSerWdm - ok
13:25:01.0217 3896 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:25:01.0219 3896 BrUsbMdm - ok
13:25:01.0231 3896 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:25:01.0233 3896 BrUsbSer - ok
13:25:01.0256 3896 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:25:01.0258 3896 BTHMODEM - ok
13:25:01.0281 3896 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:25:01.0285 3896 bthserv - ok
13:25:01.0301 3896 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:25:01.0303 3896 cdfs - ok
13:25:01.0358 3896 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\drivers\cdrom.sys
13:25:01.0363 3896 cdrom - ok
13:25:01.0379 3896 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
13:25:01.0384 3896 CertPropSvc - ok
13:25:01.0397 3896 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:25:01.0400 3896 circlass - ok
13:25:01.0450 3896 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:25:01.0460 3896 CLFS - ok
13:25:01.0509 3896 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:25:01.0512 3896 clr_optimization_v2.0.50727_32 - ok
13:25:01.0554 3896 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:25:01.0557 3896 clr_optimization_v2.0.50727_64 - ok
13:25:01.0631 3896 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:25:01.0634 3896 clr_optimization_v4.0.30319_32 - ok
13:25:01.0651 3896 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:25:01.0655 3896 clr_optimization_v4.0.30319_64 - ok
13:25:01.0678 3896 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:25:01.0680 3896 CmBatt - ok
13:25:01.0721 3896 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:25:01.0723 3896 cmdide - ok
13:25:01.0773 3896 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
13:25:01.0784 3896 CNG - ok
13:25:01.0807 3896 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:25:01.0810 3896 Compbatt - ok
13:25:01.0848 3896 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
13:25:01.0852 3896 CompositeBus - ok
13:25:01.0863 3896 COMSysApp - ok
13:25:01.0891 3896 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:25:01.0893 3896 crcdisk - ok
13:25:01.0932 3896 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
13:25:01.0935 3896 CryptSvc - ok
13:25:01.0970 3896 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
13:25:01.0979 3896 DcomLaunch - ok
13:25:01.0995 3896 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:25:02.0001 3896 defragsvc - ok
13:25:02.0027 3896 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
13:25:02.0030 3896 DfsC - ok
13:25:02.0058 3896 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
13:25:02.0062 3896 Dhcp - ok
13:25:02.0079 3896 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:25:02.0080 3896 discache - ok
13:25:02.0113 3896 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:25:02.0115 3896 Disk - ok
13:25:02.0139 3896 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
13:25:02.0143 3896 Dnscache - ok
13:25:02.0158 3896 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
13:25:02.0163 3896 dot3svc - ok
13:25:02.0179 3896 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
13:25:02.0183 3896 DPS - ok
13:25:02.0231 3896 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:25:02.0234 3896 drmkaud - ok
13:25:02.0294 3896 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
13:25:02.0315 3896 DXGKrnl - ok
13:25:02.0336 3896 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:25:02.0343 3896 EapHost - ok
13:25:02.0438 3896 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:25:02.0504 3896 ebdrv - ok
13:25:02.0538 3896 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
13:25:02.0542 3896 EFS - ok
13:25:02.0587 3896 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
13:25:02.0599 3896 ehRecvr - ok
13:25:02.0629 3896 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:25:02.0630 3896 ehSched - ok
13:25:02.0656 3896 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:25:02.0664 3896 elxstor - ok
13:25:02.0702 3896 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:25:02.0704 3896 ErrDev - ok
13:25:02.0743 3896 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:25:02.0748 3896 EventSystem - ok
13:25:02.0772 3896 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:25:02.0776 3896 exfat - ok
13:25:02.0800 3896 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:25:02.0804 3896 fastfat - ok
13:25:02.0848 3896 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
13:25:02.0866 3896 Fax - ok
13:25:02.0890 3896 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:25:02.0892 3896 fdc - ok
13:25:02.0922 3896 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:25:02.0925 3896 fdPHost - ok
13:25:02.0952 3896 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:25:02.0955 3896 FDResPub - ok
13:25:02.0975 3896 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:25:02.0978 3896 FileInfo - ok
13:25:02.0990 3896 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:25:02.0992 3896 Filetrace - ok
13:25:03.0012 3896 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:25:03.0014 3896 flpydisk - ok
13:25:03.0054 3896 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
13:25:03.0058 3896 FltMgr - ok
13:25:03.0098 3896 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
13:25:03.0124 3896 FontCache - ok
13:25:03.0335 3896 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:25:03.0337 3896 FontCache3.0.0.0 - ok
13:25:03.0350 3896 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:25:03.0353 3896 FsDepends - ok
13:25:03.0402 3896 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
13:25:03.0406 3896 Fs_Rec - ok
13:25:03.0442 3896 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:25:03.0448 3896 fvevol - ok
13:25:03.0478 3896 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:25:03.0482 3896 gagp30kx - ok
13:25:03.0574 3896 GameConsoleService (db3d8979064ce299927cc1da57e9a659) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
13:25:03.0578 3896 GameConsoleService - ok
13:25:03.0629 3896 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:25:03.0633 3896 GEARAspiWDM - ok
13:25:03.0702 3896 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
13:25:03.0720 3896 gpsvc - ok
13:25:03.0773 3896 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:25:03.0777 3896 gupdate - ok
13:25:03.0816 3896 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:25:03.0819 3896 gupdatem - ok
13:25:03.0879 3896 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:25:03.0883 3896 gusvc - ok
13:25:03.0908 3896 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:25:03.0912 3896 hcw85cir - ok
13:25:03.0987 3896 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
13:25:03.0996 3896 HdAudAddService - ok
13:25:04.0056 3896 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
13:25:04.0061 3896 HDAudBus - ok
13:25:04.0080 3896 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:25:04.0084 3896 HidBatt - ok
13:25:04.0105 3896 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:25:04.0110 3896 HidBth - ok
13:25:04.0141 3896 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:25:04.0145 3896 HidIr - ok
13:25:04.0168 3896 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
13:25:04.0172 3896 hidserv - ok
13:25:04.0204 3896 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\drivers\hidusb.sys
13:25:04.0206 3896 HidUsb - ok
13:25:04.0232 3896 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
13:25:04.0236 3896 hkmsvc - ok
13:25:04.0274 3896 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
13:25:04.0280 3896 HomeGroupListener - ok
13:25:04.0317 3896 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
13:25:04.0326 3896 HomeGroupProvider - ok
13:25:04.0419 3896 HP Health Check Service (aa9ef0b395097f24d289f64445b2fd2e) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
13:25:04.0422 3896 HP Health Check Service - ok
13:25:04.0469 3896 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
13:25:04.0472 3896 HpSAMD - ok
13:25:04.0520 3896 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
13:25:04.0534 3896 HTTP - ok
13:25:04.0547 3896 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
13:25:04.0548 3896 hwpolicy - ok
13:25:04.0579 3896 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:25:04.0582 3896 i8042prt - ok
13:25:04.0629 3896 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
13:25:04.0640 3896 iaStorV - ok
13:25:04.0713 3896 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:25:04.0727 3896 idsvc - ok
13:25:04.0741 3896 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:25:04.0742 3896 iirsp - ok
13:25:04.0777 3896 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
13:25:04.0790 3896 IKEEXT - ok
13:25:04.0874 3896 IntcAzAudAddService (bfbabcb231628a4551dbb10d0ea25d62) C:\Windows\system32\drivers\RTKVHD64.sys
13:25:04.0922 3896 IntcAzAudAddService - ok
13:25:04.0968 3896 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:25:04.0970 3896 intelide - ok
13:25:04.0993 3896 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:25:04.0997 3896 intelppm - ok
13:25:05.0027 3896 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:25:05.0034 3896 IPBusEnum - ok
13:25:05.0054 3896 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:25:05.0059 3896 IpFilterDriver - ok
13:25:05.0090 3896 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
13:25:05.0100 3896 iphlpsvc - ok
13:25:05.0142 3896 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
13:25:05.0144 3896 IPMIDRV - ok
13:25:05.0165 3896 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:25:05.0168 3896 IPNAT - ok
13:25:05.0267 3896 iPod Service (4472c8825b5e41d8697d5962f47ab1c9) C:\Program Files\iPod\bin\iPodService.exe
13:25:05.0281 3896 iPod Service - ok
13:25:05.0472 3896 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:25:05.0475 3896 IRENUM - ok
13:25:05.0494 3896 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:25:05.0497 3896 isapnp - ok
13:25:05.0524 3896 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
13:25:05.0528 3896 iScsiPrt - ok
13:25:05.0625 3896 jswpsapi (e45e7b0c8da1fcd568342d4ffa47ad85) C:\Program Files (x86)\D-Link\RangeBooster G WUA-2340\JSWUtilVst\jswpsapi.exe
13:25:05.0640 3896 jswpsapi - ok
13:25:05.0674 3896 JSWPSLWF (5be640e88814b77a9e84b4549b5dcc2c) C:\Windows\system32\DRIVERS\jswpslwfx.sys
13:25:05.0677 3896 JSWPSLWF - ok
13:25:05.0701 3896 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
13:25:05.0703 3896 kbdclass - ok
13:25:05.0762 3896 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
13:25:05.0765 3896 kbdhid - ok
13:25:05.0802 3896 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
13:25:05.0808 3896 KeyIso - ok
13:25:05.0853 3896 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
13:25:05.0858 3896 KSecDD - ok
13:25:05.0877 3896 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
13:25:05.0882 3896 KSecPkg - ok
13:25:05.0901 3896 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:25:05.0904 3896 ksthunk - ok
13:25:05.0952 3896 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:25:05.0960 3896 KtmRm - ok
13:25:05.0995 3896 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
13:25:06.0004 3896 LanmanServer - ok
13:25:06.0040 3896 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
13:25:06.0048 3896 LanmanWorkstation - ok
13:25:06.0087 3896 LGBusEnum (db164eb571fd118d277d939510b0f562) C:\Windows\system32\drivers\LGBusEnum.sys
13:25:06.0089 3896 LGBusEnum - ok
13:25:06.0120 3896 LGVirHid (da1c7839ce72bb724822d1ee597dcb19) C:\Windows\system32\drivers\LGVirHid.sys
13:25:06.0123 3896 LGVirHid - ok
13:25:06.0206 3896 LightScribeService (dfeff67508d3a9aeb1a85d7b0f513b24) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
13:25:06.0209 3896 LightScribeService - ok
13:25:06.0235 3896 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:25:06.0239 3896 lltdio - ok
13:25:06.0274 3896 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:25:06.0287 3896 lltdsvc - ok
13:25:06.0312 3896 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:25:06.0316 3896 lmhosts - ok
13:25:06.0341 3896 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:25:06.0344 3896 LSI_FC - ok
13:25:06.0359 3896 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:25:06.0362 3896 LSI_SAS - ok
13:25:06.0385 3896 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:25:06.0388 3896 LSI_SAS2 - ok
13:25:06.0411 3896 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:25:06.0414 3896 LSI_SCSI - ok
13:25:06.0436 3896 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:25:06.0439 3896 luafv - ok
13:25:06.0468 3896 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
13:25:06.0474 3896 Mcx2Svc - ok
13:25:06.0520 3896 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
13:25:06.0526 3896 MDM - ok
13:25:06.0550 3896 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:25:06.0553 3896 megasas - ok
13:25:06.0576 3896 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:25:06.0584 3896 MegaSR - ok
13:25:06.0622 3896 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:25:06.0630 3896 MMCSS - ok
13:25:06.0668 3896 Mo3Fltr (2397380b022384294a3d1e625de98af7) C:\Windows\system32\drivers\Mo3Fltr.sys
13:25:06.0671 3896 Mo3Fltr - ok
13:25:06.0690 3896 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:25:06.0692 3896 Modem - ok
13:25:06.0721 3896 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:25:06.0723 3896 monitor - ok
13:25:06.0767 3896 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
13:25:06.0771 3896 mouclass - ok
13:25:06.0795 3896 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:25:06.0799 3896 mouhid - ok
13:25:06.0820 3896 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
13:25:06.0824 3896 mountmgr - ok
13:25:06.0876 3896 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
13:25:06.0881 3896 mpio - ok
13:25:06.0903 3896 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:25:06.0907 3896 mpsdrv - ok
13:25:06.0945 3896 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
13:25:06.0964 3896 MpsSvc - ok
13:25:06.0991 3896 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
13:25:06.0997 3896 MRxDAV - ok
13:25:07.0035 3896 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:25:07.0040 3896 mrxsmb - ok
13:25:07.0078 3896 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:25:07.0086 3896 mrxsmb10 - ok
13:25:07.0105 3896 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:25:07.0110 3896 mrxsmb20 - ok
13:25:07.0152 3896 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
13:25:07.0155 3896 msahci - ok
13:25:07.0203 3896 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
13:25:07.0208 3896 msdsm - ok
13:25:07.0232 3896 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:25:07.0237 3896 MSDTC - ok
13:25:07.0264 3896 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:25:07.0265 3896 Msfs - ok
13:25:07.0284 3896 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:25:07.0287 3896 mshidkmdf - ok
13:25:07.0298 3896 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:25:07.0300 3896 msisadrv - ok
13:25:07.0330 3896 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:25:07.0334 3896 MSiSCSI - ok
13:25:07.0343 3896 msiserver - ok
13:25:07.0374 3896 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:25:07.0376 3896 MSKSSRV - ok
13:25:07.0396 3896 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:25:07.0398 3896 MSPCLOCK - ok
13:25:07.0410 3896 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:25:07.0412 3896 MSPQM - ok
13:25:07.0435 3896 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
13:25:07.0441 3896 MsRPC - ok
13:25:07.0626 3896 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:25:07.0630 3896 mssmbios - ok
13:25:07.0650 3896 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:25:07.0653 3896 MSTEE - ok
13:25:07.0671 3896 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:25:07.0674 3896 MTConfig - ok
13:25:07.0713 3896 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:25:07.0717 3896 Mup - ok
13:25:07.0757 3896 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
13:25:07.0775 3896 napagent - ok
13:25:07.0830 3896 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:25:07.0838 3896 NativeWifiP - ok
13:25:07.0892 3896 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
13:25:07.0912 3896 NDIS - ok
13:25:07.0940 3896 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:25:07.0945 3896 NdisCap - ok
13:25:07.0979 3896 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:25:07.0981 3896 NdisTapi - ok
13:25:08.0009 3896 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
13:25:08.0012 3896 Ndisuio - ok
13:25:08.0030 3896 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:25:08.0034 3896 NdisWan - ok
13:25:08.0050 3896 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
13:25:08.0052 3896 NDProxy - ok
13:25:08.0094 3896 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
13:25:08.0096 3896 Netaapl - ok
13:25:08.0113 3896 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:25:08.0116 3896 NetBIOS - ok
13:25:08.0134 3896 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
13:25:08.0138 3896 NetBT - ok
13:25:08.0174 3896 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
13:25:08.0177 3896 Netlogon - ok
13:25:08.0214 3896 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:25:08.0223 3896 Netman - ok
13:25:08.0243 3896 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:25:08.0252 3896 netprofm - ok
13:25:08.0294 3896 netr28ux (883269c1ca478658f1334f3c39b0c7ac) C:\Windows\system32\DRIVERS\netr28ux.sys
13:25:08.0307 3896 netr28ux - ok
13:25:08.0356 3896 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:25:08.0359 3896 NetTcpPortSharing - ok
13:25:08.0395 3896 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:25:08.0399 3896 nfrd960 - ok
13:25:08.0426 3896 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
13:25:08.0435 3896 NlaSvc - ok
13:25:08.0457 3896 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:25:08.0460 3896 Npfs - ok
13:25:08.0486 3896 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:25:08.0490 3896 nsi - ok
13:25:08.0507 3896 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:25:08.0508 3896 nsiproxy - ok
13:25:08.0572 3896 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
13:25:08.0607 3896 Ntfs - ok
13:25:08.0623 3896 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:25:08.0625 3896 Null - ok
13:25:08.0683 3896 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
13:25:08.0694 3896 NVENETFD - ok
13:25:08.0747 3896 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
13:25:08.0753 3896 NVHDA - ok
13:25:09.0045 3896 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:25:09.0322 3896 nvlddmkm - ok
13:25:09.0446 3896 NVNET (909eedcbd365bb81027d8e742e6b3416) C:\Windows\system32\DRIVERS\nvmf6264.sys
13:25:09.0456 3896 NVNET - ok
13:25:09.0510 3896 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
13:25:09.0515 3896 nvraid - ok
13:25:09.0551 3896 nvrd64 (78b96ec0352c6bb4788ebc200a2cadbf) C:\Windows\system32\DRIVERS\nvrd64.sys
13:25:09.0556 3896 nvrd64 - ok
13:25:09.0569 3896 nvsmu (e58d81fb8616d0cb55c1e36aa0b213c9) C:\Windows\system32\DRIVERS\nvsmu.sys
13:25:09.0572 3896 nvsmu - ok
13:25:09.0604 3896 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
13:25:09.0608 3896 nvstor - ok
13:25:09.0810 3896 nvstor64 (4d9aba962d7ece81866f96d5f69fb2b8) C:\Windows\system32\DRIVERS\nvstor64.sys
13:25:09.0815 3896 nvstor64 - ok
13:25:09.0891 3896 nvsvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe
13:25:09.0943 3896 nvsvc - ok
13:25:10.0053 3896 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
13:25:10.0072 3896 nvUpdatusService - ok
13:25:10.0106 3896 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:25:10.0108 3896 nv_agp - ok
13:25:10.0152 3896 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:25:10.0157 3896 ohci1394 - ok
13:25:10.0218 3896 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:25:10.0220 3896 ose - ok
13:25:10.0268 3896 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:25:10.0283 3896 p2pimsvc - ok
13:25:10.0317 3896 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:25:10.0331 3896 p2psvc - ok
13:25:10.0374 3896 pae_1394 (16e6b5c643d7611684994e158a227d5e) C:\Windows\system32\Drivers\pae_1394_x64.sys
13:25:10.0380 3896 pae_1394 - ok
13:25:10.0411 3896 pae_avs (64fc7b5c2b6899fc19a7060e0bccbdb7) C:\Windows\system32\Drivers\pae_avs_x64.sys
13:25:10.0415 3896 pae_avs - ok
13:25:10.0449 3896 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:25:10.0454 3896 Parport - ok
13:25:10.0480 3896 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
13:25:10.0485 3896 partmgr - ok
13:25:10.0513 3896 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:25:10.0526 3896 PcaSvc - ok
13:25:10.0570 3896 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
13:25:10.0575 3896 pci - ok
13:25:10.0600 3896 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:25:10.0602 3896 pciide - ok
13:25:10.0629 3896 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:25:10.0633 3896 pcmcia - ok
13:25:10.0657 3896 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:25:10.0659 3896 pcw - ok
13:25:10.0688 3896 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:25:10.0698 3896 PEAUTH - ok
13:25:10.0745 3896 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:25:10.0748 3896 PerfHost - ok
13:25:10.0797 3896 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
13:25:10.0832 3896 pla - ok
13:25:10.0884 3896 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
13:25:10.0894 3896 PlugPlay - ok
13:25:10.0918 3896 PnkBstrA - ok
13:25:10.0963 3896 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:25:10.0968 3896 PNRPAutoReg - ok
13:25:10.0988 3896 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:25:10.0995 3896 PNRPsvc - ok
13:25:11.0028 3896 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
13:25:11.0036 3896 PolicyAgent - ok
13:25:11.0074 3896 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:25:11.0082 3896 Power - ok
13:25:11.0109 3896 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
13:25:11.0112 3896 PptpMiniport - ok
13:25:11.0172 3896 PRESONUS_AUDIOBOX_MIDI (87d84513e913011ce408bfa99903965c) C:\Windows\system32\drivers\psabusbm.sys
13:25:11.0176 3896 PRESONUS_AUDIOBOX_MIDI - ok
13:25:11.0239 3896 PRESONUS_AUDIOBOX_USB (96d337f025abafe7cadddec495413895) C:\Windows\system32\Drivers\psabusbu.sys
13:25:11.0250 3896 PRESONUS_AUDIOBOX_USB - ok
13:25:11.0282 3896 PRESONUS_AUDIOBOX_WDM (5f1134087929e1a0d3a8e0bbdec89a8b) C:\Windows\system32\drivers\psabusba.sys
13:25:11.0286 3896 PRESONUS_AUDIOBOX_WDM - ok
13:25:11.0307 3896 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:25:11.0311 3896 Processor - ok
13:25:11.0340 3896 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
13:25:11.0353 3896 ProfSvc - ok
13:25:11.0399 3896 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
13:25:11.0406 3896 ProtectedStorage - ok
13:25:11.0428 3896 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
13:25:11.0433 3896 Psched - ok
13:25:11.0506 3896 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:25:11.0550 3896 ql2300 - ok
13:25:11.0576 3896 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:25:11.0580 3896 ql40xx - ok
13:25:11.0599 3896 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:25:11.0607 3896 QWAVE - ok
13:25:11.0626 3896 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:25:11.0628 3896 QWAVEdrv - ok
13:25:11.0648 3896 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:25:11.0650 3896 RasAcd - ok
13:25:11.0667 3896 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:25:11.0669 3896 RasAgileVpn - ok
13:25:11.0686 3896 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:25:11.0692 3896 RasAuto - ok
13:25:11.0712 3896 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:25:11.0716 3896 Rasl2tp - ok
13:25:11.0741 3896 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
13:25:11.0750 3896 RasMan - ok
13:25:11.0768 3896 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:25:11.0823 3896 RasPppoe - ok
13:25:11.0958 3896 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:25:11.0964 3896 RasSstp - ok
13:25:11.0994 3896 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
13:25:12.0003 3896 rdbss - ok
13:25:12.0030 3896 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:25:12.0033 3896 rdpbus - ok
13:25:12.0069 3896 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:25:12.0072 3896 RDPCDD - ok
13:25:12.0099 3896 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:25:12.0102 3896 RDPENCDD - ok
13:25:12.0125 3896 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:25:12.0128 3896 RDPREFMP - ok
13:25:12.0175 3896 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
13:25:12.0179 3896 RDPWD - ok
13:25:12.0201 3896 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
13:25:12.0206 3896 rdyboost - ok
13:25:12.0228 3896 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:25:12.0233 3896 RemoteAccess - ok
13:25:12.0252 3896 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:25:12.0259 3896 RemoteRegistry - ok
13:25:12.0292 3896 RimUsb (71b48ddaf5e9c2b40e64de5c405f5aac) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
13:25:12.0295 3896 RimUsb - ok
13:25:12.0339 3896 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
13:25:12.0342 3896 RimVSerPort - ok
13:25:12.0367 3896 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
13:25:12.0369 3896 ROOTMODEM - ok
13:25:12.0386 3896 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:25:12.0392 3896 RpcEptMapper - ok
13:25:12.0423 3896 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:25:12.0429 3896 RpcLocator - ok
13:25:12.0462 3896 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
13:25:12.0471 3896 RpcSs - ok
13:25:12.0495 3896 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:25:12.0497 3896 rspndr - ok
13:25:12.0534 3896 RTL8192U (86380f75f894ee1ee54564b3e6804bfb) C:\Windows\system32\DRIVERS\RTL8192u.sys
13:25:12.0541 3896 RTL8192U - ok
13:25:12.0570 3896 SAlphamHid (9fad506cbc15cd37ffe4bfcded27f074) C:\Windows\system32\DRIVERS\SAlpham64.sys
13:25:12.0572 3896 SAlphamHid - ok
13:25:12.0606 3896 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
13:25:12.0609 3896 SamSs - ok
13:25:12.0690 3896 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
13:25:12.0691 3896 SASDIFSV - ok
13:25:12.0711 3896 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
13:25:12.0712 3896 SASKUTIL - ok
13:25:12.0763 3896 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
13:25:12.0768 3896 sbp2port - ok
13:25:12.0796 3896 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:25:12.0810 3896 SCardSvr - ok
13:25:12.0840 3896 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
13:25:12.0844 3896 scfilter - ok
13:25:12.0908 3896 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
13:25:12.0932 3896 Schedule - ok
13:25:12.0967 3896 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
13:25:12.0968 3896 SCPolicySvc - ok
13:25:12.0982 3896 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
13:25:12.0987 3896 SDRSVC - ok
13:25:13.0052 3896 SeagateDashboardService (16b44d246835eac156f8daf0aa4f530c) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
13:25:13.0054 3896 SeagateDashboardService - ok
13:25:13.0089 3896 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:25:13.0093 3896 secdrv - ok
13:25:13.0116 3896 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
13:25:13.0122 3896 seclogon - ok
13:25:13.0139 3896 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
13:25:13.0147 3896 SENS - ok
13:25:13.0180 3896 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:25:13.0186 3896 SensrSvc - ok
13:25:13.0201 3896 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:25:13.0203 3896 Serenum - ok
13:25:13.0226 3896 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:25:13.0229 3896 Serial - ok
13:25:13.0274 3896 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:25:13.0276 3896 sermouse - ok
13:25:13.0305 3896 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
13:25:13.0312 3896 SessionEnv - ok
13:25:13.0346 3896 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:25:13.0348 3896 sffdisk - ok
13:25:13.0369 3896 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:25:13.0372 3896 sffp_mmc - ok
13:25:13.0391 3896 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
13:25:13.0394 3896 sffp_sd - ok
13:25:13.0413 3896 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:25:13.0416 3896 sfloppy - ok
13:25:13.0491 3896 SgtSch2Svc (43adbe70270dfd40ebda4dd0e492b5fb) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
13:25:13.0501 3896 SgtSch2Svc - ok
13:25:13.0535 3896 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:25:13.0547 3896 SharedAccess - ok
13:25:13.0578 3896 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
13:25:13.0595 3896 ShellHWDetection - ok
13:25:13.0633 3896 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:25:13.0637 3896 SiSRaid2 - ok
13:25:13.0657 3896 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:25:13.0662 3896 SiSRaid4 - ok
13:25:13.0685 3896 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:25:13.0690 3896 Smb - ok
13:25:13.0746 3896 snapman (8ac15211eb4bf019aab0022781cc8ad0) C:\Windows\system32\DRIVERS\snapman.sys
13:25:13.0753 3896 snapman - ok
13:25:13.0776 3896 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:25:13.0787 3896 SNMPTRAP - ok
13:25:13.0810 3896 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:25:13.0814 3896 spldr - ok
13:25:13.0859 3896 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
13:25:13.0880 3896 Spooler - ok
13:25:14.0234 3896 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
13:25:14.0317 3896 sppsvc - ok
13:25:14.0332 3896 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:25:14.0337 3896 sppuinotify - ok
13:25:14.0382 3896 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
13:25:14.0394 3896 srv - ok
13:25:14.0421 3896 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
13:25:14.0428 3896 srv2 - ok
13:25:14.0447 3896 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
13:25:14.0451 3896 srvnet - ok
13:25:14.0483 3896 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:25:14.0491 3896 SSDPSRV - ok
13:25:14.0503 3896 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:25:14.0509 3896 SstpSvc - ok
13:25:14.0563 3896 Steam Client Service - ok
13:25:14.0615 3896 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:25:14.0622 3896 Stereo Service - ok
13:25:14.0646 3896 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:25:14.0648 3896 stexstor - ok
13:25:14.0681 3896 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
13:25:14.0694 3896 stisvc - ok
13:25:14.0735 3896 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:25:14.0738 3896 swenum - ok
13:25:14.0769 3896 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:25:14.0789 3896 swprv - ok
13:25:14.0814 3896 SynUSB64 (bcb6aa197267d3506be2535342fc40e0) C:\Windows\system32\DRIVERS\SynUSB64.sys
13:25:14.0818 3896 SynUSB64 - ok
13:25:14.0897 3896 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
13:25:14.0964 3896 SysMain - ok
13:25:14.0982 3896 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
13:25:14.0989 3896 TabletInputService - ok
13:25:15.0010 3896 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
13:25:15.0019 3896 TapiSrv - ok
13:25:15.0034 3896 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:25:15.0041 3896 TBS - ok
13:25:15.0109 3896 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
13:25:15.0139 3896 Tcpip - ok
13:25:15.0210 3896 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
13:25:15.0226 3896 TCPIP6 - ok
13:25:15.0250 3896 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
13:25:15.0253 3896 tcpipreg - ok
13:25:15.0279 3896 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:25:15.0281 3896 TDPIPE - ok
13:25:15.0328 3896 tdrpman (ac1fc18d04b92bac16cbd85de2a08a0b) C:\Windows\system32\DRIVERS\tdrpman.sys
13:25:15.0342 3896 tdrpman - ok
13:25:15.0389 3896 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
13:25:15.0393 3896 TDTCP - ok
13:25:15.0426 3896 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
13:25:15.0430 3896 tdx - ok
13:25:15.0452 3896 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
13:25:15.0454 3896 TermDD - ok
13:25:15.0488 3896 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
13:25:15.0502 3896 TermService - ok
13:25:15.0520 3896 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:25:15.0527 3896 Themes - ok
13:25:15.0552 3896 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:25:15.0556 3896 THREADORDER - ok
13:25:15.0585 3896 tifsfilter (3e24b7fe52bc455da8d6e2cc2b4ca23f) C:\Windows\system32\DRIVERS\tifsfilt.sys
13:25:15.0588 3896 tifsfilter - ok
13:25:15.0614 3896 timounter (ec4fd4d147985a97e881729e808e6f34) C:\Windows\system32\DRIVERS\timntr.sys
13:25:15.0624 3896 timounter - ok
13:25:15.0644 3896 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:25:15.0651 3896 TrkWks - ok
13:25:15.0676 3896 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
13:25:15.0679 3896 TrustedInstaller - ok
13:25:15.0697 3896 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:25:15.0700 3896 tssecsrv - ok
13:25:15.0728 3896 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
13:25:15.0731 3896 tunnel - ok
13:25:15.0754 3896 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:25:15.0757 3896 uagp35 - ok
13:25:15.0781 3896 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
13:25:15.0786 3896 udfs - ok
13:25:15.0814 3896 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:25:15.0821 3896 UI0Detect - ok
13:25:15.0840 3896 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:25:15.0842 3896 uliagpkx - ok
13:25:15.0869 3896 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\drivers\umbus.sys
13:25:15.0871 3896 umbus - ok
13:25:15.0909 3896 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:25:15.0912 3896 UmPass - ok
13:25:15.0947 3896 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:25:15.0957 3896 upnphost - ok
13:25:15.0988 3896 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
13:25:15.0990 3896 USBAAPL64 - ok
13:25:16.0031 3896 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
13:25:16.0034 3896 usbaudio - ok
13:25:16.0072 3896 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
13:25:16.0075 3896 usbccgp - ok
13:25:16.0118 3896 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:25:16.0123 3896 usbcir - ok
13:25:16.0298 3896 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
13:25:16.0355 3896 usbehci - ok
13:25:16.0416 3896 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
13:25:16.0426 3896 usbhub - ok
13:25:16.0475 3896 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
13:25:16.0479 3896 usbohci - ok
13:25:16.0514 3896 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:25:16.0517 3896 usbprint - ok
13:25:16.0547 3896 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:25:16.0551 3896 usbscan - ok
13:25:16.0577 3896 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
13:25:16.0582 3896 USBSTOR - ok
13:25:16.0609 3896 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
13:25:16.0612 3896 usbuhci - ok
13:25:16.0638 3896 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:25:16.0650 3896 UxSms - ok
13:25:16.0679 3896 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
13:25:16.0686 3896 VaultSvc - ok
13:25:16.0714 3896 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:25:16.0717 3896 vdrvroot - ok
13:25:16.0740 3896 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
13:25:16.0752 3896 vds - ok
13:25:16.0774 3896 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:25:16.0776 3896 vga - ok
13:25:16.0800 3896 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:25:16.0804 3896 VgaSave - ok
13:25:16.0845 3896 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
13:25:16.0852 3896 vhdmp - ok
13:25:16.0894 3896 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:25:16.0898 3896 viaide - ok
13:25:16.0915 3896 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
13:25:16.0919 3896 volmgr - ok
13:25:16.0969 3896 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
13:25:16.0975 3896 volmgrx - ok
13:25:17.0020 3896 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
13:25:17.0029 3896 volsnap - ok
13:25:17.0067 3896 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:25:17.0073 3896 vsmraid - ok
13:25:17.0139 3896 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
13:25:17.0167 3896 VSS - ok
13:25:17.0190 3896 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:25:17.0193 3896 vwifibus - ok
13:25:17.0221 3896 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:25:17.0223 3896 vwififlt - ok
13:25:17.0247 3896 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:25:17.0258 3896 W32Time - ok
13:25:17.0285 3896 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:25:17.0288 3896 WacomPen - ok
13:25:17.0319 3896 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:25:17.0323 3896 WANARP - ok
13:25:17.0327 3896 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:25:17.0329 3896 Wanarpv6 - ok
13:25:17.0407 3896 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:25:17.0442 3896 WatAdminSvc - ok
13:25:17.0513 3896 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
13:25:17.0552 3896 wbengine - ok
13:25:17.0573 3896 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:25:17.0579 3896 WbioSrvc - ok
13:25:17.0613 3896 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
13:25:17.0621 3896 wcncsvc - ok
13:25:17.0638 3896 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:25:17.0644 3896 WcsPlugInService - ok
13:25:17.0666 3896 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:25:17.0668 3896 Wd - ok
13:25:17.0697 3896 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:25:17.0705 3896 Wdf01000 - ok
13:25:17.0723 3896 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:25:17.0728 3896 WdiServiceHost - ok
13:25:17.0732 3896 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:25:17.0736 3896 WdiSystemHost - ok
13:25:17.0769 3896 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
13:25:17.0776 3896 WebClient - ok
13:25:17.0796 3896 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:25:17.0803 3896 Wecsvc - ok
13:25:17.0823 3896 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:25:17.0829 3896 wercplsupport - ok
13:25:17.0858 3896 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:25:17.0863 3896 WerSvc - ok
13:25:17.0880 3896 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:25:17.0881 3896 WfpLwf - ok
13:25:17.0901 3896 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:25:17.0903 3896 WIMMount - ok
13:25:17.0920 3896 WinDefend - ok
13:25:17.0926 3896 WinHttpAutoProxySvc - ok
13:25:17.0975 3896 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:25:17.0981 3896 Winmgmt - ok
13:25:18.0058 3896 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
13:25:18.0121 3896 WinRM - ok
13:25:18.0187 3896 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
13:25:18.0191 3896 WinUsb - ok
13:25:18.0231 3896 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:25:18.0252 3896 Wlansvc - ok
13:25:18.0392 3896 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:25:18.0395 3896 WmiAcpi - ok
13:25:18.0533 3896 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:25:18.0540 3896 wmiApSrv - ok
13:25:18.0566 3896 WMPNetworkSvc - ok
13:25:18.0593 3896 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:25:18.0605 3896 WPCSvc - ok
13:25:18.0629 3896 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
13:25:18.0643 3896 WPDBusEnum - ok
13:25:18.0660 3896 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:25:18.0662 3896 ws2ifsl - ok
13:25:18.0693 3896 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
13:25:18.0700 3896 wscsvc - ok
13:25:18.0709 3896 WSearch - ok
13:25:18.0793 3896 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
13:25:18.0822 3896 wuauserv - ok
13:25:18.0843 3896 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
13:25:18.0846 3896 WudfPf - ok
13:25:18.0868 3896 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:25:18.0871 3896 WUDFRd - ok
13:25:18.0885 3896 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
13:25:18.0891 3896 wudfsvc - ok
13:25:18.0910 3896 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:25:18.0917 3896 WwanSvc - ok
13:25:18.0951 3896 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:25:18.0978 3896 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
13:25:18.0978 3896 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
13:25:18.0981 3896 Boot (0x1200) (e3316ae42db94e69656a51ce5e2c7f2a) \Device\Harddisk0\DR0\Partition0
13:25:18.0982 3896 \Device\Harddisk0\DR0\Partition0 - ok
13:25:18.0998 3896 Boot (0x1200) (c0e1d398d00b3b9a0598d5bdeeba5e19) \Device\Harddisk0\DR0\Partition1
13:25:19.0000 3896 \Device\Harddisk0\DR0\Partition1 - ok
13:25:19.0000 3896 ============================================================
13:25:19.0000 3896 Scan finished
13:25:19.0000 3896 ============================================================
13:25:19.0010 7428 Detected object count: 1
13:25:19.0010 7428 Actual detected object count: 1
13:25:43.0183 7428 \Device\Harddisk0\DR0\# - copied to quarantine
13:25:43.0183 7428 \Device\Harddisk0\DR0 - copied to quarantine
13:25:43.0300 7428 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
13:25:43.0304 7428 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
13:25:43.0309 7428 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
13:25:43.0314 7428 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
13:25:43.0319 7428 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
13:25:43.0323 7428 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
13:25:43.0326 7428 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
13:25:43.0329 7428 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
13:25:43.0333 7428 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
13:25:43.0337 7428 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
13:25:43.0341 7428 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
13:25:43.0344 7428 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
13:25:43.0348 7428 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
13:25:43.0351 7428 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
13:25:43.0353 7428 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
13:25:43.0354 7428 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
13:25:43.0363 7428 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
13:25:43.0367 7428 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
13:25:43.0373 7428 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
13:25:43.0409 7428 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
13:25:43.0429 7428 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
13:25:43.0437 7428 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
13:25:43.0445 7428 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
13:25:43.0547 7428 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
13:25:43.0552 7428 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
13:25:43.0601 7428 \Device\Harddisk0\DR0 - ok
13:25:44.0066 7428 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
13:25:48.0898 3832 Deinitialize success

#11 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:48 AM

Posted 18 April 2012 - 12:49 PM

Good news :)

See if aswMBR will run now.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#12 Roxma

Roxma
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 18 April 2012 - 01:08 PM

Yes it does run now. Should I scan with it as well just in case?

#13 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:48 AM

Posted 18 April 2012 - 01:10 PM

Yes please.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#14 Roxma

Roxma
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:48 AM

Posted 18 April 2012 - 01:34 PM

Saw two lines that were in red, I'm guessing that's not great. Here's the log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-18 14:07:30
-----------------------------
14:07:30.588 OS Version: Windows x64 6.1.7600
14:07:30.588 Number of processors: 4 586 0x402
14:07:30.588 ComputerName: OWNER-PC UserName: Owner
14:07:34.098 Initialize success
14:07:37.686 AVAST engine defs: 12041801
14:12:31.904 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006b
14:12:31.904 Disk 0 Vendor: ST375052 HP22 Size: 715404MB BusType: 8
14:12:31.935 Disk 0 MBR read successfully
14:12:31.951 Disk 0 MBR scan
14:12:31.951 Disk 0 Windows 7 default MBR code
14:12:31.966 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 700984 MB offset 63
14:12:31.982 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 14410 MB offset 1435616595
14:12:32.060 Disk 0 scanning C:\Windows\system32\drivers
14:12:41.545 Service scanning
14:12:56.583 Modules scanning
14:12:56.599 Disk 0 trace - called modules:
14:12:56.614 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
14:12:56.614 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80077cd060]
14:12:56.630 3 CLASSPNP.SYS[fffff88000fcd43f] -> nt!IofCallDriver -> [0xfffffa80066cbe40]
14:12:56.630 5 ACPI.sys[fffff88000f03781] -> nt!IofCallDriver -> \Device\0000006b[0xfffffa80074e2240]
14:13:00.062 AVAST engine scan C:\Windows
14:13:04.960 AVAST engine scan C:\Windows\system32
14:15:44.346 AVAST engine scan C:\Windows\system32\drivers
14:15:59.042 AVAST engine scan C:\Users\Owner
14:18:43.809 File: C:\Users\Owner\AppData\Roaming\Adobe\Flash Player\NativeCache\5F01BA1496F8B8F767931AACBF93267B\bb317df\adobecp-200489-1.dll **INFECTED** Win32:Malware-gen
14:18:44.043 File: C:\Users\Owner\AppData\Roaming\Adobe\Flash Player\NativeCache\C78F5AA78574B5A91AC9111ED93FCB8E\50fe8a86\adobecp-200489-1.dll **INFECTED** Win32:Malware-gen
14:27:53.022 AVAST engine scan C:\ProgramData
14:29:26.716 Scan finished successfully
14:33:18.657 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\Virus Programs\MBR.dat"
14:33:18.672 The log file has been saved successfully to "C:\Users\Owner\Desktop\Virus Programs\aswMBR.txt"

#15 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:48 AM

Posted 18 April 2012 - 01:36 PM

Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users