Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Nasty computer virus - need help please!


  • Please log in to reply
13 replies to this topic

#1 chillinatbu

chillinatbu

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 30 June 2012 - 06:09 PM

Hello everyone,
I have a problem with a computer virus. I received a message while on a website 2 days ago saying it was from the FBI and if I did not give them a certain amount of money, they would report me or something to that effect. Anyway, what happened was that the screen would lock me out of my computer, and the only thing I could originally do was control+alt+delete to turn it into safe mode. The next few times I re-started my computer in the regular mode, that same FBI screen would appear after about 1-2 minutes, but after a few more times, it took longer to come up. Finally, I was able to access my computer and downloaded about 5 anti-virus software programs offline to try to clean out my system. I downloaded AVG, malware, spybot, and a few more. I was runnning avast at the time this virus problem arose. My question is, the first time I ran the virus scans, it wouldn't let me delete anything, but finally they began to work. On AVG, it is saying "Corrupted section win32k.sys[.text] XLATEOBJ_hGetColorTransform+0x156F4, size 8 bytes";"Object is hidden". Then when I try to delete the item (is this a good thing to delete?) it says my windows UAC is turned off, and for me to turn it on. What should I do about this? Should I turn it on and re-try to delete these items? If so, how do I turn it on? It say these items are being hidden due to root-kit techniques. Also, every anti-virus program is picking up different infected items, is there anyway to get rid of it entirely? Thank you so much!!

Edited by Orange Blossom, 30 June 2012 - 06:21 PM.
Moved to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:16 PM

Posted 30 June 2012 - 06:11 PM

Boot the PC into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Press Windows+R key and type

%HOMEPATH%\Start Menu\Programs\Startup

click ok

Delete CTFMON.LNK file from the folder

Edited by narenxp, 30 June 2012 - 06:13 PM.


#3 chillinatbu

chillinatbu
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 30 June 2012 - 09:30 PM

Hello,
Thank you so much for the reply! I did everything you told me to, but the last part (the windows + R key) because when I attempted to do so, it says it cannot find it and see if I mistyped it (which I did not). Here are the results from the other virus scans you told me to perform. Thanks!

TDSSkiller list:

19:27:47.0330 1416 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
19:27:47.0674 1416 ============================================================
19:27:47.0674 1416 Current date / time: 2012/06/30 19:27:47.0674
19:27:47.0674 1416 SystemInfo:
19:27:47.0674 1416
19:27:47.0674 1416 OS Version: 6.1.7601 ServicePack: 1.0
19:27:47.0674 1416 Product type: Workstation
19:27:47.0674 1416 ComputerName: CHRISTIAN-PC
19:27:47.0674 1416 UserName: Christian
19:27:47.0674 1416 Windows directory: C:\Windows
19:27:47.0674 1416 System windows directory: C:\Windows
19:27:47.0674 1416 Running under WOW64
19:27:47.0674 1416 Processor architecture: Intel x64
19:27:47.0674 1416 Number of processors: 2
19:27:47.0674 1416 Page size: 0x1000
19:27:47.0674 1416 Boot type: Safe boot with network
19:27:47.0674 1416 ============================================================
19:27:48.0578 1416 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x13B718, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x6, Type 'K0', Flags 0x00000040
19:27:48.0594 1416 ============================================================
19:27:48.0594 1416 \Device\Harddisk0\DR0:
19:27:48.0594 1416 MBR partitions:
19:27:48.0594 1416 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
19:27:48.0594 1416 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1B836000
19:27:48.0594 1416 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B89A000, BlocksNum 0x192B000
19:27:48.0594 1416 ============================================================
19:27:48.0610 1416 C: <-> \Device\Harddisk0\DR0\Partition1
19:27:48.0656 1416 D: <-> \Device\Harddisk0\DR0\Partition2
19:27:48.0656 1416 ============================================================
19:27:48.0656 1416 Initialize success
19:27:48.0656 1416 ============================================================
19:28:15.0348 1760 ============================================================
19:28:15.0348 1760 Scan started
19:28:15.0348 1760 Mode: Manual; TDLFS;
19:28:15.0348 1760 ============================================================
19:28:16.0393 1760 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:28:16.0409 1760 1394ohci - ok
19:28:16.0440 1760 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:28:16.0440 1760 ACPI - ok
19:28:16.0471 1760 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:28:16.0471 1760 AcpiPmi - ok
19:28:16.0565 1760 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:28:16.0565 1760 AdobeARMservice - ok
19:28:16.0705 1760 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:28:16.0705 1760 AdobeFlashPlayerUpdateSvc - ok
19:28:16.0752 1760 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:28:16.0768 1760 adp94xx - ok
19:28:16.0814 1760 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:28:16.0814 1760 adpahci - ok
19:28:16.0861 1760 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:28:16.0877 1760 adpu320 - ok
19:28:16.0892 1760 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:28:16.0892 1760 AeLookupSvc - ok
19:28:16.0955 1760 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:28:16.0955 1760 AFD - ok
19:28:17.0002 1760 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:28:17.0002 1760 agp440 - ok
19:28:17.0017 1760 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:28:17.0017 1760 ALG - ok
19:28:17.0033 1760 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:28:17.0033 1760 aliide - ok
19:28:17.0033 1760 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:28:17.0033 1760 amdide - ok
19:28:17.0048 1760 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:28:17.0048 1760 AmdK8 - ok
19:28:17.0064 1760 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:28:17.0064 1760 AmdPPM - ok
19:28:17.0111 1760 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
19:28:17.0111 1760 amdsata - ok
19:28:17.0126 1760 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:28:17.0142 1760 amdsbs - ok
19:28:17.0158 1760 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
19:28:17.0158 1760 amdxata - ok
19:28:17.0204 1760 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:28:17.0204 1760 AppID - ok
19:28:17.0220 1760 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:28:17.0220 1760 AppIDSvc - ok
19:28:17.0267 1760 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:28:17.0267 1760 Appinfo - ok
19:28:17.0345 1760 Apple Mobile Device (acb095e7e1663f1b83a41c22c5d75f90) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:28:17.0360 1760 Apple Mobile Device - ok
19:28:17.0376 1760 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:28:17.0376 1760 arc - ok
19:28:17.0392 1760 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:28:17.0392 1760 arcsas - ok
19:28:17.0438 1760 aswFsBlk (5d0fcd12a43e92409eb2ac88c6cf7d48) C:\Windows\system32\drivers\aswFsBlk.sys
19:28:17.0438 1760 aswFsBlk - ok
19:28:17.0485 1760 aswMonFlt (d51d963c2357b02a862f99bc0802aabb) C:\Windows\system32\drivers\aswMonFlt.sys
19:28:17.0485 1760 aswMonFlt - ok
19:28:17.0532 1760 aswRdr (f2a846c15ea4e35d0a8e53891abdf528) C:\Windows\System32\Drivers\aswrdr2.sys
19:28:17.0532 1760 aswRdr - ok
19:28:17.0626 1760 aswSnx (87542057e699eed8d1a545c75cef4547) C:\Windows\system32\drivers\aswSnx.sys
19:28:17.0641 1760 aswSnx - ok
19:28:17.0688 1760 aswSP (58143f82d886e10bafe33dc57eee53f9) C:\Windows\system32\drivers\aswSP.sys
19:28:17.0688 1760 aswSP - ok
19:28:17.0704 1760 aswTdi (c944767bd5e69bf3f49a6562abd4eaea) C:\Windows\system32\drivers\aswTdi.sys
19:28:17.0704 1760 aswTdi - ok
19:28:17.0719 1760 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:28:17.0719 1760 AsyncMac - ok
19:28:17.0750 1760 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:28:17.0750 1760 atapi - ok
19:28:17.0891 1760 athr (96abf88241f90ff647e55c934c55c2f1) C:\Windows\system32\DRIVERS\athrx.sys
19:28:17.0922 1760 athr - ok
19:28:18.0047 1760 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:28:18.0062 1760 AudioEndpointBuilder - ok
19:28:18.0078 1760 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:28:18.0078 1760 AudioSrv - ok
19:28:18.0156 1760 avast! Antivirus (b31f785751157aa8e2a33ea1cb4dc5be) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
19:28:18.0156 1760 avast! Antivirus - ok
19:28:18.0452 1760 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
19:28:18.0499 1760 AVGIDSAgent - ok
19:28:18.0577 1760 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:28:18.0577 1760 AVGIDSDriver - ok
19:28:18.0608 1760 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
19:28:18.0608 1760 AVGIDSFilter - ok
19:28:18.0640 1760 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
19:28:18.0640 1760 AVGIDSHA - ok
19:28:18.0686 1760 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
19:28:18.0686 1760 Avgldx64 - ok
19:28:18.0718 1760 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
19:28:18.0718 1760 Avgmfx64 - ok
19:28:18.0764 1760 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
19:28:18.0764 1760 Avgrkx64 - ok
19:28:18.0796 1760 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
19:28:18.0796 1760 Avgtdia - ok
19:28:18.0889 1760 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:28:18.0905 1760 avgwd - ok
19:28:18.0967 1760 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:28:18.0967 1760 AxInstSV - ok
19:28:18.0998 1760 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:28:19.0014 1760 b06bdrv - ok
19:28:19.0061 1760 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:28:19.0061 1760 b57nd60a - ok
19:28:19.0092 1760 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:28:19.0092 1760 BDESVC - ok
19:28:19.0092 1760 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:28:19.0092 1760 Beep - ok
19:28:19.0170 1760 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:28:19.0170 1760 BFE - ok
19:28:19.0248 1760 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:28:19.0264 1760 BITS - ok
19:28:19.0310 1760 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:28:19.0310 1760 blbdrive - ok
19:28:19.0373 1760 Bonjour Service (a065f048e9e23e6c026a7bb548d126a7) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
19:28:19.0373 1760 Bonjour Service - ok
19:28:19.0420 1760 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:28:19.0420 1760 bowser - ok
19:28:19.0435 1760 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:28:19.0435 1760 BrFiltLo - ok
19:28:19.0435 1760 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:28:19.0435 1760 BrFiltUp - ok
19:28:19.0482 1760 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:28:19.0482 1760 Browser - ok
19:28:19.0513 1760 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:28:19.0513 1760 Brserid - ok
19:28:19.0529 1760 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:28:19.0529 1760 BrSerWdm - ok
19:28:19.0544 1760 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:28:19.0544 1760 BrUsbMdm - ok
19:28:19.0560 1760 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:28:19.0560 1760 BrUsbSer - ok
19:28:19.0591 1760 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:28:19.0591 1760 BTHMODEM - ok
19:28:19.0622 1760 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:28:19.0622 1760 bthserv - ok
19:28:19.0669 1760 CAXHWAZL (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
19:28:19.0669 1760 CAXHWAZL - ok
19:28:19.0700 1760 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:28:19.0700 1760 cdfs - ok
19:28:19.0747 1760 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
19:28:19.0747 1760 cdrom - ok
19:28:19.0794 1760 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:28:19.0794 1760 CertPropSvc - ok
19:28:19.0810 1760 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:28:19.0810 1760 circlass - ok
19:28:19.0841 1760 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:28:19.0856 1760 CLFS - ok
19:28:19.0919 1760 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:28:19.0919 1760 clr_optimization_v2.0.50727_32 - ok
19:28:19.0966 1760 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:28:19.0966 1760 clr_optimization_v2.0.50727_64 - ok
19:28:19.0997 1760 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:28:19.0997 1760 CmBatt - ok
19:28:20.0028 1760 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:28:20.0028 1760 cmdide - ok
19:28:20.0075 1760 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:28:20.0090 1760 CNG - ok
19:28:20.0168 1760 CnxtHdAudService (a44dfdb81dc62b11760881175e5b2266) C:\Windows\system32\drivers\CHDRT64.sys
19:28:20.0168 1760 CnxtHdAudService - ok
19:28:20.0293 1760 Com4QLBEx (c7a0e61d5714ac20de52d4f66ec773b8) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
19:28:20.0293 1760 Com4QLBEx - ok
19:28:20.0340 1760 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:28:20.0340 1760 Compbatt - ok
19:28:20.0387 1760 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:28:20.0387 1760 CompositeBus - ok
19:28:20.0387 1760 COMSysApp - ok
19:28:20.0418 1760 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:28:20.0418 1760 crcdisk - ok
19:28:20.0465 1760 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
19:28:20.0480 1760 CryptSvc - ok
19:28:20.0527 1760 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:28:20.0543 1760 DcomLaunch - ok
19:28:20.0590 1760 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:28:20.0605 1760 defragsvc - ok
19:28:20.0652 1760 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:28:20.0652 1760 DfsC - ok
19:28:20.0699 1760 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:28:20.0714 1760 Dhcp - ok
19:28:20.0730 1760 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:28:20.0730 1760 discache - ok
19:28:20.0761 1760 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:28:20.0761 1760 Disk - ok
19:28:20.0777 1760 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:28:20.0777 1760 Dnscache - ok
19:28:20.0824 1760 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:28:20.0824 1760 dot3svc - ok
19:28:20.0870 1760 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:28:20.0870 1760 DPS - ok
19:28:20.0902 1760 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:28:20.0902 1760 drmkaud - ok
19:28:20.0980 1760 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:28:20.0980 1760 DXGKrnl - ok
19:28:21.0011 1760 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:28:21.0011 1760 EapHost - ok
19:28:21.0182 1760 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:28:21.0229 1760 ebdrv - ok
19:28:21.0323 1760 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:28:21.0323 1760 EFS - ok
19:28:21.0385 1760 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:28:21.0401 1760 ehRecvr - ok
19:28:21.0448 1760 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:28:21.0448 1760 ehSched - ok
19:28:21.0494 1760 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:28:21.0494 1760 elxstor - ok
19:28:21.0526 1760 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:28:21.0541 1760 ErrDev - ok
19:28:21.0588 1760 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:28:21.0604 1760 EventSystem - ok
19:28:21.0635 1760 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:28:21.0635 1760 exfat - ok
19:28:21.0666 1760 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:28:21.0666 1760 fastfat - ok
19:28:21.0744 1760 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:28:21.0744 1760 Fax - ok
19:28:21.0760 1760 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:28:21.0775 1760 fdc - ok
19:28:21.0775 1760 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:28:21.0775 1760 fdPHost - ok
19:28:21.0791 1760 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:28:21.0791 1760 FDResPub - ok
19:28:21.0806 1760 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:28:21.0806 1760 FileInfo - ok
19:28:21.0822 1760 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:28:21.0822 1760 Filetrace - ok
19:28:21.0838 1760 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:28:21.0838 1760 flpydisk - ok
19:28:21.0884 1760 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:28:21.0884 1760 FltMgr - ok
19:28:21.0978 1760 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
19:28:21.0994 1760 FontCache - ok
19:28:22.0056 1760 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:28:22.0056 1760 FontCache3.0.0.0 - ok
19:28:22.0087 1760 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:28:22.0087 1760 FsDepends - ok
19:28:22.0134 1760 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:28:22.0134 1760 Fs_Rec - ok
19:28:22.0181 1760 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:28:22.0181 1760 fvevol - ok
19:28:22.0212 1760 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:28:22.0212 1760 gagp30kx - ok
19:28:22.0290 1760 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
19:28:22.0290 1760 GameConsoleService - ok
19:28:22.0337 1760 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:28:22.0337 1760 GEARAspiWDM - ok
19:28:22.0399 1760 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:28:22.0415 1760 gpsvc - ok
19:28:22.0540 1760 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:28:22.0540 1760 gupdate - ok
19:28:22.0571 1760 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:28:22.0571 1760 gupdatem - ok
19:28:22.0618 1760 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:28:22.0633 1760 gusvc - ok
19:28:22.0649 1760 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:28:22.0649 1760 hcw85cir - ok
19:28:22.0711 1760 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:28:22.0727 1760 HdAudAddService - ok
19:28:22.0742 1760 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:28:22.0742 1760 HDAudBus - ok
19:28:22.0758 1760 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:28:22.0774 1760 HidBatt - ok
19:28:22.0789 1760 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:28:22.0789 1760 HidBth - ok
19:28:22.0805 1760 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:28:22.0805 1760 HidIr - ok
19:28:22.0836 1760 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:28:22.0836 1760 hidserv - ok
19:28:22.0867 1760 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:28:22.0867 1760 HidUsb - ok
19:28:22.0914 1760 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:28:22.0914 1760 hkmsvc - ok
19:28:22.0945 1760 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:28:22.0945 1760 HomeGroupListener - ok
19:28:22.0992 1760 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:28:22.0992 1760 HomeGroupProvider - ok
19:28:23.0070 1760 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:28:23.0070 1760 HP Support Assistant Service - ok
19:28:23.0132 1760 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
19:28:23.0132 1760 HPDrvMntSvc.exe - ok
19:28:23.0179 1760 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
19:28:23.0179 1760 HpqKbFiltr - ok
19:28:23.0273 1760 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
19:28:23.0288 1760 hpqwmiex - ok
19:28:23.0320 1760 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:28:23.0320 1760 HpSAMD - ok
19:28:23.0398 1760 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll
19:28:23.0429 1760 HsfXAudioService - ok
19:28:23.0507 1760 HSF_DPV (26c5d00321937e49b6bc91029947d094) C:\Windows\system32\DRIVERS\CAX_DPV.sys
19:28:23.0538 1760 HSF_DPV - ok
19:28:23.0678 1760 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:28:23.0694 1760 HTTP - ok
19:28:23.0725 1760 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:28:23.0725 1760 hwpolicy - ok
19:28:23.0756 1760 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:28:23.0756 1760 i8042prt - ok
19:28:23.0819 1760 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
19:28:23.0834 1760 iaStorV - ok
19:28:23.0959 1760 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:28:23.0959 1760 idsvc - ok
19:28:24.0474 1760 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:28:24.0614 1760 igfx - ok
19:28:24.0708 1760 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:28:24.0708 1760 iirsp - ok
19:28:24.0770 1760 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:28:24.0786 1760 IKEEXT - ok
19:28:24.0817 1760 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys
19:28:24.0817 1760 IntcHdmiAddService - ok
19:28:24.0848 1760 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:28:24.0848 1760 intelide - ok
19:28:24.0864 1760 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:28:24.0864 1760 intelppm - ok
19:28:24.0895 1760 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:28:24.0895 1760 IPBusEnum - ok
19:28:24.0926 1760 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:28:24.0926 1760 IpFilterDriver - ok
19:28:24.0989 1760 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:28:25.0004 1760 iphlpsvc - ok
19:28:25.0036 1760 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:28:25.0036 1760 IPMIDRV - ok
19:28:25.0051 1760 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:28:25.0051 1760 IPNAT - ok
19:28:25.0129 1760 iPod Service (dc115bd67a913f71a77c7c72c1e64c0a) C:\Program Files\iPod\bin\iPodService.exe
19:28:25.0145 1760 iPod Service - ok
19:28:25.0160 1760 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:28:25.0160 1760 IRENUM - ok
19:28:25.0176 1760 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:28:25.0176 1760 isapnp - ok
19:28:25.0223 1760 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:28:25.0238 1760 iScsiPrt - ok
19:28:25.0254 1760 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:28:25.0254 1760 kbdclass - ok
19:28:25.0301 1760 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:28:25.0301 1760 kbdhid - ok
19:28:25.0332 1760 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:28:25.0348 1760 KeyIso - ok
19:28:25.0363 1760 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:28:25.0363 1760 KSecDD - ok
19:28:25.0379 1760 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:28:25.0379 1760 KSecPkg - ok
19:28:25.0394 1760 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:28:25.0394 1760 ksthunk - ok
19:28:25.0441 1760 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:28:25.0457 1760 KtmRm - ok
19:28:25.0504 1760 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:28:25.0519 1760 LanmanServer - ok
19:28:25.0550 1760 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:28:25.0566 1760 LanmanWorkstation - ok
19:28:25.0628 1760 LightScribeService (2238b91ac1a12cc6cc4c4fed41258b2a) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:28:25.0628 1760 LightScribeService - ok
19:28:25.0660 1760 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:28:25.0660 1760 lltdio - ok
19:28:25.0675 1760 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:28:25.0706 1760 lltdsvc - ok
19:28:25.0706 1760 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:28:25.0706 1760 lmhosts - ok
19:28:25.0753 1760 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:28:25.0753 1760 LSI_FC - ok
19:28:25.0769 1760 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:28:25.0769 1760 LSI_SAS - ok
19:28:25.0800 1760 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:28:25.0800 1760 LSI_SAS2 - ok
19:28:25.0831 1760 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:28:25.0831 1760 LSI_SCSI - ok
19:28:25.0862 1760 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:28:25.0862 1760 luafv - ok
19:28:25.0909 1760 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:28:25.0909 1760 Mcx2Svc - ok
19:28:25.0940 1760 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:28:25.0940 1760 mdmxsdk - ok
19:28:25.0956 1760 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:28:25.0956 1760 megasas - ok
19:28:26.0003 1760 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:28:26.0003 1760 MegaSR - ok
19:28:26.0096 1760 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
19:28:26.0096 1760 Microsoft Office Groove Audit Service - ok
19:28:26.0112 1760 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:28:26.0112 1760 MMCSS - ok
19:28:26.0128 1760 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:28:26.0128 1760 Modem - ok
19:28:26.0143 1760 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:28:26.0143 1760 monitor - ok
19:28:26.0206 1760 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
19:28:26.0206 1760 mouclass - ok
19:28:26.0221 1760 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:28:26.0237 1760 mouhid - ok
19:28:26.0268 1760 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:28:26.0268 1760 mountmgr - ok
19:28:26.0299 1760 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:28:26.0315 1760 mpio - ok
19:28:26.0330 1760 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:28:26.0330 1760 mpsdrv - ok
19:28:26.0408 1760 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:28:26.0424 1760 MpsSvc - ok
19:28:26.0471 1760 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:28:26.0471 1760 MRxDAV - ok
19:28:26.0518 1760 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:28:26.0518 1760 mrxsmb - ok
19:28:26.0564 1760 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:28:26.0564 1760 mrxsmb10 - ok
19:28:26.0580 1760 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:28:26.0580 1760 mrxsmb20 - ok
19:28:26.0596 1760 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:28:26.0596 1760 msahci - ok
19:28:26.0642 1760 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:28:26.0642 1760 msdsm - ok
19:28:26.0658 1760 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:28:26.0674 1760 MSDTC - ok
19:28:26.0689 1760 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:28:26.0689 1760 Msfs - ok
19:28:26.0689 1760 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:28:26.0689 1760 mshidkmdf - ok
19:28:26.0705 1760 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:28:26.0705 1760 msisadrv - ok
19:28:26.0736 1760 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:28:26.0736 1760 MSiSCSI - ok
19:28:26.0752 1760 msiserver - ok
19:28:26.0767 1760 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:28:26.0767 1760 MSKSSRV - ok
19:28:26.0783 1760 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:28:26.0783 1760 MSPCLOCK - ok
19:28:26.0798 1760 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:28:26.0798 1760 MSPQM - ok
19:28:26.0845 1760 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:28:26.0861 1760 MsRPC - ok
19:28:26.0876 1760 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:28:26.0876 1760 mssmbios - ok
19:28:26.0892 1760 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:28:26.0892 1760 MSTEE - ok
19:28:26.0908 1760 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:28:26.0908 1760 MTConfig - ok
19:28:26.0923 1760 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:28:26.0923 1760 Mup - ok
19:28:26.0970 1760 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:28:26.0986 1760 napagent - ok
19:28:27.0017 1760 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:28:27.0017 1760 NativeWifiP - ok
19:28:27.0095 1760 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:28:27.0110 1760 NDIS - ok
19:28:27.0126 1760 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:28:27.0126 1760 NdisCap - ok
19:28:27.0142 1760 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:28:27.0142 1760 NdisTapi - ok
19:28:27.0173 1760 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:28:27.0173 1760 Ndisuio - ok
19:28:27.0220 1760 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:28:27.0220 1760 NdisWan - ok
19:28:27.0251 1760 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:28:27.0251 1760 NDProxy - ok
19:28:27.0282 1760 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:28:27.0282 1760 NetBIOS - ok
19:28:27.0329 1760 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:28:27.0329 1760 NetBT - ok
19:28:27.0360 1760 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:28:27.0360 1760 Netlogon - ok
19:28:27.0407 1760 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:28:27.0422 1760 Netman - ok
19:28:27.0469 1760 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:28:27.0485 1760 netprofm - ok
19:28:27.0532 1760 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:28:27.0532 1760 NetTcpPortSharing - ok
19:28:27.0781 1760 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
19:28:27.0844 1760 netw5v64 - ok
19:28:27.0937 1760 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:28:27.0937 1760 nfrd960 - ok
19:28:27.0984 1760 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:28:28.0000 1760 NlaSvc - ok
19:28:28.0015 1760 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:28:28.0015 1760 Npfs - ok
19:28:28.0046 1760 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:28:28.0046 1760 nsi - ok
19:28:28.0046 1760 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:28:28.0046 1760 nsiproxy - ok
19:28:28.0171 1760 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
19:28:28.0202 1760 Ntfs - ok
19:28:28.0249 1760 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:28:28.0249 1760 Null - ok
19:28:28.0280 1760 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
19:28:28.0296 1760 nvraid - ok
19:28:28.0327 1760 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
19:28:28.0343 1760 nvstor - ok
19:28:28.0358 1760 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:28:28.0358 1760 nv_agp - ok
19:28:28.0436 1760 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:28:28.0436 1760 odserv - ok
19:28:28.0468 1760 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:28:28.0483 1760 ohci1394 - ok
19:28:28.0499 1760 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:28:28.0530 1760 ose - ok
19:28:28.0577 1760 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:28:28.0577 1760 p2pimsvc - ok
19:28:28.0608 1760 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:28:28.0624 1760 p2psvc - ok
19:28:28.0639 1760 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:28:28.0655 1760 Parport - ok
19:28:28.0686 1760 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:28:28.0686 1760 partmgr - ok
19:28:28.0702 1760 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:28:28.0702 1760 PcaSvc - ok
19:28:28.0733 1760 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:28:28.0733 1760 pci - ok
19:28:28.0780 1760 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:28:28.0780 1760 pciide - ok
19:28:28.0811 1760 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:28:28.0826 1760 pcmcia - ok
19:28:28.0842 1760 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:28:28.0842 1760 pcw - ok
19:28:28.0873 1760 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:28:28.0873 1760 PEAUTH - ok
19:28:28.0936 1760 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:28:28.0936 1760 PerfHost - ok
19:28:29.0045 1760 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:28:29.0076 1760 pla - ok
19:28:29.0138 1760 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:28:29.0154 1760 PlugPlay - ok
19:28:29.0170 1760 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:28:29.0170 1760 PNRPAutoReg - ok
19:28:29.0201 1760 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:28:29.0201 1760 PNRPsvc - ok
19:28:29.0248 1760 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:28:29.0248 1760 PolicyAgent - ok
19:28:29.0279 1760 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:28:29.0294 1760 Power - ok
19:28:29.0357 1760 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:28:29.0357 1760 PptpMiniport - ok
19:28:29.0388 1760 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:28:29.0388 1760 Processor - ok
19:28:29.0419 1760 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
19:28:29.0419 1760 ProfSvc - ok
19:28:29.0450 1760 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:28:29.0466 1760 ProtectedStorage - ok
19:28:29.0497 1760 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:28:29.0497 1760 Psched - ok
19:28:29.0591 1760 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:28:29.0638 1760 ql2300 - ok
19:28:29.0700 1760 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:28:29.0716 1760 ql40xx - ok
19:28:29.0747 1760 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:28:29.0747 1760 QWAVE - ok
19:28:29.0762 1760 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:28:29.0762 1760 QWAVEdrv - ok
19:28:29.0778 1760 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:28:29.0778 1760 RasAcd - ok
19:28:29.0809 1760 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:28:29.0809 1760 RasAgileVpn - ok
19:28:29.0825 1760 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:28:29.0825 1760 RasAuto - ok
19:28:29.0856 1760 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:28:29.0872 1760 Rasl2tp - ok
19:28:29.0903 1760 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:28:29.0918 1760 RasMan - ok
19:28:29.0934 1760 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:28:29.0934 1760 RasPppoe - ok
19:28:29.0950 1760 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:28:29.0950 1760 RasSstp - ok
19:28:29.0996 1760 rcmirror (96597c96d5acf4a3ef0b24d396853879) C:\Windows\system32\DRIVERS\rcmirror.sys
19:28:29.0996 1760 rcmirror - ok
19:28:30.0028 1760 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:28:30.0028 1760 rdbss - ok
19:28:30.0043 1760 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:28:30.0043 1760 rdpbus - ok
19:28:30.0059 1760 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:28:30.0059 1760 RDPCDD - ok
19:28:30.0074 1760 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:28:30.0074 1760 RDPENCDD - ok
19:28:30.0090 1760 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:28:30.0090 1760 RDPREFMP - ok
19:28:30.0121 1760 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:28:30.0137 1760 RDPWD - ok
19:28:30.0184 1760 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:28:30.0199 1760 rdyboost - ok
19:28:30.0230 1760 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:28:30.0230 1760 RemoteAccess - ok
19:28:30.0262 1760 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:28:30.0262 1760 RemoteRegistry - ok
19:28:30.0340 1760 RichVideo (498eb62a160674e793fa40fd65390625) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
19:28:30.0340 1760 RichVideo - ok
19:28:30.0355 1760 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:28:30.0355 1760 RpcEptMapper - ok
19:28:30.0386 1760 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:28:30.0386 1760 RpcLocator - ok
19:28:30.0433 1760 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:28:30.0433 1760 RpcSs - ok
19:28:30.0480 1760 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:28:30.0480 1760 rspndr - ok
19:28:30.0527 1760 RSUSBSTOR (2db8116d52b19216812c4e6d5d837810) C:\Windows\System32\Drivers\RtsUStor.sys
19:28:30.0527 1760 RSUSBSTOR - ok
19:28:30.0574 1760 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:28:30.0574 1760 RTL8167 - ok
19:28:30.0589 1760 RtsUIR - ok
19:28:30.0620 1760 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:28:30.0620 1760 SamSs - ok
19:28:30.0652 1760 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:28:30.0667 1760 sbp2port - ok
19:28:30.0808 1760 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
19:28:30.0823 1760 SBSDWSCService - ok
19:28:30.0854 1760 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:28:30.0870 1760 SCardSvr - ok
19:28:30.0917 1760 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:28:30.0917 1760 scfilter - ok
19:28:30.0995 1760 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:28:31.0010 1760 Schedule - ok
19:28:31.0057 1760 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:28:31.0057 1760 SCPolicySvc - ok
19:28:31.0088 1760 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
19:28:31.0104 1760 sdbus - ok
19:28:31.0135 1760 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:28:31.0151 1760 SDRSVC - ok
19:28:31.0166 1760 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:28:31.0166 1760 secdrv - ok
19:28:31.0213 1760 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:28:31.0213 1760 seclogon - ok
19:28:31.0229 1760 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:28:31.0229 1760 SENS - ok
19:28:31.0260 1760 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:28:31.0260 1760 SensrSvc - ok
19:28:31.0291 1760 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:28:31.0291 1760 Serenum - ok
19:28:31.0307 1760 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:28:31.0307 1760 Serial - ok
19:28:31.0338 1760 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:28:31.0338 1760 sermouse - ok
19:28:31.0385 1760 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:28:31.0385 1760 SessionEnv - ok
19:28:31.0400 1760 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:28:31.0400 1760 sffdisk - ok
19:28:31.0432 1760 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:28:31.0432 1760 sffp_mmc - ok
19:28:31.0447 1760 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:28:31.0447 1760 sffp_sd - ok
19:28:31.0447 1760 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:28:31.0463 1760 sfloppy - ok
19:28:31.0494 1760 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:28:31.0510 1760 SharedAccess - ok
19:28:31.0556 1760 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:28:31.0572 1760 ShellHWDetection - ok
19:28:31.0588 1760 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:28:31.0588 1760 SiSRaid2 - ok
19:28:31.0619 1760 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:28:31.0619 1760 SiSRaid4 - ok
19:28:31.0712 1760 SkypeUpdate (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files (x86)\Skype\Updater\Updater.exe
19:28:31.0712 1760 SkypeUpdate - ok
19:28:31.0759 1760 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:28:31.0759 1760 Smb - ok
19:28:31.0775 1760 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:28:31.0775 1760 SNMPTRAP - ok
19:28:31.0790 1760 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:28:31.0790 1760 spldr - ok
19:28:31.0822 1760 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:28:31.0837 1760 Spooler - ok
19:28:32.0024 1760 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:28:32.0071 1760 sppsvc - ok
19:28:32.0118 1760 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:28:32.0134 1760 sppuinotify - ok
19:28:32.0196 1760 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:28:32.0196 1760 srv - ok
19:28:32.0227 1760 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:28:32.0227 1760 srv2 - ok
19:28:32.0258 1760 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
19:28:32.0258 1760 SrvHsfHDA - ok
19:28:32.0336 1760 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
19:28:32.0368 1760 SrvHsfV92 - ok
19:28:32.0430 1760 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
19:28:32.0446 1760 SrvHsfWinac - ok
19:28:32.0477 1760 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:28:32.0477 1760 srvnet - ok
19:28:32.0508 1760 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:28:32.0508 1760 SSDPSRV - ok
19:28:32.0539 1760 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:28:32.0539 1760 SstpSvc - ok
19:28:32.0555 1760 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:28:32.0555 1760 stexstor - ok
19:28:32.0633 1760 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:28:32.0648 1760 stisvc - ok
19:28:32.0680 1760 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:28:32.0680 1760 swenum - ok
19:28:32.0711 1760 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:28:32.0711 1760 swprv - ok
19:28:32.0758 1760 SynTP (bcf305959b53b200ceb2ad25ad22f8a7) C:\Windows\system32\DRIVERS\SynTP.sys
19:28:32.0758 1760 SynTP - ok
19:28:32.0867 1760 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:28:32.0898 1760 SysMain - ok
19:28:32.0992 1760 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:28:32.0992 1760 TabletInputService - ok
19:28:33.0038 1760 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:28:33.0054 1760 TapiSrv - ok
19:28:33.0054 1760 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:28:33.0070 1760 TBS - ok
19:28:33.0179 1760 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:28:33.0210 1760 Tcpip - ok
19:28:33.0319 1760 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:28:33.0335 1760 TCPIP6 - ok
19:28:33.0397 1760 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:28:33.0397 1760 tcpipreg - ok
19:28:33.0413 1760 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:28:33.0413 1760 TDPIPE - ok
19:28:33.0444 1760 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:28:33.0444 1760 TDTCP - ok
19:28:33.0491 1760 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:28:33.0491 1760 tdx - ok
19:28:33.0538 1760 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:28:33.0538 1760 TermDD - ok
19:28:33.0600 1760 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:28:33.0616 1760 TermService - ok
19:28:33.0647 1760 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:28:33.0647 1760 Themes - ok
19:28:33.0678 1760 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:28:33.0678 1760 THREADORDER - ok
19:28:33.0694 1760 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:28:33.0694 1760 TrkWks - ok
19:28:33.0740 1760 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:28:33.0756 1760 TrustedInstaller - ok
19:28:33.0787 1760 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:28:33.0787 1760 tssecsrv - ok
19:28:33.0834 1760 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:28:33.0850 1760 TsUsbFlt - ok
19:28:33.0896 1760 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:28:33.0896 1760 tunnel - ok
19:28:33.0912 1760 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:28:33.0928 1760 uagp35 - ok
19:28:33.0959 1760 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:28:33.0974 1760 udfs - ok
19:28:33.0990 1760 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:28:34.0006 1760 UI0Detect - ok
19:28:34.0037 1760 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:28:34.0037 1760 uliagpkx - ok
19:28:34.0084 1760 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
19:28:34.0084 1760 umbus - ok
19:28:34.0115 1760 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:28:34.0115 1760 UmPass - ok
19:28:34.0130 1760 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:28:34.0146 1760 upnphost - ok
19:28:34.0177 1760 USBAAPL64 (5cf1ead086176dd3348e920a40bed03d) C:\Windows\system32\Drivers\usbaapl64.sys
19:28:34.0177 1760 USBAAPL64 - ok
19:28:34.0224 1760 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
19:28:34.0224 1760 usbaudio - ok
19:28:34.0240 1760 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys
19:28:34.0240 1760 usbccgp - ok
19:28:34.0255 1760 USBCCID - ok
19:28:34.0302 1760 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:28:34.0302 1760 usbcir - ok
19:28:34.0302 1760 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
19:28:34.0302 1760 usbehci - ok
19:28:34.0333 1760 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
19:28:34.0349 1760 usbhub - ok
19:28:34.0349 1760 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
19:28:34.0349 1760 usbohci - ok
19:28:34.0380 1760 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:28:34.0380 1760 usbprint - ok
19:28:34.0396 1760 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:28:34.0396 1760 USBSTOR - ok
19:28:34.0411 1760 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
19:28:34.0411 1760 usbuhci - ok
19:28:34.0442 1760 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
19:28:34.0442 1760 usbvideo - ok
19:28:34.0458 1760 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:28:34.0458 1760 UxSms - ok
19:28:34.0489 1760 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:28:34.0489 1760 VaultSvc - ok
19:28:34.0505 1760 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:28:34.0505 1760 vdrvroot - ok
19:28:34.0567 1760 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:28:34.0567 1760 vds - ok
19:28:34.0583 1760 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:28:34.0598 1760 vga - ok
19:28:34.0614 1760 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:28:34.0614 1760 VgaSave - ok
19:28:34.0630 1760 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:28:34.0645 1760 vhdmp - ok
19:28:34.0661 1760 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:28:34.0661 1760 viaide - ok
19:28:34.0692 1760 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:28:34.0692 1760 volmgr - ok
19:28:34.0739 1760 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:28:34.0754 1760 volmgrx - ok
19:28:34.0770 1760 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:28:34.0770 1760 volsnap - ok
19:28:34.0801 1760 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:28:34.0817 1760 vsmraid - ok
19:28:34.0926 1760 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:28:34.0942 1760 VSS - ok
19:28:35.0020 1760 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:28:35.0020 1760 vwifibus - ok
19:28:35.0035 1760 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:28:35.0035 1760 vwififlt - ok
19:28:35.0066 1760 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:28:35.0082 1760 W32Time - ok
19:28:35.0113 1760 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:28:35.0113 1760 WacomPen - ok
19:28:35.0144 1760 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:28:35.0144 1760 WANARP - ok
19:28:35.0160 1760 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:28:35.0160 1760 Wanarpv6 - ok
19:28:35.0254 1760 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:28:35.0269 1760 WatAdminSvc - ok
19:28:35.0378 1760 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:28:35.0425 1760 wbengine - ok
19:28:35.0488 1760 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:28:35.0503 1760 WbioSrvc - ok
19:28:35.0550 1760 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:28:35.0550 1760 wcncsvc - ok
19:28:35.0566 1760 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:28:35.0566 1760 WcsPlugInService - ok
19:28:35.0612 1760 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:28:35.0612 1760 Wd - ok
19:28:35.0644 1760 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:28:35.0659 1760 Wdf01000 - ok
19:28:35.0675 1760 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:28:35.0675 1760 WdiServiceHost - ok
19:28:35.0675 1760 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:28:35.0690 1760 WdiSystemHost - ok
19:28:35.0722 1760 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:28:35.0737 1760 WebClient - ok
19:28:35.0753 1760 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:28:35.0768 1760 Wecsvc - ok
19:28:35.0784 1760 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:28:35.0784 1760 wercplsupport - ok
19:28:35.0800 1760 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:28:35.0800 1760 WerSvc - ok
19:28:35.0831 1760 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:28:35.0831 1760 WfpLwf - ok
19:28:35.0846 1760 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:28:35.0846 1760 WIMMount - ok
19:28:35.0909 1760 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
19:28:35.0924 1760 winachsf - ok
19:28:35.0940 1760 WinDefend - ok
19:28:35.0956 1760 WinHttpAutoProxySvc - ok
19:28:36.0018 1760 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:28:36.0018 1760 Winmgmt - ok
19:28:36.0127 1760 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:28:36.0158 1760 WinRM - ok
19:28:36.0283 1760 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:28:36.0283 1760 WinUsb - ok
19:28:36.0346 1760 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:28:36.0346 1760 Wlansvc - ok
19:28:36.0392 1760 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:28:36.0392 1760 WmiAcpi - ok
19:28:36.0455 1760 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:28:36.0455 1760 wmiApSrv - ok
19:28:36.0486 1760 WMPNetworkSvc - ok
19:28:36.0502 1760 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:28:36.0502 1760 WPCSvc - ok
19:28:36.0533 1760 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:28:36.0533 1760 WPDBusEnum - ok
19:28:36.0564 1760 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:28:36.0564 1760 ws2ifsl - ok
19:28:36.0580 1760 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:28:36.0580 1760 wscsvc - ok
19:28:36.0580 1760 WSearch - ok
19:28:36.0720 1760 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:28:36.0751 1760 wuauserv - ok
19:28:36.0829 1760 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:28:36.0829 1760 WudfPf - ok
19:28:36.0860 1760 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:28:36.0860 1760 WUDFRd - ok
19:28:36.0907 1760 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:28:36.0907 1760 wudfsvc - ok
19:28:36.0923 1760 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:28:36.0938 1760 WwanSvc - ok
19:28:36.0954 1760 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
19:28:36.0954 1760 XAudio - ok
19:28:37.0001 1760 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
19:28:37.0016 1760 yukonw7 - ok
19:28:37.0048 1760 MBR (0x1B8) (bf1662d133fb47ed2731a4dfb11446c3) \Device\Harddisk0\DR0
19:28:37.0266 1760 \Device\Harddisk0\DR0 - ok
19:28:37.0266 1760 Boot (0x1200) (d030dfe26362aad88da6f534988fb872) \Device\Harddisk0\DR0\Partition0
19:28:37.0266 1760 \Device\Harddisk0\DR0\Partition0 - ok
19:28:37.0297 1760 Boot (0x1200) (8ba3f30deaf46d6d1ba3922452f193ee) \Device\Harddisk0\DR0\Partition1
19:28:37.0297 1760 \Device\Harddisk0\DR0\Partition1 - ok
19:28:37.0328 1760 Boot (0x1200) (2eee553dfd1aeb487e3efca55483677b) \Device\Harddisk0\DR0\Partition2
19:28:37.0328 1760 \Device\Harddisk0\DR0\Partition2 - ok
19:28:37.0328 1760 ============================================================
19:28:37.0328 1760 Scan finished
19:28:37.0328 1760 ============================================================
19:28:37.0344 1460 Detected object count: 0
19:28:37.0344 1460 Actual detected object count: 0
19:29:09.0215 1352 Deinitialize success


aswMBR list:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-30 19:29:20
-----------------------------
19:29:20.275 OS Version: Windows x64 6.1.7601 Service Pack 1
19:29:20.275 Number of processors: 2 586 0x170A
19:29:20.275 ComputerName: CHRISTIAN-PC UserName: Christian
19:29:20.634 Initialize success
19:29:21.632 AVAST engine defs: 12063001
19:29:54.595 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:29:54.595 Disk 0 Vendor: WDC_WD2500BEKT-60V5T1 12.01A12 Size: 238475MB BusType: 11
19:29:54.627 Disk 0 MBR read successfully
19:29:54.627 Disk 0 MBR scan
19:29:55.032 Disk 0 unknown MBR code
19:29:55.048 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
19:29:55.360 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 225388 MB offset 409600
19:29:55.407 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12886 MB offset 462004224
19:29:55.594 Disk 0 scanning C:\Windows\system32\drivers
19:30:07.387 Service scanning
19:30:21.334 Modules scanning
19:30:21.334 Disk 0 trace - called modules:
19:30:21.365 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
19:30:21.381 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c32660]
19:30:21.381 3 CLASSPNP.SYS[fffff880011c443f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80046b7680]
19:30:21.739 AVAST engine scan C:\Windows
19:30:23.440 AVAST engine scan C:\Windows\system32
19:32:13.545 AVAST engine scan C:\Windows\system32\drivers
19:32:21.860 AVAST engine scan C:\Users\Christian
19:43:52.286 AVAST engine scan C:\ProgramData
19:45:42.157 Scan finished successfully
20:38:12.270 Disk 0 MBR has been saved successfully to "C:\Users\Christian\Documents\MBR.dat"
20:38:12.270 The log file has been saved successfully to "C:\Users\Christian\Documents\aswMBR.txt"


ESET online scanner list:

C:\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM119.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM45.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM47.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM65.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Users\Christian\AppData\Local\Temp\V.class a variant of Java/Exploit.CVE-2011-3544.BN trojan cleaned by deleting - quarantined
C:\Users\Christian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\56c94ea2-63a59aaf Java/Exploit.CVE-2012-0507.CF trojan deleted - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:16 PM

Posted 30 June 2012 - 09:57 PM

Reboot into normal mode

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

MiniToolBox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 chillinatbu

chillinatbu
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 01 July 2012 - 11:14 AM

Hello again, here is that log.


MiniToolBox by Farbar Version: 25-06-2012
Ran by Christian (administrator) on 01-07-2012 at 12:11:11
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Christian-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 70-1A-04-F6-21-C7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.2.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, June 30, 2012 11:28:02 PM
Lease Expires . . . . . . . . . . : Wednesday, August 07, 2148 6:39:38 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : staples.com
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-26-2D-BB-5A-A1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:105d:2d9c:b390:3b38(Preferred)
Link-local IPv6 Address . . . . . : fe80::105d:2d9c:b390:3b38%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.2.1

Name: google.com
Addresses: 2001:4860:800a::64
74.125.134.138
74.125.134.139
74.125.134.113
74.125.134.101
74.125.134.100
74.125.134.102


Pinging google.com [173.194.37.70] with 32 bytes of data:
Reply from 173.194.37.70: bytes=32 time=32ms TTL=54
Reply from 173.194.37.70: bytes=32 time=28ms TTL=54

Ping statistics for 173.194.37.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 28ms, Maximum = 32ms, Average = 30ms
Server: UnKnown
Address: 192.168.2.1

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=140ms TTL=49
Reply from 72.30.38.140: bytes=32 time=122ms TTL=49

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 122ms, Maximum = 140ms, Average = 131ms
Server: UnKnown
Address: 192.168.2.1

DNS request timed out.
timeout was 2 seconds.
Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...70 1a 04 f6 21 c7 ......Atheros AR9285 802.11b/g/n WiFi Adapter
10...00 26 2d bb 5a a1 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.4 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.4 281
192.168.2.4 255.255.255.255 On-link 192.168.2.4 281
192.168.2.255 255.255.255.255 On-link 192.168.2.4 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.4 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.4 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:105d:2d9c:b390:3b38/128
On-link
13 306 fe80::/64 On-link
13 306 fe80::105d:2d9c:b390:3b38/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/01/2012 01:42:30 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/01/2012 01:38:48 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/01/2012 01:38:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (06/30/2012 06:04:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (06/30/2012 06:04:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (06/30/2012 06:04:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (06/30/2012 06:00:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (06/29/2012 06:44:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: LightScribeControlPanel.exe, version: 1.18.8.1, time stamp: 0x4a8db153
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x73bb4f0d
Faulting process id: 0x6ec
Faulting application start time: 0xLightScribeControlPanel.exe0
Faulting application path: LightScribeControlPanel.exe1
Faulting module path: LightScribeControlPanel.exe2
Report Id: LightScribeControlPanel.exe3

Error: (06/29/2012 03:24:40 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1022.

Error: (06/29/2012 03:24:40 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: An attempt to create the file "C:\Windows\SoftwareDistribution\DataStore\Logs\edbtmp.log" failed with system error 1393 (0x00000571): "The disk structure is corrupted and unreadable. ". The create file operation will fail with error -1022 (0xfffffc02).


System errors:
=============
Error: (06/30/2012 07:26:28 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/30/2012 07:26:28 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/30/2012 07:26:28 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/30/2012 07:26:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/30/2012 07:26:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/30/2012 07:26:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/30/2012 07:26:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/30/2012 07:26:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/30/2012 07:26:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/30/2012 07:26:16 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (10/21/2010 04:24:25 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 250 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/13/2010 00:18:05 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9501 seconds with 120 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player (Version: 11.0)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
AIM 7
AIM Toolbar
Apple Application Support (Version: 1.2.1)
Apple Mobile Device Support (Version: 3.0.0.102)
Apple Software Update (Version: 2.1.3.127)
Atheros Driver Installation Program (Version: 9.0)
avast! Free Antivirus (Version: 7.0.1451.0)
AVG 2012 (Version: 12.0.2180)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2180)
BitTorrent (Version: 7.2.0)
Bonjour (Version: 2.0.0.34)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HD Audio (Version: 4.98.60.50)
CyberLink DVD Suite (Version: 7.0.2111)
CyberLink MediaShow (Version: 4.1.3325)
CyberLink PowerDVD 8 (Version: 8.0.1.1005)
CyberLink YouCam (Version: 3.0.2201)
Debut Video Capture Software
DivX Setup (Version: 2.1.2.2)
Download Updater (AOL LLC)
EasyBits GO
ESET Online Scanner v3
ESU for Microsoft Windows 7 (Version: 1.0.0)
Google Chrome (Version: 20.0.1132.47)
Google Earth (Version: 6.1.0.5001)
Google Talk Plugin (Version: 3.1.4.8140)
Google Update Helper (Version: 1.3.21.111)
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.50)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP Advisor (Version: 3.3.9512.3162)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Games (Version: 1.0.0.71)
HP Quick Launch Buttons (Version: 6.50.16.1)
HP Setup (Version: 1.2.3560.3170)
HP Support Assistant (Version: 6.1.12.1)
HP Update (Version: 5.001.000.014)
HP User Guides 0156 (Version: 1.02.0001)
HP Wireless Assistant (Version: 3.50.11.2)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2202)
iTunes (Version: 9.1.0.79)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 15 (64-bit) (Version: 6.0.150)
Java™ 6 Update 30 (Version: 6.0.300)
Java™ SE Development Kit 6 Update 15 (64-bit) (Version: 1.6.0.150)
Junk Mail filter update (Version: 14.0.8089.726)
LabelPrint (Version: 2.5.2111)
LightScribe System Software (Version: 1.18.8.1)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Live Search Toolbar (Version: 3.0.566.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Ultimate 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 14.0.1468.721)
muvee Reveal (Version: 7.0.43.12698)
Norton Online Backup (Version: 1.2.20.0)
Octoshape add-in for Adobe Flash Player
Picasa 3 (Version: 3.6)
Power2Go (Version: 6.0.3311)
PowerDirector (Version: 7.0.3311)
QLBCASL (Version: 6.40.17.2)
QuickTime (Version: 7.66.71.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0007)
Realtek USB 2.0 Card Reader (Version: 6.1.7100.30093)
RealUpgrade 1.1 (Version: 1.1.0)
Recovery Manager (Version: 5.5.2214)
Ross Net Drive 2.0
Skype™ 5.9 (Version: 5.9.115)
SoulSeek 157 NS 13e
Spybot - Search & Destroy (Version: 1.6.2)
SweetIM for Messenger 3.6 (Version: 3.6.0002)
SweetIM Toolbar for Internet Explorer 4.2 (Version: 4.2.0004)
Synaptics Pointing Device Driver (Version: 13.2.2.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Virtual DJ Home - Atomix Productions
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 1.1.11 (Version: 1.1.11)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)

========================= Memory info: ===================================

Percentage of memory in use: 48%
Total physical RAM: 3999.19 MB
Available physical RAM: 2055.18 MB
Total Pagefile: 7996.57 MB
Available Pagefile: 5816.53 MB
Total Virtual: 4095.88 MB
Available Virtual: 3957.83 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:220.11 GB) (Free:11.09 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:12.58 GB) (Free:2.1 GB) NTFS

========================= Users: ========================================

User accounts for \\CHRISTIAN-PC

Administrator Christian Guest


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:16 PM

Posted 01 July 2012 - 11:20 AM

MBAM log?

#7 chillinatbu

chillinatbu
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 01 July 2012 - 11:42 AM

This was a minitoolbox log. As for the MBAM log, it said there were no threats detected.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:16 PM

Posted 01 July 2012 - 12:05 PM

That looks good

You have avast and AVG.Uninstall anyone.

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 chillinatbu

chillinatbu
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 01 July 2012 - 02:37 PM

Hello again, one last question. After doing everything that you told me to do, there are now a bunch of documents that are on my desktop that are lighter in color than the others and that weren't there before, and when I try to open them, it asks me if I want to recover the contents if I trust the source. What shall I do about these? Also, on the C drive, there are now a bunch of folders with lock symbols next to them that weren't there before. Thanks!

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:16 PM

Posted 01 July 2012 - 02:40 PM

Also, on the C drive, there are now a bunch of folders with lock symbols next to them that weren't there before

can you post a screenshot?

Edited by narenxp, 01 July 2012 - 02:40 PM.


#11 chillinatbu

chillinatbu
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 01 July 2012 - 02:44 PM

I don't know how to do that lol

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:16 PM

Posted 01 July 2012 - 02:49 PM

No problem i can guess what it might be :thumbup2:

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Dont Show hidden files
checkmark Hide operating system files


Click ok

Let me know if that worked

Edited by narenxp, 01 July 2012 - 02:51 PM.


#13 chillinatbu

chillinatbu
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 01 July 2012 - 02:54 PM

Wow, I cannot thank you enough for all of your help. This is unbelievable! I thank you and truly appreciate it.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:16 PM

Posted 01 July 2012 - 02:55 PM

You're most welcome :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users