Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random Pop Ups and Security Warnings


  • Please log in to reply
5 replies to this topic

#1 hazhazhazhaz

hazhazhazhaz

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 11 July 2012 - 09:17 AM

Hi could somebody help me please.

Using Chrome, and randomly when clicking on links in google I get taken to advert pages, ebay and other adverts.

Also whenever trying to login to a site say for instance facebook and I am on an https:// page it gives the following warning:


The site's security certificate is signed using a weak signature algorithm!
You attempted to reach www.facebook.com, but the server presented a certificate signed using a weak signature algorithm. This means that the security credentials the server presented could have been forged and the server may not be the server you expected (you may be communicating with an attacker).
You should not proceed, especially if you have never seen this warning before for this site.

What steps should I take please?

Edited by hazhazhazhaz, 11 July 2012 - 09:17 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:46 AM

Posted 11 July 2012 - 01:35 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 hazhazhazhaz

hazhazhazhaz
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 12 July 2012 - 03:02 AM

TDSSkiller Report


09:00:34.0947 3544 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
09:00:36.0647 3544 ============================================================
09:00:36.0647 3544 Current date / time: 2012/07/12 09:00:36.0647
09:00:36.0647 3544 SystemInfo:
09:00:36.0647 3544
09:00:36.0647 3544 OS Version: 6.1.7601 ServicePack: 1.0
09:00:36.0647 3544 Product type: Workstation
09:00:36.0647 3544 ComputerName: HARRY-PC
09:00:36.0647 3544 UserName: Harry
09:00:36.0647 3544 Windows directory: C:\Windows
09:00:36.0647 3544 System windows directory: C:\Windows
09:00:36.0647 3544 Processor architecture: Intel x86
09:00:36.0647 3544 Number of processors: 2
09:00:36.0647 3544 Page size: 0x1000
09:00:36.0647 3544 Boot type: Normal boot
09:00:36.0647 3544 ============================================================
09:00:39.0057 3544 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:00:39.0059 3544 ============================================================
09:00:39.0059 3544 \Device\Harddisk0\DR0:
09:00:39.0059 3544 MBR partitions:
09:00:39.0059 3544 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2F800, BlocksNum 0x1139000
09:00:39.0059 3544 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1168800, BlocksNum 0x1C040000
09:00:39.0059 3544 ============================================================
09:00:39.0096 3544 C: <-> \Device\Harddisk0\DR0\Partition1
09:00:39.0097 3544 ============================================================
09:00:39.0097 3544 Initialize success
09:00:39.0097 3544 ============================================================
09:00:40.0176 1828 ============================================================
09:00:40.0176 1828 Scan started
09:00:40.0176 1828 Mode: Manual;
09:00:40.0176 1828 ============================================================
09:00:43.0249 1828 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
09:00:43.0249 1828 !SASCORE - ok
09:00:43.0546 1828 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
09:00:43.0546 1828 1394ohci - ok
09:00:43.0624 1828 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
09:00:43.0624 1828 ACPI - ok
09:00:43.0655 1828 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
09:00:43.0655 1828 AcpiPmi - ok
09:00:43.0748 1828 Ad-Aware Service (09e61047b0cef21559cfcedf4f14d216) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
09:00:43.0764 1828 Ad-Aware Service - ok
09:00:43.0982 1828 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:00:43.0982 1828 AdobeFlashPlayerUpdateSvc - ok
09:00:44.0060 1828 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
09:00:44.0076 1828 adp94xx - ok
09:00:44.0107 1828 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
09:00:44.0107 1828 adpahci - ok
09:00:44.0123 1828 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
09:00:44.0123 1828 adpu320 - ok
09:00:44.0170 1828 AegisP (91f3df93f40a74d222cd166fe95db633) C:\Windows\system32\DRIVERS\AegisP.sys
09:00:44.0170 1828 AegisP - ok
09:00:44.0201 1828 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
09:00:44.0201 1828 AeLookupSvc - ok
09:00:44.0263 1828 AERTFilters (7a841462ad4749f8a07b27ae8e8947b8) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
09:00:44.0263 1828 AERTFilters - ok
09:00:44.0341 1828 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
09:00:44.0341 1828 AFD - ok
09:00:44.0404 1828 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
09:00:44.0404 1828 agp440 - ok
09:00:44.0450 1828 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
09:00:44.0450 1828 aic78xx - ok
09:00:44.0513 1828 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
09:00:44.0513 1828 ALG - ok
09:00:44.0544 1828 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
09:00:44.0544 1828 aliide - ok
09:00:44.0560 1828 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
09:00:44.0560 1828 amdagp - ok
09:00:44.0560 1828 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
09:00:44.0560 1828 amdide - ok
09:00:44.0591 1828 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
09:00:44.0591 1828 AmdK8 - ok
09:00:44.0606 1828 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
09:00:44.0606 1828 AmdPPM - ok
09:00:44.0716 1828 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
09:00:44.0716 1828 amdsata - ok
09:00:44.0731 1828 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
09:00:44.0731 1828 amdsbs - ok
09:00:44.0747 1828 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
09:00:44.0747 1828 amdxata - ok
09:00:44.0794 1828 androidusb (950cc1e6ae3a6cd23e0945cde089b02c) C:\Windows\system32\Drivers\androidusb.sys
09:00:44.0794 1828 androidusb - ok
09:00:44.0840 1828 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
09:00:44.0840 1828 AppID - ok
09:00:44.0887 1828 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
09:00:44.0887 1828 AppIDSvc - ok
09:00:44.0950 1828 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
09:00:44.0950 1828 Appinfo - ok
09:00:44.0965 1828 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
09:00:44.0965 1828 arc - ok
09:00:44.0981 1828 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
09:00:44.0981 1828 arcsas - ok
09:00:45.0121 1828 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:00:45.0121 1828 aspnet_state - ok
09:00:45.0152 1828 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
09:00:45.0152 1828 AsyncMac - ok
09:00:45.0168 1828 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
09:00:45.0168 1828 atapi - ok
09:00:45.0215 1828 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
09:00:45.0215 1828 AudioEndpointBuilder - ok
09:00:45.0230 1828 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
09:00:45.0230 1828 Audiosrv - ok
09:00:45.0776 1828 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
09:00:45.0839 1828 AVGIDSAgent - ok
09:00:46.0369 1828 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\Windows\system32\DRIVERS\avgidsdriverx.sys
09:00:46.0369 1828 AVGIDSDriver - ok
09:00:46.0416 1828 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\Windows\system32\DRIVERS\avgidsfilterx.sys
09:00:46.0416 1828 AVGIDSFilter - ok
09:00:46.0525 1828 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\Windows\system32\DRIVERS\avgidshx.sys
09:00:46.0525 1828 AVGIDSHX - ok
09:00:46.0588 1828 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\Windows\system32\DRIVERS\avgidsshimx.sys
09:00:46.0588 1828 AVGIDSShim - ok
09:00:46.0915 1828 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\Windows\system32\DRIVERS\avgldx86.sys
09:00:46.0931 1828 Avgldx86 - ok
09:00:47.0087 1828 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\Windows\system32\DRIVERS\avgmfx86.sys
09:00:47.0087 1828 Avgmfx86 - ok
09:00:47.0227 1828 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\Windows\system32\DRIVERS\avgrkx86.sys
09:00:47.0227 1828 Avgrkx86 - ok
09:00:47.0430 1828 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
09:00:47.0430 1828 avgwd - ok
09:00:47.0477 1828 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
09:00:47.0477 1828 AxInstSV - ok
09:00:47.0524 1828 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
09:00:47.0524 1828 b06bdrv - ok
09:00:47.0570 1828 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
09:00:47.0570 1828 b57nd60x - ok
09:00:47.0617 1828 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
09:00:47.0617 1828 BDESVC - ok
09:00:47.0633 1828 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
09:00:47.0633 1828 Beep - ok
09:00:47.0711 1828 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
09:00:47.0711 1828 BITS - ok
09:00:47.0742 1828 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
09:00:47.0742 1828 blbdrive - ok
09:00:47.0914 1828 Bonjour Service (ebad0f51d8d4dade7660b1851addbd07) C:\Program Files\Bonjour\mDNSResponder.exe
09:00:47.0929 1828 Bonjour Service - ok
09:00:47.0976 1828 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
09:00:47.0976 1828 bowser - ok
09:00:48.0038 1828 BPowMon (104c980400850ea84f86cd31ae2eeece) C:\Program Files\Broadcom\BPowMon\BPowMon.exe
09:00:48.0038 1828 BPowMon - ok
09:00:48.0054 1828 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:00:48.0054 1828 BrFiltLo - ok
09:00:48.0070 1828 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:00:48.0070 1828 BrFiltUp - ok
09:00:48.0132 1828 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
09:00:48.0132 1828 Browser - ok
09:00:48.0148 1828 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
09:00:48.0148 1828 Brserid - ok
09:00:48.0179 1828 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
09:00:48.0179 1828 BrSerWdm - ok
09:00:48.0194 1828 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:00:48.0210 1828 BrUsbMdm - ok
09:00:48.0210 1828 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
09:00:48.0210 1828 BrUsbSer - ok
09:00:48.0226 1828 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
09:00:48.0226 1828 BTHMODEM - ok
09:00:48.0288 1828 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
09:00:48.0288 1828 bthserv - ok
09:00:48.0288 1828 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
09:00:48.0304 1828 cdfs - ok
09:00:48.0428 1828 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
09:00:48.0444 1828 cdrom - ok
09:00:48.0662 1828 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
09:00:48.0678 1828 CertPropSvc - ok
09:00:48.0694 1828 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
09:00:48.0694 1828 circlass - ok
09:00:48.0756 1828 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
09:00:48.0756 1828 CLFS - ok
09:00:48.0818 1828 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:00:48.0818 1828 clr_optimization_v2.0.50727_32 - ok
09:00:48.0943 1828 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:00:48.0943 1828 clr_optimization_v4.0.30319_32 - ok
09:00:49.0006 1828 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
09:00:49.0006 1828 CmBatt - ok
09:00:49.0037 1828 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
09:00:49.0037 1828 cmdide - ok
09:00:49.0115 1828 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
09:00:49.0130 1828 CNG - ok
09:00:49.0162 1828 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
09:00:49.0162 1828 Compbatt - ok
09:00:49.0193 1828 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
09:00:49.0193 1828 CompositeBus - ok
09:00:49.0208 1828 COMSysApp - ok
09:00:49.0224 1828 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
09:00:49.0224 1828 crcdisk - ok
09:00:49.0271 1828 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
09:00:49.0271 1828 CryptSvc - ok
09:00:49.0364 1828 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
09:00:49.0380 1828 DcomLaunch - ok
09:00:49.0411 1828 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
09:00:49.0411 1828 defragsvc - ok
09:00:49.0489 1828 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
09:00:49.0489 1828 DfsC - ok
09:00:49.0536 1828 dg_ssudbus (73fc5bc52572084ec1241514cf6230a0) C:\Windows\system32\DRIVERS\ssudbus.sys
09:00:49.0536 1828 dg_ssudbus - ok
09:00:49.0583 1828 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
09:00:49.0598 1828 Dhcp - ok
09:00:49.0598 1828 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
09:00:49.0598 1828 discache - ok
09:00:49.0692 1828 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
09:00:49.0692 1828 Disk - ok
09:00:49.0739 1828 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
09:00:49.0739 1828 Dnscache - ok
09:00:49.0786 1828 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
09:00:49.0786 1828 dot3svc - ok
09:00:49.0848 1828 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
09:00:49.0848 1828 DPS - ok
09:00:49.0864 1828 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
09:00:49.0879 1828 drmkaud - ok
09:00:49.0942 1828 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
09:00:49.0942 1828 DXGKrnl - ok
09:00:49.0988 1828 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
09:00:49.0988 1828 EapHost - ok
09:00:50.0129 1828 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
09:00:50.0160 1828 ebdrv - ok
09:00:50.0300 1828 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
09:00:50.0300 1828 EFS - ok
09:00:50.0363 1828 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
09:00:50.0363 1828 ehRecvr - ok
09:00:50.0472 1828 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
09:00:50.0472 1828 ehSched - ok
09:00:50.0550 1828 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
09:00:50.0550 1828 elxstor - ok
09:00:50.0597 1828 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
09:00:50.0597 1828 ErrDev - ok
09:00:50.0675 1828 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
09:00:50.0678 1828 EventSystem - ok
09:00:50.0722 1828 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
09:00:50.0723 1828 exfat - ok
09:00:50.0739 1828 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
09:00:50.0741 1828 fastfat - ok
09:00:50.0814 1828 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
09:00:50.0817 1828 Fax - ok
09:00:50.0829 1828 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
09:00:50.0830 1828 fdc - ok
09:00:50.0838 1828 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
09:00:50.0839 1828 fdPHost - ok
09:00:50.0878 1828 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
09:00:50.0879 1828 FDResPub - ok
09:00:50.0928 1828 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
09:00:50.0929 1828 FileInfo - ok
09:00:50.0935 1828 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
09:00:50.0935 1828 Filetrace - ok
09:00:51.0061 1828 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:00:51.0082 1828 FLEXnet Licensing Service - ok
09:00:51.0092 1828 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
09:00:51.0095 1828 flpydisk - ok
09:00:51.0221 1828 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
09:00:51.0224 1828 FltMgr - ok
09:00:51.0284 1828 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
09:00:51.0292 1828 FontCache - ok
09:00:51.0403 1828 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:00:51.0509 1828 FontCache3.0.0.0 - ok
09:00:52.0045 1828 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
09:00:52.0046 1828 FsDepends - ok
09:00:52.0099 1828 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
09:00:52.0101 1828 Fs_Rec - ok
09:00:52.0151 1828 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
09:00:52.0153 1828 fvevol - ok
09:00:52.0225 1828 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:00:52.0226 1828 gagp30kx - ok
09:00:52.0280 1828 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
09:00:52.0287 1828 gpsvc - ok
09:00:52.0337 1828 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
09:00:52.0338 1828 hcw85cir - ok
09:00:52.0373 1828 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
09:00:52.0377 1828 HdAudAddService - ok
09:00:52.0416 1828 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:00:52.0417 1828 HDAudBus - ok
09:00:52.0427 1828 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
09:00:52.0427 1828 HidBatt - ok
09:00:52.0486 1828 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
09:00:52.0487 1828 HidBth - ok
09:00:52.0494 1828 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
09:00:52.0495 1828 HidIr - ok
09:00:52.0527 1828 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
09:00:52.0529 1828 hidserv - ok
09:00:52.0561 1828 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
09:00:52.0561 1828 HidUsb - ok
09:00:52.0639 1828 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
09:00:52.0639 1828 hkmsvc - ok
09:00:52.0686 1828 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
09:00:52.0702 1828 HomeGroupListener - ok
09:00:52.0702 1828 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
09:00:52.0717 1828 HomeGroupProvider - ok
09:00:52.0764 1828 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
09:00:52.0764 1828 HpSAMD - ok
09:00:52.0858 1828 HTCAND32 (950cc1e6ae3a6cd23e0945cde089b02c) C:\Windows\system32\Drivers\ANDROIDUSB.sys
09:00:52.0858 1828 HTCAND32 - ok
09:00:52.0889 1828 htcnprot (339adefad60353f960e3ca67ce468c24) C:\Windows\system32\DRIVERS\htcnprot.sys
09:00:52.0889 1828 htcnprot - ok
09:00:52.0936 1828 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
09:00:52.0936 1828 HTTP - ok
09:00:52.0982 1828 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
09:00:52.0982 1828 hwpolicy - ok
09:00:53.0045 1828 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
09:00:53.0045 1828 i8042prt - ok
09:00:53.0076 1828 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
09:00:53.0076 1828 iaStorV - ok
09:00:53.0232 1828 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:00:53.0232 1828 idsvc - ok
09:00:53.0372 1828 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
09:00:53.0372 1828 iirsp - ok
09:00:53.0513 1828 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
09:00:53.0513 1828 IKEEXT - ok
09:00:53.0731 1828 IntcAzAudAddService (94b1ff5d243d34b31380a2f79fc48959) C:\Windows\system32\drivers\RTKVHDA.sys
09:00:53.0762 1828 IntcAzAudAddService - ok
09:00:53.0950 1828 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
09:00:53.0950 1828 intelide - ok
09:00:53.0981 1828 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
09:00:53.0981 1828 intelppm - ok
09:00:54.0012 1828 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
09:00:54.0012 1828 IPBusEnum - ok
09:00:54.0059 1828 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:00:54.0059 1828 IpFilterDriver - ok
09:00:54.0106 1828 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
09:00:54.0106 1828 IPMIDRV - ok
09:00:54.0121 1828 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
09:00:54.0121 1828 IPNAT - ok
09:00:54.0168 1828 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
09:00:54.0168 1828 IRENUM - ok
09:00:54.0168 1828 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
09:00:54.0168 1828 isapnp - ok
09:00:54.0215 1828 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
09:00:54.0215 1828 iScsiPrt - ok
09:00:54.0262 1828 k57nd60x (7ea81534e80570bdf6ee4a4248bba4d6) C:\Windows\system32\DRIVERS\k57nd60x.sys
09:00:54.0262 1828 k57nd60x - ok
09:00:54.0293 1828 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
09:00:54.0293 1828 kbdclass - ok
09:00:54.0324 1828 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
09:00:54.0324 1828 kbdhid - ok
09:00:54.0355 1828 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:00:54.0355 1828 KeyIso - ok
09:00:54.0418 1828 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
09:00:54.0433 1828 KSecDD - ok
09:00:54.0480 1828 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
09:00:54.0480 1828 KSecPkg - ok
09:00:54.0511 1828 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
09:00:54.0527 1828 KtmRm - ok
09:00:54.0605 1828 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
09:00:54.0605 1828 LanmanServer - ok
09:00:54.0667 1828 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
09:00:54.0667 1828 LanmanWorkstation - ok
09:00:54.0730 1828 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
09:00:54.0730 1828 lltdio - ok
09:00:54.0761 1828 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
09:00:54.0761 1828 lltdsvc - ok
09:00:54.0776 1828 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
09:00:54.0776 1828 lmhosts - ok
09:00:54.0839 1828 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:00:54.0839 1828 LSI_FC - ok
09:00:54.0854 1828 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:00:54.0854 1828 LSI_SAS - ok
09:00:54.0886 1828 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:00:54.0886 1828 LSI_SAS2 - ok
09:00:54.0901 1828 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:00:54.0901 1828 LSI_SCSI - ok
09:00:54.0917 1828 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
09:00:54.0917 1828 luafv - ok
09:00:55.0026 1828 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
09:00:55.0026 1828 MBAMProtector - ok
09:00:55.0135 1828 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:00:55.0135 1828 MBAMService - ok
09:00:55.0182 1828 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
09:00:55.0182 1828 Mcx2Svc - ok
09:00:55.0198 1828 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
09:00:55.0198 1828 megasas - ok
09:00:55.0244 1828 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
09:00:55.0244 1828 MegaSR - ok
09:00:55.0338 1828 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
09:00:55.0338 1828 Microsoft Office Groove Audit Service - ok
09:00:55.0354 1828 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
09:00:55.0354 1828 MMCSS - ok
09:00:55.0369 1828 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
09:00:55.0369 1828 Modem - ok
09:00:55.0385 1828 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
09:00:55.0385 1828 monitor - ok
09:00:55.0416 1828 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
09:00:55.0416 1828 mouclass - ok
09:00:55.0447 1828 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
09:00:55.0447 1828 mouhid - ok
09:00:55.0525 1828 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
09:00:55.0525 1828 mountmgr - ok
09:00:55.0588 1828 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
09:00:55.0588 1828 mpio - ok
09:00:55.0603 1828 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
09:00:55.0603 1828 mpsdrv - ok
09:00:55.0681 1828 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
09:00:55.0681 1828 MRxDAV - ok
09:00:55.0806 1828 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:00:55.0806 1828 mrxsmb - ok
09:00:55.0868 1828 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:00:55.0884 1828 mrxsmb10 - ok
09:00:55.0884 1828 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:00:55.0884 1828 mrxsmb20 - ok
09:00:56.0071 1828 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
09:00:56.0071 1828 msahci - ok
09:00:56.0227 1828 MsDepSvc (aaac4b494de45836121a40aec980b631) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
09:00:56.0227 1828 MsDepSvc - ok
09:00:56.0274 1828 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
09:00:56.0274 1828 msdsm - ok
09:00:56.0305 1828 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
09:00:56.0305 1828 MSDTC - ok
09:00:56.0321 1828 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
09:00:56.0321 1828 Msfs - ok
09:00:56.0352 1828 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
09:00:56.0352 1828 mshidkmdf - ok
09:00:56.0368 1828 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
09:00:56.0368 1828 msisadrv - ok
09:00:56.0461 1828 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
09:00:56.0461 1828 MSiSCSI - ok
09:00:56.0477 1828 msiserver - ok
09:00:56.0508 1828 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
09:00:56.0508 1828 MSKSSRV - ok
09:00:56.0524 1828 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
09:00:56.0524 1828 MSPCLOCK - ok
09:00:56.0570 1828 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
09:00:56.0570 1828 MSPQM - ok
09:00:56.0664 1828 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
09:00:56.0664 1828 MsRPC - ok
09:00:56.0742 1828 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
09:00:56.0742 1828 mssmbios - ok
09:00:56.0867 1828 MSSQL$SQLEXPRESS - ok
09:00:56.0992 1828 MSSQLSERVER - ok
09:00:57.0132 1828 MSSQLServerADHelper100 (8e8e74c953eb0c4f8828d99d6f27fd6f) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
09:00:57.0132 1828 MSSQLServerADHelper100 - ok
09:00:57.0132 1828 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
09:00:57.0132 1828 MSTEE - ok
09:00:57.0148 1828 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
09:00:57.0148 1828 MTConfig - ok
09:00:57.0226 1828 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys
09:00:57.0226 1828 MTsensor - ok
09:00:57.0257 1828 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
09:00:57.0257 1828 Mup - ok
09:00:57.0366 1828 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
09:00:57.0382 1828 napagent - ok
09:00:57.0444 1828 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
09:00:57.0444 1828 NativeWifiP - ok
09:00:57.0553 1828 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
09:00:57.0569 1828 NDIS - ok
09:00:57.0616 1828 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
09:00:57.0616 1828 NdisCap - ok
09:00:57.0662 1828 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
09:00:57.0662 1828 NdisTapi - ok
09:00:57.0694 1828 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
09:00:57.0694 1828 Ndisuio - ok
09:00:57.0772 1828 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
09:00:57.0772 1828 NdisWan - ok
09:00:57.0818 1828 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
09:00:57.0818 1828 NDProxy - ok
09:00:57.0865 1828 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
09:00:57.0865 1828 NetBIOS - ok
09:00:57.0928 1828 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
09:00:57.0928 1828 NetBT - ok
09:00:58.0006 1828 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:00:58.0006 1828 Netlogon - ok
09:00:58.0115 1828 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
09:00:58.0115 1828 Netman - ok
09:00:58.0255 1828 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:00:58.0255 1828 NetMsmqActivator - ok
09:00:58.0302 1828 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:00:58.0302 1828 NetPipeActivator - ok
09:00:58.0333 1828 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
09:00:58.0333 1828 netprofm - ok
09:00:58.0458 1828 netr28u (105a0947e6e01e5a6b76dad87547cd89) C:\Windows\system32\DRIVERS\netr28u.sys
09:00:58.0458 1828 netr28u - ok
09:00:59.0425 1828 netr73 (fbbdcacbc128670983cca59345be5454) C:\Windows\system32\DRIVERS\netr73.sys
09:00:59.0441 1828 netr73 - ok
09:00:59.0862 1828 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:00:59.0878 1828 NetTcpActivator - ok
09:00:59.0878 1828 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:00:59.0878 1828 NetTcpPortSharing - ok
09:00:59.0971 1828 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
09:00:59.0971 1828 nfrd960 - ok
09:01:00.0252 1828 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
09:01:00.0252 1828 NlaSvc - ok
09:01:00.0361 1828 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys
09:01:00.0361 1828 NPF - ok
09:01:00.0377 1828 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
09:01:00.0377 1828 Npfs - ok
09:01:00.0392 1828 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
09:01:00.0392 1828 nsi - ok
09:01:00.0439 1828 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
09:01:00.0439 1828 nsiproxy - ok
09:01:00.0533 1828 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
09:01:00.0580 1828 Ntfs - ok
09:01:00.0611 1828 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
09:01:00.0611 1828 Null - ok
09:01:00.0658 1828 NVHDA (a82534d453425f5fee4b6a583fdcf3eb) C:\Windows\system32\drivers\nvhda32v.sys
09:01:00.0658 1828 NVHDA - ok
09:01:01.0285 1828 nvlddmkm (6ca71d086162be061b00b5a7587ee293) C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:01:01.0427 1828 nvlddmkm - ok
09:01:01.0742 1828 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
09:01:01.0744 1828 nvraid - ok
09:01:01.0815 1828 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
09:01:01.0816 1828 nvstor - ok
09:01:01.0883 1828 nvsvc (8ce36da157e4a62757f59d008443f14b) C:\Windows\system32\nvvsvc.exe
09:01:01.0885 1828 nvsvc - ok
09:01:01.0941 1828 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
09:01:01.0943 1828 nv_agp - ok
09:01:02.0080 1828 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:01:02.0085 1828 odserv - ok
09:01:02.0151 1828 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
09:01:02.0152 1828 ohci1394 - ok
09:01:02.0259 1828 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:01:02.0260 1828 ose - ok
09:01:02.0323 1828 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
09:01:02.0327 1828 p2pimsvc - ok
09:01:02.0369 1828 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
09:01:02.0372 1828 p2psvc - ok
09:01:02.0391 1828 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
09:01:02.0392 1828 Parport - ok
09:01:02.0426 1828 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
09:01:02.0427 1828 partmgr - ok
09:01:02.0436 1828 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
09:01:02.0437 1828 Parvdm - ok
09:01:02.0570 1828 PassThru Service (5fbcc9eeefaca3019d5bd5979618f298) C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
09:01:02.0571 1828 PassThru Service - ok
09:01:02.0584 1828 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
09:01:02.0586 1828 PcaSvc - ok
09:01:02.0619 1828 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
09:01:02.0621 1828 pci - ok
09:01:02.0635 1828 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
09:01:02.0636 1828 pciide - ok
09:01:02.0656 1828 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
09:01:02.0658 1828 pcmcia - ok
09:01:02.0673 1828 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
09:01:02.0674 1828 pcw - ok
09:01:02.0723 1828 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
09:01:02.0730 1828 PEAUTH - ok
09:01:02.0866 1828 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
09:01:02.0889 1828 pla - ok
09:01:03.0071 1828 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
09:01:03.0158 1828 PlugPlay - ok
09:01:03.0189 1828 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
09:01:03.0191 1828 PNRPAutoReg - ok
09:01:03.0208 1828 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
09:01:03.0210 1828 PNRPsvc - ok
09:01:03.0581 1828 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
09:01:03.0583 1828 PolicyAgent - ok
09:01:03.0750 1828 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
09:01:03.0752 1828 Power - ok
09:01:03.0800 1828 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
09:01:03.0802 1828 PptpMiniport - ok
09:01:03.0814 1828 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
09:01:03.0815 1828 Processor - ok
09:01:03.0919 1828 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
09:01:03.0935 1828 ProfSvc - ok
09:01:03.0966 1828 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:01:03.0966 1828 ProtectedStorage - ok
09:01:03.0997 1828 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
09:01:03.0997 1828 Psched - ok
09:01:04.0091 1828 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
09:01:04.0091 1828 PxHelp20 - ok
09:01:04.0258 1828 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
09:01:04.0273 1828 ql2300 - ok
09:01:04.0606 1828 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
09:01:04.0607 1828 ql40xx - ok
09:01:04.0699 1828 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
09:01:04.0702 1828 QWAVE - ok
09:01:04.0731 1828 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
09:01:04.0732 1828 QWAVEdrv - ok
09:01:04.0746 1828 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
09:01:04.0746 1828 RasAcd - ok
09:01:04.0831 1828 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:01:04.0832 1828 RasAgileVpn - ok
09:01:04.0868 1828 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
09:01:04.0876 1828 RasAuto - ok
09:01:04.0897 1828 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:01:04.0898 1828 Rasl2tp - ok
09:01:04.0944 1828 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
09:01:04.0948 1828 RasMan - ok
09:01:04.0958 1828 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
09:01:04.0959 1828 RasPppoe - ok
09:01:04.0967 1828 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
09:01:04.0968 1828 RasSstp - ok
09:01:04.0997 1828 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
09:01:05.0000 1828 rdbss - ok
09:01:05.0051 1828 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
09:01:05.0052 1828 rdpbus - ok
09:01:05.0084 1828 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:01:05.0084 1828 RDPCDD - ok
09:01:05.0106 1828 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
09:01:05.0107 1828 RDPENCDD - ok
09:01:05.0146 1828 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
09:01:05.0147 1828 RDPREFMP - ok
09:01:05.0219 1828 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
09:01:05.0220 1828 RDPWD - ok
09:01:05.0332 1828 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
09:01:05.0333 1828 rdyboost - ok
09:01:05.0368 1828 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
09:01:05.0370 1828 RemoteAccess - ok
09:01:05.0395 1828 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
09:01:05.0398 1828 RemoteRegistry - ok
09:01:05.0613 1828 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files\WinPcap\rpcapd.exe
09:01:05.0614 1828 rpcapd - ok
09:01:05.0636 1828 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
09:01:05.0643 1828 RpcEptMapper - ok
09:01:05.0686 1828 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
09:01:05.0687 1828 RpcLocator - ok
09:01:05.0757 1828 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
09:01:05.0761 1828 RpcSs - ok
09:01:05.0811 1828 RsFx0150 (a95840a95a9ff74b0009e5d848cddb39) C:\Windows\system32\DRIVERS\RsFx0150.sys
09:01:05.0814 1828 RsFx0150 - ok
09:01:05.0879 1828 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
09:01:05.0880 1828 rspndr - ok
09:01:05.0916 1828 RT73 (7b8994bd539c3d9bbd7b2a3b204c29e8) C:\Windows\system32\DRIVERS\rt73.sys
09:01:05.0930 1828 RT73 - ok
09:01:06.0013 1828 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\Windows\system32\DRIVERS\Rt86win7.sys
09:01:06.0014 1828 RTL8167 - ok
09:01:06.0035 1828 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:01:06.0035 1828 SamSs - ok
09:01:06.0175 1828 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
09:01:06.0175 1828 SASDIFSV - ok
09:01:06.0347 1828 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
09:01:06.0347 1828 SASKUTIL - ok
09:01:06.0612 1828 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
09:01:06.0643 1828 SBAMSvc - ok
09:01:06.0924 1828 sbapifs (3fff8cda4d2f29ca06f1557e85163c30) C:\Windows\system32\DRIVERS\sbapifs.sys
09:01:06.0924 1828 sbapifs - ok
09:01:07.0033 1828 SbFw (bcf3ba30c1cfa2942cf26c31384b37c7) C:\Windows\system32\drivers\SbFw.sys
09:01:07.0033 1828 SbFw - ok
09:01:07.0096 1828 SBFWIMCL (1dcad90cc9c0ddc7d060fd97854f8518) C:\Windows\system32\DRIVERS\sbfwim.sys
09:01:07.0096 1828 SBFWIMCL - ok
09:01:07.0096 1828 SBFWIMCLMP (1dcad90cc9c0ddc7d060fd97854f8518) C:\Windows\system32\DRIVERS\SBFWIM.sys
09:01:07.0096 1828 SBFWIMCLMP - ok
09:01:07.0189 1828 sbhips (1afd7178ab9c4fce2d332da7aa474fa6) C:\Windows\system32\drivers\sbhips.sys
09:01:07.0189 1828 sbhips - ok
09:01:07.0283 1828 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
09:01:07.0283 1828 sbp2port - ok
09:01:07.0314 1828 SBRE (1fd538c4feb36b793d2121f20bbdc16f) C:\Windows\system32\drivers\SBREdrv.sys
09:01:07.0314 1828 SBRE - ok
09:01:07.0408 1828 sbwtis (9bdf801a6c78e3f1e6fa1c5ca90baa8a) C:\Windows\system32\DRIVERS\sbwtis.sys
09:01:07.0408 1828 sbwtis - ok
09:01:07.0470 1828 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
09:01:07.0470 1828 SCardSvr - ok
09:01:07.0517 1828 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
09:01:07.0517 1828 scfilter - ok
09:01:07.0564 1828 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
09:01:07.0564 1828 Schedule - ok
09:01:07.0595 1828 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
09:01:07.0595 1828 SCPolicySvc - ok
09:01:07.0673 1828 SCREAMINGBDRIVER (a643d6df1b7546256b11fb5d6b5d1375) C:\Windows\system32\drivers\ScreamingBAudio.sys
09:01:07.0673 1828 SCREAMINGBDRIVER - ok
09:01:07.0720 1828 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
09:01:07.0720 1828 SDRSVC - ok
09:01:07.0751 1828 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
09:01:07.0751 1828 secdrv - ok
09:01:07.0766 1828 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
09:01:07.0766 1828 seclogon - ok
09:01:07.0798 1828 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
09:01:07.0798 1828 SENS - ok
09:01:07.0829 1828 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
09:01:07.0844 1828 SensrSvc - ok
09:01:07.0844 1828 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
09:01:07.0844 1828 Serenum - ok
09:01:07.0876 1828 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
09:01:07.0876 1828 Serial - ok
09:01:07.0907 1828 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
09:01:07.0907 1828 sermouse - ok
09:01:07.0954 1828 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
09:01:07.0954 1828 SessionEnv - ok
09:01:08.0016 1828 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
09:01:08.0016 1828 sffdisk - ok
09:01:08.0047 1828 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
09:01:08.0047 1828 sffp_mmc - ok
09:01:08.0078 1828 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
09:01:08.0078 1828 sffp_sd - ok
09:01:08.0110 1828 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
09:01:08.0110 1828 sfloppy - ok
09:01:08.0188 1828 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
09:01:08.0203 1828 ShellHWDetection - ok
09:01:08.0266 1828 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
09:01:08.0266 1828 sisagp - ok
09:01:08.0297 1828 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:01:08.0297 1828 SiSRaid2 - ok
09:01:08.0312 1828 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
09:01:08.0312 1828 SiSRaid4 - ok
09:01:08.0422 1828 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files\Skype\Updater\Updater.exe
09:01:08.0422 1828 SkypeUpdate - ok
09:01:08.0500 1828 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
09:01:08.0500 1828 Smb - ok
09:01:08.0531 1828 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
09:01:08.0531 1828 SNMPTRAP - ok
09:01:08.0609 1828 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
09:01:08.0609 1828 spldr - ok
09:01:08.0702 1828 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
09:01:08.0702 1828 Spooler - ok
09:01:08.0983 1828 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
09:01:09.0030 1828 sppsvc - ok
09:01:09.0155 1828 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
09:01:09.0155 1828 sppuinotify - ok
09:01:09.0685 1828 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
09:01:09.0685 1828 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
09:01:09.0701 1828 sptd ( LockedFile.Multi.Generic ) - warning
09:01:09.0701 1828 sptd - detected LockedFile.Multi.Generic (1)
09:01:09.0841 1828 SQLAgent$SQLEXPRESS (37761f6be2ebaed72cc0d43bd4c8c2a6) c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
09:01:09.0857 1828 SQLAgent$SQLEXPRESS - ok
09:01:09.0950 1828 SQLBrowser (7d67c07c63796775cc5492bcfeaff125) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
09:01:09.0966 1828 SQLBrowser - ok
09:01:10.0106 1828 SQLSERVERAGENT (d39b8dee1566c30858216521998f382f) c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
09:01:10.0106 1828 SQLSERVERAGENT - ok
09:01:10.0184 1828 SQLWriter (8e6e5cfa06769a417b03fd6faa29e010) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
09:01:10.0184 1828 SQLWriter - ok
09:01:10.0340 1828 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
09:01:10.0340 1828 srv - ok
09:01:10.0372 1828 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
09:01:10.0372 1828 srv2 - ok
09:01:10.0387 1828 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
09:01:10.0387 1828 srvnet - ok
09:01:10.0481 1828 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
09:01:10.0481 1828 SSDPSRV - ok
09:01:10.0496 1828 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
09:01:10.0496 1828 SstpSvc - ok
09:01:10.0543 1828 ssudmdm (e3d493bfb7cd108ec50b2f560c96367c) C:\Windows\system32\DRIVERS\ssudmdm.sys
09:01:10.0543 1828 ssudmdm - ok
09:01:10.0559 1828 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
09:01:10.0574 1828 stexstor - ok
09:01:10.0621 1828 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
09:01:10.0637 1828 StiSvc - ok
09:01:10.0668 1828 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
09:01:10.0668 1828 swenum - ok
09:01:10.0699 1828 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
09:01:10.0699 1828 swprv - ok
09:01:10.0793 1828 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
09:01:10.0824 1828 SysMain - ok
09:01:10.0840 1828 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
09:01:10.0855 1828 TabletInputService - ok
09:01:10.0949 1828 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
09:01:10.0964 1828 TapiSrv - ok
09:01:11.0058 1828 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
09:01:11.0058 1828 TBS - ok
09:01:11.0482 1828 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
09:01:11.0495 1828 Tcpip - ok
09:01:12.0079 1828 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
09:01:12.0085 1828 TCPIP6 - ok
09:01:12.0184 1828 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
09:01:12.0185 1828 tcpipreg - ok
09:01:12.0212 1828 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
09:01:12.0213 1828 TDPIPE - ok
09:01:12.0269 1828 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
09:01:12.0269 1828 TDTCP - ok
09:01:12.0348 1828 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
09:01:12.0348 1828 tdx - ok
09:01:12.0707 1828 TeamViewer6 (8a9828975a857e477efef5a61ba45ac0) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
09:01:12.0723 1828 TeamViewer6 - ok
09:01:12.0910 1828 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
09:01:12.0910 1828 TermDD - ok
09:01:13.0019 1828 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
09:01:13.0019 1828 TermService - ok
09:01:13.0066 1828 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
09:01:13.0066 1828 Themes - ok
09:01:13.0128 1828 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
09:01:13.0128 1828 THREADORDER - ok
09:01:13.0222 1828 TotRec8 (fa1f4aa916a80881ca7b1d42441ffb6d) C:\Windows\system32\drivers\TotRec8.sys
09:01:13.0222 1828 TotRec8 - ok
09:01:13.0315 1828 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
09:01:13.0315 1828 TrkWks - ok
09:01:13.0378 1828 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
09:01:13.0393 1828 TrustedInstaller - ok
09:01:13.0425 1828 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:01:13.0425 1828 tssecsrv - ok
09:01:13.0518 1828 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
09:01:13.0518 1828 TsUsbFlt - ok
09:01:13.0581 1828 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
09:01:13.0581 1828 tunnel - ok
09:01:13.0612 1828 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
09:01:13.0612 1828 uagp35 - ok
09:01:13.0690 1828 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
09:01:13.0690 1828 udfs - ok
09:01:13.0721 1828 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
09:01:13.0721 1828 UI0Detect - ok
09:01:13.0752 1828 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
09:01:13.0752 1828 uliagpkx - ok
09:01:13.0861 1828 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
09:01:13.0861 1828 umbus - ok
09:01:13.0877 1828 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
09:01:13.0877 1828 UmPass - ok
09:01:13.0908 1828 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
09:01:13.0924 1828 upnphost - ok
09:01:14.0049 1828 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
09:01:14.0049 1828 usbaudio - ok
09:01:14.0189 1828 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
09:01:14.0189 1828 usbccgp - ok
09:01:14.0236 1828 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
09:01:14.0236 1828 usbcir - ok
09:01:14.0251 1828 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
09:01:14.0267 1828 usbehci - ok
09:01:14.0329 1828 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
09:01:14.0329 1828 usbhub - ok
09:01:14.0361 1828 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
09:01:14.0361 1828 usbohci - ok
09:01:14.0392 1828 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
09:01:14.0392 1828 usbprint - ok
09:01:14.0407 1828 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:01:14.0407 1828 USBSTOR - ok
09:01:14.0439 1828 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
09:01:14.0439 1828 usbuhci - ok
09:01:14.0548 1828 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
09:01:14.0548 1828 UxSms - ok
09:01:14.0579 1828 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
09:01:14.0579 1828 VaultSvc - ok
09:01:14.0595 1828 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
09:01:14.0595 1828 vdrvroot - ok
09:01:15.0016 1828 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
09:01:15.0016 1828 vds - ok
09:01:15.0031 1828 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
09:01:15.0031 1828 vga - ok
09:01:15.0047 1828 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
09:01:15.0047 1828 VgaSave - ok
09:01:15.0161 1828 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
09:01:15.0163 1828 vhdmp - ok
09:01:15.0223 1828 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
09:01:15.0223 1828 viaagp - ok
09:01:15.0304 1828 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
09:01:15.0305 1828 ViaC7 - ok
09:01:15.0385 1828 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
09:01:15.0386 1828 viaide - ok
09:01:15.0420 1828 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
09:01:15.0421 1828 volmgr - ok
09:01:15.0445 1828 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
09:01:15.0448 1828 volmgrx - ok
09:01:15.0580 1828 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
09:01:15.0583 1828 volsnap - ok
09:01:15.0642 1828 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
09:01:15.0643 1828 vsmraid - ok
09:01:15.0733 1828 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
09:01:15.0760 1828 VSS - ok
09:01:16.0153 1828 vToolbarUpdater11.2.0 (8ed347bad8d1fb7c40b593bfb01786d2) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
09:01:16.0161 1828 vToolbarUpdater11.2.0 - ok
09:01:16.0347 1828 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
09:01:16.0348 1828 vwifibus - ok
09:01:16.0382 1828 VWiFiFlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
09:01:16.0383 1828 VWiFiFlt - ok
09:01:16.0427 1828 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
09:01:16.0428 1828 vwifimp - ok
09:01:16.0507 1828 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
09:01:16.0510 1828 W32Time - ok
09:01:16.0551 1828 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
09:01:16.0552 1828 WacomPen - ok
09:01:16.0594 1828 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
09:01:16.0595 1828 WANARP - ok
09:01:16.0598 1828 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
09:01:16.0599 1828 Wanarpv6 - ok
09:01:16.0917 1828 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
09:01:16.0980 1828 WatAdminSvc - ok
09:01:18.0680 1828 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
09:01:18.0696 1828 wbengine - ok
09:01:19.0117 1828 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
09:01:19.0133 1828 WbioSrvc - ok
09:01:19.0507 1828 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
09:01:19.0523 1828 wcncsvc - ok
09:01:19.0601 1828 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
09:01:19.0601 1828 WcsPlugInService - ok
09:01:19.0835 1828 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
09:01:19.0835 1828 Wd - ok
09:01:20.0817 1828 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
09:01:20.0849 1828 Wdf01000 - ok
09:01:21.0022 1828 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
09:01:21.0024 1828 WdiServiceHost - ok
09:01:21.0027 1828 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
09:01:21.0030 1828 WdiSystemHost - ok
09:01:21.0263 1828 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
09:01:21.0266 1828 WebClient - ok
09:01:21.0459 1828 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
09:01:21.0461 1828 Wecsvc - ok
09:01:21.0515 1828 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
09:01:21.0517 1828 wercplsupport - ok
09:01:21.0706 1828 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
09:01:21.0708 1828 WerSvc - ok
09:01:21.0736 1828 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
09:01:21.0737 1828 WfpLwf - ok
09:01:21.0843 1828 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
09:01:21.0843 1828 WIMMount - ok
09:01:21.0850 1828 WinHttpAutoProxySvc - ok
09:01:22.0347 1828 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
09:01:22.0348 1828 Winmgmt - ok
09:01:23.0167 1828 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
09:01:23.0175 1828 WinRM - ok
09:01:23.0567 1828 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
09:01:23.0568 1828 WinUsb - ok
09:01:23.0912 1828 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
09:01:23.0928 1828 Wlansvc - ok
09:01:26.0659 1828 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:01:26.0706 1828 wlidsvc - ok
09:01:28.0125 1828 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
09:01:28.0125 1828 WmiAcpi - ok
09:01:28.0625 1828 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
09:01:28.0625 1828 wmiApSrv - ok
09:01:29.0202 1828 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
09:01:29.0217 1828 WMPNetworkSvc - ok
09:01:29.0529 1828 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
09:01:29.0529 1828 WPCSvc - ok
09:01:29.0607 1828 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
09:01:29.0607 1828 WPDBusEnum - ok
09:01:29.0701 1828 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
09:01:29.0717 1828 ws2ifsl - ok
09:01:29.0717 1828 WSearch - ok
09:01:30.0949 1828 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
09:01:30.0965 1828 wuauserv - ok
09:01:31.0667 1828 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
09:01:31.0667 1828 WudfPf - ok
09:01:31.0745 1828 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:01:31.0745 1828 WUDFRd - ok
09:01:31.0823 1828 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
09:01:31.0838 1828 wudfsvc - ok
09:01:31.0916 1828 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
09:01:31.0916 1828 WwanSvc - ok
09:01:32.0103 1828 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:01:33.0929 1828 \Device\Harddisk0\DR0 - ok
09:01:33.0944 1828 Boot (0x1200) (bab7311a7ff6d5366059ca735caf8a5c) \Device\Harddisk0\DR0\Partition0
09:01:33.0960 1828 \Device\Harddisk0\DR0\Partition0 - ok
09:01:33.0975 1828 Boot (0x1200) (c0f68e3ee11fd85a5810bc51a65473b7) \Device\Harddisk0\DR0\Partition1
09:01:34.0022 1828 \Device\Harddisk0\DR0\Partition1 - ok
09:01:34.0022 1828 ============================================================
09:01:34.0022 1828 Scan finished
09:01:34.0022 1828 ============================================================
09:01:34.0038 5300 Detected object count: 1
09:01:34.0038 5300 Actual detected object count: 1
09:01:46.0159 5300 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
09:01:46.0159 5300 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
09:01:46.0315 5300 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
09:01:46.0908 5300 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot
09:01:46.0908 5300 sptd ( LockedFile.Multi.Generic ) - User select action: Delete

#4 hazhazhazhaz

hazhazhazhaz
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 12 July 2012 - 04:40 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-12 09:01:17
-----------------------------
09:01:17.011 OS Version: Windows 6.1.7601 Service Pack 1
09:01:17.011 Number of processors: 2 586 0x170A
09:01:17.011 ComputerName: HARRY-PC UserName: Harry
09:02:00.464 Initialize success
09:02:33.659 AVAST engine defs: 12071102
09:03:20.526 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
09:03:20.526 Disk 0 Vendor: SAMSUNG_HD253GJ 1AJ10001 Size: 238418MB BusType: 3
09:03:20.542 Disk 0 MBR read successfully
09:03:20.557 Disk 0 MBR scan
09:03:20.557 Disk 0 Windows 7 default MBR code
09:03:20.557 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 94 MB offset 63
09:03:20.557 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 8818 MB offset 194560
09:03:20.573 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 229504 MB offset 18253824
09:03:20.589 Disk 0 scanning sectors +488278016
09:03:20.635 Disk 0 scanning C:\Windows\system32\drivers
09:03:37.736 Service scanning
09:04:06.378 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
09:04:14.880 Modules scanning
09:04:27.561 Disk 0 trace - called modules:
09:04:27.594 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x861431f8]<<
09:04:27.601 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86fbb558]
09:04:27.609 3 CLASSPNP.SYS[8cd0159e] -> nt!IofCallDriver -> [0x86eb3918]
09:04:27.615 5 ACPI.sys[8c5b43d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0x86e92908]
09:04:27.624 \Driver\atapi[0x86e71880] -> IRP_MJ_CREATE -> 0x861431f8
09:04:34.966 AVAST engine scan C:\Windows
09:04:41.190 AVAST engine scan C:\Windows\system32
09:12:37.987 File: C:\Windows\assembly\GAC\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
09:18:51.761 AVAST engine scan C:\Windows\system32\drivers
09:19:18.759 AVAST engine scan C:\Users\Harry
10:39:42.389 Disk 0 MBR has been saved successfully to "C:\Users\Harry\Desktop\MBR.dat"
10:39:42.414 The log file has been saved successfully to "C:\Users\Harry\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-12 09:01:17
-----------------------------
09:01:17.011 OS Version: Windows 6.1.7601 Service Pack 1
09:01:17.011 Number of processors: 2 586 0x170A
09:01:17.011 ComputerName: HARRY-PC UserName: Harry
09:02:00.464 Initialize success
09:02:33.659 AVAST engine defs: 12071102
09:03:20.526 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
09:03:20.526 Disk 0 Vendor: SAMSUNG_HD253GJ 1AJ10001 Size: 238418MB BusType: 3
09:03:20.542 Disk 0 MBR read successfully
09:03:20.557 Disk 0 MBR scan
09:03:20.557 Disk 0 Windows 7 default MBR code
09:03:20.557 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 94 MB offset 63
09:03:20.557 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 8818 MB offset 194560
09:03:20.573 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 229504 MB offset 18253824
09:03:20.589 Disk 0 scanning sectors +488278016
09:03:20.635 Disk 0 scanning C:\Windows\system32\drivers
09:03:37.736 Service scanning
09:04:06.378 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
09:04:14.880 Modules scanning
09:04:27.561 Disk 0 trace - called modules:
09:04:27.594 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x861431f8]<<
09:04:27.601 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86fbb558]
09:04:27.609 3 CLASSPNP.SYS[8cd0159e] -> nt!IofCallDriver -> [0x86eb3918]
09:04:27.615 5 ACPI.sys[8c5b43d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0x86e92908]
09:04:27.624 \Driver\atapi[0x86e71880] -> IRP_MJ_CREATE -> 0x861431f8
09:04:34.966 AVAST engine scan C:\Windows
09:04:41.190 AVAST engine scan C:\Windows\system32
09:12:37.987 File: C:\Windows\assembly\GAC\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
09:18:51.761 AVAST engine scan C:\Windows\system32\drivers
09:19:18.759 AVAST engine scan C:\Users\Harry
10:39:42.389 Disk 0 MBR has been saved successfully to "C:\Users\Harry\Desktop\MBR.dat"
10:39:42.414 The log file has been saved successfully to "C:\Users\Harry\Desktop\aswMBR.txt"
12:00:42.292 AVAST engine scan C:\ProgramData
12:08:51.233 Scan finished successfully
12:09:25.522 Disk 0 MBR has been saved successfully to "C:\Users\Harry\Desktop\MBR.dat"
12:09:25.559 The log file has been saved successfully to "C:\Users\Harry\Desktop\aswMBR.txt"

Edited by hazhazhazhaz, 12 July 2012 - 06:10 AM.


#5 hazhazhazhaz

hazhazhazhaz
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 12 July 2012 - 06:25 AM

C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\00CB3295-A30F3768.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\01344312-D0B4D599.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\018568DC-D5E52C15.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\01F42608-D6AD4A81.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\03384659-BB321234.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\03985E8F-55244A1B.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\03D7794B-530D4BC8.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\03E01D1D-9A1C39CD.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\053F066B-F43C49C9.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\05431CF1-CC2A9A10.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\05FC13A0-FD5A7B0B.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\06C96160-C7C14AE7.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\06D22B36-7975C0D7.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\07C90482-1C3391E5.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\07D935ED-C817B0BE.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\07F36C5F-82268744.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\086C1141-219F612A.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\08B60DA7-0BE715C9.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\09005E86-49475FC9.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\0A45445A-0CC638C4.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\0C461420-AEBF8098.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\0C65245E-290C716B.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\0DA60D8E-7BA96714.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\0DD36609-5ABE6451.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\0E264A67-F3ED842B.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\0F5A7C0D-028C294D.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\0F603404-D62B715F.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\1042735E-633C1569.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\1118045D-3F54C72B.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\11924F07-F768FFE6.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\11E63DB3-CACD58CF.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\121360D9-B03ED210.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\12536B1B-38F43285.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\12A32C20-F76AFAE9.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\12AD3EDD-1E9FDBB4.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\12E03873-39179557.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\13027355-F2EFD9A5.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\13192CBD-FADBDA47.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\13490C78-47C08A30.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\13EE5087-7A3D66CB.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\14B70518-092DE1BB.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\15867BF0-38594383.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\16045C43-6FB3FDBE.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\16194A3A-3B63E96C.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\161F04D5-5DC5C6D7.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\16C63946-161806DE.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\177B4212-7B0F0507.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\181C4AD1-FB666885.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\18677535-9EC40B23.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\19F810E1-DE23C3B2.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\1A595C1A-133AE459.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\1A76089B-17C81D41.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\1BC75CC3-B4BD4C00.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\1BC93257-E97AFA64.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\1C171C5A-229208E5.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\1C870E34-79715422.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\1D9E38AB-6D18AAD3.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\1DD80CB3-F890B523.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\1EFD76A9-86287AFC.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\1F842A44-1BB91987.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\1FBD006E-69410532.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\1FE11AA7-33540B34.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\206D21AA-A83F9D11.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\207134BC-2744E13D.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\20C90781-4B6F04ED.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\21466D7A-6888AC3A.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\21880219-2706FD47.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\21A567EB-2F94A60A.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\223C781F-D1423FCA.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\22E13DFC-1928A8F3.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\23126770-3D4F3436.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\23651890-ADA19F58.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\23994859-9366913D.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\23DF77E9-39F0EDE7.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\23F8107F-5FB8EE7E.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\23FF174B-21DE681C.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\247506B8-87B73A13.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\25114083-54330A00.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\25930191-51E9EC63.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\25A85602-2F4663CC.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\25E17B4A-25D4E8CB.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\26BE45C7-E5521AD3.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\27A01723-285D48C1.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\289E4AA8-53CE8DB3.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\28B37736-6053BD0C.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\28F1427C-E6008232.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\295169F4-9D9CAEEB.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\2AD642E9-3E757CA1.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\2AE41732-899362F4.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\2AF91310-FC649A3A.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\2AFB6A36-8357FB0B.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\2B2A1D7A-3DA68483.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\2B7975F5-194A9656.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\2CF30987-B4DE41AA.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\2D0D3E1C-D078624C.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\2E0A6571-5B0D4D24.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\2EDE2C61-E5A773EB.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\2EFB3097-CADC70D5.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\2F131AC5-AC7D2E8D.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\2F91012C-4A5A5090.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\2FF67CBC-09750503.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\2FFD4E3E-87E42349.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\300754CD-78A70E35.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\30106B4A-A2C5FD96.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\30803133-1807E3A0.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\31495F02-48957BB1.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\32474D7B-F37C8760.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\32DE059A-43DB74C8.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\33517DC4-8B4991FA.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\33D863FB-AA66F098.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\341470A4-0AFD9815.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\35320F63-5F0A0596.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\356A06F9-364F5B7C.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\36726048-151967AB.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3688677E-81AFD5A6.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\36AA0381-8068B2C8.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\36C162C6-EBB046B1.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\37A53126-4A35A10C.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\39F83464-C5444E5A.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3A2E648A-F0145F05.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3A9B49A6-0D945BED.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3AF430C6-84A33B28.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3B9426BA-E3123E67.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3BB57834-C1B177AD.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3BCF7D16-808CA59C.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3C79378D-C86AACDF.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3D3642AC-E68547E3.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3D62571F-BC02BD23.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3DAF662A-BF32A76E.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3DF65028-8FDA47E4.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3DFA55F2-527E9BB4.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3EB952EF-2D7E863E.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3FA70C6D-C83FC9BB.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3FB4552F-93F0D661.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3FC449E8-A4EB4441.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\3FDD1B85-A6FE47AE.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\404B3DAA-8F76E9EA.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\40527C0B-4E1F6D37.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\40812054-3DCCC052.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\409B525B-C8737D21.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\43444F63-FD2C0C5D.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\43AC7659-5797CC8B.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\43F172F0-60E569E3.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\44D202B5-CF5C298F.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\45260A8D-56649A10.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\45714C6B-9C1CBF40.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\466B5DC7-6072B8F9.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\46A1194D-C0A6C762.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\46D77BD6-6CCBE1B2.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\47357F92-1BF52B74.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\47390905-6B8474EB.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\473C255C-F6D42439.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\47465DFA-5715CCBA.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\488C1B3F-E2694DBF.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\48E54676-FCD532A4.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\496C420D-99B4FEC5.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\4971776A-E52B0C48.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\4A713A6B-B00CF24C.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\4ADC3BE9-86DC6EE2.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\4B126C13-3E5AA784.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\4B957ABF-AD67CCD8.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\4BC72142-98145B52.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\4C6A369C-E340602F.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\4CF83C35-90EEDCCC.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\4D187FCC-86D505D4.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\4E916082-D60BB32C.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\4EC11174-9932E352.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\4FEF0DF1-0C723F98.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\51777BB7-45CA8295.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\518F5B73-F9174719.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\51BD06BF-3BB99C77.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\51C36374-0F8D2F14.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\52DC07D8-B1B66C47.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\532E33A2-E3C37D13.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\54CA0B87-72194674.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\556D6384-EC17CBD6.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\558834F8-358AF4D6.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\5589029A-2C7CD227.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\57C34184-35710039.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\585B5157-0DF7DB35.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\592F08FD-0ACBE85E.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\598C7AF8-59730DA6.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\5AB514C2-1172FA4E.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\5B3B116F-E9E1ABB2.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\5C5B1CFC-B883BE56.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\5D5E635E-17B5FCBC.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\5D8F25F3-B2D5713A.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\5E394258-33A12A6F.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\5E743A24-FE5047A9.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\5F33518F-0C2CC337.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\5F4D24EC-A5D34119.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\5F9825D3-FCC7B782.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\5FEB0C5C-4D3B47E5.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\60743766-BBC7F7C0.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\609433AF-07C68DEA.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\622A4D52-438BAFD6.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\63D12827-99A82442.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\63EE01F2-B6825E76.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\64CC6085-1F54C1CF.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\657F119F-C07419A0.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\65DB2DE2-9AE76411.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\67236B13-6972B62F.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\677B6FA5-B46C0A80.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\678B4A57-25BB049E.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\679A71CE-9474D8CD.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\698E65EF-A1B9CF52.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\6A9A6D13-3363D01A.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\6B334A74-0251D90B.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\6C1A2CE9-64C5EA61.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\6C2A244B-0E9FDB78.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\6D015E36-623B04AD.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\702B712C-3F11917A.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\703E3BF4-B223040F.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\70813F43-FFAAEB2D.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\70D76F05-4CD1F4C9.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\7112420D-9D2E6BDF.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\71183BED-5247C201.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\712C411B-55BE80CC.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\71671341-0F50DE1F.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\71B001B3-F67BCA9F.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\72CA6C34-29ACDFC7.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\7391130E-AF10C435.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\73A80269-E9842EA9.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\73C95E59-824ACF27.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\74D123FA-F453DC95.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\76196A48-E7E35C12.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\76F00C14-9A305D14.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\774F347D-3D407C7A.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\77F154E6-3AB24DE5.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\794A77A5-20F64C66.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\797A78B6-A38CC04F.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\79AA7569-A80980E6.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\79CD3500-736FDE9E.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\7A3322ED-574D1FF3.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\7AF87285-312D6226.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\7AFE7305-2A309976.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\7B455118-7FB090F7.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\7BA752B6-5FF31BD1.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\7C0E4C1C-210F02AD.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\7C510B0D-EAFBADBB.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Users\Harry\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Recovered items\10-05-2010 c92\Admin\Inbox\7F9703ED-DBA42509.eml HTML/TrojanDownloader.Agent.NBV.Gen trojan cleaned by deleting - quarantined
C:\Windows\Installer\{370c56db-1129-fdb8-c9cb-8bd140d79c22}\U\80000000.@ a variant of Win32/Sirefef.FA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{370c56db-1129-fdb8-c9cb-8bd140d79c22}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Windows\System32\services.exe Win32/Sirefef.FC trojan unable to clean

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:46 AM

Posted 12 July 2012 - 06:39 AM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{370c56db-1129-fdb8-c9cb-8bd140d79c22}

Click on LOOK,post the generated log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users