Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Advertisement on lower right-hand corner of browser


  • Please log in to reply
17 replies to this topic

#1 lalalee

lalalee

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 01 August 2012 - 10:54 AM

Yesterday I started to notice an advertisement appearing on the lower-right hand corner of my browser (IE), at first I thought it was just the site I was on, but today I noticed it appearing on sites that I often frequent without issues.

http://i49.tinypic.com/24yxxef.png

I took a print screen to explain it. The advertisements change so its not always that one in particular soemtimes its cursor mania, vertizon, watch this etc. But it's always in that same square box on the same side and if i x it out it dissappears but comes back on certain sites.

I use Windows Vista, on HP Pavillion DV4 laptop. I ran a virus scan and foudn no problems, checked IEs addons to see if anything got in there, also checked my programs to see if I didnt recognize something new but everything is as always which leads me to believe it may be a virus of some sort.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:48 PM

Posted 01 August 2012 - 12:38 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 lalalee

lalalee
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 01 August 2012 - 01:15 PM

13:58:33.0560 7504 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
13:58:33.0824 7504 ============================================================
13:58:33.0824 7504 Current date / time: 2012/08/01 13:58:33.0824
13:58:33.0825 7504 SystemInfo:
13:58:33.0825 7504
13:58:33.0825 7504 OS Version: 6.0.6002 ServicePack: 2.0
13:58:33.0825 7504 Product type: Workstation
13:58:33.0825 7504 ComputerName: OWNER-PC
13:58:33.0825 7504 UserName: owner
13:58:33.0825 7504 Windows directory: C:\Windows
13:58:33.0825 7504 System windows directory: C:\Windows
13:58:33.0825 7504 Running under WOW64
13:58:33.0825 7504 Processor architecture: Intel x64
13:58:33.0825 7504 Number of processors: 2
13:58:33.0825 7504 Page size: 0x1000
13:58:33.0826 7504 Boot type: Normal boot
13:58:33.0826 7504 ============================================================
13:58:34.0981 7504 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:58:34.0991 7504 ============================================================
13:58:34.0991 7504 \Device\Harddisk0\DR0:
13:58:34.0991 7504 MBR partitions:
13:58:34.0991 7504 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23CCF800
13:58:34.0991 7504 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23CD0000, BlocksNum 0x175D000
13:58:34.0991 7504 ============================================================
13:58:35.0014 7504 C: <-> \Device\Harddisk0\DR0\Partition0
13:58:35.0064 7504 D: <-> \Device\Harddisk0\DR0\Partition1
13:58:35.0065 7504 ============================================================
13:58:35.0065 7504 Initialize success
13:58:35.0065 7504 ============================================================
13:59:03.0184 5804 ============================================================
13:59:03.0184 5804 Scan started
13:59:03.0184 5804 Mode: Manual; TDLFS;
13:59:03.0184 5804 ============================================================
13:59:04.0114 5804 Accelerometer (3e2427d4966c7606097341e55ab4e105) C:\Windows\system32\DRIVERS\Accelerometer.sys
13:59:04.0117 5804 Accelerometer - ok
13:59:04.0184 5804 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
13:59:04.0203 5804 ACPI - ok
13:59:04.0280 5804 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
13:59:04.0297 5804 adp94xx - ok
13:59:04.0347 5804 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
13:59:04.0360 5804 adpahci - ok
13:59:04.0390 5804 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
13:59:04.0394 5804 adpu160m - ok
13:59:04.0423 5804 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
13:59:04.0430 5804 adpu320 - ok
13:59:04.0469 5804 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
13:59:04.0471 5804 AeLookupSvc - ok
13:59:04.0568 5804 AESTFilters (7f66523a27754afcfecae2f5eb643a4a) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_5730ce9f\AESTSr64.exe
13:59:04.0570 5804 AESTFilters - ok
13:59:04.0645 5804 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
13:59:04.0664 5804 AFD - ok
13:59:04.0712 5804 AgereModemAudio (734088cb57aea704ca716c1c6bc5e0e6) C:\Program Files\LSI SoftModem\agr64svc.exe
13:59:04.0714 5804 AgereModemAudio - ok
13:59:04.0845 5804 AgereSoftModem (70e15cda25e151dfc60636ef73f5a7be) C:\Windows\system32\DRIVERS\agrsm64.sys
13:59:04.0890 5804 AgereSoftModem - ok
13:59:04.0942 5804 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
13:59:04.0945 5804 agp440 - ok
13:59:04.0993 5804 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
13:59:04.0996 5804 aic78xx - ok
13:59:05.0024 5804 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
13:59:05.0028 5804 ALG - ok
13:59:05.0057 5804 aliide (e0ca5bb8e6c79533dc6b1da7361a201e) C:\Windows\system32\drivers\aliide.sys
13:59:05.0059 5804 aliide - ok
13:59:05.0066 5804 amdide (7034f8d1b9703d711d3f92c95deb377d) C:\Windows\system32\drivers\amdide.sys
13:59:05.0068 5804 amdide - ok
13:59:05.0098 5804 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
13:59:05.0100 5804 AmdK8 - ok
13:59:05.0154 5804 ApfiltrService (69d882157e5e4d17d32e30182f945046) C:\Windows\system32\DRIVERS\Apfiltr.sys
13:59:05.0158 5804 ApfiltrService - ok
13:59:05.0204 5804 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
13:59:05.0207 5804 Appinfo - ok
13:59:05.0303 5804 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:59:05.0306 5804 Apple Mobile Device - ok
13:59:05.0335 5804 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
13:59:05.0339 5804 arc - ok
13:59:05.0368 5804 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
13:59:05.0371 5804 arcsas - ok
13:59:05.0427 5804 aswFsBlk (499af6f57cf093642d647cafc006deaa) C:\Windows\system32\drivers\aswFsBlk.sys
13:59:05.0429 5804 aswFsBlk - ok
13:59:05.0460 5804 aswMonFlt (54edf58577868baf01d25d8359f9e84f) C:\Windows\system32\drivers\aswMonFlt.sys
13:59:05.0462 5804 aswMonFlt - ok
13:59:05.0488 5804 aswRdr (e69cdc2d04a0a4b338a933c44bdb0fd4) C:\Windows\system32\drivers\aswRdr.sys
13:59:05.0490 5804 aswRdr - ok
13:59:05.0572 5804 aswSnx (22f7ed60f9fa6272af7f35813ca548d6) C:\Windows\system32\drivers\aswSnx.sys
13:59:05.0600 5804 aswSnx - ok
13:59:05.0648 5804 aswSP (be84efcd3cdd11ddcc79f3ecab47e827) C:\Windows\system32\drivers\aswSP.sys
13:59:05.0659 5804 aswSP - ok
13:59:05.0673 5804 aswTdi (0bf5483e5fb88d85638708e7d56300d8) C:\Windows\system32\drivers\aswTdi.sys
13:59:05.0675 5804 aswTdi - ok
13:59:05.0720 5804 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
13:59:05.0722 5804 AsyncMac - ok
13:59:05.0767 5804 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
13:59:05.0768 5804 atapi - ok
13:59:05.0873 5804 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
13:59:05.0895 5804 AudioEndpointBuilder - ok
13:59:05.0904 5804 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
13:59:05.0909 5804 AudioSrv - ok
13:59:05.0981 5804 avast! Antivirus (20757c632aca98b73fb022c5b87f3753) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:59:05.0983 5804 avast! Antivirus - ok
13:59:06.0231 5804 BCM43XX (2c91205c43ea45cfe14e9e14e05601ae) C:\Windows\system32\DRIVERS\bcmwl664.sys
13:59:06.0277 5804 BCM43XX - ok
13:59:06.0464 5804 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
13:59:06.0484 5804 BFE - ok
13:59:06.0647 5804 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
13:59:06.0690 5804 BITS - ok
13:59:06.0743 5804 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
13:59:06.0746 5804 blbdrive - ok
13:59:06.0914 5804 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
13:59:06.0929 5804 Bonjour Service - ok
13:59:06.0967 5804 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
13:59:06.0970 5804 bowser - ok
13:59:06.0999 5804 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
13:59:07.0002 5804 BrFiltLo - ok
13:59:07.0020 5804 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
13:59:07.0021 5804 BrFiltUp - ok
13:59:07.0067 5804 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
13:59:07.0071 5804 Browser - ok
13:59:07.0119 5804 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
13:59:07.0123 5804 Brserid - ok
13:59:07.0136 5804 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
13:59:07.0139 5804 BrSerWdm - ok
13:59:07.0164 5804 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
13:59:07.0165 5804 BrUsbMdm - ok
13:59:07.0176 5804 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
13:59:07.0178 5804 BrUsbSer - ok
13:59:07.0230 5804 BthEnum (471ff09330a53177bbe9fd6ddf8a8259) C:\Windows\system32\DRIVERS\BthEnum.sys
13:59:07.0232 5804 BthEnum - ok
13:59:07.0257 5804 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
13:59:07.0260 5804 BTHMODEM - ok
13:59:07.0282 5804 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
13:59:07.0285 5804 BthPan - ok
13:59:07.0413 5804 BTHPORT (7d104f22c04a76f0d2f96f789ac07fcb) C:\Windows\system32\Drivers\BTHport.sys
13:59:07.0445 5804 BTHPORT - ok
13:59:07.0489 5804 BthServ (22e65ffd640f16968f855f5b3528d366) C:\Windows\System32\bthserv.dll
13:59:07.0492 5804 BthServ - ok
13:59:07.0525 5804 BTHUSB (d9324f0c142267961ce900bfc3798bb1) C:\Windows\system32\Drivers\BTHUSB.sys
13:59:07.0528 5804 BTHUSB - ok
13:59:07.0565 5804 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
13:59:07.0569 5804 cdfs - ok
13:59:07.0619 5804 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
13:59:07.0622 5804 cdrom - ok
13:59:07.0666 5804 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
13:59:07.0669 5804 CertPropSvc - ok
13:59:07.0696 5804 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
13:59:07.0699 5804 circlass - ok
13:59:07.0776 5804 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
13:59:07.0792 5804 CLFS - ok
13:59:07.0879 5804 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:59:07.0882 5804 clr_optimization_v2.0.50727_32 - ok
13:59:07.0959 5804 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:59:07.0963 5804 clr_optimization_v2.0.50727_64 - ok
13:59:08.0070 5804 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:59:08.0075 5804 clr_optimization_v4.0.30319_32 - ok
13:59:08.0123 5804 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:59:08.0128 5804 clr_optimization_v4.0.30319_64 - ok
13:59:08.0167 5804 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
13:59:08.0169 5804 CmBatt - ok
13:59:08.0183 5804 cmdide (8c6aa24c1d7273a02284588426ab8ce3) C:\Windows\system32\drivers\cmdide.sys
13:59:08.0185 5804 cmdide - ok
13:59:08.0287 5804 Com4QLBEx (2f27104f5d6ed63fdac38cacb9d19dfd) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
13:59:08.0292 5804 Com4QLBEx - ok
13:59:08.0300 5804 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
13:59:08.0302 5804 Compbatt - ok
13:59:08.0309 5804 COMSysApp - ok
13:59:08.0329 5804 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
13:59:08.0332 5804 crcdisk - ok
13:59:08.0408 5804 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
13:59:08.0414 5804 CryptSvc - ok
13:59:08.0558 5804 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
13:59:08.0587 5804 DcomLaunch - ok
13:59:08.0646 5804 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
13:59:08.0650 5804 DfsC - ok
13:59:09.0093 5804 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
13:59:09.0210 5804 DFSR - ok
13:59:09.0379 5804 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
13:59:09.0390 5804 Dhcp - ok
13:59:09.0445 5804 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
13:59:09.0448 5804 disk - ok
13:59:09.0482 5804 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
13:59:09.0487 5804 Dnscache - ok
13:59:09.0558 5804 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
13:59:09.0565 5804 dot3svc - ok
13:59:09.0636 5804 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
13:59:09.0640 5804 Dot4 - ok
13:59:09.0690 5804 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:59:09.0693 5804 Dot4Print - ok
13:59:09.0731 5804 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
13:59:09.0734 5804 dot4usb - ok
13:59:09.0787 5804 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
13:59:09.0792 5804 DPS - ok
13:59:09.0831 5804 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
13:59:09.0833 5804 drmkaud - ok
13:59:09.0964 5804 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
13:59:09.0991 5804 DXGKrnl - ok
13:59:10.0044 5804 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
13:59:10.0048 5804 E1G60 - ok
13:59:10.0079 5804 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
13:59:10.0083 5804 EapHost - ok
13:59:10.0147 5804 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
13:59:10.0152 5804 Ecache - ok
13:59:10.0221 5804 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
13:59:10.0240 5804 ehRecvr - ok
13:59:10.0273 5804 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
13:59:10.0277 5804 ehSched - ok
13:59:10.0305 5804 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
13:59:10.0307 5804 ehstart - ok
13:59:10.0363 5804 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
13:59:10.0388 5804 elxstor - ok
13:59:10.0468 5804 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
13:59:10.0482 5804 EMDMgmt - ok
13:59:10.0526 5804 enecir (cd0c80e5e9a9bf8dd145f43713d77993) C:\Windows\system32\DRIVERS\enecir.sys
13:59:10.0529 5804 enecir - ok
13:59:10.0587 5804 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
13:59:10.0589 5804 ErrDev - ok
13:59:10.0675 5804 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
13:59:10.0689 5804 EventSystem - ok
13:59:10.0750 5804 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
13:59:10.0755 5804 exfat - ok
13:59:10.0810 5804 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
13:59:10.0815 5804 fastfat - ok
13:59:10.0848 5804 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
13:59:10.0850 5804 fdc - ok
13:59:10.0883 5804 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
13:59:10.0886 5804 fdPHost - ok
13:59:10.0898 5804 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
13:59:10.0902 5804 FDResPub - ok
13:59:10.0925 5804 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
13:59:10.0928 5804 FileInfo - ok
13:59:10.0958 5804 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
13:59:10.0960 5804 Filetrace - ok
13:59:10.0977 5804 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
13:59:10.0979 5804 flpydisk - ok
13:59:11.0031 5804 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
13:59:11.0043 5804 FltMgr - ok
13:59:11.0266 5804 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
13:59:11.0305 5804 FontCache - ok
13:59:11.0370 5804 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:59:11.0372 5804 FontCache3.0.0.0 - ok
13:59:11.0448 5804 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
13:59:11.0450 5804 Fs_Rec - ok
13:59:11.0499 5804 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
13:59:11.0502 5804 gagp30kx - ok
13:59:11.0549 5804 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:59:11.0551 5804 GEARAspiWDM - ok
13:59:11.0670 5804 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
13:59:11.0698 5804 gpsvc - ok
13:59:11.0775 5804 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
13:59:11.0782 5804 HdAudAddService - ok
13:59:11.0925 5804 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:59:11.0958 5804 HDAudBus - ok
13:59:11.0990 5804 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
13:59:11.0993 5804 HidBth - ok
13:59:12.0036 5804 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys
13:59:12.0038 5804 HidIr - ok
13:59:12.0069 5804 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
13:59:12.0073 5804 hidserv - ok
13:59:12.0106 5804 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
13:59:12.0108 5804 HidUsb - ok
13:59:12.0146 5804 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
13:59:12.0152 5804 hkmsvc - ok
13:59:12.0243 5804 HP Health Check Service (158ddac4aa0dfcf2e33b4f53cb5a20b9) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
13:59:12.0247 5804 HP Health Check Service - ok
13:59:12.0294 5804 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
13:59:12.0297 5804 HpCISSs - ok
13:59:12.0316 5804 hpdskflt (ccbe758967cc0f53f5ba3b271653c4e6) C:\Windows\system32\DRIVERS\hpdskflt.sys
13:59:12.0318 5804 hpdskflt - ok
13:59:12.0419 5804 hpqcxs08 (58d4765ab87347db835d5693adf652c1) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:59:12.0425 5804 hpqcxs08 - ok
13:59:12.0463 5804 hpqddsvc (99ed733f614660eb32199bf889dfb7e2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
13:59:12.0467 5804 hpqddsvc - ok
13:59:12.0479 5804 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
13:59:12.0481 5804 HpqKbFiltr - ok
13:59:12.0549 5804 hpqwmiex (3e1cb5c4affa06b4b29e8ff12544cf23) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
13:59:12.0554 5804 hpqwmiex - ok
13:59:12.0596 5804 hpsrv (e2223a37896a76861d7f79fd81a2a193) C:\Windows\system32\Hpservice.exe
13:59:12.0600 5804 hpsrv - ok
13:59:12.0701 5804 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
13:59:12.0727 5804 HTTP - ok
13:59:12.0762 5804 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
13:59:12.0764 5804 i2omp - ok
13:59:12.0793 5804 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
13:59:12.0796 5804 i8042prt - ok
13:59:12.0847 5804 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
13:59:12.0858 5804 iaStorV - ok
13:59:12.0915 5804 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:59:12.0918 5804 IDriverT - ok
13:59:13.0078 5804 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:59:13.0108 5804 idsvc - ok
13:59:14.0005 5804 igfx (7b0a679638e9380c0d8d42c7d43f8169) C:\Windows\system32\DRIVERS\igdkmd64.sys
13:59:14.0214 5804 igfx - ok
13:59:14.0375 5804 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
13:59:14.0378 5804 iirsp - ok
13:59:14.0470 5804 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
13:59:14.0491 5804 IKEEXT - ok
13:59:14.0539 5804 IntcHdmiAddService (c7c9720a5b0fd2b974fc4f72e405204b) C:\Windows\system32\drivers\IntcHdmi.sys
13:59:14.0543 5804 IntcHdmiAddService - ok
13:59:14.0598 5804 intelide (475490caf376e55e6e8b37bbdfeb2e81) C:\Windows\system32\drivers\intelide.sys
13:59:14.0600 5804 intelide - ok
13:59:14.0619 5804 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
13:59:14.0622 5804 intelppm - ok
13:59:14.0657 5804 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
13:59:14.0662 5804 IPBusEnum - ok
13:59:14.0698 5804 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:59:14.0701 5804 IpFilterDriver - ok
13:59:14.0744 5804 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
13:59:14.0751 5804 iphlpsvc - ok
13:59:14.0755 5804 IpInIp - ok
13:59:14.0790 5804 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
13:59:14.0793 5804 IPMIDRV - ok
13:59:14.0815 5804 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
13:59:14.0818 5804 IPNAT - ok
13:59:14.0984 5804 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
13:59:15.0014 5804 iPod Service - ok
13:59:15.0042 5804 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
13:59:15.0044 5804 IRENUM - ok
13:59:15.0079 5804 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
13:59:15.0082 5804 isapnp - ok
13:59:15.0141 5804 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
13:59:15.0147 5804 iScsiPrt - ok
13:59:15.0168 5804 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
13:59:15.0171 5804 iteatapi - ok
13:59:15.0197 5804 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
13:59:15.0200 5804 iteraid - ok
13:59:15.0241 5804 JMCR (b33736b29d70dbd275b099bcd4f5c1ba) C:\Windows\system32\DRIVERS\jmcr.sys
13:59:15.0245 5804 JMCR - ok
13:59:15.0275 5804 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
13:59:15.0278 5804 kbdclass - ok
13:59:15.0288 5804 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
13:59:15.0290 5804 kbdhid - ok
13:59:15.0331 5804 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
13:59:15.0336 5804 KeyIso - ok
13:59:15.0425 5804 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
13:59:15.0450 5804 KSecDD - ok
13:59:15.0464 5804 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
13:59:15.0467 5804 ksthunk - ok
13:59:15.0547 5804 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
13:59:15.0571 5804 KtmRm - ok
13:59:15.0640 5804 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
13:59:15.0649 5804 LanmanServer - ok
13:59:15.0750 5804 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
13:59:15.0761 5804 LanmanWorkstation - ok
13:59:15.0860 5804 LightScribeService (9188d073cd14f886790d6037d1986063) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
13:59:15.0863 5804 LightScribeService - ok
13:59:15.0880 5804 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
13:59:15.0883 5804 lltdio - ok
13:59:15.0945 5804 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
13:59:15.0967 5804 lltdsvc - ok
13:59:16.0000 5804 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
13:59:16.0005 5804 lmhosts - ok
13:59:16.0061 5804 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
13:59:16.0065 5804 LSI_FC - ok
13:59:16.0080 5804 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
13:59:16.0084 5804 LSI_SAS - ok
13:59:16.0121 5804 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
13:59:16.0124 5804 LSI_SCSI - ok
13:59:16.0149 5804 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
13:59:16.0162 5804 luafv - ok
13:59:16.0200 5804 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
13:59:16.0206 5804 Mcx2Svc - ok
13:59:16.0249 5804 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
13:59:16.0251 5804 megasas - ok
13:59:16.0327 5804 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
13:59:16.0345 5804 MegaSR - ok
13:59:16.0446 5804 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
13:59:16.0450 5804 Microsoft Office Groove Audit Service - ok
13:59:16.0502 5804 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
13:59:16.0507 5804 MMCSS - ok
13:59:16.0528 5804 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
13:59:16.0531 5804 Modem - ok
13:59:16.0558 5804 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
13:59:16.0561 5804 monitor - ok
13:59:16.0585 5804 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
13:59:16.0588 5804 mouclass - ok
13:59:16.0619 5804 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
13:59:16.0622 5804 mouhid - ok
13:59:16.0633 5804 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
13:59:16.0637 5804 MountMgr - ok
13:59:16.0678 5804 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
13:59:16.0682 5804 mpio - ok
13:59:16.0699 5804 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
13:59:16.0702 5804 mpsdrv - ok
13:59:16.0810 5804 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
13:59:16.0836 5804 MpsSvc - ok
13:59:16.0857 5804 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
13:59:16.0860 5804 Mraid35x - ok
13:59:16.0917 5804 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
13:59:16.0922 5804 MRxDAV - ok
13:59:16.0969 5804 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:59:16.0974 5804 mrxsmb - ok
13:59:17.0012 5804 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:59:17.0030 5804 mrxsmb10 - ok
13:59:17.0059 5804 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:59:17.0063 5804 mrxsmb20 - ok
13:59:17.0117 5804 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\drivers\msahci.sys
13:59:17.0119 5804 msahci - ok
13:59:17.0159 5804 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
13:59:17.0163 5804 msdsm - ok
13:59:17.0209 5804 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
13:59:17.0216 5804 MSDTC - ok
13:59:17.0261 5804 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
13:59:17.0263 5804 Msfs - ok
13:59:17.0291 5804 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
13:59:17.0294 5804 msisadrv - ok
13:59:17.0353 5804 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
13:59:17.0360 5804 MSiSCSI - ok
13:59:17.0365 5804 msiserver - ok
13:59:17.0392 5804 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
13:59:17.0394 5804 MSKSSRV - ok
13:59:17.0415 5804 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
13:59:17.0418 5804 MSPCLOCK - ok
13:59:17.0444 5804 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
13:59:17.0446 5804 MSPQM - ok
13:59:17.0515 5804 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
13:59:17.0535 5804 MsRPC - ok
13:59:17.0569 5804 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
13:59:17.0572 5804 mssmbios - ok
13:59:17.0594 5804 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
13:59:17.0596 5804 MSTEE - ok
13:59:17.0616 5804 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
13:59:17.0619 5804 Mup - ok
13:59:17.0699 5804 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
13:59:17.0722 5804 napagent - ok
13:59:17.0791 5804 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
13:59:17.0796 5804 NativeWifiP - ok
13:59:17.0924 5804 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
13:59:17.0950 5804 NDIS - ok
13:59:17.0984 5804 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
13:59:17.0987 5804 NdisTapi - ok
13:59:18.0003 5804 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
13:59:18.0005 5804 Ndisuio - ok
13:59:18.0067 5804 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
13:59:18.0072 5804 NdisWan - ok
13:59:18.0091 5804 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
13:59:18.0094 5804 NDProxy - ok
13:59:18.0169 5804 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
13:59:18.0174 5804 Net Driver HPZ12 - ok
13:59:18.0193 5804 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
13:59:18.0196 5804 NetBIOS - ok
13:59:18.0266 5804 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
13:59:18.0272 5804 netbt - ok
13:59:18.0310 5804 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
13:59:18.0314 5804 Netlogon - ok
13:59:18.0383 5804 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
13:59:18.0398 5804 Netman - ok
13:59:18.0448 5804 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
13:59:18.0468 5804 netprofm - ok
13:59:18.0533 5804 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:59:18.0537 5804 NetTcpPortSharing - ok
13:59:18.0947 5804 NETw3v64 (c86984aee87900c1eeb6942ede3bf4b6) C:\Windows\system32\DRIVERS\NETw3v64.sys
13:59:19.0045 5804 NETw3v64 - ok
13:59:19.0192 5804 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
13:59:19.0195 5804 nfrd960 - ok
13:59:19.0245 5804 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
13:59:19.0254 5804 NlaSvc - ok
13:59:19.0285 5804 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
13:59:19.0288 5804 Npfs - ok
13:59:19.0303 5804 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
13:59:19.0308 5804 nsi - ok
13:59:19.0325 5804 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
13:59:19.0328 5804 nsiproxy - ok
13:59:19.0534 5804 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
13:59:19.0584 5804 Ntfs - ok
13:59:19.0677 5804 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
13:59:19.0680 5804 Null - ok
13:59:19.0706 5804 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
13:59:19.0710 5804 nvraid - ok
13:59:19.0751 5804 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
13:59:19.0754 5804 nvstor - ok
13:59:19.0799 5804 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
13:59:19.0803 5804 nv_agp - ok
13:59:19.0809 5804 NwlnkFlt - ok
13:59:19.0818 5804 NwlnkFwd - ok
13:59:19.0945 5804 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:59:19.0966 5804 odserv - ok
13:59:19.0993 5804 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys
13:59:19.0997 5804 ohci1394 - ok
13:59:20.0046 5804 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:59:20.0051 5804 ose - ok
13:59:20.0195 5804 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
13:59:20.0231 5804 p2pimsvc - ok
13:59:20.0246 5804 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
13:59:20.0258 5804 p2psvc - ok
13:59:20.0300 5804 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
13:59:20.0304 5804 Parport - ok
13:59:20.0353 5804 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
13:59:20.0357 5804 partmgr - ok
13:59:20.0394 5804 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
13:59:20.0400 5804 PcaSvc - ok
13:59:20.0472 5804 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
13:59:20.0477 5804 pci - ok
13:59:20.0496 5804 pciide (15e5c3f89a3452efbda3b39816dbc4ee) C:\Windows\system32\drivers\pciide.sys
13:59:20.0499 5804 pciide - ok
13:59:20.0522 5804 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
13:59:20.0528 5804 pcmcia - ok
13:59:20.0620 5804 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
13:59:20.0650 5804 PEAUTH - ok
13:59:20.0744 5804 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
13:59:20.0749 5804 PerfHost - ok
13:59:20.0928 5804 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
13:59:20.0981 5804 pla - ok
13:59:21.0048 5804 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
13:59:21.0066 5804 PlugPlay - ok
13:59:21.0116 5804 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
13:59:21.0121 5804 Pml Driver HPZ12 - ok
13:59:21.0247 5804 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
13:59:21.0259 5804 PNRPAutoReg - ok
13:59:21.0274 5804 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
13:59:21.0286 5804 PNRPsvc - ok
13:59:21.0375 5804 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
13:59:21.0393 5804 PolicyAgent - ok
13:59:21.0479 5804 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
13:59:21.0483 5804 PptpMiniport - ok
13:59:21.0541 5804 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
13:59:21.0544 5804 Processor - ok
13:59:21.0608 5804 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
13:59:21.0616 5804 ProfSvc - ok
13:59:21.0656 5804 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
13:59:21.0659 5804 ProtectedStorage - ok
13:59:21.0698 5804 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
13:59:21.0702 5804 PSched - ok
13:59:21.0845 5804 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
13:59:21.0879 5804 ql2300 - ok
13:59:21.0904 5804 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
13:59:21.0908 5804 ql40xx - ok
13:59:21.0963 5804 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
13:59:21.0986 5804 QWAVE - ok
13:59:22.0003 5804 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
13:59:22.0006 5804 QWAVEdrv - ok
13:59:22.0018 5804 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
13:59:22.0021 5804 RasAcd - ok
13:59:22.0038 5804 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
13:59:22.0046 5804 RasAuto - ok
13:59:22.0093 5804 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:59:22.0097 5804 Rasl2tp - ok
13:59:22.0151 5804 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
13:59:22.0171 5804 RasMan - ok
13:59:22.0212 5804 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
13:59:22.0215 5804 RasPppoe - ok
13:59:22.0266 5804 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
13:59:22.0270 5804 RasSstp - ok
13:59:22.0338 5804 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
13:59:22.0358 5804 rdbss - ok
13:59:22.0378 5804 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:59:22.0380 5804 RDPCDD - ok
13:59:22.0441 5804 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
13:59:22.0461 5804 rdpdr - ok
13:59:22.0467 5804 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
13:59:22.0470 5804 RDPENCDD - ok
13:59:22.0516 5804 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys
13:59:22.0536 5804 RDPWD - ok
13:59:22.0645 5804 Recovery Service for Windows (6266d28705bc3f99e8bac1f864c14e91) C:\Program Files (x86)\SMINST\BLService.exe
13:59:22.0649 5804 Recovery Service for Windows - ok
13:59:22.0706 5804 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
13:59:22.0712 5804 RemoteAccess - ok
13:59:22.0769 5804 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
13:59:22.0779 5804 RemoteRegistry - ok
13:59:22.0830 5804 RFCOMM (72c35598ba591abddc37fce7d26fe1c4) C:\Windows\system32\DRIVERS\rfcomm.sys
13:59:22.0835 5804 RFCOMM - ok
13:59:22.0940 5804 RichVideo (498eb62a160674e793fa40fd65390625) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
13:59:22.0946 5804 RichVideo - ok
13:59:22.0987 5804 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
13:59:22.0992 5804 RpcLocator - ok
13:59:23.0108 5804 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
13:59:23.0120 5804 RpcSs - ok
13:59:23.0146 5804 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
13:59:23.0150 5804 rspndr - ok
13:59:23.0199 5804 RTL8169 (390482953c63e81bae52f20386394421) C:\Windows\system32\DRIVERS\Rtlh64.sys
13:59:23.0204 5804 RTL8169 - ok
13:59:23.0245 5804 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
13:59:23.0249 5804 SamSs - ok
13:59:23.0279 5804 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
13:59:23.0283 5804 sbp2port - ok
13:59:23.0339 5804 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
13:59:23.0347 5804 SCardSvr - ok
13:59:23.0469 5804 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
13:59:23.0541 5804 Schedule - ok
13:59:23.0582 5804 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
13:59:23.0584 5804 SCPolicySvc - ok
13:59:23.0626 5804 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys
13:59:23.0630 5804 sdbus - ok
13:59:23.0683 5804 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
13:59:23.0692 5804 SDRSVC - ok
13:59:23.0704 5804 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:59:23.0707 5804 secdrv - ok
13:59:23.0728 5804 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
13:59:23.0734 5804 seclogon - ok
13:59:23.0760 5804 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
13:59:23.0767 5804 SENS - ok
13:59:23.0792 5804 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
13:59:23.0795 5804 Serenum - ok
13:59:23.0824 5804 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
13:59:23.0828 5804 Serial - ok
13:59:23.0837 5804 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
13:59:23.0839 5804 sermouse - ok
13:59:23.0878 5804 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
13:59:23.0885 5804 SessionEnv - ok
13:59:23.0911 5804 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
13:59:23.0913 5804 sffdisk - ok
13:59:23.0934 5804 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
13:59:23.0936 5804 sffp_mmc - ok
13:59:23.0945 5804 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
13:59:23.0948 5804 sffp_sd - ok
13:59:23.0955 5804 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
13:59:23.0957 5804 sfloppy - ok
13:59:24.0021 5804 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
13:59:24.0040 5804 SharedAccess - ok
13:59:24.0115 5804 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
13:59:24.0136 5804 ShellHWDetection - ok
13:59:24.0152 5804 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
13:59:24.0155 5804 SiSRaid2 - ok
13:59:24.0179 5804 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
13:59:24.0183 5804 SiSRaid4 - ok
13:59:24.0283 5804 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files (x86)\Skype\Updater\Updater.exe
13:59:24.0288 5804 SkypeUpdate - ok
13:59:24.0621 5804 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
13:59:24.0698 5804 slsvc - ok
13:59:24.0833 5804 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
13:59:24.0840 5804 SLUINotify - ok
13:59:24.0924 5804 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
13:59:24.0927 5804 Smb - ok
13:59:24.0974 5804 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
13:59:24.0980 5804 SNMPTRAP - ok
13:59:25.0016 5804 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
13:59:25.0019 5804 spldr - ok
13:59:25.0083 5804 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
13:59:25.0105 5804 Spooler - ok
13:59:25.0182 5804 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
13:59:25.0202 5804 srv - ok
13:59:25.0256 5804 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
13:59:25.0262 5804 srv2 - ok
13:59:25.0285 5804 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
13:59:25.0290 5804 srvnet - ok
13:59:25.0368 5804 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
13:59:25.0374 5804 ssadbus - ok
13:59:25.0440 5804 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
13:59:25.0449 5804 SSDPSRV - ok
13:59:25.0496 5804 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
13:59:25.0505 5804 SstpSvc - ok
13:59:25.0634 5804 STacSV (3fb66e86ba667d627a613e1d677469b0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_5730ce9f\STacSV64.exe
13:59:25.0643 5804 STacSV - ok
13:59:25.0725 5804 Steam Client Service - ok
13:59:25.0823 5804 STHDA (e01797a54f8a61512b7e590fde6d1988) C:\Windows\system32\DRIVERS\stwrt64.sys
13:59:25.0840 5804 STHDA - ok
13:59:25.0939 5804 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
13:59:25.0968 5804 stisvc - ok
13:59:25.0993 5804 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
13:59:25.0995 5804 swenum - ok
13:59:26.0090 5804 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
13:59:26.0118 5804 swprv - ok
13:59:26.0138 5804 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
13:59:26.0141 5804 Symc8xx - ok
13:59:26.0167 5804 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
13:59:26.0170 5804 Sym_hi - ok
13:59:26.0180 5804 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
13:59:26.0183 5804 Sym_u3 - ok
13:59:26.0309 5804 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
13:59:26.0349 5804 SysMain - ok
13:59:26.0384 5804 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
13:59:26.0392 5804 TabletInputService - ok
13:59:26.0472 5804 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
13:59:26.0489 5804 TapiSrv - ok
13:59:26.0515 5804 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
13:59:26.0522 5804 TBS - ok
13:59:26.0717 5804 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
13:59:26.0760 5804 Tcpip - ok
13:59:26.0790 5804 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
13:59:26.0805 5804 Tcpip6 - ok
13:59:26.0847 5804 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
13:59:26.0850 5804 tcpipreg - ok
13:59:26.0883 5804 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
13:59:26.0886 5804 TDPIPE - ok
13:59:26.0894 5804 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
13:59:26.0897 5804 TDTCP - ok
13:59:26.0951 5804 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
13:59:26.0955 5804 tdx - ok
13:59:27.0003 5804 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
13:59:27.0006 5804 TermDD - ok
13:59:27.0115 5804 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
13:59:27.0141 5804 TermService - ok
13:59:27.0216 5804 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
13:59:27.0224 5804 Themes - ok
13:59:27.0251 5804 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
13:59:27.0255 5804 THREADORDER - ok
13:59:27.0292 5804 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
13:59:27.0301 5804 TrkWks - ok
13:59:27.0359 5804 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
13:59:27.0362 5804 TrustedInstaller - ok
13:59:27.0425 5804 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:59:27.0428 5804 tssecsrv - ok
13:59:27.0461 5804 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
13:59:27.0464 5804 tunmp - ok
13:59:27.0513 5804 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
13:59:27.0516 5804 tunnel - ok
13:59:27.0662 5804 TVCapSvc (4215ecfc15d265a8e6e1925084b80908) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
13:59:27.0666 5804 TVCapSvc - ok
13:59:27.0705 5804 TVSched (f386d56f1b6d70e0e4e70e494975d279) C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
13:59:27.0709 5804 TVSched - ok
13:59:27.0747 5804 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
13:59:27.0751 5804 uagp35 - ok
13:59:27.0818 5804 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
13:59:27.0839 5804 udfs - ok
13:59:27.0866 5804 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
13:59:27.0874 5804 UI0Detect - ok
13:59:27.0907 5804 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
13:59:27.0911 5804 uliagpkx - ok
13:59:27.0962 5804 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
13:59:27.0984 5804 uliahci - ok
13:59:28.0018 5804 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
13:59:28.0023 5804 UlSata - ok
13:59:28.0061 5804 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
13:59:28.0066 5804 ulsata2 - ok
13:59:28.0080 5804 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
13:59:28.0083 5804 umbus - ok
13:59:28.0132 5804 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
13:59:28.0149 5804 upnphost - ok
13:59:28.0200 5804 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
13:59:28.0204 5804 USBAAPL64 - ok
13:59:28.0259 5804 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
13:59:28.0263 5804 usbccgp - ok
13:59:28.0313 5804 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
13:59:28.0317 5804 usbcir - ok
13:59:28.0349 5804 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
13:59:28.0352 5804 usbehci - ok
13:59:28.0399 5804 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
13:59:28.0408 5804 usbhub - ok
13:59:28.0440 5804 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
13:59:28.0442 5804 usbohci - ok
13:59:28.0490 5804 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
13:59:28.0493 5804 usbprint - ok
13:59:28.0519 5804 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:59:28.0523 5804 USBSTOR - ok
13:59:28.0540 5804 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
13:59:28.0543 5804 usbuhci - ok
13:59:28.0579 5804 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
13:59:28.0584 5804 usbvideo - ok
13:59:28.0626 5804 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
13:59:28.0633 5804 UxSms - ok
13:59:28.0719 5804 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
13:59:28.0750 5804 vds - ok
13:59:28.0786 5804 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
13:59:28.0789 5804 vga - ok
13:59:28.0821 5804 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
13:59:28.0823 5804 VgaSave - ok
13:59:28.0838 5804 viaide (4f964e6828156f0ef3fa8d3a9a7895de) C:\Windows\system32\drivers\viaide.sys
13:59:28.0841 5804 viaide - ok
13:59:28.0877 5804 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
13:59:28.0880 5804 volmgr - ok
13:59:28.0950 5804 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
13:59:28.0974 5804 volmgrx - ok
13:59:29.0042 5804 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
13:59:29.0059 5804 volsnap - ok
13:59:29.0088 5804 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
13:59:29.0094 5804 vsmraid - ok
13:59:29.0287 5804 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
13:59:29.0340 5804 VSS - ok
13:59:29.0408 5804 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
13:59:29.0435 5804 W32Time - ok
13:59:29.0499 5804 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
13:59:29.0502 5804 WacomPen - ok
13:59:29.0548 5804 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
13:59:29.0553 5804 Wanarp - ok
13:59:29.0558 5804 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
13:59:29.0560 5804 Wanarpv6 - ok
13:59:29.0659 5804 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
13:59:29.0688 5804 wcncsvc - ok
13:59:29.0713 5804 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
13:59:29.0720 5804 WcsPlugInService - ok
13:59:29.0732 5804 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
13:59:29.0735 5804 Wd - ok
13:59:29.0835 5804 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
13:59:29.0868 5804 Wdf01000 - ok
13:59:29.0889 5804 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
13:59:29.0897 5804 WdiServiceHost - ok
13:59:29.0902 5804 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
13:59:29.0909 5804 WdiSystemHost - ok
13:59:29.0959 5804 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
13:59:29.0970 5804 WebClient - ok
13:59:30.0025 5804 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
13:59:30.0037 5804 Wecsvc - ok
13:59:30.0057 5804 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
13:59:30.0066 5804 wercplsupport - ok
13:59:30.0092 5804 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
13:59:30.0101 5804 WerSvc - ok
13:59:30.0140 5804 WinDefend - ok
13:59:30.0152 5804 WinHttpAutoProxySvc - ok
13:59:30.0245 5804 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
13:59:30.0251 5804 Winmgmt - ok
13:59:30.0515 5804 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
13:59:30.0584 5804 WinRM - ok
13:59:30.0794 5804 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
13:59:30.0822 5804 Wlansvc - ok
13:59:30.0871 5804 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:59:30.0873 5804 WmiAcpi - ok
13:59:30.0954 5804 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
13:59:30.0961 5804 wmiApSrv - ok
13:59:31.0042 5804 WMPNetworkSvc - ok
13:59:31.0088 5804 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
13:59:31.0099 5804 WPCSvc - ok
13:59:31.0163 5804 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
13:59:31.0172 5804 WPDBusEnum - ok
13:59:31.0227 5804 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
13:59:31.0230 5804 WpdUsb - ok
13:59:31.0433 5804 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:59:31.0469 5804 WPFFontCache_v0400 - ok
13:59:31.0514 5804 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
13:59:31.0516 5804 ws2ifsl - ok
13:59:31.0562 5804 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll
13:59:31.0571 5804 wscsvc - ok
13:59:31.0577 5804 WSearch - ok
13:59:31.0888 5804 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
13:59:31.0960 5804 wuauserv - ok
13:59:32.0115 5804 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:59:32.0119 5804 WUDFRd - ok
13:59:32.0159 5804 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
13:59:32.0167 5804 wudfsvc - ok
13:59:32.0327 5804 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
13:59:32.0342 5804 YahooAUService - ok
13:59:32.0393 5804 yukonx64 (07f7285220307aafb755d890295f0f9a) C:\Windows\system32\DRIVERS\yk60x64.sys
13:59:32.0401 5804 yukonx64 - ok
13:59:32.0443 5804 MBR (0x1B8) (5c86adec17b739c437e145e3b3fc2e6d) \Device\Harddisk0\DR0
13:59:32.0667 5804 \Device\Harddisk0\DR0 - ok
13:59:32.0671 5804 Boot (0x1200) (05bb50ddf89af95f050ed647427fae61) \Device\Harddisk0\DR0\Partition0
13:59:32.0674 5804 \Device\Harddisk0\DR0\Partition0 - ok
13:59:32.0681 5804 Boot (0x1200) (c7c059667602d07c3f67a5ce00a8fef7) \Device\Harddisk0\DR0\Partition1
13:59:32.0683 5804 \Device\Harddisk0\DR0\Partition1 - ok
13:59:32.0685 5804 ============================================================
13:59:32.0685 5804 Scan finished
13:59:32.0685 5804 ============================================================
13:59:32.0754 7824 Detected object count: 0
13:59:32.0754 7824 Actual detected object count: 0



I couldn't do the next one. While aswMBR was running I got a blue screen error dump.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:48 PM

Posted 01 August 2012 - 01:44 PM

Run it in safemode

#5 lalalee

lalalee
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 01 August 2012 - 04:44 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-01 15:07:50
-----------------------------
15:07:50.230 OS Version: Windows x64 6.0.6002 Service Pack 2
15:07:50.230 Number of processors: 2 586 0x170A
15:07:50.245 ComputerName: OWNER-PC UserName: owner
15:07:57.250 Initialze error C0000061 - driver not loaded
15:08:01.696 AVAST engine defs: 12080100
15:08:05.112 Service scanning
15:09:03.909 Modules scanning
15:09:03.909 Disk 0 trace - called modules:
15:09:03.909
15:09:05.219 AVAST engine scan C:\Windows
15:09:08.464 AVAST engine scan C:\Windows\system32
15:11:16.619 AVAST engine scan C:\Windows\system32\drivers
15:11:27.258 AVAST engine scan C:\Users\owner
15:29:33.868 AVAST engine scan C:\ProgramData
15:30:22.790 Scan finished successfully
15:32:57.933 The log file has been saved successfully to "C:\Users\owner\Documents\aswMBR.txt"



------------------------
Last scan:


C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\I90M488C\i[1].htm JS/Kryptik.NX trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PKDSDX00\i[1].htm JS/Kryptik.NX trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\13a536a3-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\148fc193-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\1b021bf3-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\1bec701b-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\1cf73aa1-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\1d0dd4d0-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\21219d32-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\222eb19b-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\22c6894a-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\2336d0c1-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\2470ba5c-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\26c980f-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\28902004-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\2904.tmp Win32/Simda.B trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\2c405fea-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\2e3cfd6a-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\31000dbe-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\317efc1c-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\33f03748-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\354f4f3a-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\38742c96-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\393e9e30-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\3aa43637-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\3b1ed6e5-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\3cb42231-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\3efcf1a5-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\40b9464f-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\4196a8a8-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\4291800f-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\42d378c3-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\433b689e-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\442badc-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\44504eb9-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\4bca4692-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\4e83cee6-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\5089964b-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\51bf4384-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\5272dff9-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\571e238e-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\5987efe7-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\598da3b-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\6509ce6e-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\66462b87-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\692d5dc3-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\695a117d-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\6aac1e4-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\6dd569cc-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\6e98ecf4-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\71022719-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\72b21db0-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\737e3b26-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\73a3e485-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\759b4a5e-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\764297ae-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\76487c33-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\7b307713-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\7d787f3e-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\80b2ee27-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\83bb1e0e-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\85704c9b-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\85706c3d-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\8708acc-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\89767b60-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\8c03b5e6-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\8c2a81b8-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\8c2d1212-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\90370c8b-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\90b6100c-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\91381650-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\925e87ad-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\927778d5-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\93b5e0be-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\96a69c4c-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\96de18c9-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\977b6ec0-5576.tmp Win32/Simda.L trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\owner\AppData\Local\Temp\983fe6ef-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\98de3a17-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\9ad57224-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\9f67a29d-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\9fba4e15-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\a09b5d51-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\a0edd29d-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\a1d315de-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\a3b7f3b2-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\a3c10f73-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\a3d6a4bc-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\a6dd5f54-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\a7e21216-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\ac294dcd-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\ad7370f9-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\ade1a471-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\ae5f69b6-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\afb1e7c-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\b459cc92-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\b5c78f6f-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\b8594321-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\b8d9b09e-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\bbd5fbe2-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\c6ae9242-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\cc8423e7-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\cc9fc751-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\cf560053-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\d2de02d5-5576.tmp Win32/Simda.L trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\owner\AppData\Local\Temp\d3ebdafa-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\d8540d3e-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\d99f95ec-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\d9b7b199-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\e1e678a0-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\e249606f-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\e2a02338-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\e30df30d-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\e361cbfd-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\e6232a81-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\e86c677f-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\e8d5ee6b-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\ea71ec10-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\edff96b7-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\f63ec38f-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\f9ddccc2-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\fabfc7be-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\ff43f53c-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\14ce4c41-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\16d202e3-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\1aed43d7-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\1fc21ba8-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\26586829-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\2dde6b37-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\2e73c84a-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\2fdef532-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\309b07f8-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\30c30d6f-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\336d9c8a-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\34b1416c-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\35c45eb5-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\39e01266-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\3c51b876-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\415611d3-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\41754d09-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\43436672-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\4572ea87-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\4c1c6dd8-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\51726046-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\531bb2ac-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\54399389-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\5582f560-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\5dad193a-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\5f6fb98f-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\60da17a3-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\61b38540-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\658fa06f-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\66b1781f-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\6dc2347b-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\6e0f2db1-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\75ca7f14-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\76d57290-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\7ba8505e-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\853ca646-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\930beb64-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\95b506d7-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\a1202b98-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\b189cbc2-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\b3d1e8e-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\b87b8b56-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\ba0b118c-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\bc897ff7-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\bfcb196a-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\c4b5746f-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\c9ad6442-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\ca9b6555-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\caadfbdd-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\cd134e7c-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\d318cd09-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\dee52057-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\e086e6ff-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\ebc5db06-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\ec51540-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\ed6c6c09-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\f08557a2-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\f405eb2c-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\f44d421b-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\f6fcddd3-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\f77f2b58-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\fc1bac7a-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
C:\Users\owner\AppData\Local\Temp\Low\fef97668-5576.tmp Win32/Simda.L trojan cleaned by deleting - quarantined
Operating memory probably a variant of Win32/Simda.L trojan

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:48 PM

Posted 01 August 2012 - 05:17 PM

Re run ASWMBR in safemode and post the log

#7 lalalee

lalalee
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 01 August 2012 - 05:58 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-01 18:28:53
-----------------------------
18:28:53.529 OS Version: Windows x64 6.0.6002 Service Pack 2
18:28:53.529 Number of processors: 2 586 0x170A
18:28:53.545 ComputerName: OWNER-PC UserName: owner
18:28:57.741 Initialze error C0000061 - driver not loaded
18:29:01.049 AVAST engine defs: 12080100
18:29:07.959 Service scanning
18:30:02.248 Modules scanning
18:30:02.248 Disk 0 trace - called modules:
18:30:02.248
18:30:03.168 AVAST engine scan C:\Windows
18:30:05.914 AVAST engine scan C:\Windows\system32
18:32:13.398 AVAST engine scan C:\Windows\system32\drivers
18:32:23.522 AVAST engine scan C:\Users\owner
18:51:43.920 AVAST engine scan C:\ProgramData
18:52:32.858 Scan finished successfully
18:52:49.643 The log file has been saved successfully to "C:\Users\owner\Documents\aswMBR2.txt"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:48 PM

Posted 01 August 2012 - 06:01 PM

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot let me know what it finds

#9 lalalee

lalalee
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 01 August 2012 - 06:09 PM

it says "No infections were found"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:48 PM

Posted 01 August 2012 - 06:22 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#11 lalalee

lalalee
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 01 August 2012 - 06:34 PM

When you say:

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Do you mean to do a quick scan or another full scan?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:48 PM

Posted 01 August 2012 - 06:52 PM

FULL SCAN :thumbup2:

#13 lalalee

lalalee
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 02 August 2012 - 07:14 AM

Rose Killer log:

RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Started in : Normal mode
User: owner [Admin rights]
Mode: HOSTSFix -- Date: 08/02/2012 08:00:12

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
::1 localhost


¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[1].txt >>
RKreport[1].txt



Mini Toolbox log:
MiniToolBox by Farbar Version: 23-07-2012
Ran by owner (administrator) on 02-08-2012 at 08:03:05
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 802.11b/g WLAN = Wireless Network Connection (Connected)
Realtek RTL8102E/8103E Family PCI-E Fast Ethernet NIC (NDIS 6.0) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : owner-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
Physical Address. . . . . . . . . : 00-21-00-F8-8D-64
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c4cb:dbdc:38b3:587d%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.109(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, August 02, 2012 7:54:46 AM
Lease Expires . . . . . . . . . . : Friday, August 03, 2012 7:54:46 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234889472
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-BF-E9-CE-00-21-00-F8-8D-64
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8102E/8103E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
Physical Address. . . . . . . . . : 00-23-5A-AE-30-23
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.earthlink.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:c4d:19d3:3f57:fe92(Preferred)
Link-local IPv6 Address . . . . . : fe80::c4d:19d3:3f57:fe92%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.home
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : isatap.home
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{11DAF26D-B323-4610-8356-0A10E1D7DFC4}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:801::1005
74.125.226.238
74.125.226.225
74.125.226.232
74.125.226.224
74.125.226.233
74.125.226.231
74.125.226.229
74.125.226.227
74.125.226.230
74.125.226.226
74.125.226.228



Pinging google.com [173.194.43.40] with 32 bytes of data:

Reply from 173.194.43.40: bytes=32 time=10ms TTL=252
Reply from 173.194.43.40: bytes=32 time=10ms TTL=252



Ping statistics for 173.194.43.40:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 10ms, Maximum = 10ms, Average = 10ms

Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=92ms TTL=250

Reply from 72.30.38.140: bytes=32 time=98ms TTL=250



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 92ms, Maximum = 98ms, Average = 95ms

Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 21 00 f8 8d 64 ...... Broadcom 802.11b/g WLAN
10 ...00 23 5a ae 30 23 ...... Realtek RTL8102E/8103E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
1 ........................... Software Loopback Interface 1
15 ...00 00 00 00 00 00 00 e0 isatap.earthlink.net
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
16 ...00 00 00 00 00 00 00 e0 isatap.home
17 ...00 00 00 00 00 00 00 e0 isatap.home
14 ...00 00 00 00 00 00 00 e0 isatap.{11DAF26D-B323-4610-8356-0A10E1D7DFC4}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.109 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.109 281
192.168.1.109 255.255.255.255 On-link 192.168.1.109 281
192.168.1.255 255.255.255.255 On-link 192.168.1.109 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.109 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.109 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 18 ::/0 On-link
1 306 ::1/128 On-link
12 18 2001::/32 On-link
12 266 2001:0:9d38:953c:c4d:19d3:3f57:fe92/128
On-link
11 281 fe80::/64 On-link
12 266 fe80::/64 On-link
12 266 fe80::c4d:19d3:3f57:fe92/128
On-link
11 281 fe80::c4cb:dbdc:38b3:587d/128
On-link
1 306 ff00::/8 On-link
12 266 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [44032] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/02/2012 07:54:40 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2012 09:29:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2012 07:07:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2012 06:55:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2012 06:29:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2012 06:28:22 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (08/01/2012 03:39:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (08/01/2012 03:39:43 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (08/01/2012 03:35:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2012 03:07:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/02/2012 07:58:36 AM) (Source: PlugPlayManager) (User: )
Description: The device 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&04E4) disappeared from the system without first being prepared for removal.

Error: (08/02/2012 07:58:36 AM) (Source: PlugPlayManager) (User: )
Description: The device 'JMB38X MS Host Controller' (PCI\VEN_197B&DEV_2383&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&03E4) disappeared from the system without first being prepared for removal.

Error: (08/02/2012 07:58:36 AM) (Source: PlugPlayManager) (User: )
Description: The device 'JMB38X SD Host Controller' (PCI\VEN_197B&DEV_2381&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&02E4) disappeared from the system without first being prepared for removal.

Error: (08/02/2012 07:58:35 AM) (Source: PlugPlayManager) (User: )
Description: The device 'JMB38X SD/MMC Host Controller' (PCI\VEN_197B&DEV_2382&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&00E4) disappeared from the system without first being prepared for removal.

Error: (08/02/2012 07:53:56 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.109 for the Network Card with network address 002100F88D64 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (08/01/2012 11:11:26 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.107 for the Network Card with network address 002100F88D64 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (08/01/2012 09:33:08 PM) (Source: PlugPlayManager) (User: )
Description: The device 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&04E4) disappeared from the system without first being prepared for removal.

Error: (08/01/2012 09:33:08 PM) (Source: PlugPlayManager) (User: )
Description: The device 'JMB38X MS Host Controller' (PCI\VEN_197B&DEV_2383&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&03E4) disappeared from the system without first being prepared for removal.

Error: (08/01/2012 09:33:08 PM) (Source: PlugPlayManager) (User: )
Description: The device 'JMB38X SD Host Controller' (PCI\VEN_197B&DEV_2381&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&02E4) disappeared from the system without first being prepared for removal.

Error: (08/01/2012 09:33:08 PM) (Source: PlugPlayManager) (User: )
Description: The device 'JMB38X SD/MMC Host Controller' (PCI\VEN_197B&DEV_2382&SUBSYS_30F7103C&REV_00\4&37ba8cc&0&00E4) disappeared from the system without first being prepared for removal.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
Agere Systems HDA Modem
Alps Touch Pad Driver
Apple Mobile Device Support (Version: 5.1.1.4)
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.10.79.5)
ENE CIR Receiver Driver (12/30/2008 2.7.2.0) (Version: 12/30/2008 2.7.2.0)
HP Customer Participation Program 9.0 (Version: 9.0)
HP Imaging Device Functions 9.0 (Version: 9.0)
HP MediaSmart SmartMenu (Version: 2.1.10)
HP Photosmart Essential 2.01 (Version: 2.01)
HP Photosmart Printer Software 9.0 (Version: 9.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 9.0 (Version: 9.0)
iCloud (Version: 1.1.0.40)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.6.1.7)
Java™ 6 Update 13 (64-bit) (Version: 6.0.130)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
ProtectSmart Hard Drive Protection (Version: 3.10.1.7)

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 3998.02 MB
Available physical RAM: 2247.59 MB
Total Pagefile: 8173.3 MB
Available Pagefile: 6147.18 MB
Total Virtual: 4095.88 MB
Available Virtual: 3996.24 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:286.41 GB) (Free:142.62 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:11.68 GB) (Free:1.89 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator Guest owner


**** End of log ****

FSS log
Farbar Service Scanner Version: 26-07-2012
Ran by owner (administrator) on 02-08-2012 at 08:05:57
Running from "C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\266H8Z5L"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Disabled
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll
[2011-10-25 20:20] - [2009-04-11 03:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7

C:\Windows\System32\drivers\afd.sys
[2012-04-15 09:13] - [2012-01-03 10:25] - 0404992 ____A (Microsoft Corporation) C4F6CE6087760AD70960C9EB130E7943

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll
[2011-04-21 12:34] - [2011-03-02 12:12] - 0117760 ____A (Microsoft Corporation) 06230F1B721494A6DF8D47FD395BB1B0

C:\Windows\System32\mpssvc.dll
[2011-10-25 20:20] - [2009-04-11 03:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C

C:\Windows\System32\bfe.dll
[2011-10-25 20:19] - [2009-04-11 03:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe
[2011-10-25 20:21] - [2009-04-11 03:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1

C:\Windows\System32\wscsvc.dll
[2011-10-25 20:19] - [2009-04-11 03:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A

C:\Windows\System32\wbem\WMIsvc.dll
[2011-10-25 20:20] - [2009-04-11 03:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02

C:\Windows\System32\wuaueng.dll
[2010-07-02 12:28] - [2009-08-06 22:24] - 2424024 ____A (Microsoft Corporation) FB3796754FE00F0BDC87A36F164A5F4D

C:\Windows\System32\qmgr.dll
[2011-10-25 20:21] - [2009-04-11 03:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C

C:\Windows\System32\es.dll
[2011-10-25 20:21] - [2009-04-11 03:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF

C:\Windows\System32\cryptsvc.dll
[2011-10-25 20:20] - [2009-04-11 03:11] - 0166912 ____A (Microsoft Corporation) 18918613E63F387CDE4D95CA7D49DCF7

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2011-10-25 20:21] - [2009-04-11 03:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF



**** End of log ****


adware cleaner log:


# AdwCleaner v1.800 - Logfile created 08/02/2012 at 08:07:19
# Updated 01/08/2012 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : owner - OWNER-PC
# Running from : C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CEA7VHE8\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Viewpoint
Deleted on reboot : C:\Program Files (x86)\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Viewpoint

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [347 octets] - [02/08/2012 08:06:43]
AdwCleaner[S2].txt - [1856 octets] - [02/08/2012 08:07:19]

########## EOF - C:\AdwCleaner[S2].txt - [1984 octets] ##########

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:48 PM

Posted 02 August 2012 - 09:30 AM

MBAM log? Any current issues?

Edited by narenxp, 02 August 2012 - 09:30 AM.


#15 lalalee

lalalee
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:48 PM

Posted 02 August 2012 - 10:24 AM

MBAM log had nothing both times.

I haven't noticed anything in a while :D Thanks <33333




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users