Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

possible malware


  • Please log in to reply
13 replies to this topic

#1 BK06

BK06

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 27 August 2012 - 12:24 PM

I was really hoping I'd never have to come here again...

Win7 Desktop
AVG free version
Spybot-Search & Destroy
*Malwarebytes Anti-Malware free version

Okay, so a few days ago I had odd series of events.
I was beta testing a friend's flash-game for facebook, and watching movies online (hulu), and I got an error message something along the lines" a script in this page is causing Adobe Flash Player to run slowly, If it continues to run, your computer may become unresponsive", I just figured it was quirks between the beta and the streaming video, so I tasked manager the browser and flash close, cleared cache, reopened browser, and no further problems.

A day or so later I couldn't get my computer out of sleep-mode, the lights on the keyboard were out (this is nothing new, it's a custom build so I get driver/hardware hiccups) so I just rebooted it.
Maybe 10 mins goes by after startup and I get an "flash player install" update window pop-up, most of the time I ignore these, but what the hey allowed update. It looked legit, had the same font color scheme, update bar checked to see if Chrome was installed, etc. like actual Adobe flash update/install. 5 mins later, my HDD starts making heavy read/write sounds and AVG informs me it has blocked it saying the application was malware and relocates to virus vault.
INSTALL_FLASHPLAYER11X32_CHRA_AU_AIH.EXE
10 processes terminated
22 files deleted
4 registry keys deleted.

I immediately go to safemode.
Scanned with SpybotS&D, no results.
ran AVG, no infection aside from the one in the virus vault.
Tried to fullscan MBAW, but wouldn't open due to 'runtime 5 error'(if that didn't raise an eyebrow). Run MBAW-clean.exe and re-installed, ran in safe mode no infections found.

it's still in my AVG Virus Vault
My computer exhibits no signs of further problems, nothing is slow or fake websites, popups etc.
However, today whilst image searching in Google, MBAW said it blocked access to a site I tabbed open, though I don't know if this is directly related to the one in the virus vault or just the sketchy links Google images occasionally yields. I was already suspicious with the MBAW run time 5 error, but the potential site block convinced me to come here.

I just want to make sure my system doesn't suddenly spiral into a bad place.

Thank you again

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:20 PM

Posted 27 August 2012 - 12:26 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 BK06

BK06
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 27 August 2012 - 09:54 PM

15:00:00.0042 4540 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
15:00:00.0323 4540 ============================================================
15:00:00.0323 4540 Current date / time: 2012/08/27 15:00:00.0323
15:00:00.0323 4540 SystemInfo:
15:00:00.0323 4540
15:00:00.0323 4540 OS Version: 6.1.7601 ServicePack: 1.0
15:00:00.0323 4540 Product type: Workstation
15:00:00.0323 4540 ComputerName: KAISERTEMPEST
15:00:00.0323 4540 UserName: Magos Matt
15:00:00.0323 4540 Windows directory: C:\Windows
15:00:00.0323 4540 System windows directory: C:\Windows
15:00:00.0323 4540 Running under WOW64
15:00:00.0323 4540 Processor architecture: Intel x64
15:00:00.0323 4540 Number of processors: 4
15:00:00.0323 4540 Page size: 0x1000
15:00:00.0323 4540 Boot type: Normal boot
15:00:00.0323 4540 ============================================================
15:00:01.0820 4540 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:00:01.0820 4540 ============================================================
15:00:01.0820 4540 \Device\Harddisk0\DR0:
15:00:01.0820 4540 MBR partitions:
15:00:01.0820 4540 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:00:01.0820 4540 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4A825000
15:00:01.0820 4540 ============================================================
15:00:01.0851 4540 C: <-> \Device\Harddisk0\DR0\Partition2
15:00:01.0851 4540 ============================================================
15:00:01.0851 4540 Initialize success
15:00:01.0851 4540 ============================================================
15:00:35.0298 4932 ============================================================
15:00:35.0298 4932 Scan started
15:00:35.0298 4932 Mode: Manual; TDLFS;
15:00:35.0298 4932 ============================================================
15:00:36.0359 4932 ================ Scan system memory ========================
15:00:36.0359 4932 System memory - ok
15:00:36.0359 4932 ================ Scan services =============================
15:00:36.0515 4932 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:00:36.0530 4932 1394ohci - ok
15:00:36.0562 4932 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:00:36.0577 4932 ACPI - ok
15:00:36.0608 4932 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:00:36.0608 4932 AcpiPmi - ok
15:00:36.0718 4932 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
15:00:36.0718 4932 AdobeActiveFileMonitor6.0 - ok
15:00:36.0764 4932 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:00:36.0764 4932 adp94xx - ok
15:00:36.0796 4932 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:00:36.0796 4932 adpahci - ok
15:00:36.0827 4932 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:00:36.0827 4932 adpu320 - ok
15:00:36.0874 4932 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:00:36.0874 4932 AeLookupSvc - ok
15:00:36.0905 4932 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:00:36.0905 4932 AFD - ok
15:00:36.0936 4932 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:00:36.0952 4932 agp440 - ok
15:00:36.0983 4932 [ BC569A6C209D94F6643EE35710AEC1F6 ] aksdf C:\Windows\system32\DRIVERS\aksdf.sys
15:00:36.0983 4932 aksdf - ok
15:00:36.0983 4932 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:00:36.0983 4932 ALG - ok
15:00:36.0998 4932 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:00:36.0998 4932 aliide - ok
15:00:37.0045 4932 [ 9C616BA191B80F5CD1A1B9553E107100 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:00:37.0061 4932 AMD External Events Utility - ok
15:00:37.0092 4932 AMD FUEL Service - ok
15:00:37.0123 4932 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:00:37.0123 4932 amdide - ok
15:00:37.0154 4932 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
15:00:37.0154 4932 amdiox64 - ok
15:00:37.0170 4932 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:00:37.0170 4932 AmdK8 - ok
15:00:37.0373 4932 [ 5165E83751B8FF40E5E4925996FCC506 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:00:37.0638 4932 amdkmdag - ok
15:00:37.0669 4932 [ 86AB3CF484260C4318F3A6E8B035F422 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:00:37.0685 4932 amdkmdap - ok
15:00:37.0700 4932 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:00:37.0700 4932 AmdPPM - ok
15:00:37.0716 4932 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:00:37.0716 4932 amdsata - ok
15:00:37.0747 4932 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:00:37.0747 4932 amdsbs - ok
15:00:37.0747 4932 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:00:37.0747 4932 amdxata - ok
15:00:37.0794 4932 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:00:37.0794 4932 AODDriver4.01 - ok
15:00:37.0810 4932 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:00:37.0810 4932 AODDriver4.1 - ok
15:00:37.0841 4932 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:00:37.0841 4932 AppID - ok
15:00:37.0856 4932 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:00:37.0872 4932 AppIDSvc - ok
15:00:37.0903 4932 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:00:37.0903 4932 Appinfo - ok
15:00:37.0934 4932 [ 43DC4FC662DF064535E30B17C8B5AB00 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
15:00:37.0934 4932 Apple Mobile Device - ok
15:00:37.0966 4932 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:00:37.0966 4932 arc - ok
15:00:37.0981 4932 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:00:37.0981 4932 arcsas - ok
15:00:37.0997 4932 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:00:37.0997 4932 AsyncMac - ok
15:00:38.0028 4932 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:00:38.0028 4932 atapi - ok
15:00:38.0075 4932 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:00:38.0075 4932 AtiHDAudioService - ok
15:00:38.0106 4932 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
15:00:38.0106 4932 AtiHdmiService - ok
15:00:38.0153 4932 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:00:38.0153 4932 AudioEndpointBuilder - ok
15:00:38.0168 4932 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:00:38.0184 4932 AudioSrv - ok
15:00:38.0356 4932 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
15:00:38.0387 4932 AVGIDSAgent - ok
15:00:38.0418 4932 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
15:00:38.0418 4932 AVGIDSDriver - ok
15:00:38.0449 4932 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
15:00:38.0449 4932 AVGIDSFilter - ok
15:00:38.0512 4932 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
15:00:38.0512 4932 AVGIDSHA - ok
15:00:38.0543 4932 [ 59955B4C288DD2A8B9FD2CD5158355C5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
15:00:38.0558 4932 Avgldx64 - ok
15:00:38.0590 4932 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
15:00:38.0590 4932 Avgmfx64 - ok
15:00:38.0621 4932 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
15:00:38.0636 4932 Avgrkx64 - ok
15:00:38.0652 4932 [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
15:00:38.0652 4932 Avgtdia - ok
15:00:38.0683 4932 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
15:00:38.0683 4932 avgwd - ok
15:00:38.0730 4932 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:00:38.0730 4932 AxInstSV - ok
15:00:38.0761 4932 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:00:38.0761 4932 b06bdrv - ok
15:00:38.0792 4932 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:00:38.0792 4932 b57nd60a - ok
15:00:38.0839 4932 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:00:38.0839 4932 BDESVC - ok
15:00:38.0855 4932 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:00:38.0855 4932 Beep - ok
15:00:38.0917 4932 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:00:38.0933 4932 BFE - ok
15:00:38.0995 4932 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:00:39.0026 4932 BITS - ok
15:00:39.0042 4932 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:00:39.0042 4932 blbdrive - ok
15:00:39.0073 4932 [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
15:00:39.0073 4932 Bonjour Service - ok
15:00:39.0120 4932 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:00:39.0120 4932 bowser - ok
15:00:39.0120 4932 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:00:39.0136 4932 BrFiltLo - ok
15:00:39.0136 4932 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:00:39.0136 4932 BrFiltUp - ok
15:00:39.0167 4932 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:00:39.0167 4932 Browser - ok
15:00:39.0182 4932 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:00:39.0182 4932 Brserid - ok
15:00:39.0198 4932 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:00:39.0198 4932 BrSerWdm - ok
15:00:39.0198 4932 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:00:39.0198 4932 BrUsbMdm - ok
15:00:39.0214 4932 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:00:39.0214 4932 BrUsbSer - ok
15:00:39.0214 4932 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:00:39.0214 4932 BTHMODEM - ok
15:00:39.0229 4932 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:00:39.0229 4932 bthserv - ok
15:00:39.0245 4932 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:00:39.0245 4932 cdfs - ok
15:00:39.0276 4932 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
15:00:39.0276 4932 cdrom - ok
15:00:39.0307 4932 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:00:39.0307 4932 CertPropSvc - ok
15:00:39.0338 4932 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:00:39.0338 4932 circlass - ok
15:00:39.0354 4932 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:00:39.0370 4932 CLFS - ok
15:00:39.0401 4932 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:00:39.0416 4932 clr_optimization_v2.0.50727_32 - ok
15:00:39.0448 4932 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:00:39.0463 4932 clr_optimization_v2.0.50727_64 - ok
15:00:39.0526 4932 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:00:39.0541 4932 clr_optimization_v4.0.30319_32 - ok
15:00:39.0588 4932 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:00:39.0588 4932 clr_optimization_v4.0.30319_64 - ok
15:00:39.0604 4932 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:00:39.0604 4932 CmBatt - ok
15:00:39.0650 4932 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:00:39.0666 4932 cmdide - ok
15:00:39.0697 4932 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:00:39.0713 4932 CNG - ok
15:00:39.0728 4932 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:00:39.0728 4932 Compbatt - ok
15:00:39.0760 4932 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:00:39.0775 4932 CompositeBus - ok
15:00:39.0775 4932 COMSysApp - ok
15:00:39.0791 4932 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:00:39.0791 4932 crcdisk - ok
15:00:39.0838 4932 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:00:39.0838 4932 CryptSvc - ok
15:00:39.0884 4932 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:00:39.0900 4932 DcomLaunch - ok
15:00:39.0931 4932 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:00:39.0947 4932 defragsvc - ok
15:00:39.0978 4932 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:00:39.0978 4932 DfsC - ok
15:00:40.0009 4932 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:00:40.0009 4932 Dhcp - ok
15:00:40.0025 4932 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:00:40.0025 4932 discache - ok
15:00:40.0040 4932 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:00:40.0040 4932 Disk - ok
15:00:40.0087 4932 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:00:40.0087 4932 Dnscache - ok
15:00:40.0134 4932 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:00:40.0134 4932 dot3svc - ok
15:00:40.0165 4932 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:00:40.0181 4932 DPS - ok
15:00:40.0196 4932 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:00:40.0212 4932 drmkaud - ok
15:00:40.0259 4932 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:00:40.0274 4932 DXGKrnl - ok
15:00:40.0290 4932 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:00:40.0290 4932 EapHost - ok
15:00:40.0368 4932 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:00:40.0430 4932 ebdrv - ok
15:00:40.0462 4932 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:00:40.0462 4932 EFS - ok
15:00:40.0493 4932 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:00:40.0508 4932 ehRecvr - ok
15:00:40.0540 4932 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:00:40.0540 4932 ehSched - ok
15:00:40.0586 4932 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:00:40.0586 4932 elxstor - ok
15:00:40.0618 4932 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:00:40.0633 4932 ErrDev - ok
15:00:40.0664 4932 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:00:40.0680 4932 EventSystem - ok
15:00:40.0696 4932 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:00:40.0696 4932 exfat - ok
15:00:40.0711 4932 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:00:40.0711 4932 fastfat - ok
15:00:40.0758 4932 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:00:40.0774 4932 Fax - ok
15:00:40.0774 4932 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:00:40.0789 4932 fdc - ok
15:00:40.0789 4932 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:00:40.0805 4932 fdPHost - ok
15:00:40.0805 4932 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:00:40.0805 4932 FDResPub - ok
15:00:40.0820 4932 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:00:40.0820 4932 FileInfo - ok
15:00:40.0836 4932 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:00:40.0836 4932 Filetrace - ok
15:00:40.0898 4932 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:00:40.0914 4932 FLEXnet Licensing Service - ok
15:00:40.0914 4932 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:00:40.0930 4932 flpydisk - ok
15:00:40.0961 4932 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:00:40.0961 4932 FltMgr - ok
15:00:41.0008 4932 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:00:41.0023 4932 FontCache - ok
15:00:41.0086 4932 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:00:41.0086 4932 FontCache3.0.0.0 - ok
15:00:41.0101 4932 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:00:41.0101 4932 FsDepends - ok
15:00:41.0132 4932 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:00:41.0132 4932 Fs_Rec - ok
15:00:41.0179 4932 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:00:41.0179 4932 fvevol - ok
15:00:41.0210 4932 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:00:41.0210 4932 gagp30kx - ok
15:00:41.0242 4932 [ D279181E1CF2D85D31CDCFFD56B16795 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:00:41.0242 4932 GEARAspiWDM - ok
15:00:41.0273 4932 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:00:41.0288 4932 gpsvc - ok
15:00:41.0335 4932 [ D8BF3C594BD17A37960362E6C6739B90 ] Hardlock C:\Windows\system32\drivers\hardlock.sys
15:00:41.0335 4932 Hardlock - ok
15:00:41.0351 4932 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:00:41.0351 4932 hcw85cir - ok
15:00:41.0382 4932 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:00:41.0398 4932 HdAudAddService - ok
15:00:41.0413 4932 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:00:41.0413 4932 HDAudBus - ok
15:00:41.0413 4932 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:00:41.0413 4932 HidBatt - ok
15:00:41.0413 4932 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:00:41.0413 4932 HidBth - ok
15:00:41.0429 4932 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:00:41.0429 4932 HidIr - ok
15:00:41.0460 4932 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:00:41.0460 4932 hidserv - ok
15:00:41.0491 4932 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:00:41.0491 4932 HidUsb - ok
15:00:41.0522 4932 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:00:41.0522 4932 hkmsvc - ok
15:00:41.0569 4932 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:00:41.0585 4932 HomeGroupListener - ok
15:00:41.0600 4932 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:00:41.0600 4932 HomeGroupProvider - ok
15:00:41.0632 4932 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:00:41.0632 4932 HpSAMD - ok
15:00:41.0678 4932 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:00:41.0694 4932 HTTP - ok
15:00:41.0725 4932 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:00:41.0725 4932 hwpolicy - ok
15:00:41.0756 4932 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:00:41.0756 4932 i8042prt - ok
15:00:41.0788 4932 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:00:41.0803 4932 iaStorV - ok
15:00:41.0850 4932 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:00:41.0866 4932 idsvc - ok
15:00:41.0881 4932 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:00:41.0881 4932 iirsp - ok
15:00:41.0928 4932 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:00:41.0944 4932 IKEEXT - ok
15:00:41.0975 4932 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:00:41.0975 4932 intelide - ok
15:00:42.0006 4932 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:00:42.0006 4932 intelppm - ok
15:00:42.0037 4932 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:00:42.0037 4932 IPBusEnum - ok
15:00:42.0068 4932 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:00:42.0068 4932 IpFilterDriver - ok
15:00:42.0115 4932 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:00:42.0131 4932 iphlpsvc - ok
15:00:42.0162 4932 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:00:42.0162 4932 IPMIDRV - ok
15:00:42.0178 4932 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:00:42.0193 4932 IPNAT - ok
15:00:42.0224 4932 [ F055C1760ABFA52B159985E551EA0EDC ] iPod Service C:\Program Files (x86)\iPod\bin\iPodService.exe
15:00:42.0240 4932 iPod Service - ok
15:00:42.0256 4932 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:00:42.0256 4932 IRENUM - ok
15:00:42.0271 4932 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:00:42.0271 4932 isapnp - ok
15:00:42.0302 4932 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:00:42.0302 4932 iScsiPrt - ok
15:00:42.0334 4932 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:00:42.0334 4932 kbdclass - ok
15:00:42.0365 4932 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:00:42.0365 4932 kbdhid - ok
15:00:42.0380 4932 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:00:42.0380 4932 KeyIso - ok
15:00:42.0412 4932 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:00:42.0412 4932 KSecDD - ok
15:00:42.0443 4932 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:00:42.0458 4932 KSecPkg - ok
15:00:42.0474 4932 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:00:42.0474 4932 ksthunk - ok
15:00:42.0505 4932 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:00:42.0505 4932 KtmRm - ok
15:00:42.0536 4932 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:00:42.0536 4932 LanmanServer - ok
15:00:42.0568 4932 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:00:42.0568 4932 LanmanWorkstation - ok
15:00:42.0599 4932 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:00:42.0599 4932 lltdio - ok
15:00:42.0630 4932 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:00:42.0630 4932 lltdsvc - ok
15:00:42.0646 4932 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:00:42.0646 4932 lmhosts - ok
15:00:42.0661 4932 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:00:42.0677 4932 LSI_FC - ok
15:00:42.0692 4932 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:00:42.0692 4932 LSI_SAS - ok
15:00:42.0692 4932 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:00:42.0708 4932 LSI_SAS2 - ok
15:00:42.0708 4932 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:00:42.0724 4932 LSI_SCSI - ok
15:00:42.0724 4932 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:00:42.0739 4932 luafv - ok
15:00:42.0770 4932 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:00:42.0770 4932 MBAMProtector - ok
15:00:42.0817 4932 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:00:42.0817 4932 MBAMService - ok
15:00:42.0848 4932 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:00:42.0848 4932 Mcx2Svc - ok
15:00:42.0864 4932 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:00:42.0864 4932 megasas - ok
15:00:42.0895 4932 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:00:42.0895 4932 MegaSR - ok
15:00:42.0926 4932 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:00:42.0926 4932 MMCSS - ok
15:00:42.0942 4932 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:00:42.0942 4932 Modem - ok
15:00:42.0958 4932 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:00:42.0958 4932 monitor - ok
15:00:42.0958 4932 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:00:42.0958 4932 mouclass - ok
15:00:42.0973 4932 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:00:42.0973 4932 mouhid - ok
15:00:43.0004 4932 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:00:43.0004 4932 mountmgr - ok
15:00:43.0051 4932 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:00:43.0051 4932 MozillaMaintenance - ok
15:00:43.0098 4932 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:00:43.0098 4932 mpio - ok
15:00:43.0129 4932 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:00:43.0129 4932 mpsdrv - ok
15:00:43.0176 4932 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:00:43.0207 4932 MpsSvc - ok
15:00:43.0238 4932 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:00:43.0238 4932 MRxDAV - ok
15:00:43.0270 4932 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:00:43.0270 4932 mrxsmb - ok
15:00:43.0301 4932 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:00:43.0316 4932 mrxsmb10 - ok
15:00:43.0316 4932 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:00:43.0332 4932 mrxsmb20 - ok
15:00:43.0348 4932 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:00:43.0348 4932 msahci - ok
15:00:43.0363 4932 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:00:43.0363 4932 msdsm - ok
15:00:43.0394 4932 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:00:43.0394 4932 MSDTC - ok
15:00:43.0426 4932 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:00:43.0426 4932 Msfs - ok
15:00:43.0441 4932 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:00:43.0441 4932 mshidkmdf - ok
15:00:43.0472 4932 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:00:43.0472 4932 msisadrv - ok
15:00:43.0488 4932 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:00:43.0488 4932 MSiSCSI - ok
15:00:43.0504 4932 msiserver - ok
15:00:43.0519 4932 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:00:43.0519 4932 MSKSSRV - ok
15:00:43.0535 4932 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:00:43.0535 4932 MSPCLOCK - ok
15:00:43.0535 4932 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:00:43.0535 4932 MSPQM - ok
15:00:43.0582 4932 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:00:43.0582 4932 MsRPC - ok
15:00:43.0597 4932 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:00:43.0597 4932 mssmbios - ok
15:00:43.0613 4932 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:00:43.0613 4932 MSTEE - ok
15:00:43.0613 4932 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:00:43.0613 4932 MTConfig - ok
15:00:43.0644 4932 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:00:43.0644 4932 Mup - ok
15:00:43.0675 4932 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:00:43.0691 4932 napagent - ok
15:00:43.0722 4932 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:00:43.0738 4932 NativeWifiP - ok
15:00:43.0769 4932 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
15:00:43.0800 4932 NDIS - ok
15:00:43.0816 4932 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:00:43.0816 4932 NdisCap - ok
15:00:43.0831 4932 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:00:43.0831 4932 NdisTapi - ok
15:00:43.0862 4932 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:00:43.0862 4932 Ndisuio - ok
15:00:43.0894 4932 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:00:43.0909 4932 NdisWan - ok
15:00:43.0940 4932 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:00:43.0940 4932 NDProxy - ok
15:00:43.0956 4932 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:00:43.0956 4932 NetBIOS - ok
15:00:44.0003 4932 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:00:44.0003 4932 NetBT - ok
15:00:44.0018 4932 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:00:44.0018 4932 Netlogon - ok
15:00:44.0050 4932 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:00:44.0050 4932 Netman - ok
15:00:44.0065 4932 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:00:44.0081 4932 netprofm - ok
15:00:44.0096 4932 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:00:44.0096 4932 NetTcpPortSharing - ok
15:00:44.0112 4932 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:00:44.0112 4932 nfrd960 - ok
15:00:44.0159 4932 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:00:44.0159 4932 NlaSvc - ok
15:00:44.0174 4932 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:00:44.0174 4932 Npfs - ok
15:00:44.0190 4932 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:00:44.0190 4932 nsi - ok
15:00:44.0206 4932 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:00:44.0206 4932 nsiproxy - ok
15:00:44.0268 4932 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:00:44.0299 4932 Ntfs - ok
15:00:44.0299 4932 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:00:44.0315 4932 Null - ok
15:00:44.0330 4932 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:00:44.0346 4932 nvraid - ok
15:00:44.0362 4932 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:00:44.0377 4932 nvstor - ok
15:00:44.0408 4932 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:00:44.0424 4932 nv_agp - ok
15:00:44.0455 4932 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:00:44.0455 4932 ohci1394 - ok
15:00:44.0486 4932 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:00:44.0486 4932 p2pimsvc - ok
15:00:44.0518 4932 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:00:44.0518 4932 p2psvc - ok
15:00:44.0533 4932 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:00:44.0549 4932 Parport - ok
15:00:44.0580 4932 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:00:44.0580 4932 partmgr - ok
15:00:44.0596 4932 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:00:44.0596 4932 PcaSvc - ok
15:00:44.0627 4932 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:00:44.0627 4932 pci - ok
15:00:44.0642 4932 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:00:44.0642 4932 pciide - ok
15:00:44.0658 4932 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:00:44.0658 4932 pcmcia - ok
15:00:44.0674 4932 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:00:44.0674 4932 pcw - ok
15:00:44.0689 4932 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:00:44.0705 4932 PEAUTH - ok
15:00:44.0798 4932 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:00:44.0798 4932 PerfHost - ok
15:00:44.0876 4932 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:00:44.0908 4932 pla - ok
15:00:44.0939 4932 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:00:44.0939 4932 PlugPlay - ok
15:00:44.0970 4932 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:00:44.0970 4932 PNRPAutoReg - ok
15:00:44.0970 4932 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:00:44.0986 4932 PNRPsvc - ok
15:00:45.0001 4932 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:00:45.0017 4932 PolicyAgent - ok
15:00:45.0048 4932 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:00:45.0048 4932 Power - ok
15:00:45.0079 4932 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:00:45.0079 4932 PptpMiniport - ok
15:00:45.0095 4932 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:00:45.0095 4932 Processor - ok
15:00:45.0126 4932 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:00:45.0126 4932 ProfSvc - ok
15:00:45.0126 4932 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:00:45.0142 4932 ProtectedStorage - ok
15:00:45.0188 4932 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\SysWOW64\PSIService.exe
15:00:45.0188 4932 ProtexisLicensing - ok
15:00:45.0235 4932 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:00:45.0235 4932 Psched - ok
15:00:45.0251 4932 [ A6BF0A9B5A30D743623CA0D3BE35DF05 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:00:45.0266 4932 PxHlpa64 - ok
15:00:45.0298 4932 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:00:45.0329 4932 ql2300 - ok
15:00:45.0344 4932 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:00:45.0344 4932 ql40xx - ok
15:00:45.0376 4932 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:00:45.0391 4932 QWAVE - ok
15:00:45.0407 4932 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:00:45.0407 4932 QWAVEdrv - ok
15:00:45.0407 4932 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:00:45.0422 4932 RasAcd - ok
15:00:45.0438 4932 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:00:45.0438 4932 RasAgileVpn - ok
15:00:45.0454 4932 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:00:45.0454 4932 RasAuto - ok
15:00:45.0485 4932 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:00:45.0485 4932 Rasl2tp - ok
15:00:45.0532 4932 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:00:45.0547 4932 RasMan - ok
15:00:45.0563 4932 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:00:45.0563 4932 RasPppoe - ok
15:00:45.0578 4932 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:00:45.0578 4932 RasSstp - ok
15:00:45.0610 4932 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:00:45.0610 4932 rdbss - ok
15:00:45.0625 4932 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:00:45.0625 4932 rdpbus - ok
15:00:45.0641 4932 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:00:45.0641 4932 RDPCDD - ok
15:00:45.0656 4932 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:00:45.0656 4932 RDPENCDD - ok
15:00:45.0672 4932 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:00:45.0672 4932 RDPREFMP - ok
15:00:45.0703 4932 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:00:45.0703 4932 RDPWD - ok
15:00:45.0719 4932 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:00:45.0734 4932 rdyboost - ok
15:00:45.0750 4932 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:00:45.0750 4932 RemoteAccess - ok
15:00:45.0766 4932 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:00:45.0766 4932 RemoteRegistry - ok
15:00:45.0781 4932 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:00:45.0781 4932 RpcEptMapper - ok
15:00:45.0797 4932 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:00:45.0797 4932 RpcLocator - ok
15:00:45.0828 4932 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:00:45.0844 4932 RpcSs - ok
15:00:45.0859 4932 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:00:45.0859 4932 rspndr - ok
15:00:45.0906 4932 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:00:45.0906 4932 RTL8167 - ok
15:00:45.0922 4932 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:00:45.0922 4932 SamSs - ok
15:00:45.0953 4932 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:00:45.0953 4932 sbp2port - ok
15:00:46.0062 4932 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
15:00:46.0078 4932 SBSDWSCService - ok
15:00:46.0093 4932 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:00:46.0093 4932 SCardSvr - ok
15:00:46.0124 4932 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:00:46.0124 4932 scfilter - ok
15:00:46.0187 4932 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:00:46.0218 4932 Schedule - ok
15:00:46.0249 4932 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:00:46.0265 4932 SCPolicySvc - ok
15:00:46.0296 4932 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:00:46.0312 4932 SDRSVC - ok
15:00:46.0327 4932 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:00:46.0327 4932 secdrv - ok
15:00:46.0358 4932 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:00:46.0374 4932 seclogon - ok
15:00:46.0374 4932 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:00:46.0374 4932 SENS - ok
15:00:46.0405 4932 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:00:46.0405 4932 SensrSvc - ok
15:00:46.0421 4932 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:00:46.0421 4932 Serenum - ok
15:00:46.0436 4932 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:00:46.0436 4932 Serial - ok
15:00:46.0468 4932 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:00:46.0468 4932 sermouse - ok
15:00:46.0514 4932 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:00:46.0530 4932 SessionEnv - ok
15:00:46.0561 4932 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:00:46.0561 4932 sffdisk - ok
15:00:46.0561 4932 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:00:46.0561 4932 sffp_mmc - ok
15:00:46.0577 4932 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:00:46.0592 4932 sffp_sd - ok
15:00:46.0608 4932 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:00:46.0608 4932 sfloppy - ok
15:00:46.0624 4932 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:00:46.0624 4932 SharedAccess - ok
15:00:46.0670 4932 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:00:46.0670 4932 ShellHWDetection - ok
15:00:46.0686 4932 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:00:46.0686 4932 SiSRaid2 - ok
15:00:46.0702 4932 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:00:46.0702 4932 SiSRaid4 - ok
15:00:46.0780 4932 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:00:46.0780 4932 SkypeUpdate - ok
15:00:46.0811 4932 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:00:46.0811 4932 Smb - ok
15:00:46.0826 4932 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:00:46.0842 4932 SNMPTRAP - ok
15:00:46.0842 4932 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:00:46.0842 4932 spldr - ok
15:00:46.0889 4932 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:00:46.0889 4932 Spooler - ok
15:00:46.0998 4932 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:00:47.0014 4932 sppsvc - ok
15:00:47.0029 4932 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:00:47.0029 4932 sppuinotify - ok
15:00:47.0060 4932 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:00:47.0060 4932 srv - ok
15:00:47.0076 4932 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:00:47.0092 4932 srv2 - ok
15:00:47.0092 4932 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:00:47.0092 4932 srvnet - ok
15:00:47.0107 4932 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:00:47.0123 4932 SSDPSRV - ok
15:00:47.0138 4932 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:00:47.0138 4932 SstpSvc - ok
15:00:47.0154 4932 Steam Client Service - ok
15:00:47.0170 4932 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:00:47.0185 4932 stexstor - ok
15:00:47.0232 4932 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:00:47.0248 4932 stisvc - ok
15:00:47.0279 4932 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:00:47.0279 4932 swenum - ok
15:00:47.0310 4932 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:00:47.0326 4932 swprv - ok
15:00:47.0388 4932 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:00:47.0419 4932 SysMain - ok
15:00:47.0435 4932 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:00:47.0450 4932 TabletInputService - ok
15:00:47.0669 4932 [ C4C20CFA4F42E9B7454E895C5C47BCD3 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
15:00:47.0700 4932 TabletServicePen - ok
15:00:47.0716 4932 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:00:47.0716 4932 TapiSrv - ok
15:00:47.0731 4932 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:00:47.0731 4932 TBS - ok
15:00:47.0809 4932 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:00:47.0872 4932 Tcpip - ok
15:00:47.0903 4932 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:00:47.0918 4932 TCPIP6 - ok
15:00:47.0950 4932 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:00:47.0950 4932 tcpipreg - ok
15:00:47.0965 4932 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:00:47.0965 4932 TDPIPE - ok
15:00:47.0996 4932 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:00:47.0996 4932 TDTCP - ok
15:00:48.0028 4932 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:00:48.0028 4932 tdx - ok
15:00:48.0043 4932 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:00:48.0059 4932 TermDD - ok
15:00:48.0090 4932 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:00:48.0090 4932 TermService - ok
15:00:48.0106 4932 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:00:48.0106 4932 Themes - ok
15:00:48.0121 4932 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:00:48.0121 4932 THREADORDER - ok
15:00:48.0184 4932 [ 7625DCF246E488E523DC1F64C38ABDA2 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
15:00:48.0199 4932 TouchServicePen - ok
15:00:48.0215 4932 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:00:48.0215 4932 TrkWks - ok
15:00:48.0277 4932 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:00:48.0277 4932 TrustedInstaller - ok
15:00:48.0324 4932 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:00:48.0324 4932 tssecsrv - ok
15:00:48.0355 4932 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:00:48.0355 4932 TsUsbFlt - ok
15:00:48.0402 4932 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:00:48.0402 4932 tunnel - ok
15:00:48.0402 4932 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:00:48.0418 4932 uagp35 - ok
15:00:48.0449 4932 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:00:48.0449 4932 udfs - ok
15:00:48.0496 4932 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:00:48.0496 4932 UI0Detect - ok
15:00:48.0511 4932 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:00:48.0511 4932 uliagpkx - ok
15:00:48.0558 4932 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:00:48.0558 4932 umbus - ok
15:00:48.0574 4932 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:00:48.0574 4932 UmPass - ok
15:00:48.0589 4932 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:00:48.0589 4932 upnphost - ok
15:00:48.0620 4932 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:00:48.0620 4932 usbccgp - ok
15:00:48.0667 4932 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:00:48.0667 4932 usbcir - ok
15:00:48.0683 4932 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:00:48.0683 4932 usbehci - ok
15:00:48.0714 4932 [ 68BAD03835873D4BBBDE95CBB135A395 ] UsbFltr C:\Windows\system32\Drivers\UsbFltr.sys
15:00:48.0714 4932 UsbFltr - ok
15:00:48.0745 4932 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:00:48.0761 4932 usbhub - ok
15:00:48.0761 4932 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:00:48.0761 4932 usbohci - ok
15:00:48.0776 4932 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:00:48.0776 4932 usbprint - ok
15:00:48.0808 4932 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:00:48.0808 4932 usbscan - ok
15:00:48.0823 4932 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:00:48.0823 4932 USBSTOR - ok
15:00:48.0854 4932 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:00:48.0854 4932 usbuhci - ok
15:00:48.0870 4932 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:00:48.0886 4932 UxSms - ok
15:00:48.0886 4932 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:00:48.0886 4932 VaultSvc - ok
15:00:48.0917 4932 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:00:48.0917 4932 vdrvroot - ok
15:00:48.0948 4932 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:00:48.0964 4932 vds - ok
15:00:48.0995 4932 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:00:48.0995 4932 vga - ok
15:00:49.0010 4932 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:00:49.0010 4932 VgaSave - ok
15:00:49.0042 4932 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:00:49.0042 4932 vhdmp - ok
15:00:49.0057 4932 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:00:49.0057 4932 viaide - ok
15:00:49.0073 4932 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:00:49.0088 4932 volmgr - ok
15:00:49.0120 4932 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:00:49.0120 4932 volmgrx - ok
15:00:49.0135 4932 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:00:49.0135 4932 volsnap - ok
15:00:49.0166 4932 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:00:49.0166 4932 vsmraid - ok
15:00:49.0276 4932 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:00:49.0307 4932 VSS - ok
15:00:49.0416 4932 [ 8ED347BAD8D1FB7C40B593BFB01786D2 ] vToolbarUpdater11.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
15:00:49.0432 4932 vToolbarUpdater11.2.0 - ok
15:00:49.0447 4932 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:00:49.0447 4932 vwifibus - ok
15:00:49.0478 4932 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:00:49.0494 4932 W32Time - ok
15:00:49.0525 4932 [ FE75777289278A4941FE6139E82B3BD9 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
15:00:49.0541 4932 wacmoumonitor - ok
15:00:49.0572 4932 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
15:00:49.0572 4932 wacommousefilter - ok
15:00:49.0588 4932 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:00:49.0588 4932 WacomPen - ok
15:00:49.0619 4932 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
15:00:49.0619 4932 wacomvhid - ok
15:00:49.0619 4932 WacomVKHid - ok
15:00:49.0634 4932 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:00:49.0650 4932 WANARP - ok
15:00:49.0666 4932 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:00:49.0666 4932 Wanarpv6 - ok
15:00:49.0728 4932 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:00:49.0759 4932 WatAdminSvc - ok
15:00:49.0837 4932 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:00:49.0868 4932 wbengine - ok
15:00:49.0884 4932 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:00:49.0884 4932 WbioSrvc - ok
15:00:49.0915 4932 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:00:49.0915 4932 wcncsvc - ok
15:00:49.0931 4932 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:00:49.0931 4932 WcsPlugInService - ok
15:00:49.0946 4932 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:00:49.0946 4932 Wd - ok
15:00:49.0962 4932 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:00:49.0978 4932 Wdf01000 - ok
15:00:49.0993 4932 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:00:49.0993 4932 WdiServiceHost - ok
15:00:49.0993 4932 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:00:49.0993 4932 WdiSystemHost - ok
15:00:50.0040 4932 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:00:50.0040 4932 WebClient - ok
15:00:50.0056 4932 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:00:50.0056 4932 Wecsvc - ok
15:00:50.0071 4932 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:00:50.0071 4932 wercplsupport - ok
15:00:50.0087 4932 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:00:50.0102 4932 WerSvc - ok
15:00:50.0118 4932 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:00:50.0118 4932 WfpLwf - ok
15:00:50.0134 4932 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:00:50.0134 4932 WIMMount - ok
15:00:50.0149 4932 WinDefend - ok
15:00:50.0149 4932 WinHttpAutoProxySvc - ok
15:00:50.0180 4932 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:00:50.0180 4932 Winmgmt - ok
15:00:50.0258 4932 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:00:50.0290 4932 WinRM - ok
15:00:50.0336 4932 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:00:50.0336 4932 Wlansvc - ok
15:00:50.0368 4932 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:00:50.0368 4932 WmiAcpi - ok
15:00:50.0383 4932 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:00:50.0383 4932 wmiApSrv - ok
15:00:50.0399 4932 WMPNetworkSvc - ok
15:00:50.0414 4932 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:00:50.0414 4932 WPCSvc - ok
15:00:50.0446 4932 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:00:50.0446 4932 WPDBusEnum - ok
15:00:50.0461 4932 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:00:50.0461 4932 ws2ifsl - ok
15:00:50.0477 4932 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:00:50.0477 4932 wscsvc - ok
15:00:50.0477 4932 WSearch - ok
15:00:50.0570 4932 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:00:50.0602 4932 wuauserv - ok
15:00:50.0617 4932 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:00:50.0617 4932 WudfPf - ok
15:00:50.0664 4932 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:00:50.0680 4932 WUDFRd - ok
15:00:50.0711 4932 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:00:50.0711 4932 wudfsvc - ok
15:00:50.0726 4932 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:00:50.0726 4932 WwanSvc - ok
15:00:50.0742 4932 ================ Scan global ===============================
15:00:50.0773 4932 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:00:50.0789 4932 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:00:50.0804 4932 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:00:50.0836 4932 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:00:50.0851 4932 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:00:50.0851 4932 [Global] - ok
15:00:50.0851 4932 ================ Scan MBR ==================================
15:00:50.0867 4932 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:00:51.0163 4932 \Device\Harddisk0\DR0 - ok
15:00:51.0163 4932 ================ Scan VBR ==================================
15:00:51.0179 4932 [ A266A70CD02DA5D2DD88C9816DC941E2 ] \Device\Harddisk0\DR0\Partition1
15:00:51.0179 4932 \Device\Harddisk0\DR0\Partition1 - ok
15:00:51.0194 4932 [ 617989F29A9DC4700E1405002C948E1B ] \Device\Harddisk0\DR0\Partition2
15:00:51.0194 4932 \Device\Harddisk0\DR0\Partition2 - ok
15:00:51.0194 4932 ============================================================
15:00:51.0194 4932 Scan finished
15:00:51.0194 4932 ============================================================
15:00:51.0210 4920 Detected object count: 0
15:00:51.0210 4920 Actual detected object count: 0
15:01:29.0249 1892 Deinitialize success

the aswMBR scan is imcomplete the scan stalled at one file, anything I can do to get a finished scan?
it generated this as well as the report:
3м |ؾ |  Ph ~ |V UFF AU]rUu  tFf`~ t&fh fvh h |h h BV  |V vNnfasNu ~  U2V ]>}Uunv  ud `| du f#u;fTCPAu2r,fh fh  fh fSfSfUfh fh | fah Z2 | 2 < t  +d $$Invalid partition table Error loading operating system Missing operating system c{Nu)d !      ( PJ U

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-27 17:05:51
-----------------------------
17:05:51.811 OS Version: Windows x64 6.1.7601 Service Pack 1
17:05:51.811 Number of processors: 4 586 0x502
17:05:51.814 ComputerName: KAISERTEMPEST UserName: Magos Matt
17:05:55.479 Initialize success
17:06:06.609 AVAST engine defs: 12082700
17:06:23.612 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
17:06:23.612 Disk 0 Vendor: WDC_WD6401AALS-00J7B0 05.00K05 Size: 610480MB BusType: 11
17:06:23.737 Disk 0 MBR read successfully
17:06:23.737 Disk 0 MBR scan
17:06:23.753 Disk 0 Windows 7 default MBR code
17:06:23.753 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:06:23.784 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 610378 MB offset 206848
17:06:23.846 Disk 0 scanning C:\Windows\system32\drivers
17:06:52.644 Service scanning
17:07:10.927 Modules scanning
17:07:10.943 Disk 0 trace - called modules:
17:07:11.021 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:07:11.021 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a88060]
17:07:11.036 3 CLASSPNP.SYS[fffff8800197943f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xfffffa80047cc1f0]
17:07:14.640 AVAST engine scan C:\Windows
17:10:30.717 AVAST engine scan C:\Windows\system32
17:26:42.209 AVAST engine scan C:\Windows\system32\drivers
17:33:52.176 AVAST engine scan C:\Users\Magos Matt
19:34:37.526 Disk 0 MBR has been saved successfully to "C:\Users\Magos Matt\Desktop\MBR.dat"
19:34:37.526 The log file has been saved successfully to "C:\Users\Magos Matt\Desktop\aswMBR.txt"

C:\Users\Magos Matt\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\35810ebb-221383ec a variant of Java/TrojanDownloader.Agent.AD trojan deleted - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:20 PM

Posted 27 August 2012 - 10:00 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 BK06

BK06
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 28 August 2012 - 08:55 AM

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.28.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Magos Matt :: KAISERTEMPEST [administrator]

Protection: Enabled

8/28/2012 1:37:17 AM
mbam-log-2012-08-28 (01-37-17).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 611050
Time elapsed: 2 hour(s), 11 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

MiniToolBox by Farbar Version: 23-07-2012
Ran by Magos Matt (administrator) on 28-08-2012 at 09:47:52
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : KaiserTempest
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.pa.comcast.net.

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.pa.comcast.net.
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 6C-62-6D-0C-69-50
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c486:4637:796f:3897%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.136(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, August 28, 2012 1:33:50 AM
Lease Expires . . . . . . . . . . : Wednesday, August 29, 2012 9:45:12 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 191652461
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-D8-92-BA-6C-62-6D-0C-69-50
DNS Servers . . . . . . . . . . . : 75.75.76.76
75.75.75.75
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.pa.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.pa.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:2c53:2e8f:e7fd:8389(Preferred)
Link-local IPv6 Address . . . . . : fe80::2c53:2e8f:e7fd:8389%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: cdns02.comcast.net
Address: 75.75.76.76

Name: google.com
Addresses: 2607:f8b0:4006:802::1006
173.194.43.0
173.194.43.3
173.194.43.7
173.194.43.5
173.194.43.14
173.194.43.2
173.194.43.1
173.194.43.9
173.194.43.8
173.194.43.4
173.194.43.6


Pinging google.com [74.125.226.226] with 32 bytes of data:
Reply from 74.125.226.226: bytes=32 time=20ms TTL=55
Reply from 74.125.226.226: bytes=32 time=19ms TTL=55

Ping statistics for 74.125.226.226:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 19ms, Maximum = 20ms, Average = 19ms
Server: cdns02.comcast.net
Address: 75.75.76.76

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=90ms TTL=49
Reply from 72.30.38.140: bytes=32 time=186ms TTL=49

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 90ms, Maximum = 186ms, Average = 138ms
Server: cdns02.comcast.net
Address: 75.75.76.76

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=6ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 4ms, Maximum = 6ms, Average = 5ms
===========================================================================
Interface List
10...6c 62 6d 0c 69 50 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.136 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 192.168.1.136 296
169.254.255.255 255.255.255.255 On-link 192.168.1.136 276
192.168.1.0 255.255.255.0 On-link 192.168.1.136 276
192.168.1.136 255.255.255.255 On-link 192.168.1.136 276
192.168.1.255 255.255.255.255 On-link 192.168.1.136 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.136 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.136 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:9d38:953c:2c53:2e8f:e7fd:8389/128
On-link
10 276 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::2c53:2e8f:e7fd:8389/128
On-link
10 276 fe80::c486:4637:796f:3897/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [193024] (Apple Inc.)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/28/2012 01:34:06 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/27/2012 11:23:17 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/27/2012 07:37:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/27/2012 07:36:50 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/27/2012 02:59:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/26/2012 05:46:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (08/26/2012 05:44:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (08/22/2012 03:02:33 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (08/22/2012 03:00:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (08/18/2012 01:14:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (08/28/2012 01:33:52 AM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.1 service failed to start due to the following error:
%%2

Error: (08/27/2012 11:25:07 PM) (Source: Service Control Manager) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (08/27/2012 11:23:22 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/27/2012 11:23:21 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/27/2012 11:23:21 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/27/2012 11:23:21 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/27/2012 11:23:21 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/27/2012 11:23:21 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/27/2012 11:23:21 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (08/27/2012 11:23:20 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Microsoft Office Sessions:
=========================
Error: (08/28/2012 01:34:06 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Magos Matt\Desktop\esetsmartinstaller_enu.exe

Error: (08/27/2012 11:23:17 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Magos Matt\Desktop\esetsmartinstaller_enu.exe

Error: (08/27/2012 07:37:20 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Magos Matt\Desktop\esetsmartinstaller_enu.exe

Error: (08/27/2012 07:36:50 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Magos Matt\Desktop\esetsmartinstaller_enu.exe

Error: (08/27/2012 02:59:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Magos Matt\Desktop\esetsmartinstaller_enu.exe

Error: (08/26/2012 05:46:24 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (08/26/2012 05:44:36 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (08/22/2012 03:02:33 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (08/22/2012 03:00:55 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (08/18/2012 01:14:26 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8


=========================== Installed Programs ============================

Adobe AIR (Version: 1.5.3.9120)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Illustrator CS5 (Version: 15.0)
Adobe Media Player (Version: 1.8)
Adobe Photoshop Elements 6.0 (Version: 6.0)
Adobe Reader 9.5.2 (Version: 9.5.2)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.938.1)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0611.1251.21046)
AMD Media Foundation Decoders (Version: 1.0.70611.1329)
AMD Steady Video Plug-In (Version: 2.04.0000)
AMD VISION Engine Control Center (Version: 2012.0611.1251.21046)
And Yet It Moves
Apple Mobile Device Support (Version: 2.4.1.7)
Apple Software Update (Version: 2.1.1.116)
Aquaria
Artweaver 1.0 (Version: 1.0)
ATI AVIVO64 Codecs (Version: 10.12.0.00202)
Atom Zombie Smasher
Autodesk DirectConnect 2.0 (Version: 2008.02.17)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
Bamboo (Version: 5.2.5-5)
Bastion
Bonjour (Version: 1.0.106)
Borderlands
Braid
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0611.1251.21046)
Catalyst Control Center InstallProxy (Version: 2012.0611.1251.21046)
Catalyst Control Center Localization All (Version: 2012.0611.1251.21046)
ccc-utility64 (Version: 2012.0611.1251.21046)
CCC Help Chinese Standard (Version: 2012.0611.1250.21046)
CCC Help Chinese Traditional (Version: 2012.0611.1250.21046)
CCC Help Czech (Version: 2012.0611.1250.21046)
CCC Help Danish (Version: 2012.0611.1250.21046)
CCC Help Dutch (Version: 2012.0611.1250.21046)
CCC Help English (Version: 2012.0611.1250.21046)
CCC Help Finnish (Version: 2012.0611.1250.21046)
CCC Help French (Version: 2012.0611.1250.21046)
CCC Help German (Version: 2012.0611.1250.21046)
CCC Help Greek (Version: 2012.0611.1250.21046)
CCC Help Hungarian (Version: 2012.0611.1250.21046)
CCC Help Italian (Version: 2012.0611.1250.21046)
CCC Help Japanese (Version: 2012.0611.1250.21046)
CCC Help Korean (Version: 2012.0611.1250.21046)
CCC Help Norwegian (Version: 2012.0611.1250.21046)
CCC Help Polish (Version: 2012.0611.1250.21046)
CCC Help Portuguese (Version: 2012.0611.1250.21046)
CCC Help Russian (Version: 2012.0611.1250.21046)
CCC Help Spanish (Version: 2012.0611.1250.21046)
CCC Help Swedish (Version: 2012.0611.1250.21046)
CCC Help Thai (Version: 2012.0611.1250.21046)
CCC Help Turkish (Version: 2012.0611.1250.21046)
CCleaner (Version: 3.20)
Cisco Connect (Version: 1.3.11069.2)
Cogs
Crayon Physics Deluxe
DAEMON Tools Toolbar (Version: 1.1.4.0024)
Darwinia
DEFCON
Diablo II
Diablo III (Version: 1.0.4.11327)
Dino D-Day
Epson Event Manager (Version: 2.40.0001)
EPSON NX125 NX127 Series Printer Uninstall
EPSON Scan
ESET Online Scanner v3
FileZilla Client 3.5.0 (Version: 3.5.0)
GIMP 2.6.10 (Version: 2.6.10)
Google Chrome (Version: 21.0.1180.83)
Hammerfight
HydraVision (Version: 4.2.142.0)
iTunes (Version: 8.1.1.10)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 33 (Version: 6.0.330)
Machinarium
Magicka
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Maya 2008 (Version: 9.0000)
Maya 2008 Documentation (en_US) (Version: 2008.0)
MechWarrior Vengeance
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
Multiwinia
NVIDIA PhysX v8.10.29 (Version: 8.10.29)
OpenOffice.org 3.2 (Version: 3.2.9502)
Opera 11.64 (Version: 11.64.1403)
Osmos
PDF Settings CS5 (Version: 10.0)
Portal 2
QuickTime (Version: 7.60.92.0)
Revenge of the Titans
Sanctum
Skype Click to Call (Version: 5.9.9216)
Skype 5.10 (Version: 5.10.115)
Spybot - Search & Destroy (Version: 1.6.2)
StarCraft II (Version: 1.4.3.21029)
Steam (Version: 1.0.0.0)
Steel Storm: Burning Retribution
Team Fortress 2
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Uplink
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 1.1.8 (Version: 1.1.8)
VVVVVV
WebTablet FB Plugin (Version: 2.0.0.1)
WebTablet IE Plugin (Version: 1.1.0.12)
WebTablet Netscape Plugin (Version: 1.1.0.10)
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 4094.16 MB
Available physical RAM: 2429.26 MB
Total Pagefile: 8186.5 MB
Available Pagefile: 6143.55 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.57 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:596.07 GB) (Free:353.31 GB) NTFS

========================= Users: ========================================

User accounts for \\KAISERTEMPEST

Administrator Guest Magos Matt


**** End of log ****

Farbar Service Scanner Version: 06-08-2012
Ran by Magos Matt (administrator) on 28-08-2012 at 09:49:48
Running from "C:\Users\Magos Matt\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

# AdwCleaner v1.801 - Logfile created 08/28/2012 at 09:50:37
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Magos Matt - KAISERTEMPEST
# Boot Mode : Normal
# Running from : C:\Users\Magos Matt\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : vToolbarUpdater11.2.0

***** [Files / Folders] *****

Folder Deleted : C:\Users\Magos Matt\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Magos Matt\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[x64] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={ABD4A17C-055C-45BB-92DA-C2FC25C5D3E1}&mid=4d7a5b714dbf77e372e6cf61aa69e706-a2093d5ee77ee18d6638809252bb7cf2fdbd15f4&lang=en&ds=AVG&pr=fr&d=2012-05-12 10:58:12&v=11.1.0.12&sap=nt --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Magos Matt\AppData\Roaming\Mozilla\Firefox\Profiles\d1wbqgk1.default\prefs.js

Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\11.1.0.12");
Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7B6b99cfcc-32ce-41f9-9151-78929796f3c5%[...]

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Magos Matt\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",
Deleted : "path": "C:\\Program Files (x86)\\Common Files\\AVG Secure Search\\SiteSafetyInstaller\\11.[...]
Deleted : "path": "C:\\Users\\Magos Matt\\AppData\\LocalLow\\Unity\\WebPlayer\\loader\\npUnity3D32.dl[...]

-\\ Opera v11.64.1403.0

File : C:\Users\Magos Matt\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [6907 octets] - [28/08/2012 09:50:37]

########## EOF - C:\AdwCleaner[S1].txt - [7035 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:20 PM

Posted 28 August 2012 - 08:59 AM

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

Any current issues?

#7 BK06

BK06
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 28 August 2012 - 10:05 AM

I'm not noticing anything out of the ordinary.

Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/28/2012 11:02:28 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Magos Matt\Desktop\rkill\rkill-08-28-2012-11-02-29.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* AppMgmt [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/28/2012 11:02:37 AM
Execution time: 0 hours(s), 0 minute(s), and 9 seconds(s)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:20 PM

Posted 28 August 2012 - 10:07 AM

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 BK06

BK06
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 28 August 2012 - 10:18 AM

sorry I need clarification,
should I turn off/reboot/new system restore as a separate step or only if TFC locks up my system(it didn't)?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:20 PM

Posted 28 August 2012 - 10:19 AM

Both are different :)

#11 BK06

BK06
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 28 August 2012 - 10:51 AM

the thing is still in AVGs virus vault, should I just delete or leave it be?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:20 PM

Posted 28 August 2012 - 11:14 AM

Remove it

#13 BK06

BK06
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 28 August 2012 - 11:18 AM

That's it? thanks for the help

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:20 PM

Posted 28 August 2012 - 12:49 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users