Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I infected?Or is Avast just playing silly beggars?


  • This topic is locked This topic is locked
13 replies to this topic

#1 pollyparrot

pollyparrot

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:02:08 AM

Posted 01 September 2012 - 03:20 AM

Original thread:

http://www.bleepingcomputer.com/forums/topic467075.html


Here is the TDSS log(no threats found, no reboot required)



09:09:07.0183 2200 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
09:09:07.0506 2200 ============================================================
09:09:07.0506 2200 Current date / time: 2012/09/01 09:09:07.0506
09:09:07.0506 2200 SystemInfo:
09:09:07.0506 2200
09:09:07.0506 2200 OS Version: 6.1.7601 ServicePack: 1.0
09:09:07.0506 2200 Product type: Workstation
09:09:07.0506 2200 ComputerName: PARKINSONS-PC
09:09:07.0506 2200 UserName: Parkinsons
09:09:07.0506 2200 Windows directory: C:\Windows
09:09:07.0507 2200 System windows directory: C:\Windows
09:09:07.0507 2200 Running under WOW64
09:09:07.0507 2200 Processor architecture: Intel x64
09:09:07.0507 2200 Number of processors: 4
09:09:07.0507 2200 Page size: 0x1000
09:09:07.0507 2200 Boot type: Normal boot
09:09:07.0507 2200 ============================================================
09:09:08.0529 2200 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:09:08.0532 2200 ============================================================
09:09:08.0532 2200 \Device\Harddisk0\DR0:
09:09:08.0532 2200 MBR partitions:
09:09:08.0532 2200 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2200800, BlocksNum 0x32000
09:09:08.0532 2200 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2232800, BlocksNum 0x39269800
09:09:08.0532 2200 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B49C000, BlocksNum 0x3926A000
09:09:08.0532 2200 ============================================================
09:09:08.0554 2200 C: <-> \Device\Harddisk0\DR0\Partition2
09:09:08.0589 2200 D: <-> \Device\Harddisk0\DR0\Partition3
09:09:08.0589 2200 ============================================================
09:09:08.0590 2200 Initialize success
09:09:08.0590 2200 ============================================================
09:09:27.0332 3292 ============================================================
09:09:27.0332 3292 Scan started
09:09:27.0332 3292 Mode: Manual; TDLFS;
09:09:27.0332 3292 ============================================================
09:09:27.0656 3292 ================ Scan system memory ========================
09:09:27.0656 3292 System memory - ok
09:09:27.0657 3292 ================ Scan services =============================
09:09:27.0804 3292 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:09:27.0807 3292 1394ohci - ok
09:09:27.0838 3292 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:09:27.0842 3292 ACPI - ok
09:09:27.0874 3292 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:09:27.0876 3292 AcpiPmi - ok
09:09:27.0953 3292 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:09:27.0954 3292 AdobeARMservice - ok
09:09:27.0986 3292 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:09:27.0992 3292 adp94xx - ok
09:09:28.0034 3292 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:09:28.0039 3292 adpahci - ok
09:09:28.0063 3292 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:09:28.0065 3292 adpu320 - ok
09:09:28.0114 3292 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:09:28.0115 3292 AeLookupSvc - ok
09:09:28.0171 3292 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:09:28.0177 3292 AFD - ok
09:09:28.0212 3292 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:09:28.0214 3292 agp440 - ok
09:09:28.0219 3292 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:09:28.0221 3292 ALG - ok
09:09:28.0238 3292 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:09:28.0240 3292 aliide - ok
09:09:28.0245 3292 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:09:28.0246 3292 amdide - ok
09:09:28.0266 3292 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:09:28.0268 3292 AmdK8 - ok
09:09:28.0273 3292 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:09:28.0274 3292 AmdPPM - ok
09:09:28.0287 3292 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:09:28.0289 3292 amdsata - ok
09:09:28.0296 3292 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:09:28.0298 3292 amdsbs - ok
09:09:28.0307 3292 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:09:28.0307 3292 amdxata - ok
09:09:28.0331 3292 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:09:28.0332 3292 AppID - ok
09:09:28.0363 3292 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:09:28.0364 3292 AppIDSvc - ok
09:09:28.0385 3292 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:09:28.0386 3292 Appinfo - ok
09:09:28.0401 3292 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:09:28.0403 3292 arc - ok
09:09:28.0408 3292 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:09:28.0410 3292 arcsas - ok
09:09:28.0450 3292 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
09:09:28.0450 3292 aswFsBlk - ok
09:09:28.0492 3292 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
09:09:28.0493 3292 aswMonFlt - ok
09:09:28.0501 3292 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
09:09:28.0502 3292 aswRdr - ok
09:09:28.0537 3292 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
09:09:28.0545 3292 aswSnx - ok
09:09:28.0573 3292 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
09:09:28.0576 3292 aswSP - ok
09:09:28.0594 3292 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
09:09:28.0595 3292 aswTdi - ok
09:09:28.0599 3292 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:09:28.0601 3292 AsyncMac - ok
09:09:28.0610 3292 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:09:28.0610 3292 atapi - ok
09:09:28.0640 3292 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:09:28.0648 3292 AudioEndpointBuilder - ok
09:09:28.0659 3292 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:09:28.0665 3292 AudioSrv - ok
09:09:28.0736 3292 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:09:28.0737 3292 avast! Antivirus - ok
09:09:28.0759 3292 [ F607704C811C9BE5B15F2A2E2C69F47C ] AVerIT13x C:\Windows\system32\Drivers\AVerIT13x_x64.sys
09:09:28.0762 3292 AVerIT13x - ok
09:09:28.0795 3292 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:09:28.0797 3292 AxInstSV - ok
09:09:28.0832 3292 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:09:28.0838 3292 b06bdrv - ok
09:09:28.0868 3292 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:09:28.0872 3292 b57nd60a - ok
09:09:28.0892 3292 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:09:28.0894 3292 BDESVC - ok
09:09:28.0923 3292 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:09:28.0924 3292 Beep - ok
09:09:28.0956 3292 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:09:28.0965 3292 BFE - ok
09:09:29.0004 3292 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:09:29.0016 3292 BITS - ok
09:09:29.0053 3292 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:09:29.0054 3292 blbdrive - ok
09:09:29.0059 3292 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:09:29.0061 3292 bowser - ok
09:09:29.0079 3292 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:09:29.0081 3292 BrFiltLo - ok
09:09:29.0086 3292 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:09:29.0087 3292 BrFiltUp - ok
09:09:29.0111 3292 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:09:29.0113 3292 Browser - ok
09:09:29.0121 3292 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:09:29.0124 3292 Brserid - ok
09:09:29.0129 3292 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:09:29.0131 3292 BrSerWdm - ok
09:09:29.0135 3292 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:09:29.0137 3292 BrUsbMdm - ok
09:09:29.0140 3292 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:09:29.0141 3292 BrUsbSer - ok
09:09:29.0144 3292 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:09:29.0146 3292 BTHMODEM - ok
09:09:29.0163 3292 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:09:29.0164 3292 bthserv - ok
09:09:29.0168 3292 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:09:29.0169 3292 cdfs - ok
09:09:29.0188 3292 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:09:29.0190 3292 cdrom - ok
09:09:29.0193 3292 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:09:29.0195 3292 CertPropSvc - ok
09:09:29.0199 3292 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:09:29.0200 3292 circlass - ok
09:09:29.0228 3292 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:09:29.0232 3292 CLFS - ok
09:09:29.0351 3292 [ 4DB5EFC5E755BBB2C5879C4F7BC393AF ] CLKMSVC10_34E30CCC C:\Program Files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe
09:09:29.0355 3292 CLKMSVC10_34E30CCC - ok
09:09:29.0400 3292 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:09:29.0402 3292 clr_optimization_v2.0.50727_32 - ok
09:09:29.0435 3292 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:09:29.0437 3292 clr_optimization_v2.0.50727_64 - ok
09:09:29.0484 3292 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:09:29.0486 3292 clr_optimization_v4.0.30319_32 - ok
09:09:29.0501 3292 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:09:29.0503 3292 clr_optimization_v4.0.30319_64 - ok
09:09:29.0557 3292 [ E13A438F9E51DD034730678E33B73290 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
09:09:29.0558 3292 clwvd - ok
09:09:29.0581 3292 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
09:09:29.0582 3292 CmBatt - ok
09:09:29.0586 3292 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:09:29.0588 3292 cmdide - ok
09:09:29.0622 3292 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:09:29.0627 3292 CNG - ok
09:09:29.0645 3292 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:09:29.0646 3292 Compbatt - ok
09:09:29.0652 3292 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:09:29.0653 3292 CompositeBus - ok
09:09:29.0658 3292 COMSysApp - ok
09:09:29.0664 3292 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:09:29.0666 3292 crcdisk - ok
09:09:29.0718 3292 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:09:29.0721 3292 CryptSvc - ok
09:09:29.0756 3292 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:09:29.0765 3292 DcomLaunch - ok
09:09:29.0792 3292 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:09:29.0797 3292 defragsvc - ok
09:09:29.0800 3292 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:09:29.0801 3292 DfsC - ok
09:09:29.0812 3292 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:09:29.0815 3292 Dhcp - ok
09:09:29.0817 3292 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:09:29.0818 3292 discache - ok
09:09:29.0840 3292 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:09:29.0841 3292 Disk - ok
09:09:29.0857 3292 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:09:29.0859 3292 Dnscache - ok
09:09:29.0864 3292 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:09:29.0867 3292 dot3svc - ok
09:09:29.0870 3292 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:09:29.0872 3292 DPS - ok
09:09:29.0896 3292 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:09:29.0897 3292 drmkaud - ok
09:09:29.0924 3292 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:09:29.0932 3292 DXGKrnl - ok
09:09:29.0947 3292 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:09:29.0949 3292 EapHost - ok
09:09:30.0006 3292 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:09:30.0060 3292 ebdrv - ok
09:09:30.0103 3292 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:09:30.0105 3292 EFS - ok
09:09:30.0149 3292 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:09:30.0156 3292 ehRecvr - ok
09:09:30.0187 3292 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:09:30.0189 3292 ehSched - ok
09:09:30.0210 3292 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:09:30.0216 3292 elxstor - ok
09:09:30.0220 3292 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:09:30.0221 3292 ErrDev - ok
09:09:30.0250 3292 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:09:30.0257 3292 EventSystem - ok
09:09:30.0263 3292 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:09:30.0266 3292 exfat - ok
09:09:30.0283 3292 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:09:30.0286 3292 fastfat - ok
09:09:30.0317 3292 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:09:30.0327 3292 Fax - ok
09:09:30.0367 3292 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:09:30.0368 3292 fdc - ok
09:09:30.0402 3292 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:09:30.0404 3292 fdPHost - ok
09:09:30.0408 3292 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:09:30.0411 3292 FDResPub - ok
09:09:30.0417 3292 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:09:30.0418 3292 FileInfo - ok
09:09:30.0423 3292 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:09:30.0424 3292 Filetrace - ok
09:09:30.0433 3292 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:09:30.0434 3292 flpydisk - ok
09:09:30.0443 3292 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:09:30.0445 3292 FltMgr - ok
09:09:30.0468 3292 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:09:30.0475 3292 FontCache - ok
09:09:30.0513 3292 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:09:30.0514 3292 FontCache3.0.0.0 - ok
09:09:30.0519 3292 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:09:30.0520 3292 FsDepends - ok
09:09:30.0545 3292 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:09:30.0546 3292 Fs_Rec - ok
09:09:30.0552 3292 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:09:30.0555 3292 fvevol - ok
09:09:30.0567 3292 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:09:30.0584 3292 gagp30kx - ok
09:09:30.0617 3292 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:09:30.0626 3292 gpsvc - ok
09:09:30.0661 3292 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:09:30.0663 3292 hcw85cir - ok
09:09:30.0694 3292 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:09:30.0699 3292 HdAudAddService - ok
09:09:30.0711 3292 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:09:30.0713 3292 HDAudBus - ok
09:09:30.0718 3292 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:09:30.0719 3292 HidBatt - ok
09:09:30.0724 3292 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:09:30.0726 3292 HidBth - ok
09:09:30.0742 3292 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:09:30.0743 3292 HidIr - ok
09:09:30.0746 3292 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:09:30.0748 3292 hidserv - ok
09:09:30.0761 3292 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:09:30.0762 3292 HidUsb - ok
09:09:30.0787 3292 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:09:30.0790 3292 hkmsvc - ok
09:09:30.0794 3292 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:09:30.0798 3292 HomeGroupListener - ok
09:09:30.0815 3292 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:09:30.0818 3292 HomeGroupProvider - ok
09:09:30.0831 3292 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:09:30.0833 3292 HpSAMD - ok
09:09:30.0841 3292 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:09:30.0848 3292 HTTP - ok
09:09:30.0850 3292 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:09:30.0851 3292 hwpolicy - ok
09:09:30.0859 3292 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:09:30.0861 3292 i8042prt - ok
09:09:30.0888 3292 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\drivers\iaStor.sys
09:09:30.0890 3292 iaStor - ok
09:09:30.0941 3292 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
09:09:30.0942 3292 IAStorDataMgrSvc - ok
09:09:30.0967 3292 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:09:30.0971 3292 iaStorV - ok
09:09:31.0016 3292 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:09:31.0023 3292 idsvc - ok
09:09:31.0257 3292 [ A47D902F5C0C43DCF5EE2CAE02BF39A8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:09:31.0448 3292 igfx - ok
09:09:31.0452 3292 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:09:31.0453 3292 iirsp - ok
09:09:31.0502 3292 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:09:31.0510 3292 IKEEXT - ok
09:09:31.0612 3292 [ 05778ABC033D327656C55BC6F8B244D8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:09:31.0632 3292 IntcAzAudAddService - ok
09:09:31.0655 3292 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
09:09:31.0658 3292 IntcDAud - ok
09:09:31.0666 3292 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:09:31.0666 3292 intelide - ok
09:09:31.0669 3292 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:09:31.0670 3292 intelppm - ok
09:09:31.0688 3292 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:09:31.0690 3292 IPBusEnum - ok
09:09:31.0693 3292 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:09:31.0694 3292 IpFilterDriver - ok
09:09:31.0701 3292 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:09:31.0706 3292 iphlpsvc - ok
09:09:31.0709 3292 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:09:31.0710 3292 IPMIDRV - ok
09:09:31.0725 3292 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:09:31.0727 3292 IPNAT - ok
09:09:31.0730 3292 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:09:31.0731 3292 IRENUM - ok
09:09:31.0733 3292 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:09:31.0734 3292 isapnp - ok
09:09:31.0746 3292 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:09:31.0748 3292 iScsiPrt - ok
09:09:31.0769 3292 [ 8D990A44B4F2B68E2C56A3724EC3EB84 ] itecir C:\Windows\system32\DRIVERS\itecir.sys
09:09:31.0770 3292 itecir - ok
09:09:31.0784 3292 [ E5AAC07B053D15BA8F67BA7D49C20971 ] ITECIRfilter C:\Windows\system32\DRIVERS\ITECIRfilter.sys
09:09:31.0784 3292 ITECIRfilter - ok
09:09:31.0798 3292 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:09:31.0799 3292 kbdclass - ok
09:09:31.0801 3292 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:09:31.0802 3292 kbdhid - ok
09:09:31.0814 3292 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:09:31.0815 3292 KeyIso - ok
09:09:31.0846 3292 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:09:31.0848 3292 KSecDD - ok
09:09:31.0865 3292 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:09:31.0868 3292 KSecPkg - ok
09:09:31.0872 3292 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:09:31.0873 3292 ksthunk - ok
09:09:31.0889 3292 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:09:31.0894 3292 KtmRm - ok
09:09:31.0920 3292 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:09:31.0925 3292 LanmanServer - ok
09:09:31.0947 3292 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:09:31.0951 3292 LanmanWorkstation - ok
09:09:31.0956 3292 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:09:31.0957 3292 lltdio - ok
09:09:31.0973 3292 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:09:31.0977 3292 lltdsvc - ok
09:09:31.0981 3292 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:09:31.0982 3292 lmhosts - ok
09:09:32.0035 3292 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:09:32.0038 3292 LMS - ok
09:09:32.0064 3292 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:09:32.0067 3292 LSI_FC - ok
09:09:32.0071 3292 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:09:32.0073 3292 LSI_SAS - ok
09:09:32.0078 3292 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:09:32.0080 3292 LSI_SAS2 - ok
09:09:32.0083 3292 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:09:32.0085 3292 LSI_SCSI - ok
09:09:32.0089 3292 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:09:32.0090 3292 luafv - ok
09:09:32.0103 3292 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:09:32.0103 3292 MBAMProtector - ok
09:09:32.0128 3292 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:09:32.0131 3292 MBAMService - ok
09:09:32.0147 3292 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:09:32.0149 3292 Mcx2Svc - ok
09:09:32.0151 3292 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:09:32.0152 3292 megasas - ok
09:09:32.0157 3292 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:09:32.0159 3292 MegaSR - ok
09:09:32.0183 3292 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:09:32.0184 3292 MEIx64 - ok
09:09:32.0205 3292 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:09:32.0208 3292 MMCSS - ok
09:09:32.0213 3292 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:09:32.0214 3292 Modem - ok
09:09:32.0218 3292 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:09:32.0219 3292 monitor - ok
09:09:32.0224 3292 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:09:32.0225 3292 mouclass - ok
09:09:32.0239 3292 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:09:32.0240 3292 mouhid - ok
09:09:32.0251 3292 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:09:32.0252 3292 mountmgr - ok
09:09:32.0256 3292 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:09:32.0258 3292 mpio - ok
09:09:32.0262 3292 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:09:32.0263 3292 mpsdrv - ok
09:09:32.0285 3292 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:09:32.0295 3292 MpsSvc - ok
09:09:32.0299 3292 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:09:32.0300 3292 MRxDAV - ok
09:09:32.0304 3292 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:09:32.0306 3292 mrxsmb - ok
09:09:32.0323 3292 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:09:32.0325 3292 mrxsmb10 - ok
09:09:32.0330 3292 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:09:32.0331 3292 mrxsmb20 - ok
09:09:32.0347 3292 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:09:32.0349 3292 msahci - ok
09:09:32.0352 3292 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:09:32.0354 3292 msdsm - ok
09:09:32.0362 3292 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:09:32.0365 3292 MSDTC - ok
09:09:32.0370 3292 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:09:32.0371 3292 Msfs - ok
09:09:32.0374 3292 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:09:32.0375 3292 mshidkmdf - ok
09:09:32.0377 3292 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:09:32.0378 3292 msisadrv - ok
09:09:32.0393 3292 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:09:32.0395 3292 MSiSCSI - ok
09:09:32.0398 3292 msiserver - ok
09:09:32.0401 3292 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:09:32.0401 3292 MSKSSRV - ok
09:09:32.0404 3292 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:09:32.0404 3292 MSPCLOCK - ok
09:09:32.0407 3292 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:09:32.0408 3292 MSPQM - ok
09:09:32.0427 3292 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:09:32.0449 3292 MsRPC - ok
09:09:32.0456 3292 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:09:32.0457 3292 mssmbios - ok
09:09:32.0473 3292 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:09:32.0474 3292 MSTEE - ok
09:09:32.0492 3292 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:09:32.0493 3292 MTConfig - ok
09:09:32.0498 3292 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:09:32.0500 3292 Mup - ok
09:09:32.0538 3292 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:09:32.0546 3292 napagent - ok
09:09:32.0563 3292 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:09:32.0567 3292 NativeWifiP - ok
09:09:32.0581 3292 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
09:09:32.0590 3292 NDIS - ok
09:09:32.0604 3292 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:09:32.0605 3292 NdisCap - ok
09:09:32.0609 3292 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:09:32.0610 3292 NdisTapi - ok
09:09:32.0614 3292 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:09:32.0615 3292 Ndisuio - ok
09:09:32.0619 3292 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:09:32.0621 3292 NdisWan - ok
09:09:32.0624 3292 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:09:32.0625 3292 NDProxy - ok
09:09:32.0627 3292 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:09:32.0628 3292 NetBIOS - ok
09:09:32.0633 3292 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:09:32.0635 3292 NetBT - ok
09:09:32.0637 3292 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:09:32.0639 3292 Netlogon - ok
09:09:32.0672 3292 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:09:32.0676 3292 Netman - ok
09:09:32.0682 3292 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:09:32.0686 3292 netprofm - ok
09:09:32.0718 3292 [ 5758FD37BF31E759F8610311E4D08ECA ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
09:09:32.0724 3292 netr28x - ok
09:09:32.0744 3292 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:09:32.0745 3292 NetTcpPortSharing - ok
09:09:32.0754 3292 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:09:32.0755 3292 nfrd960 - ok
09:09:32.0771 3292 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:09:32.0775 3292 NlaSvc - ok
09:09:32.0788 3292 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:09:32.0789 3292 Npfs - ok
09:09:32.0806 3292 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:09:32.0807 3292 nsi - ok
09:09:32.0810 3292 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:09:32.0810 3292 nsiproxy - ok
09:09:32.0840 3292 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:09:32.0851 3292 Ntfs - ok
09:09:32.0854 3292 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:09:32.0854 3292 Null - ok
09:09:32.0873 3292 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:09:32.0875 3292 nvraid - ok
09:09:32.0880 3292 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:09:32.0882 3292 nvstor - ok
09:09:32.0885 3292 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:09:32.0887 3292 nv_agp - ok
09:09:32.0890 3292 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:09:32.0891 3292 ohci1394 - ok
09:09:32.0904 3292 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:09:32.0908 3292 p2pimsvc - ok
09:09:32.0921 3292 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:09:32.0926 3292 p2psvc - ok
09:09:32.0929 3292 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:09:32.0931 3292 Parport - ok
09:09:32.0948 3292 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:09:32.0949 3292 partmgr - ok
09:09:32.0952 3292 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:09:32.0955 3292 PcaSvc - ok
09:09:32.0959 3292 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:09:32.0961 3292 pci - ok
09:09:32.0963 3292 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:09:32.0964 3292 pciide - ok
09:09:32.0974 3292 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:09:32.0976 3292 pcmcia - ok
09:09:32.0979 3292 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:09:32.0979 3292 pcw - ok
09:09:32.0993 3292 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:09:32.0999 3292 PEAUTH - ok
09:09:33.0065 3292 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:09:33.0068 3292 PerfHost - ok
09:09:33.0104 3292 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:09:33.0136 3292 pla - ok
09:09:33.0176 3292 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:09:33.0186 3292 PlugPlay - ok
09:09:33.0190 3292 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:09:33.0194 3292 PNRPAutoReg - ok
09:09:33.0202 3292 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:09:33.0207 3292 PNRPsvc - ok
09:09:33.0228 3292 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:09:33.0233 3292 PolicyAgent - ok
09:09:33.0238 3292 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:09:33.0241 3292 Power - ok
09:09:33.0253 3292 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:09:33.0255 3292 PptpMiniport - ok
09:09:33.0262 3292 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
09:09:33.0263 3292 Processor - ok
09:09:33.0288 3292 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:09:33.0292 3292 ProfSvc - ok
09:09:33.0294 3292 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:09:33.0296 3292 ProtectedStorage - ok
09:09:33.0300 3292 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:09:33.0301 3292 Psched - ok
09:09:33.0346 3292 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
09:09:33.0347 3292 PSI - ok
09:09:33.0386 3292 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:09:33.0416 3292 ql2300 - ok
09:09:33.0422 3292 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:09:33.0424 3292 ql40xx - ok
09:09:33.0437 3292 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:09:33.0444 3292 QWAVE - ok
09:09:33.0462 3292 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:09:33.0463 3292 QWAVEdrv - ok
09:09:33.0468 3292 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:09:33.0469 3292 RasAcd - ok
09:09:33.0484 3292 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:09:33.0485 3292 RasAgileVpn - ok
09:09:33.0490 3292 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:09:33.0495 3292 RasAuto - ok
09:09:33.0500 3292 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:09:33.0502 3292 Rasl2tp - ok
09:09:33.0518 3292 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:09:33.0525 3292 RasMan - ok
09:09:33.0530 3292 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:09:33.0532 3292 RasPppoe - ok
09:09:33.0536 3292 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:09:33.0538 3292 RasSstp - ok
09:09:33.0545 3292 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:09:33.0548 3292 rdbss - ok
09:09:33.0557 3292 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
09:09:33.0558 3292 rdpbus - ok
09:09:33.0561 3292 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:09:33.0562 3292 RDPCDD - ok
09:09:33.0565 3292 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:09:33.0566 3292 RDPENCDD - ok
09:09:33.0570 3292 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:09:33.0570 3292 RDPREFMP - ok
09:09:33.0599 3292 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:09:33.0601 3292 RDPWD - ok
09:09:33.0605 3292 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:09:33.0607 3292 rdyboost - ok
09:09:33.0618 3292 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:09:33.0620 3292 RemoteAccess - ok
09:09:33.0631 3292 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:09:33.0634 3292 RemoteRegistry - ok
09:09:33.0638 3292 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:09:33.0640 3292 RpcEptMapper - ok
09:09:33.0660 3292 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:09:33.0662 3292 RpcLocator - ok
09:09:33.0676 3292 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:09:33.0681 3292 RpcSs - ok
09:09:33.0691 3292 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:09:33.0693 3292 rspndr - ok
09:09:33.0729 3292 [ 637646C63222E6ADCC19AF89983533E4 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:09:33.0734 3292 RTL8167 - ok
09:09:33.0738 3292 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:09:33.0741 3292 SamSs - ok
09:09:33.0801 3292 [ 495588414F5C62C333F1A69E17E5FB9F ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
09:09:33.0802 3292 SbieDrv - ok
09:09:33.0813 3292 [ 099007B7A80E1917FFA110CE7785A3C9 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
09:09:33.0814 3292 SbieSvc - ok
09:09:33.0819 3292 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:09:33.0821 3292 sbp2port - ok
09:09:33.0827 3292 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:09:33.0833 3292 SCardSvr - ok
09:09:33.0837 3292 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:09:33.0839 3292 scfilter - ok
09:09:33.0876 3292 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:09:33.0890 3292 Schedule - ok
09:09:33.0909 3292 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:09:33.0911 3292 SCPolicySvc - ok
09:09:33.0917 3292 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:09:33.0923 3292 SDRSVC - ok
09:09:33.0927 3292 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:09:33.0929 3292 secdrv - ok
09:09:33.0942 3292 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:09:33.0945 3292 seclogon - ok
09:09:34.0060 3292 [ 9044795E9D1A912D5F1B8DF6211850FD ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
09:09:34.0074 3292 Secunia PSI Agent - ok
09:09:34.0165 3292 [ 8B1A72E4FB63A9C068B08E1F9B70482A ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
09:09:34.0171 3292 Secunia Update Agent - ok
09:09:34.0175 3292 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:09:34.0180 3292 SENS - ok
09:09:34.0189 3292 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:09:34.0193 3292 SensrSvc - ok
09:09:34.0198 3292 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
09:09:34.0199 3292 Serenum - ok
09:09:34.0204 3292 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
09:09:34.0206 3292 Serial - ok
09:09:34.0227 3292 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:09:34.0228 3292 sermouse - ok
09:09:34.0248 3292 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:09:34.0251 3292 SessionEnv - ok
09:09:34.0254 3292 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:09:34.0255 3292 sffdisk - ok
09:09:34.0257 3292 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:09:34.0258 3292 sffp_mmc - ok
09:09:34.0262 3292 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:09:34.0263 3292 sffp_sd - ok
09:09:34.0265 3292 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:09:34.0266 3292 sfloppy - ok
09:09:34.0285 3292 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:09:34.0290 3292 SharedAccess - ok
09:09:34.0303 3292 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:09:34.0308 3292 ShellHWDetection - ok
09:09:34.0330 3292 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:09:34.0331 3292 SiSRaid2 - ok
09:09:34.0335 3292 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:09:34.0336 3292 SiSRaid4 - ok
09:09:34.0396 3292 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:09:34.0398 3292 SkypeUpdate - ok
09:09:34.0413 3292 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:09:34.0415 3292 Smb - ok
09:09:34.0428 3292 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:09:34.0431 3292 SNMPTRAP - ok
09:09:34.0434 3292 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:09:34.0434 3292 spldr - ok
09:09:34.0460 3292 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:09:34.0466 3292 Spooler - ok
09:09:34.0534 3292 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:09:34.0566 3292 sppsvc - ok
09:09:34.0570 3292 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:09:34.0573 3292 sppuinotify - ok
09:09:34.0579 3292 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:09:34.0583 3292 srv - ok
09:09:34.0588 3292 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:09:34.0591 3292 srv2 - ok
09:09:34.0596 3292 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:09:34.0597 3292 srvnet - ok
09:09:34.0616 3292 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:09:34.0619 3292 SSDPSRV - ok
09:09:34.0622 3292 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:09:34.0624 3292 SstpSvc - ok
09:09:34.0639 3292 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:09:34.0640 3292 stexstor - ok
09:09:34.0662 3292 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:09:34.0672 3292 stisvc - ok
09:09:34.0676 3292 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:09:34.0677 3292 swenum - ok
09:09:34.0686 3292 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:09:34.0692 3292 swprv - ok
09:09:34.0719 3292 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:09:34.0745 3292 SysMain - ok
09:09:34.0748 3292 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:09:34.0751 3292 TabletInputService - ok
09:09:34.0756 3292 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:09:34.0760 3292 TapiSrv - ok
09:09:34.0771 3292 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:09:34.0774 3292 TBS - ok
09:09:34.0831 3292 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:09:34.0863 3292 Tcpip - ok
09:09:34.0900 3292 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:09:34.0914 3292 TCPIP6 - ok
09:09:34.0933 3292 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:09:34.0934 3292 tcpipreg - ok
09:09:34.0937 3292 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:09:34.0938 3292 TDPIPE - ok
09:09:34.0953 3292 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:09:34.0954 3292 TDTCP - ok
09:09:34.0963 3292 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:09:34.0964 3292 tdx - ok
09:09:34.0967 3292 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:09:34.0968 3292 TermDD - ok
09:09:34.0983 3292 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:09:34.0990 3292 TermService - ok
09:09:34.0992 3292 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:09:34.0995 3292 Themes - ok
09:09:35.0005 3292 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:09:35.0006 3292 THREADORDER - ok
09:09:35.0018 3292 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:09:35.0021 3292 TrkWks - ok
09:09:35.0055 3292 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:09:35.0057 3292 TrustedInstaller - ok
09:09:35.0065 3292 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:09:35.0066 3292 tssecsrv - ok
09:09:35.0071 3292 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:09:35.0073 3292 TsUsbFlt - ok
09:09:35.0077 3292 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:09:35.0078 3292 TsUsbGD - ok
09:09:35.0093 3292 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:09:35.0095 3292 tunnel - ok
09:09:35.0105 3292 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:09:35.0106 3292 uagp35 - ok
09:09:35.0112 3292 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:09:35.0115 3292 udfs - ok
09:09:35.0136 3292 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:09:35.0139 3292 UI0Detect - ok
09:09:35.0143 3292 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:09:35.0144 3292 uliagpkx - ok
09:09:35.0148 3292 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:09:35.0149 3292 umbus - ok
09:09:35.0157 3292 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
09:09:35.0158 3292 UmPass - ok
09:09:35.0248 3292 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:09:35.0286 3292 UNS - ok
09:09:35.0306 3292 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:09:35.0311 3292 upnphost - ok
09:09:35.0315 3292 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:09:35.0316 3292 usbccgp - ok
09:09:35.0328 3292 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:09:35.0329 3292 usbcir - ok
09:09:35.0332 3292 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:09:35.0333 3292 usbehci - ok
09:09:35.0344 3292 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
09:09:35.0347 3292 usbhub - ok
09:09:35.0360 3292 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:09:35.0361 3292 usbohci - ok
09:09:35.0367 3292 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
09:09:35.0368 3292 usbprint - ok
09:09:35.0441 3292 [ B5E6C4F280EBF0B16F74A5B415F2E0DF ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe
09:09:35.0442 3292 USBS3S4Detection - ok
09:09:35.0448 3292 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:09:35.0450 3292 USBSTOR - ok
09:09:35.0469 3292 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:09:35.0470 3292 usbuhci - ok
09:09:35.0501 3292 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:09:35.0504 3292 usbvideo - ok
09:09:35.0522 3292 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:09:35.0527 3292 UxSms - ok
09:09:35.0546 3292 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:09:35.0549 3292 VaultSvc - ok
09:09:35.0552 3292 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:09:35.0553 3292 vdrvroot - ok
09:09:35.0574 3292 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:09:35.0582 3292 vds - ok
09:09:35.0595 3292 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:09:35.0596 3292 vga - ok
09:09:35.0600 3292 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:09:35.0601 3292 VgaSave - ok
09:09:35.0607 3292 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:09:35.0610 3292 vhdmp - ok
09:09:35.0614 3292 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:09:35.0615 3292 viaide - ok
09:09:35.0619 3292 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:09:35.0620 3292 volmgr - ok
09:09:35.0626 3292 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:09:35.0630 3292 volmgrx - ok
09:09:35.0635 3292 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:09:35.0638 3292 volsnap - ok
09:09:35.0654 3292 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:09:35.0656 3292 vsmraid - ok
09:09:35.0694 3292 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:09:35.0717 3292 VSS - ok
09:09:35.0762 3292 [ 5BE34BFADE20FF6C154B4663605B6212 ] VUSB3HUB C:\Windows\system32\DRIVERS\ViaHub3.sys
09:09:35.0764 3292 VUSB3HUB - ok
09:09:35.0771 3292 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:09:35.0772 3292 vwifibus - ok
09:09:35.0790 3292 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:09:35.0791 3292 vwififlt - ok
09:09:35.0811 3292 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:09:35.0819 3292 W32Time - ok
09:09:35.0826 3292 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:09:35.0828 3292 WacomPen - ok
09:09:35.0833 3292 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:09:35.0835 3292 WANARP - ok
09:09:35.0839 3292 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:09:35.0841 3292 Wanarpv6 - ok
09:09:35.0908 3292 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:09:35.0922 3292 WatAdminSvc - ok
09:09:35.0963 3292 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:09:35.0998 3292 wbengine - ok
09:09:36.0004 3292 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:09:36.0010 3292 WbioSrvc - ok
09:09:36.0018 3292 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:09:36.0025 3292 wcncsvc - ok
09:09:36.0030 3292 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:09:36.0035 3292 WcsPlugInService - ok
09:09:36.0042 3292 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
09:09:36.0043 3292 Wd - ok
09:09:36.0062 3292 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:09:36.0079 3292 Wdf01000 - ok
09:09:36.0082 3292 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:09:36.0085 3292 WdiServiceHost - ok
09:09:36.0087 3292 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:09:36.0089 3292 WdiSystemHost - ok
09:09:36.0093 3292 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:09:36.0097 3292 WebClient - ok
09:09:36.0107 3292 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:09:36.0111 3292 Wecsvc - ok
09:09:36.0114 3292 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:09:36.0117 3292 wercplsupport - ok
09:09:36.0120 3292 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:09:36.0123 3292 WerSvc - ok
09:09:36.0126 3292 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:09:36.0126 3292 WfpLwf - ok
09:09:36.0130 3292 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:09:36.0131 3292 WIMMount - ok
09:09:36.0144 3292 WinDefend - ok
09:09:36.0147 3292 WinHttpAutoProxySvc - ok
09:09:36.0191 3292 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:09:36.0195 3292 Winmgmt - ok
09:09:36.0242 3292 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:09:36.0288 3292 WinRM - ok
09:09:36.0321 3292 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:09:36.0330 3292 Wlansvc - ok
09:09:36.0338 3292 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:09:36.0339 3292 WmiAcpi - ok
09:09:36.0372 3292 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:09:36.0374 3292 wmiApSrv - ok
09:09:36.0390 3292 WMPNetworkSvc - ok
09:09:36.0398 3292 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:09:36.0401 3292 WPCSvc - ok
09:09:36.0404 3292 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:09:36.0408 3292 WPDBusEnum - ok
09:09:36.0411 3292 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:09:36.0412 3292 ws2ifsl - ok
09:09:36.0415 3292 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:09:36.0418 3292 wscsvc - ok
09:09:36.0421 3292 WSearch - ok
09:09:36.0484 3292 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:09:36.0527 3292 wuauserv - ok
09:09:36.0540 3292 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:09:36.0542 3292 WudfPf - ok
09:09:36.0577 3292 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:09:36.0580 3292 WUDFRd - ok
09:09:36.0607 3292 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:09:36.0613 3292 wudfsvc - ok
09:09:36.0619 3292 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:09:36.0627 3292 WwanSvc - ok
09:09:36.0649 3292 [ 109B6F1888845661D19B7A458776D5D1 ] xhcdrv C:\Windows\system32\DRIVERS\xhcdrv.sys
09:09:36.0652 3292 xhcdrv - ok
09:09:36.0660 3292 ================ Scan global ===============================
09:09:36.0680 3292 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:09:36.0694 3292 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:09:36.0705 3292 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:09:36.0723 3292 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:09:36.0749 3292 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:09:36.0755 3292 [Global] - ok
09:09:36.0756 3292 ================ Scan MBR ==================================
09:09:36.0782 3292 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:09:37.0023 3292 \Device\Harddisk0\DR0 - ok
09:09:37.0024 3292 ================ Scan VBR ==================================
09:09:37.0026 3292 [ F2E48239863E29490D6B26B65648B544 ] \Device\Harddisk0\DR0\Partition1
09:09:37.0028 3292 \Device\Harddisk0\DR0\Partition1 - ok
09:09:37.0038 3292 [ 042525643A7203786B10646FDFF63D14 ] \Device\Harddisk0\DR0\Partition2
09:09:37.0040 3292 \Device\Harddisk0\DR0\Partition2 - ok
09:09:37.0062 3292 [ E85205E9CBF515FA68579368B93E0B60 ] \Device\Harddisk0\DR0\Partition3
09:09:37.0063 3292 \Device\Harddisk0\DR0\Partition3 - ok
09:09:37.0064 3292 ============================================================
09:09:37.0064 3292 Scan finished
09:09:37.0064 3292 ============================================================
09:09:37.0076 4328 Detected object count: 0
09:09:37.0076 4328 Actual detected object count: 0
"Only two things are infinite:The Universe and human stupidity. And I am not so sure about the former."-Einstein

BC AdBot (Login to Remove)

 


#2 pollyparrot

pollyparrot
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:02:08 AM

Posted 01 September 2012 - 03:21 AM

Here is the ASWMbr log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-01 09:10:57
-----------------------------
09:10:57.178 OS Version: Windows x64 6.1.7601 Service Pack 1
09:10:57.178 Number of processors: 4 586 0x2A07
09:10:57.179 ComputerName: PARKINSONS-PC UserName: Parkinsons
09:10:59.007 Initialize success
09:10:59.135 AVAST engine defs: 12083102
09:11:07.098 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:11:07.101 Disk 0 Vendor: WDC_WD10 51.0 Size: 953869MB BusType: 3
09:11:07.112 Disk 0 MBR read successfully
09:11:07.115 Disk 0 MBR scan
09:11:07.119 Disk 0 Windows 7 default MBR code
09:11:07.122 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 17408 MB offset 2048
09:11:07.131 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 35653632
09:11:07.135 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 468179 MB offset 35858432
09:11:07.157 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 468180 MB offset 994689024
09:11:07.182 Disk 0 scanning C:\Windows\system32\drivers
09:11:09.538 Service scanning
09:11:17.003 Modules scanning
09:11:17.012 Disk 0 trace - called modules:
09:11:17.032 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
09:11:17.037 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80065db060]
09:11:17.041 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800537a050]
09:11:17.945 AVAST engine scan C:\Windows
09:11:19.504 AVAST engine scan C:\Windows\system32
09:12:09.944 AVAST engine scan C:\Windows\system32\drivers
09:12:14.967 AVAST engine scan C:\Users\Parkinsons
09:12:23.579 AVAST engine scan C:\ProgramData
09:12:31.706 Scan finished successfully
09:12:42.782 Disk 0 MBR has been saved successfully to "C:\Users\Parkinsons\Desktop\MBR.dat"
09:12:42.782 The log file has been saved successfully to "C:\Users\Parkinsons\Desktop\aswMBR.txt"
"Only two things are infinite:The Universe and human stupidity. And I am not so sure about the former."-Einstein

#3 pollyparrot

pollyparrot
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:02:08 AM

Posted 01 September 2012 - 06:30 AM

Also- IE9 has taken to freezing sporadically. The last time I had to close it via task manager. I was on a reputable site at the time(well I would hope so anyway since I was browsing Microsoft Office on Microsoft's own website!)

Wasn't sure if it was important or not
"Only two things are infinite:The Universe and human stupidity. And I am not so sure about the former."-Einstein

#4 pollyparrot

pollyparrot
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:02:08 AM

Posted 01 September 2012 - 02:00 PM

DDS Logs

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Parkinsons at 19:54:13 on 2012-09-01
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4040.2626 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\OEM\USBDECTION\USBS3S4Detection.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\ITE\ITE Infrared Transceiver\CIRAP.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\VIA_XHCI\usb3Monitor.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\Acer\Acer TouchPortal\YouCam\YCMMirage.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Acer\Acer TouchPortal\YouCam\YouCamTray.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\OEM\USBDECTION\FixIt.exe
C:\Program Files (x86)\Acer\Acer TouchPortal\RestartAgent.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\Sandboxie\32\SbieSvc.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\Sandboxie\SandboxieCrypto.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uDefault_Page_URL = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Cooliris Plug-In for Internet Explorer: {eaee5c74-6d0d-4aca-9232-0da4a7b866ba} - c:\Program Files (x86)\PicLensIE\cooliris.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
mRun: [YouCam Mirage] "C:\Program Files (x86)\Acer\Acer TouchPortal\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Acer\Acer TouchPortal\YouCam\YouCamTray.exe" /s
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
mRun: [TouchPortalV3Launcher] C:\Program Files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe na
mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {3437D640-C91A-458f-89F5-B9095EA4C28B} - {04F93351-81D2-4484-9982-0D55DEFFFAE6} - c:\Program Files (x86)\PicLensIE\cooliris.dll
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{E15D9815-1B45-4FD2-B5E5-22FF1672886B} : DhcpNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
c:\Program Files (x86)\PicLensIE\cooliris.dll
BHO-X64: Cooliris Plug-In for Internet Explorer - No File
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [YouCam Mirage] "C:\Program Files (x86)\Acer\Acer TouchPortal\YouCam\YCMMirage.exe"
mRun-x64: [YouCam Tray] "C:\Program Files (x86)\Acer\Acer TouchPortal\YouCam\YouCamTray.exe" /s
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun-x64: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
mRun-x64: [TouchPortalV3Launcher] C:\Program Files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe na
mRun-x64: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-8-25 44808]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-25 13336]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-25 655944]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-7-25 1326176]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-8-25 2656280]
R2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe [2011-10-25 76320]
R3 AVerIT13x;AVerMedia A373 MiniCard Dual DVB-T;C:\Windows\system32\Drivers\AVerIT13x_x64.sys --> C:\Windows\system32\Drivers\AVerIT13x_x64.sys [?]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]
R3 ITECIRfilter;ITECIR Filter Driver;C:\Windows\system32\DRIVERS\ITECIRfilter.sys --> C:\Windows\system32\DRIVERS\ITECIRfilter.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-6-17 166576]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;C:\Windows\system32\DRIVERS\ViaHub3.sys --> C:\Windows\system32\DRIVERS\ViaHub3.sys [?]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;C:\Windows\system32\DRIVERS\xhcdrv.sys --> C:\Windows\system32\DRIVERS\xhcdrv.sys [?]
S2 CLKMSVC10_34E30CCC;CyberLink Product - 2012/08/25 09:19:15;C:\Program Files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe [2011-7-21 240112]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-7-25 681056]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-08-31 07:42:44 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{443C2D2C-5DFF-40B5-9B78-3343ADA6172C}\mpengine.dll
2012-08-30 11:28:46 -------- d-----w- C:\Program Files (x86)\Panda Security
2012-08-26 19:36:53 -------- d-----w- C:\Users\Parkinsons\AppData\Local\Secunia PSI
2012-08-26 19:36:47 -------- d-----w- C:\Program Files (x86)\Secunia
2012-08-26 18:56:32 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-08-26 18:56:32 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-08-26 12:03:39 -------- d-----w- C:\Users\Parkinsons\AppData\Local\VS Revo Group
2012-08-26 12:03:36 -------- d-----w- C:\Program Files\VS Revo Group
2012-08-25 22:39:06 -------- d-----w- C:\Users\Parkinsons\AppData\Local\Microsoft Games
2012-08-25 20:35:17 -------- d-----w- C:\Users\Parkinsons\AppData\Roaming\Fingertapps
2012-08-25 18:35:04 -------- d-----w- C:\Users\Parkinsons\AppData\Roaming\Acer
2012-08-25 18:35:03 -------- d-----w- C:\Users\Parkinsons\AppData\Roaming\TouchBrowser
2012-08-25 18:11:15 -------- d-----w- C:\Users\Parkinsons\AppData\Local\EgisTec
2012-08-25 18:01:57 -------- d-----w- C:\Users\Parkinsons\AppData\Local\Cyberlink
2012-08-25 18:01:48 -------- d-----w- C:\Users\Parkinsons\AppData\Roaming\clear.fi
2012-08-25 17:43:36 -------- d-----w- C:\Users\Parkinsons\AppData\Local\Evernote
2012-08-25 16:52:43 -------- d-----w- C:\Windows\NAPP_Dism_Log
2012-08-25 16:23:33 -------- d---a-w- C:\Dolby PCEE4
2012-08-25 16:23:02 -------- d-----w- C:\Program Files (x86)\Dolby Home Theater v4
2012-08-25 16:21:17 70248 ----a-w- C:\Windows\System32\TPScrsaver.scr
2012-08-25 16:21:16 -------- d-----w- C:\Program Files (x86)\PicLensIE
2012-08-25 16:19:43 -------- d-----w- C:\Program Files (x86)\Fooz Kids
2012-08-25 16:18:51 -------- d-----w- C:\ProgramData\CLSK
2012-08-25 16:18:18 -------- d-----w- C:\ProgramData\install_clap
2012-08-25 16:13:33 -------- d-----w- C:\ProgramData\Evernote
2012-08-25 16:13:13 -------- d-----w- C:\Program Files (x86)\Microsoft
2012-08-25 16:12:39 -------- d-----w- C:\ProgramData\Fingertapps
2012-08-25 16:12:39 -------- d-----w- C:\Program Files (x86)\Fingertapps
2012-08-25 16:08:59 728680 ----a-w- C:\Windows\System32\DTSBassEnhancementDLL64.dll
2012-08-25 16:07:36 69736 ----a-w- C:\Windows\System32\drivers\itecir.sys
2012-08-25 16:07:36 28264 ----a-w- C:\Windows\System32\drivers\ITECIRfilter.sys
2012-08-25 16:07:36 -------- d-----w- C:\Program Files (x86)\ITE
2012-08-25 16:05:23 -------- d-----w- C:\VIA_XHCI
2012-08-25 16:05:00 230400 ----a-w- C:\Windows\System32\drivers\xhcdrv.sys
2012-08-25 16:05:00 176640 ----a-w- C:\Windows\System32\drivers\ViaHub3.sys
2012-08-25 16:05:00 1721576 ----a-w- C:\Windows\System32\drivers\WdfCoInstaller01009.dll
2012-08-25 16:05:00 -------- d-----w- C:\Program Files (x86)\VIA
2012-08-25 16:03:16 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2012-08-25 16:03:16 553576 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2012-08-25 16:03:16 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2012-08-25 16:03:13 -------- d-----w- C:\Program Files (x86)\Realtek
2012-08-25 16:02:36 -------- d-----w- C:\ProgramData\AmUStor
2012-08-25 16:02:36 -------- d-----w- C:\Program Files (x86)\AmIcoSingLun
2012-08-25 15:58:48 -------- d--ha-w- C:\book
2012-08-25 15:55:43 -------- d-----w- C:\Program Files\Common Files\Intel
2012-08-25 15:55:43 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2012-08-25 11:12:18 -------- d-----w- C:\ProgramData\Macrium
2012-08-25 09:40:35 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-08-25 09:36:48 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2012-08-25 09:36:26 -------- d-----w- C:\Windows\SysWow64\Wat
2012-08-25 09:36:26 -------- d-----w- C:\Windows\System32\Wat
2012-08-25 09:25:15 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2012-08-25 09:24:58 -------- d-----w- C:\Users\Parkinsons\AppData\Local\Adobe
2012-08-25 09:22:49 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-08-25 09:22:49 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-08-25 09:22:49 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-08-25 09:22:49 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-08-25 09:22:49 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-25 09:22:49 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-25 09:22:49 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-08-25 09:19:19 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-08-25 09:19:19 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-08-25 09:19:19 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-08-25 09:19:18 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2012-08-25 09:19:18 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2012-08-25 09:19:18 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-08-25 09:17:10 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-08-25 09:17:10 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-08-25 09:17:10 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-08-25 09:17:10 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-08-25 09:17:09 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-08-25 09:17:04 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-08-25 09:17:04 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-08-25 09:12:47 -------- d-----r- C:\Sandbox
2012-08-25 09:07:53 -------- d-----w- C:\ProgramData\clear.fi
2012-08-25 09:05:37 -------- d-----w- C:\Users\Parkinsons\AppData\Local\Cooliris
2012-08-25 09:05:28 -------- d-----w- C:\Program Files\CCleaner
2012-08-25 09:05:00 -------- d-----w- C:\Users\Parkinsons\AppData\Roaming\Malwarebytes
2012-08-25 09:04:57 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-08-25 09:04:57 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-25 09:04:57 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-25 09:01:26 -------- d-----w- C:\Program Files\Sandboxie
2012-08-25 08:54:50 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-08-25 08:54:50 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-08-25 08:54:50 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-08-25 08:54:40 41224 ----a-w- C:\Windows\avastSS.scr
2012-08-25 08:54:31 -------- d-----w- C:\ProgramData\AVAST Software
2012-08-25 08:54:31 -------- d-----w- C:\Program Files\AVAST Software
2012-08-25 08:54:01 -------- d-----w- C:\Users\Parkinsons\AppData\Local\EgisTec IPS
2012-08-25 08:50:53 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-08-25 08:50:52 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-08-25 08:50:52 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-08-25 08:49:02 -------- d-----w- C:\Users\Parkinsons\AppData\Roaming\TouchPortalV3
2012-08-25 08:48:10 -------- d-----w- C:\Users\Parkinsons\AppData\Roaming\OEM
2012-08-25 08:48:08 -------- d-----w- C:\Users\Parkinsons\AppData\Roaming\TouchGadget
2012-08-25 08:47:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-08-25 08:47:26 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-08-25 08:47:19 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-08-25 08:47:19 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-08-25 08:43:14 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2012-08-26 19:39:05 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll
2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-25 15:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
.
============= FINISH: 19:54:39.44 ===============
"Only two things are infinite:The Universe and human stupidity. And I am not so sure about the former."-Einstein

#5 pollyparrot

pollyparrot
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:02:08 AM

Posted 01 September 2012 - 02:03 PM

GMER Logs(wouldnt do system services)

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-09-01 20:02:19
Windows 6.1.7601 Service Pack 1
Running: gmer.exe


---- Files - GMER 1.0.15 ----

File C:\Program Files (x86)\Secunia\PSI\SUA\running 0 bytes

---- EOF - GMER 1.0.15 ----
"Only two things are infinite:The Universe and human stupidity. And I am not so sure about the former."-Einstein

#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:08 PM

Posted 04 September 2012 - 09:46 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
    • DDS.scr <- not recommended if you use Chrome to download this .scr file. Use the other options.
    • DDS.pif
    • DDS.COM
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
Please note: You may have to disable any script protection running if the scan fails to run.

Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.
===

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html


Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Third party programs if not up to date can be the cause infiltration of an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

Please post the logs for my review.

#7 pollyparrot

pollyparrot
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:02:08 AM

Posted 05 September 2012 - 03:16 AM

Thank you Nasdaq for helping me.

Here is the DDS log

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Parkinsons at 9:10:59 on 2012-09-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4040.1866 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\OEM\USBDECTION\USBS3S4Detection.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\ITE\ITE Infrared Transceiver\CIRAP.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\VIA_XHCI\usb3Monitor.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe
C:\Program Files (x86)\Acer\Acer TouchPortal\THIDTray.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
C:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\Sandboxie\32\SbieSvc.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\Sandboxie\SandboxieCrypto.exe
C:\Program Files (x86)\Acer\Acer TouchPortal\TouchPortal.exe
C:\Program Files (x86)\Acer\Acer TouchPortal\WidgetWindow.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uDefault_Page_URL = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Cooliris Plug-In for Internet Explorer: {eaee5c74-6d0d-4aca-9232-0da4a7b866ba} - c:\Program Files (x86)\PicLensIE\cooliris.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
mRun: [TouchPortalV3Launcher] C:\Program Files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe na
mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {3437D640-C91A-458f-89F5-B9095EA4C28B} - {04F93351-81D2-4484-9982-0D55DEFFFAE6} - c:\Program Files (x86)\PicLensIE\cooliris.dll
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{E15D9815-1B45-4FD2-B5E5-22FF1672886B} : DhcpNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
c:\Program Files (x86)\PicLensIE\cooliris.dll
BHO-X64: Cooliris Plug-In for Internet Explorer - No File
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun-x64: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
mRun-x64: [TouchPortalV3Launcher] C:\Program Files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe na
mRun-x64: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-8-25 44808]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-25 13336]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-25 655944]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-7-25 1326176]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-8-25 2656280]
R2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe [2011-10-25 76320]
R3 AVerIT13x;AVerMedia A373 MiniCard Dual DVB-T;C:\Windows\system32\Drivers\AVerIT13x_x64.sys --> C:\Windows\system32\Drivers\AVerIT13x_x64.sys [?]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]
R3 ITECIRfilter;ITECIR Filter Driver;C:\Windows\system32\DRIVERS\ITECIRfilter.sys --> C:\Windows\system32\DRIVERS\ITECIRfilter.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-6-17 166576]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;C:\Windows\system32\DRIVERS\ViaHub3.sys --> C:\Windows\system32\DRIVERS\ViaHub3.sys [?]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;C:\Windows\system32\DRIVERS\xhcdrv.sys --> C:\Windows\system32\DRIVERS\xhcdrv.sys [?]
S2 CLKMSVC10_34E30CCC;CyberLink Product - 2012/08/25 09:19:15;C:\Program Files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe [2011-7-21 240112]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-7-25 681056]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-09-05 08:02:41 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0DBD36BC-4C9D-44EE-9C22-2F720A541EE3}\mpengine.dll
2012-09-02 12:46:48 2295920 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-09-02 12:46:37 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-09-02 12:46:28 710992 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-09-02 12:38:03 31216 ----a-w- C:\Windows\System32\drivers\clwvd.sys
2012-08-30 11:28:46 -------- d-----w- C:\Program Files (x86)\Panda Security
2012-08-26 19:36:53 -------- d-----w- C:\Users\Parkinsons\AppData\Local\Secunia PSI
2012-08-26 19:36:47 -------- d-----w- C:\Program Files (x86)\Secunia
2012-08-26 18:56:32 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-08-26 18:56:32 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-08-26 12:03:39 -------- d-----w- C:\Users\Parkinsons\AppData\Local\VS Revo Group
2012-08-26 12:03:36 -------- d-----w- C:\Program Files\VS Revo Group
2012-08-25 22:39:06 -------- d-----w- C:\Users\Parkinsons\AppData\Local\Microsoft Games
2012-08-25 20:35:17 -------- d-----w- C:\Users\Parkinsons\AppData\Roaming\Fingertapps
2012-08-25 18:35:04 -------- d-----w- C:\Users\Parkinsons\AppData\Roaming\Acer
2012-08-25 18:35:03 -------- d-----w- C:\Users\Parkinsons\AppData\Roaming\TouchBrowser
2012-08-25 18:11:15 -------- d-----w- C:\Users\Parkinsons\AppData\Local\EgisTec
2012-08-25 18:01:57 -------- d-----w- C:\Users\Parkinsons\AppData\Local\Cyberlink
2012-08-25 18:01:48 -------- d-----w- C:\Users\Parkinsons\AppData\Roaming\clear.fi
2012-08-25 17:43:36 -------- d-----w- C:\Users\Parkinsons\AppData\Local\Evernote
2012-08-25 16:52:43 -------- d-----w- C:\Windows\NAPP_Dism_Log
2012-08-25 16:23:33 -------- d---a-w- C:\Dolby PCEE4
2012-08-25 16:23:02 -------- d-----w- C:\Program Files (x86)\Dolby Home Theater v4
2012-08-25 16:21:17 70248 ----a-w- C:\Windows\System32\TPScrsaver.scr
2012-08-25 16:21:16 -------- d-----w- C:\Program Files (x86)\PicLensIE
2012-08-25 16:19:43 -------- d-----w- C:\Program Files (x86)\Fooz Kids
2012-08-25 16:18:51 -------- d-----w- C:\ProgramData\CLSK
2012-08-25 16:18:18 -------- d-----w- C:\ProgramData\install_clap
2012-08-25 16:13:33 -------- d-----w- C:\ProgramData\Evernote
2012-08-25 16:13:13 -------- d-----w- C:\Program Files (x86)\Microsoft
2012-08-25 16:12:39 -------- d-----w- C:\ProgramData\Fingertapps
2012-08-25 16:12:39 -------- d-----w- C:\Program Files (x86)\Fingertapps
2012-08-25 16:08:59 728680 ----a-w- C:\Windows\System32\DTSBassEnhancementDLL64.dll
2012-08-25 16:07:36 69736 ----a-w- C:\Windows\System32\drivers\itecir.sys
2012-08-25 16:07:36 28264 ----a-w- C:\Windows\System32\drivers\ITECIRfilter.sys
2012-08-25 16:07:36 -------- d-----w- C:\Program Files (x86)\ITE
2012-08-25 16:05:23 -------- d-----w- C:\VIA_XHCI
2012-08-25 16:05:00 230400 ----a-w- C:\Windows\System32\drivers\xhcdrv.sys
2012-08-25 16:05:00 176640 ----a-w- C:\Windows\System32\drivers\ViaHub3.sys
2012-08-25 16:05:00 1721576 ----a-w- C:\Windows\System32\drivers\WdfCoInstaller01009.dll
2012-08-25 16:05:00 -------- d-----w- C:\Program Files (x86)\VIA
2012-08-25 16:03:16 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2012-08-25 16:03:16 553576 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2012-08-25 16:03:16 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2012-08-25 16:03:13 -------- d-----w- C:\Program Files (x86)\Realtek
2012-08-25 16:02:36 -------- d-----w- C:\ProgramData\AmUStor
2012-08-25 16:02:36 -------- d-----w- C:\Program Files (x86)\AmIcoSingLun
2012-08-25 15:58:48 -------- d--ha-w- C:\book
2012-08-25 15:55:43 -------- d-----w- C:\Program Files\Common Files\Intel
2012-08-25 15:55:43 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2012-08-25 11:12:18 -------- d-----w- C:\ProgramData\Macrium
2012-08-25 09:40:35 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-08-25 09:36:48 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2012-08-25 09:36:26 -------- d-----w- C:\Windows\SysWow64\Wat
2012-08-25 09:36:26 -------- d-----w- C:\Windows\System32\Wat
2012-08-25 09:25:15 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2012-08-25 09:24:58 -------- d-----w- C:\Users\Parkinsons\AppData\Local\Adobe
2012-08-25 09:22:49 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-08-25 09:22:49 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-08-25 09:22:49 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-08-25 09:22:49 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-08-25 09:22:49 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-25 09:22:49 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-25 09:22:49 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-08-25 09:19:19 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-08-25 09:19:19 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-08-25 09:19:19 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-08-25 09:19:18 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2012-08-25 09:19:18 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2012-08-25 09:19:18 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-08-25 09:17:10 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-08-25 09:17:10 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-08-25 09:17:10 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-08-25 09:17:10 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-08-25 09:17:09 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-08-25 09:17:04 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-08-25 09:17:04 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-08-25 09:12:47 -------- d-----r- C:\Sandbox
2012-08-25 09:07:53 -------- d-----w- C:\ProgramData\clear.fi
2012-08-25 09:05:37 -------- d-----w- C:\Users\Parkinsons\AppData\Local\Cooliris
2012-08-25 09:05:28 -------- d-----w- C:\Program Files\CCleaner
2012-08-25 09:05:00 -------- d-----w- C:\Users\Parkinsons\AppData\Roaming\Malwarebytes
2012-08-25 09:04:57 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-08-25 09:04:57 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-25 09:04:57 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-25 09:01:26 -------- d-----w- C:\Program Files\Sandboxie
2012-08-25 08:54:50 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-08-25 08:54:50 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-08-25 08:54:50 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-08-25 08:54:40 41224 ----a-w- C:\Windows\avastSS.scr
2012-08-25 08:54:31 -------- d-----w- C:\ProgramData\AVAST Software
2012-08-25 08:54:31 -------- d-----w- C:\Program Files\AVAST Software
2012-08-25 08:54:01 -------- d-----w- C:\Users\Parkinsons\AppData\Local\EgisTec IPS
2012-08-25 08:50:53 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-08-25 08:50:52 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-08-25 08:50:52 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-08-25 08:49:02 -------- d-----w- C:\Users\Parkinsons\AppData\Roaming\TouchPortalV3
2012-08-25 08:48:10 -------- d-----w- C:\Users\Parkinsons\AppData\Roaming\OEM
2012-08-25 08:48:08 -------- d-----w- C:\Users\Parkinsons\AppData\Roaming\TouchGadget
2012-08-25 08:47:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-08-25 08:47:26 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-08-25 08:47:19 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-08-25 08:47:19 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-08-25 08:43:14 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2012-08-26 19:39:05 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll
2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-25 15:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll
.
============= FINISH: 9:11:19.55 ===============
"Only two things are infinite:The Universe and human stupidity. And I am not so sure about the former."-Einstein

#8 pollyparrot

pollyparrot
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:02:08 AM

Posted 05 September 2012 - 03:50 AM

Combofix log

ComboFix 12-09-04.03 - Parkinsons 05/09/2012 9:26.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4040.2078 [GMT 1:00]
Running from: c:\users\Parkinsons\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\pt
c:\windows\SysWow64\pt\Lagoon.resources.dll
D:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-08-05 to 2012-09-05 )))))))))))))))))))))))))))))))
.
.
2012-09-05 08:29 . 2012-09-05 08:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-05 08:02 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0DBD36BC-4C9D-44EE-9C22-2F720A541EE3}\mpengine.dll
2012-09-02 12:46 . 2012-09-02 12:46 2295920 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-09-02 12:46 . 2012-09-02 12:46 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-09-02 12:46 . 2012-09-02 12:46 710992 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-09-02 12:38 . 2011-04-14 03:47 31216 ----a-w- c:\windows\system32\drivers\clwvd.sys
2012-08-30 11:28 . 2012-08-30 12:16 -------- d-----w- c:\program files (x86)\Panda Security
2012-08-26 19:36 . 2012-08-26 19:36 -------- d-----w- c:\program files (x86)\Secunia
2012-08-26 18:56 . 2012-08-26 18:56 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-08-26 18:56 . 2012-08-26 18:56 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-26 12:03 . 2012-08-26 12:03 -------- d-----w- c:\program files\VS Revo Group
2012-08-25 16:52 . 2012-08-25 16:52 -------- d-----w- c:\windows\NAPP_Dism_Log
2012-08-25 16:28 . 2012-08-25 16:28 -------- d-----w- c:\users\Public\OEM
2012-08-25 16:23 . 2012-08-25 16:23 -------- d---a-w- C:\Dolby PCEE4
2012-08-25 16:23 . 2012-08-25 16:23 -------- d-----w- c:\program files (x86)\Dolby Home Theater v4
2012-08-25 16:21 . 2011-04-07 17:12 70248 ----a-w- c:\windows\system32\TPScrsaver.scr
2012-08-25 16:21 . 2012-08-25 16:21 -------- d-----w- c:\program files (x86)\PicLensIE
2012-08-25 16:19 . 2012-08-25 18:30 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2012-08-25 16:19 . 2012-08-26 12:11 -------- d-----w- c:\program files (x86)\Fooz Kids
2012-08-25 16:18 . 2012-08-25 16:19 -------- d-----w- c:\programdata\CLSK
2012-08-25 16:18 . 2012-09-02 12:33 -------- d-----w- c:\programdata\install_clap
2012-08-25 16:18 . 2012-09-02 12:27 -------- d-----w- c:\programdata\CyberLink
2012-08-25 16:13 . 2012-08-25 16:13 -------- d-----w- c:\programdata\Evernote
2012-08-25 16:13 . 2012-08-25 08:50 -------- d-----w- c:\program files (x86)\Microsoft
2012-08-25 16:12 . 2012-08-25 16:13 -------- d-----w- c:\program files (x86)\Fingertapps
2012-08-25 16:12 . 2012-08-25 16:13 -------- d-----w- c:\programdata\Fingertapps
2012-08-25 16:08 . 2011-05-31 01:42 728680 ----a-w- c:\windows\system32\DTSBassEnhancementDLL64.dll
2012-08-25 16:07 . 2012-08-25 16:07 -------- d-----w- c:\program files (x86)\ITE
2012-08-25 16:07 . 2011-03-22 22:27 28264 ----a-w- c:\windows\system32\drivers\ITECIRfilter.sys
2012-08-25 16:07 . 2010-07-14 00:57 69736 ----a-w- c:\windows\system32\drivers\itecir.sys
2012-08-25 16:05 . 2012-08-25 16:05 -------- d-----w- C:\VIA_XHCI
2012-08-25 16:05 . 2012-08-25 16:05 -------- d-----w- c:\program files (x86)\VIA
2012-08-25 16:05 . 2011-05-21 12:28 176640 ----a-w- c:\windows\system32\drivers\ViaHub3.sys
2012-08-25 16:05 . 2011-05-21 12:28 230400 ----a-w- c:\windows\system32\drivers\xhcdrv.sys
2012-08-25 16:05 . 2009-07-14 06:21 1721576 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01009.dll
2012-08-25 16:04 . 2012-08-25 16:08 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2012-08-25 16:03 . 2011-08-11 06:42 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-08-25 16:03 . 2011-08-11 06:42 553576 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2012-08-25 16:03 . 2011-08-11 06:42 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2012-08-25 16:03 . 2012-08-25 16:08 -------- d-----w- c:\program files (x86)\Realtek
2012-08-25 16:02 . 2012-08-25 16:02 -------- d-----w- c:\programdata\AmUStor
2012-08-25 16:02 . 2012-08-25 16:02 -------- d-----w- c:\program files (x86)\AmIcoSingLun
2012-08-25 15:58 . 2012-08-25 15:58 -------- d---a-w- C:\book
2012-08-25 15:58 . 2012-08-25 15:58 -------- d-----w- c:\programdata\Intel
2012-08-25 15:55 . 2012-08-25 15:55 -------- d-----w- c:\program files\Common Files\Intel
2012-08-25 15:55 . 2012-08-25 15:55 -------- d-----w- c:\program files (x86)\Common Files\Intel
2012-08-25 11:12 . 2012-08-25 11:12 -------- d-----w- c:\programdata\Macrium
2012-08-25 09:36 . 2012-08-26 19:38 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-08-25 09:36 . 2012-08-25 09:36 -------- d-----w- c:\windows\SysWow64\Wat
2012-08-25 09:36 . 2012-08-25 09:36 -------- d-----w- c:\windows\system32\Wat
2012-08-25 09:28 . 2012-08-25 09:28 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-08-25 09:25 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-08-25 09:22 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-08-25 09:22 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-08-25 09:22 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-08-25 09:22 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-08-25 09:22 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-25 09:22 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-08-25 09:22 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-08-25 09:19 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-08-25 09:19 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-08-25 09:19 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-08-25 09:19 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-08-25 09:19 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-08-25 09:19 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2012-08-25 09:19 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-08-25 09:17 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-08-25 09:17 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-08-25 09:17 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-08-25 09:17 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-08-25 09:17 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-08-25 09:17 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-08-25 09:17 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-08-25 09:12 . 2012-08-25 09:12 -------- d-----r- C:\Sandbox
2012-08-25 09:07 . 2012-09-05 08:00 -------- d-----w- c:\programdata\clear.fi
2012-08-25 09:05 . 2012-08-25 09:05 -------- d-----w- c:\program files\CCleaner
2012-08-25 09:04 . 2012-08-25 09:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-25 09:04 . 2012-08-25 09:04 -------- d-----w- c:\programdata\Malwarebytes
2012-08-25 09:04 . 2012-07-03 12:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-25 09:01 . 2012-08-25 09:01 -------- d-----w- c:\program files\Sandboxie
2012-08-25 08:54 . 2012-08-21 09:13 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-25 08:54 . 2012-08-21 09:13 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-25 08:54 . 2012-08-21 09:13 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-25 08:54 . 2012-08-21 09:13 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-25 08:54 . 2012-08-21 09:13 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-25 08:54 . 2012-08-21 09:13 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-25 08:54 . 2012-08-21 09:12 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-25 08:54 . 2012-08-21 09:12 41224 ----a-w- c:\windows\avastSS.scr
2012-08-25 08:54 . 2012-08-21 09:12 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-25 08:54 . 2012-08-25 08:54 -------- d-----w- c:\programdata\AVAST Software
2012-08-25 08:54 . 2012-08-25 08:54 -------- d-----w- c:\program files\AVAST Software
2012-08-25 08:50 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-08-25 08:50 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-08-25 08:50 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-08-25 08:47 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-08-25 08:47 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-08-25 08:47 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-08-25 08:47 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-08-25 08:47 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-08-25 08:47 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-08-25 08:47 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-08-25 08:47 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-08-25 08:47 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-08-25 08:44 . 2012-08-25 08:44 -------- d-----w- c:\program files\Accessory Store
2012-08-25 08:44 . 2012-09-01 18:52 -------- d-----w- c:\users\Parkinsons
2012-08-25 08:43 . 2012-08-25 08:43 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-26 19:39 . 2011-10-25 11:32 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-25 15:04 . 2012-06-25 15:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2012-06-17 694032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-31 185640]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-08-11 627304]
"TouchPortalV3Launcher"="c:\program files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe" [2011-08-24 430696]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-02-03 506712]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"YouCam Service"="c:\program files (x86)\CyberLink\YouCam\YouCamService.exe" [2012-03-23 255208]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-7-25 572000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 CLKMSVC10_34E30CCC;CyberLink Product - 2012/08/25 09:19;c:\program files (x86)\Acer\clear.fi\Movie\NavFilter\kmsvc.exe [2011-07-20 240112]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-07-25 681056]
R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-25 1255736]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-07-25 1326176]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320]
S3 AVerIT13x;AVerMedia A373 MiniCard Dual DVB-T;c:\windows\system32\Drivers\AVerIT13x_x64.sys [2011-07-11 192768]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-04-14 31216]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2010-07-14 69736]
S3 ITECIRfilter;ITECIR Filter Driver;c:\windows\system32\DRIVERS\ITECIRfilter.sys [2011-03-22 28264]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-04-19 1488448]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-11 553576]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys [2011-05-21 176640]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys [2011-05-21 230400]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - CLKMDRV10_34E30CCC
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TouchORB"="c:\program files (x86)\TouchSettings\TouchPortalOBR.exe" [2010-05-06 153416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-05-19 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-05-19 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-05-19 416024]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-01-25 330840]
"VIAxHCUtl"="c:\via_xhci\usb3Monitor.exe" [2011-07-12 331776]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-09-21 12879464]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-09-19 2278504]
"TouchPortalV3Launcher"="c:\program files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe" [2011-08-24 430696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10ze_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10ze_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10ze.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10ze.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10ze.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10ze.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"v5Licence0"="15-JEEU-FYK7-U63W-ECAG-5DYJ-PGWH6BN"
"Activated"="N"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\ITE\ITE Infrared Transceiver\CIRAP.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2012-09-05 09:32:29 - machine was rebooted
ComboFix-quarantined-files.txt 2012-09-05 08:32
.
Pre-Run: 450,621,341,696 bytes free
Post-Run: 450,212,032,512 bytes free
.
- - End Of File - - 1BBD05FC33FA2EB322F1B73261E71078
"Only two things are infinite:The Universe and human stupidity. And I am not so sure about the former."-Einstein

#9 pollyparrot

pollyparrot
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:02:08 AM

Posted 05 September 2012 - 03:55 AM

security check log

Results of screen317's Security Check version 0.99.50
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Secunia PSI (3.0.0.3001)
Malwarebytes Anti-Malware version 1.62.0.1300
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader X (10.1.4)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````


I had to disable Avast to run this as it wouldnt allow it to access files-kept getting access denied so i have re enabled avast now

Edited by pollyparrot, 05 September 2012 - 03:58 AM.

"Only two things are infinite:The Universe and human stupidity. And I am not so sure about the former."-Einstein

#10 pollyparrot

pollyparrot
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:02:08 AM

Posted 05 September 2012 - 03:56 AM

AdW log

# AdwCleaner v2.000 - Logfile created 09/05/2012 at 09:56:00
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Parkinsons - PARKINSONS-PC
# Boot Mode : Normal
# Running from : C:\Users\Parkinsons\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [530 octets] - [05/09/2012 09:56:00]

########## EOF - C:\AdwCleaner[R1].txt - [589 octets] ##########







ETA: Also since doing the above tasks, I have noticed ads have started reappearing on websites (i have an updated hosts file) is it safe to re update the host file please? I also get a prompt in IE9 that I am viewing pages over a secure connection-even when it isn't a https site.

Edited by pollyparrot, 05 September 2012 - 05:09 AM.

"Only two things are infinite:The Universe and human stupidity. And I am not so sure about the former."-Einstein

#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:08 PM

Posted 05 September 2012 - 08:01 AM

Critical vulnerabilities have been identified in Adobe Flash Player v11.3.300.264 and earlier versions... being exploited in the wild in active targeted attacks...

Get the latest Flash Player

On the top of the page you will be given an opportunity to download the version for your operating system.
Make sure you select appropriate version.

You will also have an option to install the Free! McAfee Security Scan Plus Un-check the box if you are NOT using McAfee's virus protection software.

For the users of Internet Explorer download version 11.
Flash Player 11 (64 bit)
Flash Player 11 (32 bit)
===

I have noticed ads have started reappearing on websites (i have an updated hosts file) is it safe to re update the host file please?

We have to find out where these add are being generated.

Could be in some Internet Explorer Ad-ons.
Under the Tools menu select Manage Ad-ons.

Disable any one that you do know anything about.

I know that these are bad.
Firebit
Extension version 1.29
XUL Cache 1.0
safe browsing 2.0.14


If you find an other one please let me know.
===

Click the Posted Image button. In the Search box, type Command Prompt, and then, in the list of results, double-click Command Prompt.

at the cursor type:
ipconfig /flushdns <-- (A space between g and / is needed)

repeat with
ipconfig /renew

Then hit Enter, type Exit, hit the Enter key.

You may need to run CMD - Command Prompt on Vista - Windows 7 with Elevated Privilege
http://www.mydigitallife.info/2007/02/17/how-to-open-elevated-command-prompt-with-administrator-privileges-in-windows-vista/
===

I also get a prompt in IE9 that I am viewing pages over a secure connection-even when it isn't a https site.


Check this setting:
Menu Tools > Internet Options > Advanced tab.
Under the security section.
remove the setting "Warn if changing from secure to not secure mode" is set.

Click the apply button.

Restart the computer normally.

Let me know what problem persists.

#12 pollyparrot

pollyparrot
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:02:08 AM

Posted 05 September 2012 - 08:09 AM

Thank you Nasdaq. I have updates flash player(wonder why secunia didnt pick that up?)

Ran the commands as asked and checked the internet settings.

The ads are not pop ups they are the ones on the page-after i updated the MVPS host file, these were blocked-has one of the programmes used possibly reset the host file? Shall i just do it again?

Is my computer clean? Is it likely just an avast issue(deactivating itself)?

May I uninstall combofix and the other tools?


Thank you so much for your time helping me
"Only two things are infinite:The Universe and human stupidity. And I am not so sure about the former."-Einstein

#13 nasdaq

nasdaq

  • Malware Response Team
  • 39,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:08 PM

Posted 05 September 2012 - 08:26 AM

have updates flash player(wonder why secunia didnt pick that up?)

A matter of timing. Flash is updated often.

The ads are not pop ups they are the ones on the page-after i updated the MVPS host file, these were blocked-has one of the programmes used possibly reset the host file? Shall i just do it again?

Yes not a problem.
===

There is a possibility that your Router may have been compromised.
If the pup ups continues reset it.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

How to Secure Your Wireless Router
http://www.ehow.com/how_2253625_secure-wireless-router.html

How To Set Up a Network Router
http://compnetworking.about.com/od/homenetworking/ht/routerconfigure.htm
===

When you are ready.

Time for some housekeeping

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bold text into the Run box and click OK:

ComboFix /Uninstall
===

To remove AdwCleaner.

Please double click on adwcleaner.exe to run the tool.
Click on Uninstall.
Confirm with Yes.

Delete the other tools we used.

Surf Safely, and Think Prevention!
===

#14 pollyparrot

pollyparrot
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:UK
  • Local time:02:08 AM

Posted 05 September 2012 - 08:50 AM

Thank you so much Nasdaq, I have uninstalled everything successfully and will update the hosts file now.

I will reset my router if problems persist-it was only recently I realised it was responding to pings, which I blocked.

Thanks for your help :D

Edited by pollyparrot, 05 September 2012 - 08:50 AM.

"Only two things are infinite:The Universe and human stupidity. And I am not so sure about the former."-Einstein




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users