Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

file-recovery-system.com takeover, critical system error warnings


  • Please log in to reply
28 replies to this topic

#1 527

527

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 22 September 2012 - 04:35 PM

I got another call from my Dad today. After cleaning his computer completely last month with help from BleepingComputer.com there is another problem so I went to check it out. I can't believe it.

Now on startup a fake system scan runs with many warning of I/O errors and critical hard drive problems. It tries to take you to file-recovery-system.com to buy something. Obviously it is a virus/hijack. I searched on the web for fixes and was able to use RKill.exe to at least stop the process and the warnings. I tried to install MBAM but the install failed twice, I get a permission denied warning. I tried to install after restarting in safe mode, but had the same access denied at the end of the install.

Computer is Windows 7. I am posting from my clean computer since the browser redirects on his computer make it almost impossible.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:00 PM

Posted 22 September 2012 - 04:37 PM

Boot into safemode with networking


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 22 September 2012 - 04:48 PM

TDSSKiller (running others now)


17:45:55.0084 1672 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:45:55.0359 1672 ============================================================
17:45:55.0359 1672 Current date / time: 2012/09/22 17:45:55.0359
17:45:55.0359 1672 SystemInfo:
17:45:55.0359 1672
17:45:55.0359 1672 OS Version: 6.1.7601 ServicePack: 1.0
17:45:55.0359 1672 Product type: Workstation
17:45:55.0359 1672 ComputerName: TONY-PC
17:45:55.0360 1672 UserName: Tony
17:45:55.0360 1672 Windows directory: C:\Windows
17:45:55.0360 1672 System windows directory: C:\Windows
17:45:55.0360 1672 Running under WOW64
17:45:55.0360 1672 Processor architecture: Intel x64
17:45:55.0360 1672 Number of processors: 4
17:45:55.0360 1672 Page size: 0x1000
17:45:55.0360 1672 Boot type: Safe boot with network
17:45:55.0360 1672 ============================================================
17:45:56.0207 1672 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:45:56.0228 1672 ============================================================
17:45:56.0228 1672 \Device\Harddisk0\DR0:
17:45:56.0228 1672 MBR partitions:
17:45:56.0228 1672 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:45:56.0228 1672 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3283F, BlocksNum 0x72E25FC1
17:45:56.0228 1672 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72E58800, BlocksNum 0x18AD800
17:45:56.0228 1672 ============================================================
17:45:56.0248 1672 C: <-> \Device\Harddisk0\DR0\Partition2
17:45:56.0279 1672 D: <-> \Device\Harddisk0\DR0\Partition3
17:45:56.0279 1672 ============================================================
17:45:56.0279 1672 Initialize success
17:45:56.0279 1672 ============================================================
17:46:10.0858 1880 ============================================================
17:46:10.0858 1880 Scan started
17:46:10.0858 1880 Mode: Manual; TDLFS;
17:46:10.0858 1880 ============================================================
17:46:12.0064 1880 ================ Scan system memory ========================
17:46:12.0064 1880 System memory - ok
17:46:12.0065 1880 ================ Scan services =============================
17:46:12.0178 1880 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:46:12.0180 1880 1394ohci - ok
17:46:12.0211 1880 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:46:12.0213 1880 ACPI - ok
17:46:12.0231 1880 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:46:12.0232 1880 AcpiPmi - ok
17:46:12.0330 1880 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:46:12.0332 1880 AdobeARMservice - ok
17:46:12.0407 1880 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:46:12.0409 1880 AdobeFlashPlayerUpdateSvc - ok
17:46:12.0453 1880 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:46:12.0459 1880 adp94xx - ok
17:46:12.0465 1880 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:46:12.0469 1880 adpahci - ok
17:46:12.0474 1880 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:46:12.0476 1880 adpu320 - ok
17:46:12.0492 1880 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:46:12.0493 1880 AeLookupSvc - ok
17:46:12.0538 1880 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:46:12.0541 1880 AFD - ok
17:46:12.0554 1880 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:46:12.0555 1880 agp440 - ok
17:46:12.0576 1880 [ 3327E85CADB3B65EE36016E35BCC0ADC ] ahcix64s C:\Windows\system32\DRIVERS\ahcix64s.sys
17:46:12.0577 1880 ahcix64s - ok
17:46:12.0593 1880 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:46:12.0594 1880 ALG - ok
17:46:12.0609 1880 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:46:12.0610 1880 aliide - ok
17:46:12.0639 1880 [ 2FDCB3E855076CE97CCB58E2CF8F2A09 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:46:12.0641 1880 AMD External Events Utility - ok
17:46:12.0654 1880 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:46:12.0655 1880 amdide - ok
17:46:12.0663 1880 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:46:12.0664 1880 AmdK8 - ok
17:46:12.0817 1880 [ 9920704BF815A5B42DA5264F013AAEB7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:46:12.0945 1880 amdkmdag - ok
17:46:12.0975 1880 [ 0D1055A47A8F5DC1CAA2701831293EBB ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:46:12.0978 1880 amdkmdap - ok
17:46:13.0009 1880 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:46:13.0010 1880 AmdPPM - ok
17:46:13.0031 1880 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:46:13.0032 1880 amdsata - ok
17:46:13.0044 1880 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:46:13.0046 1880 amdsbs - ok
17:46:13.0069 1880 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:46:13.0071 1880 amdxata - ok
17:46:13.0111 1880 [ B01289CC07A2E21C4EFCA722D1EFB243 ] AMD_RAIDXpert C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
17:46:13.0113 1880 AMD_RAIDXpert - ok
17:46:13.0131 1880 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:46:13.0132 1880 AppID - ok
17:46:13.0147 1880 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:46:13.0148 1880 AppIDSvc - ok
17:46:13.0185 1880 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:46:13.0186 1880 Appinfo - ok
17:46:13.0240 1880 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:46:13.0243 1880 Apple Mobile Device - ok
17:46:13.0246 1880 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:46:13.0248 1880 arc - ok
17:46:13.0251 1880 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:46:13.0252 1880 arcsas - ok
17:46:13.0262 1880 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:46:13.0263 1880 AsyncMac - ok
17:46:13.0278 1880 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:46:13.0279 1880 atapi - ok
17:46:13.0316 1880 [ 7D89B0C443F6068E5B27AA3B972069FF ] athr C:\Windows\system32\DRIVERS\athrx.sys
17:46:13.0343 1880 athr - ok
17:46:13.0497 1880 [ 9920704BF815A5B42DA5264F013AAEB7 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:46:13.0543 1880 atikmdag - ok
17:46:13.0561 1880 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
17:46:13.0562 1880 AtiPcie - ok
17:46:13.0599 1880 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:46:13.0605 1880 AudioEndpointBuilder - ok
17:46:13.0614 1880 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:46:13.0617 1880 AudioSrv - ok
17:46:13.0648 1880 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:46:13.0650 1880 AxInstSV - ok
17:46:13.0666 1880 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:46:13.0671 1880 b06bdrv - ok
17:46:13.0692 1880 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:46:13.0695 1880 b57nd60a - ok
17:46:13.0711 1880 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:46:13.0713 1880 BDESVC - ok
17:46:13.0721 1880 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:46:13.0721 1880 Beep - ok
17:46:13.0739 1880 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:46:13.0745 1880 BFE - ok
17:46:13.0767 1880 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:46:13.0769 1880 blbdrive - ok
17:46:13.0836 1880 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:46:13.0841 1880 Bonjour Service - ok
17:46:13.0866 1880 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:46:13.0868 1880 bowser - ok
17:46:13.0882 1880 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:46:13.0883 1880 BrFiltLo - ok
17:46:13.0898 1880 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:46:13.0898 1880 BrFiltUp - ok
17:46:13.0922 1880 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:46:13.0923 1880 Browser - ok
17:46:13.0937 1880 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\system32\DRIVERS\BrSerId.sys
17:46:13.0941 1880 Brserid - ok
17:46:13.0954 1880 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:46:13.0956 1880 BrSerWdm - ok
17:46:13.0969 1880 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:46:13.0970 1880 BrUsbMdm - ok
17:46:13.0982 1880 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
17:46:13.0983 1880 BrUsbSer - ok
17:46:13.0998 1880 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:46:13.0999 1880 BTHMODEM - ok
17:46:14.0025 1880 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:46:14.0027 1880 bthserv - ok
17:46:14.0043 1880 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:46:14.0044 1880 cdfs - ok
17:46:14.0064 1880 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
17:46:14.0065 1880 cdrom - ok
17:46:14.0088 1880 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:46:14.0090 1880 CertPropSvc - ok
17:46:14.0099 1880 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:46:14.0100 1880 circlass - ok
17:46:14.0120 1880 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:46:14.0124 1880 CLFS - ok
17:46:14.0174 1880 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:46:14.0177 1880 clr_optimization_v2.0.50727_32 - ok
17:46:14.0215 1880 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:46:14.0218 1880 clr_optimization_v2.0.50727_64 - ok
17:46:14.0279 1880 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:46:14.0291 1880 clr_optimization_v4.0.30319_32 - ok
17:46:14.0316 1880 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:46:14.0320 1880 clr_optimization_v4.0.30319_64 - ok
17:46:14.0337 1880 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:46:14.0338 1880 CmBatt - ok
17:46:14.0359 1880 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:46:14.0368 1880 cmdide - ok
17:46:14.0404 1880 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:46:14.0408 1880 CNG - ok
17:46:14.0418 1880 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:46:14.0418 1880 Compbatt - ok
17:46:14.0434 1880 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:46:14.0435 1880 CompositeBus - ok
17:46:14.0438 1880 COMSysApp - ok
17:46:14.0441 1880 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:46:14.0442 1880 crcdisk - ok
17:46:14.0473 1880 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:46:14.0475 1880 CryptSvc - ok
17:46:14.0507 1880 [ 1CA90212A99DB6975C344826D11055C9 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
17:46:14.0508 1880 dc3d - ok
17:46:14.0534 1880 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:46:14.0576 1880 DcomLaunch - ok
17:46:14.0614 1880 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:46:14.0617 1880 defragsvc - ok
17:46:14.0640 1880 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:46:14.0641 1880 DfsC - ok
17:46:14.0668 1880 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:46:14.0671 1880 Dhcp - ok
17:46:14.0688 1880 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:46:14.0689 1880 discache - ok
17:46:14.0718 1880 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:46:14.0719 1880 Disk - ok
17:46:14.0749 1880 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:46:14.0751 1880 Dnscache - ok
17:46:14.0778 1880 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:46:14.0781 1880 dot3svc - ok
17:46:14.0824 1880 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
17:46:14.0827 1880 Dot4 - ok
17:46:14.0876 1880 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
17:46:14.0877 1880 Dot4Print - ok
17:46:14.0899 1880 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
17:46:14.0900 1880 dot4usb - ok
17:46:14.0928 1880 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:46:14.0930 1880 DPS - ok
17:46:14.0957 1880 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:46:14.0958 1880 drmkaud - ok
17:46:14.0987 1880 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:46:14.0996 1880 DXGKrnl - ok
17:46:15.0023 1880 [ BBD683974D4BF2B9E2D8638CF503ACD8 ] eac_notifysvc C:\PROGRA~2\EACCEL~1\FRAMEW~1\eac_svc.exe
17:46:15.0025 1880 eac_notifysvc - ok
17:46:15.0034 1880 [ 44BCE248CA00DAC64BC1CE25ADF18ACA ] eac_productsvc C:\PROGRA~2\EACCEL~1\FRAMEW~1\eac_productsvc.exe
17:46:15.0037 1880 eac_productsvc - ok
17:46:15.0063 1880 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:46:15.0065 1880 EapHost - ok
17:46:15.0115 1880 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:46:15.0167 1880 ebdrv - ok
17:46:15.0185 1880 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:46:15.0186 1880 EFS - ok
17:46:15.0227 1880 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:46:15.0234 1880 ehRecvr - ok
17:46:15.0262 1880 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:46:15.0264 1880 ehSched - ok
17:46:15.0287 1880 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:46:15.0293 1880 elxstor - ok
17:46:15.0304 1880 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:46:15.0306 1880 ErrDev - ok
17:46:15.0331 1880 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:46:15.0334 1880 EventSystem - ok
17:46:15.0338 1880 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:46:15.0341 1880 exfat - ok
17:46:15.0353 1880 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:46:15.0354 1880 fastfat - ok
17:46:15.0382 1880 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:46:15.0389 1880 Fax - ok
17:46:15.0392 1880 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:46:15.0393 1880 fdc - ok
17:46:15.0405 1880 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:46:15.0406 1880 fdPHost - ok
17:46:15.0421 1880 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:46:15.0422 1880 FDResPub - ok
17:46:15.0427 1880 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:46:15.0429 1880 FileInfo - ok
17:46:15.0437 1880 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:46:15.0438 1880 Filetrace - ok
17:46:15.0441 1880 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:46:15.0441 1880 flpydisk - ok
17:46:15.0468 1880 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:46:15.0470 1880 FltMgr - ok
17:46:15.0503 1880 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:46:15.0521 1880 FontCache - ok
17:46:15.0559 1880 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:46:15.0561 1880 FontCache3.0.0.0 - ok
17:46:15.0569 1880 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:46:15.0570 1880 FsDepends - ok
17:46:15.0591 1880 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:46:15.0592 1880 Fs_Rec - ok
17:46:15.0607 1880 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:46:15.0609 1880 fvevol - ok
17:46:15.0621 1880 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:46:15.0623 1880 gagp30kx - ok
17:46:15.0664 1880 [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
17:46:15.0668 1880 GameConsoleService - ok
17:46:15.0699 1880 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:46:15.0699 1880 GEARAspiWDM - ok
17:46:15.0730 1880 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:46:15.0738 1880 gpsvc - ok
17:46:15.0807 1880 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:46:15.0809 1880 gupdate - ok
17:46:15.0828 1880 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:46:15.0828 1880 gupdatem - ok
17:46:15.0840 1880 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:46:15.0841 1880 hcw85cir - ok
17:46:15.0877 1880 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:46:15.0879 1880 HDAudBus - ok
17:46:15.0892 1880 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:46:15.0893 1880 HidBatt - ok
17:46:15.0901 1880 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:46:15.0903 1880 HidBth - ok
17:46:15.0911 1880 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:46:15.0913 1880 HidIr - ok
17:46:15.0922 1880 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:46:15.0924 1880 hidserv - ok
17:46:15.0938 1880 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
17:46:15.0939 1880 HidUsb - ok
17:46:15.0963 1880 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:46:15.0966 1880 hkmsvc - ok
17:46:15.0982 1880 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:46:15.0985 1880 HomeGroupListener - ok
17:46:15.0998 1880 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:46:16.0001 1880 HomeGroupProvider - ok
17:46:16.0051 1880 [ 58C91CCA61A948DC6E789C93C05A1D6F ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
17:46:16.0053 1880 HP Health Check Service - ok
17:46:16.0133 1880 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:46:16.0148 1880 hpqcxs08 - ok
17:46:16.0162 1880 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:46:16.0164 1880 hpqddsvc - ok
17:46:16.0212 1880 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:46:16.0215 1880 hpqwmiex - ok
17:46:16.0240 1880 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:46:16.0242 1880 HpSAMD - ok
17:46:16.0273 1880 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:46:16.0277 1880 HTTP - ok
17:46:16.0288 1880 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:46:16.0289 1880 hwpolicy - ok
17:46:16.0313 1880 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:46:16.0314 1880 i8042prt - ok
17:46:16.0345 1880 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:46:16.0350 1880 iaStorV - ok
17:46:16.0381 1880 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
17:46:16.0383 1880 IDriverT - ok
17:46:16.0413 1880 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:46:16.0422 1880 idsvc - ok
17:46:16.0461 1880 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:46:16.0463 1880 iirsp - ok
17:46:16.0492 1880 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:46:16.0500 1880 IKEEXT - ok
17:46:16.0559 1880 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:46:16.0610 1880 IntcAzAudAddService - ok
17:46:16.0631 1880 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:46:16.0631 1880 intelide - ok
17:46:16.0662 1880 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:46:16.0663 1880 intelppm - ok
17:46:16.0677 1880 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:46:16.0679 1880 IPBusEnum - ok
17:46:16.0688 1880 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:46:16.0688 1880 IpFilterDriver - ok
17:46:16.0701 1880 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:46:16.0703 1880 IPMIDRV - ok
17:46:16.0716 1880 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:46:16.0717 1880 IPNAT - ok
17:46:16.0786 1880 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:46:16.0796 1880 iPod Service - ok
17:46:16.0810 1880 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:46:16.0811 1880 IRENUM - ok
17:46:16.0827 1880 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:46:16.0827 1880 isapnp - ok
17:46:16.0846 1880 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:46:16.0850 1880 iScsiPrt - ok
17:46:16.0872 1880 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
17:46:16.0873 1880 kbdclass - ok
17:46:16.0912 1880 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:46:16.0913 1880 kbdhid - ok
17:46:16.0925 1880 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:46:16.0926 1880 KeyIso - ok
17:46:16.0947 1880 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:46:16.0947 1880 KSecDD - ok
17:46:16.0967 1880 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:46:16.0970 1880 KSecPkg - ok
17:46:16.0982 1880 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:46:16.0983 1880 ksthunk - ok
17:46:17.0003 1880 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:46:17.0007 1880 KtmRm - ok
17:46:17.0023 1880 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:46:17.0026 1880 LanmanServer - ok
17:46:17.0034 1880 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:46:17.0036 1880 LanmanWorkstation - ok
17:46:17.0076 1880 [ 108333981C841EB0FF198AA5DFCF3D3B ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:46:17.0078 1880 LightScribeService - ok
17:46:17.0096 1880 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:46:17.0098 1880 lltdio - ok
17:46:17.0135 1880 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:46:17.0139 1880 lltdsvc - ok
17:46:17.0146 1880 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:46:17.0147 1880 lmhosts - ok
17:46:17.0170 1880 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:46:17.0172 1880 LSI_FC - ok
17:46:17.0180 1880 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:46:17.0182 1880 LSI_SAS - ok
17:46:17.0185 1880 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:46:17.0186 1880 LSI_SAS2 - ok
17:46:17.0191 1880 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:46:17.0199 1880 LSI_SCSI - ok
17:46:17.0214 1880 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:46:17.0216 1880 luafv - ok
17:46:17.0238 1880 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:46:17.0241 1880 Mcx2Svc - ok
17:46:17.0252 1880 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:46:17.0253 1880 megasas - ok
17:46:17.0265 1880 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:46:17.0268 1880 MegaSR - ok
17:46:17.0314 1880 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
17:46:17.0316 1880 Microsoft Office Groove Audit Service - ok
17:46:17.0330 1880 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:46:17.0332 1880 MMCSS - ok
17:46:17.0342 1880 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:46:17.0343 1880 Modem - ok
17:46:17.0350 1880 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:46:17.0352 1880 monitor - ok
17:46:17.0368 1880 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
17:46:17.0369 1880 mouclass - ok
17:46:17.0389 1880 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:46:17.0389 1880 mouhid - ok
17:46:17.0406 1880 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:46:17.0407 1880 mountmgr - ok
17:46:17.0446 1880 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:46:17.0454 1880 MozillaMaintenance - ok
17:46:17.0477 1880 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:46:17.0479 1880 mpio - ok
17:46:17.0492 1880 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:46:17.0494 1880 mpsdrv - ok
17:46:17.0533 1880 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:46:17.0541 1880 MpsSvc - ok
17:46:17.0558 1880 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:46:17.0558 1880 MRxDAV - ok
17:46:17.0592 1880 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:46:17.0593 1880 mrxsmb - ok
17:46:17.0622 1880 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:46:17.0625 1880 mrxsmb10 - ok
17:46:17.0640 1880 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:46:17.0641 1880 mrxsmb20 - ok
17:46:17.0661 1880 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:46:17.0662 1880 msahci - ok
17:46:17.0678 1880 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:46:17.0680 1880 msdsm - ok
17:46:17.0691 1880 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:46:17.0693 1880 MSDTC - ok
17:46:17.0705 1880 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:46:17.0706 1880 Msfs - ok
17:46:17.0721 1880 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:46:17.0722 1880 mshidkmdf - ok
17:46:17.0736 1880 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:46:17.0737 1880 msisadrv - ok
17:46:17.0756 1880 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:46:17.0759 1880 MSiSCSI - ok
17:46:17.0763 1880 msiserver - ok
17:46:17.0782 1880 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:46:17.0782 1880 MSKSSRV - ok
17:46:17.0793 1880 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:46:17.0793 1880 MSPCLOCK - ok
17:46:17.0800 1880 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:46:17.0801 1880 MSPQM - ok
17:46:17.0814 1880 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:46:17.0817 1880 MsRPC - ok
17:46:17.0843 1880 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:46:17.0844 1880 mssmbios - ok
17:46:17.0859 1880 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:46:17.0860 1880 MSTEE - ok
17:46:17.0867 1880 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:46:17.0868 1880 MTConfig - ok
17:46:17.0879 1880 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:46:17.0880 1880 Mup - ok
17:46:17.0905 1880 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:46:17.0910 1880 napagent - ok
17:46:17.0929 1880 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:46:17.0933 1880 NativeWifiP - ok
17:46:17.0970 1880 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:46:17.0975 1880 NDIS - ok
17:46:17.0987 1880 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:46:17.0988 1880 NdisCap - ok
17:46:18.0014 1880 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:46:18.0015 1880 NdisTapi - ok
17:46:18.0051 1880 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:46:18.0051 1880 Ndisuio - ok
17:46:18.0067 1880 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:46:18.0069 1880 NdisWan - ok
17:46:18.0095 1880 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:46:18.0095 1880 NDProxy - ok
17:46:18.0132 1880 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:46:18.0134 1880 Net Driver HPZ12 - ok
17:46:18.0144 1880 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:46:18.0145 1880 NetBIOS - ok
17:46:18.0164 1880 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:46:18.0165 1880 NetBT - ok
17:46:18.0174 1880 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:46:18.0175 1880 Netlogon - ok
17:46:18.0206 1880 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:46:18.0208 1880 Netman - ok
17:46:18.0226 1880 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:46:18.0231 1880 netprofm - ok
17:46:18.0251 1880 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:46:18.0253 1880 NetTcpPortSharing - ok
17:46:18.0276 1880 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:46:18.0277 1880 nfrd960 - ok
17:46:18.0291 1880 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:46:18.0294 1880 NlaSvc - ok
17:46:18.0307 1880 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:46:18.0307 1880 Npfs - ok
17:46:18.0318 1880 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:46:18.0319 1880 nsi - ok
17:46:18.0334 1880 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:46:18.0335 1880 nsiproxy - ok
17:46:18.0376 1880 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:46:18.0385 1880 Ntfs - ok
17:46:18.0414 1880 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:46:18.0414 1880 Null - ok
17:46:18.0428 1880 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:46:18.0430 1880 nvraid - ok
17:46:18.0453 1880 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:46:18.0456 1880 nvstor - ok
17:46:18.0477 1880 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:46:18.0479 1880 nv_agp - ok
17:46:18.0526 1880 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:46:18.0531 1880 odserv - ok
17:46:18.0550 1880 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:46:18.0552 1880 ohci1394 - ok
17:46:18.0569 1880 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:46:18.0571 1880 ose - ok
17:46:18.0600 1880 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:46:18.0605 1880 p2pimsvc - ok
17:46:18.0615 1880 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:46:18.0619 1880 p2psvc - ok
17:46:18.0631 1880 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:46:18.0631 1880 Parport - ok
17:46:18.0658 1880 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:46:18.0659 1880 partmgr - ok
17:46:18.0669 1880 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:46:18.0672 1880 PcaSvc - ok
17:46:18.0687 1880 PCDSRVC{61A6314B-67E718C5-06000000}_0 - ok
17:46:18.0711 1880 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:46:18.0713 1880 pci - ok
17:46:18.0724 1880 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:46:18.0725 1880 pciide - ok
17:46:18.0737 1880 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:46:18.0738 1880 pcmcia - ok
17:46:18.0765 1880 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
17:46:18.0767 1880 pcouffin - ok
17:46:18.0777 1880 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:46:18.0778 1880 pcw - ok
17:46:18.0795 1880 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:46:18.0804 1880 PEAUTH - ok
17:46:18.0866 1880 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:46:18.0881 1880 PerfHost - ok
17:46:18.0925 1880 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:46:18.0951 1880 pla - ok
17:46:18.0982 1880 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:46:18.0987 1880 PlugPlay - ok
17:46:19.0020 1880 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:46:19.0022 1880 Pml Driver HPZ12 - ok
17:46:19.0030 1880 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:46:19.0032 1880 PNRPAutoReg - ok
17:46:19.0037 1880 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:46:19.0040 1880 PNRPsvc - ok
17:46:19.0058 1880 [ A6D06378F37BDBA0C0019294C2AABBD0 ] Point64 C:\Windows\system32\DRIVERS\point64k.sys
17:46:19.0059 1880 Point64 - ok
17:46:19.0076 1880 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:46:19.0078 1880 PolicyAgent - ok
17:46:19.0102 1880 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:46:19.0105 1880 Power - ok
17:46:19.0127 1880 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:46:19.0128 1880 PptpMiniport - ok
17:46:19.0140 1880 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:46:19.0140 1880 Processor - ok
17:46:19.0162 1880 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:46:19.0165 1880 ProfSvc - ok
17:46:19.0173 1880 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:46:19.0174 1880 ProtectedStorage - ok
17:46:19.0204 1880 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:46:19.0205 1880 Psched - ok
17:46:19.0236 1880 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:46:19.0261 1880 ql2300 - ok
17:46:19.0277 1880 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:46:19.0279 1880 ql40xx - ok
17:46:19.0309 1880 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:46:19.0312 1880 QWAVE - ok
17:46:19.0328 1880 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:46:19.0329 1880 QWAVEdrv - ok
17:46:19.0342 1880 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:46:19.0342 1880 RasAcd - ok
17:46:19.0357 1880 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:46:19.0358 1880 RasAgileVpn - ok
17:46:19.0366 1880 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:46:19.0369 1880 RasAuto - ok
17:46:19.0380 1880 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:46:19.0381 1880 Rasl2tp - ok
17:46:19.0395 1880 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:46:19.0399 1880 RasMan - ok
17:46:19.0415 1880 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:46:19.0416 1880 RasPppoe - ok
17:46:19.0428 1880 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:46:19.0429 1880 RasSstp - ok
17:46:19.0443 1880 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:46:19.0445 1880 rdbss - ok
17:46:19.0461 1880 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:46:19.0462 1880 rdpbus - ok
17:46:19.0474 1880 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:46:19.0475 1880 RDPCDD - ok
17:46:19.0497 1880 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:46:19.0498 1880 RDPENCDD - ok
17:46:19.0506 1880 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:46:19.0507 1880 RDPREFMP - ok
17:46:19.0516 1880 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:46:19.0518 1880 RDPWD - ok
17:46:19.0554 1880 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:46:19.0557 1880 rdyboost - ok
17:46:19.0588 1880 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:46:19.0591 1880 RemoteAccess - ok
17:46:19.0605 1880 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:46:19.0607 1880 RemoteRegistry - ok
17:46:19.0618 1880 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:46:19.0620 1880 RpcEptMapper - ok
17:46:19.0633 1880 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:46:19.0634 1880 RpcLocator - ok
17:46:19.0662 1880 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:46:19.0665 1880 RpcSs - ok
17:46:19.0686 1880 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:46:19.0687 1880 rspndr - ok
17:46:19.0718 1880 [ 91296F0B2653281B2F11E0FCE56AA427 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:46:19.0720 1880 RTL8167 - ok
17:46:19.0731 1880 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:46:19.0731 1880 SamSs - ok
17:46:19.0761 1880 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:46:19.0763 1880 sbp2port - ok
17:46:19.0776 1880 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:46:19.0779 1880 SCardSvr - ok
17:46:19.0798 1880 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:46:19.0801 1880 scfilter - ok
17:46:19.0836 1880 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:46:19.0842 1880 Schedule - ok
17:46:19.0857 1880 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:46:19.0858 1880 SCPolicySvc - ok
17:46:19.0869 1880 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:46:19.0872 1880 SDRSVC - ok
17:46:19.0928 1880 [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
17:46:19.0931 1880 SeaPort - ok
17:46:19.0944 1880 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:46:19.0945 1880 secdrv - ok
17:46:19.0969 1880 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:46:19.0971 1880 seclogon - ok
17:46:19.0981 1880 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:46:19.0983 1880 SENS - ok
17:46:19.0999 1880 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:46:20.0001 1880 SensrSvc - ok
17:46:20.0014 1880 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:46:20.0015 1880 Serenum - ok
17:46:20.0018 1880 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:46:20.0019 1880 Serial - ok
17:46:20.0039 1880 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:46:20.0040 1880 sermouse - ok
17:46:20.0057 1880 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:46:20.0060 1880 SessionEnv - ok
17:46:20.0074 1880 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:46:20.0075 1880 sffdisk - ok
17:46:20.0084 1880 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:46:20.0085 1880 sffp_mmc - ok
17:46:20.0090 1880 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:46:20.0090 1880 sffp_sd - ok
17:46:20.0093 1880 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:46:20.0093 1880 sfloppy - ok
17:46:20.0117 1880 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:46:20.0121 1880 SharedAccess - ok
17:46:20.0139 1880 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:46:20.0142 1880 ShellHWDetection - ok
17:46:20.0170 1880 [ 0F498DEE92FD73DD999BAE4D506367F5 ] SI3132 C:\Windows\system32\DRIVERS\SI3132.sys
17:46:20.0171 1880 SI3132 - ok
17:46:20.0180 1880 [ 127CE10E01F53F2EDACA7FE42E5631EA ] SiFilter C:\Windows\system32\DRIVERS\SiWinAcc.sys
17:46:20.0182 1880 SiFilter - ok
17:46:20.0192 1880 [ B742C37002B8EBEF6E230DF9B4B28546 ] SiRemFil C:\Windows\system32\DRIVERS\SiRemFil.sys
17:46:20.0193 1880 SiRemFil - ok
17:46:20.0203 1880 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:46:20.0204 1880 SiSRaid2 - ok
17:46:20.0208 1880 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:46:20.0209 1880 SiSRaid4 - ok
17:46:20.0216 1880 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:46:20.0218 1880 Smb - ok
17:46:20.0233 1880 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:46:20.0234 1880 SNMPTRAP - ok
17:46:20.0247 1880 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:46:20.0248 1880 spldr - ok
17:46:20.0275 1880 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:46:20.0279 1880 Spooler - ok
17:46:20.0341 1880 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:46:20.0409 1880 sppsvc - ok
17:46:20.0428 1880 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:46:20.0430 1880 sppuinotify - ok
17:46:20.0460 1880 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:46:20.0463 1880 srv - ok
17:46:20.0473 1880 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:46:20.0478 1880 srv2 - ok
17:46:20.0488 1880 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:46:20.0490 1880 srvnet - ok
17:46:20.0515 1880 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:46:20.0516 1880 SSDPSRV - ok
17:46:20.0526 1880 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:46:20.0529 1880 SstpSvc - ok
17:46:20.0551 1880 [ BBD683974D4BF2B9E2D8638CF503ACD8 ] sstsmonsvc C:\PROGRA~2\EACCEL~1\FRAMEW~1\eac_svc.exe
17:46:20.0551 1880 sstsmonsvc - ok
17:46:20.0561 1880 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:46:20.0562 1880 stexstor - ok
17:46:20.0592 1880 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:46:20.0596 1880 stisvc - ok
17:46:20.0617 1880 [ 5D3D9CC54EBBE9777364F311E4B19EBF ] StopSign Update Manager C:\Program Files (x86)\Common Files\eAcceleration\eacsvc.exe
17:46:20.0619 1880 StopSign Update Manager - ok
17:46:20.0653 1880 [ 745E8BDD1AD92BCE97DBCF1BA60D4045 ] SUSTUCAM C:\Windows\system32\DRIVERS\sustucam.sys
17:46:20.0655 1880 SUSTUCAM - ok
17:46:20.0684 1880 [ C7C1C5CA51447B273A6C8BC972397BA5 ] SUSTUCAP C:\Windows\system32\DRIVERS\sustucap.sys
17:46:20.0686 1880 SUSTUCAP - ok
17:46:20.0717 1880 [ A69A9A9FE119907E85BB30CDFBFB2A38 ] SUSTUCAU C:\Windows\system32\DRIVERS\sustucau.sys
17:46:20.0719 1880 SUSTUCAU - ok
17:46:20.0735 1880 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:46:20.0736 1880 swenum - ok
17:46:20.0755 1880 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:46:20.0761 1880 swprv - ok
17:46:20.0807 1880 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:46:20.0838 1880 SysMain - ok
17:46:20.0854 1880 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:46:20.0857 1880 TabletInputService - ok
17:46:20.0881 1880 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:46:20.0883 1880 TapiSrv - ok
17:46:20.0899 1880 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:46:20.0901 1880 TBS - ok
17:46:20.0949 1880 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:46:20.0959 1880 Tcpip - ok
17:46:20.0999 1880 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:46:21.0009 1880 TCPIP6 - ok
17:46:21.0031 1880 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:46:21.0032 1880 tcpipreg - ok
17:46:21.0045 1880 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:46:21.0046 1880 TDPIPE - ok
17:46:21.0072 1880 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:46:21.0072 1880 TDTCP - ok
17:46:21.0092 1880 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:46:21.0093 1880 tdx - ok
17:46:21.0109 1880 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:46:21.0109 1880 TermDD - ok
17:46:21.0138 1880 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:46:21.0143 1880 TermService - ok
17:46:21.0152 1880 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:46:21.0154 1880 Themes - ok
17:46:21.0176 1880 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:46:21.0177 1880 THREADORDER - ok
17:46:21.0195 1880 [ 99559F8DE53EAC2C8DBC23595803A69D ] TMEBC C:\Windows\system32\DRIVERS\TMEBC64.sys
17:46:21.0197 1880 TMEBC - ok
17:46:21.0201 1880 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:46:21.0203 1880 TrkWks - ok
17:46:21.0239 1880 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:46:21.0241 1880 TrustedInstaller - ok
17:46:21.0269 1880 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:46:21.0270 1880 tssecsrv - ok
17:46:21.0287 1880 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:46:21.0288 1880 TsUsbFlt - ok
17:46:21.0307 1880 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:46:21.0309 1880 tunnel - ok
17:46:21.0325 1880 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:46:21.0327 1880 uagp35 - ok
17:46:21.0344 1880 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:46:21.0345 1880 udfs - ok
17:46:21.0357 1880 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:46:21.0359 1880 UI0Detect - ok
17:46:21.0375 1880 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:46:21.0376 1880 uliagpkx - ok
17:46:21.0406 1880 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
17:46:21.0407 1880 umbus - ok
17:46:21.0418 1880 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:46:21.0419 1880 UmPass - ok
17:46:21.0435 1880 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:46:21.0437 1880 upnphost - ok
17:46:21.0471 1880 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:46:21.0472 1880 USBAAPL64 - ok
17:46:21.0494 1880 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:46:21.0495 1880 usbccgp - ok
17:46:21.0513 1880 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:46:21.0515 1880 usbcir - ok
17:46:21.0524 1880 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:46:21.0525 1880 usbehci - ok
17:46:21.0542 1880 [ 6648C6D7323A2CE0C4776C36CEFBCB14 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
17:46:21.0543 1880 usbfilter - ok
17:46:21.0562 1880 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:46:21.0564 1880 usbhub - ok
17:46:21.0570 1880 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:46:21.0571 1880 usbohci - ok
17:46:21.0591 1880 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:46:21.0592 1880 usbprint - ok
17:46:21.0612 1880 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:46:21.0613 1880 usbscan - ok
17:46:21.0625 1880 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:46:21.0625 1880 USBSTOR - ok
17:46:21.0644 1880 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:46:21.0644 1880 usbuhci - ok
17:46:21.0657 1880 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:46:21.0659 1880 UxSms - ok
17:46:21.0670 1880 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:46:21.0671 1880 VaultSvc - ok
17:46:21.0683 1880 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:46:21.0684 1880 vdrvroot - ok
17:46:21.0704 1880 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:46:21.0710 1880 vds - ok
17:46:21.0719 1880 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:46:21.0720 1880 vga - ok
17:46:21.0731 1880 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:46:21.0732 1880 VgaSave - ok
17:46:21.0743 1880 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:46:21.0745 1880 vhdmp - ok
17:46:21.0764 1880 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:46:21.0765 1880 viaide - ok
17:46:21.0788 1880 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:46:21.0790 1880 volmgr - ok
17:46:21.0818 1880 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:46:21.0822 1880 volmgrx - ok
17:46:21.0831 1880 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:46:21.0832 1880 volsnap - ok
17:46:21.0857 1880 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:46:21.0858 1880 vsmraid - ok
17:46:21.0901 1880 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:46:21.0927 1880 VSS - ok
17:46:21.0941 1880 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:46:21.0942 1880 vwifibus - ok
17:46:21.0958 1880 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:46:21.0960 1880 vwififlt - ok
17:46:21.0977 1880 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:46:21.0980 1880 W32Time - ok
17:46:21.0984 1880 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:46:21.0985 1880 WacomPen - ok
17:46:22.0010 1880 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:46:22.0011 1880 WANARP - ok
17:46:22.0014 1880 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:46:22.0014 1880 Wanarpv6 - ok
17:46:22.0075 1880 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:46:22.0101 1880 WatAdminSvc - ok
17:46:22.0127 1880 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:46:22.0153 1880 wbengine - ok
17:46:22.0173 1880 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:46:22.0176 1880 WbioSrvc - ok
17:46:22.0220 1880 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:46:22.0225 1880 wcncsvc - ok
17:46:22.0239 1880 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:46:22.0242 1880 WcsPlugInService - ok
17:46:22.0245 1880 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:46:22.0245 1880 Wd - ok
17:46:22.0279 1880 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
17:46:22.0280 1880 WDC_SAM - ok
17:46:22.0296 1880 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:46:22.0302 1880 Wdf01000 - ok
17:46:22.0309 1880 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:46:22.0312 1880 WdiServiceHost - ok
17:46:22.0315 1880 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:46:22.0317 1880 WdiSystemHost - ok
17:46:22.0326 1880 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:46:22.0329 1880 WebClient - ok
17:46:22.0343 1880 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:46:22.0346 1880 Wecsvc - ok
17:46:22.0359 1880 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:46:22.0362 1880 wercplsupport - ok
17:46:22.0380 1880 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:46:22.0383 1880 WerSvc - ok
17:46:22.0388 1880 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:46:22.0389 1880 WfpLwf - ok
17:46:22.0407 1880 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:46:22.0408 1880 WIMMount - ok
17:46:22.0450 1880 WinDefend - ok
17:46:22.0453 1880 WinHttpAutoProxySvc - ok
17:46:22.0486 1880 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:46:22.0489 1880 Winmgmt - ok
17:46:22.0525 1880 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:46:22.0561 1880 WinRM - ok
17:46:22.0611 1880 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:46:22.0613 1880 WinUsb - ok
17:46:22.0647 1880 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:46:22.0656 1880 Wlansvc - ok
17:46:22.0672 1880 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:46:22.0673 1880 WmiAcpi - ok
17:46:22.0695 1880 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:46:22.0697 1880 wmiApSrv - ok
17:46:22.0707 1880 WMPNetworkSvc - ok
17:46:22.0719 1880 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:46:22.0721 1880 WPCSvc - ok
17:46:22.0725 1880 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:46:22.0728 1880 WPDBusEnum - ok
17:46:22.0740 1880 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:46:22.0740 1880 ws2ifsl - ok
17:46:22.0752 1880 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:46:22.0755 1880 wscsvc - ok
17:46:22.0757 1880 WSearch - ok
17:46:22.0784 1880 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:46:22.0785 1880 WudfPf - ok
17:46:22.0798 1880 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:46:22.0802 1880 WUDFRd - ok
17:46:22.0822 1880 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:46:22.0824 1880 wudfsvc - ok
17:46:22.0837 1880 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:46:22.0841 1880 WwanSvc - ok
17:46:22.0845 1880 ================ Scan global ===============================
17:46:22.0867 1880 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:46:22.0889 1880 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:46:22.0896 1880 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:46:22.0904 1880 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:46:22.0930 1880 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:46:22.0932 1880 [Global] - ok
17:46:22.0933 1880 ================ Scan MBR ==================================
17:46:22.0940 1880 [ D903658E313289C7E22A468124057BEC ] \Device\Harddisk0\DR0
17:46:23.0095 1880 \Device\Harddisk0\DR0 - ok
17:46:23.0095 1880 ================ Scan VBR ==================================
17:46:23.0097 1880 [ 39590E0073E64473A2A87DFF4B1F0429 ] \Device\Harddisk0\DR0\Partition1
17:46:23.0098 1880 \Device\Harddisk0\DR0\Partition1 - ok
17:46:23.0110 1880 [ E65BB95580D64ECFC7064FF50B86F343 ] \Device\Harddisk0\DR0\Partition2
17:46:23.0111 1880 \Device\Harddisk0\DR0\Partition2 - ok
17:46:23.0135 1880 [ C03AE3B0D098EECD1866A775F9E73C98 ] \Device\Harddisk0\DR0\Partition3
17:46:23.0137 1880 \Device\Harddisk0\DR0\Partition3 - ok
17:46:23.0137 1880 ============================================================
17:46:23.0137 1880 Scan finished
17:46:23.0137 1880 ============================================================
17:46:23.0144 1168 Detected object count: 0
17:46:23.0144 1168 Actual detected object count: 0

#4 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 22 September 2012 - 04:54 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-22 17:46:39
-----------------------------
17:46:39.145 OS Version: Windows x64 6.1.7601 Service Pack 1
17:46:39.145 Number of processors: 4 586 0x402
17:46:39.145 ComputerName: TONY-PC UserName: Tony
17:46:42.809 Initialize success
17:47:43.931 AVAST engine defs: 12092201
17:48:53.572 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000060
17:48:53.573 Disk 0 Vendor: Seagate_ HP35 Size: 953869MB BusType: 8
17:48:53.583 Disk 0 MBR read successfully
17:48:53.585 Disk 0 MBR scan
17:48:53.588 Disk 0 unknown MBR code
17:48:53.632 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:48:53.638 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 941131 MB offset 206911
17:48:53.669 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12635 MB offset 1927645184
17:48:53.732 Disk 0 scanning C:\Windows\system32\drivers
17:49:02.215 Service scanning
17:49:11.637 Service PCDSRVC{61A6314B-67E718C5-06000000}_0 h:\64_pcdr5\pcdsrvc_x64.pkms **LOCKED** 21
17:49:17.685 Modules scanning
17:49:17.685 Disk 0 trace - called modules:
17:49:17.695 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll ahcix64s.sys
17:49:17.695 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800727b790]
17:49:17.695 3 CLASSPNP.SYS[fffff880018fa43f] -> nt!IofCallDriver -> \Device\00000060[0xfffffa80071cd9c0]
17:49:20.623 AVAST engine scan C:\Windows
17:49:22.606 AVAST engine scan C:\Windows\system32
17:50:51.209 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
17:50:52.809 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
17:51:42.676 AVAST engine scan C:\Windows\system32\drivers
17:51:52.664 AVAST engine scan C:\Users\Tony
17:52:54.705 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
17:52:54.721 The log file has been saved successfully to "C:\aswMBR.txt"

#5 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 22 September 2012 - 04:55 PM

ESET fails to download definitions after install. Asks for proxy config.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:00 PM

Posted 22 September 2012 - 04:59 PM

Run this tool

http://www.bleepingcomputer.com/download/unhide/

This tool should restore the hidden files.After running this tool

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Post the log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#7 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 22 September 2012 - 06:27 PM

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.22.07

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Tony :: TONY-PC [administrator]

9/22/2012 6:34:24 PM
mbam-log-2012-09-22 (19-22-48).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 389521
Time elapsed: 40 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 12
C:\$Recycle.Bin\S-1-5-21-810733662-3410757680-3389516245-1003\$ddce05c1f6dde254af95ab46b5c9190e\n (Trojan.0Access) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-810733662-3410757680-3389516245-1003\$ddce05c1f6dde254af95ab46b5c9190e\U\00000004.@ (Trojan.0Access) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-810733662-3410757680-3389516245-1003\$ddce05c1f6dde254af95ab46b5c9190e\U\00000008.@ (Trojan.Dropper.BCMiner) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-810733662-3410757680-3389516245-1003\$ddce05c1f6dde254af95ab46b5c9190e\U\000000cb.@ (Trojan.0Access) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-810733662-3410757680-3389516245-1003\$ddce05c1f6dde254af95ab46b5c9190e\U\80000000.@ (Trojan.0Access) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-810733662-3410757680-3389516245-1003\$ddce05c1f6dde254af95ab46b5c9190e\U\80000032.@ (Trojan.0Access) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-810733662-3410757680-3389516245-1003\$ddce05c1f6dde254af95ab46b5c9190e\U\80000064.@ (Trojan.0Access) -> No action taken.
C:\ProgramData\FkqnDaLnwp.exe (Trojan.FakeAV) -> No action taken.
C:\Users\Tony\AppData\Local\Temp\0139d1cf58cf.exe (Rootkit.0Access) -> No action taken.
C:\Users\Tony\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\158f65cc-4c2c3008 (Trojan.FakeAV) -> No action taken.
C:\Users\Tony\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\49bb6fc7-6020db97 (Trojan.FakeAlert.FSA20) -> No action taken.
C:\Users\Tony\Downloads\Setup.exe (PUP.Bundle.Installer.OI) -> No action taken.

(end)

#8 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 22 September 2012 - 06:29 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Tony (administrator) on 22-09-2012 at 19:27:55
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost








































































































































































































72.29.93.243 www.google-analytics.com.
72.29.93.243 ad-emea.doubleclick.net.
72.29.93.243 www.statcounter.com.
64.27.10.42 www.google-analytics.com.
64.27.10.42 ad-emea.doubleclick.net.
64.27.10.42 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Atheros 802.11 a/b/g/n Dualband Wireless Network Module = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Tony-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-24-81-EC-FF-12
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5f5:a219:7a8d:52b1%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, September 22, 2012 7:24:29 PM
Lease Expires . . . . . . . . . . : Sunday, September 23, 2012 7:24:29 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 285222017
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-D2-93-52-00-24-81-EC-FF-12
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Physical Address. . . . . . . . . : 00-26-82-14-D4-E7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9FDC186F-754C-4BD2-8737-0C226F613883}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9734DE3F-0A90-4CF7-B5E8-AEF8625CCF37}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4002:c05::8a
74.125.45.113
74.125.45.138
74.125.45.100
74.125.45.101
74.125.45.102
74.125.45.139


Pinging google.com [74.125.139.102] with 32 bytes of data:
Reply from 74.125.139.102: bytes=32 time=30ms TTL=45
Reply from 74.125.139.102: bytes=32 time=31ms TTL=45

Ping statistics for 74.125.139.102:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 30ms, Maximum = 31ms, Average = 30ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=583ms TTL=48
Reply from 98.139.183.24: bytes=32 time=586ms TTL=45

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 583ms, Maximum = 586ms, Average = 584ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 24 81 ec ff 12 ......Realtek PCIe GBE Family Controller
10...00 26 82 14 d4 e7 ......Atheros 802.11 a/b/g/n Dualband Wireless Network Module
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 276
192.168.1.2 255.255.255.255 On-link 192.168.1.2 276
192.168.1.255 255.255.255.255 On-link 192.168.1.2 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::5f5:a219:7a8d:52b1/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/22/2012 05:22:34 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.
.

Error: (09/22/2012 05:14:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: WebKit2WebProcess.exe, version: 7534.57.2.4, time stamp: 0x4f97642d
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0xc6c
Faulting application start time: 0xWebKit2WebProcess.exe0
Faulting application path: WebKit2WebProcess.exe1
Faulting module path: WebKit2WebProcess.exe2
Report Id: WebKit2WebProcess.exe3

Error: (09/22/2012 01:57:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/22/2012 01:03:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (09/22/2012 01:03:25 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/22/2012 01:03:21 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (09/22/2012 01:03:20 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (09/21/2012 00:36:31 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7526c9f1
Faulting process id: 0x20b8
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (09/21/2012 09:58:06 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7526c9f1
Faulting process id: 0x1dcc
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (09/21/2012 06:29:36 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: mshtml.dll, version: 9.0.8112.16448, time stamp: 0x4fecfb0e
Exception code: 0xc0000005
Fault offset: 0x001d9b56
Faulting process id: 0x1498
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (09/22/2012 07:24:48 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/22/2012 07:24:48 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (09/22/2012 07:24:42 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/22/2012 07:24:36 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (09/22/2012 07:24:34 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
discache
spldr
Wanarpv6

Error: (09/22/2012 07:23:26 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (09/22/2012 05:23:44 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/22/2012 05:23:44 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (09/22/2012 05:23:42 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/22/2012 05:23:37 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}


Microsoft Office Sessions:
=========================
Error: (12/31/2010 04:14:11 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6548.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 6.2.1)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.3)
Adobe AIR (Version: 2.0.4.13090)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Flash Player 11 Plugin (Version: 11.4.402.278)
Adobe Reader X (10.1.4) (Version: 10.1.4)
AMD USB Filter Driver (Version: 1.0.11.86)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.732.0)
Bonjour (Version: 3.0.0.10)
Brother MFL-Pro Suite MFC-8460N (Version: 1.0.0.0)
BufferChm (Version: 130.0.331.000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Full Existing (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Full New (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Light (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0614.2131.36800)
Catalyst Control Center InstallProxy (Version: 2009.0614.2131.36800)
Catalyst Control Center Localization All (Version: 2009.0614.2131.36800)
ccc-core-static (Version: 2009.0614.2131.36800)
ccc-utility64 (Version: 2009.0614.2131.36800)
CCC Help Chinese Standard (Version: 2009.0614.2130.36800)
CCC Help Chinese Traditional (Version: 2009.0614.2130.36800)
CCC Help Czech (Version: 2009.0614.2130.36800)
CCC Help Danish (Version: 2009.0614.2130.36800)
CCC Help Dutch (Version: 2009.0614.2130.36800)
CCC Help English (Version: 2009.0614.2130.36800)
CCC Help Finnish (Version: 2009.0614.2130.36800)
CCC Help French (Version: 2009.0614.2130.36800)
CCC Help German (Version: 2009.0614.2130.36800)
CCC Help Greek (Version: 2009.0614.2130.36800)
CCC Help Hungarian (Version: 2009.0614.2130.36800)
CCC Help Italian (Version: 2009.0614.2130.36800)
CCC Help Japanese (Version: 2009.0614.2130.36800)
CCC Help Korean (Version: 2009.0614.2130.36800)
CCC Help Norwegian (Version: 2009.0614.2130.36800)
CCC Help Polish (Version: 2009.0614.2130.36800)
CCC Help Portuguese (Version: 2009.0614.2130.36800)
CCC Help Russian (Version: 2009.0614.2130.36800)
CCC Help Spanish (Version: 2009.0614.2130.36800)
CCC Help Swedish (Version: 2009.0614.2130.36800)
CCC Help Thai (Version: 2009.0614.2130.36800)
CCC Help Turkish (Version: 2009.0614.2130.36800)
CCleaner (Version: 2.33)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Coupon Printer for Windows (Version: 5.0.0.0)
CyberLink DVD Suite Deluxe (Version: 6.0.3101)
D6100_D7100_D7300_Help (Version: 82.0.233.000)
D7300 (Version: 130.0.365.000)
DataPilot 7 (Version: 7.01.0013)
DeviceDiscovery (Version: 130.0.465.000)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVDFab 7.0.8.2 (17/07/2010)
DVDFab 8.0.8.5 (19/03/2011)
ESET Online Scanner v3
Google Chrome (Version: 21.0.1180.89)
Google Update Helper (Version: 1.3.21.123)
GPBaseService2 (Version: 130.0.371.000)
Hardware Diagnostic Tools (Version: 6.0.5205.31)
Homepage Protection (Version: )
HP Advisor (Version: 3.2.8946.3086)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet & Photosmart Printer Driver Software 13.0 Rel. A (Version: 13.0)
HP Games (Version: 1.0.0.71)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP MediaSmart Demo (Version: 1.00.0000)
HP MediaSmart DVD (Version: 3.0.3123)
HP MediaSmart Movie Themes (Version: 3.0.3102)
HP MediaSmart Music/Photo/Video (Version: 3.0.3205)
HP MediaSmart SmartMenu (Version: 3.0.28.2)
HP Odometer (Version: 2.10.0000)
HP Photo Creations (Version: 1.0.0.5192)
HP Photosmart 7510 series Basic Device Software (Version: 25.0.617.0)
HP Photosmart 7510 series Help (Version: 140.0.2.2)
HP Photosmart 7510 series Product Improvement Study (Version: 25.0.617.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Remote Solution (Version: 1.1.9.0)
HP Setup (Version: 1.2.3220.3079)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Support Assistant (Version: 4.4.6.3)
HP Support Information (Version: 10.1.0002)
HP Update (Version: 5.003.000.004)
HPAsset component for HP Active Support Library (Version: 3.0.0.7)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
iCloud (Version: 1.1.0.40)
iTunes (Version: 10.6.3.25)
Java 7 Update 6 (Version: 7.0.60)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 14.0.8117.416)
LabelPrint (Version: 2.5.1901)
LightScribe System Software (Version: 1.18.5.1)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MarketResearch (Version: 130.0.374.000)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft IntelliPoint 7.0 (Version: 7.0.260.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft Live Search Toolbar (Version: 3.0.560.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 60 day trial
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 1.2.123.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PictureMover (Version: 3.3.1.19)
PL-2303 USB-to-Serial (Version: 1.00.000)
Power2Go (Version: 6.0.3101)
PowerDirector (Version: 7.0.3101)
PowerRecover (Version: 5.5.1923)
QuickTime (Version: 7.72.80.56)
RAIDXpert (Version: 2.4.1540.26)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
Realtek High Definition Audio Driver (Version: 6.0.1.6196)
RealUpgrade 1.1 (Version: 1.1.0)
Safari (Version: 5.34.57.2)
SF_CDA_ProductContext (Version: 130.0.365.000)
SF_CDA_Software (Version: 130.0.396.000)
Shop for HP Supplies (Version: 13.0)
Shop to Win 2 (Version: 1.001)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.469.000)
StopSign Internet Security
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 0.9.2 (Version: 0.9.2)
WebReg (Version: 130.0.132.017)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Toolbar (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Yahoo! Install Manager
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 14%
Total physical RAM: 7927.89 MB
Available physical RAM: 6811.26 MB
Total Pagefile: 15853.97 MB
Available Pagefile: 14791.85 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.3 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:919.07 GB) (Free:772.27 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:12.34 GB) (Free:1.92 GB) NTFS

========================= Users: ========================================

User accounts for \\TONY-PC

Administrator Guest Tony


**** End of log ****

Farbar Service Scanner Version: 19-09-2012
Ran by Tony (administrator) on 22-09-2012 at 19:29:13
Running from "C:\Users\Tony\AppData\Local\Temp\d7kgyb20.tmp"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:00 PM

Posted 22 September 2012 - 06:35 PM

ADWARE CLEANER log?

Remove the infections detected by malwarebytes

Reboot to normal mode and run a full scan and post the log

Run ESET scan in normal mode and post the log

#10 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 22 September 2012 - 06:36 PM

I keep getting warnings that recycle bin is corrupted.

# AdwCleaner v2.002 - Logfile created 09/22/2012 at 19:30:29
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Tony - TONY-PC
# Boot Mode : Safe mode with networking
# Running from : C:\Users\Tony\AppData\Local\Temp\ll1y8c41.tmp\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKLM\Software\bProtector

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\j9lcdna0.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3051 octets] - [26/08/2012 00:16:37]
AdwCleaner[R1].txt - [1214 octets] - [22/09/2012 19:30:01]
AdwCleaner[S2].txt - [1766 octets] - [22/09/2012 19:30:29]

########## EOF - C:\AdwCleaner[S2].txt - [1826 octets] ##########

#11 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 22 September 2012 - 06:44 PM

Running repeat MBAM scan now. Will scan ESET.

Still have the strange warning on restart "The recylce bin on C:\ is corrupted. Do you want to empty the recycle bin for this drive?"

#12 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 22 September 2012 - 06:46 PM

Also a stupid juscheck.exe popup.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:00 PM

Posted 22 September 2012 - 06:47 PM

Will look into them after mbam and ESET logs

#14 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 22 September 2012 - 07:45 PM

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.22.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Tony :: TONY-PC [administrator]

9/22/2012 7:42:00 PM
mbam-log-2012-09-22 (19-42-00).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 391311
Time elapsed: 1 hour(s), 1 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#15 527

527
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 22 September 2012 - 07:48 PM

Also getting some video pop up ads in the bottom left corner in Safari. It's even happening on the forum. Running ESET scan now. Takes about 1h 20m.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users