Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Yahoo Axis pop up


  • Please log in to reply
9 replies to this topic

#1 Pepsi1061

Pepsi1061

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:38 AM

Posted 09 October 2012 - 05:51 PM

Yahoo Axis banner pops up on the bottom of my screen. It's driving me nuts. My pop up blocker is on so how is it getting around it? I'm using Windows 7, IE9. Anyone who can shed light on this and help me get rid of this I'd appreciate.

*Moderator Edit: Moved topic from Windows 7 to the more appropriate forum. ~ Queen-Evie*

Edited by Queen-Evie, 09 October 2012 - 05:55 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:38 AM

Posted 09 October 2012 - 05:53 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Pepsi1061

Pepsi1061
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:38 AM

Posted 09 October 2012 - 10:08 PM

Here are the logs you asked for. I'm schocked that I had some infected files. I have real time protection with both Malware fighter and Advanced System Care with Anti Virus 2013. With that said I don't undedrstand why these weren't caught. Can you explain? How do I get rid of the threats?

20:32:22.0290 10712 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
20:32:23.0694 10712 ============================================================
20:32:23.0694 10712 Current date / time: 2012/10/09 20:32:23.0694
20:32:23.0694 10712 SystemInfo:
20:32:23.0694 10712
20:32:23.0694 10712 OS Version: 6.1.7601 ServicePack: 1.0
20:32:23.0694 10712 Product type: Workstation
20:32:23.0694 10712 ComputerName: JUDY-PC
20:32:23.0694 10712 UserName: Judy
20:32:23.0694 10712 Windows directory: C:\Windows
20:32:23.0694 10712 System windows directory: C:\Windows
20:32:23.0694 10712 Running under WOW64
20:32:23.0694 10712 Processor architecture: Intel x64
20:32:23.0694 10712 Number of processors: 1
20:32:23.0694 10712 Page size: 0x1000
20:32:23.0694 10712 Boot type: Normal boot
20:32:23.0694 10712 ============================================================
20:32:25.0082 10712 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:32:25.0082 10712 ============================================================
20:32:25.0082 10712 \Device\Harddisk0\DR0:
20:32:25.0082 10712 MBR partitions:
20:32:25.0082 10712 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1800800, BlocksNum 0x32000
20:32:25.0082 10712 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1832800, BlocksNum 0x23BFB800
20:32:25.0082 10712 ============================================================
20:32:25.0113 10712 C: <-> \Device\Harddisk0\DR0\Partition2
20:32:25.0129 10712 G: <-> \Device\Harddisk0\DR0\Partition1
20:32:25.0129 10712 ============================================================
20:32:25.0129 10712 Initialize success
20:32:25.0129 10712 ============================================================
20:33:22.0933 14492 ============================================================
20:33:22.0933 14492 Scan started
20:33:22.0933 14492 Mode: Manual; TDLFS;
20:33:22.0933 14492 ============================================================
20:33:25.0679 14492 ================ Scan system memory ========================
20:33:25.0679 14492 System memory - ok
20:33:25.0694 14492 ================ Scan services =============================
20:33:25.0850 14492 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:33:25.0866 14492 1394ohci - ok
20:33:25.0897 14492 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:33:25.0897 14492 ACPI - ok
20:33:25.0928 14492 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:33:25.0928 14492 AcpiPmi - ok
20:33:26.0022 14492 [ 3EEFBC4876C95803699FCD8BDDEA1782 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:33:26.0022 14492 AdobeFlashPlayerUpdateSvc - ok
20:33:26.0069 14492 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:33:26.0084 14492 adp94xx - ok
20:33:26.0131 14492 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:33:26.0131 14492 adpahci - ok
20:33:26.0162 14492 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:33:26.0178 14492 adpu320 - ok
20:33:26.0303 14492 [ B5C089558C870482D871B7C4FF20B38D ] AdvancedSystemCareService5 C:\Program Files (x86)\IObit\Advanced SystemCare with Antivirus 2013\ascsvc.exe
20:33:26.0318 14492 AdvancedSystemCareService5 - ok
20:33:26.0365 14492 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:33:26.0365 14492 AeLookupSvc - ok
20:33:26.0412 14492 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:33:26.0428 14492 AFD - ok
20:33:26.0428 14492 AFS - ok
20:33:26.0474 14492 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:33:26.0474 14492 agp440 - ok
20:33:26.0490 14492 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:33:26.0506 14492 ALG - ok
20:33:26.0521 14492 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:33:26.0521 14492 aliide - ok
20:33:26.0537 14492 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:33:26.0537 14492 amdide - ok
20:33:26.0552 14492 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:33:26.0568 14492 AmdK8 - ok
20:33:26.0584 14492 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:33:26.0584 14492 AmdPPM - ok
20:33:26.0630 14492 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:33:26.0630 14492 amdsata - ok
20:33:26.0646 14492 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:33:26.0662 14492 amdsbs - ok
20:33:26.0693 14492 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:33:26.0693 14492 amdxata - ok
20:33:26.0693 14492 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:33:26.0708 14492 AppID - ok
20:33:26.0724 14492 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:33:26.0740 14492 AppIDSvc - ok
20:33:26.0755 14492 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:33:26.0755 14492 Appinfo - ok
20:33:26.0818 14492 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:33:26.0911 14492 Apple Mobile Device - ok
20:33:26.0958 14492 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:33:26.0958 14492 arc - ok
20:33:26.0989 14492 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:33:26.0989 14492 arcsas - ok
20:33:27.0036 14492 [ 960A8D868FAE64692B64DEF03CE63C29 ] ASCAntivirusSrv C:\Program Files (x86)\IObit\Advanced SystemCare with Antivirus 2013\ascavsvc.exe
20:33:27.0036 14492 ASCAntivirusSrv - ok
20:33:27.0083 14492 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:33:27.0083 14492 AsyncMac - ok
20:33:27.0114 14492 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:33:27.0114 14492 atapi - ok
20:33:27.0161 14492 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:33:27.0176 14492 AudioEndpointBuilder - ok
20:33:27.0208 14492 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:33:27.0208 14492 AudioSrv - ok
20:33:27.0239 14492 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:33:27.0254 14492 AxInstSV - ok
20:33:27.0286 14492 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:33:27.0301 14492 b06bdrv - ok
20:33:27.0332 14492 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:33:27.0332 14492 b57nd60a - ok
20:33:27.0364 14492 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:33:27.0379 14492 BDESVC - ok
20:33:27.0426 14492 [ 66116E0A4DA8407FF7F2AAACE52B8B54 ] bdfsfltr C:\Windows\system32\DRIVERS\bdfsfltr.sys
20:33:27.0426 14492 bdfsfltr - ok
20:33:27.0457 14492 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:33:27.0457 14492 Beep - ok
20:33:27.0488 14492 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:33:27.0504 14492 BFE - ok
20:33:27.0551 14492 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:33:27.0566 14492 BITS - ok
20:33:27.0582 14492 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:33:27.0582 14492 blbdrive - ok
20:33:27.0676 14492 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:33:27.0691 14492 Bonjour Service - ok
20:33:27.0769 14492 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:33:27.0769 14492 bowser - ok
20:33:27.0800 14492 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:33:27.0800 14492 BrFiltLo - ok
20:33:27.0832 14492 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:33:27.0832 14492 BrFiltUp - ok
20:33:27.0863 14492 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:33:27.0863 14492 BridgeMP - ok
20:33:27.0910 14492 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:33:27.0910 14492 Browser - ok
20:33:27.0941 14492 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:33:27.0941 14492 Brserid - ok
20:33:27.0972 14492 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:33:27.0972 14492 BrSerWdm - ok
20:33:28.0019 14492 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:33:28.0019 14492 BrUsbMdm - ok
20:33:28.0066 14492 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:33:28.0066 14492 BrUsbSer - ok
20:33:28.0112 14492 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:33:28.0128 14492 BTHMODEM - ok
20:33:28.0222 14492 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:33:28.0222 14492 bthserv - ok
20:33:28.0253 14492 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:33:28.0253 14492 cdfs - ok
20:33:28.0284 14492 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:33:28.0300 14492 cdrom - ok
20:33:28.0331 14492 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:33:28.0331 14492 CertPropSvc - ok
20:33:28.0362 14492 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:33:28.0362 14492 circlass - ok
20:33:28.0393 14492 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:33:28.0393 14492 CLFS - ok
20:33:28.0487 14492 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:33:28.0487 14492 clr_optimization_v2.0.50727_32 - ok
20:33:28.0565 14492 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:33:28.0565 14492 clr_optimization_v2.0.50727_64 - ok
20:33:28.0643 14492 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:33:28.0721 14492 clr_optimization_v4.0.30319_32 - ok
20:33:28.0752 14492 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:33:28.0768 14492 clr_optimization_v4.0.30319_64 - ok
20:33:28.0799 14492 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:33:28.0814 14492 CmBatt - ok
20:33:28.0830 14492 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:33:28.0846 14492 cmdide - ok
20:33:28.0892 14492 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:33:28.0908 14492 CNG - ok
20:33:28.0908 14492 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:33:28.0924 14492 Compbatt - ok
20:33:28.0939 14492 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:33:28.0955 14492 CompositeBus - ok
20:33:28.0970 14492 COMSysApp - ok
20:33:29.0002 14492 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:33:29.0002 14492 crcdisk - ok
20:33:29.0033 14492 CrucialSMBusScan - ok
20:33:29.0080 14492 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:33:29.0080 14492 CryptSvc - ok
20:33:29.0158 14492 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:33:29.0173 14492 DcomLaunch - ok
20:33:29.0251 14492 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:33:29.0267 14492 defragsvc - ok
20:33:29.0282 14492 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:33:29.0298 14492 DfsC - ok
20:33:29.0329 14492 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:33:29.0329 14492 Dhcp - ok
20:33:29.0360 14492 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:33:29.0360 14492 discache - ok
20:33:29.0392 14492 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:33:29.0392 14492 Disk - ok
20:33:29.0438 14492 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:33:29.0438 14492 Dnscache - ok
20:33:29.0470 14492 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:33:29.0485 14492 dot3svc - ok
20:33:29.0532 14492 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
20:33:29.0548 14492 Dot4 - ok
20:33:29.0579 14492 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:33:29.0594 14492 Dot4Print - ok
20:33:29.0626 14492 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
20:33:29.0626 14492 dot4usb - ok
20:33:29.0657 14492 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:33:29.0657 14492 DPS - ok
20:33:29.0704 14492 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:33:29.0704 14492 drmkaud - ok
20:33:29.0766 14492 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:33:29.0782 14492 DXGKrnl - ok
20:33:29.0813 14492 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:33:29.0813 14492 EapHost - ok
20:33:29.0922 14492 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:33:30.0000 14492 ebdrv - ok
20:33:30.0047 14492 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:33:30.0047 14492 EFS - ok
20:33:30.0125 14492 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:33:30.0140 14492 ehRecvr - ok
20:33:30.0172 14492 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:33:30.0172 14492 ehSched - ok
20:33:30.0203 14492 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:33:30.0218 14492 elxstor - ok
20:33:30.0250 14492 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:33:30.0250 14492 ErrDev - ok
20:33:30.0374 14492 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:33:30.0390 14492 EventSystem - ok
20:33:30.0452 14492 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:33:30.0452 14492 exfat - ok
20:33:30.0484 14492 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:33:30.0484 14492 fastfat - ok
20:33:30.0530 14492 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:33:30.0530 14492 Fax - ok
20:33:30.0562 14492 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:33:30.0562 14492 fdc - ok
20:33:30.0624 14492 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:33:30.0624 14492 fdPHost - ok
20:33:30.0655 14492 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:33:30.0655 14492 FDResPub - ok
20:33:30.0671 14492 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:33:30.0686 14492 FileInfo - ok
20:33:30.0780 14492 [ 060CC45CECAE2FEAFF9C8C52D8FAFAA8 ] FileMonitor C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
20:33:30.0796 14492 FileMonitor - ok
20:33:30.0811 14492 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:33:30.0811 14492 Filetrace - ok
20:33:30.0842 14492 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:33:30.0842 14492 flpydisk - ok
20:33:30.0874 14492 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:33:30.0874 14492 FltMgr - ok
20:33:30.0936 14492 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:33:30.0967 14492 FontCache - ok
20:33:31.0030 14492 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:33:31.0076 14492 FontCache3.0.0.0 - ok
20:33:31.0123 14492 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:33:31.0139 14492 FsDepends - ok
20:33:31.0170 14492 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:33:31.0170 14492 Fs_Rec - ok
20:33:31.0201 14492 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:33:31.0201 14492 fvevol - ok
20:33:31.0232 14492 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:33:31.0232 14492 gagp30kx - ok
20:33:31.0279 14492 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:33:31.0295 14492 GEARAspiWDM - ok
20:33:31.0342 14492 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:33:31.0357 14492 gpsvc - ok
20:33:31.0451 14492 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:33:31.0466 14492 gupdate - ok
20:33:31.0513 14492 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:33:31.0513 14492 gupdatem - ok
20:33:31.0576 14492 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:33:31.0576 14492 hcw85cir - ok
20:33:31.0622 14492 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:33:31.0638 14492 HdAudAddService - ok
20:33:31.0669 14492 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:33:31.0669 14492 HDAudBus - ok
20:33:31.0700 14492 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:33:31.0700 14492 HidBatt - ok
20:33:31.0732 14492 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:33:31.0747 14492 HidBth - ok
20:33:31.0763 14492 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:33:31.0778 14492 HidIr - ok
20:33:31.0825 14492 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
20:33:31.0825 14492 hidserv - ok
20:33:31.0841 14492 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:33:31.0856 14492 HidUsb - ok
20:33:31.0888 14492 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:33:31.0903 14492 hkmsvc - ok
20:33:31.0919 14492 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:33:31.0919 14492 HomeGroupListener - ok
20:33:31.0966 14492 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:33:31.0981 14492 HomeGroupProvider - ok
20:33:32.0090 14492 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:33:32.0153 14492 hpqcxs08 - ok
20:33:32.0200 14492 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:33:32.0215 14492 hpqddsvc - ok
20:33:32.0246 14492 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:33:32.0262 14492 HpSAMD - ok
20:33:32.0293 14492 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:33:32.0324 14492 HTTP - ok
20:33:32.0371 14492 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:33:32.0371 14492 hwpolicy - ok
20:33:32.0402 14492 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:33:32.0402 14492 i8042prt - ok
20:33:32.0449 14492 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:33:32.0465 14492 iaStorV - ok
20:33:32.0543 14492 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:33:32.0574 14492 idsvc - ok
20:33:32.0621 14492 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:33:32.0636 14492 iirsp - ok
20:33:32.0699 14492 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:33:32.0699 14492 IKEEXT - ok
20:33:32.0777 14492 [ 8AE99EBE30E8338907361018D9030835 ] IMFservice C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
20:33:32.0777 14492 IMFservice - ok
20:33:32.0886 14492 [ C2F868881D48A568B525255F084EF063 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:33:33.0042 14492 IntcAzAudAddService - ok
20:33:33.0089 14492 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:33:33.0089 14492 intelide - ok
20:33:33.0120 14492 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
20:33:33.0120 14492 intelppm - ok
20:33:33.0182 14492 [ 67F6D2A931F194396BDA9B05690008D2 ] IObitUnlocker C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys
20:33:33.0182 14492 IObitUnlocker - ok
20:33:33.0245 14492 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:33:33.0245 14492 IPBusEnum - ok
20:33:33.0276 14492 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:33:33.0276 14492 IpFilterDriver - ok
20:33:33.0323 14492 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:33:33.0323 14492 iphlpsvc - ok
20:33:33.0354 14492 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:33:33.0354 14492 IPMIDRV - ok
20:33:33.0385 14492 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:33:33.0385 14492 IPNAT - ok
20:33:33.0448 14492 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:33:33.0463 14492 iPod Service - ok
20:33:33.0494 14492 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:33:33.0494 14492 IRENUM - ok
20:33:33.0526 14492 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:33:33.0526 14492 isapnp - ok
20:33:33.0557 14492 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:33:33.0572 14492 iScsiPrt - ok
20:33:33.0588 14492 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:33:33.0604 14492 kbdclass - ok
20:33:33.0619 14492 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:33:33.0619 14492 kbdhid - ok
20:33:33.0650 14492 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:33:33.0650 14492 KeyIso - ok
20:33:33.0666 14492 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:33:33.0666 14492 KSecDD - ok
20:33:33.0697 14492 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:33:33.0697 14492 KSecPkg - ok
20:33:33.0713 14492 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:33:33.0728 14492 ksthunk - ok
20:33:33.0775 14492 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:33:33.0791 14492 KtmRm - ok
20:33:33.0838 14492 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
20:33:33.0853 14492 LanmanServer - ok
20:33:33.0916 14492 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:33:33.0931 14492 LanmanWorkstation - ok
20:33:33.0978 14492 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:33:33.0994 14492 lltdio - ok
20:33:34.0025 14492 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:33:34.0025 14492 lltdsvc - ok
20:33:34.0072 14492 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:33:34.0072 14492 lmhosts - ok
20:33:34.0118 14492 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:33:34.0134 14492 LSI_FC - ok
20:33:34.0150 14492 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:33:34.0150 14492 LSI_SAS - ok
20:33:34.0181 14492 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:33:34.0181 14492 LSI_SAS2 - ok
20:33:34.0212 14492 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:33:34.0212 14492 LSI_SCSI - ok
20:33:34.0243 14492 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:33:34.0243 14492 luafv - ok
20:33:34.0290 14492 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:33:34.0306 14492 Mcx2Svc - ok
20:33:34.0321 14492 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:33:34.0337 14492 megasas - ok
20:33:34.0368 14492 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:33:34.0368 14492 MegaSR - ok
20:33:34.0399 14492 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:33:34.0399 14492 MMCSS - ok
20:33:34.0430 14492 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:33:34.0430 14492 Modem - ok
20:33:34.0477 14492 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:33:34.0477 14492 monitor - ok
20:33:34.0493 14492 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:33:34.0493 14492 mouclass - ok
20:33:34.0524 14492 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
20:33:34.0540 14492 mouhid - ok
20:33:34.0555 14492 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:33:34.0571 14492 mountmgr - ok
20:33:34.0602 14492 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:33:34.0602 14492 mpio - ok
20:33:34.0633 14492 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:33:34.0633 14492 mpsdrv - ok
20:33:34.0680 14492 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:33:34.0680 14492 MpsSvc - ok
20:33:34.0711 14492 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:33:34.0727 14492 MRxDAV - ok
20:33:34.0774 14492 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:33:34.0774 14492 mrxsmb - ok
20:33:34.0820 14492 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:33:34.0820 14492 mrxsmb10 - ok
20:33:34.0867 14492 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:33:34.0867 14492 mrxsmb20 - ok
20:33:34.0898 14492 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:33:34.0898 14492 msahci - ok
20:33:34.0930 14492 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:33:34.0945 14492 msdsm - ok
20:33:34.0976 14492 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:33:34.0976 14492 MSDTC - ok
20:33:35.0008 14492 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:33:35.0023 14492 Msfs - ok
20:33:35.0039 14492 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:33:35.0039 14492 mshidkmdf - ok
20:33:35.0070 14492 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:33:35.0070 14492 msisadrv - ok
20:33:35.0117 14492 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:33:35.0132 14492 MSiSCSI - ok
20:33:35.0148 14492 msiserver - ok
20:33:35.0164 14492 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:33:35.0179 14492 MSKSSRV - ok
20:33:35.0195 14492 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:33:35.0195 14492 MSPCLOCK - ok
20:33:35.0226 14492 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:33:35.0226 14492 MSPQM - ok
20:33:35.0273 14492 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:33:35.0273 14492 MsRPC - ok
20:33:35.0304 14492 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:33:35.0304 14492 mssmbios - ok
20:33:35.0335 14492 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:33:35.0335 14492 MSTEE - ok
20:33:35.0366 14492 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:33:35.0366 14492 MTConfig - ok
20:33:35.0398 14492 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:33:35.0398 14492 Mup - ok
20:33:35.0476 14492 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:33:35.0476 14492 napagent - ok
20:33:35.0522 14492 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:33:35.0522 14492 NativeWifiP - ok
20:33:35.0569 14492 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:33:35.0600 14492 NDIS - ok
20:33:35.0616 14492 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:33:35.0632 14492 NdisCap - ok
20:33:35.0663 14492 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:33:35.0663 14492 NdisTapi - ok
20:33:35.0678 14492 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:33:35.0694 14492 Ndisuio - ok
20:33:35.0725 14492 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:33:35.0725 14492 NdisWan - ok
20:33:35.0756 14492 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:33:35.0756 14492 NDProxy - ok
20:33:35.0803 14492 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:33:35.0803 14492 Net Driver HPZ12 - ok
20:33:35.0834 14492 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:33:35.0834 14492 NetBIOS - ok
20:33:35.0881 14492 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:33:35.0881 14492 NetBT - ok
20:33:35.0897 14492 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:33:35.0912 14492 Netlogon - ok
20:33:35.0959 14492 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:33:35.0959 14492 Netman - ok
20:33:36.0022 14492 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:33:36.0037 14492 netprofm - ok
20:33:36.0068 14492 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:33:36.0068 14492 NetTcpPortSharing - ok
20:33:36.0115 14492 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:33:36.0146 14492 nfrd960 - ok
20:33:36.0209 14492 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:33:36.0209 14492 NlaSvc - ok
20:33:36.0240 14492 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:33:36.0240 14492 Npfs - ok
20:33:36.0271 14492 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:33:36.0271 14492 nsi - ok
20:33:36.0287 14492 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:33:36.0287 14492 nsiproxy - ok
20:33:36.0365 14492 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:33:36.0396 14492 Ntfs - ok
20:33:36.0427 14492 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:33:36.0427 14492 Null - ok
20:33:36.0474 14492 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
20:33:36.0490 14492 NVENETFD - ok
20:33:36.0739 14492 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:33:36.0942 14492 nvlddmkm - ok
20:33:36.0989 14492 [ 0AD267A4674805B61A5D7B911D2A978A ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
20:33:37.0004 14492 NVNET - ok
20:33:37.0051 14492 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:33:37.0051 14492 nvraid - ok
20:33:37.0082 14492 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:33:37.0082 14492 nvstor - ok
20:33:37.0114 14492 [ 71B6ECD3C56FBF12FB1968DA3953B703 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
20:33:37.0129 14492 nvstor64 - ok
20:33:37.0176 14492 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:33:37.0176 14492 nv_agp - ok
20:33:37.0254 14492 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:33:37.0270 14492 ohci1394 - ok
20:33:37.0348 14492 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:33:37.0379 14492 ose - ok
20:33:37.0550 14492 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:33:37.0706 14492 osppsvc - ok
20:33:37.0769 14492 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:33:37.0769 14492 p2pimsvc - ok
20:33:37.0816 14492 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:33:37.0831 14492 p2psvc - ok
20:33:37.0878 14492 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:33:37.0878 14492 Parport - ok
20:33:37.0925 14492 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:33:37.0925 14492 partmgr - ok
20:33:37.0956 14492 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:33:37.0956 14492 PcaSvc - ok
20:33:37.0987 14492 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:33:37.0987 14492 pci - ok
20:33:38.0018 14492 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:33:38.0018 14492 pciide - ok
20:33:38.0081 14492 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:33:38.0096 14492 pcmcia - ok
20:33:38.0159 14492 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:33:38.0159 14492 pcw - ok
20:33:38.0190 14492 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:33:38.0206 14492 PEAUTH - ok
20:33:38.0299 14492 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:33:38.0299 14492 PerfHost - ok
20:33:38.0377 14492 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:33:38.0408 14492 pla - ok
20:33:38.0471 14492 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:33:38.0471 14492 PlugPlay - ok
20:33:38.0502 14492 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:33:38.0502 14492 Pml Driver HPZ12 - ok
20:33:38.0533 14492 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:33:38.0533 14492 PNRPAutoReg - ok
20:33:38.0564 14492 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:33:38.0564 14492 PNRPsvc - ok
20:33:38.0627 14492 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:33:38.0642 14492 PolicyAgent - ok
20:33:38.0689 14492 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:33:38.0689 14492 Power - ok
20:33:38.0736 14492 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:33:38.0752 14492 PptpMiniport - ok
20:33:38.0783 14492 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:33:38.0798 14492 Processor - ok
20:33:38.0830 14492 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:33:38.0830 14492 ProfSvc - ok
20:33:38.0861 14492 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:33:38.0861 14492 ProtectedStorage - ok
20:33:38.0892 14492 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:33:38.0908 14492 Psched - ok
20:33:38.0954 14492 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
20:33:38.0954 14492 PSI - ok
20:33:39.0001 14492 [ CAEA9990B58C9A22B9DBC96E85DB3688 ] PuranDefrag C:\Windows\system32\PuranDefragS.exe
20:33:39.0001 14492 PuranDefrag - ok
20:33:39.0064 14492 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:33:39.0095 14492 ql2300 - ok
20:33:39.0142 14492 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:33:39.0142 14492 ql40xx - ok
20:33:39.0188 14492 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:33:39.0204 14492 QWAVE - ok
20:33:39.0220 14492 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:33:39.0235 14492 QWAVEdrv - ok
20:33:39.0251 14492 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:33:39.0251 14492 RasAcd - ok
20:33:39.0298 14492 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:33:39.0298 14492 RasAgileVpn - ok
20:33:39.0329 14492 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:33:39.0329 14492 RasAuto - ok
20:33:39.0360 14492 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:33:39.0360 14492 Rasl2tp - ok
20:33:39.0407 14492 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:33:39.0422 14492 RasMan - ok
20:33:39.0454 14492 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:33:39.0454 14492 RasPppoe - ok
20:33:39.0485 14492 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:33:39.0485 14492 RasSstp - ok
20:33:39.0516 14492 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:33:39.0532 14492 rdbss - ok
20:33:39.0547 14492 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:33:39.0547 14492 rdpbus - ok
20:33:39.0578 14492 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:33:39.0594 14492 RDPCDD - ok
20:33:39.0610 14492 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:33:39.0610 14492 RDPENCDD - ok
20:33:39.0641 14492 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:33:39.0641 14492 RDPREFMP - ok
20:33:39.0688 14492 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:33:39.0703 14492 RDPWD - ok
20:33:39.0734 14492 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:33:39.0734 14492 rdyboost - ok
20:33:39.0781 14492 [ 5F9AC3243C206EC95F32E4348AE67C13 ] RegFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
20:33:39.0797 14492 RegFilter - ok
20:33:39.0828 14492 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:33:39.0844 14492 RemoteAccess - ok
20:33:39.0906 14492 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:33:39.0922 14492 RemoteRegistry - ok
20:33:39.0984 14492 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:33:40.0000 14492 RpcEptMapper - ok
20:33:40.0046 14492 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:33:40.0046 14492 RpcLocator - ok
20:33:40.0109 14492 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:33:40.0109 14492 RpcSs - ok
20:33:40.0156 14492 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:33:40.0156 14492 rspndr - ok
20:33:40.0202 14492 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:33:40.0202 14492 SamSs - ok
20:33:40.0234 14492 [ 6E342316E72F4B6FA39C99E06373A1A3 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
20:33:40.0249 14492 sbapifs - ok
20:33:40.0265 14492 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:33:40.0280 14492 sbp2port - ok
20:33:40.0312 14492 SBRE - ok
20:33:40.0374 14492 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:33:40.0374 14492 SCardSvr - ok
20:33:40.0405 14492 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:33:40.0405 14492 scfilter - ok
20:33:40.0452 14492 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:33:40.0483 14492 Schedule - ok
20:33:40.0530 14492 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:33:40.0530 14492 SCPolicySvc - ok
20:33:40.0561 14492 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:33:40.0561 14492 SDRSVC - ok
20:33:40.0608 14492 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:33:40.0608 14492 secdrv - ok
20:33:40.0639 14492 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:33:40.0639 14492 seclogon - ok
20:33:40.0717 14492 [ 9901DCF2B6DD2AD12CB42BD559E0C92D ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe


20:33:40.0733 14492 Secunia PSI Agent - ok
20:33:40.0780 14492 [ 4F2056349F8BA4154D5213BF8A476B14 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
20:33:40.0795 14492 Secunia Update Agent - ok
20:33:40.0811 14492 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
20:33:40.0826 14492 SENS - ok
20:33:40.0842 14492 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:33:40.0858 14492 SensrSvc - ok
20:33:40.0889 14492 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:33:40.0904 14492 Serenum - ok
20:33:40.0936 14492 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
20:33:40.0936 14492 Serial - ok
20:33:40.0982 14492 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:33:40.0982 14492 sermouse - ok
20:33:41.0045 14492 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:33:41.0045 14492 SessionEnv - ok
20:33:41.0076 14492 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:33:41.0076 14492 sffdisk - ok
20:33:41.0123 14492 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:33:41.0123 14492 sffp_mmc - ok
20:33:41.0154 14492 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:33:41.0154 14492 sffp_sd - ok
20:33:41.0185 14492 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:33:41.0185 14492 sfloppy - ok
20:33:41.0232 14492 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:33:41.0248 14492 SharedAccess - ok
20:33:41.0279 14492 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:33:41.0294 14492 ShellHWDetection - ok
20:33:41.0326 14492 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:33:41.0326 14492 SiSRaid2 - ok
20:33:41.0357 14492 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:33:41.0372 14492 SiSRaid4 - ok
20:33:41.0435 14492 [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
20:33:41.0435 14492 SmartDefragDriver - ok
20:33:41.0466 14492 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:33:41.0466 14492 Smb - ok
20:33:41.0528 14492 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:33:41.0528 14492 SNMPTRAP - ok
20:33:41.0560 14492 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:33:41.0560 14492 spldr - ok
20:33:41.0606 14492 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:33:41.0606 14492 Spooler - ok
20:33:41.0700 14492 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:33:41.0778 14492 sppsvc - ok
20:33:41.0794 14492 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:33:41.0794 14492 sppuinotify - ok
20:33:41.0856 14492 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:33:41.0856 14492 srv - ok
20:33:41.0887 14492 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:33:41.0903 14492 srv2 - ok
20:33:41.0934 14492 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:33:41.0950 14492 srvnet - ok
20:33:41.0996 14492 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:33:41.0996 14492 SSDPSRV - ok
20:33:42.0028 14492 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:33:42.0028 14492 SstpSvc - ok
20:33:42.0074 14492 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:33:42.0074 14492 stexstor - ok
20:33:42.0137 14492 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:33:42.0152 14492 stisvc - ok
20:33:42.0184 14492 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:33:42.0184 14492 swenum - ok
20:33:42.0230 14492 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:33:42.0246 14492 swprv - ok
20:33:42.0324 14492 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:33:42.0355 14492 SysMain - ok
20:33:42.0386 14492 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:33:42.0386 14492 TabletInputService - ok
20:33:42.0418 14492 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:33:42.0449 14492 TapiSrv - ok
20:33:42.0480 14492 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:33:42.0496 14492 TBS - ok
20:33:42.0558 14492 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:33:42.0605 14492 Tcpip - ok
20:33:42.0667 14492 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:33:42.0683 14492 TCPIP6 - ok
20:33:42.0761 14492 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:33:42.0761 14492 tcpipreg - ok
20:33:42.0808 14492 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:33:42.0808 14492 TDPIPE - ok
20:33:42.0839 14492 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:33:42.0839 14492 TDTCP - ok
20:33:42.0870 14492 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:33:42.0870 14492 tdx - ok
20:33:42.0901 14492 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:33:42.0901 14492 TermDD - ok
20:33:42.0948 14492 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:33:42.0964 14492 TermService - ok
20:33:42.0979 14492 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:33:42.0995 14492 Themes - ok
20:33:43.0010 14492 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:33:43.0010 14492 THREADORDER - ok
20:33:43.0073 14492 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:33:43.0073 14492 TrkWks - ok
20:33:43.0120 14492 [ D5747C16225B4C7B0D04511DB0407544 ] Trufos C:\Windows\system32\DRIVERS\TRUFOS.sys
20:33:43.0120 14492 Trufos - ok
20:33:43.0182 14492 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:33:43.0198 14492 TrustedInstaller - ok
20:33:43.0229 14492 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:33:43.0229 14492 tssecsrv - ok
20:33:43.0260 14492 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:33:43.0276 14492 TsUsbFlt - ok
20:33:43.0322 14492 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:33:43.0322 14492 TsUsbGD - ok
20:33:43.0354 14492 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:33:43.0369 14492 tunnel - ok
20:33:43.0385 14492 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:33:43.0400 14492 uagp35 - ok
20:33:43.0447 14492 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:33:43.0447 14492 udfs - ok
20:33:43.0525 14492 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:33:43.0541 14492 UI0Detect - ok
20:33:43.0603 14492 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:33:43.0619 14492 uliagpkx - ok
20:33:43.0650 14492 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:33:43.0650 14492 umbus - ok
20:33:43.0697 14492 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:33:43.0697 14492 UmPass - ok
20:33:43.0744 14492 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:33:43.0759 14492 upnphost - ok
20:33:43.0806 14492 [ 241080F1B28E68F0D00F8F1066A3780D ] UrlFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
20:33:43.0806 14492 UrlFilter - ok
20:33:43.0853 14492 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
20:33:43.0853 14492 USBAAPL64 - ok
20:33:43.0884 14492 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:33:43.0900 14492 usbccgp - ok
20:33:43.0931 14492 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:33:43.0931 14492 usbcir - ok
20:33:43.0962 14492 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:33:43.0962 14492 usbehci - ok
20:33:44.0024 14492 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:33:44.0040 14492 usbhub - ok
20:33:44.0071 14492 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:33:44.0071 14492 usbohci - ok
20:33:44.0118 14492 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:33:44.0134 14492 usbprint - ok
20:33:44.0196 14492 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:33:44.0212 14492 usbscan - ok
20:33:44.0258 14492 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
20:33:44.0305 14492 USBSTOR - ok
20:33:44.0336 14492 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:33:44.0336 14492 usbuhci - ok
20:33:44.0383 14492 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:33:44.0383 14492 UxSms - ok
20:33:44.0414 14492 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:33:44.0414 14492 VaultSvc - ok
20:33:44.0446 14492 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:33:44.0446 14492 vdrvroot - ok
20:33:44.0477 14492 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:33:44.0492 14492 vds - ok
20:33:44.0524 14492 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:33:44.0524 14492 vga - ok
20:33:44.0555 14492 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:33:44.0570 14492 VgaSave - ok
20:33:44.0602 14492 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:33:44.0617 14492 vhdmp - ok
20:33:44.0648 14492 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:33:44.0648 14492 viaide - ok
20:33:44.0680 14492 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:33:44.0680 14492 volmgr - ok
20:33:44.0711 14492 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:33:44.0726 14492 volmgrx - ok
20:33:44.0758 14492 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:33:44.0758 14492 volsnap - ok
20:33:44.0789 14492 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:33:44.0789 14492 vsmraid - ok
20:33:44.0851 14492 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:33:44.0882 14492 VSS - ok
20:33:44.0914 14492 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:33:44.0914 14492 vwifibus - ok
20:33:44.0960 14492 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:33:44.0976 14492 W32Time - ok
20:33:45.0007 14492 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:33:45.0007 14492 WacomPen - ok
20:33:45.0038 14492 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:33:45.0054 14492 WANARP - ok
20:33:45.0070 14492 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:33:45.0070 14492 Wanarpv6 - ok
20:33:45.0148 14492 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:33:45.0194 14492 WatAdminSvc - ok
20:33:45.0257 14492 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:33:45.0288 14492 wbengine - ok
20:33:45.0319 14492 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:33:45.0319 14492 WbioSrvc - ok
20:33:45.0350 14492 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:33:45.0366 14492 wcncsvc - ok
20:33:45.0397 14492 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:33:45.0397 14492 WcsPlugInService - ok
20:33:45.0428 14492 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:33:45.0444 14492 Wd - ok
20:33:45.0491 14492 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:33:45.0506 14492 Wdf01000 - ok
20:33:45.0522 14492 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:33:45.0522 14492 WdiServiceHost - ok
20:33:45.0553 14492 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:33:45.0553 14492 WdiSystemHost - ok
20:33:45.0616 14492 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:33:45.0647 14492 WebClient - ok
20:33:45.0678 14492 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:33:45.0709 14492 Wecsvc - ok
20:33:45.0740 14492 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:33:45.0740 14492 wercplsupport - ok
20:33:45.0772 14492 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:33:45.0787 14492 WerSvc - ok
20:33:45.0803 14492 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:33:45.0818 14492 WfpLwf - ok
20:33:45.0850 14492 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:33:45.0850 14492 WIMMount - ok
20:33:45.0865 14492 WinDefend - ok
20:33:45.0896 14492 WinHttpAutoProxySvc - ok
20:33:45.0974 14492 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:33:45.0974 14492 Winmgmt - ok
20:33:46.0052 14492 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:33:46.0084 14492 WinRM - ok
20:33:46.0146 14492 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:33:46.0162 14492 WinUsb - ok
20:33:46.0193 14492 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:33:46.0208 14492 Wlansvc - ok
20:33:46.0240 14492 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:33:46.0240 14492 WmiAcpi - ok
20:33:46.0318 14492 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:33:46.0318 14492 wmiApSrv - ok
20:33:46.0364 14492 WMPNetworkSvc - ok
20:33:46.0380 14492 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:33:46.0380 14492 WPCSvc - ok
20:33:46.0458 14492 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:33:46.0458 14492 WPDBusEnum - ok
20:33:46.0536 14492 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:33:46.0536 14492 ws2ifsl - ok
20:33:46.0567 14492 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
20:33:46.0567 14492 wscsvc - ok
20:33:46.0583 14492 WSearch - ok
20:33:46.0676 14492 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\Windows\system32\wuaueng.dll
20:33:46.0739 14492 wuauserv - ok
20:33:46.0770 14492 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:33:46.0770 14492 WudfPf - ok
20:33:46.0817 14492 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:33:46.0817 14492 WUDFRd - ok
20:33:46.0848 14492 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:33:46.0848 14492 wudfsvc - ok
20:33:46.0879 14492 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:33:46.0895 14492 WwanSvc - ok
20:33:46.0926 14492 ================ Scan global ===============================
20:33:46.0973 14492 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:33:47.0020 14492 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:33:47.0035 14492 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:33:47.0082 14492 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:33:47.0098 14492 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:33:47.0113 14492 [Global] - ok
20:33:47.0113 14492 ================ Scan MBR ==================================
20:33:47.0129 14492 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:33:47.0410 14492 \Device\Harddisk0\DR0 - ok
20:33:47.0410 14492 ================ Scan VBR ==================================
20:33:47.0425 14492 [ 288A94B8CA8958B666401C49C6514B55 ] \Device\Harddisk0\DR0\Partition1
20:33:47.0425 14492 \Device\Harddisk0\DR0\Partition1 - ok
20:33:47.0472 14492 [ CF6C92051380218BA834178DFD220788 ] \Device\Harddisk0\DR0\Partition2
20:33:47.0472 14492 \Device\Harddisk0\DR0\Partition2 - ok
20:33:47.0472 14492 ============================================================
20:33:47.0472 14492 Scan finished
20:33:47.0472 14492 ============================================================
20:33:47.0488 14396 Detected object count: 0
20:33:47.0488 14396 Actual detected object count: 0

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-09 20:35:01
-----------------------------
20:35:01.244 OS Version: Windows x64 6.1.7601 Service Pack 1
20:35:01.244 Number of processors: 1 586 0x7F02
20:35:01.244 ComputerName: JUDY-PC UserName: Judy
20:35:03.990 Initialize success
20:43:09.056 AVAST engine defs: 12100901
20:43:37.417 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000059
20:43:37.433 Disk 0 Vendor: ST332041 CC44 Size: 305245MB BusType: 3
20:43:37.464 Disk 0 MBR read successfully
20:43:37.479 Disk 0 MBR scan
20:43:37.511 Disk 0 Windows 7 default MBR code
20:43:37.526 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12288 MB offset 2048
20:43:37.557 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 25167872
20:43:37.573 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 292855 MB offset 25372672
20:43:37.620 Disk 0 scanning C:\Windows\system32\drivers
20:43:51.379 Service scanning
20:44:24.451 Modules scanning
20:44:24.467 Disk 0 trace - called modules:
20:44:24.482 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
20:44:25.013 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80022a1130]
20:44:25.013 3 CLASSPNP.SYS[fffff8800197143f] -> nt!IofCallDriver -> [0xfffffa8001f6dbf0]
20:44:25.028 5 ACPI.sys[fffff88000f5e7a1] -> nt!IofCallDriver -> \Device\00000059[0xfffffa8001f7f9c0]
20:44:26.354 AVAST engine scan C:\Windows
20:44:29.521 AVAST engine scan C:\Windows\system32
20:49:50.756 AVAST engine scan C:\Windows\system32\drivers
20:50:07.885 AVAST engine scan C:\Users\Judy
20:55:37.482 AVAST engine scan C:\ProgramData
20:56:40.568 Scan finished successfully
20:58:41.016 Disk 0 MBR has been saved successfully to "C:\Users\Judy\Desktop\MBR.dat"
20:58:41.031 The log file has been saved successfully to "C:\Users\Judy\Desktop\aswMBR.txt"

C:\Backup\pepsi1061\Desktop\Computer\PlayItAll-Setup-win32_8.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Judy\AppData\LocalLow\FCTB000100565\Toolbar\Toolbar.dll Win32/Toolbar.BHO.B application cleaned by deleting - quarantined
C:\Users\Judy\Downloads\iobit unlocker setup.exe a variant of Win32/Soft32Downloader.B application cleaned by deleting - quarantined
C:\Users\Judy\Downloads\unlockersetup.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:38 AM

Posted 09 October 2012 - 10:12 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 Pepsi1061

Pepsi1061
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:38 AM

Posted 10 October 2012 - 02:45 PM

Here's 4 of the 5 logs. The JRT is taking forever. Is that normal? When I downloaded the JRT. There wasn't a tool nor did it ask me about running it as an administrator. It just began running. Did I do anything wrong?
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.10.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Judy :: JUDY-PC [administrator]

10/10/2012 8:47:12 AM
mbam-log-2012-10-10 (08-47-12).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 396653
Time elapsed: 1 hour(s), 9 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.10.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Judy :: JUDY-PC [administrator]

10/10/2012 8:47:12 AM
mbam-log-2012-10-10 (08-47-12).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 396653
Time elapsed: 1 hour(s), 9 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


MiniToolBox by Farbar Version: 23-07-2012
Ran by Judy (administrator) on 10-10-2012 at 13:56:00
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================




127.0.0.1 localhost

========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Judy-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : westell.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet
Physical Address. . . . . . . . . : 00-26-2D-28-11-71
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.15(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, October 09, 2012 8:25:02 AM
Lease Expires . . . . . . . . . . : Thursday, October 11, 2012 1:49:57 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:801::1006
74.125.226.232
74.125.226.230
74.125.226.238
74.125.226.231
74.125.226.227
74.125.226.225
74.125.226.224
74.125.226.228
74.125.226.226
74.125.226.229
74.125.226.233


Pinging google.com [74.125.226.233] with 32 bytes of data:
Reply from 74.125.226.233: bytes=32 time=33ms TTL=55
Reply from 74.125.226.233: bytes=32 time=30ms TTL=55

Ping statistics for 74.125.226.233:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 30ms, Maximum = 33ms, Average = 31ms
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=187ms TTL=50
Reply from 98.139.183.24: bytes=32 time=243ms TTL=50

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 187ms, Maximum = 243ms, Average = 215ms
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 26 2d 28 11 71 ......NVIDIA nForce 10/100/1000 Mbps Ethernet
1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.15 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.15 276
192.168.1.15 255.255.255.255 On-link 192.168.1.15 276
192.168.1.255 255.255.255.255 On-link 192.168.1.15 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.15 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.15 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/10/2012 02:01:08 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/10/2012 02:01:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/10/2012 02:01:04 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/10/2012 01:58:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/10/2012 01:58:04 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/10/2012 01:57:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/10/2012 01:57:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/10/2012 01:57:36 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/10/2012 01:57:30 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/10/2012 01:57:19 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (10/09/2012 10:31:15 PM) (Source: DCOM) (User: Judy-PC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Judy-PCJudyS-1-5-21-3837789094-3474773503-1615160316-1001LocalHost (Using LRPC)

Error: (10/09/2012 06:18:49 PM) (Source: DCOM) (User: Judy-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Judy-PCJudyS-1-5-21-3837789094-3474773503-1615160316-1001LocalHost (Using LRPC)

Error: (10/09/2012 06:18:48 PM) (Source: DCOM) (User: Judy-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Judy-PCJudyS-1-5-21-3837789094-3474773503-1615160316-1001LocalHost (Using LRPC)

Error: (10/09/2012 06:18:46 PM) (Source: DCOM) (User: Judy-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Judy-PCJudyS-1-5-21-3837789094-3474773503-1615160316-1001LocalHost (Using LRPC)

Error: (10/09/2012 04:38:30 PM) (Source: DCOM) (User: )
Description: "C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" -Embedding14001{3C5E2B20-B911-44E2-A2DD-9F05E7B5E775}

Error: (10/09/2012 09:22:47 AM) (Source: DCOM) (User: Judy-PC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Judy-PCJudyS-1-5-21-3837789094-3474773503-1615160316-1001LocalHost (Using LRPC)

Error: (10/09/2012 09:21:49 AM) (Source: DCOM) (User: Judy-PC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Judy-PCJudyS-1-5-21-3837789094-3474773503-1615160316-1001LocalHost (Using LRPC)

Error: (10/09/2012 09:16:26 AM) (Source: DCOM) (User: Judy-PC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Judy-PCJudyS-1-5-21-3837789094-3474773503-1615160316-1001LocalHost (Using LRPC)

Error: (10/09/2012 09:15:56 AM) (Source: DCOM) (User: Judy-PC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Judy-PCJudyS-1-5-21-3837789094-3474773503-1615160316-1001LocalHost (Using LRPC)

Error: (10/09/2012 08:25:08 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS
SBRE


Microsoft Office Sessions:
=========================
Error: (10/10/2012 02:01:08 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Judy\Desktop\esetsmartinstaller_enu.exe

Error: (10/10/2012 02:01:05 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Judy\Desktop\esetsmartinstaller_enu.exe

Error: (10/10/2012 02:01:04 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Judy\Desktop\esetsmartinstaller_enu.exe

Error: (10/10/2012 01:58:34 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/10/2012 01:58:04 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe

Error: (10/10/2012 01:57:53 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

Error: (10/10/2012 01:57:37 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe

Error: (10/10/2012 01:57:36 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe

Error: (10/10/2012 01:57:30 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Outlook.client.exe

Error: (10/10/2012 01:57:19 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe


=========================== Installed Programs ============================

5600 (Version: 130.0.365.000)
5600_Help (Version: 82.0.242.000)
5600Trb (Version: 82.0.242.000)
Adobe Flash Player 11 ActiveX (Version: 11.5.500.90)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
Advanced SystemCare with Antivirus 2013 (Version: 5.6.4)
AIO_CDB_ProductContext (Version: 130.0.365.000)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
Apple Software Update (Version: 2.1.3.127)
Bluebeam Revu x64 10 (Version: 10.0.0)
BufferChm (Version: 140.0.212.000)
CCleaner (Version: 3.23)
Copy (Version: 130.0.428.000)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DocProc (Version: 13.0.0.0)
ESET Online Scanner v3
Expert PDF 7 Reader (Version: 7.0.1370.0)
Fax (Version: 130.0.418.000)
FileHippo.com Update Checker
Google Chrome (Version: 22.0.1229.92)
Google Update Helper (Version: 1.3.21.123)
GPBaseService2 (Version: 130.0.371.000)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Update (Version: 5.003.001.001)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
IObit Malware Fighter (Version: 1.0)
IObit Unlocker (Version: 1.0)
LastPass (uninstall only)
Macromedia Shockwave Player
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Web Publishing Wizard 1.52
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
NetZero For Riverdeep (Version: 1.0.0)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA Update Components (Version: 1.8.15)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
ParetoLogic Privacy Controls (Version: 3.1.2.0)
Puran Defrag 7.5
QuickTime (Version: 7.72.80.56)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
Realtek High Definition Audio Driver (Version: 6.0.1.6662)
RealUpgrade 1.1 (Version: 1.1.0)
RegCure Pro (Version: 3.1.1.0)
Reimage Repair (Version: 1.6.2.7)
Scan (Version: 13.0.0.0)
Secunia PSI (3.0.0.4001) (Version: 3.0.0.4001)
Security Task Manager 1.8d (Version: 1.8d)
Smart Defrag 2 (Version: 2.5)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.469.000)
SumatraPDF (Version: 2.1)
swMSM (Version: 12.0.0.1)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 130.0.422.000)
Tweaking.com - Windows Repair (All in One) (Version: 1.9.0)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Verizon Toolbar (Version: 6.0.0.33)
WebReg (Version: 140.0.212.017)

========================= Memory info: ===================================

Percentage of memory in use: 65%
Total physical RAM: 1790.49 MB
Available physical RAM: 610.3 MB
Total Pagefile: 4775.49 MB
Available Pagefile: 3003.74 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.54 MB

========================= Partitions: =====================================

1 Drive c: (eMachines) (Fixed) (Total:285.99 GB) (Free:222.13 GB) NTFS
5 Drive g: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.02 GB) NTFS

========================= Users: ========================================

User accounts for \\JUDY-PC

Administrator ASPNET Guest
Judy UpdatusUser Virgil

========================= Restore Points ==================================

06-10-2012 23:48:09 Restore Operation
07-10-2012 01:40:26 Windows Update
07-10-2012 03:41:32 RegCure Pro Backup
07-10-2012 14:39:19 IObit Uninstaller restore point
07-10-2012 14:49:01 IObit Uninstaller restore point
07-10-2012 14:49:25 Removed Apple Application Support
07-10-2012 14:52:45 IObit Uninstaller restore point
07-10-2012 14:59:56 RegCure Pro Backup
07-10-2012 21:26:44 RegCure Pro Backup
08-10-2012 02:15:22 RegCure Pro Backup
08-10-2012 05:54:22 Windows Update
08-10-2012 19:32:55 Installed MSXML 4.0 SP3 Parser
09-10-2012 01:45:33 Windows Update
09-10-2012 04:22:37 Tweaking.com - Windows Repair
09-10-2012 20:42:08 Tweaking.com - Windows Repair

**** End of log ****

Farbar Service Scanner Version: 07-10-2012
Ran by Judy (administrator) on 10-10-2012 at 14:00:11
Running from "C:\Users\Judy\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit

ATTENTION!=====> C:\Program Files\Windows Defender\MpSvc.dll FILE IS MISSING AND SHOULD BE RESTORED.

C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

# AdwCleaner v2.004 - Logfile created 10/10/2012 at 14:03:16
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Judy - JUDY-PC
# Boot Mode : Normal
# Running from : C:\Users\Judy\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Qwiklinx
Folder Deleted : C:\Program Files (x86)\verizontb
Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Judy\AppData\Local\Conduit
Folder Deleted : C:\Users\Judy\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Judy\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Judy\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Judy\AppData\LocalLow\verizontb
Folder Deleted : C:\Users\Judy\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Folder Deleted : C:\Users\Judy\AppData\Roaming\Qwiklinx
Folder Deleted : C:\Users\Virgil\AppData\Local\Babylon
Folder Deleted : C:\Users\Virgil\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Virgil\AppData\LocalLow\verizontb
Folder Deleted : C:\Users\Virgil\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\BrowserMngr
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{96673559-E653-4CDC-8923-F89347A952C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F8D96645-337C-419B-8792-B6C126145811}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{96673559-E653-4CDC-8923-F89347A952C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8D96645-337C-419B-8792-B6C126145811}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BrowserMngr
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33333333-3333-3333-3333-330033503360}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96673559-E653-4CDC-8923-F89347A952C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F8D96645-337C-419B-8792-B6C126145811}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77777777-7777-7777-7777-770077507760}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96673559-E653-4CDC-8923-F89347A952C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8D96645-337C-419B-8792-B6C126145811}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077507760}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F8D96645-337C-419B-8792-B6C126145811}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - BrowserMngr Start Page] = hxxp://search.babylon.com/?affID=110790&tt=120912_pcp_3812_6&babsrc=HP_ss&mntrId=4c97406100000000000000262d281171 --> hxxp://www.google.com

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Virgil\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [6776 octets] - [10/10/2012 14:03:16]

########## EOF - C:\AdwCleaner[S2].txt - [6836 octets] ##########

Edited by Pepsi1061, 10 October 2012 - 03:09 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:38 AM

Posted 10 October 2012 - 03:27 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

Any current issues?

#7 Pepsi1061

Pepsi1061
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:38 AM

Posted 10 October 2012 - 06:14 PM

Here are the logs.
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/10/2012 05:51:57 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Judy\Desktop\rkill\rkill-10-10-2012-05-52-07.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\.exe\shell found and deleted!

* HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
* HKCU\SOFTWARE\Classes\.exe has been deleted!
* HKCU\SOFTWARE\Classes\exefile has been deleted!


Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/10/2012 05:52:36 PM
Execution time: 0 hours(s), 0 minute(s), and 39 seconds(s)

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "IObit Malware Fighter" "IObit Malware Fighter" "IObit" "c:\program files (x86)\iobit\iobit malware fighter\imf.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\update\realsched.exe"
"C:\Users\Judy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OpenOffice.org 3.4.1.lnk" "" "" "c:\program files (x86)\openoffice.org 3\program\quickstart.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Advanced SystemCare 5" "Advanced SystemCare with Antivirus Tray" "IObit" "c:\program files (x86)\iobit\advanced systemcare with antivirus 2013\asctray.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
+ "Advanced SystemCare" "ASCv5ExtMenu Module" "" "c:\program files (x86)\iobit\advanced systemcare with antivirus 2013\ascv5extmenu_64.dll"
+ "IObit Malware Fighter" "BlueBirdShellExt Module" "IObit" "c:\program files (x86)\iobit\iobit malware fighter\imfshellext.dll"
+ "PhotoStreamsExt" "" "" "c:\program files\common files\apple\internet services\shellstreams64.dll"
+ "PuranDefrag" "Shell Context Menu Handler" "Puran Software" "c:\windows\system32\purandefrag.dll"
+ "UnLockerMenu" "IObitUnlockerExtension" "IObit" "c:\program files (x86)\iobit\iobit unlocker\iobitunlockerextension.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
+ "PhotoStreamsExt" "ShellStreams.dll" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\shellstreams.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
+ "Advanced SystemCare" "ASCv5ExtMenu Module" "" "c:\program files (x86)\iobit\advanced systemcare with antivirus 2013\ascv5extmenu_64.dll"
+ "IObit Malware Fighter" "BlueBirdShellExt Module" "IObit" "c:\program files (x86)\iobit\iobit malware fighter\imfshellext.dll"
+ "UnLockerMenu" "IObitUnlockerExtension" "IObit" "c:\program files (x86)\iobit\iobit unlocker\iobitunlockerextension.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "" "File not found: C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "Apache Software Foundation" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Advanced SystemCare" "ASCv5ExtMenu Module" "" "c:\program files (x86)\iobit\advanced systemcare with antivirus 2013\ascv5extmenu_64.dll"
+ "IObit Malware Fighter" "BlueBirdShellExt Module" "IObit" "c:\program files (x86)\iobit\iobit malware fighter\imfshellext.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "PuranDefrag" "Shell Context Menu Handler" "Puran Software" "c:\windows\system32\purandefrag.dll"
+ "UnLockerMenu" "IObitUnlockerExtension" "IObit" "c:\program files (x86)\iobit\iobit unlocker\iobitunlockerextension.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "LastPass Vault" "LastPass Toolbar" "" "c:\program files (x86)\lastpass\lptoolbar_x64.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "LastPass Vault" "LastPass Toolbar" "" "c:\program files (x86)\lastpass\lptoolbar.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "LastPass Toolbar" "LastPass Toolbar" "" "c:\program files (x86)\lastpass\lptoolbar_x64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "LastPass Toolbar" "LastPass Toolbar" "" "c:\program files (x86)\lastpass\lptoolbar.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "LastPass" "LastPass Toolbar" "" "c:\program files (x86)\lastpass\lptoolbar_x64.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "LastPass" "LastPass Toolbar" "" "c:\program files (x86)\lastpass\lptoolbar.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
"Task Scheduler" "" "" ""
+ "\0" "Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\internet explorer\iexplore.exe"
+ "\4593" "" "" "File not found: C:\Users\Judy\AppData\Local\Temp\launchie.vbs"
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.5 r500" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\ASC5_AutoClean" "Advanced SystemCare Auto Sweep" "IObit" "c:\program files (x86)\iobit\advanced systemcare with antivirus 2013\autosweep.exe"
+ "\ASC5_AutoUpdate" "Advanced SystemCare with Antivirus AutoUpdate" "IObit" "c:\program files (x86)\iobit\advanced systemcare with antivirus 2013\autoupdate.exe"
+ "\ASCAntivirusScan" "Advanced SystemCare Antivirus Scan" "IObit" "c:\program files (x86)\iobit\advanced systemcare with antivirus 2013\ascantivirus.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\Driver Detective-RTMRules" "Driver Detective" "PC Drivers Headquarters" "c:\program files (x86)\pc drivers headquarters\driver detective\drivershq.driverdetective.client.exe"
+ "\Driver Detective-RTMScan" "Driver Detective" "PC Drivers Headquarters" "c:\program files (x86)\pc drivers headquarters\driver detective\drivershq.driverdetective.client.exe"
+ "\Driver Detective-RTMUpdater" "Driver Detective" "PC Drivers Headquarters" "c:\program files (x86)\pc drivers headquarters\driver detective\drivershq.driverdetective.client.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3837789094-3474773503-1615160316-1005Core" "" "" "File not found: C:\Users\Virgil\AppData\Local\Google\Update\GoogleUpdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3837789094-3474773503-1615160316-1005UA" "" "" "File not found: C:\Users\Virgil\AppData\Local\Google\Update\GoogleUpdate.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\ParetoLogic Privacy Controls_{839D6E70-02BF-11E2-B823-00262D281171}" "Paretologic Privacy Controls" "ParetoLogic Inc." "c:\program files (x86)\paretologic\privacy controls\pareto_pc.exe"
+ "\ParetoLogic Registration3" "Product Update Component" "" "c:\program files (x86)\common files\paretologic\uus3\uus3.dll"
+ "\pc-dis-upd" "" "" "File not found: C:\Program Files (x86)\PC Cleaners\PCCleaners.exe"
+ "\ProgramUpdateCheck" "" "" "File not found: C:\Program Files (x86)\File Type Assistant\TSAssist.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-3837789094-3474773503-1615160316-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-3837789094-3474773503-1615160316-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RegCure Pro_sch_74442968-0EA5-11E2-8358-00262D281171" "RegCure Pro" "ParetoLogic, Inc." "c:\program files (x86)\paretologic\regcure pro\regcurepro.exe"
+ "\Registry Optimizer" "" "" "File not found: C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe"
+ "\Registry Optimizer_DEFAULT" "" "" "File not found: C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe"
+ "\Registry Optimizer_UPDATES" "" "" "File not found: C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe"
+ "\Run RoboForm TaskBar Icon" "" "" "File not found: C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sidebar.exe"
+ "\SmartDefrag_Schedule" "Smart Defrag v2" "IObit" "c:\program files (x86)\iobit\smart defrag 2\smartdefrag.exe"
+ "\SpeedyPC Pro" "" "" "File not found: C:\Program Files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe"
+ "\SpeedyPC Registration3" "" "" "File not found: C:\Program Files (x86)\Common Files\SpeedyPC Software\UUS3\UUS3.dll"
+ "\SpeedyPC Update Version3" "" "" "File not found: C:\Program Files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe"
+ "\SpeedyPC Update Version3 Startup Task" "" "" "File not found: C:\Program Files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe"
+ "\{0D41354E-6FC1-43AE-9D88-026B8C53E093}" "" "" "File not found: C:\Users\Judy\Desktop\blacklight.exe"
+ "\{23B0B416-A3AF-4FE6-A7F9-C54D347B13CA}" "" "" "File not found: C:\Users\Judy\Desktop\blacklight.exe"
+ "\{47043CE1-1E08-4837-9524-AF64C76E04DD}" "" "" "File not found: C:\Users\Judy\Desktop\blacklight.exe"
+ "\{F2A04B62-2D94-4059-890C-E84D61510D3D}" "" "" "File not found: C:\Users\Judy\Desktop\CrucialScan.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "ASCAntivirusSrv" "Advanced SystemCare Antivirus Service" "IOBit" "c:\program files (x86)\iobit\advanced systemcare with antivirus 2013\ascavsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll"
+ "IMFservice" "IObit Malware Fighter Service" "IObit" "c:\program files (x86)\iobit\iobit malware fighter\imfsrv.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "WinDefend" "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-1176" "" "File not found: C:\Program Files\Windows Defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "AFS" "" "" "File not found: C:\Windows\System32\Drivers\AFS.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "bdfsfltr" "BdFsFltr File System Minifilter Driver by ASC" "BitDefender" "c:\windows\system32\drivers\bdfsfltr.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CrucialSMBusScan" "" "" "File not found: C:\Windows\System32\Drivers\CrucialSMBusScan.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "FileMonitor" "File Filter driver of IMF" "IObit" "c:\program files (x86)\iobit\iobit malware fighter\drivers\win7_amd64\filemonitor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVENETFD" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvm62x64.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 185.93 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "NVNET" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvmf6264.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "nvstor64" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor64.sys"
+ "PSI" "PSI mini-filter driver" "Secunia" "c:\windows\system32\drivers\psi_mf.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RegFilter" "Registry Filter" "IObit.com" "c:\program files (x86)\iobit\iobit malware fighter\drivers\win7_amd64\regfilter.sys"
+ "sbapifs" "GFI Active Protection Filter Driver" "GFI Software" "c:\windows\system32\drivers\sbapifs.sys"
+ "SBRE" "" "" "File not found: C:\Windows\System32\Drivers\SBRE.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SmartDefragDriver" "File driver of SmartDefrag" "" "c:\windows\system32\drivers\smartdefragdriver.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "Trufos" "BdFsFltr File System Minifilter Driver by ASC" "BitDefender S.R.L." "c:\windows\system32\drivers\trufos.sys"
+ "UrlFilter" "URL Filter" "IObit.com" "c:\program files (x86)\iobit\iobit malware fighter\drivers\win7_amd64\urlfilter.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "SmartDefragBootTime.exe" "SmartDefrag" "IObit" "c:\windows\system32\smartdefragboottime.exe"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP Standard TCP/IP Port" "Standard TCP/IP Port Monitor DLL" "Hewlett Packard" "c:\windows\system32\hptcpmon.dll"
+ "LIDIL hpzllwn7" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzllwn7.dll"
"C:\Users\Judy\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Calendar" "Browse the days of the calendar." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Gadget.xml"
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Gadget.xml"
+ "Weather" "See what the weather looks like around the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Gadget.xml"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:38 AM

Posted 10 October 2012 - 06:29 PM

Any current issues?

#9 Pepsi1061

Pepsi1061
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:38 AM

Posted 10 October 2012 - 09:25 PM

So far it's good. Thanks.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:38 AM

Posted 10 October 2012 - 09:27 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users