Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Recommended for you Adware


  • Please log in to reply
17 replies to this topic

#1 rock_head

rock_head

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 25 October 2012 - 09:38 AM

hi, i'm having the same problem, with the recommended for you adware. i've tried everything, including going through all the steps in this thread.

can anyone help me please?

thanks

*Moderator Edit: Post split to form new topic. ~ Queen-Evie*

Edited by Queen-Evie, 25 October 2012 - 10:21 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:26 PM

Posted 25 October 2012 - 10:38 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 rock_head

rock_head
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 25 October 2012 - 10:39 AM

thanks, Queen-Evie

#4 rock_head

rock_head
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 25 October 2012 - 02:27 PM

Thanks, narenxp.

Here is the TDSSKiller log:

11:40:22.0732 5228 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
11:40:22.0842 5228 ============================================================
11:40:22.0842 5228 Current date / time: 2012/10/25 11:40:22.0842
11:40:22.0842 5228 SystemInfo:
11:40:22.0842 5228
11:40:22.0842 5228 OS Version: 6.1.7601 ServicePack: 1.0
11:40:22.0842 5228 Product type: Workstation
11:40:22.0842 5228 ComputerName: MATT-HP
11:40:22.0842 5228 UserName: Matt
11:40:22.0842 5228 Windows directory: C:\Windows
11:40:22.0842 5228 System windows directory: C:\Windows
11:40:22.0842 5228 Running under WOW64
11:40:22.0842 5228 Processor architecture: Intel x64
11:40:22.0842 5228 Number of processors: 4
11:40:22.0842 5228 Page size: 0x1000
11:40:22.0842 5228 Boot type: Normal boot
11:40:22.0842 5228 ============================================================
11:40:23.0356 5228 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:40:23.0356 5228 ============================================================
11:40:23.0356 5228 \Device\Harddisk0\DR0:
11:40:23.0356 5228 MBR partitions:
11:40:23.0356 5228 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
11:40:23.0356 5228 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x55854000
11:40:23.0356 5228 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x558B8000, BlocksNum 0x1C5A800
11:40:23.0356 5228 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x57512800, BlocksNum 0x336F0
11:40:23.0356 5228 ============================================================
11:40:23.0419 5228 C: <-> \Device\Harddisk0\DR0\Partition2
11:40:23.0481 5228 D: <-> \Device\Harddisk0\DR0\Partition3
11:40:23.0481 5228 ============================================================
11:40:23.0481 5228 Initialize success
11:40:23.0481 5228 ============================================================
11:41:19.0080 12140 ============================================================
11:41:19.0080 12140 Scan started
11:41:19.0080 12140 Mode: Manual; TDLFS;
11:41:19.0080 12140 ============================================================
11:41:19.0641 12140 ================ Scan system memory ========================
11:41:19.0641 12140 System memory - ok
11:41:19.0641 12140 ================ Scan services =============================
11:41:19.0813 12140 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:41:19.0813 12140 1394ohci - ok
11:41:19.0844 12140 [ 7A330A42870EB1FA81F88BE514D2D566 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
11:41:19.0844 12140 Accelerometer - ok
11:41:19.0891 12140 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:41:19.0907 12140 ACPI - ok
11:41:19.0922 12140 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:41:19.0922 12140 AcpiPmi - ok
11:41:20.0031 12140 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:41:20.0031 12140 AdobeARMservice - ok
11:41:20.0078 12140 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:41:20.0078 12140 adp94xx - ok
11:41:20.0109 12140 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:41:20.0109 12140 adpahci - ok
11:41:20.0141 12140 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:41:20.0141 12140 adpu320 - ok
11:41:20.0312 12140 [ 7652940ADA176D26D8938B9BE309F4EE ] AdvancedSystemCareService6 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
11:41:20.0328 12140 AdvancedSystemCareService6 - ok
11:41:20.0359 12140 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:41:20.0359 12140 AeLookupSvc - ok
11:41:20.0437 12140 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
11:41:20.0437 12140 AESTFilters - ok
11:41:20.0499 12140 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:41:20.0499 12140 AFD - ok
11:41:20.0531 12140 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:41:20.0531 12140 agp440 - ok
11:41:20.0562 12140 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:41:20.0562 12140 ALG - ok
11:41:20.0562 12140 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:41:20.0577 12140 aliide - ok
11:41:20.0577 12140 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:41:20.0577 12140 amdide - ok
11:41:20.0593 12140 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:41:20.0593 12140 AmdK8 - ok
11:41:20.0593 12140 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:41:20.0593 12140 AmdPPM - ok
11:41:20.0640 12140 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:41:20.0640 12140 amdsata - ok
11:41:20.0687 12140 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:41:20.0687 12140 amdsbs - ok
11:41:20.0702 12140 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:41:20.0702 12140 amdxata - ok
11:41:20.0702 12140 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:41:20.0702 12140 AppID - ok
11:41:20.0733 12140 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:41:20.0733 12140 AppIDSvc - ok
11:41:20.0733 12140 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:41:20.0749 12140 Appinfo - ok
11:41:20.0749 12140 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
11:41:20.0749 12140 arc - ok
11:41:20.0796 12140 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:41:20.0796 12140 arcsas - ok
11:41:20.0811 12140 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:41:20.0811 12140 AsyncMac - ok
11:41:20.0827 12140 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:41:20.0827 12140 atapi - ok
11:41:20.0858 12140 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:41:20.0874 12140 AudioEndpointBuilder - ok
11:41:20.0905 12140 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:41:20.0905 12140 AudioSrv - ok
11:41:20.0936 12140 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:41:20.0936 12140 AxInstSV - ok
11:41:20.0983 12140 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:41:20.0983 12140 b06bdrv - ok
11:41:21.0030 12140 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:41:21.0030 12140 b57nd60a - ok
11:41:21.0077 12140 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
11:41:21.0092 12140 BCM43XX - ok
11:41:21.0108 12140 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:41:21.0108 12140 BDESVC - ok
11:41:21.0123 12140 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:41:21.0123 12140 Beep - ok
11:41:21.0155 12140 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:41:21.0155 12140 BFE - ok
11:41:21.0201 12140 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
11:41:21.0217 12140 BITS - ok
11:41:21.0248 12140 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:41:21.0248 12140 blbdrive - ok
11:41:21.0279 12140 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:41:21.0279 12140 bowser - ok
11:41:21.0295 12140 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:41:21.0295 12140 BrFiltLo - ok
11:41:21.0311 12140 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:41:21.0311 12140 BrFiltUp - ok
11:41:21.0357 12140 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:41:21.0357 12140 Browser - ok
11:41:21.0389 12140 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:41:21.0389 12140 Brserid - ok
11:41:21.0404 12140 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:41:21.0404 12140 BrSerWdm - ok
11:41:21.0420 12140 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:41:21.0420 12140 BrUsbMdm - ok
11:41:21.0420 12140 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:41:21.0420 12140 BrUsbSer - ok
11:41:21.0420 12140 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:41:21.0420 12140 BTHMODEM - ok
11:41:21.0451 12140 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:41:21.0451 12140 bthserv - ok
11:41:21.0467 12140 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:41:21.0467 12140 cdfs - ok
11:41:21.0482 12140 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:41:21.0498 12140 cdrom - ok
11:41:21.0513 12140 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:41:21.0513 12140 CertPropSvc - ok
11:41:21.0545 12140 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
11:41:21.0545 12140 circlass - ok
11:41:21.0591 12140 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:41:21.0591 12140 CLFS - ok
11:41:21.0669 12140 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:41:21.0669 12140 clr_optimization_v2.0.50727_32 - ok
11:41:21.0732 12140 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:41:21.0732 12140 clr_optimization_v2.0.50727_64 - ok
11:41:21.0810 12140 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:41:21.0810 12140 clr_optimization_v4.0.30319_32 - ok
11:41:21.0857 12140 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:41:21.0857 12140 clr_optimization_v4.0.30319_64 - ok
11:41:21.0872 12140 clwvd - ok
11:41:21.0903 12140 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:41:21.0903 12140 CmBatt - ok
11:41:21.0935 12140 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:41:21.0935 12140 cmdide - ok
11:41:21.0966 12140 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
11:41:21.0981 12140 CNG - ok
11:41:21.0997 12140 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:41:22.0013 12140 Compbatt - ok
11:41:22.0044 12140 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:41:22.0044 12140 CompositeBus - ok
11:41:22.0059 12140 COMSysApp - ok
11:41:22.0075 12140 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:41:22.0075 12140 crcdisk - ok
11:41:22.0122 12140 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:41:22.0122 12140 CryptSvc - ok
11:41:22.0169 12140 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:41:22.0184 12140 DcomLaunch - ok
11:41:22.0215 12140 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:41:22.0215 12140 defragsvc - ok
11:41:22.0262 12140 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:41:22.0262 12140 DfsC - ok
11:41:22.0309 12140 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:41:22.0325 12140 Dhcp - ok
11:41:22.0340 12140 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:41:22.0340 12140 discache - ok
11:41:22.0356 12140 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
11:41:22.0356 12140 Disk - ok
11:41:22.0403 12140 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:41:22.0418 12140 Dnscache - ok
11:41:22.0434 12140 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:41:22.0449 12140 dot3svc - ok
11:41:22.0449 12140 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:41:22.0449 12140 DPS - ok
11:41:22.0481 12140 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:41:22.0481 12140 drmkaud - ok
11:41:22.0527 12140 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:41:22.0543 12140 DXGKrnl - ok
11:41:22.0574 12140 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:41:22.0574 12140 EapHost - ok
11:41:22.0808 12140 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:41:22.0886 12140 ebdrv - ok
11:41:22.0917 12140 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:41:22.0917 12140 EFS - ok
11:41:22.0980 12140 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:41:22.0980 12140 ehRecvr - ok
11:41:22.0995 12140 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:41:23.0011 12140 ehSched - ok
11:41:23.0042 12140 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:41:23.0042 12140 elxstor - ok
11:41:23.0058 12140 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:41:23.0058 12140 ErrDev - ok
11:41:23.0105 12140 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:41:23.0120 12140 EventSystem - ok
11:41:23.0198 12140 [ 7EE9F35BC1DD0CE1A4976032F9AC5162 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:41:23.0214 12140 EvtEng - ok
11:41:23.0229 12140 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:41:23.0229 12140 exfat - ok
11:41:23.0261 12140 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:41:23.0261 12140 fastfat - ok
11:41:23.0307 12140 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:41:23.0323 12140 Fax - ok
11:41:23.0354 12140 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
11:41:23.0354 12140 fdc - ok
11:41:23.0385 12140 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:41:23.0385 12140 fdPHost - ok
11:41:23.0401 12140 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:41:23.0401 12140 FDResPub - ok
11:41:23.0432 12140 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:41:23.0432 12140 FileInfo - ok
11:41:23.0448 12140 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:41:23.0448 12140 Filetrace - ok
11:41:23.0463 12140 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:41:23.0463 12140 flpydisk - ok
11:41:23.0495 12140 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:41:23.0510 12140 FltMgr - ok
11:41:23.0557 12140 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:41:23.0588 12140 FontCache - ok
11:41:23.0635 12140 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:41:23.0635 12140 FontCache3.0.0.0 - ok
11:41:23.0682 12140 [ 2074A85A6B8F84A5A9C60B915B465FAF ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
11:41:23.0697 12140 FPLService - ok
11:41:23.0713 12140 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:41:23.0713 12140 FsDepends - ok
11:41:23.0744 12140 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:41:23.0760 12140 Fs_Rec - ok
11:41:23.0791 12140 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:41:23.0791 12140 fvevol - ok
11:41:23.0807 12140 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:41:23.0822 12140 gagp30kx - ok
11:41:23.0838 12140 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:41:23.0853 12140 gpsvc - ok
11:41:23.0885 12140 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:41:23.0885 12140 hcw85cir - ok
11:41:23.0885 12140 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:41:23.0900 12140 HdAudAddService - ok
11:41:23.0916 12140 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:41:23.0916 12140 HDAudBus - ok
11:41:23.0916 12140 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:41:23.0916 12140 HidBatt - ok
11:41:23.0931 12140 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:41:23.0931 12140 HidBth - ok
11:41:23.0947 12140 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
11:41:23.0947 12140 HidIr - ok
11:41:23.0963 12140 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:41:23.0963 12140 hidserv - ok
11:41:23.0994 12140 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:41:23.0994 12140 HidUsb - ok
11:41:24.0009 12140 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:41:24.0009 12140 hkmsvc - ok
11:41:24.0025 12140 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:41:24.0025 12140 HomeGroupListener - ok
11:41:24.0056 12140 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:41:24.0056 12140 HomeGroupProvider - ok
11:41:24.0134 12140 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
11:41:24.0134 12140 HP Support Assistant Service - ok
11:41:24.0212 12140 [ E040F0064D39F73BB4995D494F3DCBB8 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
11:41:24.0228 12140 hpCMSrv - ok
11:41:24.0275 12140 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
11:41:24.0290 12140 HPDrvMntSvc.exe - ok
11:41:24.0337 12140 [ A4BE23C451ADEB252CD17A0532CAE220 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
11:41:24.0337 12140 hpdskflt - ok
11:41:24.0399 12140 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
11:41:24.0415 12140 hpqwmiex - ok
11:41:24.0431 12140 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:41:24.0431 12140 HpSAMD - ok
11:41:24.0462 12140 [ A88A45E82BC54BFFB49C63973010226A ] hpsrv C:\Windows\system32\Hpservice.exe
11:41:24.0462 12140 hpsrv - ok
11:41:24.0509 12140 [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
11:41:24.0509 12140 HPWMISVC - ok
11:41:24.0540 12140 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:41:24.0555 12140 HTTP - ok
11:41:24.0571 12140 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:41:24.0571 12140 hwpolicy - ok
11:41:24.0587 12140 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:41:24.0587 12140 i8042prt - ok
11:41:24.0618 12140 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:41:24.0618 12140 iaStor - ok
11:41:24.0680 12140 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:41:24.0680 12140 IAStorDataMgrSvc - ok
11:41:24.0758 12140 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:41:24.0758 12140 iaStorV - ok
11:41:24.0821 12140 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:41:24.0836 12140 idsvc - ok
11:41:25.0086 12140 [ EFE5A0AF39A8E179624117C521F1E012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:41:25.0304 12140 igfx - ok
11:41:25.0335 12140 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:41:25.0335 12140 iirsp - ok
11:41:25.0382 12140 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:41:25.0398 12140 IKEEXT - ok
11:41:25.0429 12140 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:41:25.0445 12140 IntcDAud - ok
11:41:25.0460 12140 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:41:25.0460 12140 intelide - ok
11:41:25.0476 12140 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:41:25.0476 12140 intelppm - ok
11:41:25.0507 12140 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:41:25.0507 12140 IPBusEnum - ok
11:41:25.0538 12140 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:41:25.0538 12140 IpFilterDriver - ok
11:41:25.0554 12140 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:41:25.0569 12140 iphlpsvc - ok
11:41:25.0569 12140 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:41:25.0585 12140 IPMIDRV - ok
11:41:25.0601 12140 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:41:25.0601 12140 IPNAT - ok
11:41:25.0632 12140 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:41:25.0632 12140 IRENUM - ok
11:41:25.0632 12140 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:41:25.0632 12140 isapnp - ok
11:41:25.0663 12140 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:41:25.0663 12140 iScsiPrt - ok
11:41:25.0679 12140 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:41:25.0679 12140 kbdclass - ok
11:41:25.0694 12140 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:41:25.0694 12140 kbdhid - ok
11:41:25.0694 12140 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:41:25.0694 12140 KeyIso - ok
11:41:25.0741 12140 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:41:25.0741 12140 KSecDD - ok
11:41:25.0757 12140 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:41:25.0757 12140 KSecPkg - ok
11:41:25.0772 12140 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:41:25.0772 12140 ksthunk - ok
11:41:25.0803 12140 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:41:25.0819 12140 KtmRm - ok
11:41:25.0866 12140 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:41:25.0881 12140 LanmanServer - ok
11:41:25.0897 12140 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:41:25.0897 12140 LanmanWorkstation - ok
11:41:25.0928 12140 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:41:25.0928 12140 lltdio - ok
11:41:25.0959 12140 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:41:25.0975 12140 lltdsvc - ok
11:41:25.0991 12140 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:41:25.0991 12140 lmhosts - ok
11:41:26.0037 12140 [ D7E0BED3EA21D7BDDD410ADE51708D90 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:41:26.0037 12140 LMS - ok
11:41:26.0069 12140 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:41:26.0069 12140 LSI_FC - ok
11:41:26.0084 12140 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:41:26.0084 12140 LSI_SAS - ok
11:41:26.0100 12140 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:41:26.0100 12140 LSI_SAS2 - ok
11:41:26.0100 12140 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:41:26.0100 12140 LSI_SCSI - ok
11:41:26.0115 12140 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:41:26.0115 12140 luafv - ok
11:41:26.0147 12140 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:41:26.0147 12140 Mcx2Svc - ok
11:41:26.0178 12140 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
11:41:26.0178 12140 megasas - ok
11:41:26.0178 12140 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:41:26.0193 12140 MegaSR - ok
11:41:26.0225 12140 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:41:26.0225 12140 MEIx64 - ok
11:41:26.0240 12140 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:41:26.0240 12140 MMCSS - ok
11:41:26.0256 12140 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:41:26.0256 12140 Modem - ok
11:41:26.0287 12140 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:41:26.0287 12140 monitor - ok
11:41:26.0303 12140 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:41:26.0303 12140 mouclass - ok
11:41:26.0318 12140 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:41:26.0318 12140 mouhid - ok
11:41:26.0349 12140 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:41:26.0349 12140 mountmgr - ok
11:41:26.0381 12140 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:41:26.0381 12140 MozillaMaintenance - ok
11:41:26.0396 12140 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:41:26.0396 12140 mpio - ok
11:41:26.0427 12140 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:41:26.0427 12140 mpsdrv - ok
11:41:26.0459 12140 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:41:26.0474 12140 MpsSvc - ok
11:41:26.0490 12140 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:41:26.0490 12140 MRxDAV - ok
11:41:26.0537 12140 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:41:26.0537 12140 mrxsmb - ok
11:41:26.0552 12140 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:41:26.0568 12140 mrxsmb10 - ok
11:41:26.0583 12140 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:41:26.0583 12140 mrxsmb20 - ok
11:41:26.0615 12140 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:41:26.0615 12140 msahci - ok
11:41:26.0630 12140 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:41:26.0630 12140 msdsm - ok
11:41:26.0661 12140 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:41:26.0661 12140 MSDTC - ok
11:41:26.0677 12140 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:41:26.0677 12140 Msfs - ok
11:41:26.0693 12140 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:41:26.0693 12140 mshidkmdf - ok
11:41:26.0724 12140 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:41:26.0724 12140 msisadrv - ok
11:41:26.0739 12140 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:41:26.0739 12140 MSiSCSI - ok
11:41:26.0755 12140 msiserver - ok
11:41:26.0786 12140 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:41:26.0786 12140 MSKSSRV - ok
11:41:26.0802 12140 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:41:26.0802 12140 MSPCLOCK - ok
11:41:26.0817 12140 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:41:26.0817 12140 MSPQM - ok
11:41:26.0833 12140 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:41:26.0833 12140 MsRPC - ok
11:41:26.0849 12140 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:41:26.0864 12140 mssmbios - ok
11:41:26.0864 12140 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:41:26.0864 12140 MSTEE - ok
11:41:26.0880 12140 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:41:26.0880 12140 MTConfig - ok
11:41:26.0895 12140 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:41:26.0895 12140 Mup - ok
11:41:26.0911 12140 [ 0CF5580F27918FFD2E165ECAFA734103 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:41:26.0927 12140 MyWiFiDHCPDNS - ok
11:41:26.0958 12140 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:41:26.0973 12140 napagent - ok
11:41:26.0989 12140 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:41:26.0989 12140 NativeWifiP - ok
11:41:27.0051 12140 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:41:27.0067 12140 NDIS - ok
11:41:27.0114 12140 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:41:27.0114 12140 NdisCap - ok
11:41:27.0129 12140 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:41:27.0129 12140 NdisTapi - ok
11:41:27.0145 12140 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:41:27.0145 12140 Ndisuio - ok
11:41:27.0161 12140 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:41:27.0161 12140 NdisWan - ok
11:41:27.0207 12140 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:41:27.0207 12140 NDProxy - ok
11:41:27.0223 12140 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:41:27.0223 12140 NetBIOS - ok
11:41:27.0254 12140 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:41:27.0254 12140 NetBT - ok
11:41:27.0270 12140 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:41:27.0270 12140 Netlogon - ok
11:41:27.0301 12140 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:41:27.0317 12140 Netman - ok
11:41:27.0317 12140 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:41:27.0332 12140 netprofm - ok
11:41:27.0363 12140 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:41:27.0363 12140 NetTcpPortSharing - ok
11:41:27.0519 12140 [ B9C587BDAA61A689883439D5AE6FE7F3 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
11:41:27.0707 12140 NETwNs64 - ok
11:41:27.0738 12140 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:41:27.0738 12140 nfrd960 - ok
11:41:27.0753 12140 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:41:27.0769 12140 NlaSvc - ok
11:41:27.0785 12140 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:41:27.0785 12140 Npfs - ok
11:41:27.0800 12140 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:41:27.0816 12140 nsi - ok
11:41:27.0831 12140 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:41:27.0831 12140 nsiproxy - ok
11:41:27.0894 12140 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:41:27.0909 12140 Ntfs - ok
11:41:27.0941 12140 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:41:27.0941 12140 Null - ok
11:41:27.0956 12140 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
11:41:27.0956 12140 nusb3hub - ok
11:41:27.0972 12140 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:41:27.0987 12140 nusb3xhc - ok
11:41:28.0003 12140 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
11:41:28.0019 12140 NVENETFD - ok
11:41:28.0034 12140 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:41:28.0034 12140 nvraid - ok
11:41:28.0065 12140 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:41:28.0065 12140 nvstor - ok
11:41:28.0097 12140 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:41:28.0097 12140 nv_agp - ok
11:41:28.0112 12140 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:41:28.0112 12140 ohci1394 - ok
11:41:28.0143 12140 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:41:28.0143 12140 ose - ok
11:41:28.0346 12140 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:41:28.0471 12140 osppsvc - ok
11:41:28.0502 12140 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:41:28.0502 12140 p2pimsvc - ok
11:41:28.0518 12140 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:41:28.0533 12140 p2psvc - ok
11:41:28.0549 12140 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
11:41:28.0565 12140 Parport - ok
11:41:28.0596 12140 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:41:28.0596 12140 partmgr - ok
11:41:28.0611 12140 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:41:28.0611 12140 PcaSvc - ok
11:41:28.0643 12140 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:41:28.0643 12140 pci - ok
11:41:28.0658 12140 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:41:28.0658 12140 pciide - ok
11:41:28.0689 12140 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:41:28.0689 12140 pcmcia - ok
11:41:28.0721 12140 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:41:28.0721 12140 pcw - ok
11:41:28.0736 12140 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:41:28.0752 12140 PEAUTH - ok
11:41:28.0814 12140 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:41:28.0830 12140 PerfHost - ok
11:41:28.0908 12140 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:41:28.0923 12140 pla - ok
11:41:28.0986 12140 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:41:28.0986 12140 PlugPlay - ok
11:41:29.0033 12140 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:41:29.0033 12140 PNRPAutoReg - ok
11:41:29.0048 12140 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:41:29.0064 12140 PNRPsvc - ok
11:41:29.0079 12140 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:41:29.0095 12140 PolicyAgent - ok
11:41:29.0111 12140 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:41:29.0126 12140 Power - ok
11:41:29.0142 12140 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:41:29.0142 12140 PptpMiniport - ok
11:41:29.0157 12140 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
11:41:29.0157 12140 Processor - ok
11:41:29.0204 12140 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:41:29.0204 12140 ProfSvc - ok
11:41:29.0220 12140 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:41:29.0220 12140 ProtectedStorage - ok
11:41:29.0235 12140 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:41:29.0235 12140 Psched - ok
11:41:29.0282 12140 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:41:29.0298 12140 ql2300 - ok
11:41:29.0313 12140 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:41:29.0329 12140 ql40xx - ok
11:41:29.0345 12140 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:41:29.0360 12140 QWAVE - ok
11:41:29.0360 12140 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:41:29.0360 12140 QWAVEdrv - ok
11:41:29.0376 12140 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:41:29.0376 12140 RasAcd - ok
11:41:29.0391 12140 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:41:29.0407 12140 RasAgileVpn - ok
11:41:29.0423 12140 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:41:29.0423 12140 RasAuto - ok
11:41:29.0438 12140 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:41:29.0438 12140 Rasl2tp - ok
11:41:29.0454 12140 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:41:29.0469 12140 RasMan - ok
11:41:29.0469 12140 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:41:29.0469 12140 RasPppoe - ok
11:41:29.0485 12140 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:41:29.0485 12140 RasSstp - ok
11:41:29.0501 12140 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:41:29.0516 12140 rdbss - ok
11:41:29.0516 12140 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
11:41:29.0516 12140 rdpbus - ok
11:41:29.0532 12140 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:41:29.0532 12140 RDPCDD - ok
11:41:29.0563 12140 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:41:29.0563 12140 RDPENCDD - ok
11:41:29.0579 12140 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:41:29.0579 12140 RDPREFMP - ok
11:41:29.0625 12140 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:41:29.0625 12140 RdpVideoMiniport - ok
11:41:29.0657 12140 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:41:29.0657 12140 RDPWD - ok
11:41:29.0672 12140 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:41:29.0672 12140 rdyboost - ok
11:41:29.0766 12140 [ AA9FD849C028CCB441A78061B57DB734 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:41:29.0766 12140 RegSrvc - ok
11:41:29.0813 12140 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:41:29.0813 12140 RemoteAccess - ok
11:41:29.0828 12140 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:41:29.0828 12140 RemoteRegistry - ok
11:41:29.0844 12140 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:41:29.0844 12140 RpcEptMapper - ok
11:41:29.0875 12140 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:41:29.0875 12140 RpcLocator - ok
11:41:29.0906 12140 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:41:29.0906 12140 RpcSs - ok
11:41:29.0937 12140 [ D5C3E1629A3F7F0857D27949252B94CE ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
11:41:29.0953 12140 RSPCIESTOR - ok
11:41:29.0984 12140 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:41:29.0984 12140 rspndr - ok
11:41:30.0015 12140 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:41:30.0015 12140 RTL8167 - ok
11:41:30.0031 12140 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:41:30.0031 12140 SamSs - ok
11:41:30.0047 12140 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:41:30.0047 12140 sbp2port - ok
11:41:30.0047 12140 SBRE - ok
11:41:30.0125 12140 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
11:41:30.0125 12140 SBSDWSCService - ok
11:41:30.0156 12140 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:41:30.0156 12140 SCardSvr - ok
11:41:30.0187 12140 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:41:30.0187 12140 scfilter - ok
11:41:30.0234 12140 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:41:30.0265 12140 Schedule - ok
11:41:30.0296 12140 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:41:30.0296 12140 SCPolicySvc - ok
11:41:30.0327 12140 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
11:41:30.0327 12140 sdbus - ok
11:41:30.0359 12140 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:41:30.0359 12140 SDRSVC - ok
11:41:30.0374 12140 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:41:30.0374 12140 secdrv - ok
11:41:30.0390 12140 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:41:30.0390 12140 seclogon - ok
11:41:30.0421 12140 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:41:30.0421 12140 SENS - ok
11:41:30.0437 12140 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:41:30.0437 12140 SensrSvc - ok
11:41:30.0452 12140 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
11:41:30.0452 12140 Serenum - ok
11:41:30.0468 12140 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
11:41:30.0468 12140 Serial - ok
11:41:30.0468 12140 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:41:30.0468 12140 sermouse - ok
11:41:30.0499 12140 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:41:30.0499 12140 SessionEnv - ok
11:41:30.0530 12140 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:41:30.0530 12140 sffdisk - ok
11:41:30.0546 12140 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:41:30.0546 12140 sffp_mmc - ok
11:41:30.0546 12140 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:41:30.0546 12140 sffp_sd - ok
11:41:30.0546 12140 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:41:30.0546 12140 sfloppy - ok
11:41:30.0593 12140 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:41:30.0608 12140 SharedAccess - ok
11:41:30.0639 12140 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:41:30.0639 12140 ShellHWDetection - ok
11:41:30.0655 12140 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:41:30.0655 12140 SiSRaid2 - ok
11:41:30.0671 12140 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:41:30.0686 12140 SiSRaid4 - ok
11:41:30.0686 12140 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:41:30.0686 12140 Smb - ok
11:41:30.0717 12140 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:41:30.0717 12140 SNMPTRAP - ok
11:41:30.0749 12140 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:41:30.0749 12140 spldr - ok
11:41:30.0780 12140 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:41:30.0795 12140 Spooler - ok
11:41:30.0889 12140 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:41:30.0983 12140 sppsvc - ok
11:41:31.0014 12140 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:41:31.0029 12140 sppuinotify - ok
11:41:31.0061 12140 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:41:31.0061 12140 srv - ok
11:41:31.0092 12140 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:41:31.0107 12140 srv2 - ok
11:41:31.0154 12140 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
11:41:31.0154 12140 SrvHsfHDA - ok
11:41:31.0201 12140 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
11:41:31.0232 12140 SrvHsfV92 - ok
11:41:31.0263 12140 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
11:41:31.0279 12140 SrvHsfWinac - ok
11:41:31.0326 12140 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:41:31.0326 12140 srvnet - ok
11:41:31.0373 12140 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:41:31.0373 12140 SSDPSRV - ok
11:41:31.0388 12140 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:41:31.0404 12140 SstpSvc - ok
11:41:31.0466 12140 [ 86678C2F5081FEA3517D78E92230B5FF ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
11:41:31.0466 12140 STacSV - ok
11:41:31.0497 12140 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:41:31.0497 12140 stexstor - ok
11:41:31.0544 12140 [ 74387B34B43F94E380608888C56A5CCD ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
11:41:31.0560 12140 STHDA - ok
11:41:31.0591 12140 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:41:31.0607 12140 stisvc - ok
11:41:31.0638 12140 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:41:31.0638 12140 swenum - ok
11:41:31.0669 12140 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:41:31.0669 12140 swprv - ok
11:41:31.0731 12140 [ 33E6A285DAA5134D8EA2247914C86C09 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:41:31.0747 12140 SynTP - ok
11:41:31.0809 12140 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:41:31.0841 12140 SysMain - ok
11:41:31.0856 12140 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:41:31.0856 12140 TabletInputService - ok
11:41:31.0856 12140 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:41:31.0856 12140 TapiSrv - ok
11:41:31.0919 12140 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:41:31.0919 12140 TBS - ok
11:41:32.0012 12140 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:41:32.0028 12140 Tcpip - ok
11:41:32.0059 12140 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:41:32.0075 12140 TCPIP6 - ok
11:41:32.0106 12140 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:41:32.0106 12140 tcpipreg - ok
11:41:32.0106 12140 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:41:32.0106 12140 TDPIPE - ok
11:41:32.0137 12140 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:41:32.0137 12140 TDTCP - ok
11:41:32.0168 12140 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:41:32.0168 12140 tdx - ok
11:41:32.0184 12140 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:41:32.0184 12140 TermDD - ok
11:41:32.0215 12140 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:41:32.0215 12140 TermService - ok
11:41:32.0215 12140 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:41:32.0231 12140 Themes - ok
11:41:32.0231 12140 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:41:32.0231 12140 THREADORDER - ok
11:41:32.0262 12140 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:41:32.0262 12140 TrkWks - ok
11:41:32.0324 12140 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:41:32.0324 12140 TrustedInstaller - ok
11:41:32.0355 12140 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:41:32.0355 12140 tssecsrv - ok
11:41:32.0371 12140 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:41:32.0371 12140 TsUsbFlt - ok
11:41:32.0402 12140 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:41:32.0402 12140 TsUsbGD - ok
11:41:32.0433 12140 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:41:32.0433 12140 tunnel - ok
11:41:32.0449 12140 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:41:32.0449 12140 uagp35 - ok
11:41:32.0449 12140 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:41:32.0465 12140 udfs - ok
11:41:32.0480 12140 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:41:32.0480 12140 UI0Detect - ok
11:41:32.0496 12140 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:41:32.0496 12140 uliagpkx - ok
11:41:32.0527 12140 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:41:32.0527 12140 umbus - ok
11:41:32.0527 12140 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
11:41:32.0543 12140 UmPass - ok
11:41:32.0636 12140 [ A678E5DDD974903DD71F503BDCACA218 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:41:32.0667 12140 UNS - ok
11:41:32.0699 12140 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:41:32.0714 12140 upnphost - ok
11:41:32.0745 12140 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:41:32.0745 12140 usbccgp - ok
11:41:32.0777 12140 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:41:32.0777 12140 usbcir - ok
11:41:32.0777 12140 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
11:41:32.0777 12140 usbehci - ok
11:41:32.0823 12140 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:41:32.0823 12140 usbhub - ok
11:41:32.0839 12140 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:41:32.0839 12140 usbohci - ok
11:41:32.0870 12140 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
11:41:32.0870 12140 usbprint - ok
11:41:32.0886 12140 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:41:32.0886 12140 USBSTOR - ok
11:41:32.0917 12140 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:41:32.0917 12140 usbuhci - ok
11:41:32.0933 12140 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:41:32.0948 12140 usbvideo - ok
11:41:32.0964 12140 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:41:32.0964 12140 UxSms - ok
11:41:32.0979 12140 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:41:32.0979 12140 VaultSvc - ok
11:41:32.0995 12140 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:41:32.0995 12140 vdrvroot - ok
11:41:33.0026 12140 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:41:33.0026 12140 vds - ok
11:41:33.0057 12140 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:41:33.0057 12140 vga - ok
11:41:33.0073 12140 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:41:33.0073 12140 VgaSave - ok
11:41:33.0089 12140 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:41:33.0089 12140 vhdmp - ok
11:41:33.0104 12140 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:41:33.0104 12140 viaide - ok
11:41:33.0135 12140 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:41:33.0135 12140 volmgr - ok
11:41:33.0151 12140 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:41:33.0167 12140 volmgrx - ok
11:41:33.0167 12140 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:41:33.0182 12140 volsnap - ok
11:41:33.0198 12140 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:41:33.0198 12140 vsmraid - ok
11:41:33.0245 12140 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:41:33.0276 12140 VSS - ok
11:41:33.0291 12140 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:41:33.0291 12140 vwifibus - ok
11:41:33.0307 12140 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:41:33.0307 12140 vwififlt - ok
11:41:33.0323 12140 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:41:33.0323 12140 vwifimp - ok
11:41:33.0369 12140 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:41:33.0385 12140 W32Time - ok
11:41:33.0401 12140 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:41:33.0401 12140 WacomPen - ok
11:41:33.0416 12140 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:41:33.0416 12140 WANARP - ok
11:41:33.0432 12140 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:41:33.0432 12140 Wanarpv6 - ok
11:41:33.0510 12140 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:41:33.0525 12140 WatAdminSvc - ok
11:41:33.0572 12140 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:41:33.0588 12140 wbengine - ok
11:41:33.0619 12140 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:41:33.0619 12140 WbioSrvc - ok
11:41:33.0650 12140 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:41:33.0650 12140 wcncsvc - ok
11:41:33.0666 12140 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:41:33.0666 12140 WcsPlugInService - ok
11:41:33.0697 12140 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
11:41:33.0697 12140 Wd - ok
11:41:33.0713 12140 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:41:33.0728 12140 Wdf01000 - ok
11:41:33.0759 12140 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:41:33.0759 12140 WdiServiceHost - ok
11:41:33.0759 12140 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:41:33.0759 12140 WdiSystemHost - ok
11:41:33.0791 12140 [ 5E1640435DD54D00451156CA5340B109 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
11:41:33.0791 12140 wdkmd - ok
11:41:33.0806 12140 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:41:33.0822 12140 WebClient - ok
11:41:33.0837 12140 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:41:33.0837 12140 Wecsvc - ok
11:41:33.0853 12140 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:41:33.0853 12140 wercplsupport - ok
11:41:33.0869 12140 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:41:33.0869 12140 WerSvc - ok
11:41:33.0884 12140 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:41:33.0884 12140 WfpLwf - ok
11:41:33.0900 12140 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:41:33.0900 12140 WIMMount - ok
11:41:33.0931 12140 WinDefend - ok
11:41:33.0931 12140 WinHttpAutoProxySvc - ok
11:41:33.0993 12140 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:41:33.0993 12140 Winmgmt - ok
11:41:34.0087 12140 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:41:34.0103 12140 WinRM - ok
11:41:34.0134 12140 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
11:41:34.0134 12140 WinUsb - ok
11:41:34.0181 12140 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:41:34.0212 12140 Wlansvc - ok
11:41:34.0227 12140 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:41:34.0227 12140 WmiAcpi - ok
11:41:34.0274 12140 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:41:34.0274 12140 wmiApSrv - ok
11:41:34.0305 12140 WMPNetworkSvc - ok
11:41:34.0321 12140 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:41:34.0321 12140 WPCSvc - ok
11:41:34.0337 12140 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:41:34.0337 12140 WPDBusEnum - ok
11:41:34.0368 12140 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:41:34.0368 12140 ws2ifsl - ok
11:41:34.0399 12140 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
11:41:34.0399 12140 wscsvc - ok
11:41:34.0399 12140 WSearch - ok
11:41:34.0461 12140 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:41:34.0493 12140 wuauserv - ok
11:41:34.0508 12140 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:41:34.0524 12140 WudfPf - ok
11:41:34.0539 12140 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:41:34.0539 12140 WUDFRd - ok
11:41:34.0571 12140 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:41:34.0571 12140 wudfsvc - ok
11:41:34.0586 12140 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:41:34.0586 12140 WwanSvc - ok
11:41:34.0602 12140 ================ Scan global ===============================
11:41:34.0664 12140 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:41:34.0695 12140 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
11:41:34.0711 12140 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
11:41:34.0742 12140 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:41:34.0758 12140 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:41:34.0773 12140 [Global] - ok
11:41:34.0773 12140 ================ Scan MBR ==================================
11:41:34.0773 12140 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:41:35.0085 12140 \Device\Harddisk0\DR0 - ok
11:41:35.0085 12140 ================ Scan VBR ==================================
11:41:35.0101 12140 [ 319CB24F6472CAED71F9719175BB242D ] \Device\Harddisk0\DR0\Partition1
11:41:35.0101 12140 \Device\Harddisk0\DR0\Partition1 - ok
11:41:35.0117 12140 [ 0CDB008F621780F5D4EE4C8F90136D54 ] \Device\Harddisk0\DR0\Partition2
11:41:35.0117 12140 \Device\Harddisk0\DR0\Partition2 - ok
11:41:35.0148 12140 [ E734E87CF9EE6B75571CEC5690F5ABC4 ] \Device\Harddisk0\DR0\Partition3
11:41:35.0148 12140 \Device\Harddisk0\DR0\Partition3 - ok
11:41:35.0163 12140 [ FA4B3C583CD6C39AF90220321643BB40 ] \Device\Harddisk0\DR0\Partition4
11:41:35.0179 12140 \Device\Harddisk0\DR0\Partition4 - ok
11:41:35.0179 12140 ============================================================
11:41:35.0179 12140 Scan finished
11:41:35.0179 12140 ============================================================
11:41:35.0195 6240 Detected object count: 0
11:41:35.0195 6240 Actual detected object count: 0




and the aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-25 11:44:21
-----------------------------
11:44:21.934 OS Version: Windows x64 6.1.7601 Service Pack 1
11:44:21.934 Number of processors: 4 586 0x2A07
11:44:21.934 ComputerName: MATT-HP UserName: Matt
11:44:23.806 Initialize success
11:45:03.297 AVAST engine defs: 12102501
11:45:12.657 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:45:12.673 Disk 0 Vendor: Hitachi_ JE4O Size: 715404MB BusType: 3
11:45:12.688 Disk 0 MBR read successfully
11:45:12.688 Disk 0 MBR scan
11:45:12.704 Disk 0 Windows 7 default MBR code
11:45:12.735 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
11:45:12.735 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 700584 MB offset 409600
11:45:12.782 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 14517 MB offset 1435205632
11:45:12.829 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 102 MB offset 1464936448
11:45:12.860 Disk 0 scanning C:\Windows\system32\drivers
11:45:23.359 Service scanning
11:45:52.593 Modules scanning
11:45:52.593 Disk 0 trace - called modules:
11:45:52.593 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
11:45:52.609 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800813e060]
11:45:52.609 3 CLASSPNP.SYS[fffff880013b943f] -> nt!IofCallDriver -> [0xfffffa80063a3960]
11:45:52.609 5 hpdskflt.sys[fffff880017ec361] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800623e050]
11:45:54.278 AVAST engine scan C:\Windows
11:45:56.618 AVAST engine scan C:\Windows\system32
11:48:19.311 AVAST engine scan C:\Windows\system32\drivers
11:48:30.918 AVAST engine scan C:\Users\Matt
11:55:14.970 AVAST engine scan C:\ProgramData
11:55:36.061 Scan finished successfully
13:53:38.252 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
13:53:38.252 The log file has been saved successfully to "C:\TDSSKiller.2.8.13.0_25.10.2012_11.40.22_log.txt"
13:55:36.938 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
13:55:36.938 The log file has been saved successfully to "C:\aswMBR.txt"



The eset did not detect any threats, and I couldn't find any way to access the list you referred to.

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:26 PM

Posted 25 October 2012 - 03:15 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#6 rock_head

rock_head
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 26 October 2012 - 10:56 AM

Malwarebytes found no threats:


Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.26.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Matt :: MATT-HP [administrator]

10/26/2012 10:47:59 AM
mbam-log-2012-10-26 (10-47-59).txt

Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 468268
Time elapsed: 38 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




MiniToolBox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Matt (administrator) on 26-10-2012 at 11:43:18
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15273 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Intel® WiFi Link 1000 BGN = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Matt-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : geology.ohio-state.edu

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 8C-A9-82-76-8F-CD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 8C-A9-82-76-8F-CD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 8C-A9-82-76-8F-CC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : geology.ohio-state.edu
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 2C-27-D7-BB-EF-CD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:8cfe:fe1c:d:b148:3f06:feaa:34f5(Preferred)
IPv6 Address. . . . . . . . . . . : 2002:8cfe:ffe5:d:b148:3f06:feaa:34f5(Preferred)
Site-local IPv6 Address . . . . . : fec0::d:b148:3f06:feaa:34f5%1(Preferred)
Temporary IPv6 Address. . . . . . : 2002:8cfe:fe1c:d:f5a6:c2e4:2618:e909(Preferred)
Temporary IPv6 Address. . . . . . : 2002:8cfe:ffe5:d:f5a6:c2e4:2618:e909(Preferred)
Link-local IPv6 Address . . . . . : fe80::b148:3f06:feaa:34f5%11(Preferred)
IPv4 Address. . . . . . . . . . . : 140.254.255.205(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Lease Obtained. . . . . . . . . . : Friday, October 26, 2012 11:38:51 AM
Lease Expires . . . . . . . . . . : Friday, October 26, 2012 11:38:51 PM
Default Gateway . . . . . . . . . : 140.254.252.1
DHCP Server . . . . . . . . . . . : 140.254.252.4
DHCPv6 IAID . . . . . . . . . . . : 237774807
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-B8-AE-E7-2C-27-D7-BB-EF-CD
DNS Servers . . . . . . . . . . . : 128.146.48.7
128.146.1.7
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{DA11DBCC-64C5-438B-A25A-3B5849783561}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {63499218-CBFD-4CE3-BDA9-2D4838F462E2}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{1527CE63-47F2-485A-938E-46DA9E05D58D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {41977C7E-468E-46EE-97C1-19655F0E87B6}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: ns2.net.ohio-state.edu
Address: 128.146.48.7

Name: google.com
Addresses: 2607:f8b0:4009:801::1001
74.125.225.70
74.125.225.71
74.125.225.72
74.125.225.73
74.125.225.78
74.125.225.64
74.125.225.65
74.125.225.66
74.125.225.67
74.125.225.68
74.125.225.69


Pinging google.com [74.125.225.71] with 32 bytes of data:
Reply from 74.125.225.71: bytes=32 time=18ms TTL=54
Reply from 74.125.225.71: bytes=32 time=13ms TTL=54

Ping statistics for 74.125.225.71:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 13ms, Maximum = 18ms, Average = 15ms
Server: ns2.net.ohio-state.edu
Address: 128.146.48.7

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=92ms TTL=49
Reply from 72.30.38.140: bytes=32 time=94ms TTL=49

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 92ms, Maximum = 94ms, Average = 93ms
Server: ns2.net.ohio-state.edu
Address: 128.146.48.7

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...8c a9 82 76 8f cd ......Microsoft Virtual WiFi Miniport Adapter #2
13...8c a9 82 76 8f cd ......Microsoft Virtual WiFi Miniport Adapter
12...8c a9 82 76 8f cc ......Intel® WiFi Link 1000 BGN
11...2c 27 d7 bb ef cd ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
17...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 140.254.252.1 140.254.255.205 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
140.254.252.0 255.255.252.0 On-link 140.254.255.205 266
140.254.255.205 255.255.255.255 On-link 140.254.255.205 266
140.254.255.255 255.255.255.255 On-link 140.254.255.205 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 140.254.255.205 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 140.254.255.205 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 18 2002:8cfe:fe1c:d::/64 On-link
11 266 2002:8cfe:fe1c:d:b148:3f06:feaa:34f5/128
On-link
11 266 2002:8cfe:fe1c:d:f5a6:c2e4:2618:e909/128
On-link
11 18 2002:8cfe:ffe5:d::/64 On-link
11 266 2002:8cfe:ffe5:d:b148:3f06:feaa:34f5/128
On-link
11 266 2002:8cfe:ffe5:d:f5a6:c2e4:2618:e909/128
On-link
11 266 fe80::/64 On-link
11 266 fe80::b148:3f06:feaa:34f5/128
On-link
11 18 fec0:0:0:d::/64 On-link
11 266 fec0::d:b148:3f06:feaa:34f5/128
On-link
1 306 ff00::/8 On-link
11 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/26/2012 11:38:26 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2012 03:19:58 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (10/26/2012 03:19:42 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/25/2012 01:56:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/25/2012 01:56:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/25/2012 10:07:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/25/2012 02:13:08 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (10/25/2012 02:12:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/24/2012 04:14:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/24/2012 04:04:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/26/2012 11:38:26 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (10/24/2012 04:14:43 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (10/24/2012 04:13:32 PM) (Source: Service Control Manager) (User: )
Description: The Advanced SystemCare Service 6 service terminated unexpectedly. It has done this 1 time(s).

Error: (10/24/2012 04:04:04 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (10/24/2012 11:47:33 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

Error: (10/24/2012 11:17:17 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (10/24/2012 11:14:52 AM) (Source: Service Control Manager) (User: )
Description: The Advanced SystemCare Service 6 service terminated unexpectedly. It has done this 1 time(s).

Error: (10/24/2012 10:47:36 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (10/24/2012 10:33:10 AM) (Source: Service Control Manager) (User: )
Description: The Advanced SystemCare Service 6 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (10/24/2012 10:33:03 AM) (Source: Service Control Manager) (User: )
Description: The Advanced SystemCare Service 5 service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (10/26/2012 11:38:26 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2012 03:19:58 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (10/26/2012 03:19:42 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/25/2012 01:56:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Matt\Downloads\esetsmartinstaller_enu.exe

Error: (10/25/2012 01:56:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Matt\Downloads\esetsmartinstaller_enu.exe

Error: (10/25/2012 10:07:46 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Matt\Downloads\esetsmartinstaller_enu.exe

Error: (10/25/2012 02:13:08 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (10/25/2012 02:12:50 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/24/2012 04:14:43 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/24/2012 04:04:04 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Advanced SystemCare 6 (Version: 6.0)
AuthenTec TrueAPI (Version: 1.2.1.33)
DataView (Version: 1.6.7230)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dropbox (Version: 1.4.17)
ESET Online Scanner v3
FileZilla Client 3.5.3 (Version: 3.5.3)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.1.5.1)
HP Connection Manager (Version: 4.0.45.1)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP On Screen Display (Version: 1.1.2)
HP Quick Launch (Version: 2.3.6)
HP SimplePass 2011 (Version: 5.1.0.495)
HP Software Framework (Version: 4.0.110.1)
HP Support Assistant (Version: 6.1.12.1)
IDL 8.1 (Version: 8.1.0.0)
IDT Audio (Version: 1.0.6329.0)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2291)
Intel® PROSet/Wireless WiFi Software (Version: 14.0.2000)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
Intel® Wireless Display
Intel® Wireless Display (Version: 2.0.30.0)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MATLAB R2012a (Version: 7.14)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Firefox 16.0.1 (x86 en-US) (Version: 16.0.1)
Mozilla Maintenance Service (Version: 16.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Realtek Ethernet Controller Driver (Version: 7.41.216.2011)
Realtek PCIE Card Reader (Version: 6.1.7600.74)
Recovery Manager (Version: 2.0.0)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0)
Spybot - Search & Destroy (Version: 1.6.2)
Synaptics Pointing Device Driver (Version: 15.2.4.4)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Validity WBF DDK (Version: 4.3.118.0)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
X-Win32 2010 (Version: 10.00.1155)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 6091.86 MB
Available physical RAM: 3952.68 MB
Total Pagefile: 12181.91 MB
Available Pagefile: 9987.78 MB
Total Virtual: 4095.88 MB
Available Virtual: 3958.27 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:684.16 GB) (Free:579.5 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:14.18 GB) (Free:1.58 GB) NTFS

========================= Users: ========================================

User accounts for \\MATT-HP

Administrator Guest Matt

========================= Restore Points ==================================

18-10-2012 20:01:02 Scheduled Checkpoint
22-10-2012 18:44:12 IObit Uninstaller restore point
22-10-2012 18:44:51 Removed Ad-Aware Antivirus.
22-10-2012 18:47:04 IObit Uninstaller restore point
22-10-2012 18:50:53 IObit Uninstaller restore point
22-10-2012 18:51:25 Removed AVG 2013
22-10-2012 18:52:45 Removed AVG 2013
22-10-2012 18:54:41 IObit Uninstaller restore point
22-10-2012 18:55:22 IObit Uninstaller restore point
22-10-2012 18:56:31 IObit Uninstaller restore point
22-10-2012 18:56:44 Removed OpenOffice.org 3.4.1
23-10-2012 07:44:36 Windows Update
23-10-2012 19:20:49 IObit Uninstaller restore point
24-10-2012 14:38:08 Windows Modules Installer
24-10-2012 16:05:16 IObit Uninstaller restore point
24-10-2012 17:27:36 IObit Uninstaller restore point
26-10-2012 09:43:56 Windows Update

**** End of log ****




Farbar Service Scanner:

Farbar Service Scanner Version: 26-10-2012
Ran by Matt (administrator) on 26-10-2012 at 11:35:04
Running from "C:\Users\Matt\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




Adware Cleaner:

# AdwCleaner v2.005 - Logfile created 10/26/2012 at 11:36:43
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Matt - MATT-HP
# Boot Mode : Normal
# Running from : C:\Users\Matt\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\vkzqkqq1.default\prefs.js

C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\vkzqkqq1.default\user.js ... Deleted !

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2012 octets] - [26/10/2012 11:36:43]

########## EOF - C:\AdwCleaner[S1].txt - [2072 octets] ##########





When I tried to use the junkware removal tool, it came up as a 'get.bat' file that windows didn't recognize and couldn't open. Strange, because the download window showed it as an .exe. I went to the JRT main site and downloaded it directly from there as well and the same thing happened.

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:26 PM

Posted 26 October 2012 - 11:30 AM

Click on startmenu and type

cmd

right click on it and select run as administrator

Now copy following commands and press ENTER one by one

cd C:\windows\system32\drivers\etc
takeown /a /f hosts
cacls hosts /p everyone:f


Press Y

attrib -s -h -r hosts

After running these commands

Download

Hosts fixit

Run it,restart the PC

Now launch mini toolbox and checkmark hosts contents alone and post the new log



Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#8 rock_head

rock_head
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 26 October 2012 - 01:03 PM

Windows can't recognize or open the Hosts Fixit file 'MicrosoftFixit50267.msi'

After a little searching around, it seems like some malicious program is interfering with my windows installer. I tried downloading an installer update from microsoft, but that comes out as a .msu file that I can't open either!

Should I continue with the other steps in your last post anyways?

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:26 PM

Posted 26 October 2012 - 01:20 PM

There is nothing malicious.Spybot is blocking it

Ignore hosts fix and continue other steps

#10 rock_head

rock_head
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 26 October 2012 - 01:51 PM

Minitoolbox - hosts:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Matt (administrator) on 26-10-2012 at 14:43:58
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15273 more lines starting with "127.0.0.1"


**** End of log ****




Rkill:

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/26/2012 02:46:28 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* gpsvc => %windir%\system32\svchost.exe -k GPSvcGroup [Incorrect ImagePath]

Searching for Missing Digital Signatures:




Autoruns:

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelWireless" "Intel® PROSet/Wireless Framework" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe"
+ "Logitech Download Assistant" "Logitech Download Assistant" "Logitech, Inc." "c:\windows\system32\logilda.dll"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "ADBlocker" "" "" "File not found: C:\Program Files (x86)\anvisoft\Anvi AD Blocker\ADBlockerTray.exe -tray"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "HP Quick Launch" "HP Message Service" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp quick launch\hpmsgsvc.exe"
+ "HPConnectionManager" "HPCMDelayStart Application" "Hewlett-Packard Development Company L.P." "c:\program files (x86)\hewlett-packard\hp connection manager\hpcmdelaystart.exe"
+ "HPOSD" "HP On Screen Display" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp on screen display\hposd.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "NUSB3MON" "USB 3.0 Monitor" "Renesas Electronics Corporation" "c:\program files (x86)\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
+ "ROC_ROC_NT" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe"
"C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OneNote 2010 Screen Clipper and Launcher.lnk" "Microsoft OneNote Quick Launcher" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Advanced SystemCare 5" "" "" "File not found: C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\matt\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Advanced SystemCare" "ASCExtMenu Module" "" "c:\program files (x86)\iobit\advanced systemcare 6\ascextmenu_64.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\matt\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Advanced SystemCare" "ASCExtMenu Module" "" "c:\program files (x86)\iobit\advanced systemcare 6\ascextmenu_64.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext_64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\matt\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\matt\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\matt\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\matt\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\matt\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\matt\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\matt\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\matt\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "TrueSuite Website Log On" "Website Log On" "HP" "c:\program files (x86)\hp simplepass 2011\x64\iebho.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "TrueSuite Website Log On" "Website Log On" "HP" "c:\program files (x86)\hp simplepass 2011\iebho.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Spybot - Search & Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\Ad-Aware Antivirus Scheduled Scan" "" "" "File not found: C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe"
+ "\HPCeeScheduleForMatt" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdvancedSystemCareService6" "Advanced SystemCare Service" "IObit" "c:\program files (x86)\iobit\advanced systemcare 6\ascservice.exe"
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\program files\idt\wdm\aestsr64.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "FPLService" "Provides convenient and secure fingerprint authentication and identity management." "HP" "c:\program files (x86)\hp simplepass 2011\truesuiteservice.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "hpCMSrv" "HP Connection Manager Service" "Hewlett-Packard Development Company L.P." "c:\program files (x86)\hewlett-packard\hp connection manager\hpcmsrv.exe"
+ "HPDrvMntSvc.exe" "HP Quick Synchronization Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqwmiex" "hpqwmiex Module" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "hpsrv" "HpService" "Hewlett-Packard Company" "c:\windows\system32\hpservice.exe"
+ "HPWMISVC" "HP Quick Launch WMI Service" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp quick launch\hpwmisvc.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\program files\idt\wdm\stacsv64.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Accelerometer" "HP Accelerometer" "Hewlett-Packard Company" "c:\windows\system32\drivers\accelerometer.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "clwvd" "" "" "File not found: system32\DRIVERS\clwvd.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "hpdskflt" "HP Disk Filter - SATA/RAID" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpdskflt.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys"
+ "NVENETFD" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvm62x64.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSPCIESTOR" "Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtspstor.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "SBRE" "" "" "File not found: C:\Windows\system32\drivers\SBREdrv.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SrvHsfHDA" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl6.sys"
+ "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys"
+ "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt6.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "wdkmd" "Intel Wireless Display Solution" "Intel Corporation" "c:\windows\system32\drivers\wdkmd.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "DS Video Buffer Filter" "WiDiAgent.dll COM object." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\dsbuffer_video.ax"
+ "Intel® Media SDK AAC Encoder" "Intel® Media SDK AAC Encoder" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\imc_aac_enc_ds.dll"
+ "Intel® Media SDK MPEG-2 Muxer" "Intel® Media SDK MPEG-2 Muxer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\imc_mp2_mux_ds.dll"
+ "Intel® Mux Renderer" "Intel® TS Mux / Network Renderer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\intelmux.dll"
+ "Intel® Network Filter" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\intelnet.dll"
+ "Intel®WiDi H264 encoder" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\h264_enc_filter.dll"
+ "MainConcept AAC Encoder" "AAC audio encoder filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_enc_aac_ds.ax"
+ "MainConcept MPEG Multiplexer-Plus" "MPEG Multiplexer-Plus DS Filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mcmpeg2mux.ax"
+ "MainConcept Network Renderer" "Network Renderer" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_net_renderer_ds.ax"
+ "WD Audio Filter" "WiDi Audio Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdaudiofilter.dll"
+ "WDSource Filter" "WiDi Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsourcefilter.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"




Thanks!

#11 rock_head

rock_head
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 26 October 2012 - 03:19 PM

Hey wait a second, I think its gone, I'll come back if its not really.

Thanks a lot!

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:26 PM

Posted 26 October 2012 - 03:43 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#13 rock_head

rock_head
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 29 October 2012 - 08:38 AM

looks like i spoke too soon. it wasn't really gone. what should i do?

thanks

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:26 PM

Posted 29 October 2012 - 10:38 AM

Which browser?

#15 rock_head

rock_head
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 29 October 2012 - 10:48 AM

firefox 16.0.2




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users