Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Certified-Toolbar


  • Please log in to reply
8 replies to this topic

#1 Punkr0cker99

Punkr0cker99

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:11 PM

Posted 17 January 2013 - 03:16 PM

Hey there,

I'm also suffering from the same symptoms.
I first ran a MBAM quick scan and it DID produce results: Some "Hijacked browser home page" came up in red, and it supposedly removed the infections. But the certified-toolbar start page is still present in both Firefox, Internet Explorer and Microsoft Outlook 2007.
I then ran (in safemode) a full scan with malwarebytes antimalware and NOD ESET with both nothing coming up.
Lastly I've also tried combofix but since my home PC network connection went offline I can no longer access my pc remotely :P

BTW, I'm using Win7 x64.

Any recent developments on this?

Cheers!

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:11 PM

Posted 17 January 2013 - 08:12 PM

Helo please also run these.

ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.



Junkware Removal Tool
Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Punkr0cker99

Punkr0cker99
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:11 PM

Posted 18 January 2013 - 07:50 AM

Here we go then, here´s the log from AdwCleaner:

msconfig# AdwCleaner v2.106 - Logfile created 01/18/2013 at 12:24:48
# Updated 17/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Punkr0cker99 - Punkr0cker99-PC
# Boot Mode : Normal
# Running from : C:\Users\Punkr0cker99\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Folder Deleted : C:\Program Files (x86)\Protected Search

***** [Registry] *****

Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Somoto Toolbar
Key Deleted : HKCU\Software\5f0dbdbb434ea43
Key Deleted : HKCU\Software\SMTTB2009
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\5f0dbdbb434ea43
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0 (pt-PT)

File : C:\Users\Punkr0cker99\AppData\Roaming\Mozilla\Firefox\Profiles\9vaon2yo.default-1358430055384\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [7248 octets] - [18/01/2013 12:24:04]
AdwCleaner[S1].txt - [7377 octets] - [18/01/2013 12:24:48]

########## EOF - C:\AdwCleaner[S1].txt - [7437 octets] ##########


Here´s the one from Junkware Removal Tool:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.4 (01.17.2013:1)
OS: Windows 7 Ultimate x64
Ran by Punkr0cker99 on 18-01-2013 at 12:28:55,88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-164807205-279651618-2440296657-1001\software\microsoft\internet explorer\main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{0055c089-8582-441b-a0bf-17b458c2a3a8}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{0055c089-8582-441b-a0bf-17b458c2a3a8}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18-01-2013 at 12:35:27,87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


And the log from MiniToolBox:

MiniToolBox by Farbar Version:10-01-2013
Ran by Punkr0cker99 (administrator) on 18-01-2013 at 12:38:41
Running from "C:\Users\Punkr0cker99\Downloads"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Configura‡Æo IP do Windows

Cache de resolu‡Æo DNS limpa com ˆxito.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller = Ligação de Área Local (Connected)


# ----------------------------------
# Configura‡Æo IPv4
# ----------------------------------
pushd interface ipv4

reset
set global
add route prefix=0.0.0.0/0 interface="Liga‡Æo de µrea Local" nexthop=192.168.1.1 publish=Sim
add address name="Liga‡Æo de µrea Local" address=192.168.1.2 mask=255.255.255.0


popd
#Fim da configura‡Æo de IPv4



Configura‡Æo IP do Windows

Nome do AnfitriÆo. . . . . . . . .: Punkr0cker99-PC
Sufixo DNS principal. . . . . . . :
Tipo de n¢. . . . . . . . . . . . : H¡brido
Rota IP activada. . . . . . . . . : NÆo
WINS Proxy activado . . . . . . . : NÆo

Adaptador ethernet Liga‡Æo de µrea Local:

Sufixo DNS espec¡fico da liga‡Æo. :
Descri‡Æo . . . . . . . . . . . . : Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller
Endere‡o f¡sico . . . . . . . . . : 00-1E-8C-54-5B-20
DHCP activado . . . . . . . . . . : NÆo
Autoconfigura‡Æo activada . . . . : Sim
Endere‡o IPv6 de local de liga‡Æo : fe80::c047:49ad:48bb:974%11(Preferido)
Endere‡o IPv4 . . . . . . . . . . . . . . : 192.168.1.2(Preferido)
M scara de sub-rede . . . . . . . : 255.255.255.0
Gateway predefinido . . . . . . . : 192.168.1.1
IAID DHCPv6 . . . . . . . . . . . : 234888844
DUID Cliente DHCPv6 . . . . . . . : 00-01-00-01-17-4E-F0-73-00-1E-8C-54-5B-20
Servidores DNS. . . . . . . . . . : 208.67.222.222
208.67.220.220
NetBIOS por Tcpip . . . . . . . . . . . . : Activado

Adaptador Tunnel isatap.{8FED09B0-90A6-48F0-AD56-2300BBF60EA0}:

Estado do suporte . . . . . . . . : Suporte desligado
Sufixo DNS espec¡fico da liga‡Æo. :
Descri‡Æo . . . . . . . . . . . . : Placa Microsoft ISATAP
Endere‡o f¡sico . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP activado . . . . . . . . . . : NÆo
Autoconfigura‡Æo activada . . . . : Sim

Adaptador Tunnel Liga‡Æo de  rea local* 3:

Sufixo DNS espec¡fico da liga‡Æo. :
Descri‡Æo . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Endere‡o f¡sico . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP activado . . . . . . . . . . : NÆo
Autoconfigura‡Æo activada . . . . : Sim
Endere‡o IPv6 . . . . . . . . . . : 2001:0:9d38:953c:1425:2:3f57:fefd(Preferido)
Endere‡o IPv6 de local de liga‡Æo : fe80::1425:2:3f57:fefd%12(Preferido)
Gateway predefinido . . . . . . . : ::
NetBIOS por Tcpip . . . . . . . . : Desactivado
Servidor: resolver1.opendns.com
Address: 208.67.222.222

Nome: google.com
Addresses: 2a00:1450:4009:805::1006
173.194.34.169
173.194.34.168
173.194.34.161
173.194.34.165
173.194.34.167
173.194.34.174
173.194.34.164
173.194.34.162
173.194.34.166
173.194.34.163
173.194.34.160


A fazer ping para google.com [173.194.34.167] com 32 bytes de dados:
Resposta de 173.194.34.167: bytes=32 tempo=33ms TTL=57
Resposta de 173.194.34.167: bytes=32 tempo=32ms TTL=57

Estat¡sticas de ping para 173.194.34.167:
Pacotes: Enviados = 2, Recebidos = 2,
Perdidos = 0 (perda: 0%),
Tempo aproximado de ida e volta em milissegundos:
M¡nimo = 32ms, M ximo = 33ms, M‚dia = 32ms
Servidor: resolver1.opendns.com
Address: 208.67.222.222

Nome: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
206.190.36.45


A fazer ping para yahoo.com [98.139.183.24] com 32 bytes de dados:
Resposta de 98.139.183.24: bytes=32 tempo=832ms TTL=45
Resposta de 98.139.183.24: bytes=32 tempo=790ms TTL=45

Estat¡sticas de ping para 98.139.183.24:
Pacotes: Enviados = 2, Recebidos = 2,
Perdidos = 0 (perda: 0%),
Tempo aproximado de ida e volta em milissegundos:
M¡nimo = 790ms, M ximo = 832ms, M‚dia = 811ms

A fazer ping para 127.0.0.1 com 32 bytes de dados:
Resposta de 127.0.0.1: bytes=32 tempo<1 ms TTL=128
Resposta de 127.0.0.1: bytes=32 tempo<1 ms TTL=128

Estat¡sticas de ping para 127.0.0.1:
Pacotes: Enviados = 2, Recebidos = 2,
Perdidos = 0 (perda: 0%),
Tempo aproximado de ida e volta em milissegundos:
M¡nimo = 0ms, M ximo = 0ms, M‚dia = 0ms
===========================================================================
Lista de interface
11...00 1e 8c 54 5b 20 ......Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Placa Microsoft ISATAP
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Tabela de rotas
===========================================================================
Rotas activas:
Destino de rede M scara de rede Gateway Interface M‚trica
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 266
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 266
192.168.1.2 255.255.255.255 On-link 192.168.1.2 266
192.168.1.255 255.255.255.255 On-link 192.168.1.2 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 266
===========================================================================
Rotas persistentes:
Endere‡o de rede M scara Endere‡o de gateway M‚trica
0.0.0.0 0.0.0.0 192.168.1.1 Predefini‡Æo
===========================================================================

IPv6 Tabela de rotas
===========================================================================
Rotas activas:
Se destino de rede m‚trica Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:9d38:953c:1425:2:3f57:fefd/128
On-link
11 266 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::1425:2:3f57:fefd/128
On-link
11 266 fe80::c047:49ad:48bb:974/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
11 266 ff00::/8 On-link
===========================================================================
Rotas persistentes:
Nenhum
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (05/23/2012 08:20:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.4518.1014. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2013-01-17 18:53:32.435
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-01-17 18:53:32.357
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-12-24 18:56:29.209
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2012-11-14 13:59:28.541
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2012-11-12 21:13:26.663
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2012-11-05 21:18:54.039
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2012-11-05 20:57:25.092
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2012-11-05 20:44:00.126
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2012-11-05 20:34:10.162
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2012-11-04 22:22:19.193
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acronis Drive Monitor (Version: 1.0.566)
Actualização do Microsoft Office Excel 2007 Help (KB963678)
Actualização do Microsoft Office Powerpoint 2007 Help (KB963669)
Actualização do Microsoft Office Word 2007 Help (KB963665)
Addiction Pinball
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Advanced Office Password Recovery (Version: 5.4.547.483)
AI Suite (Version: 1.05.46)
AMD Accelerated Video Transcoding (Version: 12.5.100.20928)
AMD APP SDK Runtime (Version: 10.0.1016.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70928.1539)
µTorrent (Version: 3.1.3)
BTNext Legacy
Call of Duty: Black Ops
Call of Duty: Black Ops - Multiplayer
Call of Duty: Modern Warfare 3 - Multiplayer
Camtasia Studio 7 (Version: 7.1.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0928.1532.26058)
Catalyst Control Center Graphics Previews Common (Version: 2012.0928.1532.26058)
Catalyst Control Center InstallProxy (Version: 2012.1022.2311.39807)
Catalyst Control Center Localization All (Version: 2012.0928.1532.26058)
ccc-utility64 (Version: 2012.0928.1532.26058)
CCC Help Chinese Standard (Version: 2012.0928.1531.26058)
CCC Help Chinese Traditional (Version: 2012.0928.1531.26058)
CCC Help Czech (Version: 2012.0928.1531.26058)
CCC Help Danish (Version: 2012.0928.1531.26058)
CCC Help Dutch (Version: 2012.0928.1531.26058)
CCC Help English (Version: 2012.0928.1531.26058)
CCC Help Finnish (Version: 2012.0928.1531.26058)
CCC Help French (Version: 2012.0928.1531.26058)
CCC Help German (Version: 2012.0928.1531.26058)
CCC Help Greek (Version: 2012.0928.1531.26058)
CCC Help Hungarian (Version: 2012.0928.1531.26058)
CCC Help Italian (Version: 2012.0928.1531.26058)
CCC Help Japanese (Version: 2012.0928.1531.26058)
CCC Help Korean (Version: 2012.0928.1531.26058)
CCC Help Norwegian (Version: 2012.0928.1531.26058)
CCC Help Polish (Version: 2012.0928.1531.26058)
CCC Help Portuguese (Version: 2012.0928.1531.26058)
CCC Help Russian (Version: 2012.0928.1531.26058)
CCC Help Spanish (Version: 2012.0928.1531.26058)
CCC Help Swedish (Version: 2012.0928.1531.26058)
CCC Help Thai (Version: 2012.0928.1531.26058)
CCC Help Turkish (Version: 2012.0928.1531.26058)
Core Temp 1.0 RC3 (Version: 1.0)
CPUID CPU-Z 1.60.1
CPUID HWMonitor 1.19
Crysis® 2 (Version: 1.0.0.0)
CutePDF Writer 2.8
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.4.0315)
Darksiders II
Defraggler (Version: 2.10)
Desktop Lighter (Version: 1.4)
Dishonored © Bethesda Softworks version 1 (Version: 1)
Dropbox (Version: 1.6.10)
ESET NOD32 Antivirus (Version: 5.2.9.1)
ESET Online Scanner v3
EVEREST Ultimate Edition v5.50 (Version: 5.50)
ExtremeCopy (Version: 2.2.0000)
F.lux
Foxit PDF Editor
Foxit Reader (Version: 3.3.1.518)
Game Booster 3 (Version: 3.4)
Google Earth (Version: 6.2.2.6613)
Google Talk Plugin (Version: 3.10.2.10212)
Google Update Helper (Version: 1.3.21.123)
GPL Ghostscript (Version: 9.02)
ImgBurn (Version: 2.5.7.0)
Internet Download Manager
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
K-Lite Codec Pack 8.8.0 (Standard) (Version: 8.8.0)
LG United Mobile Driver (Version: 3.8.1)
Lyrics Plugin for Windows Media Player (Version: 0.4)
Malwarebytes Anti-Malware versão 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Portuguese (Portugal)) 2007 (Version: 12.0.4518.1029)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Standard 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 18.0 (x86 pt-PT) (Version: 18.0)
Mozilla Maintenance Service (Version: 18.0)
Mp3tag v2.52 (Version: v2.52)
MSI Afterburner 2.2.2 (Version: 2.2.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Music Box (Version: 2.0.14)
MyPhoneExplorer (Version: 1.8.4)
NVIDIA PhysX (Version: 9.11.1111)
Origin (Version: 8.6.0.357)
Paint.NET v3.5.5 (Version: 3.55.0)
PC Probe II (Version: 1.04.86)
Photo Common (Version: 16.4.3505.0912)
PunkBuster (Version: 1.0.0.0)
Ray Adams ATI Tray Tools
Realtek High Definition Audio Driver (Version: 6.0.1.6602)
Recover My Files (Version: 4.6.6.830)
Rockstar Games Social Club (Version: 1.0.9.5)
Sine Mora
Skype™ 6.0 (Version: 6.0.126)
Sleeping Dogs
Sophos Anti-Rootkit 1.5.20 (Version: 1.5.20)
Source SDK Base 2007
SpeedFan (remove only)
Steam (Version: 1.0.0.0)
StreamTransport version: 1.0.2.2171
SubDownloader 2.0.9.3 (Version: 2.0.9.3)
SuperNZB v4.0.8
System Requirements Lab CYRI (Version: 4.5.1.0)
TeamViewer 8 (Version: 8.0.16642)
Temp File Cleaner
The Darkness II
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
USB Dual Vibration Joystick - Twin (Version: 2004.04.06)
VLC media player 2.0.4 (Version: 2.0.4)
WBFS Manager 3.0 (Version: 3.0)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR 4.11 (64-bit) (Version: 4.11.0)
Wuala (Version: 1.0.411.0)
Wuala CBFS (Version: 3.2.107.0)
Wuala OverlayIcons (Version: 1.0.0.2)

========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 4095.12 MB
Available physical RAM: 2851.7 MB
Total Pagefile: 8188.43 MB
Available Pagefile: 6858.57 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.25 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:149.05 GB) (Free:48.72 GB) NTFS
2 Drive d: (_-_Downloads_-_) (Fixed) (Total:298.09 GB) (Free:26.15 GB) NTFS

========================= Users: ========================================

Contas de utilizador para \\Punkr0cker99-PC

Administrador Convidado Punkr0cker99
O comando foi conclu¡do com ˆxito.


**** End of log ****

Unfortunately my browsers start page is still hijacked by this certified mumbojumbo.

THANKS!


PS: Just a fact that might bring some light on this, i´ve tried activating a guest account on my system, and within that account the browsers start page are NOT hijacked.

Edited by Punkr0cker99, 18 January 2013 - 07:53 AM.


#4 Punkr0cker99

Punkr0cker99
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:11 PM

Posted 18 January 2013 - 08:06 AM

UPDATE:

Hey, found out what´s going on...lol so simple!!! :D

The certified crapware also edited my browser shortcuts, like so: C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://search.certified-toolbar***********************************

Just edited the shorcuts and I´m smooth sailing again =)

Thanks again mate, hope this helps the next fellow man to fall prey of this cunningly clever crapware!!! :busy:


EDIT:

...still shows up in outlook 2007 lol. Man this is annoying!

Edited by Punkr0cker99, 18 January 2013 - 10:26 AM.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:11 PM

Posted 18 January 2013 - 11:35 AM

Hi,,, First remove this thru Control Panel.It's exploitable there is a new patched one out. 7up11
Java™ 7 Update 4 (Version: 7.0.40)

Did you look in Browser add ons,to see if it is there and needs disabling?

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Punkr0cker99

Punkr0cker99
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:11 PM

Posted 19 January 2013 - 03:47 PM

Removed the Java™ 7 Update 4 (Version: 7.0.40).
Yes, I removed all the browser add-ons and reset all settings.

Here´s the log from TDSSkiller:

19:42:10.0349 1052 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:42:11.0032 1052 ============================================================
19:42:11.0032 1052 Current date / time: 2013/01/19 19:42:11.0032
19:42:11.0032 1052 SystemInfo:
19:42:11.0032 1052
19:42:11.0032 1052 OS Version: 6.1.7601 ServicePack: 1.0
19:42:11.0032 1052 Product type: Workstation
19:42:11.0032 1052 ComputerName: Punkr0cker99-PC
19:42:11.0032 1052 UserName: Punkr0cker99
19:42:11.0032 1052 Windows directory: C:\Windows
19:42:11.0032 1052 System windows directory: C:\Windows
19:42:11.0032 1052 Running under WOW64
19:42:11.0032 1052 Processor architecture: Intel x64
19:42:11.0032 1052 Number of processors: 2
19:42:11.0032 1052 Page size: 0x1000
19:42:11.0032 1052 Boot type: Normal boot
19:42:11.0032 1052 ============================================================
19:42:12.0298 1052 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:42:12.0308 1052 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:42:12.0318 1052 Drive \Device\Harddisk2\DR2 - Size: 0x774488000 (29.82 Gb), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:42:12.0328 1052 ============================================================
19:42:12.0328 1052 \Device\Harddisk0\DR0:
19:42:12.0328 1052 MBR partitions:
19:42:12.0328 1052 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x25430D82
19:42:12.0328 1052 \Device\Harddisk1\DR1:
19:42:12.0328 1052 MBR partitions:
19:42:12.0328 1052 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
19:42:12.0328 1052 \Device\Harddisk2\DR2:
19:42:12.0328 1052 MBR partitions:
19:42:12.0328 1052 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x20, BlocksNum 0x3BA2420
19:42:12.0328 1052 ============================================================
19:42:12.0418 1052 C: <-> \Device\Harddisk1\DR1\Partition1
19:42:12.0438 1052 D: <-> \Device\Harddisk0\DR0\Partition1
19:42:12.0438 1052 ============================================================
19:42:12.0438 1052 Initialize success
19:42:12.0438 1052 ============================================================
19:42:36.0918 0660 ============================================================
19:42:36.0918 0660 Scan started
19:42:36.0918 0660 Mode: Manual; TDLFS;
19:42:36.0918 0660 ============================================================
19:42:37.0288 0660 ================ Scan system memory ========================
19:42:37.0288 0660 System memory - ok
19:42:37.0288 0660 ================ Scan services =============================
19:42:37.0428 0660 [ 261D442542EE135C33D9362D4BE2E588 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:42:37.0428 0660 1394ohci - ok
19:42:37.0458 0660 [ F84676C7D6684E86D3F05B2C5E9019B1 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:42:37.0458 0660 ACPI - ok
19:42:37.0478 0660 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:42:37.0498 0660 AcpiPmi - ok
19:42:37.0618 0660 [ FBD29CBBD4F3FD3D03E66BBEB22F6A0D ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
19:42:37.0618 0660 AcrSch2Svc - ok
19:42:37.0738 0660 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:42:37.0738 0660 AdobeFlashPlayerUpdateSvc - ok
19:42:37.0778 0660 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:42:37.0808 0660 adp94xx - ok
19:42:37.0848 0660 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:42:37.0878 0660 adpahci - ok
19:42:37.0898 0660 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:42:37.0908 0660 adpu320 - ok
19:42:37.0928 0660 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:42:37.0928 0660 AeLookupSvc - ok
19:42:37.0968 0660 [ 36A14FD1A23F57046361733B792CA8DB ] AFD C:\Windows\system32\drivers\afd.sys
19:42:37.0978 0660 AFD - ok
19:42:37.0998 0660 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:42:38.0018 0660 agp440 - ok
19:42:38.0038 0660 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:42:38.0038 0660 ALG - ok
19:42:38.0068 0660 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:42:38.0078 0660 aliide - ok
19:42:38.0128 0660 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:42:38.0128 0660 AMD External Events Utility - ok
19:42:38.0138 0660 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:42:38.0148 0660 amdide - ok
19:42:38.0168 0660 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:42:38.0188 0660 AmdK8 - ok
19:42:38.0398 0660 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:42:38.0628 0660 amdkmdag - ok
19:42:38.0668 0660 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:42:38.0668 0660 amdkmdap - ok
19:42:38.0708 0660 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:42:38.0718 0660 AmdPPM - ok
19:42:38.0738 0660 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:42:38.0758 0660 amdsata - ok
19:42:38.0788 0660 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:42:38.0808 0660 amdsbs - ok
19:42:38.0828 0660 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:42:38.0838 0660 amdxata - ok
19:42:38.0868 0660 [ 48CD7E6520D47D62EAB0E6CE3EC30C65 ] Andbus C:\Windows\system32\DRIVERS\lgandbus64.sys
19:42:38.0868 0660 Andbus - ok
19:42:38.0888 0660 [ 08CBACC00D15DCDBBAAE1A7C8F231C61 ] AndDiag C:\Windows\system32\DRIVERS\lganddiag64.sys
19:42:38.0908 0660 AndDiag - ok
19:42:38.0918 0660 [ CEA9A4CD6B3A83428CE8501240833668 ] AndGps C:\Windows\system32\DRIVERS\lgandgps64.sys
19:42:38.0938 0660 AndGps - ok
19:42:38.0958 0660 [ E2B5663E547FA5E756B253EFA8EC8286 ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem64.sys
19:42:38.0958 0660 ANDModem - ok
19:42:38.0968 0660 [ 9C1751B2E733471AE07561028B7D2A9B ] androidusb C:\Windows\system32\Drivers\lgandadb.sys
19:42:38.0968 0660 androidusb - ok
19:42:39.0008 0660 [ 35AB3204BEC02DD3BC087124B2372F14 ] AppID C:\Windows\system32\drivers\appid.sys
19:42:39.0018 0660 AppID - ok
19:42:39.0048 0660 [ 2F527C8E85699188E746381DA2F0323D ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:42:39.0048 0660 AppIDSvc - ok
19:42:39.0058 0660 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:42:39.0058 0660 Appinfo - ok
19:42:39.0108 0660 [ 7A6A43EFE857532B1B92F510179AE7BB ] AppMgmt C:\Windows\System32\appmgmts.dll
19:42:39.0108 0660 AppMgmt - ok
19:42:39.0118 0660 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:42:39.0128 0660 arc - ok
19:42:39.0138 0660 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:42:39.0148 0660 arcsas - ok
19:42:39.0198 0660 [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
19:42:39.0208 0660 AsIO - ok
19:42:39.0238 0660 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:42:39.0248 0660 AsyncMac - ok
19:42:39.0258 0660 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:42:39.0268 0660 atapi - ok
19:42:39.0278 0660 [ 940E5B876251E04FFFE058AD71FE0F1C ] AtcL001 C:\Windows\system32\DRIVERS\l160x64.sys
19:42:39.0288 0660 AtcL001 - ok
19:42:39.0328 0660 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:42:39.0328 0660 AtiHDAudioService - ok
19:42:39.0358 0660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:42:39.0358 0660 AudioEndpointBuilder - ok
19:42:39.0368 0660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:42:39.0378 0660 AudioSrv - ok
19:42:39.0408 0660 [ 3EF6DE560CD2441FC0A149C83C5A5C65 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:42:39.0408 0660 AxInstSV - ok
19:42:39.0438 0660 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:42:39.0448 0660 b06bdrv - ok
19:42:39.0478 0660 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:42:39.0498 0660 b57nd60a - ok
19:42:39.0518 0660 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:42:39.0518 0660 BDESVC - ok
19:42:39.0538 0660 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:42:39.0538 0660 Beep - ok
19:42:39.0568 0660 [ E4D73B0DC4293D30733E15ABFCCB7F5E ] BFE C:\Windows\System32\bfe.dll
19:42:39.0578 0660 BFE - ok
19:42:39.0658 0660 [ CD13353EBF42FDF8728454B72EFFB182 ] BITS C:\Windows\system32\qmgr.dll
19:42:39.0668 0660 BITS - ok
19:42:39.0698 0660 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:42:39.0708 0660 blbdrive - ok
19:42:39.0728 0660 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:42:39.0748 0660 bowser - ok
19:42:39.0768 0660 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:42:39.0768 0660 BrFiltLo - ok
19:42:39.0778 0660 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:42:39.0778 0660 BrFiltUp - ok
19:42:39.0818 0660 [ 2DAF3AA72B540FE9FEDFDCF1DECD82F1 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:42:39.0838 0660 BridgeMP - ok
19:42:39.0878 0660 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:42:39.0878 0660 Browser - ok
19:42:39.0898 0660 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:42:39.0908 0660 Brserid - ok
19:42:39.0928 0660 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:42:39.0938 0660 BrSerWdm - ok
19:42:39.0948 0660 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:42:39.0958 0660 BrUsbMdm - ok
19:42:39.0978 0660 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:42:39.0978 0660 BrUsbSer - ok
19:42:39.0988 0660 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:42:40.0008 0660 BTHMODEM - ok
19:42:40.0138 0660 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:42:40.0138 0660 bthserv - ok
19:42:40.0178 0660 [ DC22832C7A65054129DEFE8BC0C6E2B6 ] camfilt2 C:\Windows\system32\DRIVERS\camfilt2.sys
19:42:40.0198 0660 camfilt2 - ok
19:42:40.0248 0660 catchme - ok
19:42:40.0288 0660 [ 555FA105C22B1616094EDAD1CBFB0551 ] cbfs3 C:\Windows\system32\drivers\cbfs3.sys
19:42:40.0288 0660 cbfs3 - ok
19:42:40.0308 0660 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:42:40.0308 0660 cdfs - ok
19:42:40.0338 0660 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:42:40.0348 0660 cdrom - ok
19:42:40.0388 0660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:42:40.0388 0660 CertPropSvc - ok
19:42:40.0398 0660 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:42:40.0398 0660 circlass - ok
19:42:40.0418 0660 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:42:40.0428 0660 CLFS - ok
19:42:40.0468 0660 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:42:40.0468 0660 clr_optimization_v2.0.50727_32 - ok
19:42:40.0498 0660 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:42:40.0498 0660 clr_optimization_v2.0.50727_64 - ok
19:42:40.0558 0660 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:42:40.0568 0660 clr_optimization_v4.0.30319_32 - ok
19:42:40.0588 0660 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:42:40.0588 0660 clr_optimization_v4.0.30319_64 - ok
19:42:40.0608 0660 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:42:40.0618 0660 CmBatt - ok
19:42:40.0628 0660 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:42:40.0638 0660 cmdide - ok
19:42:40.0678 0660 [ F41FDCAE0FE435FBCFB351C29EF6EBE8 ] CNG C:\Windows\system32\Drivers\cng.sys
19:42:40.0698 0660 CNG - ok
19:42:40.0708 0660 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:42:40.0728 0660 Compbatt - ok
19:42:40.0748 0660 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:42:40.0748 0660 CompositeBus - ok
19:42:40.0758 0660 COMSysApp - ok
19:42:40.0798 0660 [ 75DBD5DB9892D7451D0429BEC1AABE1A ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
19:42:40.0798 0660 cpuz135 - ok
19:42:40.0818 0660 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:42:40.0818 0660 crcdisk - ok
19:42:40.0858 0660 [ 7E7D2DACF65D750D466F36BD3D09AE20 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:42:40.0858 0660 CryptSvc - ok
19:42:40.0898 0660 [ 46A2E1A7A5546095428CDE4BC7F4BB3F ] CSC C:\Windows\system32\drivers\csc.sys
19:42:40.0908 0660 CSC - ok
19:42:40.0938 0660 [ 25D683F099A4323DA3DBD29923EB5528 ] CscService C:\Windows\System32\cscsvc.dll
19:42:40.0948 0660 CscService - ok
19:42:40.0968 0660 [ 29AC62409BF4939EE14D70EC07CA12BB ] DcomLaunch C:\Windows\system32\rpcss.dll
19:42:40.0978 0660 DcomLaunch - ok
19:42:40.0998 0660 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:42:41.0008 0660 defragsvc - ok
19:42:41.0028 0660 [ 9FCDC4EEBCE39173122F9FEE53A054FC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:42:41.0038 0660 DfsC - ok
19:42:41.0078 0660 [ 3F221A7E3123773EE8F1DB200CDDB39E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:42:41.0078 0660 Dhcp - ok
19:42:41.0108 0660 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:42:41.0108 0660 discache - ok
19:42:41.0128 0660 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:42:41.0138 0660 Disk - ok
19:42:41.0168 0660 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
19:42:41.0168 0660 dmvsc - ok
19:42:41.0218 0660 [ A06098E823EE2E63D42691C0D7BCDE46 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:42:41.0218 0660 Dnscache - ok
19:42:41.0238 0660 [ DD5038774EDF647E0D9F4220B1ADE6FC ] dot3svc C:\Windows\System32\dot3svc.dll
19:42:41.0248 0660 dot3svc - ok
19:42:41.0268 0660 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:42:41.0268 0660 DPS - ok
19:42:41.0298 0660 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:42:41.0308 0660 drmkaud - ok
19:42:41.0338 0660 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:42:41.0348 0660 dtsoftbus01 - ok
19:42:41.0378 0660 [ CE7743807258A7D383C427E3C178A49E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:42:41.0388 0660 DXGKrnl - ok
19:42:41.0438 0660 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
19:42:41.0448 0660 eamonm - ok
19:42:41.0488 0660 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:42:41.0488 0660 EapHost - ok
19:42:41.0558 0660 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:42:41.0598 0660 ebdrv - ok
19:42:41.0638 0660 [ 79C908CAA6F43021EB05F4C733A927D1 ] EFS C:\Windows\System32\lsass.exe
19:42:41.0638 0660 EFS - ok
19:42:41.0678 0660 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
19:42:41.0688 0660 ehdrv - ok
19:42:41.0748 0660 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:42:41.0748 0660 ehRecvr - ok
19:42:41.0768 0660 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:42:41.0768 0660 ehSched - ok
19:42:41.0868 0660 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
19:42:41.0868 0660 ekrn - ok
19:42:41.0908 0660 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:42:41.0918 0660 elxstor - ok
19:42:41.0958 0660 [ 3EBB7FD3C605262B942868A1D840F4F1 ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
19:42:41.0958 0660 epfwwfpr - ok
19:42:41.0978 0660 epmntdrv - ok
19:42:41.0998 0660 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:42:42.0008 0660 ErrDev - ok
19:42:42.0028 0660 EuGdiDrv - ok
19:42:42.0078 0660 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:42:42.0078 0660 EventSystem - ok
19:42:42.0098 0660 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:42:42.0118 0660 exfat - ok
19:42:42.0138 0660 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:42:42.0468 0660 fastfat - ok
19:42:42.0508 0660 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:42:42.0518 0660 Fax - ok
19:42:42.0538 0660 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:42:42.0568 0660 fdc - ok
19:42:42.0598 0660 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:42:42.0598 0660 fdPHost - ok
19:42:42.0678 0660 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:42:42.0708 0660 FDResPub - ok
19:42:42.0788 0660 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:42:42.0798 0660 FileInfo - ok
19:42:42.0818 0660 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:42:42.0828 0660 Filetrace - ok
19:42:42.0848 0660 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:42:42.0848 0660 flpydisk - ok
19:42:42.0858 0660 [ CF145A57AEBA71B82B1C6F103461F6FA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:42:42.0888 0660 FltMgr - ok
19:42:42.0918 0660 [ 01B7AD61A48CD5A4563FDA6AD4608E95 ] FontCache C:\Windows\system32\FntCache.dll
19:42:42.0928 0660 FontCache - ok
19:42:42.0968 0660 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:42:42.0968 0660 FontCache3.0.0.0 - ok
19:42:42.0988 0660 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:42:43.0008 0660 FsDepends - ok
19:42:43.0028 0660 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:42:43.0038 0660 Fs_Rec - ok
19:42:43.0078 0660 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:42:43.0078 0660 fvevol - ok
19:42:43.0078 0660 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:42:43.0118 0660 gagp30kx - ok
19:42:43.0138 0660 [ C188969AC82AFF6B2A6CD967046C81B7 ] gpsvc C:\Windows\System32\gpsvc.dll
19:42:43.0148 0660 gpsvc - ok
19:42:43.0208 0660 gupdate - ok
19:42:43.0228 0660 gupdatem - ok
19:42:43.0238 0660 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:42:43.0248 0660 hcw85cir - ok
19:42:43.0278 0660 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:42:43.0288 0660 HdAudAddService - ok
19:42:43.0298 0660 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:42:43.0298 0660 HDAudBus - ok
19:42:43.0318 0660 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:42:43.0338 0660 HidBatt - ok
19:42:43.0358 0660 [ FDF5EAD19FD8B2D0C50A9CCDD7836F9E ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:42:43.0368 0660 HidBth - ok
19:42:43.0398 0660 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:42:43.0428 0660 HidIr - ok
19:42:43.0448 0660 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
19:42:43.0448 0660 hidserv - ok
19:42:43.0490 0660 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:42:43.0500 0660 HidUsb - ok
19:42:43.0530 0660 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:42:43.0530 0660 hkmsvc - ok
19:42:43.0550 0660 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:42:43.0550 0660 HomeGroupListener - ok
19:42:43.0580 0660 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:42:43.0580 0660 HomeGroupProvider - ok
19:42:43.0600 0660 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:42:43.0620 0660 HpSAMD - ok
19:42:43.0650 0660 [ 8774FA7B32947E08F926099D2221D625 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:42:43.0650 0660 HTTP - ok
19:42:43.0670 0660 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:42:43.0670 0660 hwpolicy - ok
19:42:43.0700 0660 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:42:43.0710 0660 i8042prt - ok
19:42:43.0750 0660 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:42:43.0770 0660 iaStorV - ok
19:42:43.0830 0660 [ 6F37465EAF6E043A20B432228FED2BF5 ] IDMWFP C:\Windows\system32\DRIVERS\idmwfp.sys
19:42:43.0850 0660 IDMWFP - ok
19:42:43.0890 0660 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:42:43.0900 0660 idsvc - ok
19:42:43.0900 0660 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:42:43.0900 0660 iirsp - ok
19:42:43.0950 0660 [ 981963072C1125C06B9B908CC5CF49F5 ] IKEEXT C:\Windows\System32\ikeext.dll
19:42:43.0960 0660 IKEEXT - ok
19:42:44.0080 0660 [ 5F6A3EA5BD7CA861863A3A06CECC115C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:42:44.0120 0660 IntcAzAudAddService - ok
19:42:44.0150 0660 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:42:44.0150 0660 intelide - ok
19:42:44.0170 0660 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:42:44.0170 0660 intelppm - ok
19:42:44.0200 0660 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:42:44.0200 0660 IPBusEnum - ok
19:42:44.0220 0660 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:42:44.0220 0660 IpFilterDriver - ok
19:42:44.0300 0660 [ 4261F21A202746AC207CA9AA863D9FD4 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:42:44.0310 0660 iphlpsvc - ok
19:42:44.0330 0660 [ 02B6D335137B9EB2ACE4DF00FBC57363 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:42:44.0330 0660 IPMIDRV - ok
19:42:44.0360 0660 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:42:44.0370 0660 IPNAT - ok
19:42:44.0390 0660 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:42:44.0390 0660 IRENUM - ok
19:42:44.0420 0660 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:42:44.0430 0660 isapnp - ok
19:42:44.0460 0660 [ 9B34DC6AEF891F9C5EEF30AE8A83C6C0 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:42:44.0480 0660 iScsiPrt - ok
19:42:44.0490 0660 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:42:44.0490 0660 kbdclass - ok
19:42:44.0510 0660 [ 3985332405FA64D8E679A1DB24901596 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:42:44.0520 0660 kbdhid - ok
19:42:44.0530 0660 [ 79C908CAA6F43021EB05F4C733A927D1 ] KeyIso C:\Windows\system32\lsass.exe
19:42:44.0530 0660 KeyIso - ok
19:42:44.0560 0660 [ D44556C48F351BB26F3A8C90200F495A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:42:44.0560 0660 KSecDD - ok
19:42:44.0590 0660 [ 28D5BD4D93456B88A00F2598ACF27799 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:42:44.0600 0660 KSecPkg - ok
19:42:44.0610 0660 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:42:44.0620 0660 ksthunk - ok
19:42:44.0670 0660 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:42:44.0670 0660 KtmRm - ok
19:42:44.0700 0660 [ BB1F14C43241F880D23B1A8BB0B76DD0 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:42:44.0700 0660 LanmanServer - ok
19:42:44.0730 0660 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:42:44.0810 0660 LanmanWorkstation - ok
19:42:44.0850 0660 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:42:44.0860 0660 lltdio - ok
19:42:44.0890 0660 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:42:44.0890 0660 lltdsvc - ok
19:42:44.0910 0660 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:42:44.0910 0660 lmhosts - ok
19:42:44.0940 0660 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:42:44.0950 0660 LSI_FC - ok
19:42:44.0970 0660 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:42:44.0980 0660 LSI_SAS - ok
19:42:44.0990 0660 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:42:45.0010 0660 LSI_SAS2 - ok
19:42:45.0020 0660 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:42:45.0030 0660 LSI_SCSI - ok
19:42:45.0050 0660 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:42:45.0050 0660 luafv - ok
19:42:45.0080 0660 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:42:45.0080 0660 Mcx2Svc - ok
19:42:45.0100 0660 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:42:45.0120 0660 megasas - ok
19:42:45.0140 0660 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:42:45.0166 0660 MegaSR - ok
19:42:45.0182 0660 MEMSWEEP2 - ok
19:42:45.0202 0660 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:42:45.0202 0660 MMCSS - ok
19:42:45.0232 0660 [ BFFB0C93D9FB43CA42EF11C9240BFF7F ] Modem C:\Windows\system32\drivers\modem.sys
19:42:45.0232 0660 Modem - ok
19:42:45.0252 0660 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:42:45.0252 0660 monitor - ok
19:42:45.0342 0660 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:42:45.0342 0660 mouclass - ok
19:42:45.0392 0660 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:42:45.0402 0660 mouhid - ok
19:42:45.0482 0660 [ B3F55C20008956239A2190DBD7CC4C31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:42:45.0512 0660 mountmgr - ok
19:42:45.0602 0660 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:42:45.0692 0660 MozillaMaintenance - ok
19:42:45.0752 0660 [ 3253A370ED4BB3D651785585301B332D ] mpio C:\Windows\system32\drivers\mpio.sys
19:42:45.0762 0660 mpio - ok
19:42:45.0782 0660 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:42:45.0882 0660 mpsdrv - ok
19:42:45.0942 0660 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:42:45.0952 0660 MpsSvc - ok
19:42:45.0972 0660 [ 1669C26839ED89A815936450BE9C9BB7 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:42:45.0982 0660 MRxDAV - ok
19:42:46.0002 0660 [ 73F488BC627CB0AC91840AA9FAC30104 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:42:46.0012 0660 mrxsmb - ok
19:42:46.0032 0660 [ 311B774EC01B8BE17C9508049EA77875 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:42:46.0042 0660 mrxsmb10 - ok
19:42:46.0062 0660 [ E4488209DEA21A52AFE086D939D138F1 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:42:46.0072 0660 mrxsmb20 - ok
19:42:46.0092 0660 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:42:46.0102 0660 msahci - ok
19:42:46.0122 0660 [ 4F42C9CE2BD3444B1B98593A2DFBC547 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:42:46.0142 0660 msdsm - ok
19:42:46.0152 0660 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:42:46.0152 0660 MSDTC - ok
19:42:46.0172 0660 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:42:46.0172 0660 Msfs - ok
19:42:46.0192 0660 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:42:46.0192 0660 mshidkmdf - ok
19:42:46.0202 0660 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:42:46.0222 0660 msisadrv - ok
19:42:46.0252 0660 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:42:46.0262 0660 MSiSCSI - ok
19:42:46.0262 0660 msiserver - ok
19:42:46.0282 0660 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:42:46.0282 0660 MSKSSRV - ok
19:42:46.0302 0660 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:42:46.0302 0660 MSPCLOCK - ok
19:42:46.0312 0660 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:42:46.0332 0660 MSPQM - ok
19:42:46.0342 0660 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:42:46.0352 0660 MsRPC - ok
19:42:46.0362 0660 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:42:46.0362 0660 mssmbios - ok
19:42:46.0372 0660 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:42:46.0372 0660 MSTEE - ok
19:42:46.0392 0660 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:42:46.0392 0660 MTConfig - ok
19:42:46.0442 0660 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
19:42:46.0462 0660 MTsensor - ok
19:42:46.0492 0660 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:42:46.0502 0660 Mup - ok
19:42:46.0522 0660 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:42:46.0532 0660 napagent - ok
19:42:46.0562 0660 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:42:46.0592 0660 NativeWifiP - ok
19:42:46.0722 0660 [ 5E74508FCB5820B29EEAFE24E6035BCF ] NDIS C:\Windows\system32\drivers\ndis.sys
19:42:46.0732 0660 NDIS - ok
19:42:46.0762 0660 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:42:46.0772 0660 NdisCap - ok
19:42:46.0792 0660 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:42:46.0792 0660 NdisTapi - ok
19:42:46.0822 0660 [ 4948435B96A6FA63914DA3B4090E6700 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:42:46.0822 0660 Ndisuio - ok
19:42:46.0842 0660 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:42:46.0852 0660 NdisWan - ok
19:42:46.0872 0660 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:42:46.0892 0660 NDProxy - ok
19:42:46.0912 0660 [ 6785ECF9AB0549364B12D2F80ABF507B ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:42:46.0932 0660 NetBIOS - ok
19:42:46.0942 0660 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:42:46.0952 0660 NetBT - ok
19:42:46.0952 0660 [ 79C908CAA6F43021EB05F4C733A927D1 ] Netlogon C:\Windows\system32\lsass.exe
19:42:46.0952 0660 Netlogon - ok
19:42:46.0992 0660 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:42:46.0992 0660 Netman - ok
19:42:47.0012 0660 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:42:47.0022 0660 netprofm - ok
19:42:47.0052 0660 [ A86CCDC27CDB60D21066622DC775DEB0 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:42:47.0052 0660 NetTcpPortSharing - ok
19:42:47.0072 0660 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:42:47.0092 0660 nfrd960 - ok
19:42:47.0142 0660 [ 2BF56772E15F53B0565175940E65E356 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:42:47.0142 0660 NlaSvc - ok
19:42:47.0202 0660 [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF C:\Windows\system32\drivers\npf.sys
19:42:47.0232 0660 NPF - ok
19:42:47.0242 0660 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:42:47.0262 0660 Npfs - ok
19:42:47.0282 0660 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:42:47.0282 0660 nsi - ok
19:42:47.0302 0660 [ 436EE51D8F206B79DF7B9CBB057299C0 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:42:47.0302 0660 nsiproxy - ok
19:42:47.0362 0660 [ B2746D84DDF68D09B41B72DF745CCBA6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:42:47.0392 0660 Ntfs - ok
19:42:47.0402 0660 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:42:47.0412 0660 Null - ok
19:42:47.0432 0660 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:42:47.0442 0660 nvraid - ok
19:42:47.0462 0660 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:42:47.0482 0660 nvstor - ok
19:42:47.0492 0660 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:42:47.0512 0660 nv_agp - ok
19:42:47.0602 0660 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:42:47.0612 0660 odserv - ok
19:42:47.0622 0660 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:42:47.0632 0660 ohci1394 - ok
19:42:47.0662 0660 [ FA5D730CE3F3A3BD21C1040E212230D4 ] OM0530 C:\Windows\system32\Drivers\ov530vx.sys
19:42:47.0672 0660 OM0530 - ok
19:42:47.0722 0660 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:42:47.0722 0660 ose - ok
19:42:47.0752 0660 [ 8830D42427D05B15B032108EBBDBD289 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:42:47.0752 0660 p2pimsvc - ok
19:42:47.0792 0660 [ 5B7BADED6943AA6F4B6C1ABA5FCCB25F ] p2psvc C:\Windows\system32\p2psvc.dll
19:42:47.0792 0660 p2psvc - ok
19:42:47.0812 0660 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:42:47.0882 0660 Parport - ok
19:42:47.0892 0660 Partizan - ok
19:42:47.0912 0660 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:42:47.0932 0660 partmgr - ok
19:42:47.0952 0660 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:42:47.0952 0660 PcaSvc - ok
19:42:47.0972 0660 [ 977D0720B9E15C2C9BF6050BCA52C1A7 ] pci C:\Windows\system32\drivers\pci.sys
19:42:47.0992 0660 pci - ok
19:42:48.0012 0660 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:42:48.0022 0660 pciide - ok
19:42:48.0042 0660 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:42:48.0062 0660 pcmcia - ok
19:42:48.0072 0660 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:42:48.0082 0660 pcw - ok
19:42:48.0102 0660 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:42:48.0122 0660 PEAUTH - ok
19:42:48.0172 0660 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:42:48.0182 0660 PeerDistSvc - ok
19:42:48.0252 0660 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:42:48.0252 0660 PerfHost - ok
19:42:48.0352 0660 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:42:48.0372 0660 pla - ok
19:42:48.0432 0660 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:42:48.0432 0660 PlugPlay - ok
19:42:48.0462 0660 PnkBstrA - ok
19:42:48.0472 0660 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:42:48.0482 0660 PNRPAutoReg - ok
19:42:48.0503 0660 [ 8830D42427D05B15B032108EBBDBD289 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:42:48.0506 0660 PNRPsvc - ok
19:42:48.0554 0660 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
19:42:48.0564 0660 Point64 - ok
19:42:48.0704 0660 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:42:48.0754 0660 PolicyAgent - ok
19:42:48.0794 0660 [ A6D45EB5FC8DBA8EBF3ABE2481C942B9 ] Power C:\Windows\system32\umpo.dll
19:42:48.0814 0660 Power - ok
19:42:48.0864 0660 [ D8874711B6C3DD308F84E42BA6EFF179 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:42:48.0904 0660 PptpMiniport - ok
19:42:48.0944 0660 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:42:48.0954 0660 Processor - ok
19:42:49.0081 0660 [ 5CBC20E15923025997C2253A7DD5193F ] ProfSvc C:\Windows\system32\profsvc.dll
19:42:49.0085 0660 ProfSvc - ok
19:42:49.0112 0660 [ 79C908CAA6F43021EB05F4C733A927D1 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:42:49.0113 0660 ProtectedStorage - ok
19:42:49.0182 0660 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:42:49.0196 0660 Psched - ok
19:42:49.0246 0660 [ 41AD0FCF47275A9BC70FA1B56BFD3E23 ] pwdrvio C:\Windows\system32\pwdrvio.sys
19:42:49.0276 0660 pwdrvio - ok
19:42:49.0327 0660 [ 19CF17076F2524AF6746B528584AA3C9 ] pwdspio C:\Windows\system32\pwdspio.sys
19:42:49.0330 0660 pwdspio - ok
19:42:49.0368 0660 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:42:49.0401 0660 ql2300 - ok
19:42:49.0418 0660 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:42:49.0420 0660 ql40xx - ok
19:42:49.0440 0660 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:42:49.0460 0660 QWAVE - ok
19:42:49.0470 0660 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:42:49.0490 0660 QWAVEdrv - ok
19:42:49.0510 0660 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:42:49.0520 0660 RasAcd - ok
19:42:49.0550 0660 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:42:49.0550 0660 RasAgileVpn - ok
19:42:49.0570 0660 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:42:49.0570 0660 RasAuto - ok
19:42:49.0580 0660 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:42:49.0610 0660 Rasl2tp - ok
19:42:49.0630 0660 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:42:49.0630 0660 RasMan - ok
19:42:49.0650 0660 [ 77682DE44B334E6AAFCD0ED61FB7404F ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:42:49.0650 0660 RasPppoe - ok
19:42:49.0680 0660 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:42:49.0690 0660 RasSstp - ok
19:42:49.0720 0660 [ 70DB12930F84CF947BDAA32B83978393 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:42:49.0730 0660 rdbss - ok
19:42:49.0740 0660 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:42:49.0770 0660 rdpbus - ok
19:42:49.0790 0660 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:42:49.0790 0660 RDPCDD - ok
19:42:49.0820 0660 [ 9E53D41BD99BEB981180978C4AE0BDEB ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:42:49.0850 0660 RDPDR - ok
19:42:49.0870 0660 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:42:49.0870 0660 RDPENCDD - ok
19:42:49.0890 0660 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:42:49.0890 0660 RDPREFMP - ok
19:42:49.0940 0660 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:42:49.0950 0660 RdpVideoMiniport - ok
19:42:49.0980 0660 [ 1FE9863C6C5CC71E8E7E70F9EFBD30E1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:42:49.0990 0660 RDPWD - ok
19:42:50.0010 0660 [ A115F49BEA840A5F049BC6310F35F776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:42:50.0020 0660 rdyboost - ok
19:42:50.0050 0660 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:42:50.0060 0660 RemoteAccess - ok
19:42:50.0080 0660 [ E27F4D24D28E52F81A9223826939276B ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:42:50.0080 0660 RemoteRegistry - ok
19:42:50.0130 0660 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
19:42:50.0130 0660 rpcapd - ok
19:42:50.0140 0660 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:42:50.0150 0660 RpcEptMapper - ok
19:42:50.0170 0660 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:42:50.0170 0660 RpcLocator - ok
19:42:50.0210 0660 [ 29AC62409BF4939EE14D70EC07CA12BB ] RpcSs C:\Windows\system32\rpcss.dll
19:42:50.0210 0660 RpcSs - ok
19:42:50.0240 0660 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:42:50.0250 0660 rspndr - ok
19:42:50.0270 0660 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:42:50.0280 0660 s3cap - ok
19:42:50.0290 0660 [ 79C908CAA6F43021EB05F4C733A927D1 ] SamSs C:\Windows\system32\lsass.exe
19:42:50.0290 0660 SamSs - ok
19:42:50.0300 0660 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:42:50.0320 0660 sbp2port - ok
19:42:50.0330 0660 [ 38224FF66A734F973D10E1465AD4CB07 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:42:50.0340 0660 SCardSvr - ok
19:42:50.0360 0660 [ CDF622EFC748F82EA9571138406871EA ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:42:50.0370 0660 scfilter - ok
19:42:50.0413 0660 [ 3D3DA2AD9931F706A23D57E1C27D61AD ] Schedule C:\Windows\system32\schedsvc.dll
19:42:50.0432 0660 Schedule - ok
19:42:50.0463 0660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:42:50.0464 0660 SCPolicySvc - ok
19:42:50.0500 0660 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:42:50.0504 0660 SDRSVC - ok
19:42:50.0520 0660 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:42:50.0540 0660 secdrv - ok
19:42:50.0550 0660 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:42:50.0550 0660 seclogon - ok
19:42:50.0570 0660 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
19:42:50.0570 0660 SENS - ok
19:42:50.0570 0660 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:42:50.0580 0660 SensrSvc - ok
19:42:50.0590 0660 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:42:50.0600 0660 Serenum - ok
19:42:50.0620 0660 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:42:50.0660 0660 Serial - ok
19:42:50.0680 0660 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:42:50.0690 0660 sermouse - ok
19:42:50.0720 0660 [ 69DF54A0519587E8040E17EF0BA4B069 ] SessionEnv C:\Windows\system32\sessenv.dll
19:42:50.0720 0660 SessionEnv - ok
19:42:50.0740 0660 [ C3D57658C34C68DB5D8970A1CF96284E ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:42:50.0990 0660 sffdisk - ok
19:42:51.0030 0660 [ 21EACBEFFFB0FB4999D3D10245CF10A5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:42:51.0050 0660 sffp_mmc - ok
19:42:51.0070 0660 [ AF660EA3039E8FE3C2051D7224C82F34 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:42:51.0070 0660 sffp_sd - ok
19:42:51.0080 0660 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:42:51.0090 0660 sfloppy - ok
19:42:51.0140 0660 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:42:51.0140 0660 SharedAccess - ok
19:42:51.0170 0660 [ EA9092F3DB26EDC7199AB64C9EF0D2D7 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:42:51.0170 0660 ShellHWDetection - ok
19:42:51.0210 0660 [ F627DC6C49737E1B162593476E64D8EC ] SirefefRemover C:\Windows\system32\Drivers\SirefefRemover.sys
19:42:51.0210 0660 SirefefRemover - ok
19:42:51.0220 0660 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:42:51.0285 0660 SiSRaid2 - ok
19:42:51.0312 0660 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:42:51.0332 0660 SiSRaid4 - ok
19:42:51.0386 0660 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:42:51.0387 0660 SkypeUpdate - ok
19:42:51.0452 0660 SliceDisk5 - ok
19:42:51.0469 0660 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:42:51.0474 0660 Smb - ok
19:42:51.0504 0660 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:42:51.0504 0660 SNMPTRAP - ok
19:42:51.0534 0660 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
19:42:51.0534 0660 speedfan - ok
19:42:51.0544 0660 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:42:51.0564 0660 spldr - ok
19:42:51.0594 0660 [ B9D7A4858CF32A6A15D2763F1DE47E0E ] Spooler C:\Windows\System32\spoolsv.exe
19:42:51.0604 0660 Spooler - ok
19:42:51.0696 0660 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:42:51.0726 0660 sppsvc - ok
19:42:51.0746 0660 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:42:51.0746 0660 sppuinotify - ok
19:42:51.0766 0660 [ 218F6F1BD7ED3F2167759E6A9C9DDD53 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:42:51.0796 0660 srv - ok
19:42:51.0816 0660 [ DDE52C669473EB4B844C82447D31C5D7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:42:51.0836 0660 srv2 - ok
19:42:51.0856 0660 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:42:51.0856 0660 srvnet - ok
19:42:51.0876 0660 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:42:51.0886 0660 SSDPSRV - ok
19:42:51.0906 0660 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:42:51.0906 0660 SstpSvc - ok
19:42:51.0936 0660 Steam Client Service - ok
19:42:51.0956 0660 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:42:51.0976 0660 stexstor - ok
19:42:52.0016 0660 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:42:52.0016 0660 stisvc - ok
19:42:52.0046 0660 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:42:52.0046 0660 storflt - ok
19:42:52.0076 0660 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:42:52.0086 0660 storvsc - ok
19:42:52.0106 0660 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:42:52.0116 0660 swenum - ok
19:42:52.0146 0660 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:42:52.0156 0660 swprv - ok
19:42:52.0166 0660 [ 96E6D1CDA59FD9FF53C3C474CFFF4A55 ] Synth3dVsc C:\Windows\system32\drivers\Synth3dVsc.sys
19:42:52.0186 0660 Synth3dVsc - ok
19:42:52.0238 0660 [ 7BE4CDEA6BC7832BFE3112A350D8B9EA ] SysMain C:\Windows\system32\sysmain.dll
19:42:52.0248 0660 SysMain - ok
19:42:52.0268 0660 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:42:52.0278 0660 TabletInputService - ok
19:42:52.0298 0660 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:42:52.0308 0660 TapiSrv - ok
19:42:52.0318 0660 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:42:52.0318 0660 TBS - ok
19:42:52.0408 0660 [ D5707FC2300AA5B04B7BFE86D40C0133 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:42:52.0428 0660 Tcpip - ok
19:42:52.0468 0660 [ D5707FC2300AA5B04B7BFE86D40C0133 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:42:52.0478 0660 TCPIP6 - ok
19:42:52.0518 0660 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:42:52.0528 0660 tcpipreg - ok
19:42:52.0638 0660 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:42:52.0658 0660 TDPIPE - ok
19:42:52.0708 0660 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:42:52.0708 0660 TDTCP - ok
19:42:52.0738 0660 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:42:52.0758 0660 tdx - ok
19:42:53.0008 0660 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
19:42:53.0028 0660 TeamViewer8 - ok
19:42:53.0108 0660 [ 1288D7F75DD594D270324ABE877830E6 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:42:53.0158 0660 TermDD - ok
19:42:53.0178 0660 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\Windows\system32\drivers\terminpt.sys
19:42:53.0198 0660 terminpt - ok
19:42:53.0228 0660 [ E5E8A8ED641B4A25768F87DB5E922C45 ] TermService C:\Windows\System32\termsrv.dll
19:42:53.0238 0660 TermService - ok
19:42:53.0248 0660 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:42:53.0258 0660 Themes - ok
19:42:53.0278 0660 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:42:53.0278 0660 THREADORDER - ok
19:42:53.0288 0660 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:42:53.0288 0660 TrkWks - ok
19:42:53.0328 0660 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:42:53.0328 0660 TrustedInstaller - ok
19:42:53.0348 0660 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:42:53.0348 0660 tssecsrv - ok
19:42:53.0378 0660 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:42:53.0408 0660 TsUsbFlt - ok
19:42:53.0418 0660 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:42:53.0418 0660 TsUsbGD - ok
19:42:53.0438 0660 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
19:42:53.0458 0660 tsusbhub - ok
19:42:53.0468 0660 [ 5AF0E7D020F6CA55AC57CD89AE089673 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:42:53.0488 0660 tunnel - ok
19:42:53.0498 0660 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:42:53.0518 0660 uagp35 - ok
19:42:53.0528 0660 [ 7397C449E1C74AC9F41A9004BCAD6CB0 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:42:53.0538 0660 udfs - ok
19:42:53.0558 0660 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:42:53.0558 0660 UI0Detect - ok
19:42:53.0568 0660 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:42:53.0578 0660 uliagpkx - ok
19:42:53.0598 0660 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:42:53.0618 0660 umbus - ok
19:42:53.0628 0660 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:42:53.0638 0660 UmPass - ok
19:42:53.0658 0660 [ EC4F5DDAC4E0A662D3B38C6E25738FFB ] UmRdpService C:\Windows\System32\umrdp.dll
19:42:53.0668 0660 UmRdpService - ok
19:42:53.0678 0660 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:42:53.0688 0660 upnphost - ok
19:42:53.0708 0660 [ ADC6BDFDF282B283BCD33C3322AC8008 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:42:53.0718 0660 usbaudio - ok
19:42:53.0728 0660 [ D4DB525899BD7F1337C34B8CF22A92E7 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:42:53.0748 0660 usbccgp - ok
19:42:53.0758 0660 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:42:53.0768 0660 usbcir - ok
19:42:53.0778 0660 [ AA68C758B3F225618A5FD1ED40C383C4 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:42:53.0808 0660 usbehci - ok
19:42:53.0838 0660 [ 68C086C1E48DE5709C664CA10426F09A ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:42:53.0858 0660 usbhub - ok
19:42:53.0868 0660 [ B26ACA4784AD1295C25A7501FD4AB79E ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:42:53.0878 0660 usbohci - ok
19:42:53.0898 0660 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:42:53.0908 0660 usbprint - ok
19:42:53.0948 0660 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:42:53.0948 0660 usbscan - ok
19:42:53.0968 0660 [ 73B84C8CE467E81A94D4194F8009F2A0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:42:53.0968 0660 USBSTOR - ok
19:42:53.0988 0660 [ 35944CFF264134FFD2E7EED0F8B81A56 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:42:53.0988 0660 usbuhci - ok
19:42:53.0998 0660 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:42:54.0008 0660 UxSms - ok
19:42:54.0008 0660 [ 79C908CAA6F43021EB05F4C733A927D1 ] VaultSvc C:\Windows\system32\lsass.exe
19:42:54.0008 0660 VaultSvc - ok
19:42:54.0028 0660 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:42:54.0058 0660 vdrvroot - ok
19:42:54.0078 0660 [ 44082C4A89ABDAC0C4B08AA8834270B4 ] vds C:\Windows\System32\vds.exe
19:42:54.0088 0660 vds - ok
19:42:54.0108 0660 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:42:54.0108 0660 vga - ok
19:42:54.0118 0660 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:42:54.0148 0660 VgaSave - ok
19:42:54.0148 0660 VGPU - ok
19:42:54.0188 0660 [ 65667D91E537393684F73621EDBEF8F9 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:42:54.0278 0660 vhdmp - ok
19:42:54.0298 0660 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:42:54.0338 0660 viaide - ok
19:42:54.0443 0660 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:42:54.0643 0660 vmbus - ok
19:42:54.0693 0660 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:42:54.0728 0660 VMBusHID - ok
19:42:54.0783 0660 [ 7643697199083A8517D44E3F5FCD2D90 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:42:54.0823 0660 volmgr - ok
19:42:54.0948 0660 [ 0904EF550B3D3FEB326638A4BAD9937E ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:42:54.0973 0660 volmgrx - ok
19:42:55.0013 0660 [ ABFECA99D72CE81E5C3612861F03B0CA ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:42:55.0078 0660 volsnap - ok
19:42:55.0143 0660 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:42:55.0233 0660 vsmraid - ok
19:42:55.0528 0660 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:42:55.0613 0660 VSS - ok
19:42:55.0638 0660 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:42:55.0693 0660 vwifibus - ok
19:42:55.0843 0660 [ C7B83BD98BA3560374569C0C13EA3685 ] W32Time C:\Windows\system32\w32time.dll
19:42:55.0893 0660 W32Time - ok
19:42:55.0928 0660 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:42:55.0973 0660 WacomPen - ok
19:42:56.0063 0660 [ 226028D956C43CE4D8DDFFA89873E890 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:42:56.0123 0660 WANARP - ok
19:42:56.0153 0660 [ 226028D956C43CE4D8DDFFA89873E890 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:42:56.0158 0660 Wanarpv6 - ok
19:42:56.0433 0660 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:42:56.0523 0660 WatAdminSvc - ok
19:42:56.0823 0660 [ E3AED78575601B7106B87A0A1BF93017 ] wbengine C:\Windows\system32\wbengine.exe
19:42:56.0873 0660 wbengine - ok
19:42:56.0918 0660 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:42:57.0003 0660 WbioSrvc - ok
19:42:57.0058 0660 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:42:57.0073 0660 wcncsvc - ok
19:42:57.0093 0660 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:42:57.0118 0660 WcsPlugInService - ok
19:42:57.0158 0660 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:42:57.0198 0660 Wd - ok
19:42:57.0303 0660 [ B1FC27C1066B74839E61CB73FF7E0378 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:42:57.0328 0660 Wdf01000 - ok
19:42:57.0395 0660 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:42:57.0425 0660 WdiServiceHost - ok
19:42:57.0430 0660 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:42:57.0435 0660 WdiSystemHost - ok
19:42:57.0475 0660 [ 904E6B97EE970A7EB45BDE63EF07E685 ] WebClient C:\Windows\System32\webclnt.dll
19:42:57.0500 0660 WebClient - ok
19:42:57.0550 0660 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:42:57.0575 0660 Wecsvc - ok
19:42:57.0600 0660 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:42:57.0615 0660 wercplsupport - ok
19:42:57.0715 0660 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:42:57.0730 0660 WerSvc - ok
19:42:57.0780 0660 [ 009604986BAE004733728282BD98BB03 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:42:57.0790 0660 WfpLwf - ok
19:42:57.0860 0660 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:42:58.0185 0660 WIMMount - ok
19:42:58.0230 0660 WinDefend - ok
19:42:58.0230 0660 WinHttpAutoProxySvc - ok
19:42:58.0400 0660 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:42:58.0535 0660 Winmgmt - ok
19:42:58.0755 0660 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
19:42:58.0835 0660 WinRing0_1_2_0 - ok
19:42:59.0035 0660 [ A3E62DD0C946471F3CDB29D3F7F0A467 ] WinRM C:\Windows\system32\WsmSvc.dll
19:42:59.0065 0660 WinRM - ok
19:42:59.0140 0660 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:42:59.0165 0660 WinUsb - ok
19:42:59.0265 0660 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:42:59.0285 0660 Wlansvc - ok
19:42:59.0635 0660 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:42:59.0645 0660 wlidsvc - ok
19:42:59.0675 0660 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:42:59.0715 0660 WmiAcpi - ok
19:42:59.0752 0660 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:42:59.0752 0660 wmiApSrv - ok
19:42:59.0777 0660 WMPNetworkSvc - ok
19:42:59.0817 0660 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:42:59.0832 0660 WPCSvc - ok
19:42:59.0852 0660 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:42:59.0857 0660 WPDBusEnum - ok
19:42:59.0872 0660 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:42:59.0872 0660 ws2ifsl - ok
19:42:59.0972 0660 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
19:42:59.0972 0660 wscsvc - ok
19:42:59.0977 0660 WSearch - ok
19:43:00.0075 0660 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:43:00.0107 0660 wuauserv - ok
19:43:00.0119 0660 [ 04F908311A08F1196C1D37BFCF5E688F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:43:00.0120 0660 WudfPf - ok
19:43:00.0157 0660 [ B310186EBCCD4BC4A3BDD12676E2A4F9 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:43:00.0162 0660 WUDFRd - ok
19:43:00.0187 0660 [ 11A534AF8D759C7EA43120B8FFDA9A3C ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:43:00.0192 0660 wudfsvc - ok
19:43:00.0207 0660 [ F0B1D8725FAB9F4A559CCC91A960FCE0 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:43:00.0217 0660 WwanSvc - ok
19:43:00.0317 0660 [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
19:43:00.0337 0660 xnacc - ok
19:43:00.0352 0660 ================ Scan global ===============================
19:43:00.0372 0660 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:43:00.0407 0660 [ C2B1F6196C7FE1EA1BF827312B095D06 ] C:\Windows\system32\winsrv.dll
19:43:00.0441 0660 [ C2B1F6196C7FE1EA1BF827312B095D06 ] C:\Windows\system32\winsrv.dll
19:43:00.0464 0660 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:43:00.0484 0660 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:43:00.0494 0660 [Global] - ok
19:43:00.0494 0660 ================ Scan MBR ==================================
19:43:00.0509 0660 [ DA78E083D0717E99AF44EDA1BB65F878 ] \Device\Harddisk0\DR0
19:43:00.0584 0660 \Device\Harddisk0\DR0 - ok
19:43:00.0599 0660 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:43:02.0159 0660 \Device\Harddisk1\DR1 - ok
19:43:02.0164 0660 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
19:43:02.0264 0660 \Device\Harddisk2\DR2 - ok
19:43:02.0264 0660 ================ Scan VBR ==================================
19:43:02.0279 0660 [ C745B56A557DE6E6EBFF0DBE2ADDDFB3 ] \Device\Harddisk0\DR0\Partition1
19:43:02.0279 0660 \Device\Harddisk0\DR0\Partition1 - ok
19:43:02.0279 0660 [ 5EB2BD7FEF23E2655420276DA4F5C129 ] \Device\Harddisk1\DR1\Partition1
19:43:02.0284 0660 \Device\Harddisk1\DR1\Partition1 - ok
19:43:02.0289 0660 [ 7C79D7DF364C4372F134A7CD062A5753 ] \Device\Harddisk2\DR2\Partition1
19:43:02.0289 0660 \Device\Harddisk2\DR2\Partition1 - ok
19:43:02.0289 0660 ============================================================
19:43:02.0289 0660 Scan finished
19:43:02.0289 0660 ============================================================
19:43:02.0299 4352 Detected object count: 0
19:43:02.0299 4352 Actual detected object count: 0
19:43:47.0226 2744 Deinitialize success

And the log from aswMBR:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-19 20:05:29
-----------------------------
20:05:29.064 OS Version: Windows x64 6.1.7601 Service Pack 1
20:05:29.064 Number of processors: 2 586 0x170A
20:05:29.064 ComputerName: Punkr0cker99-PC UserName: Punkr0cker99
20:05:30.094 Initialize success
20:05:38.920 AVAST engine defs: 13011900
20:05:42.102 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
20:05:42.102 Disk 0 Vendor: SAMSUNG_HD321KJ CP100-12 Size: 305245MB BusType: 3
20:05:42.102 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-2
20:05:42.102 Disk 1 Vendor: SAMSUNG_HD161HJ JF100-19 Size: 152627MB BusType: 3
20:05:42.122 Disk 1 MBR read successfully
20:05:42.122 Disk 1 MBR scan
20:05:42.122 Disk 1 Windows 7 default MBR code
20:05:42.132 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152625 MB offset 63
20:05:42.162 Disk 1 scanning C:\Windows\system32\drivers
20:05:49.452 Service scanning
20:06:13.766 Modules scanning
20:06:13.766 Disk 1 trace - called modules:
20:06:13.806 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys
20:06:13.806 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8004910060]
20:06:13.806 3 CLASSPNP.SYS[fffff880019bc43f] -> nt!IofCallDriver -> [0xfffffa8004479520]
20:06:13.816 5 ACPI.sys[fffff88000f937a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa8004476060]
20:06:14.516 AVAST engine scan C:\Windows
20:06:16.346 AVAST engine scan C:\Windows\system32
20:08:24.781 AVAST engine scan C:\Windows\system32\drivers
20:08:33.251 AVAST engine scan C:\Users\Punkr0cker99
20:14:06.376 AVAST engine scan C:\ProgramData
20:14:46.766 Scan finished successfully
20:39:10.115 Disk 1 MBR has been saved successfully to "C:\Users\Punkr0cker99\Desktop\MBR.dat"
20:39:10.315 The log file has been saved successfully to "C:\Users\Punkr0cker99\Desktop\aswMBR.txt"


The only issue i´m currently detecting is upon running Microsoft Outlook 2007, the start search-certified page still comes up.

Thanks!!

Edited by Punkr0cker99, 19 January 2013 - 03:51 PM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:11 PM

Posted 19 January 2013 - 07:06 PM

OK,lets clear the Temp Folder and scan again.
Which browser(s) you use?

Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.
alternate download link
  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.



Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Punkr0cker99

Punkr0cker99
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:11 PM

Posted 20 January 2013 - 09:43 AM

Hi again,

I tried sorting out the issue by rebuilding the shortcut (to my microsoft outlook 2007), and voila, the search-certified start page is gone from it as well!
Regarding the temp file cleaner, I had previously ran it so my temp folders are clean as a whistle.

Thanks for the help!

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:11 PM

Posted 21 January 2013 - 11:39 AM

You're welcome!!

Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users