Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

iLivid toolbar, its all contents&possibly stg else has infected(Yontoo, Delta)


  • Please log in to reply
15 replies to this topic

#1 MsYvaine

MsYvaine

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:uk-london
  • Local time:03:41 PM

Posted 01 July 2013 - 03:04 PM

Hi there,

thanks a lot for being around in the first place, yet again I'd like to ask for some help.

 

This computer has started to act weirdly in the last 2-3 months and just now started to show the unmistakable symptoms of malware.

Unfortunately, apart from iLivid I don't know exactly what's wrong.

1. Web browsers' settings disappeared and every link opens in new window, eventhough it is set to open in a new bar or opens in the same bar. Nothing helps to get it right.

2. iLivid is constantly everywhere, on facebook, google etc.

3. There are Yontoo ads all around the place

4. fan is in the range of 60-70 degrees

 

What I have done so far:

 

1. Run spybot 3-4 times and there was always something constantly rebooting the computer, constant TeaTime dialogues, finally removed it when I thought I'd rather turn to professional help.

2. Run MBAM, removed 8 malwares and reboot, new scan was clear, but iLivid is still around the place.

3. Run MBAM rootkiller, clear scan.

4. Tried to run securitycheck, but the notepad dialogue showed that my system is not supported and aborted the processes.

 

And here we are now.

 

Could you please post what logs do you need and please check if I am at the right place.

 

Thanks a lot!

 



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:41 AM

Posted 01 July 2013 - 03:12 PM

Remove SPybot from your machine.

 

 

Then see below.

 

 

 

 

 

Run the Junkware removal tool.Post the log.
http://thisisudax.org/downloads/JRT.exe

Reboot your machine.


Download Adware Cleaner double click it to run it.
Click the delete button allow it to run
The program will reboot your machine.
This is normal.
Post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner



 

 

 

Please download MINITOOLBOX and run it.

Checkmark following boxes:



Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

 

 

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe


Right Click it Run As Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results



Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log here,

 

 

Run a scan with Eset. You will need to disable your antivirus during this scan.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.



#3 MsYvaine

MsYvaine
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:uk-london
  • Local time:03:41 PM

Posted 01 July 2013 - 04:34 PM

hi there, thanks for your incredibly fast reply

I am going to do the required steps possibly in the next couple of hours and post them as they are ready.

Here is the first one:

 

Junkware:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Ultimate x64
Ran by Babyke on 2013.07.01. at 22:25:55,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\iminent"

~~~ FireFox

Successfully deleted the following from C:\Users\Babyke\AppData\Roaming\mozilla\firefox\profiles\t2ceh64j.default\prefs.js

user_pref("iminent.webbooster.scripts.sslminibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.sslminibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.sslminibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.sslminibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1372706807889");

~~~ Event Viewer Logs were cleared

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2013.07.01. at 22:30:58,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:41 AM

Posted 01 July 2013 - 04:39 PM

:thumbup2:

 

Post when ready. 



#5 MsYvaine

MsYvaine
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:uk-london
  • Local time:03:41 PM

Posted 02 July 2013 - 06:23 AM

hi there,

 

here is the next, the adware's log:

# AdwCleaner v2.303 - Logfile created 07/02/2013 at 12:17:33
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Babyke - BABYKE-PC
# Boot Mode : Normal
# Running from : C:\Users\Babyke\Downloads\adwcleaner.exe
# Option [Delete]

***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Folder Deleted : C:\Users\Babyke\AppData\Local\Temp\Iminent
Folder Deleted : C:\Users\Babyke\AppData\Local\Temp\OCS
Folder Deleted : C:\Windows\Installer\{118D6CE9-5F18-42F9-958A-14676A629FDE}

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\d68d8db66aec44
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\d68d8db66aec44
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{118D6CE9-5F18-42F9-958A-14676A629FDE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16618

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\Babyke\AppData\Roaming\Mozilla\Firefox\Profiles\t2ceh64j.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [18408 octets] - [02/07/2013 12:17:33]

########## EOF - C:\AdwCleaner[S1].txt - [18469 octets] ##########



#6 MsYvaine

MsYvaine
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:uk-london
  • Local time:03:41 PM

Posted 02 July 2013 - 06:28 AM

here is the farbar minitoolbox report:

 

MiniToolBox by Farbar  Version: 16-06-2013
Ran by Babyke (administrator) on 02-07-2013 at 12:25:45
Running from "C:\Users\Babyke\Downloads"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP konfigur ci˘

A DNS-felold si gyorsˇt˘t r kirˇt‚se sikeresen megt”rt‚nt.   

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

========================= IP Configuration: ================================

Broadcom 4313 802.11b/g/n = Vezeték nélküli hálózati kapcsolat (Connected)
Realtek PCIe FE Family Controller = Helyi kapcsolat (Media disconnected)

# ----------------------------------
# IPv4-konfigur ci˘
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# IPv4-konfigur ci˘ v‚ge

Windows IP konfigur ci˘

   µllom sn‚v. . . . . . . . . . . . : Babyke-PC
   Els‹dleges DNS-ut˘tag . . . . . . :
   Csom˘ponttˇpus. . . . . . . . . . : Hibrid
   IP-Łtv laszt s enged‚lyezve . . . : Nem
   WINS-proxy enged‚lyezve . . . . . : Nem
   DNS-ut˘tag keres‚si list ja . . . : Belkin

Vezet‚k n‚lkli h l˘zati kapcsolat vezet‚k n‚lkli h l˘zati adapter:

   Kapcsolatspecifikus DNS-ut˘tag. . : Belkin
   Leˇr s. . . . . . . . . . . . . . : Broadcom 4313 802.11b/g/n
   Fizikai cˇm . . . . . . . . . . . : AC-81-12-26-A2-E4
   DHCP enged‚lyezve . . . . . . . . : Igen
   Automatikus konfigur ci˘ enged‚lyezve : Igen
   Kapcsolati szintű IPv6-cˇm  . . . : fe80::690f:12c5:949b:e6b4%12(Kˇv nt)
   IPv4-cˇm. . . . . . . . . . . . . : 192.168.2.5(Kˇv nt)
   Alh l˘zati maszk. . . . . . . . . : 255.255.255.0
   B‚rleti jog kezdete . . . . . . . : 2013. jŁlius 2. 12:20:04
   B‚rleti jog v‚ge. . . . . . . . . : 2149. augusztus 8. 18:54:07
   Alap‚rtelmezett  tj r˘. . . . . . : 192.168.2.1
   DHCP-kiszolg l˘ . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 380403986
   DHCPv6-gyf‚l DUID azonosˇt˘ja . . . . . . . : 00-01-00-01-18-6C-CF-25-78-AC-C0-4B-AC-CA
   DNS-kiszolg l˘k . . . . . . . . . : 192.168.2.1
   NetBIOS a TCP/IP felett . . . . . : Enged‚lyezve

Ethernet-adapter Helyi kapcsolat:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . :
   Leˇr s. . . . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Fizikai cˇm . . . . . . . . . . . : 78-AC-C0-4B-AC-CA
   DHCP enged‚lyezve . . . . . . . . : Igen
   Automatikus konfigur ci˘ enged‚lyezve : Igen

AlagŁtadapter isatap.Belkin:

   Adathordoz˘  llapota. . . . . . . : Adathordoz˘ lev lasztva
   Kapcsolatspecifikus DNS-ut˘tag. . : Belkin
   Leˇr s. . . . . . . . . . . . . . : Microsoft ISATAP adapter
   Fizikai cˇm . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP enged‚lyezve . . . . . . . . : Nem
   Automatikus konfigur ci˘ enged‚lyezve : Igen
Kiszolgáló:  UnKnown
Address:  192.168.2.1

Név:     google.com
Addresses:  2a00:1450:4009:803::1009
   62.252.173.158
   62.252.173.163
   62.252.173.153
   62.252.173.187
   62.252.173.168
   62.252.173.177
   62.252.173.167
   62.252.173.172
   62.252.173.162
   62.252.173.182
   62.252.173.148
   62.252.173.183
   62.252.173.157
   62.252.173.178
   62.252.173.152
   62.252.173.173


google.com [62.252.173.187] pingel‚se - 32 b jtnyi adattal:
V lasz 62.252.173.187: b jt=32 id‹=77 ms TTL=57
V lasz 62.252.173.187: b jt=32 id‹=66 ms TTL=57

62.252.173.187 ping-statisztik ja:
    Csomagok: kld”tt = 2, fogadott = 2, elveszett = 0
                        (0% vesztes‚g),
Oda-vissza Łt ideje k”zelˇt‹legesen, milliszekundumban:
    minimum = 66ms, maximum = 77ms,  tlag = 71ms
Kiszolgáló:  UnKnown
Address:  192.168.2.1

Név:     yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24

yahoo.com [98.138.253.109] pingel‚se - 32 b jtnyi adattal:
V lasz 98.138.253.109: b jt=32 id‹=189 ms TTL=46
V lasz 98.138.253.109: b jt=32 id‹=145 ms TTL=45

98.138.253.109 ping-statisztik ja:
    Csomagok: kld”tt = 2, fogadott = 2, elveszett = 0
                        (0% vesztes‚g),
Oda-vissza Łt ideje k”zelˇt‹legesen, milliszekundumban:
    minimum = 145ms, maximum = 189ms,  tlag = 167ms

127.0.0.1 pingel‚se - 32 b jtnyi adattal:
V lasz 127.0.0.1: b jt=32 id‹<10 ezredmp. TTL=128
V lasz 127.0.0.1: b jt=32 id‹<10 ezredmp. TTL=128

127.0.0.1 ping-statisztik ja:
    Csomagok: kld”tt = 2, fogadott = 2, elveszett = 0
                        (0% vesztes‚g),
Oda-vissza Łt ideje k”zelˇt‹legesen, milliszekundumban:
    minimum = 0ms, maximum = 0ms,  tlag = 0ms
===========================================================================
Kapcsolatlista
12...ac 81 12 26 a2 e4 ......Broadcom 4313 802.11b/g/n
11...78 ac c0 4b ac ca ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP adapter
===========================================================================

IPv4 Łtvonalt bla
===========================================================================
Aktˇv Łtvonalak:
H l˘zati c‚l               H l˘zati maszk   µtj r˘        Kapcsolat  Metrika
          0.0.0.0          0.0.0.0      192.168.2.1      192.168.2.5     25
        127.0.0.0        255.0.0.0   Kapcsolaton belli         127.0.0.1    306
        127.0.0.1  255.255.255.255   Kapcsolaton belli         127.0.0.1    306
  127.255.255.255  255.255.255.255   Kapcsolaton belli         127.0.0.1    306
      192.168.2.0    255.255.255.0   Kapcsolaton belli       192.168.2.5    281
      192.168.2.5  255.255.255.255   Kapcsolaton belli       192.168.2.5    281
    192.168.2.255  255.255.255.255   Kapcsolaton belli       192.168.2.5    281
        224.0.0.0        240.0.0.0   Kapcsolaton belli         127.0.0.1    306
        224.0.0.0        240.0.0.0   Kapcsolaton belli       192.168.2.5    281
  255.255.255.255  255.255.255.255   Kapcsolaton belli         127.0.0.1    306
  255.255.255.255  255.255.255.255   Kapcsolaton belli       192.168.2.5    281
===========================================================================
µlland˘ Łtvonalak:
  Nincs

IPv6 Łtvonalt bla
===========================================================================
Aktˇv Łtvonalak:
Kapcs. Metrika H l˘zati c‚l      µtj r˘
  1    306 ::1/128                  Kapcsolaton belli
12    281 fe80::/64                Kapcsolaton belli
12    281 fe80::690f:12c5:949b:e6b4/128
                                    Kapcsolaton belli
  1    306 ff00::/8                 Kapcsolaton belli
12    281 ff00::/8                 Kapcsolaton belli
===========================================================================
µlland˘ Łtvonalak:
  Nincs
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/02/2013 00:21:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2013 08:36:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17550

Error: (07/02/2013 08:36:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17550

Error: (07/02/2013 08:36:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/02/2013 08:36:06 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9469

Error: (07/02/2013 08:36:06 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9469

Error: (07/02/2013 08:36:06 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/02/2013 08:36:00 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3385

Error: (07/02/2013 08:36:00 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3385

Error: (07/02/2013 08:36:00 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

System errors:
=============
Error: (07/02/2013 00:20:14 PM) (Source: Service Control Manager) (User: )
Description: A következő boot- vagy rendszerindító illesztőprogram(ok) nem indult(ak) el: The following boot or systemstartup programmes did not start:
VD_FileDisk

Error: (07/02/2013 00:19:48 PM) (Source: Application Popup) (User: )
Description: A(z) \SystemRoot\SysWow64\Drivers\VD_FileDisk.SYS betöltését a rendszer blokkolta, mert nem kompatibilis a rendszerrel. The \

SystemRoot\Sys\SysWow64\Drivers... was blocked by system, because it is not compatible with the system.

Lépjen kapcsolatba a szoftver szállítójával az illesztőprogram kompatibilis verziójának beszerzéséért. Please contact the manufacturer for the compatible version.

Error: (07/02/2013 08:35:40 AM) (Source: Service Control Manager) (User: )
Description: Letelt egy időkorlát (30000 ms) a(z) NlaSvc szolgáltatásnak a tranzakcióra adott válaszára való várakozás közben.

Description: A time limit has elapsed (30000ms) while waiting for the response of NIaSvc's service.

Error: (07/02/2013 02:14:53 AM) (Source: volsnap) (User: )
Description: A(z) C: kötet árnyékmásolatait a program megszüntette, mert  az árnyékmásolatok tárolására szolgáló lemezterületet egy felhasználó által beállított korlát miatt nem sikerült megnövelni.

Description: A C: volume shadowcopies were terminated by the program, because the drive space for storing shadowcopies could not be extended due to a limit set by user.

Error: (07/01/2013 10:38:42 PM) (Source: Service Control Manager) (User: )
Description: A következő boot- vagy rendszerindító illesztőprogram(ok) nem indult(ak) el:

Description: The following boot or startup programs did not run:

VD_FileDisk

Error: (07/01/2013 10:38:18 PM) (Source: Application Popup) (User: )
Description: A(z) \SystemRoot\SysWow64\Drivers\VD_FileDisk.SYS betöltését a rendszer blokkolta, mert nem kompatibilis a rendszerrel. Lépjen kapcsolatba a szoftver szállítójával az illesztőprogram kompatibilis verziójának beszerzéséért.

Microsoft Office Sessions:
=========================
Error: (07/02/2013 00:21:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2013 08:36:14 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17550

Error: (07/02/2013 08:36:14 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17550

Error: (07/02/2013 08:36:14 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/02/2013 08:36:06 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9469

Error: (07/02/2013 08:36:06 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9469

Error: (07/02/2013 08:36:06 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/02/2013 08:36:00 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3385

Error: (07/02/2013 08:36:00 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3385

Error: (07/02/2013 08:36:00 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

=========================== Installed Programs ============================

A Microsoft .NET-keretrendszer 4-es verziójához tartozó ügyfélprofil HUN nyelvi csomagja (Version: 4.0.30319)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212)
Adobe AIR (Version: 3.5.0.1060)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.790.0)
BCDC++ 0.790bx (Version: 0.790bx)
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.350.6)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.0929.2212.37971)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0929.2212.37971)
Catalyst Control Center InstallProxy (Version: 2010.0929.2212.37971)
Catalyst Control Center Localization All (Version: 2010.0929.2212.37971)
CCC Help Chinese Standard (Version: 2010.0929.2211.37971)
CCC Help Chinese Traditional (Version: 2010.0929.2211.37971)
CCC Help Czech (Version: 2010.0929.2211.37971)
CCC Help Danish (Version: 2010.0929.2211.37971)
CCC Help Dutch (Version: 2010.0929.2211.37971)
CCC Help English (Version: 2010.0929.2211.37971)
CCC Help Finnish (Version: 2010.0929.2211.37971)
CCC Help French (Version: 2010.0929.2211.37971)
CCC Help German (Version: 2010.0929.2211.37971)
CCC Help Greek (Version: 2010.0929.2211.37971)
CCC Help Hungarian (Version: 2010.0929.2211.37971)
CCC Help Italian (Version: 2010.0929.2211.37971)
CCC Help Japanese (Version: 2010.0929.2211.37971)
CCC Help Korean (Version: 2010.0929.2211.37971)
CCC Help Norwegian (Version: 2010.0929.2211.37971)
CCC Help Polish (Version: 2010.0929.2211.37971)
CCC Help Portuguese (Version: 2010.0929.2211.37971)
CCC Help Russian (Version: 2010.0929.2211.37971)
CCC Help Spanish (Version: 2010.0929.2211.37971)
CCC Help Swedish (Version: 2010.0929.2211.37971)
CCC Help Thai (Version: 2010.0929.2211.37971)
CCC Help Turkish (Version: 2010.0929.2211.37971)
ccc-core-static (Version: 2010.0929.2212.37971)
ccc-utility64 (Version: 2010.0929.2212.37971)
DAEMON Tools Toolbar (Version: 1.0.8.0552)
DivX Setup (Version: 2.6.1.22)
Dropbox (Version: 2.0.26)
Epson Easy Photo Print 2 (Version: 2.2.4.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000)
Epson Event Manager (Version: 2.50.0000)
EPSON Scan
EPSON SX235 Series Printer Uninstall
EpsonNet Print (Version: 2.5.00)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
FLV Media Player version 1.3 (Version: 1.3)
Google Föld (Version: 7.0.3.8542)
Google Talk Plugin (Version: 4.1.3.13728)
Google Update Helper (Version: 1.3.21.145)
Hálózati útmutató EPSON SX235 Series
Használati útmutató EPSON SX235 Series
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HP Product Detection (Version: 11.14.0006)
HP Support Assistant (Version: 7.0.39.15)
HTC Driver Installer (Version: 4.2.0.001)
HTC Sync Manager (Version: 2.0.60.0)
IPTInstaller (Version: 4.0.8)
iTunes (Version: 11.0.1.12)
Malwarebytes Anti-Malware 1.75.0.1300 verzió (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile HUN Language Pack (Version: 4.0.30319)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Ralink RT2860 Wireless LAN Card (Version: 3.1.13.0)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.18.322.2010)
Skype™ 6.3 (Version: 6.3.105)
Sony Ericsson Update Engine (Version: 2.13.6.201305161305)
Sony PC Companion 2.10.165 (Version: 2.10.165)
Synaptics Pointing Device Driver (Version: 15.1.6.64)
Total Commander Ultima Prime 4.1.0.0 (Version: 4.1.0.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 2.0.0 (Version: 2.0.0)
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (Version: 06/15/2009 6.2.0.9000)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
WinRAR archiváló
YTD Video Downloader 3.9.6 (Version: 3.9.6)

========================= Devices: ================================

Name: MpKslb79eb1e8
Description: MpKslb79eb1e8
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKslb79eb1e8
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

========================= Memory info: ===================================

Percentage of memory in use: 56%
Total physical RAM: 1786.9 MB
Available physical RAM: 775.68 MB
Total Pagefile: 3573.8 MB
Available Pagefile: 2147.68 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.86 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:49.19 GB) (Free:9.51 GB) NTFS
2 Drive d: (Új kötet) (Fixed) (Total:183.59 GB) (Free:141.95 GB) NTFS

========================= Users: ========================================

\\BABYKE-PC felhaszn l˘i fi˘kjai

Babyke                   Rendszergazda            Vend‚g                  Babyke   Admin   Guest
A parancs sikeresen v‚grehajtva. Command run succesfully

**** End of log ****

 

this one contains some hungarian sentences here are the translations: in blue bold, where I think the meaning is quite straight forward I leave it as it is, please let me know if I have missed anything important!

Thanks


Edited by MsYvaine, 02 July 2013 - 06:47 AM.


#7 MsYvaine

MsYvaine
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:uk-london
  • Local time:03:41 PM

Posted 02 July 2013 - 06:57 AM

TDSSrootkiller results

 

12:54:12.0438 2136  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:54:12.0672 2136  ============================================================
12:54:12.0672 2136  Current date / time: 2013/07/02 12:54:12.0672
12:54:12.0672 2136  SystemInfo:
12:54:12.0672 2136 
12:54:12.0672 2136  OS Version: 6.1.7601 ServicePack: 1.0
12:54:12.0672 2136  Product type: Workstation
12:54:12.0672 2136  ComputerName: BABYKE-PC
12:54:12.0672 2136  UserName: Babyke
12:54:12.0672 2136  Windows directory: C:\Windows
12:54:12.0672 2136  System windows directory: C:\Windows
12:54:12.0672 2136  Running under WOW64
12:54:12.0672 2136  Processor architecture: Intel x64
12:54:12.0672 2136  Number of processors: 1
12:54:12.0672 2136  Page size: 0x1000
12:54:12.0672 2136  Boot type: Normal boot
12:54:12.0672 2136  ============================================================
12:54:14.0233 2136  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:54:14.0233 2136  ============================================================
12:54:14.0233 2136  \Device\Harddisk0\DR0:
12:54:14.0233 2136  MBR partitions:
12:54:14.0233 2136  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6263000
12:54:14.0233 2136  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x6295800, BlocksNum 0x16F2F000
12:54:14.0233 2136  ============================================================
12:54:14.0280 2136  C: <-> \Device\Harddisk0\DR0\Partition1
12:54:14.0311 2136  D: <-> \Device\Harddisk0\DR0\Partition2
12:54:14.0311 2136  ============================================================
12:54:14.0311 2136  Initialize success
12:54:14.0311 2136  ============================================================
12:55:20.0924 4448  ============================================================
12:55:20.0924 4448  Scan started
12:55:20.0924 4448  Mode: Manual; TDLFS;
12:55:20.0924 4448  ============================================================
12:55:21.0111 4448  ================ Scan system memory ========================
12:55:21.0111 4448  System memory - ok
12:55:21.0127 4448  ================ Scan services =============================
12:55:21.0314 4448  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:55:21.0329 4448  1394ohci - ok
12:55:21.0423 4448  [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
12:55:21.0454 4448  ABBYY.Licensing.FineReader.Sprint.9.0 - ok
12:55:21.0517 4448  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:55:21.0517 4448  ACPI - ok
12:55:21.0548 4448  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:55:21.0548 4448  AcpiPmi - ok
12:55:21.0641 4448  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:55:21.0657 4448  AdobeARMservice - ok
12:55:21.0751 4448  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:55:21.0751 4448  AdobeFlashPlayerUpdateSvc - ok
12:55:21.0813 4448  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:55:21.0813 4448  adp94xx - ok
12:55:21.0860 4448  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:55:21.0860 4448  adpahci - ok
12:55:21.0891 4448  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:55:21.0891 4448  adpu320 - ok
12:55:21.0922 4448  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:55:21.0922 4448  AeLookupSvc - ok
12:55:21.0969 4448  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
12:55:21.0985 4448  AFD - ok
12:55:22.0016 4448  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:55:22.0016 4448  agp440 - ok
12:55:22.0031 4448  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
12:55:22.0031 4448  ALG - ok
12:55:22.0078 4448  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:55:22.0078 4448  aliide - ok
12:55:22.0109 4448  [ 09FCD2C758F1AD3DF931AB9D944FE348 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:55:22.0109 4448  AMD External Events Utility - ok
12:55:22.0141 4448  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
12:55:22.0141 4448  amdide - ok
12:55:22.0172 4448  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:55:22.0172 4448  AmdK8 - ok
12:55:22.0375 4448  [ 2E76D0A912AB09CA5586AB23E466A25F ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:55:22.0546 4448  amdkmdag - ok
12:55:22.0609 4448  [ DD3C0C1B62DA0736482501C4BCDCD1F8 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
12:55:22.0609 4448  amdkmdap - ok
12:55:22.0655 4448  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:55:22.0655 4448  AmdPPM - ok
12:55:22.0687 4448  [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:55:22.0687 4448  amdsata - ok
12:55:22.0718 4448  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:55:22.0718 4448  amdsbs - ok
12:55:22.0733 4448  [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:55:22.0733 4448  amdxata - ok
12:55:22.0749 4448  [ 08E8A4172C57ABD7693A6915CF1E7A99 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
12:55:22.0749 4448  amd_sata - ok
12:55:22.0780 4448  [ 9866AF4E4AD7F16E810B6C0B8473F9CD ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
12:55:22.0780 4448  amd_xata - ok
12:55:22.0827 4448  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
12:55:22.0827 4448  AppID - ok
12:55:22.0858 4448  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:55:22.0858 4448  AppIDSvc - ok
12:55:22.0889 4448  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
12:55:22.0889 4448  Appinfo - ok
12:55:22.0967 4448  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:55:22.0983 4448  Apple Mobile Device - ok
12:55:23.0030 4448  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:55:23.0030 4448  AppMgmt - ok
12:55:23.0061 4448  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
12:55:23.0061 4448  arc - ok
12:55:23.0092 4448  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:55:23.0092 4448  arcsas - ok
12:55:23.0123 4448  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:55:23.0139 4448  AsyncMac - ok
12:55:23.0170 4448  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
12:55:23.0170 4448  atapi - ok
12:55:23.0217 4448  [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie64.sys
12:55:23.0217 4448  AtiPcie - ok
12:55:23.0279 4448  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:55:23.0295 4448  AudioEndpointBuilder - ok
12:55:23.0295 4448  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:55:23.0311 4448  AudioSrv - ok
12:55:23.0342 4448  AVG Security Toolbar Service - ok
12:55:23.0373 4448  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:55:23.0373 4448  AxInstSV - ok
12:55:23.0435 4448  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:55:23.0435 4448  b06bdrv - ok
12:55:23.0498 4448  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:55:23.0498 4448  b57nd60a - ok
12:55:23.0638 4448  [ 810BE94A9E42309B3F74217AC28BC6AC ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
12:55:23.0669 4448  BCM43XX - ok
12:55:23.0716 4448  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:55:23.0716 4448  BDESVC - ok
12:55:23.0763 4448  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:55:23.0763 4448  Beep - ok
12:55:23.0825 4448  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
12:55:23.0825 4448  BFE - ok
12:55:23.0857 4448  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
12:55:23.0872 4448  BITS - ok
12:55:23.0888 4448  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:55:23.0903 4448  blbdrive - ok
12:55:23.0997 4448  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:55:23.0997 4448  Bonjour Service - ok
12:55:24.0059 4448  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:55:24.0075 4448  bowser - ok
12:55:24.0122 4448  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:55:24.0122 4448  BrFiltLo - ok
12:55:24.0137 4448  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:55:24.0137 4448  BrFiltUp - ok
12:55:24.0184 4448  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
12:55:24.0184 4448  Browser - ok
12:55:24.0231 4448  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:55:24.0231 4448  Brserid - ok
12:55:24.0262 4448  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:55:24.0262 4448  BrSerWdm - ok
12:55:24.0293 4448  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:55:24.0293 4448  BrUsbMdm - ok
12:55:24.0309 4448  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:55:24.0309 4448  BrUsbSer - ok
12:55:24.0325 4448  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:55:24.0325 4448  BTHMODEM - ok
12:55:24.0371 4448  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
12:55:24.0387 4448  bthserv - ok
12:55:24.0403 4448  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:55:24.0403 4448  cdfs - ok
12:55:24.0449 4448  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:55:24.0449 4448  cdrom - ok
12:55:24.0496 4448  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
12:55:24.0496 4448  CertPropSvc - ok
12:55:24.0527 4448  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
12:55:24.0527 4448  circlass - ok
12:55:24.0574 4448  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
12:55:24.0574 4448  CLFS - ok
12:55:24.0653 4448  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:55:24.0653 4448  clr_optimization_v2.0.50727_32 - ok
12:55:24.0700 4448  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:55:24.0716 4448  clr_optimization_v2.0.50727_64 - ok
12:55:24.0794 4448  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:55:24.0809 4448  clr_optimization_v4.0.30319_32 - ok
12:55:24.0872 4448  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:55:24.0872 4448  clr_optimization_v4.0.30319_64 - ok
12:55:24.0918 4448  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:55:24.0918 4448  CmBatt - ok
12:55:24.0950 4448  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:55:24.0950 4448  cmdide - ok
12:55:24.0996 4448  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
12:55:24.0996 4448  CNG - ok
12:55:25.0043 4448  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:55:25.0043 4448  Compbatt - ok
12:55:25.0074 4448  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:55:25.0074 4448  CompositeBus - ok
12:55:25.0090 4448  COMSysApp - ok
12:55:25.0121 4448  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:55:25.0121 4448  crcdisk - ok
12:55:25.0184 4448  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:55:25.0184 4448  CryptSvc - ok
12:55:25.0230 4448  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
12:55:25.0246 4448  CSC - ok
12:55:25.0340 4448  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
12:55:25.0340 4448  CscService - ok
12:55:25.0418 4448  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:55:25.0418 4448  DcomLaunch - ok
12:55:25.0464 4448  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
12:55:25.0464 4448  defragsvc - ok
12:55:25.0511 4448  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:55:25.0527 4448  DfsC - ok
12:55:25.0558 4448  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:55:25.0574 4448  Dhcp - ok
12:55:25.0605 4448  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
12:55:25.0605 4448  discache - ok
12:55:25.0620 4448  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
12:55:25.0620 4448  Disk - ok
12:55:25.0667 4448  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
12:55:25.0667 4448  dmvsc - ok
12:55:25.0714 4448  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:55:25.0714 4448  Dnscache - ok
12:55:25.0761 4448  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:55:25.0761 4448  dot3svc - ok
12:55:25.0776 4448  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
12:55:25.0792 4448  DPS - ok
12:55:25.0839 4448  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:55:25.0839 4448  drmkaud - ok
12:55:25.0886 4448  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:55:25.0901 4448  DXGKrnl - ok
12:55:25.0964 4448  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
12:55:25.0964 4448  EapHost - ok
12:55:26.0088 4448  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:55:26.0182 4448  ebdrv - ok
12:55:26.0229 4448  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
12:55:26.0229 4448  EFS - ok
12:55:26.0307 4448  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:55:26.0322 4448  ehRecvr - ok
12:55:26.0338 4448  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
12:55:26.0338 4448  ehSched - ok
12:55:26.0385 4448  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:55:26.0385 4448  elxstor - ok
12:55:26.0400 4448  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:55:26.0416 4448  ErrDev - ok
12:55:26.0478 4448  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
12:55:26.0494 4448  EventSystem - ok
12:55:26.0525 4448  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
12:55:26.0541 4448  exfat - ok
12:55:26.0572 4448  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:55:26.0572 4448  fastfat - ok
12:55:26.0634 4448  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
12:55:26.0634 4448  Fax - ok
12:55:26.0666 4448  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
12:55:26.0666 4448  fdc - ok
12:55:26.0712 4448  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
12:55:26.0712 4448  fdPHost - ok
12:55:26.0744 4448  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:55:26.0744 4448  FDResPub - ok
12:55:26.0759 4448  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:55:26.0759 4448  FileInfo - ok
12:55:26.0775 4448  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:55:26.0790 4448  Filetrace - ok
12:55:26.0822 4448  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
12:55:26.0822 4448  flpydisk - ok
12:55:26.0868 4448  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:55:26.0868 4448  FltMgr - ok
12:55:26.0962 4448  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
12:55:26.0978 4448  FontCache - ok
12:55:27.0040 4448  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:55:27.0040 4448  FontCache3.0.0.0 - ok
12:55:27.0071 4448  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:55:27.0087 4448  FsDepends - ok
12:55:27.0118 4448  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:55:27.0118 4448  Fs_Rec - ok
12:55:27.0165 4448  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:55:27.0165 4448  fvevol - ok
12:55:27.0196 4448  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:55:27.0196 4448  gagp30kx - ok
12:55:27.0243 4448  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:55:27.0243 4448  GEARAspiWDM - ok
12:55:27.0290 4448  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
12:55:27.0290 4448  gpsvc - ok
12:55:27.0368 4448  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:55:27.0368 4448  gupdate - ok
12:55:27.0383 4448  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:55:27.0383 4448  gupdatem - ok
12:55:27.0414 4448  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:55:27.0430 4448  hcw85cir - ok
12:55:27.0508 4448  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:55:27.0524 4448  HdAudAddService - ok
12:55:27.0555 4448  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:55:27.0555 4448  HDAudBus - ok
12:55:27.0586 4448  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:55:27.0586 4448  HidBatt - ok
12:55:27.0602 4448  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:55:27.0617 4448  HidBth - ok
12:55:27.0633 4448  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:55:27.0633 4448  HidIr - ok
12:55:27.0664 4448  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
12:55:27.0664 4448  hidserv - ok
12:55:27.0711 4448  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
12:55:27.0726 4448  HidUsb - ok
12:55:27.0758 4448  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:55:27.0758 4448  hkmsvc - ok
12:55:27.0789 4448  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:55:27.0789 4448  HomeGroupListener - ok
12:55:27.0820 4448  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:55:27.0836 4448  HomeGroupProvider - ok
12:55:27.0914 4448  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
12:55:27.0914 4448  HP Support Assistant Service - ok
12:55:28.0023 4448  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
12:55:28.0038 4448  hpqwmiex - ok
12:55:28.0054 4448  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:55:28.0070 4448  HpSAMD - ok
12:55:28.0101 4448  [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
12:55:28.0116 4448  HTCAND64 - ok
12:55:28.0194 4448  [ 5C8BC8A28798FD010E7ABC4E0D588CAA ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
12:55:28.0210 4448  HTCMonitorService - ok
12:55:28.0257 4448  [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
12:55:28.0257 4448  htcnprot - ok
12:55:28.0304 4448  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:55:28.0319 4448  HTTP - ok
12:55:28.0350 4448  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:55:28.0350 4448  hwpolicy - ok
12:55:28.0366 4448  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:55:28.0366 4448  i8042prt - ok
12:55:28.0428 4448  [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:55:28.0428 4448  iaStorV - ok
12:55:28.0491 4448  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:55:28.0506 4448  idsvc - ok
12:55:28.0538 4448  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:55:28.0538 4448  iirsp - ok
12:55:28.0584 4448  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
12:55:28.0600 4448  IKEEXT - ok
12:55:28.0631 4448  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
12:55:28.0631 4448  intelide - ok
12:55:28.0662 4448  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
12:55:28.0662 4448  intelppm - ok
12:55:28.0694 4448  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:55:28.0709 4448  IPBusEnum - ok
12:55:28.0725 4448  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:55:28.0725 4448  IpFilterDriver - ok
12:55:28.0756 4448  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:55:28.0772 4448  iphlpsvc - ok
12:55:28.0803 4448  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:55:28.0803 4448  IPMIDRV - ok
12:55:28.0834 4448  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:55:28.0834 4448  IPNAT - ok
12:55:28.0881 4448  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:55:28.0896 4448  iPod Service - ok
12:55:28.0943 4448  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:55:28.0943 4448  IRENUM - ok
12:55:28.0974 4448  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:55:28.0974 4448  isapnp - ok
12:55:28.0990 4448  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:55:29.0006 4448  iScsiPrt - ok
12:55:29.0037 4448  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:55:29.0037 4448  kbdclass - ok
12:55:29.0068 4448  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
12:55:29.0068 4448  kbdhid - ok
12:55:29.0099 4448  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
12:55:29.0099 4448  KeyIso - ok
12:55:29.0146 4448  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:55:29.0146 4448  KSecDD - ok
12:55:29.0162 4448  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:55:29.0162 4448  KSecPkg - ok
12:55:29.0193 4448  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:55:29.0193 4448  ksthunk - ok
12:55:29.0240 4448  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:55:29.0240 4448  KtmRm - ok
12:55:29.0271 4448  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:55:29.0271 4448  LanmanServer - ok
12:55:29.0318 4448  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:55:29.0318 4448  LanmanWorkstation - ok
12:55:29.0396 4448  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:55:29.0396 4448  lltdio - ok
12:55:29.0427 4448  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:55:29.0427 4448  lltdsvc - ok
12:55:29.0458 4448  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:55:29.0458 4448  lmhosts - ok
12:55:29.0489 4448  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:55:29.0489 4448  LSI_FC - ok
12:55:29.0520 4448  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:55:29.0520 4448  LSI_SAS - ok
12:55:29.0536 4448  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:55:29.0552 4448  LSI_SAS2 - ok
12:55:29.0567 4448  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:55:29.0583 4448  LSI_SCSI - ok
12:55:29.0598 4448  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
12:55:29.0598 4448  luafv - ok
12:55:29.0645 4448  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:55:29.0645 4448  Mcx2Svc - ok
12:55:29.0661 4448  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:55:29.0676 4448  megasas - ok
12:55:29.0708 4448  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:55:29.0708 4448  MegaSR - ok
12:55:29.0754 4448  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
12:55:29.0770 4448  MMCSS - ok
12:55:29.0786 4448  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
12:55:29.0786 4448  Modem - ok
12:55:29.0832 4448  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:55:29.0832 4448  monitor - ok
12:55:29.0895 4448  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:55:29.0895 4448  mouclass - ok
12:55:29.0926 4448  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
12:55:29.0926 4448  mouhid - ok
12:55:29.0957 4448  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:55:29.0957 4448  mountmgr - ok
12:55:30.0004 4448  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:55:30.0020 4448  MozillaMaintenance - ok
12:55:30.0066 4448  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
12:55:30.0082 4448  MpFilter - ok
12:55:30.0098 4448  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:55:30.0098 4448  mpio - ok
12:55:30.0269 4448  MpKslb79eb1e8 - ok
12:55:30.0316 4448  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:55:30.0316 4448  mpsdrv - ok
12:55:30.0378 4448  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:55:30.0410 4448  MpsSvc - ok
12:55:30.0425 4448  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:55:30.0425 4448  MRxDAV - ok
12:55:30.0472 4448  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:55:30.0472 4448  mrxsmb - ok
12:55:30.0503 4448  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:55:30.0503 4448  mrxsmb10 - ok
12:55:30.0534 4448  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:55:30.0534 4448  mrxsmb20 - ok
12:55:30.0581 4448  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:55:30.0581 4448  msahci - ok
12:55:30.0597 4448  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:55:30.0597 4448  msdsm - ok
12:55:30.0628 4448  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
12:55:30.0628 4448  MSDTC - ok
12:55:30.0675 4448  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:55:30.0675 4448  Msfs - ok
12:55:30.0706 4448  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:55:30.0722 4448  mshidkmdf - ok
12:55:30.0737 4448  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:55:30.0737 4448  msisadrv - ok
12:55:30.0768 4448  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:55:30.0768 4448  MSiSCSI - ok
12:55:30.0784 4448  msiserver - ok
12:55:30.0831 4448  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:55:30.0831 4448  MSKSSRV - ok
12:55:30.0924 4448  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
12:55:30.0924 4448  MsMpSvc - ok
12:55:30.0971 4448  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:55:30.0971 4448  MSPCLOCK - ok
12:55:31.0018 4448  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:55:31.0018 4448  MSPQM - ok
12:55:31.0065 4448  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:55:31.0080 4448  MsRPC - ok
12:55:31.0096 4448  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:55:31.0096 4448  mssmbios - ok
12:55:31.0127 4448  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:55:31.0127 4448  MSTEE - ok
12:55:31.0143 4448  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:55:31.0143 4448  MTConfig - ok
12:55:31.0174 4448  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
12:55:31.0174 4448  Mup - ok
12:55:31.0205 4448  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
12:55:31.0221 4448  napagent - ok
12:55:31.0252 4448  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:55:31.0268 4448  NativeWifiP - ok
12:55:31.0314 4448  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:55:31.0330 4448  NDIS - ok
12:55:31.0377 4448  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:55:31.0377 4448  NdisCap - ok
12:55:31.0408 4448  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:55:31.0408 4448  NdisTapi - ok
12:55:31.0439 4448  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:55:31.0455 4448  Ndisuio - ok
12:55:31.0470 4448  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:55:31.0486 4448  NdisWan - ok
12:55:31.0517 4448  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:55:31.0517 4448  NDProxy - ok
12:55:31.0533 4448  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:55:31.0533 4448  NetBIOS - ok
12:55:31.0564 4448  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:55:31.0564 4448  NetBT - ok
12:55:31.0580 4448  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
12:55:31.0580 4448  Netlogon - ok
12:55:31.0626 4448  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
12:55:31.0642 4448  Netman - ok
12:55:31.0673 4448  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
12:55:31.0673 4448  netprofm - ok
12:55:31.0704 4448  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:55:31.0720 4448  NetTcpPortSharing - ok
12:55:31.0751 4448  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:55:31.0751 4448  nfrd960 - ok
12:55:31.0814 4448  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:55:31.0814 4448  NisDrv - ok
12:55:31.0876 4448  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
12:55:31.0876 4448  NisSrv - ok
12:55:31.0938 4448  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:55:31.0954 4448  NlaSvc - ok
12:55:31.0970 4448  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:55:31.0970 4448  Npfs - ok
12:55:32.0001 4448  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
12:55:32.0001 4448  nsi - ok
12:55:32.0032 4448  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:55:32.0032 4448  nsiproxy - ok
12:55:32.0110 4448  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:55:32.0141 4448  Ntfs - ok
12:55:32.0141 4448  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
12:55:32.0157 4448  Null - ok
12:55:32.0172 4448  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:55:32.0188 4448  nvraid - ok
12:55:32.0219 4448  [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:55:32.0235 4448  nvstor - ok
12:55:32.0297 4448  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:55:32.0297 4448  nv_agp - ok
12:55:32.0344 4448  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:55:32.0344 4448  ohci1394 - ok
12:55:32.0375 4448  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:55:32.0391 4448  p2pimsvc - ok
12:55:32.0422 4448  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:55:32.0422 4448  p2psvc - ok
12:55:32.0453 4448  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
12:55:32.0453 4448  Parport - ok
12:55:32.0484 4448  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:55:32.0484 4448  partmgr - ok
12:55:32.0547 4448  [ 3CAE2BBC86FCF7F94C9696994AF30386 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
12:55:32.0609 4448  PassThru Service - ok
12:55:32.0640 4448  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:55:32.0656 4448  PcaSvc - ok
12:55:32.0687 4448  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
12:55:32.0687 4448  pci - ok
12:55:32.0718 4448  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
12:55:32.0718 4448  pciide - ok
12:55:32.0750 4448  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:55:32.0750 4448  pcmcia - ok
12:55:32.0781 4448  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:55:32.0781 4448  pcw - ok
12:55:32.0812 4448  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:55:32.0812 4448  PEAUTH - ok
12:55:32.0906 4448  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:55:32.0921 4448  PeerDistSvc - ok
12:55:32.0999 4448  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:55:32.0999 4448  PerfHost - ok
12:55:33.0093 4448  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
12:55:33.0108 4448  pla - ok
12:55:33.0186 4448  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:55:33.0186 4448  PlugPlay - ok
12:55:33.0233 4448  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:55:33.0233 4448  PNRPAutoReg - ok
12:55:33.0264 4448  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:55:33.0264 4448  PNRPsvc - ok
12:55:33.0311 4448  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:55:33.0311 4448  PolicyAgent - ok
12:55:33.0358 4448  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
12:55:33.0358 4448  Power - ok
12:55:33.0405 4448  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:55:33.0420 4448  PptpMiniport - ok
12:55:33.0436 4448  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
12:55:33.0436 4448  Processor - ok
12:55:33.0498 4448  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
12:55:33.0514 4448  ProfSvc - ok
12:55:33.0530 4448  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:55:33.0530 4448  ProtectedStorage - ok
12:55:33.0561 4448  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:55:33.0561 4448  Psched - ok
12:55:33.0608 4448  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:55:33.0623 4448  ql2300 - ok
12:55:33.0670 4448  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:55:33.0670 4448  ql40xx - ok
12:55:33.0717 4448  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
12:55:33.0717 4448  QWAVE - ok
12:55:33.0748 4448  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:55:33.0748 4448  QWAVEdrv - ok
12:55:33.0764 4448  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:55:33.0779 4448  RasAcd - ok
12:55:33.0826 4448  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:55:33.0826 4448  RasAgileVpn - ok
12:55:33.0842 4448  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
12:55:33.0857 4448  RasAuto - ok
12:55:33.0888 4448  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:55:33.0888 4448  Rasl2tp - ok
12:55:33.0935 4448  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
12:55:33.0935 4448  RasMan - ok
12:55:33.0966 4448  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:55:33.0966 4448  RasPppoe - ok
12:55:33.0982 4448  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:55:33.0982 4448  RasSstp - ok
12:55:34.0013 4448  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:55:34.0013 4448  rdbss - ok
12:55:34.0029 4448  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:55:34.0044 4448  rdpbus - ok
12:55:34.0060 4448  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:55:34.0060 4448  RDPCDD - ok
12:55:34.0091 4448  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:55:34.0107 4448  RDPDR - ok
12:55:34.0138 4448  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:55:34.0138 4448  RDPENCDD - ok
12:55:34.0169 4448  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:55:34.0169 4448  RDPREFMP - ok
12:55:34.0216 4448  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:55:34.0216 4448  RdpVideoMiniport - ok
12:55:34.0263 4448  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:55:34.0263 4448  RDPWD - ok
12:55:34.0310 4448  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:55:34.0310 4448  rdyboost - ok
12:55:34.0341 4448  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:55:34.0341 4448  RemoteAccess - ok
12:55:34.0372 4448  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:55:34.0388 4448  RemoteRegistry - ok
12:55:34.0403 4448  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:55:34.0403 4448  RpcEptMapper - ok
12:55:34.0434 4448  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
12:55:34.0434 4448  RpcLocator - ok
12:55:34.0466 4448  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
12:55:34.0466 4448  RpcSs - ok
12:55:34.0512 4448  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:55:34.0512 4448  rspndr - ok
12:55:34.0559 4448  [ 4FBDA07EF0A3097CE14C5CABF723B278 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:55:34.0559 4448  RTL8167 - ok
12:55:34.0606 4448  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:55:34.0606 4448  s3cap - ok
12:55:34.0637 4448  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
12:55:34.0637 4448  SamSs - ok
12:55:34.0653 4448  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:55:34.0668 4448  sbp2port - ok
12:55:34.0700 4448  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:55:34.0700 4448  SCardSvr - ok
12:55:34.0746 4448  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:55:34.0746 4448  scfilter - ok
12:55:34.0778 4448  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
12:55:34.0793 4448  Schedule - ok
12:55:34.0840 4448  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:55:34.0840 4448  SCPolicySvc - ok
12:55:34.0871 4448  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:55:34.0871 4448  SDRSVC - ok
12:55:34.0918 4448  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:55:34.0918 4448  secdrv - ok
12:55:34.0949 4448  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
12:55:34.0949 4448  seclogon - ok
12:55:34.0965 4448  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
12:55:34.0965 4448  SENS - ok
12:55:34.0980 4448  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:55:34.0996 4448  SensrSvc - ok
12:55:35.0012 4448  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
12:55:35.0012 4448  Serenum - ok
12:55:35.0043 4448  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
12:55:35.0043 4448  Serial - ok
12:55:35.0058 4448  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:55:35.0058 4448  sermouse - ok
12:55:35.0121 4448  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:55:35.0121 4448  SessionEnv - ok
12:55:35.0152 4448  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:55:35.0152 4448  sffdisk - ok
12:55:35.0168 4448  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:55:35.0168 4448  sffp_mmc - ok
12:55:35.0199 4448  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:55:35.0199 4448  sffp_sd - ok
12:55:35.0230 4448  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:55:35.0230 4448  sfloppy - ok
12:55:35.0261 4448  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:55:35.0277 4448  SharedAccess - ok
12:55:35.0292 4448  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:55:35.0308 4448  ShellHWDetection - ok
12:55:35.0324 4448  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:55:35.0324 4448  SiSRaid2 - ok
12:55:35.0355 4448  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:55:35.0355 4448  SiSRaid4 - ok
12:55:35.0433 4448  [ 2F5AF9D91D51E832773D4A9EAF65CB33 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:55:35.0433 4448  SkypeUpdate - ok
12:55:35.0495 4448  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:55:35.0495 4448  Smb - ok
12:55:35.0542 4448  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:55:35.0558 4448  SNMPTRAP - ok
12:55:35.0651 4448  [ 3A4F2C0BB87A0895ABEBA341AA1E341B ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
12:55:35.0651 4448  Sony PC Companion - ok
12:55:35.0667 4448  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:55:35.0667 4448  spldr - ok
12:55:35.0698 4448  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
12:55:35.0714 4448  Spooler - ok
12:55:35.0807 4448  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
12:55:35.0854 4448  sppsvc - ok
12:55:35.0885 4448  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:55:35.0885 4448  sppuinotify - ok
12:55:35.0948 4448  [ 88E5162E58C8919CC873F5D8946197CF ] sptd            C:\Windows\system32\Drivers\sptd.sys
12:55:35.0948 4448  Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88E5162E58C8919CC873F5D8946197CF
12:55:35.0948 4448  sptd ( LockedFile.Multi.Generic ) - warning
12:55:35.0948 4448  sptd - detected LockedFile.Multi.Generic (1)
12:55:36.0010 4448  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:55:36.0026 4448  srv - ok
12:55:36.0057 4448  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:55:36.0072 4448  srv2 - ok
12:55:36.0119 4448  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:55:36.0119 4448  srvnet - ok
12:55:36.0182 4448  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:55:36.0197 4448  SSDPSRV - ok
12:55:36.0213 4448  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:55:36.0213 4448  SstpSvc - ok
12:55:36.0260 4448  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:55:36.0260 4448  stexstor - ok
12:55:36.0306 4448  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
12:55:36.0322 4448  stisvc - ok
12:55:36.0353 4448  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:55:36.0353 4448  storflt - ok
12:55:36.0400 4448  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:55:36.0400 4448  storvsc - ok
12:55:36.0431 4448  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:55:36.0447 4448  swenum - ok
12:55:36.0478 4448  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
12:55:36.0494 4448  swprv - ok
12:55:36.0525 4448  [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
12:55:36.0525 4448  Synth3dVsc - ok
12:55:36.0603 4448  [ 961CFAC2A5318E212F459D651F28E0A4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
12:55:36.0618 4448  SynTP - ok
12:55:36.0696 4448  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
12:55:36.0712 4448  SysMain - ok
12:55:36.0743 4448  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:55:36.0743 4448  TabletInputService - ok
12:55:36.0774 4448  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:55:36.0774 4448  TapiSrv - ok
12:55:36.0821 4448  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
12:55:36.0821 4448  TBS - ok
12:55:36.0915 4448  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:55:36.0946 4448  Tcpip - ok
12:55:37.0008 4448  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:55:37.0024 4448  TCPIP6 - ok
12:55:37.0071 4448  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:55:37.0071 4448  tcpipreg - ok
12:55:37.0102 4448  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:55:37.0102 4448  TDPIPE - ok
12:55:37.0133 4448  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:55:37.0133 4448  TDTCP - ok
12:55:37.0164 4448  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:55:37.0180 4448  tdx - ok
12:55:37.0196 4448  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:55:37.0211 4448  TermDD - ok
12:55:37.0242 4448  [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
12:55:37.0242 4448  terminpt - ok
12:55:37.0289 4448  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
12:55:37.0289 4448  TermService - ok
12:55:37.0320 4448  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
12:55:37.0320 4448  Themes - ok
12:55:37.0352 4448  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
12:55:37.0352 4448  THREADORDER - ok
12:55:37.0383 4448  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
12:55:37.0398 4448  TrkWks - ok
12:55:37.0445 4448  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:55:37.0445 4448  TrustedInstaller - ok
12:55:37.0476 4448  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:55:37.0492 4448  tssecsrv - ok
12:55:37.0508 4448  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:55:37.0508 4448  TsUsbFlt - ok
12:55:37.0539 4448  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:55:37.0539 4448  TsUsbGD - ok
12:55:37.0570 4448  [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
12:55:37.0570 4448  tsusbhub - ok
12:55:37.0601 4448  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:55:37.0601 4448  tunnel - ok
12:55:37.0632 4448  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:55:37.0632 4448  uagp35 - ok
12:55:37.0648 4448  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:55:37.0648 4448  udfs - ok
12:55:37.0695 4448  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:55:37.0695 4448  UI0Detect - ok
12:55:37.0742 4448  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:55:37.0742 4448  uliagpkx - ok
12:55:37.0773 4448  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:55:37.0773 4448  umbus - ok
12:55:37.0804 4448  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:55:37.0804 4448  UmPass - ok
12:55:37.0851 4448  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
12:55:37.0851 4448  UmRdpService - ok
12:55:37.0882 4448  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
12:55:37.0882 4448  upnphost - ok
12:55:37.0929 4448  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
12:55:37.0929 4448  USBAAPL64 - ok
12:55:37.0960 4448  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:55:37.0960 4448  usbccgp - ok
12:55:37.0991 4448  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:55:37.0991 4448  usbcir - ok
12:55:38.0007 4448  [ 74EE782B1D9C241EFE425565854C661C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:55:38.0022 4448  usbehci - ok
12:55:38.0054 4448  [ DC2B306861F42EEEB92EF525F4119F08 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
12:55:38.0054 4448  usbfilter - ok
12:55:38.0085 4448  [ DC96BD9CCB8403251BCF25047573558E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:55:38.0100 4448  usbhub - ok
12:55:38.0116 4448  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:55:38.0116 4448  usbohci - ok
12:55:38.0132 4448  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
12:55:38.0147 4448  usbprint - ok
12:55:38.0163 4448  [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:55:38.0194 4448  USBSTOR - ok
12:55:38.0225 4448  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:55:38.0241 4448  usbuhci - ok
12:55:38.0288 4448  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
12:55:38.0288 4448  usbvideo - ok
12:55:38.0319 4448  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
12:55:38.0319 4448  UxSms - ok
12:55:38.0334 4448  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
12:55:38.0334 4448  VaultSvc - ok
12:55:38.0366 4448  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:55:38.0366 4448  vdrvroot - ok
12:55:38.0397 4448  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
12:55:38.0428 4448  vds - ok
12:55:38.0444 4448  VD_FileDisk - ok
12:55:38.0475 4448  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:55:38.0475 4448  vga - ok
12:55:38.0490 4448  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:55:38.0490 4448  VgaSave - ok
12:55:38.0506 4448  VGPU - ok
12:55:38.0537 4448  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:55:38.0537 4448  vhdmp - ok
12:55:38.0568 4448  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:55:38.0568 4448  viaide - ok
12:55:38.0615 4448  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:55:38.0615 4448  vmbus - ok
12:55:38.0631 4448  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:55:38.0631 4448  VMBusHID - ok
12:55:38.0662 4448  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:55:38.0662 4448  volmgr - ok
12:55:38.0693 4448  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:55:38.0693 4448  volmgrx - ok
12:55:38.0724 4448  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:55:38.0724 4448  volsnap - ok
12:55:38.0756 4448  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:55:38.0771 4448  vsmraid - ok
12:55:38.0834 4448  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
12:55:38.0865 4448  VSS - ok
12:55:38.0880 4448  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:55:38.0880 4448  vwifibus - ok
12:55:38.0896 4448  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:55:38.0912 4448  vwififlt - ok
12:55:38.0927 4448  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
12:55:38.0927 4448  W32Time - ok
12:55:38.0974 4448  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:55:38.0974 4448  WacomPen - ok
12:55:39.0036 4448  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:55:39.0036 4448  WANARP - ok
12:55:39.0036 4448  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:55:39.0052 4448  Wanarpv6 - ok
12:55:39.0114 4448  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:55:39.0130 4448  WatAdminSvc - ok
12:55:39.0208 4448  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
12:55:39.0224 4448  wbengine - ok
12:55:39.0255 4448  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:55:39.0255 4448  WbioSrvc - ok
12:55:39.0302 4448  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:55:39.0302 4448  wcncsvc - ok
12:55:39.0317 4448  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:55:39.0333 4448  WcsPlugInService - ok
12:55:39.0364 4448  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
12:55:39.0364 4448  Wd - ok
12:55:39.0395 4448  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:55:39.0395 4448  Wdf01000 - ok
12:55:39.0426 4448  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:55:39.0426 4448  WdiServiceHost - ok
12:55:39.0442 4448  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:55:39.0442 4448  WdiSystemHost - ok
12:55:39.0473 4448  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
12:55:39.0489 4448  WebClient - ok
12:55:39.0504 4448  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:55:39.0520 4448  Wecsvc - ok
12:55:39.0520 4448  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:55:39.0536 4448  wercplsupport - ok
12:55:39.0567 4448  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:55:39.0567 4448  WerSvc - ok
12:55:39.0598 4448  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:55:39.0598 4448  WfpLwf - ok
12:55:39.0629 4448  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:55:39.0629 4448  WIMMount - ok
12:55:39.0660 4448  WinDefend - ok
12:55:39.0676 4448  WinHttpAutoProxySvc - ok
12:55:39.0738 4448  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:55:39.0738 4448  Winmgmt - ok
12:55:39.0816 4448  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
12:55:39.0832 4448  WinRM - ok
12:55:39.0910 4448  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:55:39.0910 4448  WinUsb - ok
12:55:39.0957 4448  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:55:39.0972 4448  Wlansvc - ok
12:55:40.0020 4448  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:55:40.0020 4448  WmiAcpi - ok
12:55:40.0067 4448  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:55:40.0067 4448  wmiApSrv - ok
12:55:40.0114 4448  WMPNetworkSvc - ok
12:55:40.0161 4448  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:55:40.0161 4448  WPCSvc - ok
12:55:40.0192 4448  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:55:40.0192 4448  WPDBusEnum - ok
12:55:40.0223 4448  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:55:40.0223 4448  ws2ifsl - ok
12:55:40.0239 4448  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
12:55:40.0254 4448  wscsvc - ok
12:55:40.0254 4448  WSearch - ok
12:55:40.0348 4448  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:55:40.0379 4448  wuauserv - ok
12:55:40.0410 4448  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:55:40.0410 4448  WudfPf - ok
12:55:40.0457 4448  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:55:40.0457 4448  WUDFRd - ok
12:55:40.0504 4448  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:55:40.0504 4448  wudfsvc - ok
12:55:40.0535 4448  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:55:40.0551 4448  WwanSvc - ok
12:55:40.0582 4448  ================ Scan global ===============================
12:55:40.0613 4448  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:55:40.0644 4448  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
12:55:40.0660 4448  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
12:55:40.0707 4448  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:55:40.0753 4448  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:55:40.0753 4448  [Global] - ok
12:55:40.0753 4448  ================ Scan MBR ==================================
12:55:40.0769 4448  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:55:41.0128 4448  \Device\Harddisk0\DR0 - ok
12:55:41.0128 4448  ================ Scan VBR ==================================
12:55:41.0143 4448  [ 2CB7A4220DB67D477985EE084C72A9CE ] \Device\Harddisk0\DR0\Partition1
12:55:41.0143 4448  \Device\Harddisk0\DR0\Partition1 - ok
12:55:41.0175 4448  [ FBFDA3B398B57ED93C60E1CB486BA457 ] \Device\Harddisk0\DR0\Partition2
12:55:41.0175 4448  \Device\Harddisk0\DR0\Partition2 - ok
12:55:41.0190 4448  ============================================================
12:55:41.0190 4448  Scan finished
12:55:41.0190 4448  ============================================================
12:55:41.0206 3184  Detected object count: 1
12:55:41.0206 3184  Actual detected object count: 1
12:55:55.0546 3184  sptd ( LockedFile.Multi.Generic ) - skipped by user
12:55:55.0546 3184  sptd ( LockedFile.Multi.Generic ) - User select action: Skip



#8 MsYvaine

MsYvaine
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:uk-london
  • Local time:03:41 PM

Posted 02 July 2013 - 07:19 AM

mbam log:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.02.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Babyke :: BABYKE-PC [administrator]

2013.07.02. 13:06:33
mbam-log-2013-07-02 (13-06-33).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 208685
Time elapsed: 3 minute(s), 44 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#9 MsYvaine

MsYvaine
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:uk-london
  • Local time:03:41 PM

Posted 02 July 2013 - 09:19 AM

finally, eset:

 

C:\Users\All Users\Spybot - Search & Destroy\Recovery\WebCakeBHO10.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\WebCakeBHO4.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\YontooPagerage109.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\YontooPagerage32.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO10.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO4.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\YontooPagerage109.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\YontooPagerage32.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Users\Babyke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2Y8SNDGJ\yontoosetup[1].exe multiple threats cleaned by deleting - quarantined
C:\Users\Babyke\Downloads\Xvid Setup.exe Win32/Adware.Linkular.AE application cleaned by deleting - quarantined

 

 

As I am not sure what to do with eset, I just leave it as it is and keep on using the computer and leave it on...

thanks!



#10 MsYvaine

MsYvaine
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:uk-london
  • Local time:03:41 PM

Posted 02 July 2013 - 09:33 AM

status update, you may find it useful..

iLivid is still persistent on facebook in firefox

temperature has dropped to a managable 40-50 degrees range

browser settings still live their own life...

Thanks a lot for your help



#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:41 AM

Posted 02 July 2013 - 10:54 AM

Go ahead and reset your hosts files.

http://support.microsoft.com/kb/972034

 

 

 

 

 

Open the EmsisoftEmergencyKit
http://www.emsisoft.com/en/software/eek/download/
folder and double-click Start.exe.
A new window will open. Under "Run Directly:" click Emergency Kit Scanner.
When asked to run an online update, click Yes.
When the update is finished, click the Back to Security Status link in the left corner. On the main screen click the Scan Now button.
Select the Deep Scan option and click the SCAN button.
When the scan is finished click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
Click the View Report button and in the Reports window double-click on the most recent log. Note, logs are named as follows: a2scan_<date>-<time>.txt.
Copy/paste the report contents in your next reply



#12 MsYvaine

MsYvaine
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:uk-london
  • Local time:03:41 PM

Posted 02 July 2013 - 12:51 PM

hi there,

 

Run the hosts files reseting thingy, rebooted afterwards

 

the log for Emergency Kit Scanner once again with some translations

 

Emsisoft Emergency Kit - verzió 3.0
Legutóbbi frissítés: 2013.07.02. 17:31:54 latest update

Beállítások:

Vizsgálat típusa: Mély  type of scan: deep
Objektum: Rootkit-ek, Memória, Nyomok, C:\, D:\

Riskware azonosítás: Ki
Archívumok: Be
ADS vizsgálat: Be
Fájlkiterjesztés szűrő: Ki
Speciális gyorsítótárazás: Be
Közvetlen lemezhozzáférés: Ki

Elindítva: 2013.07.02. 17:32:32

C:\Users\Babyke\AppData\Roaming\PacificPoker\  észlelt: Trace.File.PacificPoker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\POKERINSTALLER -> FULLPATH  észlelt: Trace.Registry.Pacific Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\POKERINSTALLER -> INSTALLER_GUID  észlelt: Trace.Registry.Pacific Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\POKERINSTALLER -> URL_CASINO_2  észlelt: Trace.Registry.Pacific Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> OPTIONS_DEALERVOICES  észlelt: Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> OPTIONS_MUSIC  észlelt: Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> OPTIONS_POKER_AVATAR_NUM  észlelt: Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> OPTIONS_SOUNDS  észlelt: Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> OPTIONS_XLSLOTS  észlelt: Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> OPTIONS-FULLSCREEN  észlelt: Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> OPTIONS-VOLUME  észlelt: Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> POKER_LOGIN_TYPE  észlelt: Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> POKER_NICKNAME  észlelt: Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> PTDEVM  észlelt: Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> SELECTED_NODE  észlelt: Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> TRIBECA_PLAYERNOTES  észlelt: Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> USERNAME  észlelt: Trace.Registry.Titan Poker (A)
Key: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\PACIFICPOKER  észlelt: Trace.Registry.PacificPoker (A)
Key: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\PACIFICPOKER\POKER  észlelt: Trace.Registry.PacificPoker (A)
Key: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\PACIFICPOKER\POKER\INIT  észlelt: Trace.Registry.PacificPoker (A)
Key: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\POKERINSTALLER  észlelt: Trace.Registry.PacificPoker (A)
Key: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\MANSION POKER  észlelt: Trace.Registry.MansionPoker (A)
Key: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\MANSION POKER\COLUMNSETS  észlelt: Trace.Registry.MansionPoker (A)
Key: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\WINNERPOKER  észlelt: Trace.Registry.WinnerPoker (A)
Key: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\WINNERPOKER\COLUMNSETS  észlelt: Trace.Registry.WinnerPoker (A)

Ellenőrizve 459280
Találat 25

Vége: 2013.07.02. 18:45:28
Vizsgálati idő: 1:12:56

Key: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\WINNERPOKER Karanténban Trace.Registry.WinnerPoker (A)
Key: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\WINNERPOKER\COLUMNSETS Karanténban Trace.Registry.WinnerPoker (A)
Key: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\MANSION POKER Karanténban Trace.Registry.MansionPoker (A)
Key: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\MANSION POKER\COLUMNSETS Karanténban Trace.Registry.MansionPoker (A)
Key: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\PACIFICPOKER Karanténban Trace.Registry.PacificPoker (A)
Key: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\PACIFICPOKER\POKER Karanténban Trace.Registry.PacificPoker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> OPTIONS_DEALERVOICES Karanténban Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> OPTIONS_MUSIC Karanténban Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> OPTIONS_POKER_AVATAR_NUM Karanténban Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> OPTIONS_SOUNDS Karanténban Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> OPTIONS_XLSLOTS Karanténban Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> OPTIONS-FULLSCREEN Karanténban Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> OPTIONS-VOLUME Karanténban Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> POKER_LOGIN_TYPE Karanténban Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> POKER_NICKNAME Karanténban Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> PTDEVM Karanténban Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> SELECTED_NODE Karanténban Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> TRIBECA_PLAYERNOTES Karanténban Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\TITAN POKER -> USERNAME Karanténban Trace.Registry.Titan Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\POKERINSTALLER -> FULLPATH Karanténban Trace.Registry.Pacific Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\POKERINSTALLER -> INSTALLER_GUID Karanténban Trace.Registry.Pacific Poker (A)
Value: HKEY_USERS\S-1-5-21-231758204-126888405-1835614825-1000\SOFTWARE\POKERINSTALLER -> URL_CASINO_2 Karanténban Trace.Registry.Pacific Poker (A)
C:\Users\Babyke\AppData\Roaming\PacificPoker\ Karanténban Trace.File.PacificPoker (A)

Karanténban 23 Quarantined 23
 

One of the found risks was not quarantined

 

thank you



#13 MsYvaine

MsYvaine
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:uk-london
  • Local time:03:41 PM

Posted 02 July 2013 - 01:05 PM

status update:

 

a nasty looking pop-up commercial appeared even here on bleepingcomputer, it says quick link and when I hover over with the mouse extends into a small box and offers the option to lock this site and create a quick link.

This very same appeared on facebook earlier and sometimes there are similar boxes at different places in the browser (top, left middle, right middle of the page etc.)

FYI there is a smliy red bubbly face on it.



#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:41 AM

Posted 02 July 2013 - 02:37 PM

That does not sound good  lets get your machine checked a bit deeper from the malware experts.

 

 Please follow the instructions in ==>This Guide<== starting at Step 6.  If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<==  Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.



#15 MsYvaine

MsYvaine
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:uk-london
  • Local time:03:41 PM

Posted 02 July 2013 - 04:35 PM

Hi there,

 

thanks for the help, I have successfully created the logs and have now started a new thread there. I suppose you could close this topic now.

 

Once again thanks for your help, hope this one thingy is not going to be as tricky as a previous one.

 

take care






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users