Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop ups, mouse issues, and button not working.


  • Please log in to reply
9 replies to this topic

#1 Houka

Houka

  • Members
  • 112 posts
  • OFFLINE
  •  
  • Local time:01:31 PM

Posted 03 July 2014 - 08:37 PM

Well I suppose a cleaning is needed. I didn't have a problem til yesterday afternoon. My internet was just fine that morning but the next time I open it; tons of pop ups started to appear. While actavaing Silverlight plug-in may have cause it but maybe it been around and I just haven't notice.

 

So I got pop ups; a few types that act like banners that appear on the top and button of the page on on as well as some time on the sides and between certain areas depending of the site I'm on. Somethig about cancer that appears on the lower right buttom of my screen stuck there regrdless where abouts on the site I'm on. A flip page looking one that unfold as I get neer it, it stays on the upper right side of the page. Ever since this has started I can't seem the fav artwork or the "X" buttion seem busted in some cases. Random taps along with pages will just pop up (with redirecting me some times but rarely). Sometimes certain word/words are under line and highlight it green and give a avertisement that way. There is a random green screach bar in some pages. Also all of the ads have "Powered by Plugin" if that helps out in anyway.

 

There is a black screen pop up that has be lingering around for a while but it doesn't stay on screen for about a secend and poofs gone. I berely have any time to write it done til eailer today when I try to remove Optimizer Pro v3.1 and this Pop up screen comes up intead of ever deleting it (C/:PROGRA~1/OPTIMI~1/unins000.exe). Another thread that mention it, so I check it and that one was so happen on my remove list.

 

Finally, occasily my mouse will freak out and will move to the right and then stop, even rarer it will go in the the uper right coner and get stuck fourcng me to reset and it fixes itself. I'm not sure if my mouse causes it since it like once in a while thing, I would think it happen more commen. I also try blowing my mouse cord for it to do nothing.

 

So far I used Malwarebytes the latest version while it did wipe out a lot of files, it didn't solve the issue, I didn't save the log...thinking it was solve. Also my subcription for AVG Internet Security has ended and I can't scan with it. I also try disabling some plugins but that did nothing taht may be cousing my cerrection lines from not poping up, I think. I reactivate them for now unless other wise told.

 

That all I have done. I'm not gonna go screw around anymore then what I have, I don't wish to make it worst. So if one of ya guys would help me out I'll be greatful!

 

Edit: forgot to mention taht Chrom has teh same issue and I think Crazy Browser does too (no pop ups but those tabs still pop up). Alos I'm using Windows 7.


Edited by Houka, 04 July 2014 - 11:00 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 PM

Posted 04 July 2014 - 01:07 PM

Let's do these next and see how it is.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Houka

Houka
  • Topic Starter

  • Members
  • 112 posts
  • OFFLINE
  •  
  • Local time:01:31 PM

Posted 04 July 2014 - 10:47 PM

MiniToolBox by Farbar  Version: 25-06-2014

Ran by Andrew Teifke (administrator) on 04-07-2014 at 17:49:23

Running from "C:\Documents and Settings\Andrew Teifke\Desktop"

Microsoft Windows XP Professional Service Pack 3 (X86)

Boot Mode: Normal

***************************************************************************

 

========================= Flush DNS: ===================================

 

 

Windows IP Configuration

 

 

Successfully flushed the DNS Resolver Cache.

 

========================= IE Proxy Settings: ==============================

 

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

 

========================= FF Proxy Settings: ==============================

 

 

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

 

========================= Hosts content: =================================

 

127.0.0.1       localhost

 

========================= IP Configuration: ================================

 

D-Link AirPlus DWL-520+ Wireless PCI Adapter = Wireless Network Connection (Connected)

 

 

# ----------------------------------

# Interface IP Configuration        

# ----------------------------------

pushd interface ip

 

 

# Interface IP Configuration for "Wireless Network Connection"

 

set address name="Wireless Network Connection" source=dhcp

set dns name="Wireless Network Connection" source=dhcp register=PRIMARY

set wins name="Wireless Network Connection" source=dhcp

 

 

popd

# End of interface IP configuration

 

 

 

 

Windows IP Configuration

 

 

        Host Name . . . . . . . . . . . . : ateifke

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

 

 

Ethernet adapter Wireless Network Connection:

 

 

        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : D-Link AirPlus DWL-520+ Wireless PCI Adapter

        Physical Address. . . . . . . . . : 00-80-C8-B0-27-F2

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.3

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 192.168.1.1

        Lease Obtained. . . . . . . . . . : Friday, July 04, 2014 3:55:05 PM

        Lease Expires . . . . . . . . . . : Saturday, July 05, 2014 3:55:05 PM

Server:  UnKnown

Address:  192.168.1.1

 

Name:    google.com

Addresses:  74.125.225.129, 74.125.225.130, 74.125.225.131, 74.125.225.132

              74.125.225.133, 74.125.225.134, 74.125.225.135, 74.125.225.136, 74.125.225.137

              74.125.225.142, 74.125.225.128

 

 

 

Pinging google.com [74.125.225.72] with 32 bytes of data:

 

 

Reply from 74.125.225.72: bytes=32 time=18ms TTL=54

Reply from 74.125.225.72: bytes=32 time=73ms TTL=54

 

 

Ping statistics for 74.125.225.72:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 18ms, Maximum = 73ms, Average = 45ms

Server:  UnKnown

Address:  192.168.1.1

 

Name:    yahoo.com

Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109

 

 

 

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

 

 

Reply from 98.138.253.109: bytes=32 time=35ms TTL=51

Reply from 98.138.253.109: bytes=32 time=38ms TTL=51

 

 

Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 35ms, Maximum = 38ms, Average = 36ms

 

 

Pinging 127.0.0.1 with 32 bytes of data:

 

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

0x1 ........................... MS TCP Loopback interface

0x2 ...00 80 c8 b0 27 f2 ...... D-Link AirPlus DWL-520+ Wireless PCI Adapter - Packet Scheduler Miniport

===========================================================================

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.3       30

        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1

      169.254.0.0      255.255.0.0      192.168.1.3     192.168.1.3           20

      192.168.1.0    255.255.255.0      192.168.1.3     192.168.1.3         30

      192.168.1.3  255.255.255.255        127.0.0.1       127.0.0.1           30

    192.168.1.255  255.255.255.255      192.168.1.3     192.168.1.3     30

        224.0.0.0        240.0.0.0      192.168.1.3     192.168.1.3   30

  255.255.255.255  255.255.255.255      192.168.1.3     192.168.1.3   1

Default Gateway:       192.168.1.1

===========================================================================

Persistent Routes:

  None

========================= Winsock entries =====================================

 

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)

Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)

Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (07/04/2014 11:01:52 AM) (Source: Application Error) (User: )

Description: Faulting application plugin-container.exe, version 30.0.0.5269, faulting module mozalloc.dll, version 30.0.0.5269, fault address 0x0000141b.

Processing media-specific event for [plugin-container.exe!ws!]

 

Error: (07/03/2014 11:41:22 PM) (Source: Application Error) (User: )

Description: Faulting application plugin-container.exe, version 30.0.0.5269, faulting module mozalloc.dll, version 30.0.0.5269, fault address 0x0000141b.

Processing media-specific event for [plugin-container.exe!ws!]

 

Error: (07/03/2014 10:36:59 AM) (Source: Application Error) (User: )

Description: Faulting application plugin-container.exe, version 30.0.0.5269, faulting module mozalloc.dll, version 30.0.0.5269, fault address 0x0000141b.

Processing media-specific event for [plugin-container.exe!ws!]

 

Error: (07/02/2014 10:52:26 PM) (Source: Application Error) (User: )

Description: Faulting application plugin-container.exe, version 30.0.0.5269, faulting module mozalloc.dll, version 30.0.0.5269, fault address 0x0000141b.

Processing media-specific event for [plugin-container.exe!ws!]

 

Error: (07/02/2014 10:23:29 PM) (Source: Application Error) (User: )

Description: Faulting application plugin-container.exe, version 30.0.0.5269, faulting module mozalloc.dll, version 30.0.0.5269, fault address 0x0000141b.

Processing media-specific event for [plugin-container.exe!ws!]

 

Error: (07/02/2014 10:11:30 PM) (Source: Application Error) (User: )

Description: Faulting application plugin-container.exe, version 30.0.0.5269, faulting module mozalloc.dll, version 30.0.0.5269, fault address 0x0000141b.

Processing media-specific event for [plugin-container.exe!ws!]

 

Error: (07/02/2014 09:45:18 PM) (Source: Application Error) (User: )

Description: Faulting application plugin-container.exe, version 30.0.0.5269, faulting module mozalloc.dll, version 30.0.0.5269, fault address 0x0000141b.

Processing media-specific event for [plugin-container.exe!ws!]

 

Error: (07/02/2014 11:28:09 AM) (Source: Application Error) (User: )

Description: Faulting application plugin-container.exe, version 30.0.0.5269, faulting module mozalloc.dll, version 30.0.0.5269, fault address 0x0000141b.

Processing media-specific event for [plugin-container.exe!ws!]

 

Error: (07/01/2014 11:21:23 PM) (Source: Application Error) (User: )

Description: Faulting application plugin-container.exe, version 30.0.0.5269, faulting module mozalloc.dll, version 30.0.0.5269, fault address 0x0000141b.

Processing media-specific event for [plugin-container.exe!ws!]

 

Error: (07/01/2014 08:32:48 PM) (Source: Application Error) (User: )

Description: Faulting application plugin-container.exe, version 30.0.0.5269, faulting module mozalloc.dll, version 30.0.0.5269, fault address 0x0000141b.

Processing media-specific event for [plugin-container.exe!ws!]

 

 

System errors:

=============

Error: (07/04/2014 05:35:00 PM) (Source: Schedule) (User: )

Description: The At1.job command failed to start due to the following error:

%%2147942403

 

Error: (07/04/2014 05:21:32 PM) (Source: Service Control Manager) (User: )

Description: The Adobe Flash Player Update Service service failed to start due to the following error:

%%1053

 

Error: (07/04/2014 05:21:32 PM) (Source: Service Control Manager) (User: )

Description: Timeout (30000 milliseconds) waiting for the Adobe Flash Player Update Service service to connect.

 

Error: (07/04/2014 04:35:00 PM) (Source: Schedule) (User: )

Description: The At1.job command failed to start due to the following error:

%%2147942403

 

Error: (07/04/2014 03:35:00 PM) (Source: Schedule) (User: )

Description: The At1.job command failed to start due to the following error:

%%2147942403

 

Error: (07/04/2014 02:35:00 PM) (Source: Schedule) (User: )

Description: The At1.job command failed to start due to the following error:

%%2147942403

 

Error: (07/04/2014 01:35:00 PM) (Source: Schedule) (User: )

Description: The At1.job command failed to start due to the following error:

%%2147942403

 

Error: (07/04/2014 00:35:00 PM) (Source: Schedule) (User: )

Description: The At1.job command failed to start due to the following error:

%%2147942403

 

Error: (07/04/2014 11:57:52 AM) (Source: Service Control Manager) (User: )

Description: The MBAMService service terminated unexpectedly.  It has done this 2 time(s).

 

Error: (07/04/2014 11:35:00 AM) (Source: Schedule) (User: )

Description: The At1.job command failed to start due to the following error:

%%2147942403

 

 

Microsoft Office Sessions:

=========================

Error: (07/04/2014 11:01:52 AM) (Source: Application Error)(User: )

Description: plugin-container.exe30.0.0.5269mozalloc.dll30.0.0.52690000141b

 

Error: (07/03/2014 11:41:22 PM) (Source: Application Error)(User: )

Description: plugin-container.exe30.0.0.5269mozalloc.dll30.0.0.52690000141b

 

Error: (07/03/2014 10:36:59 AM) (Source: Application Error)(User: )

Description: plugin-container.exe30.0.0.5269mozalloc.dll30.0.0.52690000141b

 

Error: (07/02/2014 10:52:26 PM) (Source: Application Error)(User: )

Description: plugin-container.exe30.0.0.5269mozalloc.dll30.0.0.52690000141b

 

Error: (07/02/2014 10:23:29 PM) (Source: Application Error)(User: )

Description: plugin-container.exe30.0.0.5269mozalloc.dll30.0.0.52690000141b

 

Error: (07/02/2014 10:11:30 PM) (Source: Application Error)(User: )

Description: plugin-container.exe30.0.0.5269mozalloc.dll30.0.0.52690000141b

 

Error: (07/02/2014 09:45:18 PM) (Source: Application Error)(User: )

Description: plugin-container.exe30.0.0.5269mozalloc.dll30.0.0.52690000141b

 

Error: (07/02/2014 11:28:09 AM) (Source: Application Error)(User: )

Description: plugin-container.exe30.0.0.5269mozalloc.dll30.0.0.52690000141b

 

Error: (07/01/2014 11:21:23 PM) (Source: Application Error)(User: )

Description: plugin-container.exe30.0.0.5269mozalloc.dll30.0.0.52690000141b

 

Error: (07/01/2014 08:32:48 PM) (Source: Application Error)(User: )

Description: plugin-container.exe30.0.0.5269mozalloc.dll30.0.0.52690000141b

 

 

 

=========================== Installed Programs ============================

AAC Decoder (HKLM\...\{AEF9DC35ADDF4825B049ACBFD1C6EB37}) (Version: 7.1.0 - DivX, Inc.)

Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Aneesoft Free Apple TV Video Converter (HKLM\...\{5C3FD2A2-9798-49D7-B626-2222D04AB1FC}}_is1) (Version:  - Aneesoft Corporation)

Apple Application Support (HKLM\...\{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}) (Version: 1.5.0 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{CACAEB5F-174D-4C7C-AC56-A33289A807CA}) (Version: 3.4.0.25 - Apple Inc.)

Apple Software Update (HKLM\...\{C41300B9-185D-475E-BFEC-39EF732F19B1}) (Version: 2.1.2.120 - Apple Inc.)

AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)

AVG 2014 (Version: 14.0.3955 - AVG Technologies) Hidden

AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden

Bonjour (HKLM\...\{2A981294-F14C-4F0F-9627-D793270922F8}) (Version: 2.0.4.0 - Apple Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)

Crazy Browser version 3.0.0 RC2 (HKLM\...\Crazy Browser 3.0.0 RC2_is1) (Version:  - )

Crazy Browser version 3.0.5 (HKLM\...\Crazy Browser 3.0.5_is1) (Version:  - )

Creative MediaSource 5 (HKLM\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - Creative Technology Limited)

Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version:  - )

Creative System Information (HKLM\...\SysInfo) (Version:  - )

Creative WaveStudio 7 (HKLM\...\WaveStudio 7) (Version:  - )

DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.5 - DivX, Inc.)

DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)

DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)

DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)

DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)

DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.2 - DivX, Inc.)

DivX Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)

D-Link AirPlus (HKLM\...\{CDC74FE6-5224-11D6-B27F-00E0181A6FA8}) (Version:  - )

Free YouTube Download version 3.1.42.1212 (HKLM\...\Free YouTube Download_is1) (Version: 3.1.42.1212 - DVDVideoSoft Ltd.)

Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)

Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden

H.264 Decoder (HKLM\...\{A96E97134CA649888820BCDE5E300BBD}) (Version: 1.1.0 - DivX, Inc.)

iTunes (HKLM\...\{2A697B53-0DE3-42DA-B41D-C3F804B1C538}) (Version: 10.2.1.1 - Apple Inc.)

Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)

Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden

Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Macromedia Extension Manager (HKLM\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)

Macromedia Flash 8 (HKLM\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)

Macromedia Flash 8 Video Encoder (HKLM\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)

Macromedia Flash Player 8 (HKLM\...\{885A63EA-382B-4DD4-A755-14809B8557D6}) (Version: 8.0.22.0 - Macromedia)

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 2.1.121.2 - McAfee, Inc.)

Media Player Codec Pack 3.9.0 (HKLM\...\Media Player - Codec Pack) (Version:  - Media Player Codec Pack)

Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden

Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)

Microsoft Office Live Add-in 1.3 (HKLM\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)

Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)

Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)

Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

MKV Splitter (HKLM\...\{AAC389499AEF40428987B3D30CFC76C9}) (Version: 1.0.1 - DivX, Inc.)

Mozilla Firefox 30.0 (x86 en-US) (HKLM\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden

Network System Driver (HKLM\...\inethnfd) (Version: 1.0.0.3001 - )

Optimizer Pro v3.1 (HKLM\...\Optimizer Pro_is1) (Version: 3.1 - PC Utilities Pro)

Platform (Version: 1.22 - VIA Technologies, Inc.) Hidden

QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)

RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)

RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden

Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

S3 S3Display (HKLM\...\VTDisplay) (Version:  - )

S3 S3Gamma2 (HKLM\...\VTGamma2) (Version:  - )

S3 S3Info2 (HKLM\...\VTInfo2) (Version:  - )

S3 S3Overlay (HKLM\...\VTOverlay) (Version:  - )

Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden

Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)

Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

Sound Blaster Audigy (HKLM\...\{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}) (Version: 1.0 - )

SuperAVConverter V9.5 Build 6500 (HKLM\...\SuperAVConverter V9.5 Build 6500_is1) (Version:  - MySuperSoft.com)

TubeSucker (HKLM\...\{4E906533-F57F-45BD-A837-FCF24A2C243E}) (Version: 5.0.0.4 - )

UniChrome IGP Driver and Utilities (HKLM\...\S3) (Version:  - )

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)

Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)

VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0 - DivX, Inc) Hidden

Vegas Pro 9.0 (HKLM\...\{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}) (Version: 9.0.1147 - Sony)

Veoh Giraffic Video Accelerator (HKLM\...\Giraffic) (Version: 0.86.412.230 - Giraffic)

Veoh Web Player (HKLM\...\Veoh Web Player Beta) (Version: 1.1.2.0000 - Veoh Networks, Inc.)

VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.22 - VIA Technologies, Inc.)

Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

WAV MP3 Converter v3.8 build 969 (HKLM\...\{A4A14B15-F25D-44F8-8483-291C1DF7C548}_is1) (Version:  - Hoo Technologies)

WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden

Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)

Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)

Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Windows Live Family Safety (Version: 14.0.8118.427 - Microsoft Corporation) Hidden

Windows Live Mail (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)

Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)

Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

Windows Live Writer (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )

Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden

Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )

Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden

WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )

Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

Yahoo! Search Protection (HKLM\...\Yahoo! Search Defender) (Version:  - )

Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )

Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - )

YTD Toolbar v6.9 (HKLM\...\{C7B1C030-8B9F-48A2-91E3-6999FC624AE5}) (Version: 6.9 - Spigot, Inc.)

YTD Video Downloader 3.9.2 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version:  - GreenTree Applications SRL)

 

========================= Memory info: ===================================

 

Percentage of memory in use: 65%

Total physical RAM: 447.48 MB

Available physical RAM: 156.2 MB

Total Pagefile: 1352.85 MB

Available Pagefile: 692.21 MB

Total Virtual: 2047.88 MB

Available Virtual: 1979.18 MB

 

========================= Partitions: =====================================

 

2 Drive c: () (Fixed) (Total:150.5 GB) (Free:97.33 GB) NTFS

3 Drive d: (PRESARIO_RP) (Fixed) (Total:56.29 GB) (Free:52.7 GB) FAT32

4 Drive e: () (Fixed) (Total:258.95 GB) (Free:22.38 GB) NTFS

 

========================= Users: ========================================

 

User accounts for \\ATEIFKE

 

Administrator            Andrew Teifke            Guest                   

HelpAssistant            SUPPORT_388945a0        

 

 

**** End of log ****

 

18:07:44.0681 0x22b4  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54

18:07:46.0712 0x22b4  ============================================================

18:07:46.0712 0x22b4  Current date / time: 2014/07/04 18:07:46.0712

18:07:46.0712 0x22b4  SystemInfo:

18:07:46.0712 0x22b4 

18:07:46.0712 0x22b4  OS Version: 5.1.2600 ServicePack: 3.0

18:07:46.0712 0x22b4  Product type: Workstation

18:07:46.0712 0x22b4  ComputerName: ATEIFKE

18:07:46.0712 0x22b4  UserName: Andrew Teifke

18:07:46.0712 0x22b4  Windows directory: C:\WINDOWS

18:07:46.0712 0x22b4  System windows directory: C:\WINDOWS

18:07:46.0712 0x22b4  Processor architecture: Intel x86

18:07:46.0712 0x22b4  Number of processors: 1

18:07:46.0712 0x22b4  Page size: 0x1000

18:07:46.0712 0x22b4  Boot type: Normal boot

18:07:46.0712 0x22b4  ============================================================

18:07:49.0040 0x22b4  KLMD registered as C:\WINDOWS\system32\drivers\82414751.sys

18:07:49.0462 0x22b4  System UUID: {AC97ED06-72DD-7247-569A-06F480C55515}

18:07:51.0415 0x22b4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

18:07:51.0415 0x22b4  ============================================================

18:07:51.0415 0x22b4  \Device\Harddisk0\DR0:

18:07:51.0415 0x22b4  MBR partitions:

18:07:51.0415 0x22b4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x709B8F7

18:07:51.0415 0x22b4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x709B936, BlocksNum 0x12D01DFF

18:07:51.0415 0x22b4  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x19D9D735, BlocksNum 0x205E750C

18:07:51.0415 0x22b4  ============================================================

18:07:51.0478 0x22b4  C: <-> \Device\Harddisk0\DR0\Partition2

18:07:51.0478 0x22b4  D: <-> \Device\Harddisk0\DR0\Partition1

18:07:51.0540 0x22b4  E: <-> \Device\Harddisk0\DR0\Partition3

18:07:51.0556 0x22b4  ============================================================

18:07:51.0556 0x22b4  Initialize success

18:07:51.0556 0x22b4  ============================================================

18:08:01.0056 0x206c  ============================================================

18:08:01.0056 0x206c  Scan started

18:08:01.0056 0x206c  Mode: Manual;

18:08:01.0056 0x206c  ============================================================

18:08:01.0056 0x206c  KSN ping started

18:08:17.0337 0x206c  KSN ping finished: true

18:08:18.0212 0x206c  ================ Scan system memory ========================

18:08:18.0212 0x206c  System memory - ok

18:08:18.0228 0x206c  ================ Scan services =============================

18:08:18.0353 0x206c  Abiosdsk - ok

18:08:18.0384 0x206c  abp480n5 - ok

18:08:18.0431 0x206c  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:08:18.0478 0x206c  ACPI - ok

18:08:18.0743 0x206c  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

18:08:18.0743 0x206c  ACPIEC - ok

18:08:18.0806 0x206c  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

18:08:18.0837 0x206c  AdobeFlashPlayerUpdateSvc - ok

18:08:18.0868 0x206c  adpu160m - ok

18:08:18.0931 0x206c  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys

18:08:18.0946 0x206c  aec - ok

18:08:18.0993 0x206c  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

18:08:19.0009 0x206c  AFD - ok

18:08:19.0040 0x206c  Aha154x - ok

18:08:19.0071 0x206c  aic78u2 - ok

18:08:19.0103 0x206c  aic78xx - ok

18:08:19.0165 0x206c  [ 8B9CCDED592A52E9C27E862F11A29C4D, FB9FEAA4ECBA509BE4DF85511E84633BE405E479E66C7B4B476F20EA2936838C ] AIRPLUS         C:\WINDOWS\system32\DRIVERS\airplus.sys

18:08:19.0196 0x206c  AIRPLUS - ok

18:08:19.0275 0x206c  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

18:08:19.0290 0x206c  Alerter - ok

18:08:19.0337 0x206c  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe

18:08:19.0337 0x206c  ALG - ok

18:08:19.0368 0x206c  AliIde - ok

18:08:19.0400 0x206c  [ 8FCE268CDBDD83B23419D1F35F42C7B1, DF1A5097DC5B5C35427460E866E16ED25C3DDD9217065B26C3214A5674BE37DB ] AmdK7           C:\WINDOWS\system32\DRIVERS\amdk7.sys

18:08:19.0400 0x206c  AmdK7 - ok

18:08:19.0431 0x206c  amsint - ok

18:08:19.0525 0x206c  [ 20F6F19FE9E753F2780DC2FA083AD597, 5106F0F9BA8A7DE49260A9B13BF8EC45ACA6A166FA8B10B4F69C3BB54F6840A1 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

18:08:19.0525 0x206c  Apple Mobile Device - ok

18:08:19.0571 0x206c  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll

18:08:19.0587 0x206c  AppMgmt - ok

18:08:19.0618 0x206c  asc - ok

18:08:19.0650 0x206c  asc3350p - ok

18:08:19.0665 0x206c  asc3550 - ok

18:08:19.0743 0x206c  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

18:08:19.0775 0x206c  aspnet_state - ok

18:08:19.0821 0x206c  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:08:19.0821 0x206c  AsyncMac - ok

18:08:19.0868 0x206c  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

18:08:19.0868 0x206c  atapi - ok

18:08:19.0900 0x206c  Atdisk - ok

18:08:19.0931 0x206c  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:08:19.0946 0x206c  Atmarpc - ok

18:08:19.0993 0x206c  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

18:08:20.0009 0x206c  AudioSrv - ok

18:08:20.0056 0x206c  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

18:08:20.0071 0x206c  audstub - ok

18:08:20.0103 0x206c  [ 383D7AEC7F1A44B81F2069DB9EE5F313, 3C6BFBA33245C95B65999C73E9EA6861D47A5C50561E4B93DB59DFB361B8711D ] Avgdiskx        C:\WINDOWS\system32\DRIVERS\avgdiskx.sys

18:08:20.0134 0x206c  Avgdiskx - ok

18:08:20.0165 0x206c  [ 8BE661C16FBF84A73BCEC84B6B4A9DB5, 7C93BB50B6EDDEAABB149045A52BDAE5DD9262DC87EEE537D766714E793292C5 ] Avgfwdx         C:\WINDOWS\system32\DRIVERS\avgfwdx.sys

18:08:20.0165 0x206c  Avgfwdx - ok

18:08:20.0196 0x206c  [ 8BE661C16FBF84A73BCEC84B6B4A9DB5, 7C93BB50B6EDDEAABB149045A52BDAE5DD9262DC87EEE537D766714E793292C5 ] Avgfwfd         C:\WINDOWS\system32\DRIVERS\avgfwdx.sys

18:08:20.0196 0x206c  Avgfwfd - ok

18:08:20.0353 0x206c  [ E578BE6020D03900A2062778B6D52226, BCE022157B696FE21D95A4C4386264BF637803B0C32BB4DB5E9D8BA166D51F9A ] avgfws          C:\Program Files\AVG\AVG2014\avgfws.exe

18:08:20.0446 0x206c  avgfws - ok

18:08:20.0759 0x206c  [ 561CE09C52F6E945ED4CE7E173D1F542, 25FB1B55E22D4DF3B03B6D395B6C4749C03B950139767FA095C24234BD962782 ] AVGIDSAgent     C:\Program Files\AVG\AVG2014\avgidsagent.exe

18:08:21.0009 0x206c  AVGIDSAgent - ok

18:08:21.0118 0x206c  [ E76F8CDCC1BF9952D165CA5D90025730, 2A1AE74A25782C4407CA665FC5E3F15BD3F823E44DF0BB4103EDDEA70D81D887 ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys

18:08:21.0134 0x206c  AVGIDSDriver - ok

18:08:21.0165 0x206c  [ 486A27CBB8314577A92BEFF025D52345, EBAD1BF93E5246680018DC9B110D0FDAB40D11B730D23CA56ECB5F39C9B6E6D1 ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys

18:08:21.0196 0x206c  AVGIDSHX - ok

18:08:21.0228 0x206c  [ B650C4774CAB608AAC9C650312DA2CBB, 20F3041B1D69BFDCBEDBCB07965B5FC8AB28C4FC8822A0D975FB5850A299A913 ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys

18:08:21.0228 0x206c  AVGIDSShim - ok

18:08:21.0275 0x206c  [ B295472342FCD8E0D15FC099552BA89D, BDB6E0487DF37CDDFFC82F0C2BAF9A3F4FA67210AE9D76BD62499C4F6348EB19 ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys

18:08:21.0290 0x206c  Avgldx86 - ok

18:08:21.0353 0x206c  [ 624A328461D9A365C1B41BC2B8AA055E, FF8C99FFEF51F493525CDD875569165B69205F3008691B9DEE0029D04D0F7B55 ] Avglogx         C:\WINDOWS\system32\DRIVERS\avglogx.sys

18:08:21.0384 0x206c  Avglogx - ok

18:08:21.0415 0x206c  [ A7A3E71F9E4F6F93AEAE2B1A88A12FCB, 6724D7BEBC9F0504E794C395459B82486800D409D86E137AD9DE6A5B09DAFA19 ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

18:08:21.0431 0x206c  Avgmfx86 - ok

18:08:21.0478 0x206c  [ F2C626DD5CF3F2FACBBA053F465563EB, 15881EE4F08B713209C6088E148ECF2245349E3B99D266BFE60442DEEDB38F29 ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

18:08:21.0478 0x206c  Avgrkx86 - ok

18:08:21.0525 0x206c  [ 16EDEFD8D99936B2410D082A494D2E3F, B8D18E37FB931B67893F2B4F24D7B20BFC0AC4C45F5FBC5231B942A186D8B3EC ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys

18:08:21.0540 0x206c  Avgtdix - ok

18:08:21.0618 0x206c  [ E5C581D358B62CF65776B8E4E17B9E5C, 955E4ECFD036330B139476CCCC7564B082C197D5E7577853E0C3D7B707EDB090 ] avgwd           C:\Program Files\AVG\AVG2014\avgwdsvc.exe

18:08:21.0634 0x206c  avgwd - ok

18:08:21.0696 0x206c  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

18:08:21.0712 0x206c  Beep - ok

18:08:21.0775 0x206c  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll

18:08:21.0821 0x206c  BITS - ok

18:08:21.0915 0x206c  [ F832F1505AD8B83474BD9A5B1B985E01, 205D9F237DD50FDF84F57CC53476B5ADB218A03A8B68B017AFF7CBD0DCAC71C4 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

18:08:21.0946 0x206c  Bonjour Service - ok

18:08:22.0009 0x206c  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll

18:08:22.0009 0x206c  Browser - ok

18:08:22.0087 0x206c  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

18:08:22.0087 0x206c  cbidf2k - ok

18:08:22.0103 0x206c  cd20xrnt - ok

18:08:22.0150 0x206c  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

18:08:22.0150 0x206c  Cdaudio - ok

18:08:22.0196 0x206c  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

18:08:22.0212 0x206c  Cdfs - ok

18:08:22.0259 0x206c  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:08:22.0275 0x206c  Cdrom - ok

18:08:22.0290 0x206c  Changer - ok

18:08:22.0321 0x206c  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe

18:08:22.0321 0x206c  CiSvc - ok

18:08:22.0353 0x206c  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

18:08:22.0353 0x206c  ClipSrv - ok

18:08:22.0400 0x206c  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:08:22.0446 0x206c  clr_optimization_v2.0.50727_32 - ok

18:08:22.0509 0x206c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:08:22.0525 0x206c  clr_optimization_v4.0.30319_32 - ok

18:08:22.0556 0x206c  CmdIde - ok

18:08:22.0571 0x206c  COMSysApp - ok

18:08:22.0603 0x206c  Cpqarray - ok

18:08:22.0650 0x206c  [ 3C8B6609712F4FF78E521F6DCFC4032B, DFCFD5F2D35DDA25DD91B4D732BDF84D1526AB11084E22523D51ABB2A8608402 ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.exe

18:08:22.0665 0x206c  Creative Service for CDROM Access - ok

18:08:22.0696 0x206c  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

18:08:22.0696 0x206c  CryptSvc - ok

18:08:22.0743 0x206c  [ 8DB84DE3AAB34A8B4C2F644EFF41CD76, 02154E064651269EEF51BA6D68285A05E1552D3FFDCA97ED810EAEB26EAF4573 ] ctsfm2k         C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys

18:08:22.0759 0x206c  ctsfm2k - ok

18:08:22.0790 0x206c  dac2w2k - ok

18:08:22.0821 0x206c  dac960nt - ok

18:08:22.0900 0x206c  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

18:08:22.0946 0x206c  DcomLaunch - ok

18:08:22.0993 0x206c  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

18:08:23.0009 0x206c  Dhcp - ok

18:08:23.0040 0x206c  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

18:08:23.0040 0x206c  Disk - ok

18:08:23.0071 0x206c  dmadmin - ok

18:08:23.0165 0x206c  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

18:08:23.0228 0x206c  dmboot - ok

18:08:23.0275 0x206c  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

18:08:23.0306 0x206c  dmio - ok

18:08:23.0337 0x206c  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

18:08:23.0337 0x206c  dmload - ok

18:08:23.0384 0x206c  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll

18:08:23.0384 0x206c  dmserver - ok

18:08:23.0431 0x206c  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

18:08:23.0431 0x206c  DMusic - ok

18:08:23.0478 0x206c  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

18:08:23.0493 0x206c  Dnscache - ok

18:08:23.0540 0x206c  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

18:08:23.0540 0x206c  Dot3svc - ok

18:08:23.0571 0x206c  dpti2o - ok

18:08:23.0603 0x206c  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

18:08:23.0603 0x206c  drmkaud - ok

18:08:23.0650 0x206c  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll

18:08:23.0665 0x206c  EapHost - ok

18:08:23.0696 0x206c  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll

18:08:23.0712 0x206c  ERSvc - ok

18:08:23.0759 0x206c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe

18:08:23.0775 0x206c  Eventlog - ok

18:08:23.0821 0x206c  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll

18:08:23.0853 0x206c  EventSystem - ok

18:08:23.0931 0x206c  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

18:08:23.0962 0x206c  Fastfat - ok

18:08:24.0040 0x206c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

18:08:24.0056 0x206c  FastUserSwitchingCompatibility - ok

18:08:24.0087 0x206c  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys

18:08:24.0103 0x206c  Fdc - ok

18:08:24.0134 0x206c  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

18:08:24.0150 0x206c  Fips - ok

18:08:24.0181 0x206c  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys

18:08:24.0181 0x206c  Flpydisk - ok

18:08:24.0243 0x206c  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys

18:08:24.0275 0x206c  FltMgr - ok

18:08:24.0353 0x206c  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

18:08:24.0368 0x206c  FontCache3.0.0.0 - ok

18:08:24.0400 0x206c  [ E0087225B137E57239FF40F8AE82059B, A03EF9778F267EEBBAD8F72AC0E492872AF73BCA435CCF5C336A8475046B1672 ] fssfltr         C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys

18:08:24.0415 0x206c  fssfltr - ok

18:08:24.0540 0x206c  [ 45B52394F9624237F33A8A3D73C0B221, AC3E26F9D0E8A91164C54E87C9C8BFCF824A14C80D4CEF3255C6127A482F25FE ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe

18:08:24.0603 0x206c  fsssvc - ok

18:08:24.0634 0x206c  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:08:24.0650 0x206c  Fs_Rec - ok

18:08:24.0681 0x206c  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:08:24.0696 0x206c  Ftdisk - ok

18:08:24.0743 0x206c  [ 8182FF89C65E4D38B2DE4BB0FB18564E, 2ACFA64D48BF7D25641EC5819C8722144284B8A8E071BF297C1881B07EEAFE88 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

18:08:24.0759 0x206c  GEARAspiWDM - ok

18:08:24.0790 0x206c  Giraffic - ok

18:08:24.0821 0x206c  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:08:24.0837 0x206c  Gpc - ok

18:08:24.0900 0x206c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe

18:08:24.0900 0x206c  gupdate - ok

18:08:24.0931 0x206c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe

18:08:24.0946 0x206c  gupdatem - ok

18:08:25.0009 0x206c  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

18:08:25.0009 0x206c  helpsvc - ok

18:08:25.0040 0x206c  HidServ - ok

18:08:25.0087 0x206c  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

18:08:25.0087 0x206c  hkmsvc - ok

18:08:25.0118 0x206c  hpn - ok

18:08:25.0196 0x206c  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

18:08:25.0212 0x206c  HTTP - ok

18:08:25.0275 0x206c  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

18:08:25.0290 0x206c  HTTPFilter - ok

18:08:25.0306 0x206c  i2omgmt - ok

18:08:25.0337 0x206c  i2omp - ok

18:08:25.0368 0x206c  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

18:08:25.0384 0x206c  i8042prt - ok

18:08:25.0509 0x206c  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

18:08:25.0571 0x206c  idsvc - ok

18:08:25.0634 0x206c  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

18:08:25.0634 0x206c  Imapi - ok

18:08:25.0696 0x206c  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe

18:08:25.0696 0x206c  ImapiService - ok

18:08:25.0743 0x206c  ini910u - ok

18:08:25.0759 0x206c  IntelIde - ok

18:08:25.0806 0x206c  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

18:08:25.0821 0x206c  Ip6Fw - ok

18:08:25.0853 0x206c  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:08:25.0868 0x206c  IpFilterDriver - ok

18:08:25.0900 0x206c  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:08:25.0900 0x206c  IpInIp - ok

18:08:25.0962 0x206c  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:08:25.0978 0x206c  IpNat - ok

18:08:26.0087 0x206c  [ 9033D67B7112D23EDED6789BACDED128, F63BF5BAF62C1FA767BE7C3A9F44DBAACEA4B767B65A5DDA76666502CE2083AE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

18:08:26.0134 0x206c  iPod Service - ok

18:08:26.0196 0x206c  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:08:26.0212 0x206c  IPSec - ok

18:08:26.0243 0x206c  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

18:08:26.0243 0x206c  IRENUM - ok

18:08:26.0321 0x206c  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:08:26.0321 0x206c  isapnp - ok

18:08:26.0431 0x206c  [ 9ECF00E19736054E019C532AED8228FC, F5A64A8269EA3655BBD4850298F335C0BD30535258928ED7CE62A32A3363E60B ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe

18:08:26.0446 0x206c  JavaQuickStarterService - ok

18:08:26.0493 0x206c  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:08:26.0493 0x206c  Kbdclass - ok

18:08:26.0556 0x206c  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

18:08:26.0571 0x206c  kmixer - ok

18:08:26.0634 0x206c  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

18:08:26.0650 0x206c  KSecDD - ok

18:08:26.0696 0x206c  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll

18:08:26.0696 0x206c  LanmanServer - ok

18:08:26.0775 0x206c  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

18:08:26.0790 0x206c  lanmanworkstation - ok

18:08:26.0806 0x206c  lbrtfdc - ok

18:08:26.0884 0x206c  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

18:08:26.0884 0x206c  LmHosts - ok

18:08:26.0978 0x206c  [ FA2ED4A054360F3F873C15420F1F19CC, A69D9585F0502A1D9CD0220AADB4DEFAA835A02B867C7E5CAFC117AA5685687B ] ltmodem5        C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys

18:08:27.0040 0x206c  ltmodem5 - ok

18:08:27.0087 0x206c  [ 8683C1B450F4B3872839308D836E0F92, C6CEEEA780D2191AEAC2537FD96324FF5501D92CE46313FB95ABB51765D919ED ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys

18:08:27.0087 0x206c  MBAMProtector - ok

18:08:27.0259 0x206c  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

18:08:27.0400 0x206c  MBAMScheduler - ok

18:08:27.0525 0x206c  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

18:08:27.0587 0x206c  MBAMService - ok

18:08:27.0665 0x206c  [ 12E71DA845D76665B56753AD149E32B3, 0E403710CCBACD5AB85FD4C32AAB6CB2C27BC1F043E8008EE49EE96ECA944146 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

18:08:27.0681 0x206c  MBAMSwissArmy - ok

18:08:27.0775 0x206c  [ FD3AD5E1ECDAA94A89D6697F5C5465D6, 63DA8E601B90DA558F0B089E89DD559C3C930430270D85CACAC0C0C8D08E5BB2 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.1.121\McCHSvc.exe

18:08:27.0790 0x206c  McComponentHostService - ok

18:08:27.0837 0x206c  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

18:08:27.0853 0x206c  Messenger - ok

18:08:27.0915 0x206c  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

18:08:27.0915 0x206c  mnmdd - ok

18:08:27.0978 0x206c  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

18:08:27.0978 0x206c  mnmsrvc - ok

18:08:28.0040 0x206c  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

18:08:28.0040 0x206c  Modem - ok

18:08:28.0071 0x206c  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:08:28.0071 0x206c  Mouclass - ok

18:08:28.0118 0x206c  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

18:08:28.0118 0x206c  MountMgr - ok

18:08:28.0165 0x206c  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

18:08:28.0181 0x206c  MozillaMaintenance - ok

18:08:28.0196 0x206c  mraid35x - ok

18:08:28.0243 0x206c  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:08:28.0259 0x206c  MRxDAV - ok

18:08:28.0321 0x206c  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:08:28.0353 0x206c  MRxSmb - ok

18:08:28.0415 0x206c  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe

18:08:28.0431 0x206c  MSDTC - ok

18:08:28.0478 0x206c  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

18:08:28.0493 0x206c  Msfs - ok

18:08:28.0509 0x206c  MSIServer - ok

18:08:28.0571 0x206c  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:08:28.0571 0x206c  MSKSSRV - ok

18:08:28.0603 0x206c  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:08:28.0603 0x206c  MSPCLOCK - ok

18:08:28.0634 0x206c  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

18:08:28.0650 0x206c  MSPQM - ok

18:08:28.0712 0x206c  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:08:28.0712 0x206c  mssmbios - ok

18:08:28.0759 0x206c  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

18:08:28.0775 0x206c  Mup - ok

18:08:28.0853 0x206c  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll

18:08:28.0884 0x206c  napagent - ok

18:08:29.0040 0x206c  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

18:08:29.0056 0x206c  NDIS - ok

18:08:29.0087 0x206c  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:08:29.0087 0x206c  NdisTapi - ok

18:08:29.0134 0x206c  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:08:29.0150 0x206c  Ndisuio - ok

18:08:29.0181 0x206c  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:08:29.0196 0x206c  NdisWan - ok

18:08:29.0228 0x206c  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

18:08:29.0243 0x206c  NDProxy - ok

18:08:29.0275 0x206c  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

18:08:29.0275 0x206c  NetBIOS - ok

18:08:29.0321 0x206c  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

18:08:29.0353 0x206c  NetBT - ok

18:08:29.0415 0x206c  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe

18:08:29.0431 0x206c  NetDDE - ok

18:08:29.0478 0x206c  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

18:08:29.0478 0x206c  NetDDEdsdm - ok

18:08:29.0525 0x206c  nethfdrv - ok

18:08:29.0618 0x206c  [ F29EF68E7B7AC4005761D626472E6D70, 17FD677E5A5549D7FA1E4749CE06658FF40E17130EB6AA4F5F3E56A076397E9A ] NetHttpService  C:\WINDOWS\system32\nethtsrv.exe

18:08:29.0634 0x206c  NetHttpService - ok

18:08:29.0681 0x206c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe

18:08:29.0681 0x206c  Netlogon - ok

18:08:29.0728 0x206c  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll

18:08:29.0743 0x206c  Netman - ok

18:08:29.0806 0x206c  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

18:08:29.0821 0x206c  NetTcpPortSharing - ok

18:08:29.0900 0x206c  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll

18:08:29.0931 0x206c  Nla - ok

18:08:29.0978 0x206c  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

18:08:29.0978 0x206c  Npfs - ok

18:08:30.0056 0x206c  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

18:08:30.0103 0x206c  Ntfs - ok

18:08:30.0150 0x206c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

18:08:30.0150 0x206c  NtLmSsp - ok

18:08:30.0212 0x206c  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

18:08:30.0275 0x206c  NtmsSvc - ok

18:08:30.0321 0x206c  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys

18:08:30.0321 0x206c  Null - ok

18:08:30.0384 0x206c  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:08:30.0384 0x206c  NwlnkFlt - ok

18:08:30.0415 0x206c  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:08:30.0415 0x206c  NwlnkFwd - ok

18:08:30.0462 0x206c  [ 103A9B117A7D9903111955CDAFE65AC6, 06060CA6036F757ABB6C9CFD8376D70996E80ACC7896896DD426AEA0786E2B15 ] ossrv           C:\WINDOWS\system32\DRIVERS\ctoss2k.sys

18:08:30.0478 0x206c  ossrv - ok

18:08:30.0603 0x206c  [ 1DB419CB76493F6292CCFBDC3466F5FF, 28C12CA350FA9D33C31AC03F8EB6A7075E5CC3D45EDC083BFC2DE0C3C89185E2 ] P17             C:\WINDOWS\system32\drivers\P17.sys

18:08:30.0728 0x206c  P17 - ok

18:08:30.0775 0x206c  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

18:08:30.0790 0x206c  Parport - ok

18:08:30.0837 0x206c  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

18:08:30.0837 0x206c  PartMgr - ok

18:08:30.0868 0x206c  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

18:08:30.0868 0x206c  ParVdm - ok

18:08:30.0915 0x206c  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

18:08:30.0915 0x206c  PCI - ok

18:08:30.0946 0x206c  PCIDump - ok

18:08:30.0978 0x206c  PCIIde - ok

18:08:31.0040 0x206c  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

18:08:31.0040 0x206c  Pcmcia - ok

18:08:31.0087 0x206c  PDCOMP - ok

18:08:31.0103 0x206c  PDFRAME - ok

18:08:31.0134 0x206c  PDRELI - ok

18:08:31.0165 0x206c  PDRFRAME - ok

18:08:31.0196 0x206c  perc2 - ok

18:08:31.0228 0x206c  perc2hib - ok

18:08:31.0321 0x206c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe

18:08:31.0321 0x206c  PlugPlay - ok

18:08:31.0353 0x206c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

18:08:31.0353 0x206c  PolicyAgent - ok

18:08:31.0384 0x206c  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:08:31.0415 0x206c  PptpMiniport - ok

18:08:31.0446 0x206c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

18:08:31.0446 0x206c  ProtectedStorage - ok

18:08:31.0478 0x206c  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

18:08:31.0493 0x206c  PSched - ok

18:08:31.0525 0x206c  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:08:31.0525 0x206c  Ptilink - ok

18:08:31.0571 0x206c  [ D86B4A68565E444D76457F14172C875A, 06B1CF81A62B3DAA8D0C5A8B88C56A504DE8E9278C520F754AF363A6676C58B0 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys

18:08:31.0587 0x206c  PxHelp20 - ok

18:08:31.0618 0x206c  ql1080 - ok

18:08:31.0650 0x206c  Ql10wnt - ok

18:08:31.0681 0x206c  ql12160 - ok

18:08:31.0696 0x206c  ql1240 - ok

18:08:31.0728 0x206c  ql1280 - ok

18:08:31.0759 0x206c  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:08:31.0759 0x206c  RasAcd - ok

18:08:31.0821 0x206c  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll

18:08:31.0821 0x206c  RasAuto - ok

18:08:31.0868 0x206c  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:08:31.0868 0x206c  Rasl2tp - ok

18:08:31.0931 0x206c  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll

18:08:31.0946 0x206c  RasMan - ok

18:08:31.0978 0x206c  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:08:31.0993 0x206c  RasPppoe - ok

18:08:32.0009 0x206c  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

18:08:32.0025 0x206c  Raspti - ok

18:08:32.0056 0x206c  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:08:32.0071 0x206c  Rdbss - ok

18:08:32.0118 0x206c  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:08:32.0118 0x206c  RDPCDD - ok

18:08:32.0181 0x206c  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

18:08:32.0196 0x206c  rdpdr - ok

18:08:32.0259 0x206c  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

18:08:32.0275 0x206c  RDPWD - ok

18:08:32.0337 0x206c  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

18:08:32.0353 0x206c  RDSessMgr - ok

18:08:32.0415 0x206c  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

18:08:32.0415 0x206c  RealNetworks Downloader Resolver Service - ok

18:08:32.0462 0x206c  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

18:08:32.0462 0x206c  redbook - ok

18:08:32.0525 0x206c  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

18:08:32.0525 0x206c  RemoteAccess - ok

18:08:32.0571 0x206c  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

18:08:32.0587 0x206c  RemoteRegistry - ok

18:08:32.0634 0x206c  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe

18:08:32.0634 0x206c  RpcLocator - ok

18:08:32.0696 0x206c  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll

18:08:32.0728 0x206c  RpcSs - ok

18:08:32.0790 0x206c  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe

18:08:32.0806 0x206c  RSVP - ok

18:08:32.0853 0x206c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe

18:08:32.0853 0x206c  SamSs - ok

18:08:32.0915 0x206c  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

18:08:32.0931 0x206c  SCardSvr - ok

18:08:32.0993 0x206c  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll

18:08:33.0009 0x206c  Schedule - ok

18:08:33.0056 0x206c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:08:33.0056 0x206c  Secdrv - ok

18:08:33.0118 0x206c  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll

18:08:33.0118 0x206c  seclogon - ok

18:08:33.0150 0x206c  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll

18:08:33.0150 0x206c  SENS - ok

18:08:33.0181 0x206c  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

18:08:33.0196 0x206c  serenum - ok

18:08:33.0228 0x206c  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

18:08:33.0228 0x206c  Serial - ok

18:08:33.0384 0x206c  [ BECB34DBF204F6DC9C6242C87800A166, 5722A1291CB5FC26D3399533BDE7F054516E29D3B6E5576344B9A4F51330ED70 ] ServiceUpdater  C:\WINDOWS\system32\netupdsrv.exe

18:08:33.0400 0x206c  ServiceUpdater - ok

18:08:33.0446 0x206c  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

18:08:33.0446 0x206c  Sfloppy - ok

18:08:33.0525 0x206c  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

18:08:33.0556 0x206c  SharedAccess - ok

18:08:33.0634 0x206c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

18:08:33.0634 0x206c  ShellHWDetection - ok

18:08:33.0665 0x206c  Simbad - ok

18:08:34.0009 0x206c  [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

18:08:34.0259 0x206c  Skype C2C Service - ok

18:08:34.0353 0x206c  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe

18:08:34.0368 0x206c  SkypeUpdate - ok

18:08:34.0415 0x206c  Sparrow - ok

18:08:34.0478 0x206c  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

18:08:34.0478 0x206c  splitter - ok

18:08:34.0525 0x206c  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

18:08:34.0540 0x206c  Spooler - ok

18:08:34.0587 0x206c  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

18:08:34.0603 0x206c  sr - ok

18:08:34.0650 0x206c  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll

18:08:34.0665 0x206c  srservice - ok

18:08:34.0743 0x206c  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

18:08:34.0790 0x206c  Srv - ok

18:08:34.0837 0x206c  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

18:08:34.0853 0x206c  SSDPSRV - ok

18:08:34.0915 0x206c  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

18:08:34.0946 0x206c  stisvc - ok

18:08:35.0009 0x206c  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

18:08:35.0009 0x206c  swenum - ok

18:08:35.0056 0x206c  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

18:08:35.0071 0x206c  swmidi - ok

18:08:35.0087 0x206c  SwPrv - ok

18:08:35.0118 0x206c  symc810 - ok

18:08:35.0150 0x206c  symc8xx - ok

18:08:35.0165 0x206c  sym_hi - ok

18:08:35.0196 0x206c  sym_u3 - ok

18:08:35.0243 0x206c  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

18:08:35.0243 0x206c  sysaudio - ok

18:08:35.0290 0x206c  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

18:08:35.0306 0x206c  SysmonLog - ok

18:08:35.0353 0x206c  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

18:08:35.0368 0x206c  TapiSrv - ok

18:08:35.0446 0x206c  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:08:35.0493 0x206c  Tcpip - ok

18:08:35.0556 0x206c  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

18:08:35.0571 0x206c  TDPIPE - ok

18:08:35.0603 0x206c  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

18:08:35.0603 0x206c  TDTCP - ok

18:08:35.0650 0x206c  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

18:08:35.0665 0x206c  TermDD - ok

18:08:35.0712 0x206c  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll

18:08:35.0743 0x206c  TermService - ok

18:08:35.0806 0x206c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll

18:08:35.0821 0x206c  Themes - ok

18:08:35.0884 0x206c  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe

18:08:35.0884 0x206c  TlntSvr - ok

18:08:35.0915 0x206c  TosIde - ok

18:08:35.0962 0x206c  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll

18:08:35.0978 0x206c  TrkWks - ok

18:08:36.0040 0x206c  [ D85938F272D1BCF3DB3A31FC0A048928, 798328C8C06EEE7B0852E6D2B16C3AF24D529737ECA2E9725415261A5736D051 ] uagp35          C:\WINDOWS\system32\DRIVERS\uagp35.sys

18:08:36.0040 0x206c  uagp35 - ok

18:08:36.0103 0x206c  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

18:08:36.0103 0x206c  Udfs - ok

18:08:36.0134 0x206c  ultra - ok

18:08:36.0212 0x206c  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

18:08:36.0259 0x206c  Update - ok

18:08:36.0306 0x206c  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll

18:08:36.0337 0x206c  upnphost - ok

18:08:36.0368 0x206c  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe

18:08:36.0384 0x206c  UPS - ok

18:08:36.0415 0x206c  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:08:36.0415 0x206c  usbehci - ok

18:08:36.0462 0x206c  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:08:36.0478 0x206c  usbhub - ok

18:08:36.0525 0x206c  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:08:36.0525 0x206c  usbprint - ok

18:08:36.0587 0x206c  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

18:08:36.0603 0x206c  usbscan - ok

18:08:36.0665 0x206c  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:08:36.0665 0x206c  USBSTOR - ok

18:08:36.0696 0x206c  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys

18:08:36.0696 0x206c  usbuhci - ok

18:08:36.0728 0x206c  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

18:08:36.0728 0x206c  VgaSave - ok

18:08:36.0790 0x206c  [ 0CC705DB634A3BC355887E3D478DD386, 8F2989733C7806725F1FD2EC7D155210BCBB9FD23FBEDB79B8CCE76A666068B1 ] viagfx          C:\WINDOWS\system32\DRIVERS\vtmini.sys

18:08:36.0806 0x206c  viagfx - ok

18:08:36.0837 0x206c  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys

18:08:36.0837 0x206c  ViaIde - ok

18:08:36.0900 0x206c  [ F95C0FCFBCBDA6D8F202D2DF4052F88D, 976FC7EE44C588648D373B900647D861C3F8D4394A9BE9CCD6277678D950D23E ] videX32         C:\WINDOWS\system32\DRIVERS\videX32.sys

18:08:36.0900 0x206c  videX32 - ok

18:08:36.0946 0x206c  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

18:08:36.0962 0x206c  VolSnap - ok

18:08:37.0040 0x206c  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe

18:08:37.0103 0x206c  VSS - ok

18:08:37.0306 0x206c  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll

18:08:37.0321 0x206c  W32Time - ok

18:08:37.0368 0x206c  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:08:37.0368 0x206c  Wanarp - ok

18:08:37.0400 0x206c  WDICA - ok

18:08:37.0446 0x206c  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

18:08:37.0446 0x206c  wdmaud - ok

18:08:37.0493 0x206c  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll

18:08:37.0493 0x206c  WebClient - ok

18:08:37.0587 0x206c  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

18:08:37.0603 0x206c  winmgmt - ok

18:08:37.0681 0x206c  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll

18:08:37.0696 0x206c  WmdmPmSN - ok

18:08:37.0775 0x206c  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll

18:08:37.0821 0x206c  Wmi - ok

18:08:37.0900 0x206c  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

18:08:37.0915 0x206c  WmiApSrv - ok

18:08:38.0056 0x206c  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe

18:08:38.0118 0x206c  WMPNetworkSvc - ok

18:08:38.0478 0x206c  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

18:08:38.0837 0x206c  WPFFontCache_v0400 - ok

18:08:38.0915 0x206c  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys

18:08:38.0931 0x206c  WS2IFSL - ok

18:08:39.0025 0x206c  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

18:08:39.0025 0x206c  wscsvc - ok

18:08:39.0103 0x206c  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

18:08:39.0103 0x206c  wuauserv - ok

18:08:39.0150 0x206c  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys

18:08:39.0165 0x206c  WudfPf - ok

18:08:39.0228 0x206c  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys

18:08:39.0243 0x206c  WudfRd - ok

18:08:39.0368 0x206c  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll

18:08:39.0368 0x206c  WudfSvc - ok

18:08:39.0493 0x206c  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

18:08:39.0603 0x206c  WZCSVC - ok

18:08:39.0696 0x206c  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

18:08:39.0728 0x206c  xmlprov - ok

18:08:39.0946 0x206c  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

18:08:40.0118 0x206c  YahooAUService - ok

18:08:40.0165 0x206c  ================ Scan global ===============================

18:08:40.0243 0x206c  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll

18:08:40.0384 0x206c  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

18:08:40.0540 0x206c  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

18:08:40.0696 0x206c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe

18:08:40.0728 0x206c  [ Global ] - ok

18:08:40.0728 0x206c  ================ Scan MBR ==================================

18:08:40.0775 0x206c  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

18:08:41.0634 0x206c  \Device\Harddisk0\DR0 - ok

18:08:41.0650 0x206c  ================ Scan VBR ==================================

18:08:41.0665 0x206c  [ 7F4516A18A888BDCF03370DF18963AF1 ] \Device\Harddisk0\DR0\Partition1

18:08:41.0712 0x206c  \Device\Harddisk0\DR0\Partition1 - ok

18:08:41.0759 0x206c  [ 5AA44583E2CDE75FC7A95DA5EA63C5A7 ] \Device\Harddisk0\DR0\Partition2

18:08:41.0853 0x206c  \Device\Harddisk0\DR0\Partition2 - ok

18:08:41.0884 0x206c  [ 332AE90E8CC28ED325D35356B154608F ] \Device\Harddisk0\DR0\Partition3

18:08:41.0978 0x206c  \Device\Harddisk0\DR0\Partition3 - ok

18:08:41.0993 0x206c  ================ Scan generic autorun ======================

18:08:42.0728 0x206c  [ C8F0DCA0E032881B6C4422B502194629, 32996D4C0578FA9A12F3BD205F69E5357A31FBD2C9AC47DA2AB8D77196E587B1 ] C:\Program Files\AVG\AVG2014\avgui.exe

18:08:43.0212 0x206c  AVG_UI - ok

18:08:43.0400 0x206c  [ 0AEE5668EB59912F32FF245BFA72465F, 653978E365B0E72D34E8B3ED1BFCF0237B70B41396BD70EBBBEDB31AFD77857B ] C:\Program Files\QuickTime\qttask.exe

18:08:43.0446 0x206c  QuickTime Task - ok

18:08:43.0540 0x206c  [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Program Files\Real\RealPlayer\update\realsched.exe

18:08:43.0556 0x206c  TkBellExe - ok

18:08:43.0618 0x206c  [ BDAC25C2856964ACCD58ACFF5F0E1521, 7C9CDC434AB3D85F53305DCF0E1084D8BCFC40C5E4A0D551A1E3B426F5199E45 ] C:\Program Files\Optimizer Pro\OptProLauncher.exe

18:08:43.0634 0x206c  Optimizer Pro - ok

18:08:43.0665 0x206c  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe

18:08:43.0665 0x206c  ctfmon.exe - ok

18:08:43.0712 0x206c  Skype - ok

18:08:43.0821 0x206c  [ 345B1798395CEA9C178AFF1784FA2A37, 6C2F784A548758290981BEC50FBA81D745B499E2B94A86DA7873C8D3D50889AE ] C:\Program Files\Google\Chrome\Application\chrome.exe

18:08:43.0868 0x206c  GoogleChromeAutoLaunch_2867ED7F116233EC13A484E7A86056EA - ok

18:08:43.0993 0x206c  [ A91F22603C71D37310B828969C6FCD66, 675B0AB51ACF36E4B8E7502E2F756780F7862038005FF61B657A8FDF3EA0E3E6 ] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe

18:08:44.0103 0x206c  FlashPlayerUpdate - ok

18:08:44.0118 0x206c  Waiting for KSN requests completion. In queue: 196

18:08:45.0118 0x206c  Waiting for KSN requests completion. In queue: 196

18:08:46.0118 0x206c  Waiting for KSN requests completion. In queue: 7

18:08:47.0118 0x206c  Have new async UDS detects: 2

18:08:47.0118 0x206c  NetHttpService - detected UDS:DangerousObject.Multi.Generic ( 0 )

18:08:47.0259 0x206c  NetHttpService ( UDS:DangerousObject.Multi.Generic ) - infected

18:08:47.0259 0x206c  Force sending object to P2P due to detect: NetHttpService

18:08:50.0056 0x206c  Object send P2P result: true

18:08:52.0587 0x206c  ServiceUpdater - detected UDS:DangerousObject.Multi.Generic ( 0 )

18:08:52.0587 0x206c  ServiceUpdater ( UDS:DangerousObject.Multi.Generic ) - infected

18:08:52.0587 0x206c  Force sending object to P2P due to detect: ServiceUpdater

18:08:55.0321 0x206c  Object send P2P result: true

18:08:58.0884 0x206c  AV detected via SS1: AVG Internet Security 2014, 2014.0, enabled, updated

18:08:58.0900 0x206c  FW detected via SS1: AVG Internet Security 2014, 2014.0, enabled

18:09:01.0493 0x206c  ============================================================

18:09:01.0493 0x206c  Scan finished

18:09:01.0493 0x206c  ============================================================

18:09:01.0525 0x1b98  Detected object count: 2

18:09:01.0525 0x1b98  Actual detected object count: 2

18:09:07.0400 0x1b98  NetHttpService ( UDS:DangerousObject.Multi.Generic ) - skipped by user

18:09:07.0400 0x1b98  NetHttpService ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip

18:09:07.0400 0x1b98  ServiceUpdater ( UDS:DangerousObject.Multi.Generic ) - skipped by user

18:09:07.0415 0x1b98  ServiceUpdater ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip



#4 Houka

Houka
  • Topic Starter

  • Members
  • 112 posts
  • OFFLINE
  •  
  • Local time:01:31 PM

Posted 04 July 2014 - 10:49 PM

# AdwCleaner v3.214 - Report created 04/07/2014 at 18:18:11

# Updated 29/06/2014 by Xplode

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

# Username : Andrew Teifke - ATEIFKE

# Running from : C:\Documents and Settings\Andrew Teifke\Desktop\AdwCleaner(1).exe

# Option : Clean

 

***** [ Services ] *****

 

Service Deleted : nethfdrv

Service Deleted : NethxxpService

Service Deleted : ServiceUpdater

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\Program Files\Conduit

Folder Deleted : C:\Program Files\GreenTree Applications

Folder Deleted : C:\Program Files\MyPC Backup

Folder Deleted : C:\Program Files\Optimizer Pro

Folder Deleted : C:\Program Files\SearchProtect

Folder Deleted : C:\Program Files\VisualBee

Folder Deleted : C:\Program Files\VisualBee_V.1

Folder Deleted : C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Browsersafeguard

Folder Deleted : C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Conduit

Folder Deleted : C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\emaze

Folder Deleted : C:\Documents and Settings\Andrew Teifke\Application Data\Optimizer Pro

Folder Deleted : C:\Documents and Settings\Andrew Teifke\Application Data\SearchProtect

Folder Deleted : C:\Documents and Settings\Andrew Teifke\Application Data\Mozilla\Firefox\Profiles\tqhs93iu.default-1380246648531\Extensions\67314b39-24e6-4f05-99f3-3f88c7cddd17@6c5fa560-13a3-4d42-8e90-53d9930111f9.com

[!] Folder Deleted : C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp

[!] Folder Deleted : C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kmkdohofefokfmbnlbgebdapndacfklg

[!] Folder Deleted : C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gllbdihjlcikdkimpponkfggdpjnhngg

[!] Folder Deleted : C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nlndmljfcnlkbcbbneenigbpikmdfcdh

[!] Folder Deleted : C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmaikkamgfhkjbadgihldfmkpngkhgbb

File Deleted : C:\END

File Deleted : C:\WINDOWS\system32\hfpapi.dll

File Deleted : C:\WINDOWS\system32\installd.exe

File Deleted : C:\WINDOWS\system32\nethtsrv.exe

File Deleted : C:\WINDOWS\system32\netupdsrv.exe

File Deleted : C:\Program Files\Mozilla Firefox\browser\nsprotector.js

File Deleted : C:\Documents and Settings\Administrator.ATEIFKE\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

File Deleted : C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage

File Deleted : C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal

File Deleted : C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage

File Deleted : C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

File Deleted : C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage

File Deleted : C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal

File Deleted : C:\WINDOWS\Tasks\VisualBee-enabler.job

File Deleted : C:\WINDOWS\Tasks\VisualBee-chromeinstaller.job

File Deleted : C:\WINDOWS\Tasks\VisualBee-codedownloader.job

File Deleted : C:\WINDOWS\Tasks\VisualBee-firefoxinstaller.job

File Deleted : C:\WINDOWS\Tasks\VisualBee-updater.job

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk

Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp

Key Deleted : HKCU\Software\Google\Chrome\Extensions\gllbdihjlcikdkimpponkfggdpjnhngg

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gllbdihjlcikdkimpponkfggdpjnhngg

Key Deleted : HKCU\Software\Google\Chrome\Extensions\nlndmljfcnlkbcbbneenigbpikmdfcdh

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nlndmljfcnlkbcbbneenigbpikmdfcdh

Key Deleted : HKCU\Software\Google\Chrome\Extensions\nmaikkamgfhkjbadgihldfmkpngkhgbb

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nmaikkamgfhkjbadgihldfmkpngkhgbb

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\MyPC Backup

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]

Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7AEAE561-714B-45F6-ACE3-4A8AED6E227B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AEAE561-714B-45F6-ACE3-4A8AED6E227B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58674913-6cc4-4013-a85a-23936a49d200}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58d47cab-b4c8-4b4f-a901-36dd1d8cd7a9}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5b106c29-1aaa-4d0d-b531-2e4276217684}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7d488b34-6f42-44d7-9dac-7cef6a799db5}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d9db7391-61ed-426e-9cb2-e8e352981587}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7AEAE561-714B-45F6-ACE3-4A8AED6E227B}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7AEAE561-714B-45F6-ACE3-4A8AED6E227B}]

Key Deleted : HKCU\Software\BrowserSafeguardInstalled

Key Deleted : HKCU\Software\CompeteInc

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\installedbrowserextensions

Key Deleted : HKCU\Software\Optimizer Pro

Key Deleted : HKCU\Software\SearchProtect

Key Deleted : HKCU\Software\SmartBar

Key Deleted : HKCU\Software\visualbee

Key Deleted : HKCU\Software\VisualBee_V.1

Key Deleted : HKLM\Software\CompeteInc

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\SearchProtect

Key Deleted : HKLM\Software\Speedchecker Limited

Key Deleted : HKLM\Software\visualbee

Key Deleted : HKLM\Software\VisualBee_V.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v8.0.6001.18702

 

 

-\\ Mozilla Firefox v30.0 (en-US)

 

[ File : C:\Documents and Settings\Andrew Teifke\Application Data\Mozilla\Firefox\Profiles\tqhs93iu.default-1380246648531\prefs.js ]

 

Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3268494&octid=CT3268494&SearchSource=61&CUI=UN14389951502811656&UM=2&UP=SPC0231CD8-1A2C-41E7-A838-B4EDD07BB990");

Line Deleted : user_pref("extensions.crossrider.bic", "1415ff0299cc8fbb3520892a6e2b34db");

Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3268494&octid=CT3268494&SearchSource=61&CUI=UN14389951502811656&UM=2&UP=SPC0231CD8-1A2C-41E7-A838-B4EDD07BB990");

 

-\\ Google Chrome v34.0.1847.137

 

[ File : C:\Documents and Settings\Administrator.ATEIFKE\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

 

Deleted [Extension] : gllbdihjlcikdkimpponkfggdpjnhngg

Deleted [Extension] : kmkdohofefokfmbnlbgebdapndacfklg

Deleted [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp

Deleted [Extension] : nlndmljfcnlkbcbbneenigbpikmdfcdh

Deleted [Extension] : nmaikkamgfhkjbadgihldfmkpngkhgbb

 

*************************

 

AdwCleaner[R0].txt - [14353 octets] - [04/07/2014 18:13:55]

AdwCleaner[S0].txt - [14189 octets] - [04/07/2014 18:18:11]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14250 octets] ##########

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.3 (03.23.2014:1)

OS: Microsoft Windows XP x86

Ran by Andrew Teifke on Fri 07/04/2014 at 18:58:04.46

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\strongvault

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7561261EA855B284BA87796570DE5642

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E2A90BB5-E74B-4C1E-AADA-D8574FEA38FA}

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\ytd video downloader"

Successfully deleted: [Folder] "C:\Documents and Settings\Andrew Teifke\Application Data\ytd"

Successfully deleted: [Folder] "C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\cre"

Successfully deleted: [Folder] "C:\Program Files\strongvault online backup"

Successfully deleted: [Folder] "C:\WINDOWS\system32\ai_recyclebin"

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Fri 07/04/2014 at 19:16:30.12

Computer was rebooted

End of JRT log

 

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000363.exe            Win32/Amonetize.AZ potentially unwanted application 

C:\TDSSKiller_Quarantine\04.07.2013_00.18.08\mbr0000\tdlfs0000\tsk0001.dta       a variant of Win32/Olmarik.AYI trojan  

C:\TDSSKiller_Quarantine\04.07.2013_00.18.08\mbr0000\tdlfs0000\tsk0002.dta       Win64/Olmarik.BC trojan        

C:\TDSSKiller_Quarantine\04.07.2013_00.18.08\mbr0000\tdlfs0000\tsk0003.dta       a variant of Win32/Rootkit.Kryptik.LA trojan        

C:\TDSSKiller_Quarantine\04.07.2013_00.18.08\mbr0000\tdlfs0000\tsk0004.dta       Win64/Olmarik.AK trojan       

C:\TDSSKiller_Quarantine\04.07.2013_00.18.08\mbr0000\tdlfs0000\tsk0008.dta       Win32/Olmarik.AFK trojan     

C:\TDSSKiller_Quarantine\04.07.2013_00.18.08\mbr0000\tdlfs0000\tsk0009.dta       Win64/Olmarik.AK trojan       

C:\TDSSKiller_Quarantine\04.07.2013_00.18.08\mbr0000\tdlfs0000\tsk0012.dta       Win32/Olmarik.AYI trojan      

C:\TDSSKiller_Quarantine\04.07.2013_00.18.08\mbr0000\tdlfs0000\tsk0013.dta       a variant of Win32/Olmarik.AYZ trojan  

C:\TDSSKiller_Quarantine\04.07.2013_01.04.31\tdlfs0000\tsk0001.dta          a variant of Win32/Olmarik.AYI trojan

C:\TDSSKiller_Quarantine\04.07.2013_01.04.31\tdlfs0000\tsk0002.dta          Win64/Olmarik.BC trojan        

C:\TDSSKiller_Quarantine\04.07.2013_01.04.31\tdlfs0000\tsk0003.dta          a variant of Win32/Rootkit.Kryptik.LA trojan  

C:\TDSSKiller_Quarantine\04.07.2013_01.04.31\tdlfs0000\tsk0004.dta          Win64/Olmarik.AK trojan       

C:\TDSSKiller_Quarantine\04.07.2013_01.04.31\tdlfs0000\tsk0008.dta          Win32/Olmarik.AFK trojan     

C:\TDSSKiller_Quarantine\04.07.2013_01.04.31\tdlfs0000\tsk0009.dta          Win64/Olmarik.AK trojan       

C:\TDSSKiller_Quarantine\04.07.2013_01.04.31\tdlfs0000\tsk0012.dta          Win32/Olmarik.AYI trojan      

C:\TDSSKiller_Quarantine\04.07.2013_01.04.31\tdlfs0000\tsk0013.dta          a variant of Win32/Olmarik.AYZ trojan           

C:\TDSSKiller_Quarantine\04.07.2014_18.00.01\uds0000\svc0000\tsk0000.dta         Win32/Amonetize.AZ potentially unwanted application   

C:\TDSSKiller_Quarantine\04.07.2014_18.00.01\uds0001\svc0000\tsk0000.dta         Win32/Amonetize.AZ potentially unwanted application   

C:\WINDOWS\Installer\10293f1c.msi a variant of Win32/Toolbar.Widgi potentially unwanted application       

C:\WINDOWS\Installer\226f788.msi   probably a variant of Win32/Toolbar.Widgi potentially unwanted application     

C:\WINDOWS\system32\hfnapi.dll      Win32/RiskWare.NetFilter.B application         

C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater\temp\~wt1A4D.tmp        a variant of Win32/Toolbar.Widgi.B potentially unwanted application         

C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater\temp\~wt37.tmp a variant of Win32/Toolbar.Widgi.B potentially unwanted application         

C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater\temp\~wt45.tmp a variant of Win32/Toolbar.Widgi.B potentially unwanted application         

C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater\temp\~wt4C26.tmp         a variant of Win32/Toolbar.Widgi.B potentially unwanted application         

C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater\temp\~wt53CF.tmp        a variant of Win32/Toolbar.Widgi.B potentially unwanted application         

C:\WINDOWS\system32\config\systemprofile\Application Data\Application Updater\temp\~wt57E2.tmp         a variant of Win32/Toolbar.Widgi.B potentially unwanted application         

C:\AdwCleaner\Quarantine\C\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gllbdihjlcikdkimpponkfggdpjnhngg\10.31.4.510_0\APISupport\APISupport.dll.vir       a variant of Win32/Conduit.SearchProtect.P potentially unwanted application          deleted - quarantined

C:\AdwCleaner\Quarantine\C\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gllbdihjlcikdkimpponkfggdpjnhngg\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir  a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gllbdihjlcikdkimpponkfggdpjnhngg\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir       a variant of Win32/Conduit.SearchProtect.N potentially unwanted application         deleted - quarantined

C:\AdwCleaner\Quarantine\C\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kmkdohofefokfmbnlbgebdapndacfklg\1.26.151_1\extensionData\plugins\91_monetizationLoader.js.js.vir    JS/Toolbar.Crossrider.B potentially unwanted application          deleted - quarantined

C:\AdwCleaner\Quarantine\C\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nlndmljfcnlkbcbbneenigbpikmdfcdh\10.31.4.510_0\APISupport\APISupport.dll.vir      a variant of Win32/Conduit.SearchProtect.P potentially unwanted application          deleted - quarantined

C:\AdwCleaner\Quarantine\C\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nlndmljfcnlkbcbbneenigbpikmdfcdh\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir            a variant of Win32/Toolbar.Conduit.AH potentially unwanted application           deleted - quarantined

C:\AdwCleaner\Quarantine\C\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nlndmljfcnlkbcbbneenigbpikmdfcdh\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir      a variant of Win32/Conduit.SearchProtect.N potentially unwanted application         deleted - quarantined

C:\AdwCleaner\Quarantine\C\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmaikkamgfhkjbadgihldfmkpngkhgbb\10.31.4.510_0\APISupport\APISupport.dll.vir  a variant of Win32/Conduit.SearchProtect.P potentially unwanted application          deleted - quarantined

C:\AdwCleaner\Quarantine\C\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmaikkamgfhkjbadgihldfmkpngkhgbb\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir            a variant of Win32/Toolbar.Conduit.AH potentially unwanted application           deleted - quarantined

C:\AdwCleaner\Quarantine\C\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmaikkamgfhkjbadgihldfmkpngkhgbb\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir  a variant of Win32/Conduit.SearchProtect.N potentially unwanted application         deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files\Conduit\CT3268494\plugins\TBVerifier.dll.vir       Win32/Toolbar.Conduit.AC potentially unwanted application            deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files\Conduit\CT3298567\plugins\TBVerifier.dll.vir       Win32/Toolbar.Conduit.AC potentially unwanted application            deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files\Mozilla Firefox\browser\nsprotector.js.vir Win32/Conduit.SearchProtect.A potentially unwanted application            deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files\VisualBee\33906.crx.vir   JS/Toolbar.Crossrider.A potentially unwanted application        deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files\VisualBee\utils.exe.vir       Win32/Packed.ScrambleWrapper.C potentially unwanted application    deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files\VisualBee\VisualBee-bg.exe.vir    a variant of Win32/Toolbar.CrossRider.H potentially unwanted application            deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files\VisualBee\VisualBee-buttonutil.dll.vir        probably a variant of Win32/Toolbar.CrossRider.H potentially unwanted application  deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files\VisualBee\VisualBee-buttonutil.exe.vir      a variant of Win32/Toolbar.CrossRider.I potentially unwanted application   deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files\VisualBee\VisualBee-buttonutil64.dll.vir    a variant of Win64/Toolbar.Crossrider.A potentially unwanted application   deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files\VisualBee\VisualBee-buttonutil64.exe.vir  a variant of Win64/Toolbar.Crossrider.A potentially unwanted application   deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files\VisualBee\VisualBee-helper.exe.vir           a variant of Win32/Toolbar.CrossRider.I potentially unwanted application   deleted - quarantined

C:\AdwCleaner\Quarantine\C\WINDOWS\system32\hfpapi.dll.vir        Win32/RiskWare.NetFilter.B application            cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\WINDOWS\system32\installd.exe.vir     Win32/Amonetize.AZ potentially unwanted application        deleted - quarantined

C:\AdwCleaner\Quarantine\C\WINDOWS\system32\nethtsrv.exe.vir   Win32/Amonetize.AZ potentially unwanted application        deleted - quarantined

C:\AdwCleaner\Quarantine\C\WINDOWS\system32\netupdsrv.exe.vir            Win32/Amonetize.AZ potentially unwanted application        deleted - quarantined

C:\Documents and Settings\Andrew Teifke\Application Data\17178\a22349.exe           a variant of Win32/Amonetize.AX potentially unwanted application            deleted - quarantined

C:\Documents and Settings\Andrew Teifke\Application Data\Sun\Java\Deployment\cache\6.0\20\1d272854-6eadddd7 a variant of Java/Exploit.CVE-2011-3544.DG trojan       cleaned by deleting - quarantined

C:\Documents and Settings\Andrew Teifke\Application Data\Sun\Java\Deployment\cache\6.0\53\71a03475-7708416b            Java/Exploit.CVE-2011-3544.BA trojan          cleaned by deleting - quarantined

C:\Documents and Settings\Andrew Teifke\Application Data\Sun\Java\Deployment\cache\6.0\60\77cdc0bc-571e204b            multiple threats  cleaned by deleting - quarantined

C:\Documents and Settings\Andrew Teifke\Application Data\Sun\Java\Deployment\cache\6.0\62\77cab2be-404f8520            multiple threats  cleaned by deleting - quarantined

C:\Documents and Settings\Andrew Teifke\Desktop\ilividSetup.exe       Win32/Toolbar.SearchSuite potentially unwanted application        deleted - quarantined

C:\Documents and Settings\Andrew Teifke\Desktop\Old Firefox Data\tyk68un5.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f}\chrome\content\dealplyshopping.xul       Win32/DealPly.J potentially unwanted application            deleted - quarantined

C:\Documents and Settings\Andrew Teifke\Desktop\Old Firefox Data\tyk68un5.default\extensions\{988919ff-0cd8-4d0c-bc7e-60d55a49eb64}\Plugins\npConduitFirefoxPlugin.dll         a variant of Win32/Conduit.SearchProtect.N potentially unwanted application    deleted - quarantined

C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\20\1d272854-34a4d3e5         a variant of Java/Exploit.CVE-2011-3544.DG trojan    cleaned by deleting - quarantined

C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\53\71a03475-262b98d9        Java/Exploit.CVE-2011-3544.BA trojan          cleaned by deleting - quarantined

C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\60\77cdc0bc-2b8b2860        multiple threats  cleaned by deleting - quarantined

C:\Documents and Settings\Andrew Teifke\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\62\77cab2be-7337a223        multiple threats  cleaned by deleting - quarantined

C:\Documents and Settings\Andrew Teifke\Local Settings\Temp\Animal Sex Gay Dog Petlust M15 3 Kennel Knot.avi.exe            a variant of Win32/Amonetize.AW potentially unwanted application       deleted - quarantined

C:\Documents and Settings\Andrew Teifke\Local Settings\Temp\f.exe   a variant of Win32/OutBrowse.D potentially unwanted application    deleted - quarantined

C:\Documents and Settings\Andrew Teifke\Local Settings\Temp\nsi534.tmp.tbMixi.dll   a variant of Win32/Toolbar.Conduit.X potentially unwanted application       deleted - quarantined

C:\Documents and Settings\Andrew Teifke\Local Settings\Temp\rtinstaller.exe   a variant of MSIL/Packed.Cellbi.A potentially unwanted application            deleted - quarantined

C:\Documents and Settings\Andrew Teifke\Local Settings\Temp\DM\Minecraft(1).exe\7CzLjCYODw\software\MyBackupPc.exe          Win32/MyPCBackup.A potentially unwanted application    deleted - quarantined

C:\Documents and Settings\Andrew Teifke\Local Settings\Temp\DM\Minecraft(1).exe\7CzLjCYODw\software\StrongVault.exe MSIL/Adware.StrongVault.A application            cleaned by deleting - quarantined

C:\Documents and Settings\Andrew Teifke\Local Settings\Temp\DM\Minecraft(1).exe\i818bR99MI\software\StrongVault.exe     MSIL/Adware.StrongVault.A application            cleaned by deleting - quarantined

C:\Documents and Settings\Andrew Teifke\My Documents\Downloads\Animal Sex Gay Dog Petlust M15 3 Kennel Knot.avi.exe     a variant of Win32/Amonetize.AW potentially unwanted application       deleted - quarantined

C:\Documents and Settings\Andrew Teifke\My Documents\Downloads\ccsetup403.exe            Win32/Bundled.Toolbar.Google.D potentially unsafe application            deleted - quarantined

C:\RECYCLER\S-1-5-21-1659004503-1284227242-1606980848-1003\Dc3086.scr           RAR/Agent.AF trojan            deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000218.sys            Win32/RiskWare.NetFilter.C application          cleaned by deleting - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000241.exe        a variant of Win32/Toolbar.CrossRider.J potentially unwanted application            deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000242.exe        a variant of Win32/Toolbar.CrossRider.J potentially unwanted application            deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000243.exe        a variant of Win32/Toolbar.CrossRider.J potentially unwanted application            deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000244.exe        a variant of Win32/Toolbar.CrossRider.J potentially unwanted application            deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000284.dll            Win32/Toolbar.Conduit.AC potentially unwanted application    deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000285.dll            Win32/Toolbar.Conduit.AC potentially unwanted application    deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000332.exe            Win32/Packed.ScrambleWrapper.C potentially unwanted application    deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000333.exe        a variant of Win32/Toolbar.CrossRider.H potentially unwanted application           deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000334.dll            probably a variant of Win32/Toolbar.CrossRider.H potentially unwanted application      deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000335.exe        a variant of Win32/Toolbar.CrossRider.I potentially unwanted application            deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000336.dll         a variant of Win64/Toolbar.Crossrider.A potentially unwanted application            deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000337.exe        a variant of Win64/Toolbar.Crossrider.A potentially unwanted application            deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000338.exe        a variant of Win32/Toolbar.CrossRider.I potentially unwanted application            deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000347.dll         a variant of Win32/Conduit.SearchProtect.N potentially unwanted application      deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000348.exe        a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000349.dll         a variant of Win32/Conduit.SearchProtect.P potentially unwanted application       deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000352.dll         a variant of Win32/Conduit.SearchProtect.N potentially unwanted application      deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000353.exe        a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000354.dll         a variant of Win32/Conduit.SearchProtect.P potentially unwanted application       deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000357.dll         a variant of Win32/Conduit.SearchProtect.N potentially unwanted application      deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000358.exe        a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000359.dll         a variant of Win32/Conduit.SearchProtect.P potentially unwanted application       deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000360.dll            Win32/RiskWare.NetFilter.B application          cleaned by deleting - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000361.exe            Win32/Amonetize.AZ potentially unwanted application  deleted - quarantined

C:\System Volume Information\_restore{6FBEA57F-DA80-483B-97A3-3B3FC2A62698}\RP1\A0000362.exe            Win32/Amonetize.AZ potentially unwanted application  deleted - quarantined



#5 Houka

Houka
  • Topic Starter

  • Members
  • 112 posts
  • OFFLINE
  •  
  • Local time:01:31 PM

Posted 04 July 2014 - 10:50 PM

Looks like teh ad stuff may have stopped but I keep an eye out just in case.



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 PM

Posted 06 July 2014 - 09:13 PM

Ok there is still some in your Restore points.


Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can re-infect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup
  • to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically. Vista and Windows 7 users can refer to these links:
  • Create a New Restore Point in Vista
  • Create a New Restore Point in Windows 7 (alternate method)
  • Disk Cleanup in Vista
  • Disk Cleanup in Windows 7
  • ◾Reboot and see how it is.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Houka

Houka
  • Topic Starter

  • Members
  • 112 posts
  • OFFLINE
  •  
  • Local time:01:31 PM

Posted 07 July 2014 - 08:10 PM

All right all done! Anything else I need to do all? I have't had any issues for the past few days, so everything seem normal now.



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 PM

Posted 08 July 2014 - 09:25 AM

Looks good, if I missed this Uninstall (in Control Panel Add/Remove) and reboot after.

Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Houka

Houka
  • Topic Starter

  • Members
  • 112 posts
  • OFFLINE
  •  
  • Local time:01:31 PM

Posted 10 July 2014 - 10:52 AM

OK that done.



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 PM

Posted 10 July 2014 - 02:55 PM

Good to go!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users