Jump to content
longbeachlouise

another mydomainadvisor

Recommended Posts

Hi,

Okay things are looking better.

Are you currently experiencing any symptoms of infection?

Run TFC by OldTimer to clear temporary files:

  • Please download TFC from here and save it to your desktop.
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Export the threats found (if any), and post them here.

Next, please download AdwCleaner by Xplode onto your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

-screen317

Share this post


Link to post
Share on other sites

Hi, Thanx for fast response. I am on my Dad's computer, because I want to uninstall some things before I proceed with the above, such as games that came with the laptop, and finance software - it takes lots of registers, I believe. At the end, you'll probably ask me to squash the active disk space down.

Share this post


Link to post
Share on other sites

The Sims Life Stories isn't uninstalling. You know what? These laptops from Fry's have the malware baked right in! The EA folder with the Sims Life Stories has an uninstall link, but it won't uinstall!

Am editing to say, I had to agree to "allow" the sims or EA to "configure" my drive. I guess that's part of the uninstall process. I'm going to unplug the internet and go for a walk. This is going to take a long time.

Now we're cooking! It took a long time to delete the EA. I deleted things - some 12,000 files, including uninstalling stock tracking software I don't need. Just static files I deleted were 2 G, when I emptied the recycle bin! Then ran a full Malwarebytes scan overnight for good measure . . .

Malwarebytes Anti-Malware 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.24.02

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Carol :: BILL [administrator]

8/24/2012 1:48:23 AM

mbam-log-2012-08-24 (01-48-23).txt

Scan type: Full scan (C:\|D:\|E:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 336845

Time elapsed: 3 hour(s), 36 minute(s), 25 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Took 2 hrs less than last time! :)

Now, on to the list of scans, above.

Are you currently experiencing any symptoms of infection?

There hasn't been any funny links in ten days, but I never used again, and just uninstalled Chrome. . .

Share this post


Link to post
Share on other sites

On my desktop are:

TFC

TDSKiller

ESET

and the rest I have to download fresh.

Ran TFC:

User: Default

->Temp folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

User: Public

->Temp folder emptied: 0 bytes

User: Williaim

->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 1666 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33239 bytes

%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes

Emptying RecycleBin. Do not interrupt.

RecycleBin emptied: 136 bytes

Process complete!

Total Files Cleaned = 46.00 mb

Share this post


Link to post
Share on other sites

I knew I should have gone back to bed! i ran tds killer - one of several I had downloaded, including today. But I don't know where the log is, and there was no reboot, so I deleted all the copies of TDSKiller.

But now I just deleted the recylce bin. I meant to EMPTY the recycle bin. How do I get it back?

Share this post


Link to post
Share on other sites

Would you tell me how to get the Recycle bin back? Edited to say: I got it back!

Here is the log of the TDSKiller:

09:47:03.0603 3044 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05

09:47:03.0650 3044 ============================================================

09:47:03.0650 3044 Current date / time: 2012/08/24 09:47:03.0650

09:47:03.0650 3044 SystemInfo:

09:47:03.0650 3044

09:47:03.0650 3044 OS Version: 6.0.6002 ServicePack: 2.0

09:47:03.0650 3044 Product type: Workstation

09:47:03.0650 3044 ComputerName: BILL

09:47:03.0650 3044 UserName: Carol

09:47:03.0650 3044 Windows directory: C:\Windows

09:47:03.0650 3044 System windows directory: C:\Windows

09:47:03.0650 3044 Processor architecture: Intel x86

09:47:03.0650 3044 Number of processors: 2

09:47:03.0650 3044 Page size: 0x1000

09:47:03.0650 3044 Boot type: Normal boot

09:47:03.0650 3044 ============================================================

09:47:05.0771 3044 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

09:47:05.0771 3044 ============================================================

09:47:05.0771 3044 \Device\Harddisk0\DR0:

09:47:05.0771 3044 MBR partitions:

09:47:05.0771 3044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC944DD2

09:47:05.0771 3044 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC944E11, BlocksNum 0x164E9B0

09:47:05.0771 3044 ============================================================

09:47:05.0787 3044 C: <-> \Device\Harddisk0\DR0\Partition1

09:47:06.0021 3044 D: <-> \Device\Harddisk0\DR0\Partition2

09:47:06.0021 3044 ============================================================

09:47:06.0021 3044 Initialize success

09:47:06.0021 3044 ============================================================

09:47:12.0464 4692 ============================================================

09:47:12.0464 4692 Scan started

09:47:12.0464 4692 Mode: Manual;

09:47:12.0464 4692 ============================================================

09:47:14.0460 4692 ================ Scan services =============================

09:47:16.0598 4692 [ 82b296ae1892fe3dbee00c9cf92f8ac7 ] ACPI C:\Windows\system32\drivers\acpi.sys

09:47:16.0644 4692 ACPI - ok

09:47:16.0956 4692 [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

09:47:17.0019 4692 AdobeARMservice - ok

09:47:17.0081 4692 [ 04f0fcac69c7c71a3ac4eb97fafc8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

09:47:17.0097 4692 adp94xx - ok

09:47:17.0206 4692 [ 60505e0041f7751bdbb80f88bf45c2ce ] adpahci C:\Windows\system32\drivers\adpahci.sys

09:47:17.0237 4692 adpahci - ok

09:47:17.0284 4692 [ 8a42779b02aec986eab64ecfc98f8bd7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys

09:47:17.0284 4692 adpu160m - ok

09:47:17.0315 4692 [ 241c9e37f8ce45ef51c3de27515ca4e5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

09:47:17.0331 4692 adpu320 - ok

09:47:17.0424 4692 [ 9d1fda9e086ba64e3c93c9de32461bcf ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

09:47:17.0456 4692 AeLookupSvc - ok

09:47:17.0580 4692 [ 3911b972b55fea0478476b2e777b29fa ] AFD C:\Windows\system32\drivers\afd.sys

09:47:17.0596 4692 AFD - ok

09:47:17.0643 4692 [ 13f9e33747e6b41a3ff305c37db0d360 ] agp440 C:\Windows\system32\drivers\agp440.sys

09:47:17.0643 4692 agp440 - ok

09:47:17.0690 4692 [ ae1fdf7bf7bb6c6a70f67699d880592a ] aic78xx C:\Windows\system32\drivers\djsvs.sys

09:47:17.0690 4692 aic78xx - ok

09:47:17.0736 4692 [ a1545b731579895d8cc44fc0481c1192 ] ALG C:\Windows\System32\alg.exe

09:47:17.0752 4692 ALG - ok

09:47:17.0783 4692 [ 9eaef5fc9b8e351afa7e78a6fae91f91 ] aliide C:\Windows\system32\drivers\aliide.sys

09:47:17.0783 4692 aliide - ok

09:47:17.0814 4692 [ c47344bc706e5f0b9dce369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys

09:47:17.0814 4692 amdagp - ok

09:47:17.0846 4692 [ 9b78a39a4c173fdbc1321e0dd659b34c ] amdide C:\Windows\system32\drivers\amdide.sys

09:47:17.0846 4692 amdide - ok

09:47:17.0877 4692 [ 18f29b49ad23ecee3d2a826c725c8d48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys

09:47:17.0877 4692 AmdK7 - ok

09:47:17.0908 4692 [ 93ae7f7dd54ab986a6f1a1b37be7442d ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

09:47:17.0908 4692 AmdK8 - ok

09:47:17.0955 4692 [ c6d704c7f0434dc791aac37cac4b6e14 ] Appinfo C:\Windows\System32\appinfo.dll

09:47:17.0955 4692 Appinfo - ok

09:47:18.0017 4692 [ 5d2888182fb46632511acee92fdad522 ] arc C:\Windows\system32\drivers\arc.sys

09:47:18.0017 4692 arc - ok

09:47:18.0048 4692 [ 5e2a321bd7c8b3624e41fdec3e244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys

09:47:18.0064 4692 arcsas - ok

09:47:18.0126 4692 [ 0c83fc56707bf68db04947052a8188b1 ] astcc C:\Windows\system32\astsrv.exe

09:47:18.0142 4692 astcc - ok

09:47:18.0189 4692 [ 53b202abee6455406254444303e87be1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

09:47:18.0204 4692 AsyncMac - ok

09:47:18.0236 4692 [ 1f05b78ab91c9075565a9d8a4b880bc4 ] atapi C:\Windows\system32\drivers\atapi.sys

09:47:18.0236 4692 atapi - ok

09:47:18.0314 4692 [ 0437199c88f6e88a387cfec8a8886a6e ] athr C:\Windows\system32\DRIVERS\athr.sys

09:47:18.0329 4692 athr - ok

09:47:18.0392 4692 [ 68e2a1a0407a66cf50da0300852424ab ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

09:47:18.0407 4692 AudioEndpointBuilder - ok

09:47:18.0438 4692 [ 68e2a1a0407a66cf50da0300852424ab ] Audiosrv C:\Windows\System32\Audiosrv.dll

09:47:18.0438 4692 Audiosrv - ok

09:47:18.0641 4692 [ cf6a67c90951e3e763d2135dede44b85 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys

09:47:18.0672 4692 BCM43XV - ok

09:47:18.0719 4692 [ 67e506b75bd5326a3ec7b70bd014dfb6 ] Beep C:\Windows\system32\drivers\Beep.sys

09:47:18.0719 4692 Beep - ok

09:47:18.0813 4692 [ c789af0f724fda5852fb9a7d3a432381 ] BFE C:\Windows\System32\bfe.dll

09:47:18.0828 4692 BFE - ok

09:47:19.0062 4692 [ 93952506c6d67330367f7e7934b6a02f ] BITS C:\Windows\system32\qmgr.dll

09:47:19.0109 4692 BITS - ok

09:47:19.0140 4692 [ d4df28447741fd3d953526e33a617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

09:47:19.0140 4692 blbdrive - ok

09:47:19.0187 4692 [ 35f376253f687bde63976ccb3f2108ca ] bowser C:\Windows\system32\DRIVERS\bowser.sys

09:47:19.0203 4692 bowser - ok

09:47:19.0265 4692 [ 9f9acc7f7ccde8a15c282d3f88b43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys

09:47:19.0265 4692 BrFiltLo - ok

09:47:19.0296 4692 [ 56801ad62213a41f6497f96dee83755a ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys

09:47:19.0296 4692 BrFiltUp - ok

09:47:19.0343 4692 [ a3629a0c4226f9e9c72faaeebc3ad33c ] Browser C:\Windows\System32\browser.dll

09:47:19.0359 4692 Browser - ok

09:47:19.0406 4692 [ b304e75cff293029eddf094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys

09:47:19.0421 4692 Brserid - ok

09:47:19.0452 4692 [ 203f0b1e73adadbbb7b7b1fabd901f6b ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys

09:47:19.0452 4692 BrSerWdm - ok

09:47:19.0484 4692 [ bd456606156ba17e60a04e18016ae54b ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys

09:47:19.0484 4692 BrUsbMdm - ok

09:47:19.0515 4692 [ af72ed54503f717a43268b3cc5faec2e ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys

09:47:19.0515 4692 BrUsbSer - ok

09:47:19.0546 4692 [ ad07c1ec6665b8b35741ab91200c6b68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

09:47:19.0546 4692 BTHMODEM - ok

09:47:19.0624 4692 [ 248dfa5762dde38dfddbbd44149e9d7a ] BVRPMPR5 C:\Windows\system32\drivers\BVRPMPR5.SYS

09:47:19.0640 4692 BVRPMPR5 - ok

09:47:20.0654 4692 catchme - ok

09:47:20.0732 4692 [ 7add03e75beb9e6dd102c3081d29840a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

09:47:20.0747 4692 cdfs - ok

09:47:20.0794 4692 [ 6b4bffb9becd728097024276430db314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

09:47:20.0810 4692 cdrom - ok

09:47:20.0856 4692 [ 312ec3e37a0a1f2006534913e37b4423 ] CertPropSvc C:\Windows\System32\certprop.dll

09:47:20.0872 4692 CertPropSvc - ok

09:47:20.0919 4692 [ e5d4133f37219dbcfe102bc61072589d ] circlass C:\Windows\system32\drivers\circlass.sys

09:47:20.0934 4692 circlass - ok

09:47:21.0028 4692 [ d7659d3b5b92c31e84e53c1431f35132 ] CLFS C:\Windows\system32\CLFS.sys

09:47:21.0059 4692 CLFS - ok

09:47:21.0122 4692 [ 8ee772032e2fe80a924f3b8dd5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:47:21.0137 4692 clr_optimization_v2.0.50727_32 - ok

09:47:21.0246 4692 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

09:47:21.0324 4692 clr_optimization_v4.0.30319_32 - ok

09:47:21.0371 4692 [ 99afc3795b58cc478fbbbcdc658fcb56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

09:47:21.0371 4692 CmBatt - ok

09:47:21.0418 4692 [ 0ca25e686a4928484e9fdabd168ab629 ] cmdide C:\Windows\system32\drivers\cmdide.sys

09:47:21.0418 4692 cmdide - ok

09:47:21.0480 4692 [ b6e7991e3d6146c04c85cd31af22a381 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys

09:47:21.0480 4692 CnxtHdAudService - ok

09:47:21.0605 4692 [ d8774ace03b46c9b01a49818055f9ad4 ] Com4Qlb C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

09:47:21.0636 4692 Com4Qlb - ok

09:47:21.0652 4692 [ 6afef0b60fa25de07c0968983ee4f60a ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

09:47:21.0668 4692 Compbatt - ok

09:47:21.0683 4692 COMSysApp - ok

09:47:21.0699 4692 cpuz134 - ok

09:47:21.0746 4692 [ 741e9dff4f42d2d8477d0fc1dc0df871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

09:47:21.0746 4692 crcdisk - ok

09:47:21.0777 4692 [ 1f07becdca750766a96cda811ba86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys

09:47:21.0777 4692 Crusoe - ok

09:47:21.0855 4692 [ fb27772beaf8e1d28ccd825c09da939b ] CryptSvc C:\Windows\system32\cryptsvc.dll

09:47:21.0902 4692 CryptSvc - ok

09:47:22.0136 4692 [ 3b5b4d53fec14f7476ca29a20cc31ac9 ] DcomLaunch C:\Windows\system32\rpcss.dll

09:47:22.0214 4692 DcomLaunch - ok

09:47:22.0260 4692 [ 622c41a07ca7e6dd91770f50d532cb6c ] DfsC C:\Windows\system32\Drivers\dfsc.sys

09:47:22.0276 4692 DfsC - ok

09:47:23.0399 4692 [ 2cc3dcfb533a1035b13dcab6160ab38b ] DFSR C:\Windows\system32\DFSR.exe

09:47:23.0493 4692 DFSR - ok

09:47:23.0571 4692 [ 9028559c132146fb75eb7acf384b086a ] Dhcp C:\Windows\System32\dhcpcsvc.dll

09:47:23.0586 4692 Dhcp - ok

09:47:23.0633 4692 [ 5d4aefc3386920236a548271f8f1af6a ] disk C:\Windows\system32\drivers\disk.sys

09:47:23.0649 4692 disk - ok

09:47:23.0711 4692 [ 57d762f6f5974af0da2be88a3349baaa ] Dnscache C:\Windows\System32\dnsrslvr.dll

09:47:23.0711 4692 Dnscache - ok

09:47:23.0836 4692 [ 324fd74686b1ef5e7c19a8af49e748f6 ] dot3svc C:\Windows\System32\dot3svc.dll

09:47:23.0898 4692 dot3svc - ok

09:47:23.0961 4692 [ a622e888f8aa2f6b49e9bc466f0e5def ] DPS C:\Windows\system32\dps.dll

09:47:23.0992 4692 DPS - ok

09:47:24.0039 4692 [ 97fef831ab90bee128c9af390e243f80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

09:47:24.0039 4692 drmkaud - ok

09:47:24.0101 4692 [ c68ac676b0ef30cfbb1080adce49eb1f ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

09:47:24.0132 4692 DXGKrnl - ok

09:47:24.0179 4692 [ 5425f74ac0c1dbd96a1e04f17d63f94c ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys

09:47:24.0195 4692 E1G60 - ok

09:47:24.0242 4692 [ c0b95e40d85cd807d614e264248a45b9 ] EapHost C:\Windows\System32\eapsvc.dll

09:47:24.0257 4692 EapHost - ok

09:47:24.0335 4692 [ 7f64ea048dcfac7acf8b4d7b4e6fe371 ] Ecache C:\Windows\system32\drivers\ecache.sys

09:47:24.0351 4692 Ecache - ok

09:47:24.0444 4692 [ 23b62471681a124889978f6295b3f4c6 ] elxstor C:\Windows\system32\drivers\elxstor.sys

09:47:24.0476 4692 elxstor - ok

09:47:24.0772 4692 [ 4e6b23dfc917ea39306b529b773950f4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll

09:47:24.0912 4692 EMDMgmt - ok

09:47:24.0975 4692 [ 3db974f3935483555d7148663f726c61 ] ErrDev C:\Windows\system32\drivers\errdev.sys

09:47:24.0990 4692 ErrDev - ok

09:47:25.0053 4692 [ 67058c46504bc12d821f38cf99b7b28f ] EventSystem C:\Windows\system32\es.dll

09:47:25.0084 4692 EventSystem - ok

09:47:25.0193 4692 [ 22b408651f9123527bcee54b4f6c5cae ] exfat C:\Windows\system32\drivers\exfat.sys

09:47:25.0256 4692 exfat - ok

09:47:25.0302 4692 [ 1e9b9a70d332103c52995e957dc09ef8 ] fastfat C:\Windows\system32\drivers\fastfat.sys

09:47:25.0318 4692 fastfat - ok

09:47:25.0349 4692 [ afe1e8b9782a0dd7fb46bbd88e43f89a ] fdc C:\Windows\system32\DRIVERS\fdc.sys

09:47:25.0349 4692 fdc - ok

09:47:25.0380 4692 [ 6629b5f0e98151f4afdd87567ea32ba3 ] fdPHost C:\Windows\system32\fdPHost.dll

09:47:25.0380 4692 fdPHost - ok

09:47:25.0396 4692 [ 89ed56dce8e47af40892778a5bd31fd2 ] FDResPub C:\Windows\system32\fdrespub.dll

09:47:25.0396 4692 FDResPub - ok

09:47:25.0443 4692 [ a8c0139a884861e3aae9cfe73b208a9f ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

09:47:25.0443 4692 FileInfo - ok

09:47:25.0474 4692 [ 0ae429a696aecbc5970e3cf2c62635ae ] Filetrace C:\Windows\system32\drivers\filetrace.sys

09:47:25.0474 4692 Filetrace - ok

09:47:25.0490 4692 [ 85b7cf99d532820495d68d747fda9ebd ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

09:47:25.0490 4692 flpydisk - ok

09:47:25.0505 4692 [ 01334f9ea68e6877c4ef05d3ea8abb05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

09:47:25.0521 4692 FltMgr - ok

09:47:25.0599 4692 [ 8ce364388c8eca59b14b539179276d44 ] FontCache C:\Windows\system32\FntCache.dll

09:47:25.0677 4692 FontCache - ok

09:47:25.0708 4692 [ c7fbdd1ed42f82bfa35167a5c9803ea3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

09:47:25.0739 4692 FontCache3.0.0.0 - ok

09:47:25.0770 4692 [ 65ea8b77b5851854f0c55c43fa51a198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

09:47:25.0770 4692 Fs_Rec - ok

09:47:25.0786 4692 [ 34582a6e6573d54a07ece5fe24a126b5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

09:47:25.0786 4692 gagp30kx - ok

09:47:25.0864 4692 [ cd5d0aeee35dfd4e986a5aa1500a6e66 ] gpsvc C:\Windows\System32\gpsvc.dll

09:47:25.0864 4692 gpsvc - ok

09:47:26.0176 4692 [ de847265c24e69df988bcb1399026fc7 ] HauppaugeTVServer C:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe

09:47:26.0254 4692 HauppaugeTVServer - ok

09:47:26.0301 4692 [ de15777902a5d9121857d155873a1d1b ] HBtnKey C:\Windows\system32\DRIVERS\cpqbttn.sys

09:47:26.0316 4692 HBtnKey - ok

09:47:26.0379 4692 [ 7be40bb4cd16d8760e18ea981ff452ec ] HdAudAddService C:\Windows\system32\drivers\CHDART.sys

09:47:26.0394 4692 HdAudAddService - ok

09:47:26.0660 4692 [ 062452b7ffd68c8c042a6261fe8dff4a ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

09:47:26.0722 4692 HDAudBus - ok

09:47:26.0784 4692 [ 1338520e78d90154ed6be8f84de5fceb ] HidBth C:\Windows\system32\drivers\hidbth.sys

09:47:26.0784 4692 HidBth - ok

09:47:26.0831 4692 [ ff3160c3a2445128c5a6d9b076da519e ] HidIr C:\Windows\system32\drivers\hidir.sys

09:47:26.0847 4692 HidIr - ok

09:47:26.0878 4692 [ 84067081f3318162797385e11a8f0582 ] hidserv C:\Windows\System32\hidserv.dll

09:47:26.0909 4692 hidserv - ok

09:47:26.0940 4692 [ cca4b519b17e23a00b826c55716809cc ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

09:47:26.0940 4692 HidUsb - ok

09:47:26.0972 4692 [ d8ad255b37da92434c26e4876db7d418 ] hkmsvc C:\Windows\system32\kmsvc.dll

09:47:26.0972 4692 hkmsvc - ok

09:47:27.0034 4692 [ 0d26c438e2938a3e6bdd91173bc96ff0 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

09:47:27.0034 4692 HP Health Check Service - ok

09:47:27.0065 4692 [ 16ee7b23a009e00d835cdb79574a91a6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys

09:47:27.0081 4692 HpCISSs - ok

09:47:27.0112 4692 [ 35956140e686d53bf676cf0c778880fc ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

09:47:27.0128 4692 HpqKbFiltr - ok

09:47:27.0143 4692 [ f8968c9778f25a90a35755c3c97c7f62 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe

09:47:27.0159 4692 hpqwmiex - ok

09:47:27.0221 4692 [ 46d67209550973257601a533e2ac5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS

09:47:27.0237 4692 HSFHWAZL - ok

09:47:27.0284 4692 [ cc267848cb3508e72762be65734e764d ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys

09:47:27.0330 4692 HSF_DPV - ok

09:47:27.0377 4692 [ a2882945cc4b6e3e4e9e825590438888 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys

09:47:27.0377 4692 HSXHWAZL - ok

09:47:27.0455 4692 [ 0eeeca26c8d4bde2a4664db058a81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys

09:47:27.0471 4692 HTTP - ok

09:47:27.0502 4692 [ c6b032d69650985468160fc9937cf5b4 ] i2omp C:\Windows\system32\drivers\i2omp.sys

09:47:27.0502 4692 i2omp - ok

09:47:27.0549 4692 [ 22d56c8184586b7a1f6fa60be5f5a2bd ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

09:47:27.0549 4692 i8042prt - ok

09:47:27.0596 4692 [ 54155ea1b0df185878e0fc9ec3ac3a14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys

09:47:27.0596 4692 iaStorV - ok

09:47:27.0736 4692 [ 1cf03c69b49acb70c722df92755c0c8c ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

09:47:27.0798 4692 IDriverT - ok

09:47:28.0173 4692 [ 98477b08e61945f974ed9fdc4cb6bdab ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

09:47:28.0235 4692 idsvc - ok

09:47:28.0298 4692 [ 2d077bf86e843f901d8db709c95b49a5 ] iirsp C:\Windows\system32\drivers\iirsp.sys

09:47:28.0313 4692 iirsp - ok

09:47:28.0547 4692 [ 9908d8a397b76cd8d31d0d383c5773c9 ] IKEEXT C:\Windows\System32\ikeext.dll

09:47:28.0594 4692 IKEEXT - ok

09:47:28.0641 4692 [ 83aa759f3189e6370c30de5dc5590718 ] intelide C:\Windows\system32\drivers\intelide.sys

09:47:28.0641 4692 intelide - ok

09:47:28.0688 4692 [ 224191001e78c89dfa78924c3ea595ff ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

09:47:28.0688 4692 intelppm - ok

09:47:28.0734 4692 [ 9ac218c6e6105477484c6fdbe7d409a4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

09:47:28.0750 4692 IPBusEnum - ok

09:47:28.0766 4692 [ 62c265c38769b864cb25b4bcf62df6c3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

09:47:28.0781 4692 IpFilterDriver - ok

09:47:28.0859 4692 [ 1998bd97f950680bb55f55a7244679c2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

09:47:28.0890 4692 iphlpsvc - ok

09:47:28.0906 4692 IpInIp - ok

09:47:28.0953 4692 [ b25aaf203552b7b3491139d582b39ad1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys

09:47:28.0953 4692 IPMIDRV - ok

09:47:29.0000 4692 [ 8793643a67b42cec66490b2a0cf92d68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys

09:47:29.0000 4692 IPNAT - ok

09:47:29.0015 4692 [ 109c0dfb82c3632fbd11949b73aeeac9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

09:47:29.0015 4692 IRENUM - ok

09:47:29.0046 4692 [ 6c70698a3e5c4376c6ab5c7c17fb0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys

09:47:29.0046 4692 isapnp - ok

09:47:29.0093 4692 [ 232fa340531d940aac623b121a595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

09:47:29.0093 4692 iScsiPrt - ok

09:47:29.0109 4692 [ bced60d16156e428f8df8cf27b0df150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys

09:47:29.0124 4692 iteatapi - ok

09:47:29.0171 4692 [ 06fa654504a498c30adca8bec4e87e7e ] iteraid C:\Windows\system32\drivers\iteraid.sys

09:47:29.0171 4692 iteraid - ok

09:47:29.0171 4692 [ 37605e0a8cf00cbba538e753e4344c6e ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

09:47:29.0187 4692 kbdclass - ok

09:47:29.0234 4692 [ ede59ec70e25c24581add1fbec7325f7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

09:47:29.0234 4692 kbdhid - ok

09:47:29.0265 4692 [ a3e186b4b935905b829219502557314e ] KeyIso C:\Windows\system32\lsass.exe

09:47:29.0280 4692 KeyIso - ok

09:47:29.0296 4692 [ 2b2f1638466e8cb091400c9019cc730e ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

09:47:29.0312 4692 KSecDD - ok

09:47:29.0483 4692 [ 8078f8f8f7a79e2e6b494523a828c585 ] KtmRm C:\Windows\system32\msdtckrm.dll

09:47:29.0530 4692 KtmRm - ok

09:47:29.0577 4692 [ 1bf5eebfd518dd7298434d8c862f825d ] LanmanServer C:\Windows\System32\srvsvc.dll

09:47:29.0608 4692 LanmanServer - ok

09:47:29.0717 4692 [ 1db69705b695b987082c8baec0c6b34f ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

09:47:29.0748 4692 LanmanWorkstation - ok

09:47:29.0795 4692 [ d1c5883087a0c3f1344d9d55a44901f6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

09:47:29.0795 4692 lltdio - ok

09:47:29.0858 4692 [ 2d5a428872f1442631d0959a34abff63 ] lltdsvc C:\Windows\System32\lltdsvc.dll

09:47:29.0858 4692 lltdsvc - ok

09:47:29.0873 4692 [ 35d40113e4a5b961b6ce5c5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll

09:47:29.0873 4692 lmhosts - ok

09:47:29.0904 4692 [ c7e15e82879bf3235b559563d4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

09:47:29.0904 4692 LSI_FC - ok

09:47:29.0920 4692 [ ee01ebae8c9bf0fa072e0ff68718920a ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

09:47:29.0920 4692 LSI_SAS - ok

09:47:29.0951 4692 [ 912a04696e9ca30146a62afa1463dd5c ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

09:47:29.0951 4692 LSI_SCSI - ok

09:47:30.0014 4692 [ 8f5c7426567798e62a3b3614965d62cc ] luafv C:\Windows\system32\drivers\luafv.sys

09:47:30.0029 4692 luafv - ok

09:47:30.0076 4692 [ 6dfe7f2e8e8a337263aa5c92a215f161 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

09:47:30.0076 4692 MBAMProtector - ok

09:47:30.0372 4692 [ 43683e970f008c93c9429ef428147a54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

09:47:30.0435 4692 MBAMService - ok

09:47:30.0482 4692 [ 0cea2d0d3fa284b85ed5b68365114f76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys

09:47:30.0497 4692 mdmxsdk - ok

09:47:30.0560 4692 [ 0001ce609d66632fa17b84705f658879 ] megasas C:\Windows\system32\drivers\megasas.sys

09:47:30.0560 4692 megasas - ok

09:47:30.0622 4692 [ c252f32cd9a49dbfc25ecf26ebd51a99 ] MegaSR C:\Windows\system32\drivers\megasr.sys

09:47:30.0638 4692 MegaSR - ok

09:47:30.0684 4692 [ 1076ffcffaae8385fd62dfcb25ac4708 ] MMCSS C:\Windows\system32\mmcss.dll

09:47:30.0684 4692 MMCSS - ok

09:47:30.0700 4692 [ e13b5ea0f51ba5b1512ec671393d09ba ] Modem C:\Windows\system32\drivers\modem.sys

09:47:30.0716 4692 Modem - ok

09:47:30.0762 4692 [ 0a9bb33b56e294f686abb7c1e4e2d8a8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

09:47:30.0762 4692 monitor - ok

09:47:30.0778 4692 [ 5bf6a1326a335c5298477754a506d263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

09:47:30.0794 4692 mouclass - ok

09:47:30.0809 4692 [ 93b8d4869e12cfbe663915502900876f ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

09:47:30.0825 4692 mouhid - ok

09:47:30.0840 4692 [ bdafc88aa6b92f7842416ea6a48e1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys

09:47:30.0840 4692 MountMgr - ok

09:47:30.0887 4692 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

09:47:30.0903 4692 MozillaMaintenance - ok

09:47:30.0950 4692 [ 511d011289755dd9f9a7579fb0b064e6 ] mpio C:\Windows\system32\drivers\mpio.sys

09:47:30.0965 4692 mpio - ok

09:47:30.0996 4692 [ 22241feba9b2defa669c8cb0a8dd7d2e ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

09:47:30.0996 4692 mpsdrv - ok

09:47:31.0106 4692 [ 5de62c6e9108f14f6794060a9bdecaec ] MpsSvc C:\Windows\system32\mpssvc.dll

09:47:31.0168 4692 MpsSvc - ok

09:47:31.0199 4692 [ 4fbbb70d30fd20ec51f80061703b001e ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys

09:47:31.0215 4692 Mraid35x - ok

09:47:31.0262 4692 [ 82cea0395524aacfeb58ba1448e8325c ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

09:47:31.0262 4692 MRxDAV - ok

09:47:31.0308 4692 [ 1e94971c4b446ab2290deb71d01cf0c2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

09:47:31.0324 4692 mrxsmb - ok

09:47:31.0386 4692 [ 4fccb34d793b116423209c0f8b7a3b03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

09:47:31.0402 4692 mrxsmb10 - ok

09:47:31.0433 4692 [ c3cb1b40ad4a0124d617a1199b0b9d7c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

09:47:31.0449 4692 mrxsmb20 - ok

09:47:31.0480 4692 [ 28023e86f17001f7cd9b15a5bc9ae07d ] msahci C:\Windows\system32\drivers\msahci.sys

09:47:31.0480 4692 msahci - ok

09:47:31.0511 4692 [ 4468b0f385a86ecddaf8d3ca662ec0e7 ] msdsm C:\Windows\system32\drivers\msdsm.sys

09:47:31.0527 4692 msdsm - ok

09:47:31.0558 4692 [ fd7520cc3a80c5fc8c48852bb24c6ded ] MSDTC C:\Windows\System32\msdtc.exe

09:47:31.0574 4692 MSDTC - ok

09:47:31.0605 4692 [ a9927f4a46b816c92f461acb90cf8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys

09:47:31.0605 4692 Msfs - ok

09:47:31.0652 4692 [ 0f400e306f385c56317357d6dea56f62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

09:47:31.0667 4692 msisadrv - ok

09:47:31.0683 4692 [ 85466c0757a23d9a9aecdc0755203cb2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

09:47:31.0698 4692 MSiSCSI - ok

09:47:31.0714 4692 msiserver - ok

09:47:31.0745 4692 [ d8c63d34d9c9e56c059e24ec7185cc07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

09:47:31.0745 4692 MSKSSRV - ok

09:47:31.0761 4692 [ 1d373c90d62ddb641d50e55b9e78d65e ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

09:47:31.0761 4692 MSPCLOCK - ok

09:47:31.0792 4692 [ b572da05bf4e098d4bba3a4734fb505b ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

09:47:31.0792 4692 MSPQM - ok

09:47:31.0823 4692 [ b49456d70555de905c311bcda6ec6adb ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

09:47:31.0823 4692 MsRPC - ok

09:47:31.0854 4692 [ e384487cb84be41d09711c30ca79646c ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

09:47:31.0854 4692 mssmbios - ok

09:47:31.0917 4692 MSSQL$SQLEXPRESS - ok

09:47:31.0964 4692 [ 1d89eb4e2a99cabd4e81225f4f4c4b25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe

09:47:31.0964 4692 MSSQLServerADHelper - ok

09:47:31.0995 4692 [ 7199c1eec1e4993caf96b8c0a26bd58a ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

09:47:31.0995 4692 MSTEE - ok

09:47:32.0010 4692 [ 6a57b5733d4cb702c8ea4542e836b96c ] Mup C:\Windows\system32\Drivers\mup.sys

09:47:32.0010 4692 Mup - ok

09:47:32.0057 4692 [ 87efbc5a9d095e5a1c7df49086b4b81d ] MxL111SF_AVS_USB C:\Windows\system32\DRIVERS\hcwC6bda.sys

09:47:32.0073 4692 MxL111SF_AVS_USB - ok

09:47:32.0244 4692 [ e4eaf0c5c1b41b5c83386cf212ca9584 ] napagent C:\Windows\system32\qagentRT.dll

09:47:32.0307 4692 napagent - ok

09:47:32.0432 4692 [ 85c44fdff9cf7e72a40dcb7ec06a4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

09:47:32.0494 4692 NativeWifiP - ok

09:47:32.0572 4692 [ 1357274d1883f68300aeadd15d7bbb42 ] NDIS C:\Windows\system32\drivers\ndis.sys

09:47:32.0588 4692 NDIS - ok

09:47:32.0619 4692 [ 0e186e90404980569fb449ba7519ae61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

09:47:32.0619 4692 NdisTapi - ok

09:47:32.0666 4692 [ d6973aa34c4d5d76c0430b181c3cd389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

09:47:32.0666 4692 Ndisuio - ok

09:47:32.0712 4692 [ 818f648618ae34f729fdb47ec68345c3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

09:47:32.0744 4692 NdisWan - ok

09:47:32.0775 4692 [ 71dab552b41936358f3b541ae5997fb3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

09:47:32.0790 4692 NDProxy - ok

09:47:32.0837 4692 [ bcd093a5a6777cf626434568dc7dba78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

09:47:32.0837 4692 NetBIOS - ok

09:47:32.0884 4692 [ ecd64230a59cbd93c85f1cd1cab9f3f6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys

09:47:32.0900 4692 netbt - ok

09:47:32.0915 4692 [ a3e186b4b935905b829219502557314e ] Netlogon C:\Windows\system32\lsass.exe

09:47:32.0915 4692 Netlogon - ok

09:47:32.0946 4692 [ c8052711daecc48b982434c5116ca401 ] Netman C:\Windows\System32\netman.dll

09:47:32.0946 4692 Netman - ok

09:47:32.0962 4692 [ 2ef3bbe22e5a5acd1428ee387a0d0172 ] netprofm C:\Windows\System32\netprofm.dll

09:47:32.0978 4692 netprofm - ok

09:47:33.0009 4692 [ d6c4e4a39a36029ac0813d476fbd0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

09:47:33.0009 4692 NetTcpPortSharing - ok

09:47:33.0040 4692 [ 2e7fb731d4790a1bc6270accefacb36e ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

09:47:33.0040 4692 nfrd960 - ok

09:47:33.0056 4692 [ 2997b15415f9bbe05b5a4c1c85e0c6a2 ] NlaSvc C:\Windows\System32\nlasvc.dll

09:47:33.0071 4692 NlaSvc - ok

09:47:33.0087 4692 [ d36f239d7cce1931598e8fb90a0dbc26 ] Npfs C:\Windows\system32\drivers\Npfs.sys

09:47:33.0087 4692 Npfs - ok

09:47:33.0118 4692 [ 8bb86f0c7eea2bded6fe095d0b4ca9bd ] nsi C:\Windows\system32\nsisvc.dll

09:47:33.0118 4692 nsi - ok

09:47:33.0134 4692 [ 609773e344a97410ce4ebf74a8914fcf ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

09:47:33.0134 4692 nsiproxy - ok

09:47:33.0477 4692 [ 6a4a98cee84cf9e99564510dda4baa47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

09:47:33.0555 4692 Ntfs - ok

09:47:33.0648 4692 [ e875c093aec0c978a90f30c9e0dfbb72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys

09:47:33.0711 4692 ntrigdigi - ok

09:47:33.0758 4692 [ cf7e041663119e09d2e118521ada9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys

09:47:33.0758 4692 NuidFltr - ok

09:47:33.0773 4692 [ c5dbbcda07d780bda9b685df333bb41e ] Null C:\Windows\system32\drivers\Null.sys

09:47:33.0789 4692 Null - ok

09:47:33.0882 4692 [ a1108084b0d2fc43dcc401735770e2a3 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx32.sys

09:47:33.0929 4692 NVENETFD - ok

09:47:36.0956 4692 [ 3c65f41ebb779a0f16ff965bfd0df179 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

09:47:37.0252 4692 nvlddmkm - ok

09:47:37.0392 4692 [ 2edf9e7751554b42cbb60116de727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys

09:47:37.0439 4692 nvraid - ok

09:47:37.0470 4692 [ 9aebc32f9d6e02ebee0369ab296fe7c8 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys

09:47:37.0486 4692 nvsmu - ok

09:47:37.0502 4692 [ abed0c09758d1d97db0042dbb2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys

09:47:37.0502 4692 nvstor - ok

09:47:37.0517 4692 [ 18bbdf913916b71bd54575bdb6eeac0b ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

09:47:37.0517 4692 nv_agp - ok

09:47:37.0533 4692 NwlnkFlt - ok

09:47:37.0533 4692 NwlnkFwd - ok

09:47:38.0079 4692 [ 785f487a64950f3cb8e9f16253ba3b7b ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

09:47:38.0141 4692 odserv - ok

09:47:38.0188 4692 [ be32da025a0be1878f0ee8d6d9386cd5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

09:47:38.0188 4692 ohci1394 - ok

09:47:38.0235 4692 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:47:38.0250 4692 ose - ok

09:47:38.0484 4692 [ 0c8e8e61ad1eb0b250b846712c917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll

09:47:38.0547 4692 p2pimsvc - ok

09:47:38.0562 4692 [ 0c8e8e61ad1eb0b250b846712c917506 ] p2psvc C:\Windows\system32\p2psvc.dll

09:47:38.0578 4692 p2psvc - ok

09:47:38.0672 4692 [ 0fa9b5055484649d63c303fe404e5f4d ] Parport C:\Windows\system32\drivers\parport.sys

09:47:38.0703 4692 Parport - ok

09:47:38.0765 4692 [ 57389fa59a36d96b3eb09d0cb91e9cdc ] partmgr C:\Windows\system32\drivers\partmgr.sys

09:47:38.0781 4692 partmgr - ok

09:47:38.0828 4692 [ 4f9a6a8a31413180d0fcb279ad5d8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys

09:47:38.0828 4692 Parvdm - ok

09:47:38.0859 4692 [ c6276ad11f4bb49b58aa1ed88537f14a ] PcaSvc C:\Windows\System32\pcasvc.dll

09:47:38.0859 4692 PcaSvc - ok

09:47:38.0906 4692 [ 941dc1d19e7e8620f40bbc206981efdb ] pci C:\Windows\system32\drivers\pci.sys

09:47:38.0921 4692 pci - ok

09:47:38.0968 4692 [ 1636d43f10416aeb483bc6001097b26c ] pciide C:\Windows\system32\drivers\pciide.sys

09:47:38.0968 4692 pciide - ok

09:47:39.0015 4692 [ e6f3fb1b86aa519e7698ad05e58b04e5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

09:47:39.0030 4692 pcmcia - ok

09:47:39.0108 4692 [ 6349f6ed9c623b44b52ea3c63c831a92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys

09:47:39.0155 4692 PEAUTH - ok

09:47:39.0966 4692 [ b1689df169143f57053f795390c99db3 ] pla C:\Windows\system32\pla.dll

09:47:40.0029 4692 pla - ok

09:47:40.0185 4692 [ c5e7f8a996ec0a82d508fd9064a5569e ] PlugPlay C:\Windows\system32\umpnpmgr.dll

09:47:40.0216 4692 PlugPlay - ok

09:47:40.0278 4692 [ 0c8e8e61ad1eb0b250b846712c917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll

09:47:40.0294 4692 PNRPAutoReg - ok

09:47:40.0559 4692 [ 0c8e8e61ad1eb0b250b846712c917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll

09:47:40.0575 4692 PNRPsvc - ok

09:47:40.0809 4692 [ d0494460421a03cd5225cca0059aa146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

09:47:40.0871 4692 PolicyAgent - ok

09:47:40.0934 4692 [ ecfffaec0c1ecd8dbc77f39070ea1db1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

09:47:40.0949 4692 PptpMiniport - ok

09:47:40.0980 4692 [ 2027293619dd0f047c584cf2e7df4ffd ] Processor C:\Windows\system32\drivers\processr.sys

09:47:40.0980 4692 Processor - ok

09:47:41.0027 4692 [ 0508faa222d28835310b7bfca7a77346 ] ProfSvc C:\Windows\system32\profsvc.dll

09:47:41.0043 4692 ProfSvc - ok

09:47:41.0074 4692 [ a3e186b4b935905b829219502557314e ] ProtectedStorage C:\Windows\system32\lsass.exe

09:47:41.0074 4692 ProtectedStorage - ok

09:47:41.0136 4692 [ 99514faa8df93d34b5589187db3aa0ba ] PSched C:\Windows\system32\DRIVERS\pacer.sys

09:47:41.0183 4692 PSched - ok

09:47:41.0604 4692 [ 0a6db55afb7820c99aa1f3a1d270f4f6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

09:47:41.0667 4692 ql2300 - ok

09:47:41.0698 4692 [ 81a7e5c076e59995d54bc1ed3a16e60b ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

09:47:41.0714 4692 ql40xx - ok

09:47:41.0792 4692 [ e9ecae663f47e6cb43962d18ab18890f ] QWAVE C:\Windows\system32\qwave.dll

09:47:41.0807 4692 QWAVE - ok

09:47:41.0838 4692 [ 9f5e0e1926014d17486901c88eca2db7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

09:47:41.0854 4692 QWAVEdrv - ok

09:47:41.0870 4692 [ 147d7f9c556d259924351feb0de606c3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

09:47:41.0870 4692 RasAcd - ok

09:47:41.0901 4692 [ f6a452eb4ceadbb51c9e0ee6b3ecef0f ] RasAuto C:\Windows\System32\rasauto.dll

09:47:41.0916 4692 RasAuto - ok

09:47:41.0932 4692 [ a214adbaf4cb47dd2728859ef31f26b0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

09:47:41.0932 4692 Rasl2tp - ok

09:47:41.0979 4692 [ 75d47445d70ca6f9f894b032fbc64fcf ] RasMan C:\Windows\System32\rasmans.dll

09:47:41.0979 4692 RasMan - ok

09:47:42.0010 4692 [ 509a98dd18af4375e1fc40bc175f1def ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

09:47:42.0026 4692 RasPppoe - ok

09:47:42.0026 4692 [ 2005f4a1e05fa09389ac85840f0a9e4d ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

09:47:42.0026 4692 RasSstp - ok

09:47:42.0072 4692 [ b14c9d5b9add2f84f70570bbbfaa7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

09:47:42.0088 4692 rdbss - ok

09:47:42.0104 4692 [ 89e59be9a564262a3fb6c4f4f1cd9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

09:47:42.0104 4692 RDPCDD - ok

09:47:42.0182 4692 [ fbc0bacd9c3d7f6956853f64a66e252d ] rdpdr C:\Windows\system32\drivers\rdpdr.sys

09:47:42.0213 4692 rdpdr - ok

09:47:42.0228 4692 [ 9d91fe5286f748862ecffa05f8a0710c ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

09:47:42.0228 4692 RDPENCDD - ok

09:47:42.0244 4692 [ 30bfbdfb7f95559ede971f9ddb9a00ba ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

09:47:42.0260 4692 RDPWD - ok

09:47:42.0306 4692 [ bcdd6b4804d06b1f7ebf29e53a57ece9 ] RemoteAccess C:\Windows\System32\mprdim.dll

09:47:42.0306 4692 RemoteAccess - ok

09:47:42.0338 4692 [ 9e6894ea18daff37b63e1005f83ae4ab ] RemoteRegistry C:\Windows\system32\regsvc.dll

09:47:42.0353 4692 RemoteRegistry - ok

09:47:42.0556 4692 [ 17e0bef5ca5c9ce52cc8082ac6ebc449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe

09:47:42.0603 4692 RichVideo - ok

09:47:42.0634 4692 [ c35ca13d3627ebd9dd12a23ce781bc3d ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys

09:47:42.0650 4692 rimmptsk - ok

09:47:42.0696 4692 [ c398bca91216755b098679a8da8a2300 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys

09:47:42.0712 4692 rimsptsk - ok

09:47:42.0759 4692 [ 2a2554cb24506e0a0508fc395c4a1b42 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys

09:47:42.0759 4692 rismxdp - ok

09:47:42.0790 4692 [ 5123f83cbc4349d065534eeb6bbdc42b ] RpcLocator C:\Windows\system32\locator.exe

09:47:42.0790 4692 RpcLocator - ok

09:47:42.0837 4692 [ 3b5b4d53fec14f7476ca29a20cc31ac9 ] RpcSs C:\Windows\system32\rpcss.dll

09:47:42.0852 4692 RpcSs - ok

09:47:42.0977 4692 [ 9c508f4074a39e8b4b31d27198146fad ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

09:47:43.0040 4692 rspndr - ok

09:47:43.0055 4692 [ a3e186b4b935905b829219502557314e ] SamSs C:\Windows\system32\lsass.exe

09:47:43.0055 4692 SamSs - ok

09:47:43.0086 4692 [ 3ce8f073a557e172b330109436984e30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

09:47:43.0102 4692 sbp2port - ok

09:47:43.0149 4692 [ 77b7a11a0c3d78d3386398fbbea1b632 ] SCardSvr C:\Windows\System32\SCardSvr.dll

09:47:43.0149 4692 SCardSvr - ok

09:47:43.0383 4692 [ 1a58069db21d05eb2ab58ee5753ebe8d ] Schedule C:\Windows\system32\schedsvc.dll

09:47:43.0430 4692 Schedule - ok

09:47:43.0461 4692 [ 312ec3e37a0a1f2006534913e37b4423 ] SCPolicySvc C:\Windows\System32\certprop.dll

09:47:43.0461 4692 SCPolicySvc - ok

09:47:43.0523 4692 [ 8f36b54688c31eed4580129040c6a3d3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys

09:47:43.0539 4692 sdbus - ok

09:47:43.0570 4692 [ 716313d9f6b0529d03f726d5aaf6f191 ] SDRSVC C:\Windows\System32\SDRSVC.dll

09:47:43.0570 4692 SDRSVC - ok

09:47:43.0601 4692 [ 90a3935d05b494a5a39d37e71f09a677 ] secdrv C:\Windows\system32\drivers\secdrv.sys

09:47:43.0617 4692 secdrv - ok

09:47:43.0632 4692 [ fd5199d4d8a521005e4b5ee7fe00fa9b ] seclogon C:\Windows\system32\seclogon.dll

09:47:43.0632 4692 seclogon - ok

09:47:43.0664 4692 [ a9bbab5759771e523f55563d6cbe140f ] SENS C:\Windows\system32\sens.dll

09:47:43.0679 4692 SENS - ok

09:47:43.0710 4692 [ 68e44e331d46f0fb38f0863a84cd1a31 ] Serenum C:\Windows\system32\drivers\serenum.sys

09:47:43.0710 4692 Serenum - ok

09:47:43.0726 4692 [ c70d69a918b178d3c3b06339b40c2e1b ] Serial C:\Windows\system32\drivers\serial.sys

09:47:43.0726 4692 Serial - ok

09:47:43.0757 4692 [ 8af3d28a879bf75db53a0ee7a4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys

09:47:43.0757 4692 sermouse - ok

09:47:43.0788 4692 [ d2193326f729b163125610dbf3e17d57 ] SessionEnv C:\Windows\system32\sessenv.dll

09:47:43.0788 4692 SessionEnv - ok

09:47:43.0804 4692 [ 3efa810bdca87f6ecc24f9832243fe86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

09:47:43.0804 4692 sffdisk - ok

09:47:43.0820 4692 [ e95d451f7ea3e583aec75f3b3ee42dc5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

09:47:43.0835 4692 sffp_mmc - ok

09:47:43.0851 4692 [ 3d0ea348784b7ac9ea9bd9f317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

09:47:43.0851 4692 sffp_sd - ok

09:47:43.0866 4692 [ 46ed8e91793b2e6f848015445a0ac188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

09:47:43.0866 4692 sfloppy - ok

09:47:43.0882 4692 [ e1499bd0ff76b1b2fbbf1af339d91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll

09:47:43.0898 4692 SharedAccess - ok

09:47:43.0929 4692 [ c7230fbee14437716701c15be02c27b8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

09:47:43.0929 4692 ShellHWDetection - ok

09:47:43.0960 4692 [ 1d76624a09a054f682d746b924e2dbc3 ] sisagp C:\Windows\system32\drivers\sisagp.sys

09:47:43.0960 4692 sisagp - ok

09:47:43.0976 4692 [ 43cb7aa756c7db280d01da9b676cfde2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys

09:47:43.0976 4692 SiSRaid2 - ok

09:47:44.0007 4692 [ a99c6c8b0baa970d8aa59ddc50b57f94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

09:47:44.0007 4692 SiSRaid4 - ok

09:47:45.0660 4692 [ 862bb4cbc05d80c5b45be430e5ef872f ] slsvc C:\Windows\system32\SLsvc.exe

09:47:45.0785 4692 slsvc - ok

09:47:45.0894 4692 [ 6edc422215cd78aa8a9cde6b30abbd35 ] SLUINotify C:\Windows\system32\SLUINotify.dll

09:47:45.0957 4692 SLUINotify - ok

09:47:46.0004 4692 [ 7b75299a4d201d6a6533603d6914ab04 ] Smb C:\Windows\system32\DRIVERS\smb.sys

09:47:46.0019 4692 Smb - ok

09:47:46.0066 4692 [ 2a146a055b4401c16ee62d18b8e2a032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

09:47:46.0066 4692 SNMPTRAP - ok

09:47:46.0097 4692 [ 7aebdeef071fe28b0eef2cdd69102bff ] spldr C:\Windows\system32\drivers\spldr.sys

09:47:46.0097 4692 spldr - ok

09:47:46.0128 4692 [ 8554097e5136c3bf9f69fe578a1b35f4 ] Spooler C:\Windows\System32\spoolsv.exe

09:47:46.0144 4692 Spooler - ok

09:47:46.0160 4692 [ 86ebd8b1f23e743aad21f4d5b4d40985 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

09:47:46.0160 4692 SQLBrowser - ok

09:47:46.0222 4692 [ d89083c4eb02daca8f944b0e05e57f9d ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

09:47:46.0222 4692 SQLWriter - ok

09:47:46.0378 4692 [ 41987f9fc0e61adf54f581e15029ad91 ] srv C:\Windows\system32\DRIVERS\srv.sys

09:47:46.0456 4692 srv - ok

09:47:46.0550 4692 [ ff33aff99564b1aa534f58868cbe41ef ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

09:47:46.0565 4692 srv2 - ok

09:47:46.0596 4692 [ 7605c0e1d01a08f3ecd743f38b834a44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

09:47:46.0612 4692 srvnet - ok

09:47:46.0643 4692 [ 03d50b37234967433a5ea5ba72bc0b62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

09:47:46.0659 4692 SSDPSRV - ok

09:47:46.0721 4692 [ 3d2829fde1c52fc64da5413889ce4dee ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys

09:47:46.0721 4692 ssmdrv - ok

09:47:46.0799 4692 [ 6f1a32e7b7b30f004d9a20afadb14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll

09:47:46.0799 4692 SstpSvc - ok

09:47:47.0018 4692 [ 5de7d67e49b88f5f07f3e53c4b92a352 ] stisvc C:\Windows\System32\wiaservc.dll

09:47:47.0080 4692 stisvc - ok

09:47:47.0127 4692 [ 7ba58ecf0c0a9a69d44b3dca62becf56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

09:47:47.0142 4692 swenum - ok

09:47:47.0376 4692 [ f21fd248040681cca1fb6c9a03aaa93d ] swprv C:\Windows\System32\swprv.dll

09:47:47.0423 4692 swprv - ok

09:47:47.0454 4692 [ 192aa3ac01df071b541094f251deed10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys

09:47:47.0454 4692 Symc8xx - ok

09:47:47.0486 4692 SymIM - ok

09:47:47.0501 4692 SymIMMP - ok

09:47:47.0548 4692 [ 8c8eb8c76736ebaf3b13b633b2e64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys

09:47:47.0564 4692 Sym_hi - ok

09:47:47.0595 4692 [ 8072af52b5fd103bbba387a1e49f62cb ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys

09:47:47.0595 4692 Sym_u3 - ok

09:47:47.0626 4692 [ f5d926807bd9bc0af68f9376144de425 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

09:47:47.0642 4692 SynTP - ok

09:47:47.0688 4692 [ 9a51b04e9886aa4ee90093586b0ba88d ] SysMain C:\Windows\system32\sysmain.dll

09:47:47.0720 4692 SysMain - ok

09:47:47.0751 4692 [ 2dca225eae15f42c0933e998ee0231c3 ] TabletInputService C:\Windows\System32\TabSvc.dll

09:47:47.0766 4692 TabletInputService - ok

09:47:47.0813 4692 [ d7673e4b38ce21ee54c59eeeb65e2483 ] TapiSrv C:\Windows\System32\tapisrv.dll

09:47:47.0813 4692 TapiSrv - ok

09:47:47.0844 4692 [ cb05822cd9cc6c688168e113c603dbe7 ] TBS C:\Windows\System32\tbssvc.dll

09:47:47.0844 4692 TBS - ok

09:47:48.0016 4692 [ 16731b631f28f63cd9f4cb60940e7ddd ] Tcpip C:\Windows\system32\drivers\tcpip.sys

09:47:48.0094 4692 Tcpip - ok

09:47:48.0188 4692 [ 16731b631f28f63cd9f4cb60940e7ddd ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys

09:47:48.0203 4692 Tcpip6 - ok

09:47:48.0328 4692 [ 3fc13f09af9be487c7b4fac4070a036c ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

09:47:48.0390 4692 tcpipreg - ok

09:47:48.0437 4692 [ 5dcf5e267be67a1ae926f2df77fbcc56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

09:47:48.0437 4692 TDPIPE - ok

09:47:48.0468 4692 [ 389c63e32b3cefed425b61ed92d3f021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

09:47:48.0468 4692 TDTCP - ok

09:47:48.0515 4692 [ 76b06eb8a01fc8624d699e7045303e54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

09:47:48.0531 4692 tdx - ok

09:47:50.0356 4692 [ de09282b3abef632917ebedc4dcdfb56 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

09:47:50.0496 4692 TeamViewer7 - ok

09:47:50.0590 4692 [ 3cad38910468eab9a6479e2f01db43c7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

09:47:50.0606 4692 TermDD - ok

09:47:50.0652 4692 [ bb95da09bef6e7a131bff3ba5032090d ] TermService C:\Windows\System32\termsrv.dll

09:47:50.0715 4692 TermService - ok

09:47:50.0746 4692 [ c7230fbee14437716701c15be02c27b8 ] Themes C:\Windows\system32\shsvcs.dll

09:47:50.0762 4692 Themes - ok

09:47:50.0808 4692 [ 1076ffcffaae8385fd62dfcb25ac4708 ] THREADORDER C:\Windows\system32\mmcss.dll

09:47:50.0808 4692 THREADORDER - ok

09:47:50.0949 4692 [ ec74e77d0eb004bd3a809b5f8fb8c2ce ] TrkWks C:\Windows\System32\trkwks.dll

09:47:51.0011 4692 TrkWks - ok

09:47:51.0074 4692 [ 97d9d6a04e3ad9b6c626b9931db78dba ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

09:47:51.0105 4692 TrustedInstaller - ok

09:47:51.0167 4692 [ dcf0f056a2e4f52287264f5ab29cf206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

09:47:51.0198 4692 tssecsrv - ok

09:47:51.0261 4692 [ caecc0120ac49e3d2f758b9169872d38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys

09:47:51.0276 4692 tunmp - ok

09:47:51.0308 4692 [ 300db877ac094feab0be7688c3454a9c ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

09:47:51.0308 4692 tunnel - ok

09:47:51.0323 4692 [ 7d33c4db2ce363c8518d2dfcf533941f ] uagp35 C:\Windows\system32\drivers\uagp35.sys

09:47:51.0323 4692 uagp35 - ok

09:47:51.0354 4692 [ d9728af68c4c7693cb100b8441cbdec6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

09:47:51.0370 4692 udfs - ok

09:47:51.0401 4692 [ ecef404f62863755951e09c802c94ad5 ] UI0Detect C:\Windows\system32\UI0Detect.exe

09:47:51.0401 4692 UI0Detect - ok

09:47:51.0417 4692 [ b0acfdc9e4af279e9116c03e014b2b27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

09:47:51.0417 4692 uliagpkx - ok

09:47:51.0448 4692 [ 9224bb254f591de4ca8d572a5f0d635c ] uliahci C:\Windows\system32\drivers\uliahci.sys

09:47:51.0448 4692 uliahci - ok

09:47:51.0464 4692 [ 8514d0e5cd0534467c5fc61be94a569f ] UlSata C:\Windows\system32\drivers\ulsata.sys

09:47:51.0479 4692 UlSata - ok

09:47:51.0495 4692 [ 38c3c6e62b157a6bc46594fada45c62b ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys

09:47:51.0510 4692 ulsata2 - ok

09:47:51.0526 4692 [ 32cff9f809ae9aed85464492bf3e32d2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

09:47:51.0526 4692 umbus - ok

09:47:51.0557 4692 [ 68308183f4ae0be7bf8ecd07cb297999 ] upnphost C:\Windows\System32\upnphost.dll

09:47:51.0573 4692 upnphost - ok

09:47:51.0620 4692 [ caf811ae4c147ffcd5b51750c7f09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

09:47:51.0620 4692 usbccgp - ok

09:47:51.0651 4692 [ e9476e6c486e76bc4898074768fb7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys

09:47:51.0651 4692 usbcir - ok

09:47:51.0666 4692 [ 79e96c23a97ce7b8f14d310da2db0c9b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

09:47:51.0666 4692 usbehci - ok

09:47:51.0698 4692 [ 4673bbcb006af60e7abddbe7a130ba42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

09:47:51.0698 4692 usbhub - ok

09:47:51.0729 4692 [ ce697fee0d479290d89bec80dfe793b7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

09:47:51.0729 4692 usbohci - ok

09:47:51.0744 4692 [ e75c4b5269091d15a2e7dc0b6d35f2f5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

09:47:51.0760 4692 usbprint - ok

09:47:51.0822 4692 [ a508c9bd8724980512136b039bba65e9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

09:47:51.0822 4692 usbscan - ok

09:47:51.0854 4692 [ be3da31c191bc222d9ad503c5224f2ad ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

09:47:51.0854 4692 USBSTOR - ok

09:47:51.0885 4692 [ 814d653efc4d48be3b04a307eceff56f ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

09:47:51.0916 4692 usbuhci - ok

09:47:51.0994 4692 [ e67998e8f14cb0627a769f6530bcb352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

09:47:52.0010 4692 usbvideo - ok

09:47:52.0041 4692 [ 1509e705f3ac1d474c92454a5c2dd81f ] UxSms C:\Windows\System32\uxsms.dll

09:47:52.0056 4692 UxSms - ok

09:47:52.0103 4692 [ cd88d1b7776dc17a119049742ec07eb4 ] vds C:\Windows\System32\vds.exe

09:47:52.0150 4692 vds - ok

09:47:52.0197 4692 [ 87b06e1f30b749a114f74622d013f8d4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

09:47:52.0197 4692 vga - ok

09:47:52.0228 4692 [ 2e93ac0a1d8c79d019db6c51f036636c ] VgaSave C:\Windows\System32\drivers\vga.sys

09:47:52.0228 4692 VgaSave - ok

09:47:52.0275 4692 [ 5d7159def58a800d5781ba3a879627bc ] viaagp C:\Windows\system32\drivers\viaagp.sys

09:47:52.0275 4692 viaagp - ok

09:47:52.0322 4692 [ c4f3a691b5bad343e6249bd8c2d45dee ] ViaC7 C:\Windows\system32\drivers\viac7.sys

09:47:52.0322 4692 ViaC7 - ok

09:47:52.0353 4692 [ aadf5587a4063f52c2c3fed7887426fc ] viaide C:\Windows\system32\drivers\viaide.sys

09:47:52.0353 4692 viaide - ok

09:47:52.0384 4692 [ 69503668ac66c77c6cd7af86fbdf8c43 ] volmgr C:\Windows\system32\drivers\volmgr.sys

09:47:52.0384 4692 volmgr - ok

09:47:52.0462 4692 [ 23e41b834759917bfd6b9a0d625d0c28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

09:47:52.0524 4692 volmgrx - ok

09:47:52.0571 4692 [ 147281c01fcb1df9252de2a10d5e7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys

09:47:52.0602 4692 volsnap - ok

09:47:52.0649 4692 [ 587253e09325e6bf226b299774b728a9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

09:47:52.0649 4692 vsmraid - ok

09:47:53.0133 4692 [ db3d19f850c6eb32bdcb9bc0836acddb ] VSS C:\Windows\system32\vssvc.exe

09:47:53.0164 4692 VSS - ok

09:47:53.0367 4692 [ 96ea68b9eb310a69c25ebb0282b2b9de ] W32Time C:\Windows\system32\w32time.dll

09:47:53.0429 4692 W32Time - ok

09:47:53.0492 4692 [ 48dfee8f1af7c8235d4e626f0c4fe031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys

09:47:53.0507 4692 WacomPen - ok

09:47:53.0538 4692 [ 55201897378cca7af8b5efd874374a26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys

09:47:53.0538 4692 Wanarp - ok

09:47:53.0554 4692 [ 55201897378cca7af8b5efd874374a26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

09:47:53.0554 4692 Wanarpv6 - ok

09:47:53.0585 4692 [ a3cd60fd826381b49f03832590e069af ] wcncsvc C:\Windows\System32\wcncsvc.dll

09:47:53.0601 4692 wcncsvc - ok

09:47:53.0632 4692 [ 11bcb7afcdd7aadacb5746f544d3a9c7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

09:47:53.0663 4692 WcsPlugInService - ok

09:47:53.0679 4692 [ 78fe9542363f297b18c027b2d7e7c07f ] Wd C:\Windows\system32\drivers\wd.sys

09:47:53.0679 4692 Wd - ok

09:47:53.0710 4692 [ b6f0a7ad6d4bd325fbcd8bac96cd8d96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

09:47:53.0726 4692 Wdf01000 - ok

09:47:53.0741 4692 [ abfc76b48bb6c96e3338d8943c5d93b5 ] WdiServiceHost C:\Windows\system32\wdi.dll

09:47:53.0741 4692 WdiServiceHost - ok

09:47:53.0757 4692 [ abfc76b48bb6c96e3338d8943c5d93b5 ] WdiSystemHost C:\Windows\system32\wdi.dll

09:47:53.0757 4692 WdiSystemHost - ok

09:47:53.0788 4692 [ 04c37d8107320312fbae09926103d5e2 ] WebClient C:\Windows\System32\webclnt.dll

09:47:53.0788 4692 WebClient - ok

09:47:53.0819 4692 [ ae3736e7e8892241c23e4ebbb7453b60 ] Wecsvc C:\Windows\system32\wecsvc.dll

09:47:53.0819 4692 Wecsvc - ok

09:47:53.0835 4692 [ 670ff720071ed741206d69bd995ea453 ] wercplsupport C:\Windows\System32\wercplsupport.dll

09:47:53.0850 4692 wercplsupport - ok

09:47:53.0866 4692 [ 32b88481d3b326da6deb07b1d03481e7 ] WerSvc C:\Windows\System32\WerSvc.dll

09:47:53.0882 4692 WerSvc - ok

09:47:53.0944 4692 [ 0acd399f5db3df1b58903cf4949ab5a8 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys

09:47:53.0975 4692 winachsf - ok

09:47:54.0006 4692 [ 4575aa12561c5648483403541d0d7f2b ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

09:47:54.0022 4692 WinDefend - ok

09:47:54.0022 4692 WinHttpAutoProxySvc - ok

09:47:54.0724 4692 [ 6b2a1d0e80110e3d04e6863c6e62fd8a ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

09:47:54.0786 4692 Winmgmt - ok

09:47:55.0176 4692 [ 7cfe68bdc065e55aa5e8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll

09:47:55.0208 4692 WinRM - ok

09:47:55.0504 4692 [ c008405e4feeb069e30da1d823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll

09:47:55.0566 4692 Wlansvc - ok

09:47:55.0598 4692 [ 2e7255d172df0b8283cdfb7b433b864e ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

09:47:55.0598 4692 WmiAcpi - ok

09:47:55.0707 4692 [ 43be3875207dcb62a85c8c49970b66cc ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

09:47:55.0754 4692 wmiApSrv - ok

09:47:55.0925 4692 [ 3978704576a121a9204f8cc49a301a9b ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

09:47:55.0956 4692 WMPNetworkSvc - ok

09:47:56.0003 4692 [ cfc5a04558f5070cee3e3a7809f3ff52 ] WPCSvc C:\Windows\System32\wpcsvc.dll

09:47:56.0019 4692 WPCSvc - ok

09:47:56.0050 4692 [ 801fbdb89d472b3c467eb112a0fc9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

09:47:56.0081 4692 WPDBusEnum - ok

09:47:56.0237 4692 [ dcf3e3edf5109ee8bc02fe6e1f045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

09:47:56.0284 4692 WPFFontCache_v0400 - ok

09:47:56.0331 4692 [ e3a3cb253c0ec2494d4a61f5e43a389c ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

09:47:56.0346 4692 ws2ifsl - ok

09:47:56.0378 4692 [ 1ca6c40261ddc0425987980d0cd2aaab ] wscsvc C:\Windows\system32\wscsvc.dll

09:47:56.0393 4692 wscsvc - ok

09:47:56.0409 4692 WSearch - ok

09:47:57.0204 4692 [ 6298277b73c77fa99106b271a7525163 ] wuauserv C:\Windows\system32\wuaueng.dll

09:47:57.0298 4692 wuauserv - ok

09:47:57.0376 4692 [ ac13cb789d93412106b0fb6c7eb2bcb6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

09:47:57.0376 4692 WUDFRd - ok

09:47:57.0423 4692 [ 575a4190d989f64732119e4114045a4f ] wudfsvc C:\Windows\System32\WUDFSvc.dll

09:47:57.0423 4692 wudfsvc - ok

09:47:57.0454 4692 [ dab33cfa9dd24251aaa389ff36b64d4b ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys

09:47:57.0454 4692 XAudio - ok

09:47:57.0485 4692 [ cd5f291a1161f15896d1a4d63daff5df ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe

09:47:57.0501 4692 XAudioService - ok

09:47:57.0532 4692 ================ Scan global ===============================

09:47:57.0563 4692 (f31eebc1a1c81fd04005489cc3dcdfe7) C:\Windows\system32\basesrv.dll

09:47:57.0610 4692 (d2293b069e4b63dc17b2f08d45e71124) C:\Windows\system32\winsrv.dll

09:47:57.0641 4692 (d2293b069e4b63dc17b2f08d45e71124) C:\Windows\system32\winsrv.dll

09:47:57.0719 4692 (d4e6d91c1349b7bfb3599a6ada56851b) C:\Windows\system32\services.exe

09:47:57.0766 4692 [Global] - ok

09:47:57.0766 4692 ================ Scan MBR ==================================

09:47:57.0797 4692 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0

09:48:03.0039 4692 \Device\Harddisk0\DR0 - ok

09:48:03.0039 4692 ================ Scan VBR ==================================

09:48:03.0070 4692 Boot (0x1200) (203649e746198176217358cb0be9f1ae) \Device\Harddisk0\DR0\Partition1

09:48:03.0101 4692 \Device\Harddisk0\DR0\Partition1 - ok

09:48:03.0117 4692 Boot (0x1200) (f10ef0571b6be9f8f927e610e89a6150) \Device\Harddisk0\DR0\Partition2

09:48:03.0164 4692 \Device\Harddisk0\DR0\Partition2 - ok

09:48:03.0164 4692 ============================================================

09:48:03.0164 4692 Scan finished

09:48:03.0164 4692 ============================================================

09:48:03.0179 4004 Detected object count: 0

09:48:03.0179 4004 Actual detected object count: 0

09:55:50.0338 4704 Deinitialize success

Share this post


Link to post
Share on other sites

Here is another TDSKiller Log:

09:55:56.0030 2672 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48

09:55:56.0654 2672 ============================================================

09:55:56.0654 2672 Current date / time: 2012/08/24 09:55:56.0654

09:55:56.0654 2672 SystemInfo:

09:55:56.0654 2672

09:55:56.0654 2672 OS Version: 6.0.6002 ServicePack: 2.0

09:55:56.0654 2672 Product type: Workstation

09:55:56.0654 2672 ComputerName: BILL

09:55:56.0654 2672 UserName: Carol

09:55:56.0654 2672 Windows directory: C:\Windows

09:55:56.0654 2672 System windows directory: C:\Windows

09:55:56.0654 2672 Processor architecture: Intel x86

09:55:56.0654 2672 Number of processors: 2

09:55:56.0654 2672 Page size: 0x1000

09:55:56.0654 2672 Boot type: Normal boot

09:55:56.0654 2672 ============================================================

09:55:58.0042 2672 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

09:55:58.0058 2672 ============================================================

09:55:58.0058 2672 \Device\Harddisk0\DR0:

09:55:58.0058 2672 MBR partitions:

09:55:58.0058 2672 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC944DD2

09:55:58.0058 2672 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC944E11, BlocksNum 0x164E9B0

09:55:58.0058 2672 ============================================================

09:55:58.0058 2672 C: <-> \Device\Harddisk0\DR0\Partition1

09:55:58.0120 2672 D: <-> \Device\Harddisk0\DR0\Partition2

09:55:58.0120 2672 ============================================================

09:55:58.0120 2672 Initialize success

09:55:58.0120 2672 ============================================================

09:56:00.0523 7912 ============================================================

09:56:00.0523 7912 Scan started

09:56:00.0523 7912 Mode: Manual;

09:56:00.0523 7912 ============================================================

09:56:01.0428 7912 ================ Scan system memory ========================

09:56:01.0428 7912 System memory - ok

09:56:01.0443 7912 ================ Scan services =============================

09:56:01.0506 7912 ACPI - ok

09:56:01.0630 7912 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

09:56:01.0630 7912 AdobeARMservice - ok

09:56:01.0630 7912 adp94xx - ok

09:56:01.0662 7912 adpahci - ok

09:56:01.0677 7912 adpu160m - ok

09:56:01.0693 7912 adpu320 - ok

09:56:01.0724 7912 AeLookupSvc - ok

09:56:01.0771 7912 AFD - ok

09:56:01.0802 7912 agp440 - ok

09:56:01.0818 7912 aic78xx - ok

09:56:01.0833 7912 ALG - ok

09:56:01.0849 7912 aliide - ok

09:56:01.0849 7912 amdagp - ok

09:56:01.0864 7912 amdide - ok

09:56:01.0864 7912 AmdK7 - ok

09:56:01.0880 7912 AmdK8 - ok

09:56:01.0896 7912 Appinfo - ok

09:56:01.0911 7912 arc - ok

09:56:01.0927 7912 arcsas - ok

09:56:01.0942 7912 astcc - ok

09:56:01.0958 7912 AsyncMac - ok

09:56:01.0958 7912 atapi - ok

09:56:01.0974 7912 athr - ok

09:56:01.0989 7912 AudioEndpointBuilder - ok

09:56:01.0989 7912 Audiosrv - ok

09:56:02.0020 7912 BCM43XV - ok

09:56:02.0036 7912 Beep - ok

09:56:02.0052 7912 BFE - ok

09:56:02.0052 7912 BITS - ok

09:56:02.0067 7912 blbdrive - ok

09:56:02.0083 7912 bowser - ok

09:56:02.0083 7912 BrFiltLo - ok

09:56:02.0098 7912 BrFiltUp - ok

09:56:02.0098 7912 Browser - ok

09:56:02.0114 7912 Brserid - ok

09:56:02.0130 7912 BrSerWdm - ok

09:56:02.0130 7912 BrUsbMdm - ok

09:56:02.0145 7912 BrUsbSer - ok

09:56:02.0145 7912 BTHMODEM - ok

09:56:02.0176 7912 BVRPMPR5 - ok

09:56:02.0192 7912 catchme - ok

09:56:02.0208 7912 cdfs - ok

09:56:02.0208 7912 cdrom - ok

09:56:02.0223 7912 CertPropSvc - ok

09:56:02.0223 7912 circlass - ok

09:56:02.0239 7912 CLFS - ok

09:56:02.0239 7912 clr_optimization_v2.0.50727_32 - ok

09:56:02.0270 7912 clr_optimization_v4.0.30319_32 - ok

09:56:02.0270 7912 CmBatt - ok

09:56:02.0286 7912 cmdide - ok

09:56:02.0301 7912 CnxtHdAudService - ok

09:56:02.0379 7912 [ D8774ACE03B46C9B01A49818055F9AD4 ] Com4Qlb C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe

09:56:02.0379 7912 Com4Qlb - ok

09:56:02.0379 7912 Compbatt - ok

09:56:02.0395 7912 COMSysApp - ok

09:56:02.0410 7912 cpuz134 - ok

09:56:02.0410 7912 crcdisk - ok

09:56:02.0426 7912 Crusoe - ok

09:56:02.0442 7912 CryptSvc - ok

09:56:02.0457 7912 DcomLaunch - ok

09:56:02.0473 7912 DfsC - ok

09:56:02.0473 7912 DFSR - ok

09:56:02.0488 7912 Dhcp - ok

09:56:02.0488 7912 disk - ok

09:56:02.0504 7912 Dnscache - ok

09:56:02.0520 7912 dot3svc - ok

09:56:02.0520 7912 DPS - ok

09:56:02.0535 7912 drmkaud - ok

09:56:02.0535 7912 DXGKrnl - ok

09:56:02.0551 7912 E1G60 - ok

09:56:02.0566 7912 EapHost - ok

09:56:02.0582 7912 Ecache - ok

09:56:02.0598 7912 elxstor - ok

09:56:02.0613 7912 EMDMgmt - ok

09:56:02.0613 7912 ErrDev - ok

09:56:02.0629 7912 EventSystem - ok

09:56:02.0644 7912 exfat - ok

09:56:02.0660 7912 fastfat - ok

09:56:02.0660 7912 fdc - ok

09:56:02.0676 7912 fdPHost - ok

09:56:02.0676 7912 FDResPub - ok

09:56:02.0691 7912 FileInfo - ok

09:56:02.0691 7912 Filetrace - ok

09:56:02.0707 7912 flpydisk - ok

09:56:02.0722 7912 FltMgr - ok

09:56:02.0722 7912 FontCache - ok

09:56:02.0738 7912 FontCache3.0.0.0 - ok

09:56:02.0738 7912 Fs_Rec - ok

09:56:02.0754 7912 gagp30kx - ok

09:56:02.0754 7912 gpsvc - ok

09:56:02.0832 7912 [ DE847265C24E69DF988BCB1399026FC7 ] HauppaugeTVServer C:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe

09:56:02.0847 7912 HauppaugeTVServer - ok

09:56:02.0847 7912 HBtnKey - ok

09:56:02.0878 7912 HdAudAddService - ok

09:56:02.0894 7912 HDAudBus - ok

09:56:02.0894 7912 HidBth - ok

09:56:02.0894 7912 HidIr - ok

09:56:02.0910 7912 hidserv - ok

09:56:02.0925 7912 HidUsb - ok

09:56:02.0925 7912 hkmsvc - ok

09:56:02.0988 7912 [ 0D26C438E2938A3E6BDD91173BC96FF0 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

09:56:02.0988 7912 HP Health Check Service - ok

09:56:02.0988 7912 HpCISSs - ok

09:56:03.0003 7912 HpqKbFiltr - ok

09:56:03.0034 7912 [ F8968C9778F25A90A35755C3C97C7F62 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe

09:56:03.0034 7912 hpqwmiex - ok

09:56:03.0066 7912 HSFHWAZL - ok

09:56:03.0081 7912 HSF_DPV - ok

09:56:03.0097 7912 HSXHWAZL - ok

09:56:03.0097 7912 HTTP - ok

09:56:03.0112 7912 i2omp - ok

09:56:03.0128 7912 i8042prt - ok

09:56:03.0128 7912 iaStorV - ok

09:56:03.0206 7912 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

09:56:03.0206 7912 IDriverT - ok

09:56:03.0206 7912 idsvc - ok

09:56:03.0222 7912 iirsp - ok

09:56:03.0237 7912 IKEEXT - ok

09:56:03.0253 7912 intelide - ok

09:56:03.0253 7912 intelppm - ok

09:56:03.0268 7912 IPBusEnum - ok

09:56:03.0284 7912 IpFilterDriver - ok

09:56:03.0284 7912 iphlpsvc - ok

09:56:03.0300 7912 IpInIp - ok

09:56:03.0300 7912 IPMIDRV - ok

09:56:03.0315 7912 IPNAT - ok

09:56:03.0331 7912 IRENUM - ok

09:56:03.0331 7912 isapnp - ok

09:56:03.0346 7912 iScsiPrt - ok

09:56:03.0346 7912 iteatapi - ok

09:56:03.0362 7912 iteraid - ok

09:56:03.0362 7912 kbdclass - ok

09:56:03.0378 7912 kbdhid - ok

09:56:03.0393 7912 KeyIso - ok

09:56:03.0393 7912 KSecDD - ok

09:56:03.0409 7912 KtmRm - ok

09:56:03.0409 7912 LanmanServer - ok

09:56:03.0424 7912 LanmanWorkstation - ok

09:56:03.0424 7912 lltdio - ok

09:56:03.0440 7912 lltdsvc - ok

09:56:03.0440 7912 lmhosts - ok

09:56:03.0456 7912 LSI_FC - ok

09:56:03.0456 7912 LSI_SAS - ok

09:56:03.0471 7912 LSI_SCSI - ok

09:56:03.0471 7912 luafv - ok

09:56:03.0487 7912 MBAMProtector - ok

09:56:03.0565 7912 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

09:56:03.0580 7912 MBAMService - ok

09:56:03.0580 7912 mdmxsdk - ok

09:56:03.0596 7912 megasas - ok

09:56:03.0627 7912 MegaSR - ok

09:56:03.0627 7912 MMCSS - ok

09:56:03.0643 7912 Modem - ok

09:56:03.0643 7912 monitor - ok

09:56:03.0658 7912 mouclass - ok

09:56:03.0674 7912 mouhid - ok

09:56:03.0674 7912 MountMgr - ok

09:56:03.0721 7912 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

09:56:03.0721 7912 MozillaMaintenance - ok

09:56:03.0721 7912 mpio - ok

09:56:03.0736 7912 mpsdrv - ok

09:56:03.0736 7912 MpsSvc - ok

09:56:03.0752 7912 Mraid35x - ok

09:56:03.0752 7912 MRxDAV - ok

09:56:03.0768 7912 mrxsmb - ok

09:56:03.0768 7912 mrxsmb10 - ok

09:56:03.0783 7912 mrxsmb20 - ok

09:56:03.0799 7912 msahci - ok

09:56:03.0799 7912 msdsm - ok

09:56:03.0814 7912 MSDTC - ok

09:56:03.0830 7912 Msfs - ok

09:56:03.0846 7912 msisadrv - ok

09:56:03.0861 7912 MSiSCSI - ok

09:56:03.0877 7912 msiserver - ok

09:56:03.0877 7912 MSKSSRV - ok

09:56:03.0892 7912 MSPCLOCK - ok

09:56:03.0908 7912 MSPQM - ok

09:56:03.0908 7912 MsRPC - ok

09:56:03.0924 7912 mssmbios - ok

09:56:04.0002 7912 MSSQL$SQLEXPRESS - ok

09:56:04.0033 7912 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe

09:56:04.0033 7912 MSSQLServerADHelper - ok

09:56:04.0048 7912 MSTEE - ok

09:56:04.0048 7912 Mup - ok

09:56:04.0064 7912 MxL111SF_AVS_USB - ok

09:56:04.0064 7912 napagent - ok

09:56:04.0080 7912 NativeWifiP - ok

09:56:04.0095 7912 NDIS - ok

09:56:04.0095 7912 NdisTapi - ok

09:56:04.0111 7912 Ndisuio - ok

09:56:04.0126 7912 NdisWan - ok

09:56:04.0126 7912 NDProxy - ok

09:56:04.0142 7912 NetBIOS - ok

09:56:04.0142 7912 netbt - ok

09:56:04.0158 7912 Netlogon - ok

09:56:04.0158 7912 Netman - ok

09:56:04.0173 7912 netprofm - ok

09:56:04.0189 7912 NetTcpPortSharing - ok

09:56:04.0189 7912 nfrd960 - ok

09:56:04.0204 7912 NlaSvc - ok

09:56:04.0204 7912 Npfs - ok

09:56:04.0220 7912 nsi - ok

09:56:04.0236 7912 nsiproxy - ok

09:56:04.0236 7912 Ntfs - ok

09:56:04.0251 7912 ntrigdigi - ok

09:56:04.0267 7912 NuidFltr - ok

09:56:04.0282 7912 Null - ok

09:56:04.0282 7912 NVENETFD - ok

09:56:04.0298 7912 nvlddmkm - ok

09:56:04.0314 7912 nvraid - ok

09:56:04.0314 7912 nvsmu - ok

09:56:04.0329 7912 nvstor - ok

09:56:04.0329 7912 nv_agp - ok

09:56:04.0345 7912 NwlnkFlt - ok

09:56:04.0345 7912 NwlnkFwd - ok

09:56:04.0438 7912 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

09:56:04.0438 7912 odserv - ok

09:56:04.0454 7912 ohci1394 - ok

09:56:04.0501 7912 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:56:04.0501 7912 ose - ok

09:56:04.0516 7912 p2pimsvc - ok

09:56:04.0532 7912 p2psvc - ok

09:56:04.0548 7912 Parport - ok

09:56:04.0548 7912 partmgr - ok

09:56:04.0563 7912 Parvdm - ok

09:56:04.0563 7912 PcaSvc - ok

09:56:04.0579 7912 pci - ok

09:56:04.0579 7912 pciide - ok

09:56:04.0594 7912 pcmcia - ok

09:56:04.0610 7912 PEAUTH - ok

09:56:04.0626 7912 pla - ok

09:56:04.0641 7912 PlugPlay - ok

09:56:04.0641 7912 PNRPAutoReg - ok

09:56:04.0657 7912 PNRPsvc - ok

09:56:04.0657 7912 PolicyAgent - ok

09:56:04.0672 7912 PptpMiniport - ok

09:56:04.0688 7912 Processor - ok

09:56:04.0688 7912 ProfSvc - ok

09:56:04.0704 7912 ProtectedStorage - ok

09:56:04.0719 7912 PSched - ok

09:56:04.0719 7912 ql2300 - ok

09:56:04.0735 7912 ql40xx - ok

09:56:04.0735 7912 QWAVE - ok

09:56:04.0750 7912 QWAVEdrv - ok

09:56:04.0750 7912 RasAcd - ok

09:56:04.0766 7912 RasAuto - ok

09:56:04.0766 7912 Rasl2tp - ok

09:56:04.0782 7912 RasMan - ok

09:56:04.0782 7912 RasPppoe - ok

09:56:04.0797 7912 RasSstp - ok

09:56:04.0797 7912 rdbss - ok

09:56:04.0813 7912 RDPCDD - ok

09:56:04.0813 7912 rdpdr - ok

09:56:04.0828 7912 RDPENCDD - ok

09:56:04.0844 7912 RDPWD - ok

09:56:04.0860 7912 RemoteAccess - ok

09:56:04.0860 7912 RemoteRegistry - ok

09:56:04.0953 7912 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe

09:56:04.0953 7912 RichVideo - ok

09:56:04.0953 7912 rimmptsk - ok

09:56:04.0984 7912 rimsptsk - ok

09:56:04.0984 7912 rismxdp - ok

09:56:05.0000 7912 RpcLocator - ok

09:56:05.0000 7912 RpcSs - ok

09:56:05.0016 7912 rspndr - ok

09:56:05.0016 7912 SamSs - ok

09:56:05.0031 7912 sbp2port - ok

09:56:05.0047 7912 SCardSvr - ok

09:56:05.0047 7912 Schedule - ok

09:56:05.0062 7912 SCPolicySvc - ok

09:56:05.0062 7912 sdbus - ok

09:56:05.0078 7912 SDRSVC - ok

09:56:05.0078 7912 secdrv - ok

09:56:05.0094 7912 seclogon - ok

09:56:05.0094 7912 SENS - ok

09:56:05.0109 7912 Serenum - ok

09:56:05.0109 7912 Serial - ok

09:56:05.0125 7912 sermouse - ok

09:56:05.0140 7912 SessionEnv - ok

09:56:05.0140 7912 sffdisk - ok

09:56:05.0156 7912 sffp_mmc - ok

09:56:05.0156 7912 sffp_sd - ok

09:56:05.0172 7912 sfloppy - ok

09:56:05.0172 7912 SharedAccess - ok

09:56:05.0187 7912 ShellHWDetection - ok

09:56:05.0187 7912 sisagp - ok

09:56:05.0203 7912 SiSRaid2 - ok

09:56:05.0203 7912 SiSRaid4 - ok

09:56:05.0218 7912 slsvc - ok

09:56:05.0218 7912 SLUINotify - ok

09:56:05.0234 7912 Smb - ok

09:56:05.0250 7912 SNMPTRAP - ok

09:56:05.0250 7912 spldr - ok

09:56:05.0265 7912 Spooler - ok

09:56:05.0296 7912 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

09:56:05.0296 7912 SQLBrowser - ok

09:56:05.0328 7912 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

09:56:05.0328 7912 SQLWriter - ok

09:56:05.0328 7912 srv - ok

09:56:05.0343 7912 srv2 - ok

09:56:05.0343 7912 srvnet - ok

09:56:05.0359 7912 SSDPSRV - ok

09:56:05.0359 7912 ssmdrv - ok

09:56:05.0390 7912 SstpSvc - ok

09:56:05.0390 7912 stisvc - ok

09:56:05.0406 7912 swenum - ok

09:56:05.0421 7912 swprv - ok

09:56:05.0421 7912 Symc8xx - ok

09:56:05.0452 7912 SymIM - ok

09:56:05.0468 7912 SymIMMP - ok

09:56:05.0468 7912 Sym_hi - ok

09:56:05.0484 7912 Sym_u3 - ok

09:56:05.0484 7912 SynTP - ok

09:56:05.0499 7912 SysMain - ok

09:56:05.0499 7912 TabletInputService - ok

09:56:05.0515 7912 TapiSrv - ok

09:56:05.0515 7912 TBS - ok

09:56:05.0530 7912 Tcpip - ok

09:56:05.0546 7912 Tcpip6 - ok

09:56:05.0546 7912 tcpipreg - ok

09:56:05.0562 7912 TDPIPE - ok

09:56:05.0562 7912 TDTCP - ok

09:56:05.0577 7912 tdx - ok

09:56:05.0733 7912 [ DE09282B3ABEF632917EBEDC4DCDFB56 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

09:56:05.0796 7912 TeamViewer7 - ok

09:56:05.0811 7912 TermDD - ok

09:56:05.0811 7912 TermService - ok

09:56:05.0827 7912 Themes - ok

09:56:05.0827 7912 THREADORDER - ok

09:56:05.0842 7912 TrkWks - ok

09:56:05.0842 7912 TrustedInstaller - ok

09:56:05.0858 7912 tssecsrv - ok

09:56:05.0874 7912 tunmp - ok

09:56:05.0889 7912 tunnel - ok

09:56:05.0889 7912 uagp35 - ok

09:56:05.0905 7912 udfs - ok

09:56:05.0920 7912 UI0Detect - ok

09:56:05.0920 7912 uliagpkx - ok

09:56:05.0936 7912 uliahci - ok

09:56:05.0936 7912 UlSata - ok

09:56:05.0952 7912 ulsata2 - ok

09:56:05.0952 7912 umbus - ok

09:56:05.0967 7912 upnphost - ok

09:56:05.0983 7912 usbccgp - ok

09:56:05.0983 7912 usbcir - ok

09:56:05.0998 7912 usbehci - ok

09:56:06.0014 7912 usbhub - ok

09:56:06.0030 7912 usbohci - ok

09:56:06.0030 7912 usbprint - ok

09:56:06.0045 7912 usbscan - ok

09:56:06.0045 7912 USBSTOR - ok

09:56:06.0061 7912 usbuhci - ok

09:56:06.0061 7912 usbvideo - ok

09:56:06.0076 7912 UxSms - ok

09:56:06.0076 7912 vds - ok

09:56:06.0092 7912 vga - ok

09:56:06.0108 7912 VgaSave - ok

09:56:06.0108 7912 viaagp - ok

09:56:06.0123 7912 ViaC7 - ok

09:56:06.0123 7912 viaide - ok

09:56:06.0139 7912 volmgr - ok

09:56:06.0139 7912 volmgrx - ok

09:56:06.0154 7912 volsnap - ok

09:56:06.0154 7912 vsmraid - ok

09:56:06.0170 7912 VSS - ok

09:56:06.0186 7912 W32Time - ok

09:56:06.0186 7912 WacomPen - ok

09:56:06.0201 7912 Wanarp - ok

09:56:06.0201 7912 Wanarpv6 - ok

09:56:06.0217 7912 wcncsvc - ok

09:56:06.0217 7912 WcsPlugInService - ok

09:56:06.0232 7912 Wd - ok

09:56:06.0232 7912 Wdf01000 - ok

09:56:06.0248 7912 WdiServiceHost - ok

09:56:06.0248 7912 WdiSystemHost - ok

09:56:06.0264 7912 WebClient - ok

09:56:06.0264 7912 Wecsvc - ok

09:56:06.0279 7912 wercplsupport - ok

09:56:06.0279 7912 WerSvc - ok

09:56:06.0295 7912 winachsf - ok

09:56:06.0342 7912 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

09:56:06.0357 7912 WinDefend - ok

09:56:06.0357 7912 WinHttpAutoProxySvc - ok

09:56:06.0373 7912 Winmgmt - ok

09:56:06.0373 7912 WinRM - ok

09:56:06.0388 7912 Wlansvc - ok

09:56:06.0404 7912 WmiAcpi - ok

09:56:06.0420 7912 wmiApSrv - ok

09:56:06.0498 7912 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

09:56:06.0498 7912 WMPNetworkSvc - ok

09:56:06.0513 7912 WPCSvc - ok

09:56:06.0513 7912 WPDBusEnum - ok

09:56:06.0529 7912 WPFFontCache_v0400 - ok

09:56:06.0529 7912 ws2ifsl - ok

09:56:06.0544 7912 wscsvc - ok

09:56:06.0544 7912 WSearch - ok

09:56:06.0560 7912 wuauserv - ok

09:56:06.0576 7912 WUDFRd - ok

09:56:06.0576 7912 wudfsvc - ok

09:56:06.0591 7912 XAudio - ok

09:56:06.0607 7912 XAudioService - ok

09:56:06.0638 7912 ================ Scan global ===============================

09:56:06.0638 7912 [Global] - ok

09:56:06.0654 7912 ================ Scan MBR ==================================

09:56:06.0669 7912 [ 1A1A06F62E891045814007163C1C76C3 ] \Device\Harddisk0\DR0

09:56:07.0200 7912 \Device\Harddisk0\DR0 - ok

09:56:07.0200 7912 ================ Scan VBR ==================================

09:56:07.0246 7912 [ 203649E746198176217358CB0BE9F1AE ] \Device\Harddisk0\DR0\Partition1

09:56:07.0262 7912 \Device\Harddisk0\DR0\Partition1 - ok

09:56:07.0262 7912 [ F10EF0571B6BE9F8F927E610E89A6150 ] \Device\Harddisk0\DR0\Partition2

09:56:07.0262 7912 \Device\Harddisk0\DR0\Partition2 - ok

09:56:07.0262 7912 ============================================================

09:56:07.0262 7912 Scan finished

09:56:07.0262 7912 ============================================================

09:56:07.0278 5120 Detected object count: 0

09:56:07.0278 5120 Actual detected object count: 0

09:56:24.0063 4920 Deinitialize success

Share this post


Link to post
Share on other sites

Here is the log file for AdwCleaner:

# AdwCleaner v1.801 - Logfile created 08/24/2012 at 12:02:02

# Updated 14/08/2012 by Xplode

# Operating system : Windows Vista Home Basic Service Pack 2 (32 bits)

# User : Carol - BILL

# Boot Mode : Normal

# Running from : C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NF524DMP\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

Folder Found : C:\ProgramData\Anti-phishing Domain Advisor

Folder Found : C:\ProgramData\blekko toolbars

Folder Found : C:\ProgramData\Viewpoint

Folder Found : C:\Program Files\Viewpoint

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [Registry] *****

Key Found : HKCU\Software\BrowserCompanion

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer

Key Found : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL

Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl

Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1

Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary

Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1

Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64

Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome

Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox

Key Found : HKLM\SOFTWARE\MetaStream

Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer

Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP

Key Found : HKLM\SOFTWARE\Viewpoint

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}

Key Found : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default

File : C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\n1e4bns6.default\prefs.js

Found : user_pref("browser.search.defaultenginename", "Blekko");

Found : user_pref("browser.search.order.1", "Blekko");

Found : user_pref("browser.search.selectedEngine", "Blekko");

*************************

AdwCleaner[R1].txt - [3087 octets] - [24/08/2012 12:02:02]

########## EOF - C:\AdwCleaner[R1].txt - [3215 octets] ##########

Share this post


Link to post
Share on other sites

Here is the checkup results:

Results of screen317's Security Check version 0.99.46

Windows Vista Service Pack 2 x86 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.62.0.1300

CCleaner

JavaFX 2.1.1

Java 7 Update 5

Java version out of Date!

Adobe Reader 8 Adobe Reader out of Date!

Adobe Reader X 10.1.3 Adobe Reader out of Date!

Mozilla Firefox (14.0.1)

````````Process Check: objlist.exe by Laurent````````

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 79 % Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log``````````````````````

Now, I am going to reboot my computer. I never rebooted after uninstalling all the softwares! Why is Blekko still showing up? I had uninstalled it.

Share this post


Link to post
Share on other sites

Hi,

Looks like just a remnant.

  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with OK.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number

Run TFC by OldTimer to clear temporary files:

  • Open TFC.exe if you already have it. If not, please download TFC from here and save it to your desktop.
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.

Navigate to Start --> Run, and type Combofix /uninstall in the box that appears. Click OK afterward. Notice the space between the X and the /uninstall

This uninstalls all of ComboFix's components.

Delete SecurityCheck.

After that, navigate to Start --> Control Panel --> Add or Remove Programs, and uninstall the following program (if present):

JavaFX 2.1.1

Java™ 7 Update 5

Adobe Reader 8

Adobe Reader X 10.1.3

Restart your computer.

Get the latest version of Java, Adobe Reader, and Adobe Flash Player.

Defragmenting is a must. It's one of the large reasons for system slowdowns. I use Defraggler to defragment. It is free to download and you can use it forever. I recommend installing it and defragmenting as soon as possible.

Reboot.

Let me know what issues remain.

Share this post


Link to post
Share on other sites

Here is the AdwCleaner report - should I proceed to the next step?

# AdwCleaner v1.801 - Logfile created 08/26/2012 at 02:02:41

# Updated 14/08/2012 by Xplode

# Operating system : Windows Vista Home Basic Service Pack 2 (32 bits)

# User : Carol - BILL

# Boot Mode : Normal

# Running from : C:\Users\Carol\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Anti-phishing Domain Advisor

Folder Deleted : C:\ProgramData\blekko toolbars

Folder Deleted : C:\ProgramData\Viewpoint

Folder Deleted : C:\Program Files\Viewpoint

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [Registry] *****

Key Deleted : HKCU\Software\BrowserCompanion

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer

Key Deleted : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1

Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64

Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome

Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox

Key Deleted : HKLM\SOFTWARE\MetaStream

Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP

Key Deleted : HKLM\SOFTWARE\Viewpoint

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default

File : C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\n1e4bns6.default\prefs.js

Deleted : user_pref("browser.search.defaultenginename", "Blekko");

Deleted : user_pref("browser.search.order.1", "Blekko");

Deleted : user_pref("browser.search.selectedEngine", "Blekko");

*************************

AdwCleaner[s1].txt - [3083 octets] - [26/08/2012 02:02:41]

########## EOF - C:\AdwCleaner[s1].txt - [3211 octets] ##########

Share this post


Link to post
Share on other sites

Hi,

Do this then proceed with the rest:

  • Please double click on adwcleaner.exe to run the tool.
  • Click on Uninstall.
  • Confirm with Yes.

Share this post


Link to post
Share on other sites

Hi,

Do this then proceed with the rest:

  • Please double click on adwcleaner.exe to run the tool.
  • Click on Uninstall.
  • Confirm with Yes.

Should I select the, "delete" option again?

Thanx for your help. Have to get a spot of work done, and I am going to try to time the defrag for overnight . . .

Editing to say, "Look at this." No image on Google.com website. Am I still browsing without addons?

post-96106-0-17470800-1346171529.jpg

Share this post


Link to post
Share on other sites

1) Okay, I uninstalled adwCleaner.

2) Then I ran TFC, but it didn't require a reboot. Here is what the test said:

Getting user folders.

Stopping running processes.

Emptying Temp folders.

User: All Users

User: Carol

->Temp folder emptied: 2655201 bytes

->Temporary Internet Files folder emptied: 541572 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 6072012 bytes

->Flash cache emptied: 506 bytes

User: Default

->Temp folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

User: Public

->Temp folder emptied: 0 bytes

User: Williaim

->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 39559932 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes

%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes

Emptying RecycleBin. Do not interrupt.

RecycleBin emptied: 0 bytes

Process complete!

Total Files Cleaned = 47.00 mb

******************************End of Report*************************************************

3) Uninstalled Combofix, according to instructions.

4) Deleted SecurityCheck

5) Uinstalled JavaFX 2.1.1

6) Uinstalled Java™ 7 Update 5

7) Uninstalled Spelling Dictionaries Support for Adobe Reader 8

8) Uninstalled Adobe Reader X 10.1.3

Okay, I have to turn the computer off. Should I uninstall Flash? Both times, you didn't say, uninstall Flashplayer.

Share this post


Link to post
Share on other sites

The above uninstallations took so long - about 2 hours - I am running a full Malwarebytes scan when I rebooted this morning, and it has been four hours, but I think it is only half way done! My laptop is slow as molasses.

Share this post


Link to post
Share on other sites

Malwarebytes Full Scan: 4 hours and 51 mionutes! Seems to be working faster, now.

Malwarebytes Anti-Malware 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.24.02

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Carol :: BILL [administrator]

8/29/2012 9:43:56 AM

mbam-log-2012-08-29 (09-43-56).txt

Scan type: Full scan (C:\|D:\|E:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 334009

Time elapsed: 4 hour(s), 51 minute(s), 28 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Share this post


Link to post
Share on other sites

Okay, I

1) installed Java

2) installed Adobe Reader

3) Uninstalled Flash

4) Installed Flash; clicked, Never check for updates

5) Installed Defraggler

6) Am running Defraggler while I am on my Dad's desktop computer.

This is going to take another 8 hours, right? ;)

Share this post


Link to post
Share on other sites

I was off by two hours! After 1 1/2 hours, Defraggler says there are 8 1/2 hours left to go!

After three hours, it said nine hours to go. Then, I remembered I didn't do a reboot after Malwarebytes scan and software installations. So, I stopped the defrag after 3 hours, and ended it and did the reboot, now. You didn't say, remove the DDS or Rogue Killer, so it's still saved to the desktop.

Share this post


Link to post
Share on other sites

Hi,

Installed Flash; clicked, Never check for updates
It would be much better for it to prompt you when updates are available....

The defrag will take a long time. :) Best to leave it overnight.

Are you running IE with no add-ons still?

Share this post


Link to post
Share on other sites

Hi,

It would be much better for it to prompt you when updates are available....

I've had my fill of prompts. I'll just update it once per month!
The defrag will take a long time. :) Best to leave it overnight.
18 hours and counting. The Defrag is still going on.
Are you running IE with no add-ons still?
Yes.

May I add, noone could persuade me to download and install unfamiliar software, except Malwarebytes has a good name with me, because of a recommendation from John Yocum and the guys at Fluidhosting, plus, I have a smattering of computer knowledge, because I have a degree, but I never used it, because I got it so computers wouldn't intimidate me. The fact I just downloaded Defraggler - which I never heard of before! - installed, and ran it, is a testimony to Malwarebytes' good reputation with my host!

Update: 1:43 PM 22 hours and counting - wow! Isaac is going to dry up before my defrag gets done! But it freed up 10 G of space, so far. It says it's 42% done, with one minute to go. It's been one minute for several hours.

Share this post


Link to post
Share on other sites

I suggest stopping it for now. Then run TFC again.

Reboot.

Run Defraggler again and see if it completes in a timely manner.

Share this post


Link to post
Share on other sites

The defrag is finsihed! After more than 24 hours . . . It took a long time to boot up, and doesn't seem to be running much faster, so far . . . Here is the screen shot of the Defraggler completed defrag.Before I could finish this comment, an "Oracle" popup appeared, which said:

User Account Control

A Program Needs your permission to continue

If you started this program, continue

jucheck.exe

Oracle America, Inc.

Buttons: Details . . . Continue . . . Cancel

User Account Control helps stop unauthorized changes to your computer.

When I click the Details pulldown menu, this address appears under, "Oracle America, Inc:"

"C:\Program Files\Common Files\Java\Java Update\jucheck.exe" - scheduled

This popup appeared when I plugged the internet in . .

Now that I unchecked, "Check for updates," I'm still going to have a popup every day?.

post-96106-0-01673400-1346370033.jpg

Share this post


Link to post
Share on other sites

If you click "View Files" in the defrag report, can you post that report here?

Now that I unchecked, "Check for updates," I'm still going to have a popup every day?.
This is the Java update and wont occur every day. It is legitimate, however.

Share this post


Link to post
Share on other sites

Should I run another defrag?

Wait - I just saw your post.

If you click "View Files" in the defrag report, can you post that report here?

This is the Java update and wont occur every day. It is legitimate, however.

I don't see, "View Files," in any part of Defraggler. If I click, "Files list," it is empty. There IS info under, System Health, which I took a screenshot of, then scrolled down and took another screen shot.

post-96106-0-93486200-1346370919.jpg

post-96106-0-86510500-1346370928.jpg

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.