Jump to content

running anti-rootkit

Tan37

By Tan37
in Resolved Malware Removal Logs

 Share

Recommended Posts

Tan37

Tan37

Posted
Posted

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 30/06/2009 11:06:18

System Uptime: 23/03/2013 14:08:51 (8 hours ago)

.

Motherboard: Quanta | | 3060

Processor: AMD Turion™ X2 Dual-Core Mobile RM-74 | Socket M2/S1G1 | 1100/1800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 287 GiB total, 201.235 GiB free.

D: is FIXED (NTFS) - 11 GiB total, 1.876 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Bluetooth Device (Personal Area Network)

Device ID: BTH\MS_BTHPAN\6&9951AB6&0&2

Manufacturer: Microsoft

Name: Bluetooth Device (Personal Area Network)

PNP Device ID: BTH\MS_BTHPAN\6&9951AB6&0&2

Service: BthPan

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

3Connect

Acrobat.com

Activation Assistant for the 2007 Microsoft Office suites

ActiveCheck component for HP Active Support Library

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader 9.5.2

Adobe Shockwave Player

aiofw

aioprnt

aioscnnr

AMD USB Audio Driver Filter

AOL Toolbar 5.0

Atheros Driver Installation Program

ATI Catalyst Install Manager

C4USelfUpdater

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

center

CyberLink DVD Suite

ESU for Microsoft Vista

FileASSASSIN

Google Chrome

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB945282)

Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB946040)

Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB946308)

Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB947540)

Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB947789)

HP Active Support Library

HP Common Access Service Library

HP Help and Support

HP Integrated Module with Bluetooth wireless technology 6.0.1.6204

HP MediaSmart DVD

HP MediaSmart Music/Photo/Video

HP MediaSmart SmartMenu

HP MediaSmart TV

HP MediaSmart Webcam

HP Photosmart 5510d series Basic Device Software

HP Photosmart 5510d series Help

HP Photosmart 5510d series Product Improvement Study

HP Quick Launch Buttons 6.40 L1

HP Total Care Advisor

HP Total Care Setup

HP Update

HP User Guides 0126

HP Wireless Assistant

HPAsset component for HP Active Support Library

HPNetworkAssistant

IDT Audio

Internet Explorer (Enable DEP)

J2SE Runtime Environment 5.0 Update 7

Java 7 Update 7

Java Auto Updater

K-Lite Codec Pack 7.0.0 (Standard)

KODAK AiO Home Centre

ksDIP

LabelPrint

LightScribe System Software 1.14.17.1

Malwarebytes Anti-Malware version 1.70.0.1100

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2008

Microsoft SQL Server 2008 Browser

Microsoft SQL Server 2008 Common Files

Microsoft SQL Server 2008 Database Engine Services

Microsoft SQL Server 2008 Database Engine Shared

Microsoft SQL Server 2008 Management Objects

Microsoft SQL Server 2008 Native Client

Microsoft SQL Server 2008 RsFx Driver

Microsoft SQL Server 2008 Setup Support Files

Microsoft SQL Server Compact 3.5 SP1 Design Tools English

Microsoft SQL Server Compact 3.5 SP1 English

Microsoft SQL Server VSS Writer

Microsoft Visual C# 2008 Express Edition with SP1 - ENU

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu

Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32

Microsoft Works

Mobile Broadband HL Service

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

muvee Reveal

Norton Internet Security

OGA Notifier 2.0.0048.0

Power2Go

PowerDirector

PreReq

ProtectSmart Hard Drive Protection

Realtek 8169 8168 8101E 8102E Ethernet Driver

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Security Update for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB2251487)

Service Pack 3 for SQL Server 2008 (KB2546951)

Skins

Sql Server Customer Experience Improvement Program

Synaptics Pointing Device Driver

The Official DSA Theory Test for Car Drivers

Theory Interactive

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VC80CRTRedist - 8.0.50727.6195

Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0)

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Live Upload Tool

ZTE_MF627_USB_MODEM_1.2059.0.4

ZTE_MF6X6_USB_MODEM_1.2050.0.6

.

==== End Of File ===========================

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Welcome to the forum, please start at the link below:

http://forums.malwar...?showtopic=9573

Post back the 2 logs here.....DDS.txt and Attach.txt

(please don't put logs in code or quotes)

P2P Warning:

If you're using Peer 2 Peer software such as uTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

<====><====><====><====><====><====><====><====>

Next................

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

RogueKiller<---use this one for 64 bit systems

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes)

MrC

Note:

Removing malware can be unpredictable
...things can go very wrong!
Backup
any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>
Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>
Please stick with me until I give you the "all clear".

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites
Tan37

Tan37

Posted
  • Author
Posted

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version

Started in : Normal mode

User : tan [Admin rights]

Mode : Scan -- Date : 03/26/2013 18:13:10

| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤

[sUSP PATH] mbbService.exe -- C:\ProgramData\MobileBrServ\mbbservice.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 3 ¤¤¤

[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

::1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEVT-60ZCT1 ATA Device +++++

--- User ---

[MBR] d3c6cb576eee525556483692a20d6bd1

[bSP] a59bbb9cc31e2aad83c92cdb538ae091 : Toshiba MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 293833 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 601772032 | Size: 11408 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_03262013_02d1813.txt >>

RKreport[1]_S_03262013_02d1813.txt

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version

Started in : Normal mode

User : tan [Admin rights]

Mode : Remove -- Date : 03/26/2013 18:16:42

| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤

[sUSP PATH] mbbService.exe -- C:\ProgramData\MobileBrServ\mbbservice.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 3 ¤¤¤

[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

::1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEVT-60ZCT1 ATA Device +++++

--- User ---

[MBR] d3c6cb576eee525556483692a20d6bd1

[bSP] a59bbb9cc31e2aad83c92cdb538ae091 : Toshiba MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 293833 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 601772032 | Size: 11408 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[2]_D_03262013_02d1816.txt >>

RKreport[1]_S_03262013_02d1813.txt ; RKreport[2]_D_03262013_02d1816.txt

Link to post
Share on other sites
Tan37

Tan37

Posted
  • Author
Posted

No particular concerns just wanted to run the anti-rootkit (after buying malwarebytes pro} to see if I've got any problems but the the anti- rootkit wont run scan on computer cause it keeps coming up with error messages eg The system volumes seems inaccessible or encrypted. Scan can't continue.

Thanks MR C

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Well you can run this one:

Please read the directions carefully so you don't end up deleting something that is good!!

If in doubt about an entry....please ask or choose Skip!!!!

Don't Delete anything unless instructed to!

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

If a suspicious object is detected, the default action will be Skip, click on Continue

Please note that TDSSKiller can be run in safe mode if needed.

Here's a video that explains how to run it if needed:

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    clip.jpg
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
    Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose Skip.
    If in doubt about an entry....please ask or choose Skip
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here. There may be 3 logs > so post or attach all of them.
  • Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

Here's a summary of what to do if you would like to print it out:

If in doubt about an entry....please ask or choose Skip

Don't Delete anything unless instructed to!

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose Skip.

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

~~~~~~~~~~~~~~~~~~~~

You can attach the logs if they're too long:

Bottom right corner of this page.

more-reply-options.jpg

New window that comes up.

choose-files1.jpg

MrC

Link to post
Share on other sites
Tan37

Tan37

Posted
  • Author
Posted

20:09:07.0061 5220 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

20:09:07.0466 5220 ============================================================

20:09:07.0466 5220 Current date / time: 2013/03/26 20:09:07.0466

20:09:07.0466 5220 SystemInfo:

20:09:07.0466 5220

20:09:07.0466 5220 OS Version: 6.0.6002 ServicePack: 2.0

20:09:07.0466 5220 Product type: Workstation

20:09:07.0466 5220 ComputerName: TAN-PC

20:09:07.0466 5220 UserName: tan

20:09:07.0466 5220 Windows directory: C:\Windows

20:09:07.0466 5220 System windows directory: C:\Windows

20:09:07.0466 5220 Processor architecture: Intel x86

20:09:07.0466 5220 Number of processors: 2

20:09:07.0466 5220 Page size: 0x1000

20:09:07.0466 5220 Boot type: Normal boot

20:09:07.0466 5220 ============================================================

20:09:09.0354 5220 BG loaded

20:09:10.0805 5220 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

20:09:11.0257 5220 ============================================================

20:09:11.0257 5220 \Device\Harddisk0\DR0:

20:09:11.0257 5220 MBR partitions:

20:09:11.0257 5220 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23DE4800

20:09:11.0257 5220 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23DE5000, BlocksNum 0x1648000

20:09:11.0257 5220 ============================================================

20:09:11.0273 5220 C: <-> \Device\Harddisk0\DR0\Partition1

20:09:11.0319 5220 D: <-> \Device\Harddisk0\DR0\Partition2

20:09:11.0319 5220 ============================================================

20:09:11.0319 5220 Initialize success

20:09:11.0319 5220 ============================================================

20:09:25.0812 4432 ============================================================

20:09:25.0812 4432 Scan started

20:09:25.0812 4432 Mode: Manual; SigCheck; TDLFS;

20:09:25.0812 4432 ============================================================

20:09:26.0295 4432 ================ Scan system memory ========================

20:09:26.0295 4432 System memory - ok

20:09:26.0311 4432 ================ Scan services =============================

20:09:26.0576 4432 [ CC1F1D3D70DC13C2C281488D347D4415 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys

20:09:26.0841 4432 Accelerometer - ok

20:09:26.0935 4432 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys

20:09:26.0966 4432 ACPI - ok

20:09:27.0029 4432 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

20:09:27.0075 4432 adp94xx - ok

20:09:27.0122 4432 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys

20:09:27.0153 4432 adpahci - ok

20:09:27.0185 4432 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys

20:09:27.0216 4432 adpu160m - ok

20:09:27.0231 4432 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

20:09:27.0247 4432 adpu320 - ok

20:09:27.0325 4432 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

20:09:27.0372 4432 AeLookupSvc - ok

20:09:27.0543 4432 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe

20:09:27.0606 4432 AESTFilters - ok

20:09:27.0699 4432 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys

20:09:27.0746 4432 AFD - ok

20:09:27.0793 4432 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys

20:09:27.0824 4432 agp440 - ok

20:09:27.0902 4432 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys

20:09:27.0933 4432 aic78xx - ok

20:09:27.0980 4432 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe

20:09:28.0027 4432 ALG - ok

20:09:28.0043 4432 [ 3D76FDA1A10ACC3DC84728F55C29B6D4 ] aliide C:\Windows\system32\drivers\aliide.sys

20:09:28.0074 4432 aliide - ok

20:09:28.0089 4432 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys

20:09:28.0136 4432 amdagp - ok

20:09:28.0152 4432 [ 5B92E7839F5A1FBC1B39DE67758AD6F8 ] amdide C:\Windows\system32\drivers\amdide.sys

20:09:28.0183 4432 amdide - ok

20:09:28.0214 4432 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys

20:09:28.0261 4432 AmdK7 - ok

20:09:28.0292 4432 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

20:09:28.0355 4432 AmdK8 - ok

20:09:28.0417 4432 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll

20:09:28.0433 4432 Appinfo - ok

20:09:28.0464 4432 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys

20:09:28.0495 4432 arc - ok

20:09:28.0526 4432 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys

20:09:28.0557 4432 arcsas - ok

20:09:28.0573 4432 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

20:09:28.0635 4432 AsyncMac - ok

20:09:28.0682 4432 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys

20:09:28.0713 4432 atapi - ok

20:09:28.0791 4432 [ 02D34AC487DF3DA4E3F01874E61EB619 ] athr C:\Windows\system32\DRIVERS\athr.sys

20:09:28.0869 4432 athr - ok

20:09:28.0947 4432 [ D4762639FF9095BBBC69F4ECD4C0861B ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe

20:09:29.0010 4432 Ati External Event Utility - ok

20:09:29.0213 4432 [ DEA99F7C76206AEBDC0E390B0A1336C6 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys

20:09:29.0431 4432 atikmdag - ok

20:09:29.0478 4432 [ 5A1465AD2E7C1BC39CDA12A355329096 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys

20:09:29.0540 4432 AtiPcie - ok

20:09:29.0603 4432 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

20:09:29.0665 4432 AudioEndpointBuilder - ok

20:09:29.0696 4432 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll

20:09:29.0743 4432 Audiosrv - ok

20:09:30.0663 4432 [ 553E94AE71D233C14A8C8B4AF9286ED0 ] BecHelperService C:\Program Files\3\3Connect\BecHelperService.exe

20:09:30.0960 4432 BecHelperService - ok

20:09:31.0038 4432 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys

20:09:31.0100 4432 Beep - ok

20:09:31.0163 4432 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll

20:09:31.0209 4432 BFE - ok

20:09:31.0287 4432 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll

20:09:31.0350 4432 BITS - ok

20:09:31.0365 4432 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

20:09:31.0428 4432 blbdrive - ok

20:09:31.0459 4432 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys

20:09:31.0475 4432 bowser - ok

20:09:31.0521 4432 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys

20:09:31.0568 4432 BrFiltLo - ok

20:09:31.0615 4432 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys

20:09:31.0693 4432 BrFiltUp - ok

20:09:31.0724 4432 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll

20:09:31.0771 4432 Browser - ok

20:09:31.0787 4432 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys

20:09:31.0896 4432 Brserid - ok

20:09:31.0911 4432 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys

20:09:32.0005 4432 BrSerWdm - ok

20:09:32.0036 4432 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys

20:09:32.0130 4432 BrUsbMdm - ok

20:09:32.0177 4432 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys

20:09:32.0255 4432 BrUsbSer - ok

20:09:32.0333 4432 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys

20:09:32.0364 4432 BthEnum - ok

20:09:32.0411 4432 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

20:09:32.0535 4432 BTHMODEM - ok

20:09:32.0582 4432 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

20:09:32.0660 4432 BthPan - ok

20:09:32.0707 4432 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys

20:09:32.0754 4432 BTHPORT - ok

20:09:32.0785 4432 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll

20:09:32.0816 4432 BthServ - ok

20:09:32.0847 4432 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys

20:09:32.0894 4432 BTHUSB - ok

20:09:32.0957 4432 [ 229B2C1E776062A4033305D5A9D6E28D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys

20:09:32.0988 4432 btwaudio - ok

20:09:33.0003 4432 [ 97062053359F6908E1FB2791BFA54734 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys

20:09:33.0035 4432 btwavdt - ok

20:09:33.0050 4432 [ D9269B0E3E3CF46D677FD071A40FE6CD ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys

20:09:33.0081 4432 btwrchid - ok

20:09:33.0128 4432 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

20:09:33.0191 4432 cdfs - ok

20:09:33.0284 4432 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

20:09:33.0315 4432 cdrom - ok

20:09:33.0362 4432 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll

20:09:33.0409 4432 CertPropSvc - ok

20:09:33.0487 4432 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys

20:09:33.0565 4432 circlass - ok

20:09:34.0017 4432 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys

20:09:34.0080 4432 CLFS - ok

20:09:34.0189 4432 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:09:34.0236 4432 clr_optimization_v2.0.50727_32 - ok

20:09:34.0345 4432 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

20:09:34.0392 4432 clr_optimization_v4.0.30319_32 - ok

20:09:34.0470 4432 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

20:09:34.0517 4432 CmBatt - ok

20:09:34.0657 4432 [ D36372A6EA6805EFBE8884D10772313F ] cmdide C:\Windows\system32\drivers\cmdide.sys

20:09:34.0704 4432 cmdide - ok

20:09:34.0766 4432 [ 12E94E225BD7B05A2BCCD5C0B841E921 ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

20:09:34.0782 4432 Com4QLBEx - ok

20:09:34.0829 4432 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

20:09:34.0875 4432 Compbatt - ok

20:09:34.0891 4432 COMSysApp - ok

20:09:34.0907 4432 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

20:09:34.0938 4432 crcdisk - ok

20:09:34.0953 4432 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys

20:09:35.0016 4432 Crusoe - ok

20:09:35.0078 4432 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll

20:09:35.0109 4432 CryptSvc - ok

20:09:35.0203 4432 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll

20:09:35.0265 4432 DcomLaunch - ok

20:09:35.0297 4432 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys

20:09:35.0328 4432 DfsC - ok

20:09:35.0453 4432 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe

20:09:35.0577 4432 DFSR - ok

20:09:35.0640 4432 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll

20:09:35.0687 4432 Dhcp - ok

20:09:35.0780 4432 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys

20:09:35.0811 4432 disk - ok

20:09:35.0858 4432 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll

20:09:35.0874 4432 Dnscache - ok

20:09:36.0077 4432 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll

20:09:36.0123 4432 dot3svc - ok

20:09:36.0170 4432 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll

20:09:36.0233 4432 DPS - ok

20:09:36.0295 4432 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

20:09:36.0342 4432 drmkaud - ok

20:09:36.0420 4432 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

20:09:36.0482 4432 DXGKrnl - ok

20:09:36.0545 4432 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys

20:09:36.0591 4432 E1G60 - ok

20:09:36.0669 4432 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll

20:09:36.0701 4432 EapHost - ok

20:09:36.0747 4432 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys

20:09:36.0779 4432 Ecache - ok

20:09:36.0841 4432 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

20:09:36.0872 4432 ehRecvr - ok

20:09:36.0903 4432 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe

20:09:36.0935 4432 ehSched - ok

20:09:36.0981 4432 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll

20:09:37.0013 4432 ehstart - ok

20:09:37.0091 4432 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys

20:09:37.0169 4432 elxstor - ok

20:09:37.0340 4432 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll

20:09:37.0387 4432 EMDMgmt - ok

20:09:37.0449 4432 [ 004B2EA6CC2598EC5F0552E43CE29CEF ] enecir C:\Windows\system32\DRIVERS\enecir.sys

20:09:37.0496 4432 enecir - ok

20:09:37.0559 4432 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys

20:09:37.0605 4432 ErrDev - ok

20:09:37.0715 4432 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll

20:09:37.0777 4432 EventSystem - ok

20:09:37.0839 4432 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys

20:09:37.0871 4432 exfat - ok

20:09:37.0933 4432 [ 42F721C52EEF2D6DF9372A53813A83EF ] ezSharedSvc C:\Windows\System32\ezsvc7.dll

20:09:37.0949 4432 ezSharedSvc ( UnsignedFile.Multi.Generic ) - warning

20:09:37.0949 4432 ezSharedSvc - detected UnsignedFile.Multi.Generic (1)

20:09:37.0995 4432 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys

20:09:38.0042 4432 fastfat - ok

20:09:38.0136 4432 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys

20:09:38.0214 4432 fdc - ok

20:09:38.0448 4432 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll

20:09:38.0510 4432 fdPHost - ok

20:09:38.0573 4432 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll

20:09:38.0697 4432 FDResPub - ok

20:09:38.0744 4432 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

20:09:38.0775 4432 FileInfo - ok

20:09:38.0791 4432 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys

20:09:38.0853 4432 Filetrace - ok

20:09:38.0885 4432 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

20:09:38.0931 4432 flpydisk - ok

20:09:38.0994 4432 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

20:09:39.0056 4432 FltMgr - ok

20:09:39.0181 4432 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll

20:09:39.0228 4432 FontCache - ok

20:09:39.0353 4432 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

20:09:39.0399 4432 FontCache3.0.0.0 - ok

20:09:39.0431 4432 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

20:09:39.0462 4432 Fs_Rec - ok

20:09:39.0555 4432 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

20:09:39.0587 4432 gagp30kx - ok

20:09:39.0633 4432 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll

20:09:39.0680 4432 gpsvc - ok

20:09:39.0789 4432 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

20:09:39.0821 4432 gupdate - ok

20:09:39.0836 4432 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

20:09:39.0867 4432 gupdatem - ok

20:09:39.0977 4432 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

20:09:40.0008 4432 HdAudAddService - ok

20:09:40.0164 4432 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

20:09:40.0211 4432 HDAudBus - ok

20:09:40.0242 4432 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys

20:09:40.0335 4432 HidBth - ok

20:09:40.0460 4432 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

20:09:40.0507 4432 HidIr - ok

20:09:40.0538 4432 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll

20:09:40.0569 4432 hidserv - ok

20:09:40.0632 4432 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\drivers\hidusb.sys

20:09:40.0741 4432 HidUsb - ok

20:09:40.0788 4432 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll

20:09:40.0866 4432 hkmsvc - ok

20:09:40.0944 4432 [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

20:09:40.0959 4432 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning

20:09:40.0959 4432 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)

20:09:40.0991 4432 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys

20:09:41.0022 4432 HpCISSs - ok

20:09:41.0053 4432 [ 4EF10B866C62ABBEAF7511CDD05A19BE ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys

20:09:41.0069 4432 hpdskflt - ok

20:09:41.0115 4432 [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

20:09:41.0162 4432 HpqKbFiltr - ok

20:09:41.0240 4432 [ 188FF0ADF66768D53AD94F43972E1E9A ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

20:09:41.0303 4432 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning

20:09:41.0303 4432 hpqwmiex - detected UnsignedFile.Multi.Generic (1)

20:09:41.0334 4432 [ C0BEB56ED79B59B7B33D0AA6C38A0BA6 ] hpsrv C:\Windows\system32\Hpservice.exe

20:09:41.0381 4432 hpsrv - ok

20:09:41.0459 4432 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys

20:09:41.0505 4432 HTTP - ok

20:09:41.0599 4432 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys

20:09:41.0630 4432 i2omp - ok

20:09:41.0739 4432 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

20:09:41.0786 4432 i8042prt - ok

20:09:41.0817 4432 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys

20:09:41.0880 4432 iaStorV - ok

20:09:41.0942 4432 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

20:09:42.0036 4432 idsvc - ok

20:09:42.0036 4432 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys

20:09:42.0098 4432 iirsp - ok

20:09:42.0192 4432 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll

20:09:42.0254 4432 IKEEXT - ok

20:09:42.0317 4432 [ DD512A049BD7B4BCE8A83554C5EFF2C1 ] intelide C:\Windows\system32\drivers\intelide.sys

20:09:42.0332 4432 intelide - ok

20:09:42.0363 4432 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

20:09:42.0410 4432 intelppm - ok

20:09:42.0488 4432 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

20:09:42.0551 4432 IPBusEnum - ok

20:09:42.0629 4432 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:09:42.0675 4432 IpFilterDriver - ok

20:09:42.0800 4432 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

20:09:42.0831 4432 iphlpsvc - ok

20:09:42.0863 4432 IpInIp - ok

20:09:42.0894 4432 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys

20:09:42.0987 4432 IPMIDRV - ok

20:09:43.0003 4432 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys

20:09:43.0050 4432 IPNAT - ok

20:09:43.0081 4432 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

20:09:43.0128 4432 IRENUM - ok

20:09:43.0159 4432 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys

20:09:43.0190 4432 isapnp - ok

20:09:43.0253 4432 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

20:09:43.0284 4432 iScsiPrt - ok

20:09:43.0331 4432 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys

20:09:43.0346 4432 iteatapi - ok

20:09:43.0377 4432 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys

20:09:43.0409 4432 iteraid - ok

20:09:43.0471 4432 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

20:09:43.0502 4432 kbdclass - ok

20:09:43.0549 4432 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

20:09:43.0580 4432 kbdhid - ok

20:09:43.0611 4432 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe

20:09:43.0643 4432 KeyIso - ok

20:09:43.0736 4432 [ F8D454FBA97DC28F02931C588BAFE4CF ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe

20:09:43.0799 4432 Kodak AiO Network Discovery Service - ok

20:09:43.0845 4432 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

20:09:43.0892 4432 KSecDD - ok

20:09:43.0939 4432 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll

20:09:44.0001 4432 KtmRm - ok

20:09:44.0095 4432 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll

20:09:44.0142 4432 LanmanServer - ok

20:09:44.0173 4432 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

20:09:44.0204 4432 LanmanWorkstation - ok

20:09:44.0282 4432 [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe

20:09:44.0298 4432 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

20:09:44.0298 4432 LightScribeService - detected UnsignedFile.Multi.Generic (1)

20:09:44.0516 4432 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

20:09:44.0563 4432 lltdio - ok

20:09:44.0610 4432 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll

20:09:44.0672 4432 lltdsvc - ok

20:09:44.0719 4432 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll

20:09:44.0813 4432 lmhosts - ok

20:09:44.0859 4432 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

20:09:44.0875 4432 LSI_FC - ok

20:09:44.0969 4432 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

20:09:45.0000 4432 LSI_SAS - ok

20:09:45.0109 4432 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

20:09:45.0140 4432 LSI_SCSI - ok

20:09:45.0156 4432 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys

20:09:45.0203 4432 luafv - ok

20:09:45.0249 4432 [ 6490FE1B088C7199A9B6CE0E04A98A8B ] massfilter C:\Windows\system32\drivers\massfilter.sys

20:09:45.0281 4432 massfilter - ok

20:09:45.0343 4432 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

20:09:45.0359 4432 MBAMProtector - ok

20:09:45.0421 4432 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

20:09:45.0452 4432 MBAMScheduler - ok

20:09:45.0530 4432 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

20:09:45.0577 4432 MBAMService - ok

20:09:45.0686 4432 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

20:09:45.0702 4432 Mcx2Svc - ok

20:09:45.0858 4432 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys

20:09:45.0889 4432 megasas - ok

20:09:45.0951 4432 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys

20:09:46.0014 4432 MegaSR - ok

20:09:46.0185 4432 MFE_RR - ok

20:09:46.0295 4432 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe

20:09:46.0341 4432 Microsoft Office Groove Audit Service - ok

20:09:46.0388 4432 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll

20:09:46.0451 4432 MMCSS - ok

20:09:46.0544 4432 [ 24CFF4697702785872313159EC2434A2 ] Mobile Broadband HL Service C:\ProgramData\MobileBrServ\mbbservice.exe

20:09:46.0575 4432 Mobile Broadband HL Service - ok

20:09:46.0638 4432 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys

20:09:46.0685 4432 Modem - ok

20:09:46.0731 4432 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

20:09:46.0778 4432 monitor - ok

20:09:46.0825 4432 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

20:09:46.0856 4432 mouclass - ok

20:09:46.0872 4432 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

20:09:46.0934 4432 mouhid - ok

20:09:46.0950 4432 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys

20:09:46.0981 4432 MountMgr - ok

20:09:47.0028 4432 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

20:09:47.0075 4432 MpFilter - ok

20:09:47.0090 4432 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys

20:09:47.0121 4432 mpio - ok

20:09:47.0277 4432 [ A69630D039C38018689190234F866D77 ] MpKsl1498c7a8 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1AB7405F-0377-49BA-BA85-079925F08049}\MpKsl1498c7a8.sys

20:09:47.0324 4432 MpKsl1498c7a8 - ok

20:09:47.0355 4432 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

20:09:47.0402 4432 mpsdrv - ok

20:09:47.0480 4432 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll

20:09:47.0543 4432 MpsSvc - ok

20:09:47.0636 4432 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys

20:09:47.0667 4432 Mraid35x - ok

20:09:47.0714 4432 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

20:09:47.0730 4432 MRxDAV - ok

20:09:47.0823 4432 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

20:09:47.0855 4432 mrxsmb - ok

20:09:47.0917 4432 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:09:47.0948 4432 mrxsmb10 - ok

20:09:48.0026 4432 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:09:48.0057 4432 mrxsmb20 - ok

20:09:48.0182 4432 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys

20:09:48.0213 4432 msahci - ok

20:09:48.0245 4432 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys

20:09:48.0276 4432 msdsm - ok

20:09:48.0354 4432 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe

20:09:48.0401 4432 MSDTC - ok

20:09:48.0463 4432 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys

20:09:48.0525 4432 Msfs - ok

20:09:48.0572 4432 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

20:09:48.0588 4432 msisadrv - ok

20:09:48.0666 4432 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

20:09:48.0728 4432 MSiSCSI - ok

20:09:48.0728 4432 msiserver - ok

20:09:48.0759 4432 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

20:09:48.0822 4432 MSKSSRV - ok

20:09:48.0884 4432 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

20:09:48.0915 4432 MsMpSvc - ok

20:09:48.0947 4432 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

20:09:48.0993 4432 MSPCLOCK - ok

20:09:49.0009 4432 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

20:09:49.0056 4432 MSPQM - ok

20:09:49.0103 4432 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

20:09:49.0134 4432 MsRPC - ok

20:09:49.0196 4432 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

20:09:49.0227 4432 mssmbios - ok

20:09:49.0337 4432 MSSQL$SQLEXPRESS - ok

20:09:49.0415 4432 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

20:09:49.0446 4432 MSSQLServerADHelper100 - ok

20:09:49.0477 4432 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

20:09:49.0524 4432 MSTEE - ok

20:09:49.0539 4432 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys

20:09:49.0571 4432 Mup - ok

20:09:49.0617 4432 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll

20:09:49.0664 4432 napagent - ok

20:09:49.0727 4432 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

20:09:49.0758 4432 NativeWifiP - ok

20:09:49.0805 4432 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys

20:09:49.0851 4432 NDIS - ok

20:09:49.0883 4432 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

20:09:49.0929 4432 NdisTapi - ok

20:09:49.0945 4432 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

20:09:49.0992 4432 Ndisuio - ok

20:09:50.0039 4432 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

20:09:50.0070 4432 NdisWan - ok

20:09:50.0117 4432 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

20:09:50.0163 4432 NDProxy - ok

20:09:50.0179 4432 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

20:09:50.0241 4432 NetBIOS - ok

20:09:50.0382 4432 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys

20:09:50.0460 4432 netbt - ok

20:09:50.0491 4432 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe

20:09:50.0553 4432 Netlogon - ok

20:09:50.0585 4432 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll

20:09:50.0647 4432 Netman - ok

20:09:50.0678 4432 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll

20:09:50.0741 4432 netprofm - ok

20:09:50.0772 4432 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

20:09:50.0803 4432 NetTcpPortSharing - ok

20:09:50.0897 4432 [ 35D5458D9A1B26B2005ABFFBF4C1C5E7 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys

20:09:51.0068 4432 NETw3v32 - ok

20:09:51.0099 4432 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

20:09:51.0131 4432 nfrd960 - ok

20:09:51.0177 4432 [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

20:09:51.0224 4432 NisDrv - ok

20:09:51.0271 4432 [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe

20:09:51.0318 4432 NisSrv - ok

20:09:51.0349 4432 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll

20:09:51.0427 4432 NlaSvc - ok

20:09:51.0458 4432 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys

20:09:51.0505 4432 Npfs - ok

20:09:51.0521 4432 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll

20:09:51.0583 4432 nsi - ok

20:09:51.0630 4432 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

20:09:51.0677 4432 nsiproxy - ok

20:09:51.0739 4432 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

20:09:51.0833 4432 Ntfs - ok

20:09:51.0848 4432 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys

20:09:51.0957 4432 ntrigdigi - ok

20:09:51.0973 4432 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys

20:09:52.0020 4432 Null - ok

20:09:52.0051 4432 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys

20:09:52.0082 4432 nvraid - ok

20:09:52.0098 4432 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys

20:09:52.0129 4432 nvstor - ok

20:09:52.0160 4432 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

20:09:52.0191 4432 nv_agp - ok

20:09:52.0191 4432 NwlnkFlt - ok

20:09:52.0207 4432 NwlnkFwd - ok

20:09:52.0285 4432 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

20:09:52.0332 4432 odserv - ok

20:09:52.0379 4432 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys

20:09:52.0425 4432 ohci1394 - ok

20:09:52.0488 4432 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:09:52.0503 4432 ose - ok

20:09:52.0581 4432 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll

20:09:52.0628 4432 p2pimsvc - ok

20:09:52.0675 4432 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll

20:09:52.0737 4432 p2psvc - ok

20:09:52.0769 4432 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys

20:09:52.0862 4432 Parport - ok

20:09:52.0893 4432 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys

20:09:52.0909 4432 partmgr - ok

20:09:52.0940 4432 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys

20:09:53.0049 4432 Parvdm - ok

20:09:53.0065 4432 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll

20:09:53.0096 4432 PcaSvc - ok

20:09:53.0159 4432 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys

20:09:53.0190 4432 pci - ok

20:09:53.0221 4432 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys

20:09:53.0252 4432 pciide - ok

20:09:53.0283 4432 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

20:09:53.0299 4432 pcmcia - ok

20:09:53.0361 4432 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys

20:09:53.0502 4432 PEAUTH - ok

20:09:53.0658 4432 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll

20:09:53.0767 4432 pla - ok

20:09:53.0798 4432 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll

20:09:53.0845 4432 PlugPlay - ok

20:09:53.0892 4432 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll

20:09:53.0939 4432 PNRPAutoReg - ok

20:09:53.0985 4432 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll

20:09:54.0032 4432 PNRPsvc - ok

20:09:54.0079 4432 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

20:09:54.0126 4432 PolicyAgent - ok

20:09:54.0204 4432 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

20:09:54.0251 4432 PptpMiniport - ok

20:09:54.0282 4432 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\DRIVERS\processr.sys

20:09:54.0344 4432 Processor - ok

20:09:54.0375 4432 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll

20:09:54.0422 4432 ProfSvc - ok

20:09:54.0438 4432 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe

20:09:54.0469 4432 ProtectedStorage - ok

20:09:54.0500 4432 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys

20:09:54.0547 4432 PSched - ok

20:09:54.0625 4432 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

20:09:54.0734 4432 ql2300 - ok

20:09:54.0750 4432 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

20:09:54.0797 4432 ql40xx - ok

20:09:54.0859 4432 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll

20:09:54.0906 4432 QWAVE - ok

20:09:54.0937 4432 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

20:09:54.0953 4432 QWAVEdrv - ok

20:09:54.0984 4432 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

20:09:55.0046 4432 RasAcd - ok

20:09:55.0077 4432 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll

20:09:55.0124 4432 RasAuto - ok

20:09:55.0155 4432 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

20:09:55.0202 4432 Rasl2tp - ok

20:09:55.0265 4432 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll

20:09:55.0311 4432 RasMan - ok

20:09:55.0343 4432 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

20:09:55.0374 4432 RasPppoe - ok

20:09:55.0421 4432 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

20:09:55.0467 4432 RasSstp - ok

20:09:55.0514 4432 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

20:09:55.0561 4432 rdbss - ok

20:09:55.0608 4432 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

20:09:55.0670 4432 RDPCDD - ok

20:09:55.0701 4432 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys

20:09:55.0764 4432 rdpdr - ok

20:09:55.0795 4432 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

20:09:55.0857 4432 RDPENCDD - ok

20:09:55.0920 4432 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

20:09:55.0951 4432 RDPWD - ok

20:09:56.0013 4432 [ BC0A4D47472B042537F4E57B950415FA ] Recovery Service for Windows C:\Program Files\SMINST\BLService.exe

20:09:56.0045 4432 Recovery Service for Windows - ok

20:09:56.0123 4432 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll

20:09:56.0201 4432 RemoteAccess - ok

20:09:56.0247 4432 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll

20:09:56.0325 4432 RemoteRegistry - ok

20:09:56.0403 4432 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

20:09:56.0450 4432 RFCOMM - ok

20:09:56.0544 4432 [ 805AE1F90C64758D19AAA001CF8CBA12 ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe

20:09:56.0575 4432 RichVideo ( UnsignedFile.Multi.Generic ) - warning

20:09:56.0575 4432 RichVideo - detected UnsignedFile.Multi.Generic (1)

20:09:56.0653 4432 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe

20:09:56.0700 4432 RpcLocator - ok

20:09:56.0778 4432 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll

20:09:56.0856 4432 RpcSs - ok

20:09:56.0934 4432 [ 6A7360E36CBD636972AEEF0DD292A946 ] RsFx0105 C:\Windows\system32\DRIVERS\RsFx0105.sys

20:09:56.0965 4432 RsFx0105 - ok

20:09:57.0168 4432 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

20:09:57.0215 4432 rspndr - ok

20:09:57.0277 4432 [ 53892CBD9735A80712EE9439268344B4 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys

20:09:57.0324 4432 RTL8169 - ok

20:09:57.0355 4432 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe

20:09:57.0371 4432 SamSs - ok

20:09:57.0433 4432 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

20:09:57.0464 4432 sbp2port - ok

20:09:57.0495 4432 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll

20:09:57.0542 4432 SCardSvr - ok

20:09:57.0932 4432 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll

20:09:58.0026 4432 Schedule - ok

20:09:58.0088 4432 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll

20:09:58.0151 4432 SCPolicySvc - ok

20:09:58.0275 4432 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys

20:09:58.0369 4432 sdbus - ok

20:09:58.0431 4432 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll

20:09:58.0463 4432 SDRSVC - ok

20:09:58.0494 4432 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys

20:09:58.0587 4432 secdrv - ok

20:09:58.0619 4432 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll

20:09:58.0697 4432 seclogon - ok<p>20:09%

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

OK, we're not done though:

Please download AdwCleaner from here and save it on your Desktop.

AdwCleaner is a reliable removal tool for Adware, Foistware, toolbars and potentially unwanted programs.

AdwCleaner is a tool that deletes :

· Adwares (software ads)

· PUP/LPI (Potentially Undesirable Program)

· Toolbars

· Hijacker (Hijack of the browser's homepage)

It works with a Search and Deletion methode. It can be easily uninstalled using the "Uninstall" mode.

  1. Right-click on adwcleaner.exe and select Run As Administrator (for XP just double click) to launch the application.
  2. Now click on the Search tab.
  3. Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

Note:

Please look over what was found......especially any folders, we're going to permanently delete it all in the next step....if there's something you may want to keep...please let me know and I'll explain to why it shouldn't be on your system.

If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.

MrC

Link to post
Share on other sites
Tan37

Tan37

Posted
  • Author
Posted

# AdwCleaner v2.115 - Logfile created 03/27/2013 at 16:23:14

# Updated 17/03/2013 by Xplode

# Operating system : Windows Vista Home Premium Service Pack 2 (32 bits)

# User : tan - TAN-PC

# Boot Mode : Normal

# Running from : C:\Users\tan\Documents\Downloads\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

Folder Found : C:\ProgramData\APN

Folder Found : C:\ProgramData\Ask

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\AskBarDis

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8736C681-37A0-40C6-A0F0-4C083409151C}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}

Key Found : HKLM\Software\Freeze.com

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.6001.19401

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [3875 octets] - [27/03/2013 16:14:11]

AdwCleaner[R2].txt - [3806 octets] - [27/03/2013 16:23:14]

########## EOF - C:\AdwCleaner[R2].txt - [3866 octets] ##########

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Please create a new system restore point before continuing.

Lots of adware found....lets clear it out.....

  1. Please re-run AdwCleaner
  2. Click on Delete button.
  3. Confirm each time with OK if asked.
  4. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

Then......

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!

MrC

Link to post
Share on other sites
Tan37

Tan37

Posted
  • Author
Posted

# AdwCleaner v2.115 - Logfile created 03/27/2013 at 23:19:56

# Updated 17/03/2013 by Xplode

# Operating system : Windows Vista Home Premium Service Pack 2 (32 bits)

# User : tan - TAN-PC

# Boot Mode : Normal

# Running from : C:\Users\tan\Documents\Downloads\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\APN

Folder Deleted : C:\ProgramData\Ask

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\AskBarDis

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8736C681-37A0-40C6-A0F0-4C083409151C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}

Key Deleted : HKLM\Software\Freeze.com

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.6001.19401

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [3875 octets] - [27/03/2013 16:14:11]

AdwCleaner[R2].txt - [3935 octets] - [27/03/2013 16:23:14]

AdwCleaner[R3].txt - [3995 octets] - [27/03/2013 18:27:35]

AdwCleaner[R4].txt - [4055 octets] - [27/03/2013 19:20:25]

AdwCleaner[R5].txt - [4115 octets] - [27/03/2013 23:19:32]

AdwCleaner[s1].txt - [4108 octets] - [27/03/2013 23:19:56]

########## EOF - C:\AdwCleaner[s1].txt - [4168 octets] ##########

Link to post
Share on other sites
Tan37

Tan37

Posted
  • Author
Posted

Results of screen317's Security Check version 0.99.61

Windows Vista Service Pack 2 x86 (UAC is enabled)

Internet Explorer 8 Out of date!

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Microsoft Security Essentials

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.70.0.1100

CCleaner

Java 7 Update 7

Java version out of Date!

Adobe Reader 9 Adobe Reader out of Date!

Google Chrome 25.0.1364.172

````````Process Check: objlist.exe by Laurent````````

Microsoft Security Essentials MSMpEng.exe

Microsoft Security Essentials msseces.exe

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

Malwarebytes' Anti-Malware mbamscheduler.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 1 %

````````````````````End of Log``````````````````````

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Java 7 Update 7 <---Please update, should be Update 17

Java version out of Date! <--------Go to control panel > Java > Update Tab > Update Now

Uncheck the box to install the Ask toolbar!!! and any other free "stuff".

If there's no update tab in Java, uninstall it and Download and install the latest version from Here

Uncheck the box to install the Ask toolbar!!! and any other free "stuff".

Adobe Reader 9 Adobe Reader out of Date! <---please check for an update if available or uninstall and download and install Foxit Reader which is less vulnerable to malware and much better than Adobe.

Please Update Chrome, the latest version is Version 26.0.1410.43 m

Google Chrome 25.0.1364.172 <---Old

Then remove the older versions:

You have old versions of Google Chrome on the system.

Please download and run OldChromeRemover.

@Windows Vista/Windows 7 users must use “Run As Administrator.”

----------------------------------------------

You have out dated programs on the system which are vulnerable to malware.

Please update or uninstall them

Info on doing that can be found in my Preventive Maintenance

~~~~~~~~~~~~~~~~~~~~~

A little clean up to do....

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall)

---------------------------------

Please download OTL from one of the links below: (you may already have OTL on the system)

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

http://www.itxassoci...T-Tools/OTL.exe

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, MBAR, etc....AdwCleaner > just run the program and click uninstall.

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.