Jump to content

Infected indeed

GaryCarlton
 Share

Recommended Posts

GaryCarlton

GaryCarlton

Posted
Posted

My PC has somehow become infected with some sort of virus that causes both Chrome and FireFox to open new tabs redirected to various websites (hjas.com, http://globaltechexpert.com/8921415/, for instance), I have run my regular virus protection scans (AVG free, SuperAntiSPyware) to no avail; I downloaded MalwareBytes Anti Malware and have run several full scans, also to no effect. After searching your forums, I followed the basic procedures of running 1) TDSKiller; 2) aswMBR.exe; and finally 3) dds.com. The log files are:

 

15:26:51.0207 27444  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:26:51.0785 27444  ============================================================
15:26:51.0785 27444  Current date / time: 2013/06/27 15:26:51.0785
15:26:51.0785 27444  SystemInfo:
15:26:51.0785 27444  
15:26:51.0785 27444  OS Version: 6.0.6002 ServicePack: 2.0
15:26:51.0785 27444  Product type: Workstation
15:26:51.0785 27444  ComputerName: GARY-PC
15:26:51.0786 27444  UserName: Gary
15:26:51.0786 27444  Windows directory: C:\Windows
15:26:51.0786 27444  System windows directory: C:\Windows
15:26:51.0786 27444  Running under WOW64
15:26:51.0786 27444  Processor architecture: Intel x64
15:26:51.0786 27444  Number of processors: 4
15:26:51.0786 27444  Page size: 0x1000
15:26:51.0786 27444  Boot type: Normal boot
15:26:51.0786 27444  ============================================================
15:26:55.0879 27444  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:26:55.0890 27444  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:26:55.0994 27444  Drive \Device\Harddisk6\DR6 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:26:56.0303 27444  ============================================================
15:26:56.0303 27444  \Device\Harddisk0\DR0:
15:26:56.0304 27444  MBR partitions:
15:26:56.0304 27444  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x389328CC
15:26:56.0304 27444  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3893290B, BlocksNum 0x1A52336
15:26:56.0304 27444  \Device\Harddisk1\DR1:
15:26:56.0304 27444  MBR partitions:
15:26:56.0304 27444  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
15:26:56.0304 27444  \Device\Harddisk6\DR6:
15:26:56.0305 27444  MBR partitions:
15:26:56.0305 27444  \Device\Harddisk6\DR6\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
15:26:56.0305 27444  ============================================================
15:26:56.0328 27444  C: <-> \Device\Harddisk0\DR0\Partition1
15:26:56.0434 27444  D: <-> \Device\Harddisk0\DR0\Partition2
15:26:56.0560 27444  O: <-> \Device\Harddisk6\DR6\Partition1
15:26:56.0607 27444  G: <-> \Device\Harddisk1\DR1\Partition1
15:26:56.0630 27444  ============================================================
15:26:56.0630 27444  Initialize success
15:26:56.0630 27444  ============================================================
15:27:37.0084 27468  ============================================================
15:27:37.0084 27468  Scan started
15:27:37.0084 27468  Mode: Manual; SigCheck; TDLFS; 
15:27:37.0084 27468  ============================================================
15:27:37.0975 27468  ================ Scan system memory ========================
15:27:37.0975 27468  System memory - ok
15:27:37.0976 27468  ================ Scan services =============================
15:27:38.0213 27468  [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
15:27:38.0401 27468  ABBYY.Licensing.FineReader.Sprint.9.0 - ok
15:27:38.0444 27468  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:27:38.0463 27468  ACDaemon - ok
15:27:38.0557 27468  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:27:38.0585 27468  ACPI - ok
15:27:38.0692 27468  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:27:38.0708 27468  AdobeARMservice - ok
15:27:38.0839 27468  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:27:38.0859 27468  AdobeFlashPlayerUpdateSvc - ok
15:27:38.0925 27468  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:27:38.0967 27468  adp94xx - ok
15:27:39.0020 27468  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:27:39.0051 27468  adpahci - ok
15:27:39.0083 27468  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:27:39.0150 27468  adpu160m - ok
15:27:39.0193 27468  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:27:39.0216 27468  adpu320 - ok
15:27:39.0257 27468  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:27:39.0404 27468  AeLookupSvc - ok
15:27:39.0492 27468  [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc             C:\Windows\syswow64\drivers\Afc.sys
15:27:39.0506 27468  Afc - ok
15:27:39.0569 27468  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD             C:\Windows\system32\drivers\afd.sys
15:27:39.0635 27468  AFD - ok
15:27:39.0658 27468  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:27:39.0676 27468  agp440 - ok
15:27:39.0691 27468  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:27:39.0709 27468  aic78xx - ok
15:27:39.0736 27468  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe
15:27:39.0883 27468  ALG - ok
15:27:39.0923 27468  [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:27:39.0938 27468  aliide - ok
15:27:39.0952 27468  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys
15:27:39.0968 27468  amdide - ok
15:27:39.0989 27468  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:27:40.0250 27468  AmdK8 - ok
15:27:40.0317 27468  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll
15:27:40.0350 27468  Appinfo - ok
15:27:40.0400 27468  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:27:40.0418 27468  Apple Mobile Device - ok
15:27:40.0454 27468  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys
15:27:40.0474 27468  arc - ok
15:27:40.0508 27468  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:27:40.0528 27468  arcsas - ok
15:27:40.0563 27468  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:27:40.0623 27468  AsyncMac - ok
15:27:40.0655 27468  [ E68D9B3A3905619732F7FE039466A623 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:27:40.0673 27468  atapi - ok
15:27:40.0721 27468  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:27:40.0810 27468  AudioEndpointBuilder - ok
15:27:40.0820 27468  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:27:40.0856 27468  AudioSrv - ok
15:27:41.0058 27468  [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
15:27:41.0285 27468  AVGIDSAgent - ok
15:27:41.0332 27468  [ 139BD30C32BEE830D0CF39C5324D79DE ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
15:27:41.0355 27468  AVGIDSDriver - ok
15:27:41.0424 27468  [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
15:27:41.0441 27468  AVGIDSHA - ok
15:27:41.0491 27468  [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
15:27:41.0515 27468  Avgldx64 - ok
15:27:41.0535 27468  [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
15:27:41.0560 27468  Avgloga - ok
15:27:41.0585 27468  [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
15:27:41.0604 27468  Avgmfx64 - ok
15:27:41.0644 27468  [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
15:27:41.0662 27468  Avgrkx64 - ok
15:27:41.0707 27468  [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
15:27:41.0733 27468  Avgtdia - ok
15:27:41.0785 27468  [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
15:27:41.0808 27468  avgwd - ok
15:27:41.0871 27468  [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE             C:\Windows\System32\bfe.dll
15:27:41.0974 27468  BFE - ok
15:27:42.0009 27468  BitKinex - ok
15:27:42.0083 27468  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\System32\qmgr.dll
15:27:42.0178 27468  BITS - ok
15:27:42.0202 27468  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:27:42.0513 27468  blbdrive - ok
15:27:42.0567 27468  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:27:42.0593 27468  Bonjour Service - ok
15:27:42.0648 27468  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:27:42.0679 27468  bowser - ok
15:27:42.0718 27468  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:27:42.0886 27468  BrFiltLo - ok
15:27:42.0918 27468  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:27:43.0147 27468  BrFiltUp - ok
15:27:43.0179 27468  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll
15:27:43.0222 27468  Browser - ok
15:27:43.0248 27468  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys
15:27:43.0566 27468  Brserid - ok
15:27:43.0588 27468  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:27:43.0802 27468  BrSerWdm - ok
15:27:43.0812 27468  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:27:44.0155 27468  BrUsbMdm - ok
15:27:44.0183 27468  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:27:44.0466 27468  BrUsbSer - ok
15:27:44.0508 27468  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:27:44.0763 27468  BTHMODEM - ok
15:27:44.0792 27468  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:27:44.0862 27468  cdfs - ok
15:27:44.0895 27468  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:27:45.0106 27468  cdrom - ok
15:27:45.0154 27468  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:27:45.0199 27468  CertPropSvc - ok
15:27:45.0213 27468  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:27:45.0435 27468  circlass - ok
15:27:45.0484 27468  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys
15:27:45.0515 27468  CLFS - ok
15:27:45.0590 27468  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:27:45.0608 27468  clr_optimization_v2.0.50727_32 - ok
15:27:45.0671 27468  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:27:45.0686 27468  clr_optimization_v2.0.50727_64 - ok
15:27:45.0767 27468  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:27:45.0783 27468  clr_optimization_v4.0.30319_32 - ok
15:27:45.0803 27468  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:27:45.0818 27468  clr_optimization_v4.0.30319_64 - ok
15:27:45.0959 27468  [ 2B9A15DFDC14B4ECB1E8FC13AE43E60F ] CltMngSvc       C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
15:27:45.0974 27468  CltMngSvc - ok
15:27:46.0005 27468  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:27:46.0021 27468  cmdide - ok
15:27:46.0036 27468  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:27:46.0056 27468  Compbatt - ok
15:27:46.0061 27468  COMSysApp - ok
15:27:46.0086 27468  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:27:46.0103 27468  crcdisk - ok
15:27:46.0159 27468  [ 1B22BC0B71F65001479DAB792C3F626C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:27:46.0192 27468  CryptSvc - ok
15:27:46.0260 27468  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:27:46.0315 27468  DcomLaunch - ok
15:27:46.0353 27468  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:27:46.0378 27468  DfsC - ok
15:27:46.0480 27468  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe
15:27:46.0642 27468  DFSR - ok
15:27:46.0688 27468  [ CFBB4907C7542180B5E0282301240006 ] DgiVecp         C:\Windows\system32\Drivers\DgiVecp.sys
15:27:46.0706 27468  DgiVecp - ok
15:27:46.0758 27468  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:27:46.0796 27468  Dhcp - ok
15:27:46.0813 27468  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys
15:27:46.0834 27468  disk - ok
15:27:46.0893 27468  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:27:47.0007 27468  Dnscache - ok
15:27:47.0056 27468  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:27:47.0099 27468  dot3svc - ok
15:27:47.0116 27468  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll
15:27:47.0170 27468  DPS - ok
15:27:47.0200 27468  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:27:47.0405 27468  drmkaud - ok
15:27:47.0464 27468  [ EEE504899A0CC781F09CF003CA897771 ] dvdfab          C:\Windows\system32\drivers\dvdfab.sys
15:27:47.0481 27468  dvdfab - ok
15:27:47.0534 27468  [ F3932288EEECD776FF1F9F653AD878F3 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:27:47.0591 27468  DXGKrnl - ok
15:27:47.0617 27468  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
15:27:47.0837 27468  E1G60 - ok
15:27:47.0865 27468  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll
15:27:47.0936 27468  EapHost - ok
15:27:47.0980 27468  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:27:48.0003 27468  Ecache - ok
15:27:48.0043 27468  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:27:48.0090 27468  ehRecvr - ok
15:27:48.0123 27468  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe
15:27:48.0154 27468  ehSched - ok
15:27:48.0174 27468  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll
15:27:48.0226 27468  ehstart - ok
15:27:48.0262 27468  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:27:48.0291 27468  elxstor - ok
15:27:48.0357 27468  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
15:27:48.0440 27468  EMDMgmt - ok
15:27:48.0456 27468  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:27:48.0666 27468  ErrDev - ok
15:27:48.0719 27468  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem     C:\Windows\system32\es.dll
15:27:48.0828 27468  EventSystem - ok
15:27:48.0878 27468  [ 486844F47B6636044A42454614ED4523 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:27:48.0954 27468  exfat - ok
15:27:48.0989 27468  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:27:49.0033 27468  fastfat - ok
15:27:49.0164 27468  [ 83158CA47591AF55A9759B5C648B0462 ] FastFreeConverterUpdt C:\Program Files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe
15:27:49.0239 27468  FastFreeConverterUpdt ( UnsignedFile.Multi.Generic ) - warning
15:27:49.0239 27468  FastFreeConverterUpdt - detected UnsignedFile.Multi.Generic (1)
15:27:49.0298 27468  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:27:49.0529 27468  fdc - ok
15:27:49.0549 27468  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll
15:27:49.0614 27468  fdPHost - ok
15:27:49.0641 27468  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
15:27:49.0718 27468  FDResPub - ok
15:27:49.0743 27468  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:27:49.0761 27468  FileInfo - ok
15:27:49.0781 27468  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:27:49.0835 27468  Filetrace - ok
15:27:49.0891 27468  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:27:49.0937 27468  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
15:27:49.0937 27468  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
15:27:49.0969 27468  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:27:50.0196 27468  flpydisk - ok
15:27:50.0235 27468  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:27:50.0260 27468  FltMgr - ok
15:27:50.0353 27468  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache       C:\Windows\system32\FntCache.dll
15:27:50.0420 27468  FontCache - ok
15:27:50.0489 27468  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:27:50.0503 27468  FontCache3.0.0.0 - ok
15:27:50.0553 27468  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:27:50.0616 27468  Fs_Rec - ok
15:27:50.0643 27468  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:27:50.0662 27468  gagp30kx - ok
15:27:50.0719 27468  [ 617DC2877015270914CA3C03873560D5 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
15:27:50.0757 27468  GameConsoleService - ok
15:27:50.0801 27468  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:27:50.0815 27468  GEARAspiWDM - ok
15:27:50.0868 27468  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:27:50.0923 27468  gpsvc - ok
15:27:51.0024 27468  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:27:51.0040 27468  gupdate - ok
15:27:51.0052 27468  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:27:51.0067 27468  gupdatem - ok
15:27:51.0100 27468  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:27:51.0118 27468  gusvc - ok
15:27:51.0158 27468  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:27:51.0230 27468  HDAudBus - ok
15:27:51.0251 27468  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:27:51.0465 27468  HidBth - ok
15:27:51.0484 27468  [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:27:51.0674 27468  HidIr - ok
15:27:51.0713 27468  [ 59361D38A297755D46A540E450202B2A ] hidserv         C:\Windows\system32\hidserv.dll
15:27:51.0757 27468  hidserv - ok
15:27:51.0780 27468  [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:27:51.0947 27468  HidUsb - ok
15:27:51.0980 27468  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:27:52.0042 27468  hkmsvc - ok
15:27:52.0093 27468  [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
15:27:52.0100 27468  HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
15:27:52.0100 27468  HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
15:27:52.0133 27468  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
15:27:52.0150 27468  HpCISSs - ok
15:27:52.0200 27468  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:27:52.0259 27468  HTTP - ok
15:27:52.0276 27468  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
15:27:52.0294 27468  i2omp - ok
15:27:52.0322 27468  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:27:52.0491 27468  i8042prt - ok
15:27:52.0512 27468  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
15:27:52.0537 27468  iaStorV - ok
15:27:52.0608 27468  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:27:52.0693 27468  idsvc - ok
15:27:52.0742 27468  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:27:52.0759 27468  iirsp - ok
15:27:52.0802 27468  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll
15:27:52.0850 27468  IKEEXT - ok
15:27:52.0949 27468  [ 5F885046A7F420989C8366324FD2EF60 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:27:53.0294 27468  IntcAzAudAddService - ok
15:27:53.0327 27468  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\drivers\intelide.sys
15:27:53.0346 27468  intelide - ok
15:27:53.0371 27468  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:27:53.0621 27468  intelppm - ok
15:27:53.0641 27468  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:27:53.0691 27468  IPBusEnum - ok
15:27:53.0727 27468  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:27:53.0779 27468  IpFilterDriver - ok
15:27:53.0800 27468  [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:27:53.0839 27468  iphlpsvc - ok
15:27:53.0844 27468  IpInIp - ok
15:27:53.0890 27468  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
15:27:54.0042 27468  IPMIDRV - ok
15:27:54.0065 27468  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
15:27:54.0122 27468  IPNAT - ok
15:27:54.0163 27468  [ 0FF335D687C85097725A53458160E81E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:27:54.0203 27468  iPod Service - ok
15:27:54.0238 27468  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:27:54.0301 27468  IRENUM - ok
15:27:54.0326 27468  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:27:54.0345 27468  isapnp - ok
15:27:54.0369 27468  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:27:54.0394 27468  iScsiPrt - ok
15:27:54.0412 27468  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:27:54.0429 27468  iteatapi - ok
15:27:54.0468 27468  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
15:27:54.0486 27468  iteraid - ok
15:27:54.0509 27468  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:27:54.0530 27468  kbdclass - ok
15:27:54.0555 27468  [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:27:54.0727 27468  kbdhid - ok
15:27:54.0761 27468  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe
15:27:54.0802 27468  KeyIso - ok
15:27:54.0848 27468  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:27:54.0888 27468  KSecDD - ok
15:27:54.0911 27468  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:27:54.0973 27468  ksthunk - ok
15:27:55.0046 27468  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:27:55.0113 27468  KtmRm - ok
15:27:55.0148 27468  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:27:55.0187 27468  LanmanServer - ok
15:27:55.0235 27468  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:27:55.0269 27468  LanmanWorkstation - ok
15:27:55.0312 27468  [ E75ADCFAFDEF3F4C3AF3332928D59926 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:27:55.0336 27468  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
15:27:55.0336 27468  LightScribeService - detected UnsignedFile.Multi.Generic (1)
15:27:55.0343 27468  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:27:55.0398 27468  lltdio - ok
15:27:55.0435 27468  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:27:55.0489 27468  lltdsvc - ok
15:27:55.0515 27468  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:27:55.0575 27468  lmhosts - ok
15:27:55.0614 27468  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:27:55.0635 27468  LSI_FC - ok
15:27:55.0656 27468  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:27:55.0678 27468  LSI_SAS - ok
15:27:55.0698 27468  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:27:55.0719 27468  LSI_SCSI - ok
15:27:55.0733 27468  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:27:55.0785 27468  luafv - ok
15:27:55.0807 27468  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:27:55.0842 27468  Mcx2Svc - ok
15:27:55.0869 27468  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys
15:27:55.0925 27468  megasas - ok
15:27:55.0968 27468  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
15:27:55.0998 27468  MegaSR - ok
15:27:56.0035 27468  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll
15:27:56.0136 27468  MMCSS - ok
15:27:56.0153 27468  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys
15:27:56.0194 27468  Modem - ok
15:27:56.0215 27468  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:27:56.0272 27468  monitor - ok
15:27:56.0287 27468  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:27:56.0305 27468  mouclass - ok
15:27:56.0337 27468  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:27:56.0477 27468  mouhid - ok
15:27:56.0500 27468  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:27:56.0518 27468  MountMgr - ok
15:27:56.0559 27468  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:27:56.0650 27468  MozillaMaintenance - ok
15:27:56.0722 27468  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:27:56.0760 27468  mpio - ok
15:27:56.0794 27468  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:27:56.0883 27468  mpsdrv - ok
15:27:56.0936 27468  [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:27:57.0034 27468  MpsSvc - ok
15:27:57.0051 27468  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:27:57.0070 27468  Mraid35x - ok
15:27:57.0127 27468  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:27:57.0173 27468  MRxDAV - ok
15:27:57.0212 27468  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:27:57.0241 27468  mrxsmb - ok
15:27:57.0283 27468  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:27:57.0333 27468  mrxsmb10 - ok
15:27:57.0359 27468  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:27:57.0400 27468  mrxsmb20 - ok
15:27:57.0417 27468  [ 1AC860612B85D8E85EE257D372E39F4D ] msahci          C:\Windows\system32\drivers\msahci.sys
15:27:57.0435 27468  msahci - ok
15:27:57.0463 27468  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:27:57.0484 27468  msdsm - ok
15:27:57.0511 27468  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe
15:27:57.0555 27468  MSDTC - ok
15:27:57.0587 27468  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:27:57.0646 27468  Msfs - ok
15:27:57.0669 27468  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:27:57.0686 27468  msisadrv - ok
15:27:57.0713 27468  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:27:57.0782 27468  MSiSCSI - ok
15:27:57.0787 27468  msiserver - ok
15:27:57.0810 27468  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:27:57.0870 27468  MSKSSRV - ok
15:27:57.0924 27468  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:27:57.0978 27468  MSPCLOCK - ok
15:27:57.0991 27468  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:27:58.0053 27468  MSPQM - ok
15:27:58.0096 27468  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:27:58.0122 27468  MsRPC - ok
15:27:58.0137 27468  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:27:58.0154 27468  mssmbios - ok
15:27:58.0168 27468  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:27:58.0221 27468  MSTEE - ok
15:27:58.0241 27468  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:27:58.0262 27468  Mup - ok
15:27:58.0312 27468  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll
15:27:58.0368 27468  napagent - ok
15:27:58.0423 27468  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:27:58.0448 27468  NativeWifiP - ok
15:27:58.0482 27468  NAVENG - ok
15:27:58.0489 27468  NAVEX15 - ok
15:27:58.0554 27468  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:27:58.0630 27468  NDIS - ok
15:27:58.0659 27468  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:27:58.0711 27468  NdisTapi - ok
15:27:58.0737 27468  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:27:58.0778 27468  Ndisuio - ok
15:27:58.0819 27468  [ F8158771905260982CE724076419EF19 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:27:58.0862 27468  NdisWan - ok
15:27:58.0883 27468  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:27:58.0984 27468  NDProxy - ok
15:27:59.0083 27468  [ C7F5C284B6F46FCAF6910EA4E644700B ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
15:27:59.0144 27468  Nero BackItUp Scheduler 4.0 - ok
15:27:59.0265 27468  [ 2CFE312B910C43E30A6F3D16E24CC2A3 ] NeroMediaHomeService.4 C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
15:27:59.0283 27468  NeroMediaHomeService.4 - ok
15:27:59.0314 27468  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:27:59.0356 27468  NetBIOS - ok
15:27:59.0408 27468  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
15:27:59.0444 27468  netbt - ok
15:27:59.0573 27468  [ 40DE9F282262D5CD87DC6091277FE149 ] NETGEARGenieDaemon C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
15:27:59.0596 27468  NETGEARGenieDaemon - ok
15:27:59.0608 27468  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe
15:27:59.0653 27468  Netlogon - ok
15:27:59.0693 27468  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
15:27:59.0765 27468  Netman - ok
15:27:59.0793 27468  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
15:27:59.0845 27468  netprofm - ok
15:27:59.0894 27468  [ 0E27AF88B9C2291D2FDE9FAAEBD2E9A3 ] netr7364        C:\Windows\system32\DRIVERS\netr7364.sys
15:28:00.0086 27468  netr7364 - ok
15:28:00.0133 27468  [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:28:00.0151 27468  NetTcpPortSharing - ok
15:28:00.0196 27468  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:28:00.0212 27468  nfrd960 - ok
15:28:00.0236 27468  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:28:00.0282 27468  NlaSvc - ok
15:28:00.0287 27468  Norton Internet Security - ok
15:28:00.0339 27468  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             C:\Windows\system32\drivers\npf.sys
15:28:00.0354 27468  NPF - ok
15:28:00.0399 27468  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:28:00.0430 27468  Npfs - ok
15:28:00.0439 27468  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll
15:28:00.0485 27468  nsi - ok
15:28:00.0497 27468  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:28:00.0549 27468  nsiproxy - ok
15:28:00.0622 27468  [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:28:00.0744 27468  Ntfs - ok
15:28:00.0762 27468  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
15:28:00.0821 27468  Null - ok
15:28:00.0883 27468  [ 98350606682594521D56ECCB5D01ECF7 ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx64.sys
15:28:00.0983 27468  NVENETFD - ok
15:28:01.0207 27468  [ E57F802BA29010C557B549392F7E3CA1 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:28:01.0614 27468  nvlddmkm - ok
15:28:01.0638 27468  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:28:01.0658 27468  nvraid - ok
15:28:01.0692 27468  [ 011DB85AFFD2368348181C552E025D98 ] nvrd64          C:\Windows\system32\drivers\nvrd64.sys
15:28:01.0711 27468  nvrd64 - ok
15:28:01.0746 27468  [ 16D36074B84DA72D160233C8D132DC89 ] nvsmu           C:\Windows\system32\drivers\nvsmu.sys
15:28:01.0759 27468  nvsmu - ok
15:28:01.0776 27468  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:28:01.0794 27468  nvstor - ok
15:28:01.0826 27468  [ FA6D13AA972967EB46862D0F0372A65A ] nvstor64        C:\Windows\system32\drivers\nvstor64.sys
15:28:01.0841 27468  nvstor64 - ok
15:28:01.0872 27468  [ CC015D29C3BE698D14BD9B5E23E33C0D ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:28:01.0935 27468  nvsvc - ok
15:28:01.0965 27468  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:28:01.0985 27468  nv_agp - ok
15:28:01.0990 27468  NwlnkFlt - ok
15:28:01.0997 27468  NwlnkFwd - ok
15:28:02.0055 27468  [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:28:02.0106 27468  ohci1394 - ok
15:28:02.0157 27468  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:28:02.0246 27468  p2pimsvc - ok
15:28:02.0274 27468  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll
15:28:02.0307 27468  p2psvc - ok
15:28:02.0336 27468  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys
15:28:02.0577 27468  Parport - ok
15:28:02.0627 27468  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:28:02.0646 27468  partmgr - ok
15:28:02.0669 27468  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:28:02.0707 27468  PcaSvc - ok
15:28:02.0752 27468  PcdrNdisuio - ok
15:28:02.0798 27468  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci             C:\Windows\system32\drivers\pci.sys
15:28:02.0820 27468  pci - ok
15:28:02.0833 27468  [ 2657F6C0B78C36D95034BE109336E382 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:28:02.0851 27468  pciide - ok
15:28:02.0893 27468  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:28:02.0921 27468  pcmcia - ok
15:28:02.0948 27468  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:28:03.0050 27468  PEAUTH - ok
15:28:03.0077 27468  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:28:03.0119 27468  PerfHost - ok
15:28:03.0176 27468  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll
15:28:03.0253 27468  pla - ok
15:28:03.0305 27468  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:28:03.0347 27468  PlugPlay - ok
15:28:03.0373 27468  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
15:28:03.0404 27468  PNRPAutoReg - ok
15:28:03.0431 27468  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc         C:\Windows\system32\p2psvc.dll
15:28:03.0464 27468  PNRPsvc - ok
15:28:03.0494 27468  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:28:03.0548 27468  PolicyAgent - ok
15:28:03.0596 27468  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:28:03.0663 27468  PptpMiniport - ok
15:28:03.0693 27468  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:28:03.0757 27468  Processor - ok
15:28:03.0812 27468  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc         C:\Windows\system32\profsvc.dll
15:28:03.0858 27468  ProfSvc - ok
15:28:03.0873 27468  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
15:28:03.0889 27468  ProtectedStorage - ok
15:28:03.0949 27468  [ 1D0A3F565397D08707F3D75B88586645 ] Ps2             C:\Windows\system32\DRIVERS\PS2.sys
15:28:04.0176 27468  Ps2 - ok
15:28:04.0226 27468  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:28:04.0257 27468  PSched - ok
15:28:04.0293 27468  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:28:04.0370 27468  ql2300 - ok
15:28:04.0389 27468  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:28:04.0410 27468  ql40xx - ok
15:28:04.0457 27468  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll
15:28:04.0481 27468  QWAVE - ok
15:28:04.0494 27468  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:28:04.0523 27468  QWAVEdrv - ok
15:28:04.0540 27468  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:28:04.0581 27468  RasAcd - ok
15:28:04.0600 27468  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll
15:28:04.0659 27468  RasAuto - ok
15:28:04.0700 27468  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:28:04.0734 27468  Rasl2tp - ok
15:28:04.0750 27468  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll
15:28:04.0809 27468  RasMan - ok
15:28:04.0849 27468  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:28:04.0902 27468  RasPppoe - ok
15:28:04.0980 27468  [ C6A593B51F34C33E5474539544072527 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:28:05.0035 27468  RasSstp - ok
15:28:05.0108 27468  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:28:05.0164 27468  rdbss - ok
15:28:05.0185 27468  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:28:05.0232 27468  RDPCDD - ok
15:28:05.0262 27468  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
15:28:05.0482 27468  rdpdr - ok
15:28:05.0487 27468  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:28:05.0541 27468  RDPENCDD - ok
15:28:05.0589 27468  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:28:05.0635 27468  RDPWD - ok
15:28:05.0656 27468  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:28:05.0713 27468  RemoteAccess - ok
15:28:05.0756 27468  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:28:05.0791 27468  RemoteRegistry - ok
15:28:05.0827 27468  [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
15:28:06.0023 27468  RimUsb - ok
15:28:06.0048 27468  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
15:28:06.0126 27468  RpcLocator - ok
15:28:06.0184 27468  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs           C:\Windows\system32\rpcss.dll
15:28:06.0231 27468  RpcSs - ok
15:28:06.0249 27468  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:28:06.0301 27468  rspndr - ok
15:28:06.0313 27468  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs           C:\Windows\system32\lsass.exe
15:28:06.0334 27468  SamSs - ok
15:28:06.0416 27468  [ 5BF35C4EA3F00FA8D3F1E5BF03D24584 ] SASDIFSV        C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS
15:28:06.0449 27468  SASDIFSV ( UnsignedFile.Multi.Generic ) - warning
15:28:06.0449 27468  SASDIFSV - detected UnsignedFile.Multi.Generic (1)
15:28:06.0488 27468  [ A22F08C98AC2F44587BF3A1FB52BF8CD ] SASENUM         C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS
15:28:06.0519 27468  SASENUM ( UnsignedFile.Multi.Generic ) - warning
15:28:06.0519 27468  SASENUM - detected UnsignedFile.Multi.Generic (1)
15:28:06.0561 27468  [ C7D81C10D3BEFEEE41F3408714637438 ] SASKUTIL        C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys
15:28:06.0576 27468  SASKUTIL ( UnsignedFile.Multi.Generic ) - warning
15:28:06.0576 27468  SASKUTIL - detected UnsignedFile.Multi.Generic (1)
15:28:06.0606 27468  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:28:06.0624 27468  sbp2port - ok
15:28:06.0645 27468  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:28:06.0689 27468  SCardSvr - ok
15:28:06.0737 27468  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll
15:28:06.0843 27468  Schedule - ok
15:28:06.0885 27468  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:28:06.0914 27468  SCPolicySvc - ok
15:28:06.0949 27468  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:28:07.0015 27468  SDRSVC - ok
15:28:07.0036 27468  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:28:07.0099 27468  secdrv - ok
15:28:07.0108 27468  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
15:28:07.0166 27468  seclogon - ok
15:28:07.0192 27468  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll
15:28:07.0234 27468  SENS - ok
15:28:07.0246 27468  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:28:07.0418 27468  Serenum - ok
15:28:07.0444 27468  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
15:28:07.0664 27468  Serial - ok
15:28:07.0676 27468  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:28:07.0810 27468  sermouse - ok
15:28:07.0857 27468  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:28:07.0901 27468  SessionEnv - ok
15:28:07.0922 27468  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:28:08.0117 27468  sffdisk - ok
15:28:08.0138 27468  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:28:08.0323 27468  sffp_mmc - ok
15:28:08.0351 27468  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:28:08.0532 27468  sffp_sd - ok
15:28:08.0546 27468  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:28:08.0752 27468  sfloppy - ok
15:28:08.0782 27468  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:28:08.0858 27468  SharedAccess - ok
15:28:08.0931 27468  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:28:08.0977 27468  ShellHWDetection - ok
15:28:08.0988 27468  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:28:09.0008 27468  SiSRaid2 - ok
15:28:09.0031 27468  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:28:09.0050 27468  SiSRaid4 - ok
15:28:09.0132 27468  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc           C:\Windows\system32\SLsvc.exe
15:28:09.0288 27468  slsvc - ok
15:28:09.0328 27468  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:28:09.0393 27468  SLUINotify - ok
15:28:09.0432 27468  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:28:09.0464 27468  Smb - ok
15:28:09.0491 27468  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:28:09.0525 27468  SNMPTRAP - ok
15:28:09.0557 27468  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr           C:\Windows\system32\drivers\spldr.sys
15:28:09.0575 27468  spldr - ok
15:28:09.0636 27468  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler         C:\Windows\System32\spoolsv.exe
15:28:09.0679 27468  Spooler - ok
15:28:09.0684 27468  SRTSP - ok
15:28:09.0691 27468  SRTSPX - ok
15:28:09.0744 27468  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:28:09.0785 27468  srv - ok
15:28:09.0822 27468  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:28:09.0865 27468  srv2 - ok
15:28:09.0888 27468  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:28:09.0927 27468  srvnet - ok
15:28:09.0948 27468  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:28:10.0036 27468  SSDPSRV - ok
15:28:10.0109 27468  [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
15:28:10.0127 27468  SSPORT - ok
15:28:10.0179 27468  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:28:10.0224 27468  SstpSvc - ok
15:28:10.0298 27468  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll
15:28:10.0340 27468  stisvc - ok
15:28:10.0383 27468  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:28:10.0399 27468  swenum - ok
15:28:10.0441 27468  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv           C:\Windows\System32\swprv.dll
15:28:10.0509 27468  swprv - ok
15:28:10.0524 27468  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
15:28:10.0541 27468  Symc8xx - ok
15:28:10.0556 27468  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:28:10.0573 27468  Sym_hi - ok
15:28:10.0593 27468  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:28:10.0610 27468  Sym_u3 - ok
15:28:10.0657 27468  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain         C:\Windows\system32\sysmain.dll
15:28:10.0763 27468  SysMain - ok
15:28:10.0789 27468  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:28:10.0825 27468  TabletInputService - ok
15:28:10.0871 27468  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:28:10.0959 27468  TapiSrv - ok
15:28:10.0970 27468  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll
15:28:11.0012 27468  TBS - ok
15:28:11.0083 27468  [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:28:11.0177 27468  Tcpip - ok
15:28:11.0233 27468  [ C7C60777592EEF169A11647AAE7A91C3 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:28:11.0325 27468  Tcpip6 - ok
15:28:11.0405 27468  [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:28:11.0436 27468  tcpipreg - ok
15:28:11.0463 27468  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:28:11.0507 27468  TDPIPE - ok
15:28:11.0523 27468  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:28:11.0568 27468  TDTCP - ok
15:28:11.0614 27468  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:28:11.0676 27468  tdx - ok
15:28:11.0707 27468  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:28:11.0748 27468  TermDD - ok
15:28:11.0819 27468  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService     C:\Windows\System32\termsrv.dll
15:28:11.0919 27468  TermService - ok
15:28:11.0946 27468  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll
15:28:11.0965 27468  Themes - ok
15:28:11.0977 27468  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:28:12.0017 27468  THREADORDER - ok
15:28:12.0058 27468  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
15:28:12.0110 27468  TrkWks - ok
15:28:12.0172 27468  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:28:12.0211 27468  TrustedInstaller - ok
15:28:12.0235 27468  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:28:12.0295 27468  tssecsrv - ok
15:28:12.0310 27468  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
15:28:12.0328 27468  tunmp - ok
15:28:12.0367 27468  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:28:12.0398 27468  tunnel - ok
15:28:12.0412 27468  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:28:12.0431 27468  uagp35 - ok
15:28:12.0468 27468  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:28:12.0512 27468  udfs - ok
15:28:12.0537 27468  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:28:12.0588 27468  UI0Detect - ok
15:28:12.0612 27468  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:28:12.0632 27468  uliagpkx - ok
15:28:12.0660 27468  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
15:28:12.0686 27468  uliahci - ok
15:28:12.0714 27468  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:28:12.0737 27468  UlSata - ok
15:28:12.0757 27468  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
15:28:12.0782 27468  ulsata2 - ok
15:28:12.0798 27468  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:28:13.0020 27468  umbus - ok
15:28:13.0045 27468  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
15:28:13.0121 27468  upnphost - ok
15:28:13.0241 27468  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:28:13.0410 27468  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
15:28:13.0410 27468  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
15:28:13.0473 27468  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:28:13.0607 27468  usbccgp - ok
15:28:13.0646 27468  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:28:13.0818 27468  usbcir - ok
15:28:13.0857 27468  [ 827E44DE934A736EA31E91D353EB126F ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:28:14.0058 27468  usbehci - ok
15:28:14.0102 27468  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:28:14.0278 27468  usbhub - ok
15:28:14.0302 27468  [ E406B003A354776D317762694956B0FC ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:28:14.0443 27468  usbohci - ok
15:28:14.0495 27468  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:28:14.0670 27468  usbprint - ok
15:28:14.0736 27468  [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:28:14.0905 27468  usbscan - ok
15:28:14.0937 27468  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:28:15.0069 27468  USBSTOR - ok
15:28:15.0096 27468  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:28:15.0252 27468  usbuhci - ok
15:28:15.0292 27468  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms           C:\Windows\System32\uxsms.dll
15:28:15.0337 27468  UxSms - ok
15:28:15.0385 27468  [ 294945381DFA7CE58CECF0A9896AF327 ] vds             C:\Windows\System32\vds.exe
15:28:15.0474 27468  vds - ok
15:28:15.0524 27468  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:28:15.0675 27468  vga - ok
15:28:15.0690 27468  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:28:15.0733 27468  VgaSave - ok
15:28:15.0749 27468  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys
15:28:15.0764 27468  viaide - ok
15:28:15.0779 27468  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:28:15.0798 27468  volmgr - ok
15:28:15.0849 27468  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:28:15.0879 27468  volmgrx - ok
15:28:15.0930 27468  [ 582F710097B46140F5A89A19A6573D4B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:28:15.0953 27468  volsnap - ok
15:28:15.0971 27468  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:28:15.0993 27468  vsmraid - ok
15:28:16.0096 27468  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS             C:\Windows\system32\vssvc.exe
15:28:16.0203 27468  VSS - ok
15:28:16.0268 27468  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time         C:\Windows\system32\w32time.dll
15:28:16.0338 27468  W32Time - ok
15:28:16.0369 27468  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:28:16.0589 27468  WacomPen - ok
15:28:16.0628 27468  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:28:16.0683 27468  Wanarp - ok
15:28:16.0688 27468  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:28:16.0721 27468  Wanarpv6 - ok
15:28:16.0758 27468  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:28:16.0798 27468  wcncsvc - ok
15:28:16.0827 27468  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:28:16.0897 27468  WcsPlugInService - ok
15:28:16.0926 27468  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
15:28:16.0944 27468  Wd - ok
15:28:17.0041 27468  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:28:17.0123 27468  Wdf01000 - ok
15:28:17.0143 27468  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:28:17.0211 27468  WdiServiceHost - ok
15:28:17.0216 27468  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:28:17.0258 27468  WdiSystemHost - ok
15:28:17.0291 27468  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient       C:\Windows\System32\webclnt.dll
15:28:17.0331 27468  WebClient - ok
15:28:17.0371 27468  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:28:17.0412 27468  Wecsvc - ok
15:28:17.0430 27468  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:28:17.0501 27468  wercplsupport - ok
15:28:17.0512 27468  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll
15:28:17.0558 27468  WerSvc - ok
15:28:17.0582 27468  WinDefend - ok
15:28:17.0589 27468  WinHttpAutoProxySvc - ok
15:28:17.0654 27468  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:28:17.0724 27468  Winmgmt - ok
15:28:17.0794 27468  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:28:17.0902 27468  WinRM - ok
15:28:17.0999 27468  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:28:18.0059 27468  Wlansvc - ok
15:28:18.0092 27468  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:28:18.0245 27468  WmiAcpi - ok
15:28:18.0282 27468  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:28:18.0326 27468  wmiApSrv - ok
15:28:18.0350 27468  WMPNetworkSvc - ok
15:28:18.0369 27468  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:28:18.0412 27468  WPCSvc - ok
15:28:18.0453 27468  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:28:18.0508 27468  WPDBusEnum - ok
15:28:18.0543 27468  [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
15:28:18.0644 27468  WpdUsb - ok
15:28:18.0758 27468  [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:28:18.0813 27468  WPFFontCache_v0400 - ok
15:28:18.0836 27468  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:28:18.0910 27468  ws2ifsl - ok
15:28:18.0949 27468  [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc          C:\Windows\System32\wscsvc.dll
15:28:18.0986 27468  wscsvc - ok
15:28:18.0991 27468  WSearch - ok
15:28:19.0071 27468  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:28:19.0333 27468  wuauserv - ok
15:28:19.0429 27468  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:28:19.0489 27468  WudfPf - ok
15:28:19.0553 27468  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:28:19.0591 27468  WUDFRd - ok
15:28:19.0627 27468  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:28:19.0656 27468  wudfsvc - ok
15:28:19.0700 27468  [ 15CC7077D2DC28776CD430ECABBFFD66 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
15:28:19.0713 27468  {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
15:28:19.0717 27468  ================ Scan global ===============================
15:28:19.0737 27468  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
15:28:19.0787 27468  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
15:28:19.0821 27468  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
15:28:19.0900 27468  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
15:28:19.0914 27468  [Global] - ok
15:28:19.0914 27468  ================ Scan MBR ==================================
15:28:19.0928 27468  [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0
15:28:20.0440 27468  \Device\Harddisk0\DR0 - ok
15:28:20.0445 27468  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
15:28:20.0495 27468  \Device\Harddisk1\DR1 - ok
15:28:20.0502 27468  [ 8464D19686910A2E5D0E5C28C70A95AB ] \Device\Harddisk6\DR6
15:28:20.0914 27468  \Device\Harddisk6\DR6 - ok
15:28:20.0914 27468  ================ Scan VBR ==================================
15:28:20.0918 27468  [ E45B5DDF1C307A5EFE1B0633585A929D ] \Device\Harddisk0\DR0\Partition1
15:28:20.0920 27468  \Device\Harddisk0\DR0\Partition1 - ok
15:28:20.0923 27468  [ 144EADAD46A48DF93733D26D53ED44EF ] \Device\Harddisk0\DR0\Partition2
15:28:20.0926 27468  \Device\Harddisk0\DR0\Partition2 - ok
15:28:20.0929 27468  [ 0FAF54D171BAE735901C1E81524C286D ] \Device\Harddisk1\DR1\Partition1
15:28:20.0931 27468  \Device\Harddisk1\DR1\Partition1 - ok
15:28:20.0936 27468  [ 54074C3C51065AE0B5EDC3129C1BE9CB ] \Device\Harddisk6\DR6\Partition1
15:28:20.0939 27468  \Device\Harddisk6\DR6\Partition1 - ok
15:28:20.0939 27468  ============================================================
15:28:20.0939 27468  Scan finished
15:28:20.0939 27468  ============================================================
15:28:20.0951 8232  Detected object count: 8
15:28:20.0951 8232  Actual detected object count: 8
15:28:55.0064 8232  FastFreeConverterUpdt ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:55.0064 8232  FastFreeConverterUpdt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:55.0067 8232  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:55.0067 8232  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:55.0069 8232  HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:55.0069 8232  HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:55.0073 8232  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:55.0074 8232  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:55.0074 8232  SASDIFSV ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:55.0074 8232  SASDIFSV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:55.0077 8232  SASENUM ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:55.0077 8232  SASENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:55.0079 8232  SASKUTIL ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:55.0079 8232  SASKUTIL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:28:55.0081 8232  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
15:28:55.0081 8232  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
 
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Hello and :welcome:

 

Please run the following scans and post back the logs.  Do not take any action on the items listed by TDSSKiller

 

 

STEP 01

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder.



Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02

Please download Malwarebytes Anti-Rootkit from HERE

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt



STEP 03

Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus





STEP 04

Please download AdwCleaner by Xplode to your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • If prompted by the User Account Control click Yes to allow it to run.
  • Under Actions click on the Delete button.
  • Click OK on all prompts.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the entire contents of that logfile to your next reply.
  • You can find the logfile at C:\AdwCleaner[s1].txt where the number in brackets indicates how often it was run.



STEP 05

button_eos.gif

Please go here to run the online antivirus scannner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.


 

Thanks

Link to post
Share on other sites
GaryCarlton

GaryCarlton

Posted
  • Author
Posted

Thanks for your help. Here's the two requested logs from Malwarebytes:

 

Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org
 
Database version: v2013.06.27.11
 
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Gary :: GARY-PC [administrator]
 
6/27/2013 7:38:53 PM
mbar-log-2013-06-27 (19-38-53).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 287357
Time elapsed: 22 minute(s), 11 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
 
------------------------------
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.0.6002 Windows Vista Service Pack 2 x64
 
Account is Administrative
 
Internet Explorer version: 9.0.8112.16421
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, G:\ DRIVE_FIXED, O:\ DRIVE_FIXED
CPU speed: 1.808000 GHz
Memory total: 4158074880, free: 1190060032
 
Downloaded database version: v2013.06.27.11
Initializing...
------------ Kernel report ------------
     06/27/2013 19:38:46
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\nvraid.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\nvstor64.sys
\SystemRoot\system32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\avgrkx64.sys
\SystemRoot\system32\DRIVERS\avgloga.sys
\SystemRoot\system32\DRIVERS\avgmfx64.sys
\SystemRoot\system32\DRIVERS\avgidsha.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\processr.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\ohci1394.sys
\SystemRoot\system32\DRIVERS\1394BUS.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\nvmfdx64.sys
\SystemRoot\SysWOW64\drivers\Afc.sys
\SystemRoot\system32\drivers\dvdfab.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\avgtdia.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\usbscan.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\netr7364.sys
\SystemRoot\system32\DRIVERS\avgldx64.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\avgidsdrivera.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_nvstor64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\??\C:\Windows\system32\Drivers\SSPORT.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
\SystemRoot\system32\DRIVERS\cdfs.sys
\??\C:\Users\Gary\AppData\Local\Temp\aswMBR.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk10\DR10
Upper Device Object: 0xfffffa8008161790
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000074\
Lower Device Object: 0xfffffa80080e1230
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk9\DR9
Upper Device Object: 0xfffffa800815f790
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000073\
Lower Device Object: 0xfffffa80080d9230
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk8\DR8
Upper Device Object: 0xfffffa800815d790
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000072\
Lower Device Object: 0xfffffa80080db230
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk7\DR7
Upper Device Object: 0xfffffa8008159790
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000071\
Lower Device Object: 0xfffffa80080d7230
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk6\DR6
Upper Device Object: 0xfffffa8007eae060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000070\
Lower Device Object: 0xfffffa8007ead760
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk5\DR5
Upper Device Object: 0xfffffa8007eaa060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000006f\
Lower Device Object: 0xfffffa8007eb3680
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xfffffa8007ea9060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000006e\
Lower Device Object: 0xfffffa8007eb3060
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xfffffa8007eb1060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000006d\
Lower Device Object: 0xfffffa8007e83480
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa8007eb2060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000006c\
Lower Device Object: 0xfffffa8007eb3b70
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa80048ed060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005c\
Lower Device Object: 0xfffffa8004631060
Lower Device Driver Name: \Driver\nvstor64\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80048ee060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000005a\
Lower Device Object: 0xfffffa8003740060
Lower Device Driver Name: \Driver\nvstor64\
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80048ee060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80048eeb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80048ee060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8003748670, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8003740060, DeviceName: \Device\0000005a\, DriverName: \Driver\nvstor64\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1549F232
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 949168332
    Partition file system is NTFS
    Partition is bootable
 
    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 949168395  Numsec = 27599670
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 500107862016 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-62-976753168-976773168)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa80048ed060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80048edb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80048ed060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8004635e40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8004631060, DeviceName: \Device\0000005c\, DriverName: \Driver\nvstor64\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 412EDED
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1953519616
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
 
Done!
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xfffffa8007eb2060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007eb2b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007eb2060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007eb3b70, DeviceName: \Device\0000006c\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa8007eb1060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007eb1b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007eb1060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007e83480, DeviceName: \Device\0000006d\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xfffffa8007ea9060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007ea9b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007ea9060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007eb3060, DeviceName: \Device\0000006e\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 5, DevicePointer: 0xfffffa8007eaa060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007eaab90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007eaa060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007eb3680, DeviceName: \Device\0000006f\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 512
Drive: 6, DevicePointer: 0xfffffa8007eae060, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007ead040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007eae060, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007ead760, DeviceName: \Device\00000070\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 6
Scanning MBR on drive 6...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 76E4E474
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 488392002
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 250059350016 bytes
Sector size: 512 bytes
 
Done!
Physical Sector Size: 0
Drive: 7, DevicePointer: 0xfffffa8008159790, DeviceName: \Device\Harddisk7\DR7\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80080b1250, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8008159790, DeviceName: \Device\Harddisk7\DR7\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa80080d7230, DeviceName: \Device\00000071\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 8, DevicePointer: 0xfffffa800815d790, DeviceName: \Device\Harddisk8\DR8\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80080a9250, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800815d790, DeviceName: \Device\Harddisk8\DR8\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa80080db230, DeviceName: \Device\00000072\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 9, DevicePointer: 0xfffffa800815f790, DeviceName: \Device\Harddisk9\DR9\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80080df250, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800815f790, DeviceName: \Device\Harddisk9\DR9\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa80080d9230, DeviceName: \Device\00000073\, DriverName: \Driver\USBSTOR\
------------ End ----------
Read File:  File "c:\programdata\avg2013\chjw\18441bbb441b9b18.dat:e2ec434c-2e8b-4002-8efb-0b0e03698c7b" is sparse (flags = 32768)
Read File:  File "c:\programdata\avg2013\chjw\949ca48c9ca46a86.dat:8a09786c-1bd9-4f28-9d60-2134e717ba25" is sparse (flags = 32768)
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_0_63_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_1_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_1_r.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_6_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_6_r.mbam...
Removal finished
 
Link to post
Share on other sites
GaryCarlton

GaryCarlton

Posted
  • Author
Posted
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.9.4 (05.06.2013:1)

OS: Windows Vista Home Premium x64

Ran by Gary on Thu 06/27/2013 at 20:34:15.39

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

Failed to stop: [service] cltmngsvc 

 

 

 

~~~ Registry Values

 

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotect

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotectall

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitsearchscopes

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3299568

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{403ED98F-612A-45D8-86D9-E36AE7D0F60E}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{63B14693-6853-4EEA-B327-57DEE9E0C60E}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{63B14693-6853-4EEA-B327-57DEE9E0C60E}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{8F2B645C-867E-418F-A1A5-39B2F7067BE3}

 

 

 

~~~ Files

 

Successfully deleted: [File] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ebay.lnk"

Successfully deleted: [File] "C:\end"

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\trymedia"

Successfully deleted: [Folder] "C:\Users\Gary\AppData\Roaming\opencandy"

Successfully deleted: [Folder] "C:\Users\Gary\AppData\Roaming\searchprotect"

Successfully deleted: [Folder] "C:\Users\Gary\appdata\local\conduit"

Successfully deleted: [Folder] "C:\Users\Gary\appdata\locallow\conduit"

Successfully deleted: [Folder] "C:\Users\Gary\appdata\locallow\fast free converter"

Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"

Successfully deleted: [Folder] "C:\Program Files (x86)\fast free converter"

Successfully deleted: [Folder] "C:\Program Files (x86)\searchprotect"

 

 

 

~~~ FireFox

 

Successfully deleted: [File] C:\Users\Gary\AppData\Roaming\mozilla\firefox\profiles\3knkpv0n.default\user.js

Successfully deleted: [File] C:\Users\Gary\AppData\Roaming\mozilla\firefox\profiles\3knkpv0n.default\searchplugins\conduit.xml

Successfully deleted the following from C:\Users\Gary\AppData\Roaming\mozilla\firefox\profiles\3knkpv0n.default\prefs.js

 


user_pref("Smartbar.ConduitSearchEngineList", "entrusted11 Customized Web Search");


user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");

user_pref("Smartbar.keywordURLSelectedCTID", "CT3299568");


































































user_pref("browser.search.defaultthis.engineName", "entrusted11 Customized Web Search");








user_pref("google.toolbar.search-icon", "data:image/x-icon;base64,AAABAAIAEBAAAAEAIABoBAAAJgAAACAgAAABACAAqBAAAI4EAAAoAAAAEAAAACAAAAABACAAAAAAAAAEAAASCwAAEgsAAAAAAAAAAAAA9IVCS



user_pref("smartbar.machineId", "S9VD/JXCG1/0GVUG3DUULF1U0BHH/R8Q0ZVAOYBZMFQULQ/SIA21ZJVWUXN+0FQLBWPART/CLW2LJMISTN3MSW");

Emptied folder: C:\Users\Gary\AppData\Roaming\mozilla\firefox\profiles\3knkpv0n.default\minidumps [24 files]

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Thu 06/27/2013 at 20:42:13.94

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites
GaryCarlton

GaryCarlton

Posted
  • Author
Posted
# AdwCleaner v2.303 - Logfile created 06/27/2013 at 21:32:37

# Updated 08/06/2013 by Xplode

# Operating system : Windows Vista Home Premium Service Pack 2 (64 bits)

# User : Gary - GARY-PC

# Boot Mode : Normal

# Running from : C:\Users\Gary\Downloads\AdwCleaner.exe

# Option [Delete]

 

 

***** [services] *****

 

Stopped & Deleted : CltMngSvc

 

***** [Files / Folders] *****

 

Deleted on reboot : C:\Program Files (x86)\entrusted11

Deleted on reboot : C:\Users\Gary\AppData\LocalLow\entrusted11

 

***** [Registry] *****

 

Key Deleted : HKCU\Software\AppDataLow\Software\entrusted11

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{77BEECE6-3997-403A-92FA-0055BFCF88E5}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKCU\Software\SearchProtect

Key Deleted : HKCU\Software\YahooPartnerToolbar

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\Software\entrusted11

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DA282E8F-1D48-4A7B-A8BC-86A292F7B8A9}

Key Deleted : HKLM\Software\SearchProtect

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{77BEECE6-3997-403A-92FA-0055BFCF88E5}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DA282E8F-1D48-4A7B-A8BC-86A292F7B8A9}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{238C330B-F60A-4E53-801A-B33656111CB7}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{774FFD4E-C81D-42B6-B008-A72E5107DCE4}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77BEECE6-3997-403A-92FA-0055BFCF88E5}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\entrusted11 Toolbar

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{77BEECE6-3997-403A-92FA-0055BFCF88E5}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{77BEECE6-3997-403A-92FA-0055BFCF88E5}]

Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{77BEECE6-3997-403A-92FA-0055BFCF88E5}]

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v9.0.8112.16490

 

[OK] Registry is clean.

 

-\\ Mozilla Firefox v21.0 (en-US)

 

File : C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\3knkpv0n.default\prefs.js

 

Deleted : user_pref("CT3299568_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]

Deleted : user_pref("SothinkWebVideoDownloaderWebVideoDownloader.HistoryArray_140.name", "KODCT032220H_NS");


Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");

 

-\\ Google Chrome v27.0.1453.116

 

File : C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Preferences

 


 

*************************

 

AdwCleaner[s1].txt - [3916 octets] - [27/06/2013 21:32:37]

 

########## EOF - C:\AdwCleaner[s1].txt - [3976 octets] ##########
Link to post
Share on other sites
GaryCarlton

GaryCarlton

Posted
  • Author
Posted

And finally, the results found by ESET:

 

 

 

C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js Win32/Conduit.SearchProtect.A application
C:\Users\Gary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YD80ATY0\SPSetup[1].exe multiple threats
C:\Users\Gary\AppData\Local\Temp\bundlesweetimsetup.exe probably a variant of Win32/SweetIM.C application
C:\Users\Gary\AppData\Local\Temp\dp.exe Win32/DealPly.B application
C:\Users\Gary\AppData\Local\Temp\FjmbpvCu.exe.part a variant of Win32/OpenInstall application
C:\Users\Gary\AppData\Local\Temp\OptimizerPro.exe a variant of Win32/SpeedingUpMyPC.B application
C:\Users\Gary\Documents\Downloads\DVDShrink_downloader_by_DVDShrink.exe a variant of Win32/Somoto.A application
C:\Users\Gary\Downloads\FixVTS1603zip.exe a variant of Win32/OpenInstall application
C:\Users\Gary\Downloads\setup.exe Win32/InstallCore.BL application
C:\Users\Gary\Downloads\SetupImgBurn_2.5.8.0.exe Win32/OpenCandy application
C:\Windows\Temp\Fix7042.tmp a variant of Win32/OpenInstall application
O:\$RECYCLE.BIN\S-1-5-21-3429026298-246905869-2818592649-1000\$R2ZJ5D7.exe a variant of Win32/InstallCore.D application
O:\driver\wusb54G_030930\DriverUpdaterSetup-2.0.0.4701.exe a variant of Win32/Bundled.Toolbar.Ask application
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please go ahead and delete all the items listed by ESET and if you have trouble removing them let me know.

 

Next, download Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.