Morkel Posted July 21, 2013 ID:705591 Share Posted July 21, 2013 Have got MBAM proused Eset online scanner and it found something called Win32:Softonic-HNow I cant get updates from eset and tells me can not get updates, is proxy confiuguired also comp keeps locking up...MY main firewall AV is Bitdefender and I noticed that when I woke up it wasnt responding overnight so I guess something had chance to hack my computer for 12 hours as Bitdefender was shut down DDS (Ver_2012-11-20.01) - NTFS_x86Internet Explorer: 9.0.8112.16496Run by Chris at 16:41:26 on 2013-07-21Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3060.1060 [GMT 1:00].AV: Bitdefender Antivirus *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Bitdefender Antispyware *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}FW: Bitdefender Firewall *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exeC:\Windows\system32\SLsvc.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Windows\system32\AERTSrv.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exeC:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\System32\igfxpers.exeC:\Windows\System32\hkcmd.exeC:\Windows\RtHDVCpl.exeC:\Windows\system32\igfxsrvc.exeC:\Program Files\Real\RealPlayer\Update\realsched.exeC:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exeC:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\Bitdefender\Bitdefender 2013\seccenter.exeC:\Windows\servicing\TrustedInstaller.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation.============== Pseudo HJT Report ===============.uStart Page = about:blankmStart Page = about:blankBHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dlluRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exeuRun: [FileHippo.com] "c:\program files\filehippo.com\UpdateChecker.exe" /backgroundmRun: [Persistence] c:\windows\system32\igfxpers.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [RtHDVCpl] RtHDVCpl.exemRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osbootmRun: [bdagent] "c:\program files\bitdefender\bitdefender 2013\bdagent.exe"uPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option..TCP: NameServer = 192.168.0.1TCP: Interfaces\{24808C3F-DF8E-4DBB-B40F-D7DB39A51B71} : DHCPNameServer = 192.168.0.203TCP: Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F} : DHCPNameServer = 192.168.0.1Notify: igfxcui - igfxdev.dllLSA: Security Packages = kerberos msv1_0 schannel wdigest tspkgmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.72\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome.================= FIREFOX ===================.FF - ProfilePath - c:\users\chris\appdata\roaming\mozilla\firefox\profiles\63sderl4.default-1373117106094\FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dllFF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dllFF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dllFF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dllFF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dllFF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dllFF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dllFF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dllFF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dllFF - plugin: c:\windows\system32\adobe\director\np32dsw_1203133.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dllFF - ExtSQL: 2013-06-11 08:56; {FCE04E1F-9378-4f39-96F6-5689A9159E45}; c:\programdata\realnetworks\realdownloader\browserplugins\firefox\ExtFF - ExtSQL: 2013-07-20 13:52; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\chris\appdata\roaming\mozilla\firefox\profiles\63sderl4.default-1373117106094\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.============= SERVICES / DRIVERS ===============.R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2013-6-16 633344]R0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2013-6-16 162976]R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2013-6-16 78144]R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [2013-4-8 242504]R3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2013-6-16 487048]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-3-23 22856]S3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2013-6-16 66392]S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-2-6 83864]S3 MOSUMAC;USB-Ethernet Driver;c:\windows\system32\drivers\MOSUMAC.SYS [2010-11-19 43520].=============== Created Last 30 ================.2013-07-20 21:49:23 -------- d-----w- c:\users\chris\appdata\local\Microsoft Games2013-07-19 20:06:37 -------- d-----w- c:\program files\ESET2013-07-19 19:52:51 7143960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{edf86549-4a8b-4deb-90d5-a4e1df2c6b49}\mpengine.dll2013-07-16 09:27:13 -------- d-sh--w- C:\$RECYCLE.BIN2013-07-11 19:44:04 2049024 ----a-w- c:\windows\system32\win32k.sys2013-07-11 19:43:19 505344 ----a-w- c:\windows\system32\qedit.dll2013-07-11 10:23:27 103680 ----a-w- C:\kfriapod.sys2013-07-10 22:03:55 -------- d-----w- c:\programdata\MGS2013-07-10 22:03:55 -------- d-----w- C:\Microgaming.==================== Find3M ====================.2013-07-16 01:28:54 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-07-16 01:28:54 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-06-30 00:45:40 867240 ----a-w- c:\windows\system32\npdeployJava1.dll2013-06-30 00:45:40 789416 ----a-w- c:\windows\system32\deployJava1.dll2013-06-28 19:46:43 487048 ----a-w- c:\windows\system32\drivers\avckf.sys2013-06-16 10:34:02 72704 ----a-w- c:\windows\system32\drivers\bdvedisk.sys2013-06-11 07:54:20 499712 ----a-w- c:\windows\system32\msvcp71.dll2013-06-02 11:53:21 15616 ----a-w- c:\windows\system32\drivers\TrueSight.sys2013-05-29 01:50:14 1800704 ----a-w- c:\windows\system32\jscript9.dll2013-05-29 01:41:52 1427968 ----a-w- c:\windows\system32\inetcpl.cpl2013-05-29 01:41:08 1129472 ----a-w- c:\windows\system32\wininet.dll2013-05-29 01:37:15 142848 ----a-w- c:\windows\system32\ieUnatt.exe2013-05-29 01:36:09 420864 ----a-w- c:\windows\system32\vbscript.dll2013-05-29 01:33:22 2382848 ----a-w- c:\windows\system32\mshtml.tlb2013-05-28 11:11:21 355744 ----a-w- c:\windows\system32\drivers\trufos.sys2013-05-08 04:37:21 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys2013-05-08 04:04:52 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL2013-05-02 22:03:36 3603832 ----a-w- c:\windows\system32\ntkrnlpa.exe2013-05-02 22:03:36 3551096 ----a-w- c:\windows\system32\ntoskrnl.exe2013-05-02 04:04:25 443904 ----a-w- c:\windows\system32\win32spl.dll2013-05-02 04:03:42 37376 ----a-w- c:\windows\system32\printcom.dll2013-05-02 01:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe2013-04-24 04:00:30 985600 ----a-w- c:\windows\system32\crypt32.dll2013-04-24 04:00:30 98304 ----a-w- c:\windows\system32\cryptnet.dll2013-04-24 04:00:30 133120 ----a-w- c:\windows\system32\cryptsvc.dll2013-04-24 04:00:24 41984 ----a-w- c:\windows\system32\certenc.dll2013-04-24 01:46:29 812544 ----a-w- c:\windows\system32\certutil.exe.============= FINISH: 16:42:30.18 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft® Windows Vista™ Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 04/02/2011 10:32:19System Uptime: 21/07/2013 16:31:58 (0 hours ago).Motherboard: Dell Inc. | | 0K216CProcessor: Intel® Core2 Duo CPU E6750 @ 2.66GHz | Socket 775 | 1998/333mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 288 GiB total, 173.098 GiB free.D: is FIXED (NTFS) - 10 GiB total, 3.888 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: GoTrusted TAP AdapterDevice ID: ROOT\NET\0000Manufacturer: GoTrusted TAP ProviderName: GoTrusted TAP AdapterPNP Device ID: ROOT\NET\0000Service: gttap1.==== System Restore Points ===================..==== Installed Programs ======================. Leawo Video Converter version 5.1.0.0Adobe AIRAdobe Community HelpAdobe Download AssistantAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader XI (11.0.03)Adobe Shockwave Player 12.0Bitdefender Internet Security 2013CCleanerConvertXtoDVD 4.0.9.322EasyBCD 1.7ESET Online Scanner v3ffdshow [rev 2180] [2008-10-04]FileHippo.com Update CheckerGoogle ChromeGoogle Update HelperHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)Intel® Graphics Media Accelerator DriverK-Lite Codec Pack 7.0.0 (Standard)Malwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft Office Excel Viewer 2003Microsoft Office Word Viewer 2003Microsoft SilverlightMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft_VC80_ATL_x86Microsoft_VC80_CRT_x86Microsoft_VC80_MFC_x86Microsoft_VC80_MFCLOC_x86Microsoft_VC90_ATL_x86Microsoft_VC90_CRT_x86Microsoft_VC90_MFC_x86Microsoft_VC90_MFCLOC_x86Mozilla Firefox 22.0 (x86 en-US)Mozilla Maintenance ServiceMSXML 4.0 SP3 ParserMSXML 4.0 SP3 Parser (KB2721691)MSXML 4.0 SP3 Parser (KB2758694)MSXML 4.0 SP3 Parser (KB973685)MyFreeCodecNero 7 Lite 7.10.1.2neroxmlOpera 12.15QuickTimeRealDownloaderRealNetworks - Microsoft Visual C++ 2008 RuntimeRealNetworks - Microsoft Visual C++ 2010 RuntimeRealPlayerRealUpgrade 1.1Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)SkitchswMSMUpdate for Microsoft .NET Framework 3.5 SP1 (KB2836940)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Windows Media Player Firefox PluginWinRAR 4.20 (32-bit)YouTube Downloader App 3.00.==== End Of File =========================== Link to post Share on other sites More sharing options...
Maniac Posted July 21, 2013 ID:705618 Share Posted July 21, 2013 Hello Morkel and ! My name is Borislav and I will be glad to help you solve your malware problem. Please note:If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.Make sure you read all of the instructions and fixes thoroughly before continuing with them.Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.Step 1 Please download MiniToolBox, save it to your desktop and run it. Checkmark the following checkboxes:Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList DevicesList Users, Partitions and Memory size.List Minidump FilesClick Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed. Step 2Launch Malwarebytes' Anti-MalwareGo to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.Go to Scanner tab and select Perform Quick Scan, then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately. Step 3Download on the desktop RogueKillerQuit all programsStart RogueKiller.exeWait until Prescan has finished ...Click on Scan. Click on Report and copy/paste the content of the notepad in your next reply.In your next reply, post the following log files:MiniToolBox logMalwarebytes' Anti-Malware logRogueKiller log Link to post Share on other sites More sharing options...
Morkel Posted July 21, 2013 Author ID:705647 Share Posted July 21, 2013 Roguekiller found something in registry called HJ Pol? MiniToolBox by Farbar Version: 13-07-2013Ran by Chris (administrator) on 21-07-2013 at 19:08:17Running from "C:\Users\Chris\Desktop"Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)Boot Mode: Normal***************************************************************************========================= Flush DNS: ===================================Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.========================= IE Proxy Settings: ==============================Proxy is not enabled.No Proxy Server is set."Reset IE Proxy Settings": IE Proxy Settings were reset.========================= FF Proxy Settings: =============================="Reset FF Proxy Settings": Firefox Proxy settings were reset.========================= Hosts content: =================================127.0.0.1 localhost========================= IP Configuration: ================================Intel® 82562V 10/100 Network Connection = Local Area Connection (Connected)# ----------------------------------# IPv4 Configuration# ----------------------------------pushd interface ipv4resetpopd# End of IPv4 configurationWindows IP Configuration Host Name . . . . . . . . . . . . : DELL-530 Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : NoEthernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel® 82562V 10/100 Network Connection Physical Address. . . . . . . . . : 00-1E-C9-82-BA-AF DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::3010:def5:a2ad:9e00%11(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : 21 July 2013 16:33:06 Lease Expires . . . . . . . . . . : 22 July 2013 16:33:06 Default Gateway . . . . . . . . . : 192.168.0.1 DHCP Server . . . . . . . . . . . : 192.168.0.1 DHCPv6 IAID . . . . . . . . . . . : 251666121 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-DD-8D-BF-00-1E-C9-82-BA-AF DNS Servers . . . . . . . . . . . : 192.168.0.1 NetBIOS over Tcpip. . . . . . . . : EnabledTunnel adapter Local Area Connection* 11: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{C010AF49-0C76-4353-BB35-19AE24C74C4F} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : YesTunnel adapter Local Area Connection* 7: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 02-00-54-55-4E-01 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : YesServer: www.routerlogin.comAddress: 192.168.0.1Name: google.comAddresses: 2a00:1450:4009:802::100e 173.194.34.64 173.194.34.71 173.194.34.73 173.194.34.65 173.194.34.68 173.194.34.69 173.194.34.72 173.194.34.78 173.194.34.67 173.194.34.66 173.194.34.70Pinging google.com [173.194.41.164] with 32 bytes of data:Reply from 173.194.41.164: bytes=32 time=34ms TTL=54Reply from 173.194.41.164: bytes=32 time=35ms TTL=54Ping statistics for 173.194.41.164: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 34ms, Maximum = 35ms, Average = 34msServer: www.routerlogin.comAddress: 192.168.0.1Name: yahoo.comAddresses: 206.190.36.45 98.139.183.24 98.138.253.109Pinging yahoo.com [206.190.36.45] with 32 bytes of data:Reply from 206.190.36.45: bytes=32 time=184ms TTL=40Reply from 206.190.36.45: bytes=32 time=185ms TTL=40Ping statistics for 206.190.36.45: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 184ms, Maximum = 185ms, Average = 184msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================Interface List 11 ...00 1e c9 82 ba af ...... Intel® 82562V 10/100 Network Connection 1 ........................... Software Loopback Interface 1 14 ...00 00 00 00 00 00 00 e0 isatap.{C010AF49-0C76-4353-BB35-19AE24C74C4F} 10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface===========================================================================IPv4 Route Table===========================================================================Active Routes:Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.2 20 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.0.0 255.255.255.0 On-link 192.168.0.2 276 192.168.0.2 255.255.255.255 On-link 192.168.0.2 276 192.168.0.255 255.255.255.255 On-link 192.168.0.2 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.0.2 276 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.0.2 276===========================================================================Persistent Routes: NoneIPv6 Route Table===========================================================================Active Routes: If Metric Network Destination Gateway 1 306 ::1/128 On-link 11 276 fe80::/64 On-link 11 276 fe80::3010:def5:a2ad:9e00/128 On-link 1 306 ff00::/8 On-link 11 276 ff00::/8 On-link===========================================================================Persistent Routes: None========================= Winsock entries =====================================Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)========================= Event log errors: ===============================Application errors:==================Error: (07/20/2013 10:13:59 PM) (Source: Application Hang) (User: )Description: The program WinMail.exe version 6.0.6001.18000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.Process ID: 131cStart Time: 01ce858ce4ee4152Termination Time: 0Error: (07/18/2013 00:45:54 AM) (Source: Application Hang) (User: )Description: The program WinMail.exe version 6.0.6001.18000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.Process ID: c64Start Time: 01ce832c30834daeTermination Time: 15Error: (07/17/2013 09:02:30 PM) (Source: SideBySide) (User: )Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.Please use sxstrace.exe for detailed diagnosis.Error: (07/16/2013 10:45:42 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.Please use sxstrace.exe for detailed diagnosis.Error: (07/16/2013 10:27:37 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.Please use sxstrace.exe for detailed diagnosis.Error: (07/14/2013 03:50:09 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.Please use sxstrace.exe for detailed diagnosis.Error: (07/13/2013 09:03:52 PM) (Source: Perflib) (User: )Description: EmdCacheC:\Windows\system32\emdmgmt.dll4Error: (07/13/2013 09:03:52 PM) (Source: Perflib) (User: )Description: BITSC:\Windows\system32\bitsperf.dll4Error: (07/13/2013 08:14:30 PM) (Source: Windows Search Service) (User: )Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\63SDERL4.DEFAULT-1373117106094\CACHE\B\64> in the hash map cannot be updated.Context: Application, SystemIndex CatalogDetails: A device attached to the system is not functioning. (0x8007001f)Error: (07/13/2013 08:14:30 PM) (Source: Windows Search Service) (User: )Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\63SDERL4.DEFAULT-1373117106094\CACHE\B\64> in the hash map cannot be updated.Context: Application, SystemIndex CatalogDetails: A device attached to the system is not functioning. (0x8007001f)System errors:=============Error: (07/21/2013 01:56:36 AM) (Source: Service Control Manager) (User: )Description: Bitdefender Virus Shield3Error: (07/21/2013 00:53:56 AM) (Source: Service Control Manager) (User: )Description: Bitdefender Virus Shield2Error: (07/20/2013 02:16:53 PM) (Source: Service Control Manager) (User: )Description: Bitdefender Virus Shield1Error: (07/20/2013 01:23:12 PM) (Source: Service Control Manager) (User: )Description: Bitdefender Virus Shield3Error: (07/18/2013 01:05:46 PM) (Source: Service Control Manager) (User: )Description: Bitdefender Virus Shield2Error: (07/17/2013 09:27:42 PM) (Source: Service Control Manager) (User: )Description: Bitdefender Virus Shield1Error: (07/17/2013 09:00:44 PM) (Source: EventLog) (User: )Description: The previous system shutdown at 18:55:23 on 17/07/2013 was unexpected.Error: (07/16/2013 04:45:48 PM) (Source: Service Control Manager) (User: )Description: Bitdefender Virus Shield1Error: (07/14/2013 00:13:53 PM) (Source: EventLog) (User: )Description: The previous system shutdown at 12:11:36 on 14/07/2013 was unexpected.Error: (07/13/2013 08:12:46 PM) (Source: EventLog) (User: )Description: The previous system shutdown at 19:26:39 on 13/07/2013 was unexpected.Microsoft Office Sessions:=========================Error: (07/20/2013 10:13:59 PM) (Source: Application Hang)(User: )Description: WinMail.exe6.0.6001.18000131c01ce858ce4ee41520Error: (07/18/2013 00:45:54 AM) (Source: Application Hang)(User: )Description: WinMail.exe6.0.6001.18000c6401ce832c30834dae15Error: (07/17/2013 09:02:30 PM) (Source: SideBySide)(User: )Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exeError: (07/16/2013 10:45:42 AM) (Source: SideBySide)(User: )Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exeError: (07/16/2013 10:27:37 AM) (Source: SideBySide)(User: )Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exeError: (07/14/2013 03:50:09 AM) (Source: SideBySide)(User: )Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Windows\system32\srrstr.dllError: (07/13/2013 09:03:52 PM) (Source: Perflib)(User: )Description: EmdCacheC:\Windows\system32\emdmgmt.dll4Error: (07/13/2013 09:03:52 PM) (Source: Perflib)(User: )Description: BITSC:\Windows\system32\bitsperf.dll4Error: (07/13/2013 08:14:30 PM) (Source: Windows Search Service)(User: )Description: Context: Application, SystemIndex CatalogDetails: A device attached to the system is not functioning. (0x8007001f)C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\63SDERL4.DEFAULT-1373117106094\CACHE\B\64Error: (07/13/2013 08:14:30 PM) (Source: Windows Search Service)(User: )Description: Context: Application, SystemIndex CatalogDetails: A device attached to the system is not functioning. (0x8007001f)C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\63SDERL4.DEFAULT-1373117106094\CACHE\B\64CodeIntegrity Errors:=================================== Date: 2013-07-18 15:12:00.998 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-18 15:12:00.889 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-18 15:12:00.795 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-18 15:12:00.686 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-18 15:12:00.577 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-18 15:12:00.468 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-18 15:11:59.407 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-18 15:11:59.313 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-18 15:11:59.204 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-07-18 15:11:59.095 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.=========================== Installed Programs ============================ Leawo Video Converter version 5.1.0.0Adobe AIR (Version: 3.7.0.1860)Adobe Community Help (Version: 3.4.980)Adobe Download Assistant (Version: 1.0.6)Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)Adobe Flash Player 11 Plugin (Version: 11.8.800.94)Adobe Reader XI (11.0.03) (Version: 11.0.03)Adobe Shockwave Player 12.0 (Version: 12.0.3.133)Bitdefender Internet Security 2013 (Version: 16.30.0.1843)CCleaner (Version: 4.03)ConvertXtoDVD 4.0.9.322 (Version: 4.0.9.322)EasyBCD 1.7 (Version: 1.7)ESET Online Scanner v3ffdshow [rev 2180] [2008-10-04] (Version: 1.0)FileHippo.com Update CheckerGoogle Chrome (Version: 28.0.1500.72)Google Update Helper (Version: 1.3.21.153)Intel® Graphics Media Accelerator DriverK-Lite Codec Pack 7.0.0 (Standard) (Version: 7.0.0)Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)Microsoft Office Excel Viewer 2003 (Version: 11.0.8173.0)Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)Microsoft Silverlight (Version: 5.1.20513.0)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)Microsoft_VC90_ATL_x86 (Version: 1.00.0000)Microsoft_VC90_CRT_x86 (Version: 1.00.0000)Microsoft_VC90_MFC_x86 (Version: 1.00.0000)Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0)Mozilla Maintenance Service (Version: 22.0)MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)MyFreeCodecNero 7 Lite 7.10.1.2 (Version: 7.10.1.2)neroxml (Version: 1.0.0)Opera 12.15 (Version: 12.15.1748)QuickTime (Version: 7.73.80.64)RealDownloader (Version: 1.3.2)RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)RealPlayer (Version: 16.0.2)RealUpgrade 1.1 (Version: 1.1.0)Skitch (Version: 2.2.0.4)swMSM (Version: 12.0.0.1)Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)Windows Media Player Firefox Plugin (Version: 1.0.0.8)WinRAR 4.20 (32-bit) (Version: 4.20.0)YouTube Downloader App 3.00 (Version: 3.00)========================= Devices: ================================Name: GoTrusted TAP AdapterDescription: GoTrusted TAP AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: GoTrusted TAP ProviderService: gttap1Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.========================= Memory info: ===================================Percentage of memory in use: 40%Total physical RAM: 3060.45 MBAvailable physical RAM: 1806.4 MBTotal Pagefile: 6357.91 MBAvailable Pagefile: 4767.33 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1937.2 MB========================= Partitions: =====================================1 Drive c: () (Fixed) (Total:288.32 GB) (Free:173.09 GB) NTFS2 Drive d: (Recovery) (Fixed) (Total:9.77 GB) (Free:3.89 GB) NTFS========================= Users: ========================================User accounts for \\DELL-530Administrator Chris Guest ========================= Minidump Files ==================================No minidump file found**** End of log **** Malwarebytes Anti-Malware (PRO) 1.75.0.1300www.malwarebytes.orgDatabase version: v2013.07.21.06Windows Vista Service Pack 2 x86 NTFSInternet Explorer 9.0.8112.16421Chris :: DELL-530 [administrator]Protection: Enabled21/07/2013 19:09:16mbam-log-2013-07-21 (19-09-16).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 202518Time elapsed: 5 minute(s), 49 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end) RogueKiller V8.6.3 [Jul 17 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits versionStarted in : Normal modeUser : Chris [Admin rights]Mode : Scan -- Date : 07/21/2013 19:18:43| ARK || FAK || MBR |¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Registry Entries : 1 ¤¤¤[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND¤¤¤ Scheduled tasks : 0 ¤¤¤¤¤¤ Startup Entries : 0 ¤¤¤¤¤¤ Web browsers : 0 ¤¤¤¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [LOADED] ¤¤¤¤¤¤ External Hives: ¤¤¤-> D:\windows\system32\config\SYSTEM x:\Windows\system32 -> D:\windows\system32\config\SOFTWARE x:\Windows\system32 -> D:\windows\system32\config\SECURITY x:\Windows\system32 -> D:\windows\system32\config\SAM x:\Windows\system32 -> D:\windows\system32\config\DEFAULT x:\Windows\system32 -> D:\Users\Default\NTUSER.DAT x:\Windows\system32 ¤¤¤ Infection : ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts127.0.0.1 localhost¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: ST3320613AS ATA Device +++++--- User ---[MBR] 75cea1566f37ed5202eeca8f75d9ee40[bSP] f9ca80c0c038cea0eeca3eb48d6e0ec9 : Windows Vista MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 295243 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 604659712 | Size: 10000 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[0]_S_07212013_191843.txt >> Link to post Share on other sites More sharing options...
Maniac Posted July 22, 2013 ID:705806 Share Posted July 22, 2013 Leave it. Step 1 Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message.Step 2 Please download AdwCleaner by Xplode onto your desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click on Delete.Confirm each time with Ok.Your computer will be rebooted automatically. A text file will open after the restart.Please post the content of that logfile with your next answer.You can find the logfile at C:\AdwCleaner[s1].txt as well.In your next reply, post the following log files:Junkware Removal Tool logAdwCleaner log Link to post Share on other sites More sharing options...
Morkel Posted July 22, 2013 Author ID:705826 Share Posted July 22, 2013 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 5.2.0 (07.21.2013:1)OS: Windows Vista Home Premium x86Ran by Chris on 22/07/2013 at 11:53:10.07~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry Values~~~ Registry Keys~~~ Files~~~ Folders~~~ FireFoxEmptied folder: C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\63sderl4.default-1373117106094\minidumps [14 files]~~~ Event Viewer Logs were cleared~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 22/07/2013 at 11:56:49.44End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~# AdwCleaner v2.306 - Logfile created 07/22/2013 at 11:58:25# Updated 19/07/2013 by Xplode# Operating system : Windows Vista Home Premium Service Pack 2 (32 bits)# User : Chris - DELL-530# Boot Mode : Normal# Running from : C:\Users\Chris\Desktop\AdwCleaner.exe# Option [Delete]***** [services] ********** [Files / Folders] ********** [Registry] *****Key Deleted : HKLM\Software\InstallIQ***** [internet Browsers] *****-\\ Internet Explorer v9.0.8112.16496[OK] Registry is clean.-\\ Mozilla Firefox v22.0 (en-US)File : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\63sderl4.default-1373117106094\prefs.js[OK] File is clean.-\\ Google Chrome v28.0.1500.72File : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Preferences[OK] File is clean.-\\ Opera v12.15.1748.0File : C:\Users\Chris\AppData\Roaming\Opera\Opera\operaprefs.ini[OK] File is clean.*************************AdwCleaner[s1].txt - [988 octets] - [22/07/2013 11:58:25]########## EOF - C:\AdwCleaner[s1].txt - [1047 octets] ########## Link to post Share on other sites More sharing options...
Maniac Posted July 22, 2013 ID:705864 Share Posted July 22, 2013 Please download the Kaspersky Virus Removal Tool from here to your Desktop. Double-click the Removal Tool. Click the cog in the upper right corner: Select down to and including your main drive. Once done please select the Automatic Scan tab and press Start Scan. Allow AVP to delete all infections found. Once it has finished select the Report tab. Select the Detected threats report from the left and press the Save button. Save it to your Desktop and post the contents in your next reply. Link to post Share on other sites More sharing options...
Morkel Posted July 22, 2013 Author ID:705912 Share Posted July 22, 2013 the link was for virus, so had to look around and find tds 16:33:16.0520 4596 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:4216:33:18.0536 4596 ============================================================16:33:18.0536 4596 Current date / time: 2013/07/22 16:33:18.053616:33:18.0536 4596 SystemInfo:16:33:18.0536 4596 16:33:18.0536 4596 OS Version: 6.0.6002 ServicePack: 2.016:33:18.0536 4596 Product type: Workstation16:33:18.0536 4596 ComputerName: DELL-53016:33:18.0536 4596 UserName: Chris16:33:18.0536 4596 Windows directory: C:\Windows16:33:18.0536 4596 System windows directory: C:\Windows16:33:18.0537 4596 Processor architecture: Intel x8616:33:18.0537 4596 Number of processors: 216:33:18.0537 4596 Page size: 0x100016:33:18.0537 4596 Boot type: Normal boot16:33:18.0537 4596 ============================================================16:33:19.0917 4596 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005016:33:19.0920 4596 ============================================================16:33:19.0920 4596 \Device\Harddisk0\DR0:16:33:19.0921 4596 MBR partitions:16:33:19.0921 4596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x240A580016:33:19.0921 4596 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x240A6000, BlocksNum 0x138800016:33:19.0921 4596 ============================================================16:33:19.0956 4596 C: <-> \Device\Harddisk0\DR0\Partition116:33:20.0031 4596 D: <-> \Device\Harddisk0\DR0\Partition216:33:20.0031 4596 ============================================================16:33:20.0031 4596 Initialize success16:33:20.0031 4596 ============================================================16:33:35.0591 5528 ============================================================16:33:35.0591 5528 Scan started16:33:35.0591 5528 Mode: Manual; SigCheck; TDLFS;16:33:35.0591 5528 ============================================================16:33:36.0627 5528 ================ Scan system memory ========================16:33:36.0627 5528 System memory - ok16:33:36.0628 5528 ================ Scan services =============================16:33:36.0932 5528 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys16:33:37.0095 5528 ACPI - ok16:33:37.0187 5528 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe16:33:37.0219 5528 AdobeARMservice - ok16:33:37.0286 5528 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe16:33:37.0331 5528 AdobeFlashPlayerUpdateSvc - ok16:33:37.0356 5528 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys16:33:37.0424 5528 adp94xx - ok16:33:37.0450 5528 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys16:33:37.0493 5528 adpahci - ok16:33:37.0512 5528 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys16:33:37.0554 5528 adpu160m - ok16:33:37.0567 5528 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys16:33:37.0598 5528 adpu320 - ok16:33:37.0642 5528 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll16:33:37.0725 5528 AeLookupSvc - ok16:33:37.0765 5528 [ 330A1E4DF07C2E29949ED8631CD8828E ] AERTFilters C:\Windows\system32\AERTSrv.exe16:33:37.0850 5528 AERTFilters - ok16:33:37.0880 5528 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys16:33:37.0968 5528 AFD - ok16:33:38.0014 5528 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys16:33:38.0047 5528 agp440 - ok16:33:38.0067 5528 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys16:33:38.0102 5528 aic78xx - ok16:33:38.0117 5528 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe16:33:38.0174 5528 ALG - ok16:33:38.0199 5528 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys16:33:38.0228 5528 aliide - ok16:33:38.0240 5528 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys16:33:38.0273 5528 amdagp - ok16:33:38.0288 5528 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys16:33:38.0317 5528 amdide - ok16:33:38.0337 5528 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys16:33:38.0409 5528 AmdK7 - ok16:33:38.0430 5528 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys16:33:38.0526 5528 AmdK8 - ok16:33:38.0592 5528 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll16:33:38.0657 5528 Appinfo - ok16:33:38.0706 5528 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys16:33:38.0747 5528 arc - ok16:33:38.0788 5528 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys16:33:38.0821 5528 arcsas - ok16:33:38.0837 5528 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys16:33:38.0895 5528 AsyncMac - ok16:33:38.0913 5528 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys16:33:38.0935 5528 atapi - ok16:33:38.0973 5528 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll16:33:39.0028 5528 AudioEndpointBuilder - ok16:33:39.0035 5528 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll16:33:39.0066 5528 Audiosrv - ok16:33:39.0090 5528 [ B5B8FC2C4D520F1F1EED52A980ED5091 ] avc3 C:\Windows\system32\DRIVERS\avc3.sys16:33:39.0135 5528 avc3 - ok16:33:39.0171 5528 [ 7F9B99B564E7C9FBB6729ED95B5BBB24 ] avchv C:\Windows\system32\DRIVERS\avchv.sys16:33:39.0198 5528 avchv - ok16:33:39.0230 5528 [ FBE832C2E80DB000D1B1A707B7E8ECFA ] avckf C:\Windows\system32\DRIVERS\avckf.sys16:33:39.0274 5528 avckf - ok16:33:39.0364 5528 [ A624841BECEE1B0FCAB28BF2E4CB317A ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe16:33:39.0397 5528 BdDesktopParental - ok16:33:39.0444 5528 [ 6743A3C33E8B3BFC2D9B55E15500BB13 ] BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys16:33:39.0475 5528 BdfNdisf - ok16:33:39.0495 5528 [ F7D825F7E47D8A7865F5D2156B1B7A24 ] bdftdif C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys16:33:39.0569 5528 bdftdif - ok16:33:39.0596 5528 [ B6CBFC9D825BB2D955620CD4D8EF07F9 ] BDSandBox C:\Windows\system32\drivers\bdsandbox.sys16:33:39.0619 5528 BDSandBox - ok16:33:39.0658 5528 [ A7478F77584F8DB6AD74B2BBE1144886 ] bdselfpr C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys16:33:39.0759 5528 bdselfpr - ok16:33:39.0798 5528 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys16:33:39.0859 5528 Beep - ok16:33:39.0924 5528 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll16:33:39.0984 5528 BFE - ok16:33:40.0038 5528 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll16:33:40.0122 5528 BITS - ok16:33:40.0151 5528 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys16:33:40.0211 5528 blbdrive - ok16:33:40.0231 5528 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys16:33:40.0274 5528 bowser - ok16:33:40.0308 5528 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys16:33:40.0365 5528 BrFiltLo - ok16:33:40.0394 5528 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys16:33:40.0455 5528 BrFiltUp - ok16:33:40.0486 5528 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll16:33:40.0542 5528 Browser - ok16:33:40.0575 5528 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys16:33:40.0721 5528 Brserid - ok16:33:40.0735 5528 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys16:33:40.0796 5528 BrSerWdm - ok16:33:40.0818 5528 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys16:33:40.0898 5528 BrUsbMdm - ok16:33:40.0923 5528 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys16:33:41.0001 5528 BrUsbSer - ok16:33:41.0025 5528 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys16:33:41.0099 5528 BTHMODEM - ok16:33:41.0148 5528 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys16:33:41.0186 5528 cdfs - ok16:33:41.0202 5528 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys16:33:41.0276 5528 cdrom - ok16:33:41.0344 5528 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll16:33:41.0388 5528 CertPropSvc - ok16:33:41.0394 5528 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys16:33:41.0443 5528 circlass - ok16:33:41.0484 5528 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys16:33:41.0518 5528 CLFS - ok16:33:41.0580 5528 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe16:33:41.0628 5528 clr_optimization_v2.0.50727_32 - ok16:33:41.0693 5528 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe16:33:41.0718 5528 clr_optimization_v4.0.30319_32 - ok16:33:41.0750 5528 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys16:33:41.0779 5528 cmdide - ok16:33:41.0794 5528 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys16:33:41.0826 5528 Compbatt - ok16:33:41.0832 5528 COMSysApp - ok16:33:41.0845 5528 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys16:33:41.0869 5528 crcdisk - ok16:33:41.0896 5528 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys16:33:41.0952 5528 Crusoe - ok16:33:41.0989 5528 [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc C:\Windows\system32\cryptsvc.dll16:33:42.0025 5528 CryptSvc - ok16:33:42.0072 5528 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll16:33:42.0146 5528 DcomLaunch - ok16:33:42.0174 5528 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys16:33:42.0268 5528 DfsC - ok16:33:42.0334 5528 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe16:33:42.0590 5528 DFSR - ok16:33:42.0632 5528 [ 649705E3DAE598BC0F957BACBF9A2BD5 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys16:33:42.0688 5528 dg_ssudbus - ok16:33:42.0731 5528 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll16:33:42.0764 5528 Dhcp - ok16:33:42.0794 5528 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys16:33:42.0819 5528 disk - ok16:33:42.0851 5528 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll16:33:42.0925 5528 Dnscache - ok16:33:42.0943 5528 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll16:33:42.0997 5528 dot3svc - ok16:33:43.0041 5528 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll16:33:43.0097 5528 DPS - ok16:33:43.0139 5528 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys16:33:43.0201 5528 drmkaud - ok16:33:43.0240 5528 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys16:33:43.0285 5528 DXGKrnl - ok16:33:43.0332 5528 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys16:33:43.0370 5528 e1express - ok16:33:43.0415 5528 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys16:33:43.0472 5528 E1G60 - ok16:33:43.0522 5528 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll16:33:43.0647 5528 EapHost - ok16:33:43.0731 5528 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys16:33:43.0784 5528 Ecache - ok16:33:43.0855 5528 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe16:33:43.0900 5528 ehRecvr - ok16:33:43.0919 5528 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe16:33:44.0011 5528 ehSched - ok16:33:44.0034 5528 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll16:33:44.0147 5528 ehstart - ok16:33:44.0193 5528 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys16:33:44.0256 5528 elxstor - ok16:33:44.0297 5528 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll16:33:44.0402 5528 EMDMgmt - ok16:33:44.0421 5528 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys16:33:44.0490 5528 ErrDev - ok16:33:44.0553 5528 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll16:33:44.0628 5528 EventSystem - ok16:33:44.0673 5528 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys16:33:44.0746 5528 exfat - ok16:33:44.0758 5528 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys16:33:44.0820 5528 fastfat - ok16:33:44.0852 5528 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys16:33:44.0931 5528 fdc - ok16:33:44.0960 5528 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll16:33:45.0031 5528 fdPHost - ok16:33:45.0065 5528 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll16:33:45.0157 5528 FDResPub - ok16:33:45.0182 5528 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys16:33:45.0203 5528 FileInfo - ok16:33:45.0232 5528 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys16:33:45.0295 5528 Filetrace - ok16:33:45.0321 5528 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys16:33:45.0381 5528 flpydisk - ok16:33:45.0411 5528 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys16:33:45.0467 5528 FltMgr - ok16:33:45.0542 5528 [ 119ACA7CADCA75BEA6B38E999443BAA6 ] FontCache C:\Windows\system32\FntCache.dll16:33:45.0691 5528 FontCache - ok16:33:45.0762 5528 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe16:33:45.0828 5528 FontCache3.0.0.0 - ok16:33:45.0879 5528 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys16:33:45.0994 5528 Fs_Rec - ok16:33:46.0020 5528 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys16:33:46.0079 5528 gagp30kx - ok16:33:46.0127 5528 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll16:33:46.0205 5528 gpsvc - ok16:33:46.0283 5528 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe16:33:46.0364 5528 gupdate - ok16:33:46.0383 5528 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe16:33:46.0410 5528 gupdatem - ok16:33:46.0449 5528 [ 9C1E3F5A672EDB0831AAF3E36B6876A6 ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys16:33:46.0468 5528 gzflt - ok16:33:46.0522 5528 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys16:33:46.0581 5528 HdAudAddService - ok16:33:46.0607 5528 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys16:33:46.0711 5528 HDAudBus - ok16:33:46.0731 5528 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys16:33:46.0822 5528 HidBth - ok16:33:46.0847 5528 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys16:33:46.0908 5528 HidIr - ok16:33:46.0949 5528 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll16:33:47.0049 5528 hidserv - ok16:33:47.0066 5528 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys16:33:47.0119 5528 HidUsb - ok16:33:47.0149 5528 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll16:33:47.0212 5528 hkmsvc - ok16:33:47.0240 5528 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys16:33:47.0291 5528 HpCISSs - ok16:33:47.0325 5528 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys16:33:47.0371 5528 HTTP - ok16:33:47.0400 5528 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys16:33:47.0430 5528 i2omp - ok16:33:47.0480 5528 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys16:33:47.0569 5528 i8042prt - ok16:33:47.0618 5528 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys16:33:47.0658 5528 iaStorV - ok16:33:47.0719 5528 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe16:33:47.0856 5528 idsvc - ok16:33:47.0926 5528 [ 63C56DAC467EF814B60FF2AA2286C917 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys16:33:48.0166 5528 igfx - ok16:33:48.0181 5528 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys16:33:48.0215 5528 iirsp - ok16:33:48.0250 5528 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll16:33:48.0341 5528 IKEEXT - ok16:33:48.0498 5528 [ F8F53C5449F15B23D4C61D51D2701DA8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys16:33:48.0759 5528 IntcAzAudAddService - ok16:33:48.0792 5528 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys16:33:48.0816 5528 intelide - ok16:33:48.0850 5528 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys16:33:48.0902 5528 intelppm - ok16:33:48.0948 5528 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll16:33:49.0064 5528 IPBusEnum - ok16:33:49.0099 5528 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys16:33:49.0171 5528 IpFilterDriver - ok16:33:49.0187 5528 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll16:33:49.0260 5528 iphlpsvc - ok16:33:49.0265 5528 IpInIp - ok16:33:49.0282 5528 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys16:33:49.0320 5528 IPMIDRV - ok16:33:49.0339 5528 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys16:33:49.0402 5528 IPNAT - ok16:33:49.0428 5528 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys16:33:49.0492 5528 IRENUM - ok16:33:49.0512 5528 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys16:33:49.0539 5528 isapnp - ok16:33:49.0587 5528 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys16:33:49.0647 5528 iScsiPrt - ok16:33:49.0671 5528 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys16:33:49.0702 5528 iteatapi - ok16:33:49.0746 5528 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys16:33:49.0792 5528 iteraid - ok16:33:49.0814 5528 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys16:33:49.0910 5528 kbdclass - ok16:33:49.0941 5528 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys16:33:50.0068 5528 kbdhid - ok16:33:50.0124 5528 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe16:33:50.0214 5528 KeyIso - ok16:33:50.0251 5528 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys16:33:50.0307 5528 KSecDD - ok16:33:50.0358 5528 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll16:33:50.0422 5528 KtmRm - ok16:33:50.0446 5528 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll16:33:50.0482 5528 LanmanServer - ok16:33:50.0524 5528 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll16:33:50.0593 5528 LanmanWorkstation - ok16:33:50.0643 5528 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys16:33:50.0705 5528 lltdio - ok16:33:50.0733 5528 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll16:33:50.0784 5528 lltdsvc - ok16:33:50.0805 5528 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll16:33:50.0865 5528 lmhosts - ok16:33:50.0907 5528 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys16:33:50.0973 5528 LSI_FC - ok16:33:51.0001 5528 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys16:33:51.0029 5528 LSI_SAS - ok16:33:51.0043 5528 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys16:33:51.0086 5528 LSI_SCSI - ok16:33:51.0095 5528 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys16:33:51.0128 5528 luafv - ok16:33:51.0148 5528 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys16:33:51.0187 5528 MBAMProtector - ok16:33:51.0241 5528 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe16:33:51.0324 5528 MBAMScheduler - ok16:33:51.0359 5528 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe16:33:51.0414 5528 MBAMService - ok16:33:51.0448 5528 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll16:33:51.0488 5528 Mcx2Svc - ok16:33:51.0510 5528 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys16:33:51.0535 5528 megasas - ok16:33:51.0564 5528 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys16:33:51.0607 5528 MegaSR - ok16:33:51.0648 5528 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll16:33:51.0700 5528 MMCSS - ok16:33:51.0731 5528 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys16:33:51.0822 5528 Modem - ok16:33:51.0854 5528 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys16:33:51.0902 5528 monitor - ok16:33:51.0956 5528 [ E07AFAF733D3004F5DC64AA3A47700B1 ] MOSUMAC C:\Windows\system32\DRIVERS\MOSUMAC.SYS16:33:52.0083 5528 MOSUMAC - ok16:33:52.0087 5528 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys16:33:52.0140 5528 mouclass - ok16:33:52.0166 5528 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys16:33:52.0237 5528 mouhid - ok16:33:52.0263 5528 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys16:33:52.0282 5528 MountMgr - ok16:33:52.0319 5528 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe16:33:52.0367 5528 MozillaMaintenance - ok16:33:52.0403 5528 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys16:33:52.0447 5528 mpio - ok16:33:52.0493 5528 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys16:33:52.0558 5528 mpsdrv - ok16:33:52.0606 5528 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll16:33:52.0666 5528 MpsSvc - ok16:33:52.0695 5528 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys16:33:52.0742 5528 Mraid35x - ok16:33:52.0767 5528 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys16:33:52.0811 5528 MRxDAV - ok16:33:52.0841 5528 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys16:33:52.0921 5528 mrxsmb - ok16:33:52.0950 5528 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys16:33:53.0038 5528 mrxsmb10 - ok16:33:53.0044 5528 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys16:33:53.0089 5528 mrxsmb20 - ok16:33:53.0094 5528 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys16:33:53.0159 5528 msahci - ok16:33:53.0189 5528 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys16:33:53.0247 5528 msdsm - ok16:33:53.0284 5528 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe16:33:53.0372 5528 MSDTC - ok16:33:53.0404 5528 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys16:33:53.0465 5528 Msfs - ok16:33:53.0512 5528 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys16:33:53.0537 5528 msisadrv - ok16:33:53.0629 5528 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll16:33:53.0716 5528 MSiSCSI - ok16:33:53.0771 5528 msiserver - ok16:33:53.0799 5528 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys16:33:53.0910 5528 MSKSSRV - ok16:33:53.0938 5528 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys16:33:53.0974 5528 MSPCLOCK - ok16:33:54.0006 5528 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys16:33:54.0083 5528 MSPQM - ok16:33:54.0112 5528 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys16:33:54.0204 5528 MsRPC - ok16:33:54.0225 5528 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys16:33:54.0245 5528 mssmbios - ok16:33:54.0271 5528 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys16:33:54.0373 5528 MSTEE - ok16:33:54.0400 5528 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys16:33:54.0457 5528 Mup - ok16:33:54.0496 5528 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll16:33:54.0567 5528 napagent - ok16:33:54.0634 5528 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys16:33:54.0784 5528 NativeWifiP - ok16:33:54.0833 5528 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys16:33:55.0073 5528 NDIS - ok16:33:55.0109 5528 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys16:33:55.0180 5528 NdisTapi - ok16:33:55.0208 5528 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys16:33:55.0321 5528 Ndisuio - ok16:33:55.0371 5528 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys16:33:55.0446 5528 NdisWan - ok16:33:55.0474 5528 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys16:33:55.0580 5528 NDProxy - ok16:33:55.0585 5528 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys16:33:55.0632 5528 NetBIOS - ok16:33:55.0673 5528 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys16:33:55.0740 5528 netbt - ok16:33:55.0762 5528 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe16:33:55.0785 5528 Netlogon - ok16:33:55.0844 5528 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll16:33:55.0903 5528 Netman - ok16:33:56.0006 5528 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll16:33:56.0093 5528 netprofm - ok16:33:56.0130 5528 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe16:33:56.0193 5528 NetTcpPortSharing - ok16:33:56.0230 5528 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys16:33:56.0295 5528 nfrd960 - ok16:33:56.0368 5528 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll16:33:56.0413 5528 NlaSvc - ok16:33:56.0440 5528 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys16:33:56.0528 5528 Npfs - ok16:33:56.0565 5528 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll16:33:56.0623 5528 nsi - ok16:33:56.0648 5528 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys16:33:56.0756 5528 nsiproxy - ok16:33:56.0949 5528 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys16:33:57.0037 5528 Ntfs - ok16:33:57.0064 5528 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys16:33:57.0149 5528 ntrigdigi - ok16:33:57.0177 5528 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys16:33:57.0235 5528 Null - ok16:33:57.0265 5528 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys16:33:57.0316 5528 nvraid - ok16:33:57.0337 5528 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys16:33:57.0376 5528 nvstor - ok16:33:57.0400 5528 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys16:33:57.0451 5528 nv_agp - ok16:33:57.0456 5528 NwlnkFlt - ok16:33:57.0461 5528 NwlnkFwd - ok16:33:57.0489 5528 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys16:33:57.0558 5528 ohci1394 - ok16:33:57.0693 5528 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE16:33:57.0802 5528 ose - ok16:33:57.0919 5528 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll16:33:58.0031 5528 p2pimsvc - ok16:33:58.0052 5528 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll16:33:58.0088 5528 p2psvc - ok16:33:58.0129 5528 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys16:33:58.0200 5528 Parport - ok16:33:58.0220 5528 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys16:33:58.0268 5528 partmgr - ok16:33:58.0320 5528 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys16:33:58.0407 5528 Parvdm - ok16:33:58.0438 5528 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll16:33:58.0494 5528 PcaSvc - ok16:33:58.0516 5528 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys16:33:58.0595 5528 pci - ok16:33:58.0617 5528 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys16:33:58.0679 5528 pciide - ok16:33:58.0687 5528 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys16:33:58.0753 5528 pcmcia - ok16:33:58.0801 5528 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys16:33:58.0881 5528 pcouffin - ok16:33:58.0939 5528 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys16:33:59.0139 5528 PEAUTH - ok16:33:59.0199 5528 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll16:33:59.0314 5528 pla - ok16:33:59.0372 5528 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll16:33:59.0437 5528 PlugPlay - ok16:33:59.0477 5528 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll16:33:59.0538 5528 PNRPAutoReg - ok16:33:59.0617 5528 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll16:33:59.0656 5528 PNRPsvc - ok16:33:59.0713 5528 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll16:33:59.0766 5528 PolicyAgent - ok16:33:59.0808 5528 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys16:33:59.0901 5528 PptpMiniport - ok16:33:59.0959 5528 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys16:34:00.0013 5528 Processor - ok16:34:00.0045 5528 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll16:34:00.0077 5528 ProfSvc - ok16:34:00.0101 5528 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe16:34:00.0120 5528 ProtectedStorage - ok16:34:00.0136 5528 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys16:34:00.0185 5528 PSched - ok16:34:00.0229 5528 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys16:34:00.0314 5528 ql2300 - ok16:34:00.0324 5528 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys16:34:00.0354 5528 ql40xx - ok16:34:00.0369 5528 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll16:34:00.0428 5528 QWAVE - ok16:34:00.0453 5528 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys16:34:00.0527 5528 QWAVEdrv - ok16:34:00.0558 5528 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys16:34:00.0626 5528 RasAcd - ok16:34:00.0656 5528 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll16:34:00.0725 5528 RasAuto - ok16:34:00.0731 5528 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys16:34:00.0791 5528 Rasl2tp - ok16:34:00.0831 5528 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll16:34:00.0896 5528 RasMan - ok16:34:00.0917 5528 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys16:34:01.0041 5528 RasPppoe - ok16:34:01.0065 5528 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys16:34:01.0094 5528 RasSstp - ok16:34:01.0112 5528 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys16:34:01.0153 5528 rdbss - ok16:34:01.0176 5528 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys16:34:01.0214 5528 RDPCDD - ok16:34:01.0239 5528 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys16:34:01.0318 5528 rdpdr - ok16:34:01.0342 5528 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys16:34:01.0374 5528 RDPENCDD - ok16:34:01.0405 5528 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys16:34:01.0643 5528 RDPWD - ok16:34:01.0696 5528 [ B2D01290C0E0465ACA54C2088E947823 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe16:34:01.0743 5528 RealNetworks Downloader Resolver Service - ok16:34:01.0814 5528 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll16:34:01.0916 5528 RemoteAccess - ok16:34:01.0942 5528 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll16:34:01.0992 5528 RemoteRegistry - ok16:34:02.0025 5528 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe16:34:02.0065 5528 RpcLocator - ok16:34:02.0084 5528 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\System32\rpcss.dll16:34:02.0126 5528 RpcSs - ok16:34:02.0148 5528 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys16:34:02.0182 5528 rspndr - ok16:34:02.0219 5528 [ 283392AF1860ECDB5E0F8EBD7F3D72DF ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys16:34:02.0290 5528 RTL8169 - ok16:34:02.0308 5528 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe16:34:02.0328 5528 SamSs - ok16:34:02.0361 5528 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys16:34:02.0469 5528 sbp2port - ok16:34:02.0497 5528 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll16:34:02.0573 5528 SCardSvr - ok16:34:02.0616 5528 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll16:34:02.0722 5528 Schedule - ok16:34:02.0756 5528 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll16:34:02.0785 5528 SCPolicySvc - ok16:34:02.0832 5528 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll16:34:02.0902 5528 SDRSVC - ok16:34:02.0939 5528 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys16:34:03.0009 5528 secdrv - ok16:34:03.0024 5528 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll16:34:03.0072 5528 seclogon - ok16:34:03.0091 5528 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll16:34:03.0160 5528 SENS - ok16:34:03.0188 5528 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys16:34:03.0264 5528 Serenum - ok16:34:03.0291 5528 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys16:34:03.0330 5528 Serial - ok16:34:03.0348 5528 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys16:34:03.0387 5528 sermouse - ok16:34:03.0420 5528 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll16:34:03.0475 5528 SessionEnv - ok16:34:03.0503 5528 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys16:34:03.0532 5528 sffdisk - ok16:34:03.0547 5528 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys16:34:03.0580 5528 sffp_mmc - ok16:34:03.0592 5528 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys16:34:03.0689 5528 sffp_sd - ok16:34:03.0716 5528 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys16:34:03.0810 5528 sfloppy - ok16:34:03.0854 5528 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll16:34:03.0921 5528 SharedAccess - ok16:34:03.0964 5528 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll16:34:04.0090 5528 ShellHWDetection - ok16:34:04.0145 5528 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys16:34:04.0226 5528 sisagp - ok16:34:04.0253 5528 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys16:34:04.0359 5528 SiSRaid2 - ok16:34:04.0381 5528 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys16:34:04.0432 5528 SiSRaid4 - ok16:34:04.0515 5528 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe16:34:04.0650 5528 slsvc - ok16:34:04.0697 5528 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll16:34:04.0751 5528 SLUINotify - ok16:34:04.0804 5528 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys16:34:04.0915 5528 Smb - ok16:34:04.0952 5528 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe16:34:05.0001 5528 SNMPTRAP - ok16:34:05.0059 5528 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys16:34:05.0102 5528 spldr - ok16:34:05.0139 5528 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe16:34:05.0218 5528 Spooler - ok16:34:05.0245 5528 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys16:34:05.0321 5528 srv - ok16:34:05.0351 5528 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys16:34:05.0395 5528 srv2 - ok16:34:05.0428 5528 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys16:34:05.0473 5528 srvnet - ok16:34:05.0502 5528 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll16:34:05.0532 5528 SSDPSRV - ok16:34:05.0561 5528 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll16:34:05.0608 5528 SstpSvc - ok16:34:05.0670 5528 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll16:34:05.0798 5528 stisvc - ok16:34:05.0827 5528 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys16:34:05.0856 5528 swenum - ok16:34:05.0882 5528 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll16:34:05.0921 5528 swprv - ok16:34:05.0931 5528 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys16:34:05.0963 5528 Symc8xx - ok16:34:05.0975 5528 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys16:34:05.0999 5528 Sym_hi - ok16:34:06.0004 5528 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys16:34:06.0027 5528 Sym_u3 - ok16:34:06.0051 5528 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll16:34:06.0086 5528 SysMain - ok16:34:06.0116 5528 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll16:34:06.0136 5528 TabletInputService - ok16:34:06.0148 5528 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll16:34:06.0213 5528 TapiSrv - ok16:34:06.0238 5528 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll16:34:06.0287 5528 TBS - ok16:34:06.0340 5528 [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip C:\Windows\system32\drivers\tcpip.sys16:34:06.0422 5528 Tcpip - ok16:34:06.0449 5528 [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys16:34:06.0496 5528 Tcpip6 - ok16:34:06.0508 5528 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys16:34:06.0542 5528 tcpipreg - ok16:34:06.0564 5528 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys16:34:06.0627 5528 TDPIPE - ok16:34:06.0633 5528 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys16:34:06.0687 5528 TDTCP - ok16:34:06.0707 5528 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys16:34:06.0787 5528 tdx - ok16:34:06.0793 5528 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys16:34:06.0837 5528 TermDD - ok16:34:06.0893 5528 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll16:34:06.0934 5528 TermService - ok16:34:06.0953 5528 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll16:34:06.0981 5528 Themes - ok16:34:07.0005 5528 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll16:34:07.0038 5528 THREADORDER - ok16:34:07.0071 5528 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll16:34:07.0128 5528 TrkWks - ok16:34:07.0170 5528 [ 88E0F99FDB8DDCB6E6A15380E164FEA2 ] trufos C:\Windows\system32\DRIVERS\trufos.sys16:34:07.0201 5528 trufos - ok16:34:07.0254 5528 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe16:34:07.0299 5528 TrustedInstaller - ok16:34:07.0353 5528 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys16:34:07.0496 5528 tssecsrv - ok16:34:07.0528 5528 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys16:34:07.0583 5528 tunmp - ok16:34:07.0608 5528 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys16:34:07.0663 5528 tunnel - ok16:34:07.0685 5528 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys16:34:07.0719 5528 uagp35 - ok16:34:07.0735 5528 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys16:34:07.0782 5528 udfs - ok16:34:07.0802 5528 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe16:34:07.0840 5528 UI0Detect - ok16:34:07.0851 5528 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys16:34:07.0883 5528 uliagpkx - ok16:34:07.0890 5528 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys16:34:07.0920 5528 uliahci - ok16:34:07.0931 5528 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys16:34:07.0957 5528 UlSata - ok16:34:07.0971 5528 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys16:34:08.0001 5528 ulsata2 - ok16:34:08.0006 5528 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys16:34:08.0072 5528 umbus - ok16:34:08.0187 5528 [ 9B0B19BD7876465A06A4FC77274A122A ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe16:34:08.0205 5528 UPDATESRV - ok16:34:08.0227 5528 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll16:34:08.0355 5528 upnphost - ok16:34:08.0363 5528 [ 8BD3AE150D97BA4E633C6C5C51B41AE1 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys16:34:08.0445 5528 usbccgp - ok16:34:08.0452 5528 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys16:34:08.0531 5528 usbcir - ok16:34:08.0574 5528 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys16:34:08.0625 5528 usbehci - ok16:34:08.0650 5528 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys16:34:08.0726 5528 usbhub - ok16:34:08.0748 5528 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys16:34:08.0806 5528 usbohci - ok16:34:08.0833 5528 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys16:34:08.0914 5528 usbprint - ok16:34:08.0920 5528 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS16:34:08.0960 5528 USBSTOR - ok16:34:08.0983 5528 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys16:34:09.0045 5528 usbuhci - ok16:34:09.0080 5528 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll16:34:09.0104 5528 UxSms - ok16:34:09.0140 5528 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe16:34:09.0211 5528 vds - ok16:34:09.0240 5528 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys16:34:09.0300 5528 vga - ok16:34:09.0323 5528 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys16:34:09.0356 5528 VgaSave - ok16:34:09.0373 5528 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys16:34:09.0411 5528 viaagp - ok16:34:09.0421 5528 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys16:34:09.0482 5528 ViaC7 - ok16:34:09.0502 5528 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys16:34:09.0546 5528 viaide - ok16:34:09.0551 5528 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys16:34:09.0581 5528 volmgr - ok16:34:09.0614 5528 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys16:34:09.0639 5528 volmgrx - ok16:34:09.0653 5528 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys16:34:09.0700 5528 volsnap - ok16:34:09.0708 5528 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys16:34:09.0735 5528 vsmraid - ok16:34:09.0782 5528 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe16:34:09.0878 5528 VSS - ok16:34:10.0054 5528 [ F6A9C8BF0DA26C8590EFEA81528FE1FD ] VSSERV C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe16:34:10.0103 5528 VSSERV - ok16:34:10.0127 5528 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll16:34:10.0159 5528 W32Time - ok16:34:10.0202 5528 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys16:34:10.0318 5528 WacomPen - ok16:34:10.0348 5528 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys16:34:10.0385 5528 Wanarp - ok16:34:10.0388 5528 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys16:34:10.0414 5528 Wanarpv6 - ok16:34:10.0494 5528 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll16:34:10.0557 5528 wcncsvc - ok16:34:10.0582 5528 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll16:34:10.0647 5528 WcsPlugInService - ok16:34:10.0669 5528 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys16:34:10.0734 5528 Wd - ok16:34:10.0766 5528 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys16:34:10.0823 5528 Wdf01000 - ok16:34:10.0846 5528 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll16:34:10.0948 5528 WdiServiceHost - ok16:34:10.0956 5528 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll16:34:10.0997 5528 WdiSystemHost - ok16:34:11.0061 5528 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll16:34:11.0109 5528 WebClient - ok16:34:11.0116 5528 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll16:34:11.0200 5528 Wecsvc - ok16:34:11.0224 5528 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll16:34:11.0269 5528 wercplsupport - ok16:34:11.0294 5528 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll16:34:11.0331 5528 WerSvc - ok16:34:11.0401 5528 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll16:34:11.0428 5528 WinDefend - ok16:34:11.0434 5528 WinHttpAutoProxySvc - ok16:34:11.0526 5528 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll16:34:11.0557 5528 Winmgmt - ok16:34:11.0781 5528 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll16:34:11.0943 5528 WinRM - ok16:34:11.0993 5528 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys16:34:12.0043 5528 WinUSB - ok16:34:12.0152 5528 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll16:34:12.0234 5528 Wlansvc - ok16:34:12.0258 5528 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys16:34:12.0294 5528 WmiAcpi - ok16:34:12.0347 5528 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe16:34:12.0400 5528 wmiApSrv - ok16:34:12.0632 5528 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe16:34:12.0820 5528 WMPNetworkSvc - ok16:34:12.0850 5528 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll16:34:12.0925 5528 WPCSvc - ok16:34:12.0948 5528 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll16:34:13.0020 5528 WPDBusEnum - ok16:34:13.0058 5528 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys16:34:13.0104 5528 WpdUsb - ok16:34:13.0380 5528 [ 120F3B596F79FC990B7D808857A8B3BC ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe16:34:13.0469 5528 WPFFontCache_v0400 - ok16:34:13.0507 5528 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys16:34:13.0548 5528 ws2ifsl - ok16:34:13.0584 5528 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll16:34:13.0628 5528 wscsvc - ok16:34:13.0633 5528 WSearch - ok16:34:13.0853 5528 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll16:34:13.0949 5528 wuauserv - ok16:34:14.0011 5528 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys16:34:14.0081 5528 WudfPf - ok16:34:14.0137 5528 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys16:34:14.0194 5528 WUDFRd - ok16:34:14.0221 5528 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll16:34:14.0267 5528 wudfsvc - ok16:34:14.0276 5528 ================ Scan global ===============================16:34:14.0319 5528 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll16:34:14.0352 5528 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll16:34:14.0369 5528 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll16:34:14.0402 5528 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe16:34:14.0409 5528 [Global] - ok16:34:14.0409 5528 ================ Scan MBR ==================================16:34:14.0424 5528 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR016:34:14.0663 5528 \Device\Harddisk0\DR0 - ok16:34:14.0663 5528 ================ Scan VBR ==================================16:34:14.0666 5528 [ 3DFD8F055873D9238E5377622DA9FB66 ] \Device\Harddisk0\DR0\Partition116:34:14.0668 5528 \Device\Harddisk0\DR0\Partition1 - ok16:34:14.0684 5528 [ C16041381DB22404C8FC65DDE425FB44 ] \Device\Harddisk0\DR0\Partition216:34:14.0687 5528 \Device\Harddisk0\DR0\Partition2 - ok16:34:14.0687 5528 ============================================================16:34:14.0687 5528 Scan finished16:34:14.0687 5528 ============================================================16:34:14.0700 7140 Detected object count: 016:34:14.0700 7140 Actual detected object count: 0 Link to post Share on other sites More sharing options...
Morkel Posted July 22, 2013 Author ID:705914 Share Posted July 22, 2013 I meant link was for anti virus Link to post Share on other sites More sharing options...
Maniac Posted July 22, 2013 ID:705915 Share Posted July 22, 2013 Your problem has nothing to do with this tool. If you want to work together, please follow my instructions. Link to post Share on other sites More sharing options...
Morkel Posted July 22, 2013 Author ID:705932 Share Posted July 22, 2013 my mistake I thought it was tds killer. I will run the proper scan Link to post Share on other sites More sharing options...
Morkel Posted July 22, 2013 Author ID:706039 Share Posted July 22, 2013 There were no threats found although a lot of my files were password protected Link to post Share on other sites More sharing options...
Maniac Posted July 22, 2013 ID:706046 Share Posted July 22, 2013 How are things there now? Your system is not infected. Link to post Share on other sites More sharing options...
Morkel Posted July 23, 2013 Author ID:706121 Share Posted July 23, 2013 things seems okay apart from firefox keep "not responding" Link to post Share on other sites More sharing options...
Maniac Posted July 23, 2013 ID:706247 Share Posted July 23, 2013 Make sure is up-to-date, this is the most important thing. If you still have a problem, temporarily use FireFox safe mode: https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-using-safe-mode Monitor your browser and if you don't any problem there it seems due to the plugin of Real Player in FireFox. Link to post Share on other sites More sharing options...
Morkel Posted July 23, 2013 Author ID:706363 Share Posted July 23, 2013 cheers for your help Link to post Share on other sites More sharing options...
Maniac Posted July 23, 2013 ID:706373 Share Posted July 23, 2013 Is it worked? Link to post Share on other sites More sharing options...
Morkel Posted July 23, 2013 Author ID:706480 Share Posted July 23, 2013 YES many thanks Link to post Share on other sites More sharing options...
Maniac Posted July 24, 2013 ID:706649 Share Posted July 24, 2013 Glad I could help! Step 1Download OTC to your desktop and run itClick Yes to beginning the Cleanup process and remove these components, including this application.You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.Step 2Double click on AdwCleaner.exe to run the tool.Click on UninstallConfirm with YesStep 3 Please uninstall ESET Online Scanner and manually delete Kaspersky AVP Step 4 Some malware prevention tips: users.telenet.be/bluepatchy/miekiemoes/prevention.html Safe surfing! Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 27, 2013 Root Admin ID:707666 Share Posted July 27, 2013 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts