Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Internet secuirty keeeps stopping..OTL wont work [Solved]


  • This topic is locked This topic is locked

#31
Harry44

Harry44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
ITS WHEN I am on firefox the pages take a long long time to load
also when my computer boots up and windows comes up the screen goes all multicoloured then black before loading
the wmv is just a video on my dektop is it a problem?

logs to follow

Edited by Harry44, 24 June 2013 - 12:48 PM.

  • 0

Advertisements


#32
Harry44

Harry44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: Chris
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 14725873 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 183730750 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 2006 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2508 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 189.00 mb

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-06-24 19:31:28
-----------------------------
19:31:28.540 OS Version: Windows 6.0.6002 Service Pack 2
19:31:28.540 Number of processors: 2 586 0xF0B
19:31:28.543 ComputerName: DELL-530 UserName: Chris
19:31:33.784 Initialize success
19:38:14.100 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-1
19:38:14.109 Disk 0 Vendor: ST3320613AS DE11 Size: 305245MB BusType: 3
19:38:14.213 Disk 0 MBR read successfully
19:38:14.215 Disk 0 MBR scan
19:38:14.217 Disk 0 Windows VISTA default MBR code
19:38:14.228 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 295243 MB offset 2048
19:38:14.256 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10000 MB offset 604659712
19:38:14.279 Disk 0 scanning sectors +625139712
19:38:14.435 Disk 0 scanning C:\Windows\system32\drivers
19:38:18.059 Service scanning
19:38:20.623 Service BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys **LOCKED** 5
19:38:20.652 Service bdftdif C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys **LOCKED** 5
19:38:20.747 Service bdselfpr C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys **LOCKED** 5
19:38:31.287 Modules scanning
19:38:37.778 Disk 0 trace - called modules:
19:38:37.798 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
19:38:37.803 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x866ab8e0]
19:38:37.808 3 CLASSPNP.SYS[8b3a68b3] -> nt!IofCallDriver -> [0x8535b510]
19:38:37.812 5 acpi.sys[8aa996bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-1[0x85d62b98]
19:38:37.817 Scan finished successfully
19:51:01.617 Disk 0 MBR has been saved successfully to "C:\Users\Chris\Desktop\MBR.dat"
19:51:01.649 The log file has been saved successfully to "C:\Users\Chris\Desktop\aswMBR.txt"

19:51:38.0972 2692 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:51:40.0004 2692 ============================================================
19:51:40.0004 2692 Current date / time: 2013/06/24 19:51:40.0004
19:51:40.0004 2692 SystemInfo:
19:51:40.0004 2692
19:51:40.0004 2692 OS Version: 6.0.6002 ServicePack: 2.0
19:51:40.0004 2692 Product type: Workstation
19:51:40.0004 2692 ComputerName: DELL-530
19:51:40.0004 2692 UserName: Chris
19:51:40.0004 2692 Windows directory: C:\Windows
19:51:40.0004 2692 System windows directory: C:\Windows
19:51:40.0004 2692 Processor architecture: Intel x86
19:51:40.0004 2692 Number of processors: 2
19:51:40.0004 2692 Page size: 0x1000
19:51:40.0005 2692 Boot type: Normal boot
19:51:40.0005 2692 ============================================================
19:51:42.0269 2692 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:51:42.0271 2692 ============================================================
19:51:42.0271 2692 \Device\Harddisk0\DR0:
19:51:42.0271 2692 MBR partitions:
19:51:42.0271 2692 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x240A5800
19:51:42.0271 2692 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x240A6000, BlocksNum 0x1388000
19:51:42.0271 2692 ============================================================
19:51:42.0292 2692 C: <-> \Device\Harddisk0\DR0\Partition1
19:51:42.0375 2692 D: <-> \Device\Harddisk0\DR0\Partition2
19:51:42.0375 2692 ============================================================
19:51:42.0375 2692 Initialize success
19:51:42.0375 2692 ============================================================
19:52:01.0627 3004 ============================================================
19:52:01.0627 3004 Scan started
19:52:01.0627 3004 Mode: Manual; SigCheck; TDLFS;
19:52:01.0627 3004 ============================================================
19:52:02.0565 3004 ================ Scan system memory ========================
19:52:02.0565 3004 System memory - ok
19:52:02.0565 3004 ================ Scan services =============================
19:52:02.0872 3004 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:52:02.0984 3004 ACPI - ok
19:52:03.0070 3004 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:52:03.0219 3004 AdobeARMservice - ok
19:52:03.0338 3004 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:52:03.0402 3004 AdobeFlashPlayerUpdateSvc - ok
19:52:03.0412 3004 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:52:03.0433 3004 adp94xx - ok
19:52:03.0442 3004 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:52:03.0458 3004 adpahci - ok
19:52:03.0465 3004 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:52:03.0480 3004 adpu160m - ok
19:52:03.0486 3004 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:52:03.0499 3004 adpu320 - ok
19:52:03.0569 3004 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:52:03.0851 3004 AeLookupSvc - ok
19:52:03.0915 3004 [ 330A1E4DF07C2E29949ED8631CD8828E ] AERTFilters C:\Windows\system32\AERTSrv.exe
19:52:04.0014 3004 AERTFilters - ok
19:52:04.0083 3004 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
19:52:04.0120 3004 AFD - ok
19:52:04.0191 3004 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:52:04.0202 3004 agp440 - ok
19:52:04.0223 3004 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:52:04.0234 3004 aic78xx - ok
19:52:04.0251 3004 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
19:52:04.0362 3004 ALG - ok
19:52:04.0367 3004 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
19:52:04.0377 3004 aliide - ok
19:52:04.0382 3004 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:52:04.0396 3004 amdagp - ok
19:52:04.0403 3004 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
19:52:04.0416 3004 amdide - ok
19:52:04.0428 3004 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:52:04.0474 3004 AmdK7 - ok
19:52:04.0480 3004 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:52:04.0518 3004 AmdK8 - ok
19:52:04.0583 3004 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
19:52:04.0621 3004 Appinfo - ok
19:52:04.0657 3004 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
19:52:04.0672 3004 arc - ok
19:52:04.0678 3004 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:52:04.0693 3004 arcsas - ok
19:52:04.0698 3004 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:52:04.0738 3004 AsyncMac - ok
19:52:04.0744 3004 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
19:52:04.0760 3004 atapi - ok
19:52:04.0781 3004 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:52:04.0813 3004 AudioEndpointBuilder - ok
19:52:04.0831 3004 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:52:04.0855 3004 Audiosrv - ok
19:52:04.0899 3004 [ B5B8FC2C4D520F1F1EED52A980ED5091 ] avc3 C:\Windows\system32\DRIVERS\avc3.sys
19:52:05.0589 3004 avc3 - ok
19:52:05.0621 3004 [ 7F9B99B564E7C9FBB6729ED95B5BBB24 ] avchv C:\Windows\system32\DRIVERS\avchv.sys
19:52:05.0694 3004 avchv - ok
19:52:05.0725 3004 [ 818E7E029DB594DCB8D6218A7D6FA575 ] avckf C:\Windows\system32\DRIVERS\avckf.sys
19:52:05.0852 3004 avckf - ok
19:52:06.0013 3004 [ A624841BECEE1B0FCAB28BF2E4CB317A ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
19:52:06.0050 3004 BdDesktopParental - ok
19:52:06.0102 3004 [ 6743A3C33E8B3BFC2D9B55E15500BB13 ] BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
19:52:06.0194 3004 BdfNdisf - ok
19:52:06.0219 3004 [ F7D825F7E47D8A7865F5D2156B1B7A24 ] bdftdif C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys
19:52:06.0272 3004 bdftdif - ok
19:52:06.0296 3004 [ B6CBFC9D825BB2D955620CD4D8EF07F9 ] BDSandBox C:\Windows\system32\drivers\bdsandbox.sys
19:52:06.0349 3004 BDSandBox - ok
19:52:06.0383 3004 [ A7478F77584F8DB6AD74B2BBE1144886 ] bdselfpr C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys
19:52:06.0467 3004 bdselfpr - ok
19:52:06.0540 3004 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
19:52:06.0590 3004 Beep - ok
19:52:06.0662 3004 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
19:52:06.0696 3004 BFE - ok
19:52:06.0772 3004 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
19:52:06.0881 3004 BITS - ok
19:52:06.0915 3004 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:52:06.0947 3004 blbdrive - ok
19:52:06.0954 3004 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:52:06.0992 3004 bowser - ok
19:52:07.0006 3004 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:52:07.0042 3004 BrFiltLo - ok
19:52:07.0060 3004 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:52:07.0111 3004 BrFiltUp - ok
19:52:07.0136 3004 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
19:52:07.0203 3004 Browser - ok
19:52:07.0221 3004 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:52:07.0362 3004 Brserid - ok
19:52:07.0368 3004 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:52:07.0414 3004 BrSerWdm - ok
19:52:07.0430 3004 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:52:07.0491 3004 BrUsbMdm - ok
19:52:07.0502 3004 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:52:07.0553 3004 BrUsbSer - ok
19:52:07.0570 3004 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:52:07.0624 3004 BTHMODEM - ok
19:52:07.0646 3004 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:52:07.0666 3004 cdfs - ok
19:52:07.0671 3004 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:52:07.0713 3004 cdrom - ok
19:52:07.0783 3004 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
19:52:07.0811 3004 CertPropSvc - ok
19:52:07.0816 3004 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
19:52:07.0847 3004 circlass - ok
19:52:07.0863 3004 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
19:52:07.0877 3004 CLFS - ok
19:52:08.0077 3004 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:52:08.0129 3004 clr_optimization_v2.0.50727_32 - ok
19:52:08.0285 3004 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:52:08.0299 3004 clr_optimization_v4.0.30319_32 - ok
19:52:08.0325 3004 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:52:08.0338 3004 cmdide - ok
19:52:08.0343 3004 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:52:08.0356 3004 Compbatt - ok
19:52:08.0362 3004 COMSysApp - ok
19:52:08.0392 3004 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:52:08.0406 3004 crcdisk - ok
19:52:08.0412 3004 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:52:08.0438 3004 Crusoe - ok
19:52:08.0488 3004 [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:52:08.0652 3004 CryptSvc - ok
19:52:08.0706 3004 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:52:08.0746 3004 DcomLaunch - ok
19:52:08.0785 3004 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:52:08.0818 3004 DfsC - ok
19:52:08.0920 3004 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
19:52:09.0455 3004 DFSR - ok
19:52:09.0531 3004 [ 649705E3DAE598BC0F957BACBF9A2BD5 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
19:52:09.0586 3004 dg_ssudbus - ok
19:52:09.0625 3004 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:52:09.0650 3004 Dhcp - ok
19:52:09.0676 3004 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
19:52:09.0691 3004 disk - ok
19:52:09.0716 3004 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:52:09.0751 3004 Dnscache - ok
19:52:09.0767 3004 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:52:09.0797 3004 dot3svc - ok
19:52:09.0834 3004 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
19:52:09.0913 3004 DPS - ok
19:52:10.0031 3004 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:52:10.0175 3004 drmkaud - ok
19:52:10.0223 3004 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:52:10.0345 3004 DXGKrnl - ok
19:52:10.0374 3004 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
19:52:10.0403 3004 e1express - ok
19:52:10.0429 3004 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:52:10.0474 3004 E1G60 - ok
19:52:10.0522 3004 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
19:52:10.0616 3004 EapHost - ok
19:52:10.0693 3004 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:52:10.0743 3004 Ecache - ok
19:52:10.0976 3004 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:52:11.0039 3004 ehRecvr - ok
19:52:11.0043 3004 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
19:52:11.0083 3004 ehSched - ok
19:52:11.0108 3004 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
19:52:11.0146 3004 ehstart - ok
19:52:11.0178 3004 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:52:11.0213 3004 elxstor - ok
19:52:11.0274 3004 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:52:11.0396 3004 EMDMgmt - ok
19:52:11.0422 3004 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:52:11.0459 3004 ErrDev - ok
19:52:11.0519 3004 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
19:52:11.0554 3004 EventSystem - ok
19:52:11.0600 3004 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
19:52:11.0633 3004 exfat - ok
19:52:11.0653 3004 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:52:11.0682 3004 fastfat - ok
19:52:11.0688 3004 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:52:11.0719 3004 fdc - ok
19:52:11.0774 3004 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
19:52:11.0801 3004 fdPHost - ok
19:52:11.0807 3004 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:52:11.0859 3004 FDResPub - ok
19:52:11.0865 3004 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:52:11.0879 3004 FileInfo - ok
19:52:11.0886 3004 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:52:11.0929 3004 Filetrace - ok
19:52:11.0935 3004 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:52:11.0967 3004 flpydisk - ok
19:52:11.0981 3004 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:52:12.0018 3004 FltMgr - ok
19:52:12.0077 3004 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
19:52:12.0137 3004 FontCache - ok
19:52:12.0216 3004 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:52:12.0240 3004 FontCache3.0.0.0 - ok
19:52:12.0262 3004 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:52:12.0293 3004 Fs_Rec - ok
19:52:12.0299 3004 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:52:12.0313 3004 gagp30kx - ok
19:52:12.0339 3004 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
19:52:12.0368 3004 gpsvc - ok
19:52:12.0472 3004 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:52:12.0585 3004 gupdate - ok
19:52:12.0589 3004 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:52:12.0616 3004 gupdatem - ok
19:52:12.0657 3004 [ 9C1E3F5A672EDB0831AAF3E36B6876A6 ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys
19:52:12.0697 3004 gzflt - ok
19:52:12.0778 3004 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:52:12.0817 3004 HdAudAddService - ok
19:52:12.0841 3004 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:52:12.0878 3004 HDAudBus - ok
19:52:12.0884 3004 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:52:12.0938 3004 HidBth - ok
19:52:12.0943 3004 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:52:12.0978 3004 HidIr - ok
19:52:13.0033 3004 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
19:52:13.0053 3004 hidserv - ok
19:52:13.0070 3004 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:52:13.0096 3004 HidUsb - ok
19:52:13.0151 3004 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:52:13.0172 3004 hkmsvc - ok
19:52:13.0178 3004 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:52:13.0191 3004 HpCISSs - ok
19:52:13.0227 3004 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:52:13.0284 3004 HTTP - ok
19:52:13.0290 3004 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:52:13.0303 3004 i2omp - ok
19:52:13.0336 3004 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:52:13.0367 3004 i8042prt - ok
19:52:13.0385 3004 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:52:13.0402 3004 iaStorV - ok
19:52:13.0546 3004 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:52:13.0660 3004 idsvc - ok
19:52:13.0750 3004 [ 63C56DAC467EF814B60FF2AA2286C917 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
19:52:13.0970 3004 igfx - ok
19:52:13.0976 3004 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:52:13.0989 3004 iirsp - ok
19:52:14.0046 3004 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
19:52:14.0084 3004 IKEEXT - ok
19:52:14.0214 3004 [ F8F53C5449F15B23D4C61D51D2701DA8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:52:14.0397 3004 IntcAzAudAddService - ok
19:52:14.0409 3004 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
19:52:14.0422 3004 intelide - ok
19:52:14.0436 3004 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:52:14.0473 3004 intelppm - ok
19:52:14.0503 3004 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:52:14.0543 3004 IPBusEnum - ok
19:52:14.0560 3004 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:52:14.0595 3004 IpFilterDriver - ok
19:52:14.0608 3004 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:52:14.0641 3004 iphlpsvc - ok
19:52:14.0647 3004 IpInIp - ok
19:52:14.0653 3004 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:52:14.0681 3004 IPMIDRV - ok
19:52:14.0687 3004 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:52:14.0714 3004 IPNAT - ok
19:52:14.0720 3004 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:52:14.0746 3004 IRENUM - ok
19:52:14.0752 3004 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:52:14.0766 3004 isapnp - ok
19:52:14.0782 3004 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:52:14.0801 3004 iScsiPrt - ok
19:52:14.0807 3004 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:52:14.0819 3004 iteatapi - ok
19:52:14.0826 3004 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:52:14.0839 3004 iteraid - ok
19:52:14.0845 3004 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:52:14.0858 3004 kbdclass - ok
19:52:14.0864 3004 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:52:14.0896 3004 kbdhid - ok
19:52:14.0945 3004 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
19:52:14.0987 3004 KeyIso - ok
19:52:15.0006 3004 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:52:15.0052 3004 KSecDD - ok
19:52:15.0133 3004 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:52:15.0193 3004 KtmRm - ok
19:52:15.0234 3004 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
19:52:15.0251 3004 LanmanServer - ok
19:52:15.0316 3004 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:52:15.0410 3004 LanmanWorkstation - ok
19:52:15.0417 3004 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:52:15.0444 3004 lltdio - ok
19:52:15.0478 3004 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:52:15.0562 3004 lltdsvc - ok
19:52:15.0567 3004 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:52:15.0613 3004 lmhosts - ok
19:52:15.0621 3004 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:52:15.0635 3004 LSI_FC - ok
19:52:15.0644 3004 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:52:15.0658 3004 LSI_SAS - ok
19:52:15.0665 3004 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:52:15.0680 3004 LSI_SCSI - ok
19:52:15.0686 3004 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
19:52:15.0710 3004 luafv - ok
19:52:15.0734 3004 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:52:15.0751 3004 MBAMProtector - ok
19:52:15.0859 3004 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:52:15.0926 3004 MBAMScheduler - ok
19:52:16.0010 3004 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:52:16.0138 3004 MBAMService - ok
19:52:16.0199 3004 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:52:16.0257 3004 Mcx2Svc - ok
19:52:16.0311 3004 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
19:52:16.0328 3004 megasas - ok
19:52:16.0367 3004 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
19:52:16.0410 3004 MegaSR - ok
19:52:16.0463 3004 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
19:52:16.0515 3004 MMCSS - ok
19:52:16.0520 3004 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
19:52:16.0560 3004 Modem - ok
19:52:16.0567 3004 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:52:16.0601 3004 monitor - ok
19:52:16.0623 3004 [ E07AFAF733D3004F5DC64AA3A47700B1 ] MOSUMAC C:\Windows\system32\DRIVERS\MOSUMAC.SYS
19:52:16.0673 3004 MOSUMAC - ok
19:52:16.0680 3004 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:52:16.0693 3004 mouclass - ok
19:52:16.0698 3004 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:52:16.0736 3004 mouhid - ok
19:52:16.0757 3004 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:52:16.0772 3004 MountMgr - ok
19:52:16.0820 3004 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:52:16.0926 3004 MozillaMaintenance - ok
19:52:16.0977 3004 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
19:52:16.0991 3004 mpio - ok
19:52:16.0998 3004 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:52:17.0036 3004 mpsdrv - ok
19:52:17.0056 3004 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
19:52:17.0098 3004 MpsSvc - ok
19:52:17.0136 3004 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:52:17.0148 3004 Mraid35x - ok
19:52:17.0156 3004 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:52:17.0173 3004 MRxDAV - ok
19:52:17.0181 3004 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:52:17.0219 3004 mrxsmb - ok
19:52:17.0227 3004 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:52:17.0244 3004 mrxsmb10 - ok
19:52:17.0251 3004 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:52:17.0275 3004 mrxsmb20 - ok
19:52:17.0283 3004 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
19:52:17.0296 3004 msahci - ok
19:52:17.0303 3004 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:52:17.0317 3004 msdsm - ok
19:52:17.0335 3004 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
19:52:17.0387 3004 MSDTC - ok
19:52:17.0396 3004 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:52:17.0423 3004 Msfs - ok
19:52:17.0454 3004 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:52:17.0467 3004 msisadrv - ok
19:52:17.0513 3004 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:52:17.0553 3004 MSiSCSI - ok
19:52:17.0572 3004 msiserver - ok
19:52:17.0596 3004 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:52:17.0636 3004 MSKSSRV - ok
19:52:17.0649 3004 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:52:17.0675 3004 MSPCLOCK - ok
19:52:17.0683 3004 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:52:17.0709 3004 MSPQM - ok
19:52:17.0724 3004 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:52:17.0740 3004 MsRPC - ok
19:52:17.0748 3004 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:52:17.0770 3004 mssmbios - ok
19:52:17.0776 3004 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:52:17.0811 3004 MSTEE - ok
19:52:17.0820 3004 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
19:52:17.0836 3004 Mup - ok
19:52:17.0890 3004 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
19:52:17.0925 3004 napagent - ok
19:52:17.0945 3004 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:52:17.0974 3004 NativeWifiP - ok
19:52:17.0993 3004 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:52:18.0038 3004 NDIS - ok
19:52:18.0044 3004 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:52:18.0092 3004 NdisTapi - ok
19:52:18.0098 3004 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:52:18.0131 3004 Ndisuio - ok
19:52:18.0137 3004 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:52:18.0154 3004 NdisWan - ok
19:52:18.0159 3004 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:52:18.0187 3004 NDProxy - ok
19:52:18.0194 3004 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:52:18.0214 3004 NetBIOS - ok
19:52:18.0220 3004 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:52:18.0240 3004 netbt - ok
19:52:18.0259 3004 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
19:52:18.0270 3004 Netlogon - ok
19:52:18.0307 3004 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
19:52:18.0332 3004 Netman - ok
19:52:18.0339 3004 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
19:52:18.0365 3004 netprofm - ok
19:52:18.0416 3004 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:52:18.0426 3004 NetTcpPortSharing - ok
19:52:18.0449 3004 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:52:18.0459 3004 nfrd960 - ok
19:52:18.0474 3004 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:52:18.0502 3004 NlaSvc - ok
19:52:18.0509 3004 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:52:18.0526 3004 Npfs - ok
19:52:18.0542 3004 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
19:52:18.0564 3004 nsi - ok
19:52:18.0570 3004 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:52:18.0602 3004 nsiproxy - ok
19:52:18.0634 3004 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:52:18.0715 3004 Ntfs - ok
19:52:18.0721 3004 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:52:18.0790 3004 ntrigdigi - ok
19:52:18.0795 3004 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
19:52:18.0830 3004 Null - ok
19:52:18.0836 3004 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:52:18.0847 3004 nvraid - ok
19:52:18.0853 3004 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:52:18.0864 3004 nvstor - ok
19:52:18.0870 3004 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:52:18.0881 3004 nv_agp - ok
19:52:18.0886 3004 NwlnkFlt - ok
19:52:18.0890 3004 NwlnkFwd - ok
19:52:18.0902 3004 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:52:18.0937 3004 ohci1394 - ok
19:52:19.0042 3004 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:52:19.0054 3004 ose - ok
19:52:19.0088 3004 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:52:19.0176 3004 p2pimsvc - ok
19:52:19.0212 3004 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
19:52:19.0235 3004 p2psvc - ok
19:52:19.0241 3004 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:52:19.0264 3004 Parport - ok
19:52:19.0270 3004 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:52:19.0282 3004 partmgr - ok
19:52:19.0300 3004 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
19:52:19.0329 3004 Parvdm - ok
19:52:19.0334 3004 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
19:52:19.0358 3004 PcaSvc - ok
19:52:19.0365 3004 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
19:52:19.0382 3004 pci - ok
19:52:19.0390 3004 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
19:52:19.0403 3004 pciide - ok
19:52:19.0420 3004 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:52:19.0433 3004 pcmcia - ok
19:52:19.0447 3004 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
19:52:19.0486 3004 pcouffin - ok
19:52:19.0544 3004 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:52:19.0658 3004 PEAUTH - ok
19:52:19.0740 3004 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
19:52:19.0946 3004 pla - ok
19:52:20.0002 3004 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:52:20.0061 3004 PlugPlay - ok
19:52:20.0087 3004 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:52:20.0109 3004 PNRPAutoReg - ok
19:52:20.0170 3004 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:52:20.0198 3004 PNRPsvc - ok
19:52:20.0293 3004 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:52:20.0397 3004 PolicyAgent - ok
19:52:20.0460 3004 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:52:20.0524 3004 PptpMiniport - ok
19:52:20.0599 3004 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
19:52:20.0651 3004 Processor - ok
19:52:20.0710 3004 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
19:52:20.0752 3004 ProfSvc - ok
19:52:20.0766 3004 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:52:20.0780 3004 ProtectedStorage - ok
19:52:20.0828 3004 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:52:20.0895 3004 PSched - ok
19:52:21.0124 3004 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:52:21.0227 3004 ql2300 - ok
19:52:21.0234 3004 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:52:21.0247 3004 ql40xx - ok
19:52:21.0310 3004 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
19:52:21.0346 3004 QWAVE - ok
19:52:21.0351 3004 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:52:21.0370 3004 QWAVEdrv - ok
19:52:21.0376 3004 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:52:21.0412 3004 RasAcd - ok
19:52:21.0429 3004 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
19:52:21.0464 3004 RasAuto - ok
19:52:21.0469 3004 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:52:21.0494 3004 Rasl2tp - ok
19:52:21.0529 3004 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
19:52:21.0549 3004 RasMan - ok
19:52:21.0564 3004 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:52:21.0585 3004 RasPppoe - ok
19:52:21.0591 3004 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:52:21.0603 3004 RasSstp - ok
19:52:21.0610 3004 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:52:21.0628 3004 rdbss - ok
19:52:21.0633 3004 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:52:21.0653 3004 RDPCDD - ok
19:52:21.0671 3004 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:52:21.0696 3004 rdpdr - ok
19:52:21.0702 3004 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:52:21.0723 3004 RDPENCDD - ok
19:52:21.0745 3004 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:52:21.0795 3004 RDPWD - ok
19:52:21.0899 3004 [ B2D01290C0E0465ACA54C2088E947823 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
19:52:21.0957 3004 RealNetworks Downloader Resolver Service - ok
19:52:22.0033 3004 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:52:22.0083 3004 RemoteAccess - ok
19:52:22.0114 3004 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:52:22.0202 3004 RemoteRegistry - ok
19:52:22.0249 3004 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:52:22.0283 3004 RpcLocator - ok
19:52:22.0306 3004 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\System32\rpcss.dll
19:52:22.0336 3004 RpcSs - ok
19:52:22.0343 3004 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:52:22.0369 3004 rspndr - ok
19:52:22.0448 3004 [ 283392AF1860ECDB5E0F8EBD7F3D72DF ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
19:52:22.0539 3004 RTL8169 - ok
19:52:22.0557 3004 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
19:52:22.0571 3004 SamSs - ok
19:52:22.0597 3004 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:52:22.0611 3004 sbp2port - ok
19:52:22.0649 3004 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:52:22.0717 3004 SCardSvr - ok
19:52:22.0749 3004 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
19:52:22.0869 3004 Schedule - ok
19:52:22.0915 3004 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:52:22.0936 3004 SCPolicySvc - ok
19:52:22.0983 3004 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:52:23.0055 3004 SDRSVC - ok
19:52:23.0085 3004 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:52:23.0129 3004 secdrv - ok
19:52:23.0161 3004 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
19:52:23.0189 3004 seclogon - ok
19:52:23.0206 3004 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
19:52:23.0243 3004 SENS - ok
19:52:23.0260 3004 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:52:23.0303 3004 Serenum - ok
19:52:23.0309 3004 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:52:23.0357 3004 Serial - ok
19:52:23.0389 3004 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:52:23.0418 3004 sermouse - ok
19:52:23.0429 3004 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
19:52:23.0458 3004 SessionEnv - ok
19:52:23.0463 3004 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:52:23.0483 3004 sffdisk - ok
19:52:23.0488 3004 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:52:23.0508 3004 sffp_mmc - ok
19:52:23.0513 3004 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:52:23.0560 3004 sffp_sd - ok
19:52:23.0566 3004 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:52:23.0611 3004 sfloppy - ok
19:52:23.0664 3004 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:52:23.0690 3004 SharedAccess - ok
19:52:23.0708 3004 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:52:23.0737 3004 ShellHWDetection - ok
19:52:23.0754 3004 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:52:23.0781 3004 sisagp - ok
19:52:23.0786 3004 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:52:23.0798 3004 SiSRaid2 - ok
19:52:23.0803 3004 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:52:23.0814 3004 SiSRaid4 - ok
19:52:23.0899 3004 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
19:52:24.0056 3004 slsvc - ok
19:52:24.0074 3004 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:52:24.0138 3004 SLUINotify - ok
19:52:24.0147 3004 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:52:24.0198 3004 Smb - ok
19:52:24.0256 3004 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:52:24.0267 3004 SNMPTRAP - ok
19:52:24.0318 3004 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
19:52:24.0329 3004 spldr - ok
19:52:24.0364 3004 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
19:52:24.0385 3004 Spooler - ok
19:52:24.0404 3004 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:52:24.0442 3004 srv - ok
19:52:24.0448 3004 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:52:24.0471 3004 srv2 - ok
19:52:24.0490 3004 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:52:24.0512 3004 srvnet - ok
19:52:24.0531 3004 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:52:24.0562 3004 SSDPSRV - ok
19:52:24.0605 3004 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:52:24.0635 3004 SstpSvc - ok
19:52:24.0723 3004 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
19:52:24.0777 3004 stisvc - ok
19:52:24.0812 3004 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:52:24.0826 3004 swenum - ok
19:52:24.0864 3004 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
19:52:24.0889 3004 swprv - ok
19:52:24.0899 3004 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:52:24.0911 3004 Symc8xx - ok
19:52:24.0917 3004 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:52:24.0930 3004 Sym_hi - ok
19:52:24.0936 3004 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:52:24.0948 3004 Sym_u3 - ok
19:52:24.0982 3004 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
19:52:25.0014 3004 SysMain - ok
19:52:25.0029 3004 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:52:25.0049 3004 TabletInputService - ok
19:52:25.0064 3004 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:52:25.0101 3004 TapiSrv - ok
19:52:25.0124 3004 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
19:52:25.0153 3004 TBS - ok
19:52:25.0203 3004 [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:52:25.0326 3004 Tcpip - ok
19:52:25.0370 3004 [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:52:25.0416 3004 Tcpip6 - ok
19:52:25.0458 3004 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:52:25.0500 3004 tcpipreg - ok
19:52:25.0505 3004 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:52:25.0549 3004 TDPIPE - ok
19:52:25.0568 3004 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:52:25.0617 3004 TDTCP - ok
19:52:25.0624 3004 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:52:25.0645 3004 tdx - ok
19:52:25.0650 3004 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:52:25.0665 3004 TermDD - ok
19:52:25.0700 3004 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
19:52:25.0729 3004 TermService - ok
19:52:25.0757 3004 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
19:52:25.0775 3004 Themes - ok
19:52:25.0790 3004 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
19:52:25.0817 3004 THREADORDER - ok
19:52:25.0840 3004 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
19:52:25.0884 3004 TrkWks - ok
19:52:25.0925 3004 [ 88E0F99FDB8DDCB6E6A15380E164FEA2 ] trufos C:\Windows\system32\DRIVERS\trufos.sys
19:52:26.0004 3004 trufos - ok
19:52:26.0109 3004 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:52:26.0146 3004 TrustedInstaller - ok
19:52:26.0189 3004 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:52:26.0227 3004 tssecsrv - ok
19:52:26.0232 3004 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:52:26.0247 3004 tunmp - ok
19:52:26.0253 3004 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:52:26.0270 3004 tunnel - ok
19:52:26.0276 3004 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:52:26.0291 3004 uagp35 - ok
19:52:26.0300 3004 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:52:26.0327 3004 udfs - ok
19:52:26.0374 3004 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:52:26.0426 3004 UI0Detect - ok
19:52:26.0461 3004 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:52:26.0476 3004 uliagpkx - ok
19:52:26.0490 3004 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:52:26.0509 3004 uliahci - ok
19:52:26.0515 3004 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:52:26.0529 3004 UlSata - ok
19:52:26.0543 3004 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:52:26.0559 3004 ulsata2 - ok
19:52:26.0569 3004 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:52:26.0593 3004 umbus - ok
19:52:26.0721 3004 [ 1C5835420F2A8F6D683FD6BDFFA2FFDD ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
19:52:26.0767 3004 UPDATESRV - ok
19:52:26.0788 3004 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
19:52:26.0811 3004 upnphost - ok
19:52:26.0833 3004 [ 8BD3AE150D97BA4E633C6C5C51B41AE1 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
19:52:26.0881 3004 usbccgp - ok
19:52:26.0886 3004 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:52:26.0921 3004 usbcir - ok
19:52:26.0952 3004 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:52:26.0977 3004 usbehci - ok
19:52:26.0983 3004 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:52:27.0008 3004 usbhub - ok
19:52:27.0013 3004 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:52:27.0040 3004 usbohci - ok
19:52:27.0057 3004 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:52:27.0101 3004 usbprint - ok
19:52:27.0107 3004 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:52:27.0123 3004 USBSTOR - ok
19:52:27.0166 3004 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:52:27.0202 3004 usbuhci - ok
19:52:27.0237 3004 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
19:52:27.0255 3004 UxSms - ok
19:52:27.0275 3004 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
19:52:27.0325 3004 vds - ok
19:52:27.0331 3004 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:52:27.0357 3004 vga - ok
19:52:27.0366 3004 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:52:27.0395 3004 VgaSave - ok
19:52:27.0403 3004 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:52:27.0417 3004 viaagp - ok
19:52:27.0422 3004 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:52:27.0450 3004 ViaC7 - ok
19:52:27.0455 3004 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
19:52:27.0469 3004 viaide - ok
19:52:27.0474 3004 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:52:27.0488 3004 volmgr - ok
19:52:27.0499 3004 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:52:27.0515 3004 volmgrx - ok
19:52:27.0522 3004 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:52:27.0537 3004 volsnap - ok
19:52:27.0549 3004 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:52:27.0561 3004 vsmraid - ok
19:52:27.0611 3004 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
19:52:27.0672 3004 VSS - ok
19:52:27.0798 3004 [ 04A9E3C408A53D237377B5028D19725A ] VSSERV C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
19:52:27.0847 3004 VSSERV - ok
19:52:27.0940 3004 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
19:52:27.0960 3004 W32Time - ok
19:52:27.0967 3004 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:52:28.0038 3004 WacomPen - ok
19:52:28.0056 3004 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:52:28.0072 3004 Wanarp - ok
19:52:28.0081 3004 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:52:28.0097 3004 Wanarpv6 - ok
19:52:28.0117 3004 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:52:28.0227 3004 wcncsvc - ok
19:52:28.0247 3004 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:52:28.0279 3004 WcsPlugInService - ok
19:52:28.0284 3004 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
19:52:28.0298 3004 Wd - ok
19:52:28.0313 3004 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:52:28.0348 3004 Wdf01000 - ok
19:52:28.0370 3004 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:52:28.0409 3004 WdiServiceHost - ok
19:52:28.0413 3004 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:52:28.0438 3004 WdiSystemHost - ok
19:52:28.0465 3004 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
19:52:28.0483 3004 WebClient - ok
19:52:28.0490 3004 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:52:28.0535 3004 Wecsvc - ok
19:52:28.0551 3004 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:52:28.0581 3004 wercplsupport - ok
19:52:28.0601 3004 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
19:52:28.0619 3004 WerSvc - ok
19:52:28.0800 3004 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:52:28.0816 3004 WinDefend - ok
19:52:28.0822 3004 WinHttpAutoProxySvc - ok
19:52:28.0925 3004 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:52:28.0949 3004 Winmgmt - ok
19:52:28.0995 3004 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
19:52:29.0065 3004 WinRM - ok
19:52:29.0105 3004 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
19:52:29.0160 3004 WinUSB - ok
19:52:29.0190 3004 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:52:29.0266 3004 Wlansvc - ok
19:52:29.0281 3004 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:52:29.0302 3004 WmiAcpi - ok
19:52:29.0324 3004 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:52:29.0348 3004 wmiApSrv - ok
19:52:29.0458 3004 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:52:29.0588 3004 WMPNetworkSvc - ok
19:52:29.0625 3004 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:52:29.0670 3004 WPCSvc - ok
19:52:29.0677 3004 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:52:29.0711 3004 WPDBusEnum - ok
19:52:29.0729 3004 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:52:29.0768 3004 WpdUsb - ok
19:52:29.0948 3004 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:52:29.0987 3004 WPFFontCache_v0400 - ok
19:52:30.0023 3004 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:52:30.0049 3004 ws2ifsl - ok
19:52:30.0076 3004 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
19:52:30.0094 3004 wscsvc - ok
19:52:30.0098 3004 WSearch - ok
19:52:30.0154 3004 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:52:30.0228 3004 wuauserv - ok
19:52:30.0249 3004 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:52:30.0264 3004 WudfPf - ok
19:52:30.0290 3004 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:52:30.0316 3004 WUDFRd - ok
19:52:30.0325 3004 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:52:30.0350 3004 wudfsvc - ok
19:52:30.0359 3004 ================ Scan global ===============================
19:52:30.0412 3004 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:52:30.0498 3004 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
19:52:30.0564 3004 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
19:52:30.0648 3004 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:52:30.0654 3004 [Global] - ok
19:52:30.0654 3004 ================ Scan MBR ==================================
19:52:30.0680 3004 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:52:30.0936 3004 \Device\Harddisk0\DR0 - ok
19:52:30.0937 3004 ================ Scan VBR ==================================
19:52:30.0938 3004 [ 3DFD8F055873D9238E5377622DA9FB66 ] \Device\Harddisk0\DR0\Partition1
19:52:30.0941 3004 \Device\Harddisk0\DR0\Partition1 - ok
19:52:30.0957 3004 [ C16041381DB22404C8FC65DDE425FB44 ] \Device\Harddisk0\DR0\Partition2
19:52:30.0959 3004 \Device\Harddisk0\DR0\Partition2 - ok
19:52:30.0959 3004 ============================================================
19:52:30.0959 3004 Scan finished
19:52:30.0959 3004 ============================================================
19:52:30.0967 1728 Detected object count: 0
19:52:30.0967 1728 Actual detected object count: 0
  • 0

#33
Harry44

Harry44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
THAT aswMBR came up with 3 yellow problems and all to do with bitdefender :(
  • 0

#34
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Thanks for the logs and the clarification. The locked Bit Defender files that aswMBR shows aren't a problem. The aswMBR scan shows that your MBR is clean and TDSSKiller didn't find any evidence of a rootkit....so that's more good news.

For the hanging problem:

Does this just happen in Firefox or does it happen in all browsers?
  • 0

#35
Harry44

Harry44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
ALL Browsers
now getting the error problem loading page

The connection was reset
The connection to the server was reset while the page was loading.
  • 0

#36
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Does it happen on all sites or just certain ones?
  • 0

#37
Harry44

Harry44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
all from cricket to youtube. its that slow too its like having dial up again
  • 0

#38
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Let's reset the IP and Winsock.

Step-1.

Posted Image OTL Fix

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

1. Please copy all of the text in the quote box below (Do Not copy the word Quote. To do this, highlight everything
inside the quote box (except the word Quote) , right click and click Copy.

:COMMANDS
[createrestorepoint]

:Files
ipconfig /release /c
ipconfig /renew /c
ipconfig /flushdns /c
netsh winsock reset all /c
netsh int ip reset all /c

:Commands
[Reboot]


Warning: This fix is relevant for this system and no other. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

2. Please re-open Posted Image on your desktop. To do that:
  • Vista and 7 users: Right click the icon and click Run as Administrator
3. Place the mouse pointer inside the Posted Image textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).


Step-2.

If that didn't help you will need to check the configuration for the Bit defender firewall. You can go to the Bit Defender support page here and follow the instructions.


Step-3.

Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. Let me know if the issue is resolved.
2. The OTL fixes log
  • 0

#39
Harry44

Harry44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
seems okay mate, is this the log?

========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== FILES ==========
< ipconfig /release /c >
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::3010:def5:a2ad:9e00%11
Default Gateway . . . . . . . . . :
Tunnel adapter Local Area Connection* 11:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Local Area Connection* 7:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
C:\Users\Chris\Desktop\cmd.bat deleted successfully.
C:\Users\Chris\Desktop\cmd.txt deleted successfully.
< ipconfig /renew /c >
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::3010:def5:a2ad:9e00%11
IPv4 Address. . . . . . . . . . . : 192.168.0.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
Tunnel adapter Local Area Connection* 11:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Local Area Connection* 7:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
C:\Users\Chris\Desktop\cmd.bat deleted successfully.
C:\Users\Chris\Desktop\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Chris\Desktop\cmd.bat deleted successfully.
C:\Users\Chris\Desktop\cmd.txt deleted successfully.
< netsh winsock reset all /c >
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
C:\Users\Chris\Desktop\cmd.bat deleted successfully.
C:\Users\Chris\Desktop\cmd.txt deleted successfully.
< netsh int ip reset all /c >
Reseting Echo Request, failed.
Access is denied.
Reseting Interface, OK!
A reboot is required to complete this action.
C:\Users\Chris\Desktop\cmd.bat deleted successfully.
C:\Users\Chris\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 06252013_172901
  • 0

#40
Harry44

Harry44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
all sites seem okay except one I go om
  • 0

Advertisements


#41
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Which one is that?
  • 0

#42
Harry44

Harry44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
http://www.cricketarchive.com/ when i search scorecards
and www.punterslounge.com/forum are slow, but I dont think its anything serious?
  • 0

#43
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hi,

The only thing I can find for Firefox and certain web pages loading slowly or not at all suggests clearing the History and Cached Web Content:


Step-1.

Clear the History and clear the Cahes

  • Open the Firefox browser.
  • Click the Firefox button at the top left of the browser and highlight History and then click Clear Recent History. The Clear Recent History window will open.
  • In the Time range to clear: box, click the down arrow and select Everything.
  • Click the arrow next to Details to display the list of items that can be cleared.
  • Select both Cookies and Cache.
  • Click the Clear Now button.
  • Click the Firefox button at the top left of the browser and click Options.
  • On the Options page click the Advanced tab.
  • On the Advanced page click the Network tab and in the Cached Web Content section click the Clear Now button.
  • Close the options page. Then close the Firefox browser and re-open it and see if the web pages are any better.

If they aren't you might need to contact the web pages and see if there is a setting on their end that can be changed.

Next I want to check for any programs that may need updating. And then if you don't have any further issues we will be ready to clean up the tools used and I will give some suggestions on keeping the computer more secure.


Step-2.

Run Security Check

Download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step-3.

Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The checkup.txt log
2. Let me know if any other issues remain.
  • 0

#44
Harry44

Harry44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
seems okay


Results of screen317's Security Check version 0.99.68
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Bitdefender Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
CCleaner
Adobe Flash Player 11.7.700.224
Adobe Reader XI
Mozilla Firefox 21.0 Firefox out of Date!
Google Chrome 27.0.1453.110
Google Chrome 27.0.1453.116
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
Bitdefender Bitdefender 2013 vsserv.exe
Bitdefender Bitdefender 2013 updatesrv.exe
Bitdefender Bitdefender 2013 bdagent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 4 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
  • 0

#45
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hello Harry44,

Your Firefox is out of date and SecurityCheck says that you need to defragment the hard drive....but that may not be needed. Let's update Firefox and then you can check the hard drive and see if Windows recommends defragmenting.


Step-1.

Update Fifefox

  • At the top of the Firefox window click the Firefox button.
  • Go over to the Help menu and select About Firefox.
    The About Firefox window will open and Firefox will begin checking for updates. If updates are available, they will begin downloading automatically.
    Posted Image
  • When the updates are downloaded and ready to be installed, click Apply Update. Firefox will be restarted and the updates will be installed.
Posted Image


Step-2.

You can wait until we have cleaned up the tools we used before checking the hard disk if you want to.

  • Open Disk Defragmenter by clicking the Start button Posted Image, clicking All Programs, clicking Accessories, clicking System Tools, and then clicking Disk Defragmenter. Posted Image If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
  • The Disk Defragmentor window will open and begin analyzing your hard disk. When it is finished it will tell you if defragmenting is recommended.
  • If Windows recommends defragmenting, click the Defragment Now button.
Disk Defragmenter might take from several minutes to a few hours to finish, depending on the size and degree of fragmentation of your hard disk. You can still use your computer during the defragmentation process.


OK! Well done. :thumbsup: Here is the best part of the process! The mullygrubs are gone! That's a technical term for your log(s) appear to be clean! If you have no further issues with your computer, please proceed with the housekeeping procedures outlined below.
The first thing we need to do is to remove all the tools that we have used. This is so that should you ever be re-infected, you will download updated versions.

If you didn't uninstall ESET after running the program we will do it now.

Step-1.

Uninstall ESET

1. Please click the Start Orb Posted Image, click Control Panel. Under the Programs heading click Uninstall a program
1. Please click Start > Control Panel > Add/Remove Programs
2. In the list of programs installed, locate the following program(s):

ESET

3. Click on each program to highlight it and Uninstall
4. After the programs have been uninstalled, close the Installed Programs window and the Control Panel.
5. Reboot the computer.

Delete the folders associated with the uninstalled programs.(Only do this if you uninstalled the program)

1. Using Windows Explorer (to get there right-click your Start button and click "Explore"), please delete the following folders(s) (if present):

C:\Program Files\ESET

2. Close Windows Explorer.

Step-2.

Uninstall AdwCleaner

Re-open AdwCleaner
  • Click the Uninstall button
  • Confirm with yes
Posted Image

Step-3.

OTL Cleanup

1. Please re-open Posted Image on your desktop.
  • Be sure all other programs are closed as this step will require a reboot.
  • Click on Posted Image
  • You will be prompted to reboot your system. Please do so.
The above process will remove most/all of the tools used and logs created during the cleanup process. After it is finished, OTL will remove itself. This is so that if you are ever infected again you will download the most current copy of the tool.

Step-4.

Delete the following Files and Folders (If Present):

fixlist.txt
fixlog.txt
MBR.dat
SecurityCheck.exe
checkup.txt


Delete any other .bat, .log, .reg, .txt, and any other files created during this process, and left on the desktop and empty the Recycle Bin.

Step-5.

Reset Hidden Files and Folders

1. Click Start,click Control Panel.
2. Click Folder Options.... NOTE: If you are in the Category view, click Appearance, then Folder Options
3. On the Folder Options window click the View tab.
4. In the Advanced settings: box, Under Hidden files and folders, click the Do not show hidden files and folders button.
5. Click the Hide protected operating system files (Recommended) box.
6. Click Apply and then OK

Step-6.

Make a Fresh Restore Point, Clear the Old Restore Points, and Re-enable System Restore

The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected, but that's good news).

Note: Do not clear infected/old System Restore points before creating a new System Restore point first!

For Vista and Windows 7:
  • Click the Start Orb. Click Control Panel. Click System and Maintenance
  • Click System
  • In the left column under Tasks, click Advance System Settings and accept the warning if you get one
  • Click the System Protection Tab
  • In the Available Disks box put a ckeck mark in the box next to OS (?:) (System). Your drive letter will be shown in place of the ?

    Note: It may take some time for the system to populate the Available Disks box, so be patient.
  • Click the Create button at the bottom
  • Type in a name fo the restore point, i.e: Clean
  • Click Create
  • A small System Protection window will come up telling you a Restore Point is being created.
  • Another System Protection window will come up telling you the Restore Point has been created, click OK
  • Click OK again.
  • Close the Control Panel
Now we can purge the old Restore Points
  • Click Start(Windows 7 Orb), click Run (or press the Windows key and R together) to bring up the Run box.
  • Copy and Paste the following in the Run box:
    cleanmgr
  • Click OK
    A Disk Cleanup Options popup will open
    Posted Image
  • Click Files from all users on this computer

    A Drive Selection popup will open
    NOTE: You will not see this window unless you have more than one drive or partition on your computer.
    Posted Image
    If you chose Files from all users on this computer above, then click on Continue for UAC prompt.
  • Select the system drive, C:\ and click OK.
  • For a few moments the system will make some calculations
    Posted Image
  • The Disk Cleanup Window will open:
    Posted Image
  • Click the More Options tab.
  • Click the Clean up button under the System Restore and Shadow Copies section. (See screenshot below)
    Posted Image
  • In the Disk Cleanup dialog box, click Delete (See screenshot below).
    Posted Image
  • You will get a Disk Cleanup confirmation (See screenshot below)
    Posted Image
  • Click Delete Files, and then click OK.


Preventing Re-Infection

Below, I have included a number of recommendations for how to protect your computer against future malware infections.

:Keep Windows Updated:-Windows Updates are constantly being revised to combat the newest hacks and threats. Microsoft releases security updates that help your computer from becoming vulnerable.
Please either enable Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Vista and Windows 7 Users:
1. Click Start> All Programs, from the list find Windows Update and click it.

:Turn On Automatic Updates:

Vista and Windows 7
1. Click Start> Control Panel. Click Security. Under Windows Update, Click Turn automatic on or off.
2. On the next page, under Important Updates, Click the Drop down arrow on the right side of the box and Click Install Updates Automatically(recommended).
If you click this setting, click to select the day and time for scheduled updates to occur. You can schedule Automatic Updates for any time of day. Remember, your computer must be on at the scheduled time for updates to be installed. After you set this option, Windows recognizes when you are online and uses your Internet connection to find updates on the Windows Update Web site or on the Microsoft Update Web site that apply to your computer. Updates are downloaded automatically in the background, and you are not notified or interrupted during this process. An icon appears in the notification area of your task bar when the updates are being downloaded. You can point to the icon to view the download status. To pause or to resume the download, right-click the icon, and then click Pause or Resume. When the download is completed, another message appears in the notification area so that you can review the updates that are scheduled for installation. If you choose not to install at that time, Windows starts the installation on your set schedule.

: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software or need it to play games on-line.
In that instance I would recommend that you only use Firefox or Chrome to visit those sites and do the following:If you still want to keep Java
  • Click the Start button
  • Click Control Panel
  • Double Click Java - Looks like a coffee cup. You may have to switch to Classical View on the upper left of the Control Panel to see it.
  • Click the Update tab
  • Click Update Now
  • Allow any updates to be downloaded and installed
: Keep Adobe Reader Updated :
  • Open Adobe Reader
  • Click Help on the menu at the top
  • Click Check for Updates
  • Allow any updates to be downloaded and installed
NOTE: Whether you use Adobe Reader, Acrobat or Foxit Reader to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Click Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. Click OK Close program. It's the same for Foxit Reader except Preferences is under the Tools menu, and you uncheck Enable Javascript Actions.

NOTE: Many installers offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

:Web Browsers:

:Make your Internet Explorer more secure:
1. From within Internet Explorer click on the Tools menu and then click on Options.
2. Click once on the Security tab
3. Click once on the Internet icon so it becomes highlighted.
4. Click once on the Custom Level button.
5. Change the Download signed ActiveX controls to "Prompt"
6. Change the Download unsigned ActiveX controls to "Disable"
7. Change the Initialise and script ActiveX controls not marked as safe to "Disable"
8. Change the Installation of desktop items to "Prompt"
9. Change the Launching programs and files in an IFRAME to "Prompt"
10. When all these settings have been made, click on the OK button.
11. If it prompts you as to whether or not you want to save the settings, click the Yes button.
12. Next press the Apply button and then the OK to exit the Internet Properties page.

:Alternate Browsers:

If you use Firefox, I highly recommend these add-ons to keep your PC even more secure.
  • NoScript - for blocking ads and other potential website attacks
  • WebOfTrust - a safe surfing tool for your browser. Traffic-light rating symbols show which websites you can trust when you search, shop and surf on the Web.
  • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling
:Install the MVPs Hosts File:
  • MVPS Hosts file-replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

Preventative programs that will help to keep the nasties away! We will start with Anti Spyware programs. I would advise getting a couple of them at least, and running a full scan at least once a month. Run Quick Scans at least once a week. Download the Free versions. And update the definitions before running scans.

========Anti Spyware========
  • Malwarebytes-Free Version- a powerful tool to search for and eliminate malware found on your computer.
  • SUPERAntiSpyware Free Edition-another scanning tool to find and eliminate malware.
  • SpywareBlaster-to help prevent spyware from installing in the first place. A tutorial can be found here.
  • SpywareGuard-to catch and block spyware before it can execute. A tutorial can be found here.
  • WinPatrol - will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. Help file and tutorial can be found here.
It's a good idea to clear out all your temp files every now and again. This will help your computer from bogging down and slowing. It also can assist in getting rid of files that may contain malicious code that could re-infect your computer.

========TEMP File Cleaners========
  • TFC by OldTimer-A very powerful cleaning program for 32 and 64 bit OS. Note: You may have this already as part of the fixes you have run.
  • CleanUP-Click the Download CleanUP! link. There is also a Learn how to use CleanUP! link on this page.
:BACKUPS:
  • Keep a backup of your important files.-Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
  • ERUNT-(Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
:Keep Installed Programs Up to Date:

It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities.
A program that will do this is listed below. Download and install the program and run it monthly:
Filehippo Update Checker

Finally, please read How did I get infected in the first place? by Mr. Tony Cline

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can then be closed.

I Will Keep This Open For 24 hours or so. If Anything Comes Up - Just Come Back And Let Me Know

Stay Safe :wave:
godawgs
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP