Ichigo291

Members
  • Content count

    6
  • Joined

  • Last visited

About Ichigo291

  • Rank
    New Member
  1. Hey thanks for the help. My computer is working like new again.

  2. It's running a lot better then before now. It's not playing the ads anymore, as far as i can tell, and I'm able to connect to google again. Thanks. Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.21.12 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Zack :: ZACK-7EEB1D6426 [administrator] Protection: Disabled 7/22/2012 11:14:42 AM mbam-log-2012-07-22 (11-14-42).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 189281 Time elapsed: 2 minute(s), 44 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  3. When i started ComboFix, it was telling me AVG was still active. I uninstalled AVG yesterday and began using Avira. I deleted the last of the AVG files i could find, and proceeded. Now it's giving me this message: Will it cause any problems if i click Yes?
  4. 09:39:30.0562 2184 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11 09:39:31.0046 2184 ============================================================ 09:39:31.0046 2184 Current date / time: 2012/07/22 09:39:31.0046 09:39:31.0046 2184 SystemInfo: 09:39:31.0046 2184 09:39:31.0046 2184 OS Version: 5.1.2600 ServicePack: 3.0 09:39:31.0046 2184 Product type: Workstation 09:39:31.0046 2184 ComputerName: ZACK-7EEB1D6426 09:39:31.0046 2184 UserName: Zack 09:39:31.0046 2184 Windows directory: C:\WINDOWS 09:39:31.0046 2184 System windows directory: C:\WINDOWS 09:39:31.0046 2184 Processor architecture: Intel x86 09:39:31.0046 2184 Number of processors: 2 09:39:31.0046 2184 Page size: 0x1000 09:39:31.0046 2184 Boot type: Normal boot 09:39:31.0046 2184 ============================================================ 09:39:33.0625 2184 Drive \Device\Harddisk0\DR0 - Size: 0x2540900000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 09:39:33.0625 2184 ============================================================ 09:39:33.0625 2184 \Device\Harddisk0\DR0: 09:39:33.0625 2184 MBR partitions: 09:39:33.0625 2184 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3AD4F, BlocksNum 0x129C262B 09:39:33.0625 2184 ============================================================ 09:39:33.0656 2184 C: <-> \Device\Harddisk0\DR0\Partition0 09:39:33.0656 2184 ============================================================ 09:39:33.0656 2184 Initialize success 09:39:33.0656 2184 ============================================================ 09:40:23.0218 3036 ============================================================ 09:40:23.0218 3036 Scan started 09:40:23.0218 3036 Mode: Manual; SigCheck; TDLFS; 09:40:23.0218 3036 ============================================================ 09:40:29.0625 3036 Abiosdsk - ok 09:40:29.0625 3036 abp480n5 - ok 09:40:29.0953 3036 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 09:40:34.0859 3036 ACPI - ok 09:40:34.0890 3036 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys 09:40:35.0046 3036 ACPIEC - ok 09:40:35.0312 3036 ADIHdAudAddService (307f5e03b02a3022d664c36d1ea25f2c) C:\WINDOWS\system32\drivers\ADIHdAud.sys 09:40:35.0500 3036 ADIHdAudAddService - ok 09:40:35.0828 3036 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 09:40:35.0843 3036 AdobeFlashPlayerUpdateSvc - ok 09:40:35.0843 3036 adpu160m - ok 09:40:36.0031 3036 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 09:40:36.0171 3036 aec - ok 09:40:36.0296 3036 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 09:40:36.0484 3036 AFD - ok 09:40:36.0484 3036 Aha154x - ok 09:40:36.0484 3036 aic78u2 - ok 09:40:36.0484 3036 aic78xx - ok 09:40:36.0578 3036 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll 09:40:36.0656 3036 Alerter - ok 09:40:36.0750 3036 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe 09:40:36.0828 3036 ALG - ok 09:40:36.0828 3036 AliIde - ok 09:40:36.0828 3036 amsint - ok 09:40:37.0328 3036 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files\Avira\AntiVir Desktop\sched.exe 09:40:37.0343 3036 AntiVirSchedulerService - ok 09:40:37.0453 3036 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files\Avira\AntiVir Desktop\avguard.exe 09:40:37.0468 3036 AntiVirService - ok 09:40:37.0531 3036 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll 09:40:37.0593 3036 AppMgmt - ok 09:40:37.0593 3036 asc - ok 09:40:37.0593 3036 asc3350p - ok 09:40:37.0593 3036 asc3550 - ok 09:40:38.0375 3036 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 09:40:38.0437 3036 aspnet_state - ok 09:40:38.0468 3036 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 09:40:38.0562 3036 AsyncMac - ok 09:40:38.0671 3036 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 09:40:38.0781 3036 atapi - ok 09:40:38.0781 3036 Atdisk - ok 09:40:38.0812 3036 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 09:40:38.0890 3036 Atmarpc - ok 09:40:38.0953 3036 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll 09:40:39.0046 3036 AudioSrv - ok 09:40:39.0078 3036 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 09:40:39.0218 3036 audstub - ok 09:40:39.0296 3036 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 09:40:39.0343 3036 avgntflt - ok 09:40:39.0437 3036 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys 09:40:39.0453 3036 avipbb - ok 09:40:39.0468 3036 avkmgr (53e56450da16a1a7f0d002f511113f67) C:\WINDOWS\system32\DRIVERS\avkmgr.sys 09:40:39.0468 3036 avkmgr - ok 09:40:39.0609 3036 b57w2k (f96038aa1ec4013a93d2420fc689d1e9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys 09:40:39.0765 3036 b57w2k - ok 09:40:39.0843 3036 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 09:40:39.0937 3036 Beep - ok 09:40:40.0187 3036 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll 09:40:40.0437 3036 BITS - ok 09:40:40.0578 3036 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll 09:40:40.0859 3036 Browser - ok 09:40:40.0890 3036 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 09:40:40.0984 3036 cbidf2k - ok 09:40:40.0984 3036 cd20xrnt - ok 09:40:41.0093 3036 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 09:40:41.0203 3036 Cdaudio - ok 09:40:41.0328 3036 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 09:40:41.0406 3036 Cdfs - ok 09:40:41.0500 3036 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 09:40:41.0640 3036 Cdrom - ok 09:40:41.0640 3036 cerc6 - ok 09:40:41.0640 3036 Changer - ok 09:40:41.0671 3036 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe 09:40:41.0781 3036 CiSvc - ok 09:40:41.0890 3036 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe 09:40:42.0000 3036 ClipSrv - ok 09:40:42.0218 3036 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 09:40:42.0281 3036 clr_optimization_v2.0.50727_32 - ok 09:40:42.0875 3036 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 09:40:43.0062 3036 clr_optimization_v4.0.30319_32 - ok 09:40:43.0062 3036 CmdIde - ok 09:40:43.0062 3036 COMSysApp - ok 09:40:43.0062 3036 Cpqarray - ok 09:40:43.0109 3036 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll 09:40:43.0203 3036 CryptSvc - ok 09:40:43.0218 3036 dac2w2k - ok 09:40:43.0218 3036 dac960nt - ok 09:40:43.0609 3036 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll 09:40:43.0734 3036 DcomLaunch - ok 09:40:43.0859 3036 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll 09:40:43.0968 3036 Dhcp - ok 09:40:44.0046 3036 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 09:40:44.0203 3036 Disk - ok 09:40:44.0203 3036 dmadmin - ok 09:40:44.0390 3036 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 09:40:44.0625 3036 dmboot - ok 09:40:44.0656 3036 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 09:40:44.0781 3036 dmio - ok 09:40:44.0828 3036 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 09:40:44.0921 3036 dmload - ok 09:40:45.0031 3036 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll 09:40:45.0296 3036 dmserver - ok 09:40:45.0359 3036 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 09:40:45.0546 3036 DMusic - ok 09:40:45.0640 3036 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll 09:40:45.0750 3036 Dnscache - ok 09:40:46.0000 3036 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll 09:40:46.0140 3036 Dot3svc - ok 09:40:46.0140 3036 dpti2o - ok 09:40:46.0171 3036 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 09:40:46.0234 3036 drmkaud - ok 09:40:46.0359 3036 e1kexpress (8bed3dbbb13d2c8e1c1c9decec309826) C:\WINDOWS\system32\DRIVERS\e1k5132.sys 09:40:46.0375 3036 e1kexpress - ok 09:40:46.0375 3036 EagleXNt - ok 09:40:46.0515 3036 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll 09:40:46.0593 3036 EapHost - ok 09:40:46.0656 3036 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll 09:40:46.0750 3036 ERSvc - ok 09:40:46.0843 3036 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe 09:40:46.0875 3036 Eventlog - ok 09:40:46.0968 3036 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll 09:40:47.0093 3036 EventSystem - ok 09:40:47.0265 3036 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 09:40:47.0359 3036 Fastfat - ok 09:40:47.0531 3036 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll 09:40:47.0687 3036 FastUserSwitchingCompatibility - ok 09:40:47.0796 3036 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 09:40:47.0906 3036 Fdc - ok 09:40:47.0968 3036 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 09:40:48.0062 3036 Fips - ok 09:40:48.0140 3036 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 09:40:48.0406 3036 Flpydisk - ok 09:40:48.0515 3036 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 09:40:48.0656 3036 FltMgr - ok 09:40:48.0796 3036 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 09:40:48.0812 3036 FontCache3.0.0.0 - ok 09:40:48.0843 3036 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 09:40:48.0937 3036 Fs_Rec - ok 09:40:49.0046 3036 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 09:40:49.0140 3036 Ftdisk - ok 09:40:49.0265 3036 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 09:40:49.0390 3036 Gpc - ok 09:40:49.0515 3036 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 09:40:49.0593 3036 HDAudBus - ok 09:40:49.0812 3036 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 09:40:49.0890 3036 helpsvc - ok 09:40:49.0953 3036 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll 09:40:50.0046 3036 HidServ - ok 09:40:50.0093 3036 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 09:40:50.0187 3036 hidusb - ok 09:40:50.0218 3036 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll 09:40:50.0312 3036 hkmsvc - ok 09:40:50.0312 3036 hpn - ok 09:40:50.0562 3036 HSFHWBS2 (ac04fc91b57b27086ccf02086fd3f4cb) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys 09:40:50.0921 3036 HSFHWBS2 - ok 09:40:51.0343 3036 HSF_DPV (f362c0b442337da8ab0608dfaa4ca076) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys 09:40:51.0531 3036 HSF_DPV - ok 09:40:51.0750 3036 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 09:40:51.0781 3036 HTTP - ok 09:40:51.0890 3036 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll 09:40:52.0000 3036 HTTPFilter - ok 09:40:52.0000 3036 i2omgmt - ok 09:40:52.0000 3036 i2omp - ok 09:40:52.0062 3036 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys 09:40:52.0156 3036 i8042prt - ok 09:40:53.0296 3036 ialm (f0484b3da09aa0e0916febd9549d4a03) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 09:40:53.0968 3036 ialm - ok 09:40:54.0875 3036 iastor (707c1692214b1c290271067197f075f6) C:\WINDOWS\system32\drivers\iastor.sys 09:40:54.0906 3036 iastor - ok 09:40:56.0015 3036 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 09:40:56.0343 3036 idsvc - ok 09:40:56.0437 3036 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 09:40:56.0546 3036 Imapi - ok 09:40:56.0687 3036 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe 09:40:56.0796 3036 ImapiService - ok 09:40:56.0796 3036 ini910u - ok 09:40:56.0812 3036 IntelIde - ok 09:40:56.0875 3036 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 09:40:56.0984 3036 intelppm - ok 09:40:57.0000 3036 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 09:40:57.0093 3036 Ip6Fw - ok 09:40:57.0125 3036 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 09:40:57.0218 3036 IpFilterDriver - ok 09:40:57.0281 3036 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 09:40:57.0359 3036 IpInIp - ok 09:40:57.0515 3036 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 09:40:57.0609 3036 IpNat - ok 09:40:57.0718 3036 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 09:40:57.0828 3036 IPSec - ok 09:40:57.0859 3036 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 09:40:57.0953 3036 IRENUM - ok 09:40:58.0031 3036 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 09:40:58.0109 3036 isapnp - ok 09:40:58.0500 3036 JavaQuickStarterService (a38441ed570f190cc041a7be49488fa7) C:\Program Files\Java\jre6\bin\jqs.exe 09:40:58.0515 3036 JavaQuickStarterService - ok 09:40:58.0578 3036 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 09:40:58.0687 3036 Kbdclass - ok 09:40:58.0734 3036 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 09:40:58.0812 3036 kbdhid - ok 09:40:58.0968 3036 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 09:40:59.0062 3036 kmixer - ok 09:40:59.0187 3036 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 09:40:59.0265 3036 KSecDD - ok 09:40:59.0421 3036 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll 09:40:59.0500 3036 LanmanServer - ok 09:40:59.0687 3036 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll 09:40:59.0781 3036 lanmanworkstation - ok 09:40:59.0781 3036 lbrtfdc - ok 09:40:59.0875 3036 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll 09:40:59.0984 3036 LmHosts - ok 09:41:00.0093 3036 LMS (41b093f838bfb8c38a7bfa4668a3bc11) C:\Program Files\Intel\AMT\LMS.exe 09:41:00.0109 3036 LMS - ok 09:41:00.0156 3036 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys 09:41:00.0187 3036 MBAMProtector - ok 09:41:00.0828 3036 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 09:41:00.0906 3036 MBAMService - ok 09:41:01.0015 3036 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 09:41:01.0062 3036 mdmxsdk - ok 09:41:01.0140 3036 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll 09:41:01.0250 3036 Messenger - ok 09:41:01.0281 3036 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 09:41:01.0390 3036 mnmdd - ok 09:41:01.0453 3036 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe 09:41:01.0562 3036 mnmsrvc - ok 09:41:01.0625 3036 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 09:41:01.0750 3036 Modem - ok 09:41:01.0812 3036 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 09:41:01.0906 3036 Mouclass - ok 09:41:01.0953 3036 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 09:41:02.0078 3036 mouhid - ok 09:41:02.0156 3036 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 09:41:02.0250 3036 MountMgr - ok 09:41:02.0406 3036 MozillaMaintenance (864c02d08f2f641491fe5b4c004f8980) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 09:41:02.0453 3036 MozillaMaintenance - ok 09:41:02.0453 3036 mraid35x - ok 09:41:02.0671 3036 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 09:41:02.0828 3036 MRxDAV - ok 09:41:03.0312 3036 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 09:41:03.0703 3036 MRxSmb - ok 09:41:03.0781 3036 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe 09:41:03.0875 3036 MSDTC - ok 09:41:03.0921 3036 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 09:41:04.0046 3036 Msfs - ok 09:41:04.0046 3036 MSIServer - ok 09:41:04.0078 3036 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 09:41:04.0203 3036 MSKSSRV - ok 09:41:04.0234 3036 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 09:41:04.0343 3036 MSPCLOCK - ok 09:41:04.0359 3036 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 09:41:04.0468 3036 MSPQM - ok 09:41:04.0531 3036 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 09:41:04.0625 3036 mssmbios - ok 09:41:04.0750 3036 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 09:41:04.0828 3036 Mup - ok 09:41:04.0937 3036 NAL (03ca886ba148b6b9996be1368ddc3fc0) C:\WINDOWS\system32\Drivers\iqvw32.sys 09:41:04.0953 3036 NAL - ok 09:41:05.0328 3036 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll 09:41:05.0468 3036 napagent - ok 09:41:05.0609 3036 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 09:41:05.0718 3036 NDIS - ok 09:41:05.0781 3036 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 09:41:05.0890 3036 NdisTapi - ok 09:41:05.0968 3036 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 09:41:06.0078 3036 Ndisuio - ok 09:41:06.0109 3036 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 09:41:06.0187 3036 NdisWan - ok 09:41:06.0328 3036 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 09:41:06.0375 3036 NDProxy - ok 09:41:06.0484 3036 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 09:41:06.0578 3036 NetBIOS - ok 09:41:06.0687 3036 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 09:41:06.0828 3036 NetBT - ok 09:41:06.0859 3036 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe 09:41:07.0015 3036 NetDDE - ok 09:41:07.0015 3036 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe 09:41:07.0093 3036 NetDDEdsdm - ok 09:41:07.0171 3036 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 09:41:07.0453 3036 Netlogon - ok 09:41:07.0640 3036 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll 09:41:07.0718 3036 Netman - ok 09:41:08.0062 3036 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 09:41:08.0109 3036 NetTcpPortSharing - ok 09:41:08.0406 3036 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll 09:41:08.0453 3036 Nla - ok 09:41:08.0546 3036 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 09:41:08.0640 3036 Npfs - ok 09:41:09.0500 3036 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 09:41:09.0859 3036 Ntfs - ok 09:41:09.0859 3036 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 09:41:09.0921 3036 NtLmSsp - ok 09:41:10.0000 3036 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll 09:41:10.0093 3036 NtmsSvc - ok 09:41:10.0125 3036 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 09:41:10.0234 3036 Null - ok 09:41:10.0265 3036 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 09:41:10.0359 3036 NwlnkFlt - ok 09:41:10.0421 3036 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 09:41:10.0546 3036 NwlnkFwd - ok 09:41:10.0640 3036 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys 09:41:10.0734 3036 Parport - ok 09:41:10.0781 3036 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 09:41:10.0890 3036 PartMgr - ok 09:41:10.0968 3036 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 09:41:11.0078 3036 ParVdm - ok 09:41:11.0140 3036 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 09:41:11.0250 3036 PCI - ok 09:41:11.0265 3036 PCIDump - ok 09:41:11.0296 3036 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 09:41:11.0406 3036 PCIIde - ok 09:41:11.0437 3036 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys 09:41:11.0546 3036 Pcmcia - ok 09:41:11.0546 3036 PDCOMP - ok 09:41:11.0546 3036 PDFRAME - ok 09:41:11.0546 3036 PDRELI - ok 09:41:11.0546 3036 PDRFRAME - ok 09:41:11.0546 3036 perc2 - ok 09:41:11.0562 3036 perc2hib - ok 09:41:11.0968 3036 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe 09:41:12.0015 3036 PlugPlay - ok 09:41:12.0015 3036 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 09:41:12.0109 3036 PolicyAgent - ok 09:41:12.0171 3036 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 09:41:12.0265 3036 PptpMiniport - ok 09:41:12.0281 3036 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 09:41:12.0328 3036 ProtectedStorage - ok 09:41:12.0437 3036 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 09:41:12.0531 3036 PSched - ok 09:41:12.0593 3036 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 09:41:12.0687 3036 Ptilink - ok 09:41:12.0703 3036 ql1080 - ok 09:41:12.0703 3036 Ql10wnt - ok 09:41:12.0703 3036 ql12160 - ok 09:41:12.0703 3036 ql1240 - ok 09:41:12.0703 3036 ql1280 - ok 09:41:12.0765 3036 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 09:41:12.0828 3036 RasAcd - ok 09:41:12.0859 3036 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll 09:41:12.0968 3036 RasAuto - ok 09:41:13.0015 3036 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 09:41:13.0109 3036 Rasl2tp - ok 09:41:13.0296 3036 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll 09:41:13.0406 3036 RasMan - ok 09:41:13.0453 3036 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 09:41:13.0546 3036 RasPppoe - ok 09:41:13.0546 3036 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 09:41:13.0640 3036 Raspti - ok 09:41:13.0718 3036 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 09:41:13.0812 3036 Rdbss - ok 09:41:13.0828 3036 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 09:41:13.0921 3036 RDPCDD - ok 09:41:14.0062 3036 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 09:41:14.0250 3036 rdpdr - ok 09:41:14.0390 3036 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys 09:41:14.0515 3036 RDPWD - ok 09:41:14.0703 3036 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe 09:41:14.0796 3036 RDSessMgr - ok 09:41:14.0890 3036 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 09:41:15.0000 3036 redbook - ok 09:41:15.0031 3036 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll 09:41:15.0140 3036 RemoteAccess - ok 09:41:15.0218 3036 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll 09:41:15.0312 3036 RemoteRegistry - ok 09:41:15.0500 3036 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe 09:41:15.0578 3036 RpcLocator - ok 09:41:16.0015 3036 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll 09:41:16.0265 3036 RpcSs - ok 09:41:16.0312 3036 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe 09:41:16.0453 3036 RSVP - ok 09:41:16.0500 3036 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 09:41:16.0656 3036 SamSs - ok 09:41:16.0718 3036 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe 09:41:16.0906 3036 SCardSvr - ok 09:41:17.0015 3036 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll 09:41:17.0234 3036 Schedule - ok 09:41:17.0250 3036 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 09:41:17.0390 3036 Secdrv - ok 09:41:17.0515 3036 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll 09:41:17.0718 3036 seclogon - ok 09:41:17.0765 3036 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll 09:41:17.0890 3036 SENS - ok 09:41:17.0953 3036 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 09:41:18.0046 3036 serenum - ok 09:41:18.0109 3036 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys 09:41:18.0234 3036 Serial - ok 09:41:18.0312 3036 SFAUDIO (b6401608579b6431994425ba7653f774) C:\WINDOWS\system32\drivers\sfaudio.sys 09:41:18.0359 3036 SFAUDIO - ok 09:41:18.0468 3036 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 09:41:18.0593 3036 Sfloppy - ok 09:41:18.0953 3036 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll 09:41:19.0140 3036 SharedAccess - ok 09:41:19.0312 3036 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll 09:41:19.0328 3036 ShellHWDetection - ok 09:41:19.0328 3036 Simbad - ok 09:41:19.0671 3036 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files\Skype\Updater\Updater.exe 09:41:19.0671 3036 SkypeUpdate - ok 09:41:19.0671 3036 Sparrow - ok 09:41:19.0718 3036 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 09:41:19.0828 3036 splitter - ok 09:41:19.0921 3036 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe 09:41:20.0015 3036 Spooler - ok 09:41:20.0125 3036 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 09:41:20.0171 3036 sr - ok 09:41:20.0343 3036 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll 09:41:20.0453 3036 srservice - ok 09:41:20.0875 3036 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 09:41:21.0000 3036 Srv - ok 09:41:21.0078 3036 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll 09:41:21.0171 3036 SSDPSRV - ok 09:41:21.0203 3036 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 09:41:21.0203 3036 ssmdrv - ok 09:41:21.0265 3036 Steam Client Service - ok 09:41:21.0671 3036 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll 09:41:21.0843 3036 stisvc - ok 09:41:21.0906 3036 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 09:41:22.0046 3036 swenum - ok 09:41:22.0203 3036 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 09:41:22.0296 3036 swmidi - ok 09:41:22.0296 3036 SwPrv - ok 09:41:22.0296 3036 symc810 - ok 09:41:22.0296 3036 symc8xx - ok 09:41:22.0312 3036 sym_hi - ok 09:41:22.0312 3036 sym_u3 - ok 09:41:22.0437 3036 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 09:41:22.0546 3036 sysaudio - ok 09:41:22.0671 3036 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe 09:41:22.0765 3036 SysmonLog - ok 09:41:22.0921 3036 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll 09:41:22.0984 3036 TapiSrv - ok 09:41:23.0109 3036 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 09:41:23.0171 3036 Tcpip - ok 09:41:23.0187 3036 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 09:41:23.0265 3036 TDPIPE - ok 09:41:23.0281 3036 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 09:41:23.0406 3036 TDTCP - ok 09:41:23.0484 3036 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 09:41:23.0609 3036 TermDD - ok 09:41:24.0062 3036 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll 09:41:24.0140 3036 TermService - ok 09:41:24.0296 3036 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll 09:41:24.0312 3036 Themes - ok 09:41:24.0343 3036 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe 09:41:24.0406 3036 TlntSvr - ok 09:41:24.0406 3036 TosIde - ok 09:41:24.0484 3036 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll 09:41:24.0593 3036 TrkWks - ok 09:41:24.0625 3036 TrueSight (b3c9c35dc93563b8d19ad414edf2fc82) c:\windows\system32\drivers\TrueSight.sys 09:41:24.0640 3036 TrueSight ( UnsignedFile.Multi.Generic ) - warning 09:41:24.0640 3036 TrueSight - detected UnsignedFile.Multi.Generic (1) 09:41:24.0812 3036 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 09:41:24.0890 3036 Udfs - ok 09:41:24.0890 3036 ultra - ok 09:41:28.0078 3036 UNS (9b229de91d9fbab10cb53f0e1ffab88d) C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe 09:41:28.0296 3036 UNS - ok 09:41:29.0515 3036 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 09:41:29.0687 3036 Update - ok 09:41:29.0921 3036 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll 09:41:29.0984 3036 upnphost - ok 09:41:30.0015 3036 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe 09:41:30.0078 3036 UPS - ok 09:41:30.0218 3036 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 09:41:30.0343 3036 usbccgp - ok 09:41:30.0406 3036 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 09:41:30.0484 3036 usbehci - ok 09:41:30.0546 3036 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 09:41:30.0625 3036 usbhub - ok 09:41:30.0703 3036 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 09:41:30.0796 3036 usbstor - ok 09:41:30.0875 3036 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 09:41:30.0968 3036 usbuhci - ok 09:41:31.0000 3036 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 09:41:31.0093 3036 VgaSave - ok 09:41:31.0093 3036 ViaIde - ok 09:41:31.0203 3036 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 09:41:31.0312 3036 VolSnap - ok 09:41:31.0609 3036 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe 09:41:31.0734 3036 VSS - ok 09:41:31.0843 3036 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll 09:41:31.0921 3036 W32Time - ok 09:41:31.0984 3036 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 09:41:32.0078 3036 Wanarp - ok 09:41:32.0078 3036 WDICA - ok 09:41:32.0171 3036 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 09:41:32.0234 3036 wdmaud - ok 09:41:32.0296 3036 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll 09:41:32.0421 3036 WebClient - ok 09:41:33.0109 3036 winachsf (92ce6497076eac3083185c44157b3a46) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 09:41:33.0328 3036 winachsf - ok 09:41:33.0703 3036 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll 09:41:33.0812 3036 winmgmt - ok 09:41:33.0859 3036 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll 09:41:34.0000 3036 WmdmPmSN - ok 09:41:34.0734 3036 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll 09:41:34.0843 3036 Wmi - ok 09:41:35.0046 3036 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 09:41:35.0093 3036 WmiAcpi - ok 09:41:35.0203 3036 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe 09:41:35.0296 3036 WmiApSrv - ok 09:41:36.0375 3036 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe 09:41:36.0828 3036 WMPNetworkSvc - ok 09:41:37.0296 3036 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 09:41:37.0468 3036 WPFFontCache_v0400 - ok 09:41:38.0390 3036 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll 09:41:38.0468 3036 wscsvc - ok 09:41:38.0531 3036 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll 09:41:38.0625 3036 wuauserv - ok 09:41:38.0906 3036 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 09:41:38.0968 3036 WudfPf - ok 09:41:39.0046 3036 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 09:41:39.0109 3036 WudfRd - ok 09:41:39.0218 3036 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll 09:41:39.0234 3036 WudfSvc - ok 09:41:39.0750 3036 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll 09:41:39.0859 3036 WZCSVC - ok 09:41:39.0890 3036 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll 09:41:39.0968 3036 xmlprov - ok 09:41:39.0984 3036 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 09:41:40.0015 3036 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected 09:41:40.0015 3036 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0) 09:41:40.0109 3036 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 09:41:40.0109 3036 \Device\Harddisk0\DR0 - detected TDSS File System (1) 09:41:40.0125 3036 Boot (0x1200) (f393e836a4aa9f83495e47a42f26361a) \Device\Harddisk0\DR0\Partition0 09:41:40.0140 3036 \Device\Harddisk0\DR0\Partition0 - ok 09:41:40.0140 3036 ============================================================ 09:41:40.0140 3036 Scan finished 09:41:40.0140 3036 ============================================================ 09:41:40.0234 3236 Detected object count: 3 09:41:40.0234 3236 Actual detected object count: 3 09:42:57.0578 3236 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user 09:42:57.0578 3236 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:42:59.0796 3236 \Device\Harddisk0\DR0\# - copied to quarantine 09:42:59.0796 3236 \Device\Harddisk0\DR0 - copied to quarantine 09:43:00.0109 3236 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine 09:43:00.0343 3236 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine 09:43:00.0375 3236 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine 09:43:00.0500 3236 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine 09:43:00.0593 3236 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine 09:43:00.0640 3236 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 09:43:00.0812 3236 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 09:43:00.0843 3236 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine 09:43:00.0843 3236 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine 09:43:00.0890 3236 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine 09:43:00.0906 3236 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 09:43:00.0906 3236 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 09:43:00.0921 3236 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine 09:43:00.0937 3236 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine 09:43:01.0000 3236 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot 09:43:01.0078 3236 \Device\Harddisk0\DR0 - ok 09:43:02.0171 3236 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure 09:43:02.0171 3236 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 09:43:02.0171 3236 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 09:43:10.0062 2260 Deinitialize success
  5. Every time i run RogueKiller, about halfway through the scan i get a blue screen error and am forced to restart my computer. I also forgot to mention, Malwarebytes keeps blocking outgoing connections to 206.161.121.3 This is what RogueKiller generated before i get the blue screen, and the dds and attach file. (It tells me my post is to long if i copy/paste them) dds.txt attach.txt debug.log
  6. For the past few hours now I've been trying to remove a virus that's been causing ads to play on the computer. Avira, and Malwarebytes both supposedly cured what they found, and aren't finding anything else. I've even ran scans in safe mode, yet nothing changes. It causes ads to play in the background somewhere where i can hear it, but not see it. It's also doing something to not let me connect to google after signing in (Firefox cannot establish a connection). I can use google without signing in, but it will often try to redirect me elsewhere when i try to click on a google link. It set Firefox to use a system proxy, which i already disabled, but that hasn't changed much. I've also tried restoring my computer to a previous date twice, but it changed nothing.