Jump to content


 

Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

hacktool/keygen:win32 removed successfully?!

Started by aslum , Aug 18 2012 12:04 PM

  • Please log in to reply
6 replies to this topic

#1 aslum

aslum

    Member

  • Members
  • PipPip
  • 18 posts

Posted 18 August 2012 - 12:04 PM

I'm running Windows XP Professional
Service Pack 3

Microsoft Security Essentials detected and claimed to have successfully removed hacktool/keygen:win32 however now Chrome won't run, nor can I even uninstall it. Firefox crashes seconds after loading. I've run a full scan w/ MSSecurity Essentials, and scanned with Malwarebytes, and checked HiJackthis. What's next?

*Moderator Edit: Moved topic from XP to the more appropriate forum in order to see if you are stil infected. ~ Queen-Evie*

Edited by Queen-Evie, 18 August 2012 - 12:07 PM.

 

  • BC Ads
  • BleepingComputer.com

#2 boopme

boopme

    To Insanity and Beyond

  • Global Moderator
  • PipPipPipPipPipPip
  • 54,828 posts
  • Gender:Male
  • Location:NJ USA

Posted 21 August 2012 - 08:14 PM

Hello,lets see what these show.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

>>>>>

Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.





Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.





I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


[color="#8B0000"]NOTE: In some instances if no malware is found the
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#3 aslum

aslum

    Member

  • Members
  • PipPip
  • 18 posts

Posted 21 August 2012 - 10:21 PM

Downloading and running Rkill
Here's the Minitoolbox results:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Aslum (administrator) on 21-08-2012 at 23:00:09
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



127.0.0.1 localhost
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 abcstats.com
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net
127.0.0.1 secure.aconti.net
127.0.0.1 www.aconti.net 127.0.0.1 ads.active.com

There are 27161 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
NVIDIA nForce Networking Controller = Local Area Connection (Connected)
Hamachi Network Interface = Hamachi (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Hamachi"

set address name="Hamachi" source=dhcp
set dns name="Hamachi" source=dhcp register=NONE
set wins name="Hamachi" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=static addr=192.168.1.66 mask=255.255.255.0
set address name="Local Area Connection" gateway=192.168.1.1 gwmetric=0
set dns name="Local Area Connection" source=static addr=8.8.8.8 register=PRIMARY
add dns name="Local Area Connection" addr=8.8.4.4 index=2
set wins name="Local Area Connection" source=static addr=none


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : MOISIE

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Hamachi:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Hamachi Network Interface

Physical Address. . . . . . . . . : 7A-79-05-B7-92-33

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : No

IP Address. . . . . . . . . . . . : 5.183.146.51

Subnet Mask . . . . . . . . . . . : 255.0.0.0

Default Gateway . . . . . . . . . :

DHCP Server . . . . . . . . . . . : 5.0.0.1

Lease Obtained. . . . . . . . . . : Tuesday, August 21, 2012 8:21:49 PM

Lease Expires . . . . . . . . . . : Wednesday, August 21, 2013 8:21:49 PM



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : NVIDIA nForce Networking Controller

Physical Address. . . . . . . . . : 00-1D-60-1B-B6-A7

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 192.168.1.66

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 8.8.8.8

8.8.4.4

Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: google.com
Addresses: 74.125.228.1, 74.125.228.3, 74.125.228.5, 74.125.228.14
74.125.228.6, 74.125.228.8, 74.125.228.0, 74.125.228.7, 74.125.228.4
74.125.228.2, 74.125.228.9



Pinging google.com [74.125.228.1] with 32 bytes of data:



Reply from 74.125.228.1: bytes=32 time=34ms TTL=55

Reply from 74.125.228.1: bytes=32 time=32ms TTL=55



Ping statistics for 74.125.228.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 32ms, Maximum = 34ms, Average = 33ms

Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: yahoo.com
Addresses: 98.139.183.24, 72.30.38.140, 98.138.253.109



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=89ms TTL=51

Reply from 98.139.183.24: bytes=32 time=156ms TTL=50



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 89ms, Maximum = 156ms, Average = 122ms

Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...7a 79 05 b7 92 33 ...... Hamachi Network Interface
0x3 ...00 1d 60 1b b6 a7 ...... NVIDIA nForce Networking Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.66 20
2.121.101.42 255.255.255.255 192.168.1.1 192.168.1.66 20
5.0.0.0 255.0.0.0 5.183.146.51 5.183.146.51 20
5.183.146.51 255.255.255.255 127.0.0.1 127.0.0.1 20
5.255.255.255 255.255.255.255 5.183.146.51 5.183.146.51 20
24.59.124.40 255.255.255.255 192.168.1.1 192.168.1.66 20
93.97.68.85 255.255.255.255 192.168.1.1 192.168.1.66 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.66 192.168.1.66 30
186.80.10.252 255.255.255.255 192.168.1.1 192.168.1.66 20
187.23.116.95 255.255.255.255 192.168.1.1 192.168.1.66 20
190.213.241.229 255.255.255.255 192.168.1.1 192.168.1.66 20
192.168.1.0 255.255.255.0 192.168.1.66 192.168.1.66 20
192.168.1.66 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.66 192.168.1.66 20
224.0.0.0 240.0.0.0 5.183.146.51 5.183.146.51 20
224.0.0.0 240.0.0.0 192.168.1.66 192.168.1.66 20
255.255.255.255 255.255.255.255 5.183.146.51 5.183.146.51 1
255.255.255.255 255.255.255.255 192.168.1.66 192.168.1.66 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/08/2012 09:45:25 PM) (Source: Application Hang) (User: )
Description: Hanging application Steam.exe, version 1.0.1446.623, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/07/2012 08:44:59 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ASLUM\RECENT\RANDOM PICTURES (2).LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/07/2012 08:44:59 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ASLUM\RECENT\RANDOM PICTURES (2).LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/04/2012 11:45:13 PM) (Source: Application Error) (User: )
Description: Fault bucket -1211254161.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (08/04/2012 11:45:02 PM) (Source: Application Error) (User: )
Description: Faulting application googledrivesync.exe, version 1.3.3209.2688, faulting module wxbase293u_vc.dll, version 2.9.3.1, fault address 0x0007286c.
Processing media-specific event for [googledrivesync.exe!ws!]

Error: (08/04/2012 11:44:21 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\CONFIG.MSI\2A8E0E01.RBS> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/02/2012 10:43:56 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ASLUM\RECENT\RANDOM PICTURES (2).LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/02/2012 10:43:56 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ASLUM\RECENT\RANDOM PICTURES (2).LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/01/2012 11:35:54 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ASLUM\RECENT\RANDOM PICTURES (2).LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/01/2012 11:35:54 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ASLUM\RECENT\RANDOM PICTURES (2).LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


System errors:
=============
Error: (08/21/2012 08:28:10 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverARIACNetBT_Tcpip_{61CDB5B7-2692-4045-80A

Error: (08/21/2012 02:27:26 AM) (Source: Service Control Manager) (User: )
Description: The PandoraService service hung on starting.

Error: (08/20/2012 11:58:00 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.131.2365.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/20/2012 11:58:00 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.131.2365.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/20/2012 11:58:00 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.131.2365.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/20/2012 04:31:30 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service terminated unexpectedly. It has done this 1 time(s).

Error: (08/19/2012 11:15:49 AM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{61CDB5B7-2692-4045-80AF-1CE48235FED5}.
The backup browser is stopping.

Error: (08/19/2012 10:52:13 AM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverJOSH-PCNetBT_Tcpip_{61CDB5B7-2692-4045-8

Error: (08/18/2012 08:50:58 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverJOSH-PCNetBT_Tcpip_{61CDB5B7-2692-4045-8

Error: (08/18/2012 06:15:58 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverJOSH-PCNetBT_Tcpip_{61CDB5B7-2692-4045-8


Microsoft Office Sessions:
=========================
Error: (08/08/2012 09:45:25 PM) (Source: Application Hang)(User: )
Description: Steam.exe1.0.1446.623hungapp0.0.0.000000000

Error: (08/07/2012 08:44:59 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\ASLUM\RECENT\RANDOM PICTURES (2).LNK

Error: (08/07/2012 08:44:59 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\ASLUM\RECENT\RANDOM PICTURES (2).LNK

Error: (08/04/2012 11:45:13 PM) (Source: Application Error)(User: )
Description: -1211254161

Error: (08/04/2012 11:45:02 PM) (Source: Application Error)(User: )
Description: googledrivesync.exe1.3.3209.2688wxbase293u_vc.dll2.9.3.10007286c

Error: (08/04/2012 11:44:21 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\CONFIG.MSI\2A8E0E01.RBS

Error: (08/02/2012 10:43:56 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\ASLUM\RECENT\RANDOM PICTURES (2).LNK

Error: (08/02/2012 10:43:56 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\ASLUM\RECENT\RANDOM PICTURES (2).LNK

Error: (08/01/2012 11:35:54 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\ASLUM\RECENT\RANDOM PICTURES (2).LNK

Error: (08/01/2012 11:35:54 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\ASLUM\RECENT\RANDOM PICTURES (2).LNK


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Add or Remove Adobe Creative Suite 3 Master Collection (Version: 1.0)
Adobe After Effects CS3 (Version: 8)
Adobe After Effects CS3 Presets (Version: 8)
Adobe After Effects CS3 Third Party Content (Version: 3)
Adobe AIR (Version: 2.0.2.12610)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe BridgeTalk Plugin CS3 (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Digital Editions
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Extension Manager CS3 (Version: 1.8)
Adobe Flash CS3 (Version: 9.0)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Flash Player 9 ActiveX (Version: 9.0.45.0)
Adobe Flash Player ActiveX (Version: 9.0.124.0)
Adobe Flash Video Encoder (Version: 2.0)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS3 (Version: 13.0)
Adobe InDesign CS3 Icon Handler (Version: 5.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe MotionPicture Color Files (Version: 1.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Reader 9 (Version: 9.0.0)
Adobe Setup (Version: 1.0)
Adobe Shockwave Player 11.5 (Version: 11.5.2.602)
Adobe SING CS3 (Version: 0.1)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe Video Profiles (Version: 1.0)
Adobe WAS CS3 (Version: 1.0)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP DVA Panels CS3 (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Adventure Tools (Version: 1.00.0000)
AHV content for Acrobat and Flash (Version: 1)
Alien Swarm
AnyEdit
Apple Software Update (Version: 2.1.1.116)
Aspell English Dictionary-0.50-2
Audacity 1.2.6
AviSynth 2.5
BrettspielWelt
calibre (Version: 0.7.57)
Canon iP1600
CDBurnerXP (Version: 4.2.3.1062)
Character Builder (Version: 1.10.0000)
Character Builder Beta (Version: 1.01.0000)
Clockwords (Version: 1.0.16)
Clockwords (Version: v1.0.16)
Critical Update for Windows Media Player 11 (KB959772)
Cyclone Wallpaper Changer 1.1
Diablo III (Version: 1.0.3.10235)
Dual-Core Optimizer (Version: 1.1.4.0169)
Dungeon Keeper
Exact Audio Copy 0.99pb4 (Version: 0.99pb4)
FileZilla (remove only)
Galactic Civilizations II
Gallery Remote
GNU Aspell 0.50-3
Google Chrome (Version: 21.0.1180.83)
Google Drive (Version: 1.3.3209.2688)
Google SketchUp 8 (Version: 3.0.11752)
Google Talk Plugin (Version: 3.4.2.8800)
Google Update Helper (Version: 1.3.21.115)
GSB Order Expansion Pack
GSB Tribe Expansion Pack
GTK+ Runtime 2.12.8 rev a (remove only)
GURPS Character Assistant 4
Half-Life 2
HandBrake 0.9.6 (Version: 0.9.6)
Heroes of Might and Magic V
HijackThis 2.0.2 (Version: 2.0.2)
IrfanView (remove only)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
JMB36X Raid Configurer (Version: 1.00.0000)
JunctionMaster
K-Lite Codec Pack 4.2.5 (Full) (Version: 4.2.5)
LAME v3.98.2 for Audacity
Left 4 Dead Demo
LogMeIn Hamachi (Version: 2.1.0.210)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WinUsb 2.0
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Moonbase Alpha
Mozilla Firefox (3.0.3) (Version: 3.0.3 (en-US))
Mozilla Firefox (3.6.28) (Version: 3.6.28 (en-US))
Mozilla Thunderbird (5.0) (Version: 5.0 (en-US))
Mumble 1.2.3 (Version: 1.2.3)
Music Manager
Notepad++ (Version: 5.9.6.2)
NVIDIA Control Panel 296.10 (Version: 296.10)
NVIDIA Drivers
NVIDIA Graphics Driver 296.10 (Version: 296.10)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA nView 136.18 (Version: 136.18)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Update 1.7.11 (Version: 1.7.11)
NVIDIA Update Components (Version: 1.7.11)
OCTGN (Version: 0.10.0.0)
OpenAL
OpenOffice.org 3.2 (Version: 3.2.9502)
Orcs Must Die! 2
OverDrive Media Console (Version: 3.2.5)
Paint.NET v3.5.6 (Version: 3.56.0)
Pando Media Booster (Version: 2.3.6.0)
Pandora Service
PDF Settings (Version: 1.0)
Peggle Deluxe
Peggle Extreme
Pidgin (Version: 2.4.3)
Planetary Defence
Plants vs. Zombies: Game of the Year
PSP Video 9 5.04 (Version: 5.04)
Psychonauts Demo
QuickTime (Version: 7.55.90.70)
Razer BlackWidow Ultimate (Version: 1.04.04)
Realtek High Definition Audio Driver (Version: 5.10.0.5324)
Reaper Gaming Mouse
Riot - Radical Image Optimization Tool
Sid Meier's Civilization 4 - Beyond the Sword (Version: 3.00)
Sid Meier's Civilization 4 (Version: 1.00.0000)
Sid Meier's Civilization 4 (Version: 1.74)
Sid Meier's Civilization V
Spybot - Search & Destroy (Version: 1.6.0)
SpywareBlaster 4.2 (Version: 4.2.0)
Steam (Version: 1.0.0.0)
Stonesense 'Granite'
SUPERAntiSpyware (Version: 4.41.1000)
Team Fortress 2
TeamSpeak 3 Client (Version: 3.0.6)
Terraria
The KMPlayer (remove only)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB943729)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
uTorrentBar Toolbar (Version: 6.8.5.1)
Ventrilo Client (Version: 3.0.5)
Verizon Download Manager (Version: 16)
VisiPics V1.30
VLC media player 2.0.2 (Version: 2.0.2)
Warhammer 40,000 Space Marine
WebFldrs XP (Version: 9.50.7523)
Winamp3 (remove only)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Media Format 11 runtime
Windows Search 4.0 (Version: 04.00.6001.503)
WinRAR archiver
X-COM: Interceptor
X-COM: Terror from the Deep
X-COM: UFO Defense

========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 2046.48 MB
Available physical RAM: 1181.55 MB
Total Pagefile: 3939.11 MB
Available Pagefile: 2817.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1983.88 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:232.88 GB) (Free:18.96 GB) NTFS
3 Drive d: () (Fixed) (Total:233.75 GB) (Free:13.02 GB) NTFS

========================= Users: ========================================

User accounts for \\MOISIE

Administrator Aslum ASPNET
Guest HelpAssistant SUPPORT_388945a0
UpdatusUser


**** End of log ****

#4 aslum

aslum

    Member

  • Members
  • PipPip
  • 18 posts

Posted 21 August 2012 - 10:22 PM

Here's Rkill's results:

Rkill 2.3.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/21/2012 11:20:49 PM in x86 mode.
Windows Version: Windows XP Service Pack 3

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\.com "@" has been changed to ComFile!
* HKLM\Software\Classes\.com "@"was reset to comfile!


Performing miscellaneous checks.

* Windows Firewall Disabled

[HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/21/2012 11:21:23 PM
Execution time: 0 hours(s), 0 minute(s), and 33 seconds(s)

#5 aslum

aslum

    Member

  • Members
  • PipPip
  • 18 posts

Posted 21 August 2012 - 10:25 PM

TDSSKiller report:

23:23:33.0718 0596 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
23:23:34.0296 0596 ============================================================
23:23:34.0296 0596 Current date / time: 2012/08/21 23:23:34.0296
23:23:34.0296 0596 SystemInfo:
23:23:34.0296 0596
23:23:34.0296 0596 OS Version: 5.1.2600 ServicePack: 3.0
23:23:34.0296 0596 Product type: Workstation
23:23:34.0296 0596 ComputerName: MOISIE
23:23:34.0296 0596 UserName: Aslum
23:23:34.0296 0596 Windows directory: C:\WINDOWS
23:23:34.0296 0596 System windows directory: C:\WINDOWS
23:23:34.0296 0596 Processor architecture: Intel x86
23:23:34.0296 0596 Number of processors: 2
23:23:34.0296 0596 Page size: 0x1000
23:23:34.0296 0596 Boot type: Normal boot
23:23:34.0296 0596 ============================================================
23:23:35.0046 0596 Drive \Device\Harddisk0\DR0 - Size: 0x3A70C70000 (233.76 Gb), SectorSize: 0x200, Cylinders: 0x7733, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:23:35.0062 0596 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:23:35.0062 0596 ============================================================
23:23:35.0062 0596 \Device\Harddisk0\DR0:
23:23:35.0062 0596 MBR partitions:
23:23:35.0062 0596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D37F873
23:23:35.0062 0596 \Device\Harddisk1\DR1:
23:23:35.0078 0596 MBR partitions:
23:23:35.0078 0596 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
23:23:35.0078 0596 ============================================================
23:23:35.0124 0596 D: <-> \Device\Harddisk0\DR0\Partition1
23:23:35.0140 0596 C: <-> \Device\Harddisk1\DR1\Partition1
23:23:35.0140 0596 ============================================================
23:23:35.0140 0596 Initialize success
23:23:35.0140 0596 ============================================================
23:23:59.0937 5676 ============================================================
23:23:59.0937 5676 Scan started
23:23:59.0937 5676 Mode: Manual; TDLFS;
23:23:59.0937 5676 ============================================================
23:24:00.0953 5676 ================ Scan system memory ========================
23:24:00.0953 5676 System memory - ok
23:24:00.0953 5676 ================ Scan services =============================
23:24:01.0046 5676 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
23:24:01.0046 5676 !SASCORE - ok
23:24:01.0156 5676 Abiosdsk - ok
23:24:01.0156 5676 abp480n5 - ok
23:24:01.0203 5676 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:24:01.0203 5676 ACPI - ok
23:24:01.0249 5676 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
23:24:01.0249 5676 ACPIEC - ok
23:24:01.0249 5676 adpu160m - ok
23:24:01.0281 5676 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
23:24:01.0281 5676 aec - ok
23:24:01.0328 5676 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
23:24:01.0328 5676 AFD - ok
23:24:01.0328 5676 Aha154x - ok
23:24:01.0328 5676 aic78u2 - ok
23:24:01.0328 5676 aic78xx - ok
23:24:01.0374 5676 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
23:24:01.0390 5676 Alerter - ok
23:24:01.0406 5676 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
23:24:01.0406 5676 ALG - ok
23:24:01.0421 5676 AliIde - ok
23:24:01.0468 5676 [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
23:24:01.0468 5676 AmdLLD - ok
23:24:01.0468 5676 amsint - ok
23:24:01.0499 5676 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
23:24:01.0515 5676 AppMgmt - ok
23:24:01.0531 5676 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:24:01.0531 5676 Arp1394 - ok
23:24:01.0546 5676 asc - ok
23:24:01.0546 5676 asc3350p - ok
23:24:01.0546 5676 asc3550 - ok
23:24:01.0656 5676 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:24:01.0687 5676 aspnet_state - ok
23:24:01.0703 5676 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:24:01.0703 5676 AsyncMac - ok
23:24:01.0718 5676 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
23:24:01.0718 5676 atapi - ok
23:24:01.0734 5676 Atdisk - ok
23:24:01.0765 5676 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:24:01.0765 5676 Atmarpc - ok
23:24:01.0796 5676 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
23:24:01.0796 5676 AudioSrv - ok
23:24:01.0859 5676 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
23:24:01.0859 5676 audstub - ok
23:24:01.0906 5676 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:24:01.0906 5676 Beep - ok
23:24:01.0953 5676 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
23:24:02.0093 5676 BITS - ok
23:24:02.0109 5676 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:24:02.0109 5676 Bonjour Service - ok
23:24:02.0140 5676 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
23:24:02.0140 5676 Browser - ok
23:24:02.0312 5676 catchme - ok
23:24:02.0343 5676 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
23:24:02.0343 5676 cbidf2k - ok
23:24:02.0390 5676 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:24:02.0390 5676 CCDECODE - ok
23:24:02.0406 5676 cd20xrnt - ok
23:24:02.0437 5676 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
23:24:02.0437 5676 Cdaudio - ok
23:24:02.0468 5676 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
23:24:02.0468 5676 Cdfs - ok
23:24:02.0484 5676 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:24:02.0484 5676 Cdrom - ok
23:24:02.0484 5676 Changer - ok
23:24:02.0515 5676 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
23:24:02.0515 5676 CiSvc - ok
23:24:02.0515 5676 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
23:24:02.0515 5676 ClipSrv - ok
23:24:02.0593 5676 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:24:02.0671 5676 clr_optimization_v2.0.50727_32 - ok
23:24:02.0734 5676 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:24:02.0843 5676 clr_optimization_v4.0.30319_32 - ok
23:24:02.0843 5676 CmdIde - ok
23:24:02.0843 5676 COMSysApp - ok
23:24:02.0859 5676 Cpqarray - ok
23:24:02.0906 5676 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
23:24:02.0906 5676 CryptSvc - ok
23:24:02.0906 5676 dac2w2k - ok
23:24:02.0906 5676 dac960nt - ok
23:24:02.0968 5676 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:24:02.0968 5676 DcomLaunch - ok
23:24:02.0984 5676 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
23:24:02.0999 5676 Dhcp - ok
23:24:03.0046 5676 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
23:24:03.0046 5676 Disk - ok
23:24:03.0046 5676 dmadmin - ok
23:24:03.0109 5676 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
23:24:03.0109 5676 dmboot - ok
23:24:03.0124 5676 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
23:24:03.0124 5676 dmio - ok
23:24:03.0124 5676 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
23:24:03.0124 5676 dmload - ok
23:24:03.0156 5676 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
23:24:03.0156 5676 dmserver - ok
23:24:03.0203 5676 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
23:24:03.0203 5676 DMusic - ok
23:24:03.0234 5676 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:24:03.0234 5676 Dnscache - ok
23:24:03.0265 5676 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
23:24:03.0281 5676 Dot3svc - ok
23:24:03.0281 5676 dpti2o - ok
23:24:03.0312 5676 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:24:03.0312 5676 drmkaud - ok
23:24:03.0312 5676 EagleXNt - ok
23:24:03.0374 5676 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
23:24:03.0374 5676 EapHost - ok
23:24:03.0390 5676 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
23:24:03.0390 5676 ERSvc - ok
23:24:03.0437 5676 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
23:24:03.0468 5676 Eventlog - ok
23:24:03.0515 5676 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
23:24:03.0515 5676 EventSystem - ok
23:24:03.0531 5676 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
23:24:03.0531 5676 Fastfat - ok
23:24:03.0562 5676 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:24:03.0562 5676 FastUserSwitchingCompatibility - ok
23:24:03.0578 5676 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
23:24:03.0578 5676 Fdc - ok
23:24:03.0609 5676 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
23:24:03.0609 5676 Fips - ok
23:24:03.0687 5676 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:24:03.0687 5676 FLEXnet Licensing Service - ok
23:24:03.0703 5676 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:24:03.0703 5676 Flpydisk - ok
23:24:03.0749 5676 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
23:24:03.0749 5676 FltMgr - ok
23:24:03.0828 5676 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:24:03.0828 5676 FontCache3.0.0.0 - ok
23:24:03.0874 5676 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:24:03.0874 5676 Fs_Rec - ok
23:24:03.0890 5676 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:24:03.0890 5676 Ftdisk - ok
23:24:03.0937 5676 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:24:03.0937 5676 Gpc - ok
23:24:03.0999 5676 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:24:04.0015 5676 gupdate - ok
23:24:04.0015 5676 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:24:04.0015 5676 gupdatem - ok
23:24:04.0062 5676 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
23:24:04.0062 5676 hamachi - ok
23:24:04.0109 5676 [ F31D7F8A7699575DBB3B3A3AB4AA6216 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
23:24:04.0171 5676 Hamachi2Svc - ok
23:24:04.0218 5676 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:24:04.0234 5676 HDAudBus - ok
23:24:04.0296 5676 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:24:04.0296 5676 helpsvc - ok
23:24:04.0343 5676 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
23:24:04.0343 5676 HidServ - ok
23:24:04.0359 5676 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:24:04.0359 5676 HidUsb - ok
23:24:04.0406 5676 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
23:24:04.0406 5676 hkmsvc - ok
23:24:04.0406 5676 hpn - ok
23:24:04.0421 5676 HTCAND32 - ok
23:24:04.0453 5676 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
23:24:04.0453 5676 HTTP - ok
23:24:04.0499 5676 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
23:24:04.0499 5676 HTTPFilter - ok
23:24:04.0515 5676 i2omgmt - ok
23:24:04.0515 5676 i2omp - ok
23:24:04.0531 5676 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:24:04.0531 5676 i8042prt - ok
23:24:04.0578 5676 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:24:04.0578 5676 IDriverT - ok
23:24:04.0640 5676 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:24:04.0656 5676 idsvc - ok
23:24:04.0703 5676 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
23:24:04.0703 5676 Imapi - ok
23:24:04.0718 5676 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
23:24:04.0718 5676 ImapiService - ok
23:24:04.0734 5676 ini910u - ok
23:24:04.0843 5676 [ 60D7460B07012D364CED11DD9FD83E1F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:24:04.0953 5676 IntcAzAudAddService - ok
23:24:04.0968 5676 IntelIde - ok
23:24:04.0999 5676 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:24:04.0999 5676 intelppm - ok
23:24:05.0015 5676 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
23:24:05.0015 5676 Ip6Fw - ok
23:24:05.0062 5676 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:24:05.0062 5676 IpFilterDriver - ok
23:24:05.0093 5676 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:24:05.0093 5676 IpInIp - ok
23:24:05.0109 5676 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:24:05.0109 5676 IpNat - ok
23:24:05.0171 5676 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:24:05.0171 5676 IPSec - ok
23:24:05.0187 5676 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
23:24:05.0187 5676 IRENUM - ok
23:24:05.0218 5676 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:24:05.0218 5676 isapnp - ok
23:24:05.0359 5676 [ 0A5709543986843D37A92290B7838340 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
23:24:05.0359 5676 JavaQuickStarterService - ok
23:24:05.0390 5676 [ C995C0E8B4503FAC38793BB0236AD246 ] JGOGO C:\WINDOWS\system32\DRIVERS\JGOGO.sys
23:24:05.0390 5676 JGOGO - ok
23:24:05.0390 5676 [ F4A31E66A61C0783F51157519B03280B ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
23:24:05.0390 5676 JRAID - ok
23:24:05.0437 5676 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:24:05.0437 5676 Kbdclass - ok
23:24:05.0453 5676 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:24:05.0453 5676 kbdhid - ok
23:24:05.0468 5676 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
23:24:05.0468 5676 kmixer - ok
23:24:05.0484 5676 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
23:24:05.0484 5676 KSecDD - ok
23:24:05.0531 5676 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
23:24:05.0531 5676 LanmanServer - ok
23:24:05.0562 5676 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:24:05.0562 5676 lanmanworkstation - ok
23:24:05.0578 5676 lbrtfdc - ok
23:24:05.0609 5676 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
23:24:05.0609 5676 LmHosts - ok
23:24:05.0640 5676 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
23:24:05.0640 5676 MBAMProtector - ok
23:24:05.0718 5676 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
23:24:05.0734 5676 MBAMService - ok
23:24:05.0765 5676 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
23:24:05.0765 5676 Messenger - ok
23:24:05.0812 5676 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
23:24:05.0812 5676 mnmdd - ok
23:24:05.0859 5676 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
23:24:05.0859 5676 mnmsrvc - ok
23:24:05.0906 5676 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
23:24:05.0906 5676 Modem - ok
23:24:05.0937 5676 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:24:05.0937 5676 Mouclass - ok
23:24:05.0953 5676 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:24:05.0953 5676 mouhid - ok
23:24:05.0968 5676 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
23:24:05.0968 5676 MountMgr - ok
23:24:06.0015 5676 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
23:24:06.0031 5676 MpFilter - ok
23:24:06.0187 5676 [ A69630D039C38018689190234F866D77 ] MpKslc32598d8 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{030A8839-1774-47FB-A7FC-0C2D233F4BAA}\MpKslc32598d8.sys
23:24:06.0187 5676 MpKslc32598d8 - ok
23:24:06.0187 5676 mraid35x - ok
23:24:06.0203 5676 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:24:06.0203 5676 MRxDAV - ok
23:24:06.0249 5676 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:24:06.0249 5676 MRxSmb - ok
23:24:06.0296 5676 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
23:24:06.0296 5676 MSDTC - ok
23:24:06.0312 5676 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:24:06.0312 5676 Msfs - ok
23:24:06.0312 5676 MSIServer - ok
23:24:06.0374 5676 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:24:06.0374 5676 MSKSSRV - ok
23:24:06.0421 5676 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
23:24:06.0421 5676 MsMpSvc - ok
23:24:06.0437 5676 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:24:06.0437 5676 MSPCLOCK - ok
23:24:06.0437 5676 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:24:06.0437 5676 MSPQM - ok
23:24:06.0484 5676 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:24:06.0484 5676 mssmbios - ok
23:24:06.0515 5676 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
23:24:06.0515 5676 MSTEE - ok
23:24:06.0531 5676 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
23:24:06.0531 5676 MTsensor - ok
23:24:06.0578 5676 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
23:24:06.0578 5676 Mup - ok
23:24:06.0609 5676 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:24:06.0609 5676 NABTSFEC - ok
23:24:06.0640 5676 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
23:24:06.0656 5676 napagent - ok
23:24:06.0671 5676 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
23:24:06.0671 5676 NDIS - ok
23:24:06.0718 5676 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:24:06.0718 5676 NdisIP - ok
23:24:06.0749 5676 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:24:06.0749 5676 NdisTapi - ok
23:24:06.0765 5676 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:24:06.0765 5676 Ndisuio - ok
23:24:06.0765 5676 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:24:06.0765 5676 NdisWan - ok
23:24:06.0828 5676 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:24:06.0828 5676 NDProxy - ok
23:24:06.0843 5676 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:24:06.0843 5676 NetBIOS - ok
23:24:06.0859 5676 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:24:06.0859 5676 NetBT - ok
23:24:06.0874 5676 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
23:24:06.0874 5676 NetDDE - ok
23:24:06.0890 5676 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
23:24:06.0890 5676 NetDDEdsdm - ok
23:24:06.0921 5676 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:24:06.0921 5676 Netlogon - ok
23:24:06.0968 5676 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
23:24:06.0968 5676 Netman - ok
23:24:07.0015 5676 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:24:07.0062 5676 NetTcpPortSharing - ok
23:24:07.0093 5676 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:24:07.0093 5676 NIC1394 - ok
23:24:07.0109 5676 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
23:24:07.0109 5676 Nla - ok
23:24:07.0156 5676 [ FD306FBCCE7ADB1077B709742E7148E9 ] NMSAccessU C:\Program Files\CDBurnerXP\NMSAccessU.exe
23:24:07.0203 5676 NMSAccessU - ok
23:24:07.0203 5676 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:24:07.0203 5676 Npfs - ok
23:24:07.0218 5676 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:24:07.0218 5676 Ntfs - ok
23:24:07.0234 5676 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
23:24:07.0234 5676 NtLmSsp - ok
23:24:07.0265 5676 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
23:24:07.0265 5676 NtmsSvc - ok
23:24:07.0296 5676 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
23:24:07.0296 5676 Null - ok
23:24:07.0609 5676 [ 062C16F3364C7706713282163586988E ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:24:07.0859 5676 nv - ok
23:24:07.0906 5676 [ C03E15101F6D9E82CD9B0E7D715F5DE3 ] nvata C:\WINDOWS\system32\DRIVERS\nvata.sys
23:24:07.0906 5676 nvata - ok
23:24:07.0921 5676 [ B9333604527E02CD2223F200C0BAE7E0 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
23:24:07.0921 5676 NVENETFD - ok
23:24:07.0937 5676 [ 5E9E55F7EE644C7C5FD78A206FBE37AB ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
23:24:07.0937 5676 nvnetbus - ok
23:24:08.0046 5676 [ B2F5AC506C9B1103827B62BA18A2C514 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
23:24:08.0046 5676 NVSvc - ok
23:24:08.0203 5676 [ 844A25C9E3076EDEF2B12E0BEDED755D ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:24:08.0265 5676 nvUpdatusService - ok
23:24:08.0312 5676 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:24:08.0312 5676 NwlnkFlt - ok
23:24:08.0312 5676 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:24:08.0312 5676 NwlnkFwd - ok
23:24:08.0343 5676 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:24:08.0343 5676 ohci1394 - ok
23:24:08.0406 5676 [ 01907300EB52206B06FACB9608F369A9 ] PanService C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
23:24:09.0437 5676 PanService - ok
23:24:09.0468 5676 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
23:24:09.0468 5676 Parport - ok
23:24:09.0484 5676 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
23:24:09.0484 5676 PartMgr - ok
23:24:09.0515 5676 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
23:24:09.0515 5676 ParVdm - ok
23:24:09.0546 5676 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
23:24:09.0546 5676 PCI - ok
23:24:09.0546 5676 PCIDump - ok
23:24:09.0578 5676 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
23:24:09.0578 5676 PCIIde - ok
23:24:09.0593 5676 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
23:24:09.0593 5676 Pcmcia - ok
23:24:09.0593 5676 PDCOMP - ok
23:24:09.0609 5676 PDFRAME - ok
23:24:09.0609 5676 PDRELI - ok
23:24:09.0609 5676 PDRFRAME - ok
23:24:09.0624 5676 perc2 - ok
23:24:09.0624 5676 perc2hib - ok
23:24:09.0656 5676 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
23:24:09.0656 5676 PlugPlay - ok
23:24:09.0671 5676 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
23:24:09.0671 5676 PolicyAgent - ok
23:24:09.0718 5676 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:24:09.0718 5676 PptpMiniport - ok
23:24:09.0718 5676 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:24:09.0718 5676 ProtectedStorage - ok
23:24:09.0734 5676 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
23:24:09.0734 5676 PSched - ok
23:24:09.0734 5676 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:24:09.0734 5676 Ptilink - ok
23:24:09.0734 5676 ql1080 - ok
23:24:09.0734 5676 Ql10wnt - ok
23:24:09.0749 5676 ql12160 - ok
23:24:09.0749 5676 ql1240 - ok
23:24:09.0749 5676 ql1280 - ok
23:24:09.0781 5676 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:24:09.0781 5676 RasAcd - ok
23:24:09.0796 5676 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:24:09.0796 5676 RasAuto - ok
23:24:09.0812 5676 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:24:09.0812 5676 Rasl2tp - ok
23:24:09.0828 5676 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:24:09.0843 5676 RasMan - ok
23:24:09.0843 5676 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:24:09.0843 5676 RasPppoe - ok
23:24:09.0843 5676 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
23:24:09.0843 5676 Raspti - ok
23:24:09.0890 5676 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:24:09.0890 5676 Rdbss - ok
23:24:09.0937 5676 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:24:09.0937 5676 RDPCDD - ok
23:24:09.0984 5676 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:24:09.0984 5676 rdpdr - ok
23:24:10.0046 5676 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
23:24:10.0046 5676 RDPWD - ok
23:24:10.0078 5676 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
23:24:10.0078 5676 RDSessMgr - ok
23:24:10.0109 5676 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
23:24:10.0109 5676 redbook - ok
23:24:10.0156 5676 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:24:10.0156 5676 RemoteAccess - ok
23:24:10.0203 5676 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
23:24:10.0203 5676 RemoteRegistry - ok
23:24:10.0218 5676 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
23:24:10.0218 5676 RpcLocator - ok
23:24:10.0249 5676 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
23:24:10.0265 5676 RpcSs - ok
23:24:10.0296 5676 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
23:24:10.0296 5676 RSVP - ok
23:24:10.0328 5676 [ C2D97A812A2193DE6A639A251C1EE642 ] RzSynapse C:\WINDOWS\system32\DRIVERS\RzSynapse.sys
23:24:10.0328 5676 RzSynapse - ok
23:24:10.0343 5676 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
23:24:10.0343 5676 SamSs - ok
23:24:10.0406 5676 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
23:24:10.0406 5676 SASDIFSV - ok
23:24:10.0406 5676 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
23:24:10.0406 5676 SASKUTIL - ok
23:24:10.0437 5676 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
23:24:10.0437 5676 SCardSvr - ok
23:24:10.0484 5676 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:24:10.0484 5676 Schedule - ok
23:24:10.0499 5676 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:24:10.0499 5676 Secdrv - ok
23:24:10.0515 5676 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
23:24:10.0515 5676 seclogon - ok
23:24:10.0531 5676 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
23:24:10.0531 5676 SENS - ok
23:24:10.0546 5676 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
23:24:10.0546 5676 serenum - ok
23:24:10.0546 5676 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
23:24:10.0546 5676 Serial - ok
23:24:10.0609 5676 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
23:24:10.0609 5676 Sfloppy - ok
23:24:10.0609 5676 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:24:10.0624 5676 SharedAccess - ok
23:24:10.0624 5676 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:24:10.0640 5676 ShellHWDetection - ok
23:24:10.0640 5676 Simbad - ok
23:24:10.0671 5676 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:24:10.0671 5676 SLIP - ok
23:24:10.0687 5676 Sparrow - ok
23:24:10.0734 5676 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
23:24:10.0734 5676 splitter - ok
23:24:10.0781 5676 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
23:24:10.0781 5676 Spooler - ok
23:24:10.0796 5676 sprtsvc_verizondm - ok
23:24:10.0859 5676 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
23:24:10.0874 5676 sr - ok
23:24:10.0874 5676 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
23:24:10.0874 5676 srservice - ok
23:24:10.0906 5676 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:24:10.0906 5676 Srv - ok
23:24:10.0953 5676 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:24:10.0953 5676 SSDPSRV - ok
23:24:11.0015 5676 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
23:24:11.0015 5676 stisvc - ok
23:24:11.0078 5676 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:24:11.0078 5676 streamip - ok
23:24:11.0093 5676 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
23:24:11.0093 5676 swenum - ok
23:24:11.0109 5676 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
23:24:11.0109 5676 swmidi - ok
23:24:11.0109 5676 SwPrv - ok
23:24:11.0124 5676 symc810 - ok
23:24:11.0124 5676 symc8xx - ok
23:24:11.0124 5676 sym_hi - ok
23:24:11.0124 5676 sym_u3 - ok
23:24:11.0156 5676 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
23:24:11.0156 5676 sysaudio - ok
23:24:11.0187 5676 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
23:24:11.0187 5676 SysmonLog - ok
23:24:11.0218 5676 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:24:11.0218 5676 TapiSrv - ok
23:24:11.0265 5676 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:24:11.0265 5676 Tcpip - ok
23:24:11.0296 5676 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
23:24:11.0296 5676 TDPIPE - ok
23:24:11.0312 5676 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
23:24:11.0312 5676 TDTCP - ok
23:24:11.0359 5676 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
23:24:11.0359 5676 TermDD - ok
23:24:11.0374 5676 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
23:24:11.0374 5676 TermService - ok
23:24:11.0390 5676 tgsrvc_verizondm - ok
23:24:11.0390 5676 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
23:24:11.0406 5676 Themes - ok
23:24:11.0437 5676 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
23:24:11.0437 5676 TlntSvr - ok
23:24:11.0453 5676 TosIde - ok
23:24:11.0468 5676 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
23:24:11.0468 5676 TrkWks - ok
23:24:11.0499 5676 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
23:24:11.0499 5676 Udfs - ok
23:24:11.0499 5676 ultra - ok
23:24:11.0546 5676 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
23:24:11.0546 5676 Update - ok
23:24:11.0593 5676 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:24:11.0593 5676 upnphost - ok
23:24:11.0609 5676 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
23:24:11.0609 5676 UPS - ok
23:24:11.0656 5676 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
23:24:11.0656 5676 usbaudio - ok
23:24:11.0671 5676 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:24:11.0671 5676 usbccgp - ok
23:24:11.0718 5676 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:24:11.0718 5676 usbehci - ok
23:24:11.0718 5676 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:24:11.0718 5676 usbhub - ok
23:24:11.0734 5676 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:24:11.0734 5676 usbohci - ok
23:24:11.0734 5676 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:24:11.0749 5676 usbprint - ok
23:24:11.0781 5676 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:24:11.0781 5676 usbscan - ok
23:24:11.0828 5676 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:24:11.0828 5676 USBSTOR - ok
23:24:11.0859 5676 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
23:24:11.0859 5676 usbvideo - ok
23:24:11.0921 5676 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
23:24:11.0921 5676 VgaSave - ok
23:24:11.0921 5676 ViaIde - ok
23:24:11.0953 5676 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
23:24:11.0953 5676 VolSnap - ok
23:24:11.0984 5676 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
23:24:11.0984 5676 VSS - ok
23:24:12.0031 5676 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
23:24:12.0031 5676 W32Time - ok
23:24:12.0031 5676 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:24:12.0031 5676 Wanarp - ok
23:24:12.0093 5676 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
23:24:12.0109 5676 Wdf01000 - ok
23:24:12.0109 5676 WDICA - ok
23:24:12.0140 5676 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
23:24:12.0140 5676 wdmaud - ok
23:24:12.0187 5676 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:24:12.0187 5676 WebClient - ok
23:24:12.0281 5676 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:24:12.0296 5676 winmgmt - ok
23:24:12.0359 5676 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
23:24:12.0359 5676 WinUSB - ok
23:24:12.0390 5676 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
23:24:12.0390 5676 WmdmPmSN - ok
23:24:12.0421 5676 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
23:24:12.0437 5676 Wmi - ok
23:24:12.0468 5676 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:24:12.0484 5676 WmiApSrv - ok
23:24:12.0562 5676 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
23:24:12.0609 5676 WMPNetworkSvc - ok
23:24:12.0734 5676 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:24:12.0781 5676 WPFFontCache_v0400 - ok
23:24:12.0828 5676 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
23:24:12.0828 5676 wscsvc - ok
23:24:12.0843 5676 WSearch - ok
23:24:12.0874 5676 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:24:12.0874 5676 WSTCODEC - ok
23:24:12.0921 5676 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
23:24:12.0953 5676 wuauserv - ok
23:24:12.0968 5676 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:24:12.0968 5676 WudfPf - ok
23:24:12.0984 5676 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:24:12.0984 5676 WudfRd - ok
23:24:13.0015 5676 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
23:24:13.0015 5676 WudfSvc - ok
23:24:13.0062 5676 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
23:24:13.0078 5676 WZCSVC - ok
23:24:13.0109 5676 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
23:24:13.0218 5676 xmlprov - ok
23:24:13.0249 5676 [ 09E5340BD9B2CB730BF4DC6BE7721291 ] xusb21 C:\WINDOWS\system32\DRIVERS\xusb21.sys
23:24:13.0249 5676 xusb21 - ok
23:24:13.0265 5676 ================ Scan global ===============================
23:24:13.0312 5676 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
23:24:13.0343 5676 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:24:13.0359 5676 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:24:13.0374 5676 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
23:24:13.0374 5676 [Global] - ok
23:24:13.0374 5676 ================ Scan MBR ==================================
23:24:13.0390 5676 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
23:24:13.0562 5676 \Device\Harddisk0\DR0 - ok
23:24:13.0593 5676 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
23:24:13.0765 5676 \Device\Harddisk1\DR1 - ok
23:24:13.0765 5676 ================ Scan VBR ==================================
23:24:13.0796 5676 [ E49C7130360E0059ABEC879BE557CF51 ] \Device\Harddisk0\DR0\Partition1
23:24:13.0796 5676 \Device\Harddisk0\DR0\Partition1 - ok
23:24:13.0812 5676 [ 76086A240C66CBE5354DBE4153E6FFA6 ] \Device\Harddisk1\DR1\Partition1
23:24:13.0812 5676 \Device\Harddisk1\DR1\Partition1 - ok
23:24:13.0812 5676 ============================================================
23:24:13.0812 5676 Scan finished
23:24:13.0812 5676 ============================================================
23:24:13.0812 4996 Detected object count: 0
23:24:13.0812 4996 Actual detected object count: 0

#6 aslum

aslum

    Member

  • Members
  • PipPip
  • 18 posts

Posted 22 August 2012 - 09:29 AM

ESETScan results:


C:\Documents and Settings\Aslum\Local Settings\temp\kmp.exe a variant of Win32/SoftonicDownloader.D application cleaned by deleting - quarantined
C:\Documents and Settings\Aslum\My Documents\Install Files\ccount12.zip PHP/Obfuscated.F application deleted - quarantined

#7 boopme

boopme

    To Insanity and Beyond

  • Global Moderator
  • PipPipPipPipPipPip
  • 54,828 posts
  • Gender:Male
  • Location:NJ USA

Posted 22 August 2012 - 09:20 PM

If the original issue persists the run SFC

Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'


You will need your operating system CD handy.

Open Windows Task Manager....by pressing CTRL+SHIFT+ESC

Then click File.. then New Task(Run)

In the box that opens type sfc /scannow ......There is a space between c and /

Click OK
Let it run and insert the CD when asked.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security
Back to Am I infected? What do I do?


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Am I infected? What do I do?
  4. Privacy Policy
  5. Rules ·