Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rkill not working on new S.M.A.R.T Virus variant


  • Please log in to reply
12 replies to this topic

#1 ARKaMAN

ARKaMAN

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:13 PM

Posted 03 May 2012 - 11:22 AM

Hello I have 3 computers in my shop right now with a newer version of the system check/Smart HDD virus. I can use Rkill to get malwarebyes on and to remove the main popups, but after that I can not finish repairing the computer or update malwarebytes. It says there was a write error. I have reinstalled two of them to get them back to customers in a timely fashion but I still have one here to work on.

Posted Image

Edited by ARKaMAN, 03 May 2012 - 11:46 AM.


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:13 PM

Posted 04 May 2012 - 05:22 AM

Hi Arkaman,

I will be helping you with your problems

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.
-------------------------------------------------------------------------------------------

Please follow the "Automated Removal Instructions for Smart HDD" on link
If you have any problems with each step please let me know which one & what has happened

Post the Rkill & MBAM logs in your next reply.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 ARKaMAN

ARKaMAN
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:13 PM

Posted 07 May 2012 - 09:20 AM

Rkill (eXplorer.exe)
This log file is located at C:\rkill.log. 
Please post this only if requested to by the person helping you. 
Otherwise you can close this log when you wish. 

Rkill was run on 05/07/2012 at  9:14:38. 
Operating System: Microsoft Windows XP 


Processes terminated by Rkill or while it was running: 



Rkill completed on 05/07/2012 at  9:14:41.

TDSSKiller.2.7.34.0_07.05.2012_09.15.31_log
09:15:31.0015 1224	TDSS rootkit removing tool 2.7.34.0 May  2 2012 09:59:18
09:15:31.0062 1224	============================================================
09:15:31.0062 1224	Current date / time: 2012/05/07 09:15:31.0062
09:15:31.0062 1224	SystemInfo:
09:15:31.0062 1224	
09:15:31.0062 1224	OS Version: 5.1.2600 ServicePack: 3.0
09:15:31.0062 1224	Product type: Workstation
09:15:31.0062 1224	ComputerName: NETWORK-6BB9FDC
09:15:31.0062 1224	UserName: Administrator
09:15:31.0062 1224	Windows directory: C:\WINDOWS
09:15:31.0062 1224	System windows directory: C:\WINDOWS
09:15:31.0062 1224	Processor architecture: Intel x86
09:15:31.0062 1224	Number of processors: 1
09:15:31.0062 1224	Page size: 0x1000
09:15:31.0062 1224	Boot type: Safe boot with network
09:15:31.0062 1224	============================================================
09:15:31.0984 1224	Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:15:31.0984 1224	Drive \Device\Harddisk1\DR2 - Size: 0xEC580000 (3.69 Gb), SectorSize: 0x200, Cylinders: 0x1E2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:15:31.0984 1224	============================================================
09:15:31.0984 1224	\Device\Harddisk0\DR0:
09:15:31.0984 1224	MBR partitions:
09:15:31.0984 1224	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
09:15:31.0984 1224	\Device\Harddisk1\DR2:
09:15:31.0984 1224	MBR partitions:
09:15:31.0984 1224	\Device\Harddisk1\DR2\Partition0: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x760C00
09:15:31.0984 1224	============================================================
09:15:32.0421 1224	C: <-> \Device\Harddisk0\DR0\Partition0
09:15:32.0421 1224	============================================================
09:15:32.0421 1224	Initialize success
09:15:32.0421 1224	============================================================
09:15:33.0484 1216	============================================================
09:15:33.0484 1216	Scan started
09:15:33.0484 1216	Mode: Manual; 
09:15:33.0484 1216	============================================================
09:15:33.0937 1216	!SASCORE        (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
09:15:33.0937 1216	!SASCORE - ok
09:15:34.0046 1216	Abiosdsk - ok
09:15:34.0062 1216	abp480n5 - ok
09:15:34.0125 1216	ACPI            (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:15:34.0125 1216	ACPI - ok
09:15:34.0187 1216	ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:15:34.0187 1216	ACPIEC - ok
09:15:34.0187 1216	adpu160m - ok
09:15:34.0265 1216	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:15:34.0265 1216	aec - ok
09:15:34.0312 1216	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:15:34.0328 1216	AFD - ok
09:15:34.0406 1216	AgereSoftModem  (c41a5740468d0b9cb46e6390a0e15ce3) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
09:15:34.0437 1216	AgereSoftModem - ok
09:15:34.0468 1216	Aha154x - ok
09:15:34.0484 1216	aic78u2 - ok
09:15:34.0500 1216	aic78xx - ok
09:15:34.0531 1216	Alerter         (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
09:15:34.0531 1216	Alerter - ok
09:15:34.0578 1216	ALG             (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
09:15:34.0578 1216	ALG - ok
09:15:34.0593 1216	AliIde - ok
09:15:34.0640 1216	AmdK8           (0a4d13b388c814560bd69c3a496ecfa8) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
09:15:34.0640 1216	AmdK8 - ok
09:15:34.0656 1216	amsint - ok
09:15:34.0765 1216	Apple Mobile Device (367592efca7ff8b4ce11ab6b0744e1e2) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
09:15:34.0765 1216	Apple Mobile Device - ok
09:15:34.0796 1216	asc - ok
09:15:34.0812 1216	asc3350p - ok
09:15:34.0828 1216	asc3550 - ok
09:15:35.0156 1216	aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:15:35.0171 1216	aspnet_state - ok
09:15:35.0218 1216	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:15:35.0218 1216	AsyncMac - ok
09:15:35.0281 1216	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:15:35.0281 1216	atapi - ok
09:15:35.0296 1216	Atdisk - ok
09:15:35.0343 1216	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:15:35.0343 1216	Atmarpc - ok
09:15:35.0375 1216	AudioSrv        (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
09:15:35.0375 1216	AudioSrv - ok
09:15:35.0421 1216	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:15:35.0421 1216	audstub - ok
09:15:35.0578 1216	BBSvc           (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
09:15:35.0578 1216	BBSvc - ok
09:15:35.0671 1216	BBUpdate        (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
09:15:35.0671 1216	BBUpdate - ok
09:15:35.0718 1216	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:15:35.0718 1216	Beep - ok
09:15:35.0765 1216	BITS            (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
09:15:35.0843 1216	BITS - ok
09:15:35.0875 1216	Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe
09:15:35.0890 1216	Bonjour Service - ok
09:15:35.0953 1216	Browser         (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
09:15:35.0953 1216	Browser - ok
09:15:36.0000 1216	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:15:36.0000 1216	cbidf2k - ok
09:15:36.0015 1216	cd20xrnt - ok
09:15:36.0062 1216	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:15:36.0062 1216	Cdaudio - ok
09:15:36.0093 1216	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:15:36.0093 1216	Cdfs - ok
09:15:36.0140 1216	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:15:36.0140 1216	Cdrom - ok
09:15:36.0156 1216	Changer - ok
09:15:36.0218 1216	cis1284 - ok
09:15:36.0250 1216	CiSvc           (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
09:15:36.0250 1216	CiSvc - ok
09:15:36.0281 1216	ClipSrv         (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
09:15:36.0281 1216	ClipSrv - ok
09:15:36.0375 1216	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:15:36.0437 1216	clr_optimization_v2.0.50727_32 - ok
09:15:36.0468 1216	CmdIde - ok
09:15:36.0484 1216	cmudau - ok
09:15:36.0500 1216	COMSysApp - ok
09:15:36.0546 1216	Cpqarray - ok
09:15:36.0578 1216	CryptSvc        (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
09:15:36.0578 1216	CryptSvc - ok
09:15:36.0593 1216	dac2w2k - ok
09:15:36.0625 1216	dac960nt - ok
09:15:36.0671 1216	DcomLaunch      (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
09:15:36.0687 1216	DcomLaunch - ok
09:15:36.0734 1216	Dhcp            (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
09:15:36.0734 1216	Dhcp - ok
09:15:36.0781 1216	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:15:36.0781 1216	Disk - ok
09:15:36.0796 1216	dlacdbhm - ok
09:15:36.0812 1216	dmadmin - ok
09:15:36.0875 1216	dmboot          (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
09:15:36.0890 1216	dmboot - ok
09:15:36.0921 1216	dmio            (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
09:15:36.0921 1216	dmio - ok
09:15:36.0953 1216	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:15:36.0953 1216	dmload - ok
09:15:37.0000 1216	dmserver        (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
09:15:37.0000 1216	dmserver - ok
09:15:37.0046 1216	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:15:37.0046 1216	DMusic - ok
09:15:37.0093 1216	Dnscache        (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
09:15:37.0093 1216	Dnscache - ok
09:15:37.0125 1216	Dot3svc         (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
09:15:37.0125 1216	Dot3svc - ok
09:15:37.0140 1216	dpti2o - ok
09:15:37.0187 1216	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:15:37.0187 1216	drmkaud - ok
09:15:37.0218 1216	EapHost         (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
09:15:37.0234 1216	EapHost - ok
09:15:37.0265 1216	ERSvc           (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
09:15:37.0265 1216	ERSvc - ok
09:15:37.0312 1216	Eventlog        (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
09:15:37.0328 1216	Eventlog - ok
09:15:37.0375 1216	EventSystem     (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
09:15:37.0375 1216	EventSystem - ok
09:15:37.0421 1216	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:15:37.0421 1216	Fastfat - ok
09:15:37.0468 1216	FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:15:37.0468 1216	FastUserSwitchingCompatibility - ok
09:15:37.0515 1216	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
09:15:37.0515 1216	Fdc - ok
09:15:37.0546 1216	Fips            (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
09:15:37.0546 1216	Fips - ok
09:15:37.0578 1216	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:15:37.0578 1216	Flpydisk - ok
09:15:37.0625 1216	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:15:37.0625 1216	FltMgr - ok
09:15:37.0718 1216	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:15:37.0718 1216	FontCache3.0.0.0 - ok
09:15:37.0796 1216	ForcewareWebInterface (b81f8778f5bb485f3b75114f0c99a49f) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
09:15:37.0828 1216	ForcewareWebInterface - ok
09:15:37.0859 1216	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:15:37.0859 1216	Fs_Rec - ok
09:15:37.0890 1216	Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:15:37.0890 1216	Ftdisk - ok
09:15:37.0937 1216	gameenum        (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
09:15:37.0937 1216	gameenum - ok
09:15:37.0984 1216	GEARAspiWDM     (df6e37b27a9a1a498c6d9f29995b7a03) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
09:15:37.0984 1216	GEARAspiWDM - ok
09:15:38.0015 1216	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:15:38.0015 1216	Gpc - ok
09:15:38.0125 1216	gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
09:15:38.0125 1216	gupdate - ok
09:15:38.0140 1216	gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
09:15:38.0140 1216	gupdatem - ok
09:15:38.0203 1216	gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:15:38.0203 1216	gusvc - ok
09:15:38.0250 1216	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:15:38.0250 1216	HDAudBus - ok
09:15:38.0296 1216	helpsvc         (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:15:38.0296 1216	helpsvc - ok
09:15:38.0375 1216	hkmsvc          (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
09:15:38.0375 1216	hkmsvc - ok
09:15:38.0390 1216	hpn - ok
09:15:38.0453 1216	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
09:15:38.0453 1216	HTTP - ok
09:15:38.0484 1216	HTTPFilter      (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
09:15:38.0500 1216	HTTPFilter - ok
09:15:38.0515 1216	i2omgmt - ok
09:15:38.0546 1216	i2omp - ok
09:15:38.0593 1216	i8042prt        (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:15:38.0593 1216	i8042prt - ok
09:15:38.0671 1216	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:15:38.0687 1216	idsvc - ok
09:15:38.0734 1216	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:15:38.0734 1216	Imapi - ok
09:15:38.0781 1216	ImapiService    (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
09:15:38.0796 1216	ImapiService - ok
09:15:38.0812 1216	ini910u - ok
09:15:38.0984 1216	IntcAzAudAddService (909d03b3b7fb7c830b74f74f4d0ea7ce) C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:15:39.0109 1216	IntcAzAudAddService - ok
09:15:39.0187 1216	IntelIde - ok
09:15:39.0234 1216	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:15:39.0234 1216	Ip6Fw - ok
09:15:39.0265 1216	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:15:39.0265 1216	IpFilterDriver - ok
09:15:39.0296 1216	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:15:39.0296 1216	IpInIp - ok
09:15:39.0343 1216	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:15:39.0343 1216	IpNat - ok
09:15:39.0437 1216	iPod Service    (6534fa115b2134c67b4908fabc2af993) C:\Program Files\iPod\bin\iPodService.exe
09:15:39.0453 1216	iPod Service - ok
09:15:39.0484 1216	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:15:39.0484 1216	IPSec - ok
09:15:39.0500 1216	irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
09:15:39.0515 1216	irda - ok
09:15:39.0546 1216	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:15:39.0546 1216	IRENUM - ok
09:15:39.0578 1216	Irmon           (49cc4533ce897cb2e93c1e84a818fde5) C:\WINDOWS\System32\irmon.dll
09:15:39.0578 1216	Irmon - ok
09:15:39.0593 1216	irsir           (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
09:15:39.0593 1216	irsir - ok
09:15:39.0640 1216	isapnp          (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:15:39.0640 1216	isapnp - ok
09:15:39.0750 1216	JavaQuickStarterService (9aa67569d5257462e230767510b0c815) C:\Program Files\Java\jre6\bin\jqs.exe
09:15:39.0765 1216	JavaQuickStarterService - ok
09:15:39.0812 1216	Kbdclass        (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:15:39.0812 1216	Kbdclass - ok
09:15:39.0843 1216	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:15:39.0843 1216	kmixer - ok
09:15:39.0906 1216	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
09:15:39.0906 1216	KSecDD - ok
09:15:39.0953 1216	lanmanserver    (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
09:15:39.0953 1216	lanmanserver - ok
09:15:40.0000 1216	lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
09:15:40.0031 1216	lanmanworkstation - ok
09:15:40.0046 1216	lbrtfdc - ok
09:15:40.0109 1216	LmHosts         (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
09:15:40.0109 1216	LmHosts - ok
09:15:40.0156 1216	Messenger       (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
09:15:40.0156 1216	Messenger - ok
09:15:40.0203 1216	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:15:40.0203 1216	mnmdd - ok
09:15:40.0234 1216	mnmsrvc         (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
09:15:40.0234 1216	mnmsrvc - ok
09:15:40.0281 1216	Modem           (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
09:15:40.0281 1216	Modem - ok
09:15:40.0312 1216	Mouclass        (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:15:40.0312 1216	Mouclass - ok
09:15:40.0359 1216	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:15:40.0359 1216	MountMgr - ok
09:15:40.0406 1216	MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:15:40.0406 1216	MozillaMaintenance - ok
09:15:40.0421 1216	mraid35x - ok
09:15:40.0453 1216	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:15:40.0468 1216	MRxDAV - ok
09:15:40.0515 1216	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:15:40.0531 1216	MRxSmb - ok
09:15:40.0578 1216	MSDTC           (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
09:15:40.0578 1216	MSDTC - ok
09:15:40.0625 1216	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:15:40.0625 1216	Msfs - ok
09:15:40.0640 1216	MSIServer - ok
09:15:40.0687 1216	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:15:40.0687 1216	MSKSSRV - ok
09:15:40.0718 1216	msmpsvc - ok
09:15:40.0734 1216	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:15:40.0734 1216	MSPCLOCK - ok
09:15:40.0750 1216	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:15:40.0750 1216	MSPQM - ok
09:15:40.0765 1216	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:15:40.0765 1216	mssmbios - ok
09:15:40.0796 1216	ms_mpu401       (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
09:15:40.0796 1216	ms_mpu401 - ok
09:15:40.0828 1216	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:15:40.0828 1216	Mup - ok
09:15:40.0875 1216	napagent        (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
09:15:40.0890 1216	napagent - ok
09:15:40.0921 1216	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:15:40.0937 1216	NDIS - ok
09:15:40.0968 1216	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:15:40.0968 1216	NdisTapi - ok
09:15:41.0000 1216	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:15:41.0000 1216	Ndisuio - ok
09:15:41.0046 1216	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:15:41.0046 1216	NdisWan - ok
09:15:41.0125 1216	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:15:41.0125 1216	NDProxy - ok
09:15:41.0171 1216	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:15:41.0171 1216	NetBIOS - ok
09:15:41.0203 1216	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:15:41.0218 1216	NetBT - ok
09:15:41.0250 1216	NetDDE          (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
09:15:41.0265 1216	NetDDE - ok
09:15:41.0281 1216	NetDDEdsdm      (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
09:15:41.0281 1216	NetDDEdsdm - ok
09:15:41.0328 1216	Netlogon        (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:15:41.0328 1216	Netlogon - ok
09:15:41.0375 1216	Netman          (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
09:15:41.0390 1216	Netman - ok
09:15:41.0468 1216	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:15:41.0468 1216	NetTcpPortSharing - ok
09:15:41.0515 1216	Nla             (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
09:15:41.0531 1216	Nla - ok
09:15:41.0562 1216	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:15:41.0562 1216	Npfs - ok
09:15:41.0671 1216	nSvcIp          (adc2d25754f8ca371aff9644b8eaa681) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
09:15:41.0671 1216	nSvcIp - ok
09:15:41.0687 1216	nSvcLog         (ee0f4d3e3fd2b5dacf7eedddbb243973) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
09:15:41.0703 1216	nSvcLog - ok
09:15:41.0765 1216	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:15:41.0781 1216	Ntfs - ok
09:15:41.0796 1216	NtLmSsp         (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:15:41.0796 1216	NtLmSsp - ok
09:15:41.0859 1216	NtmsSvc         (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
09:15:41.0859 1216	NtmsSvc - ok
09:15:41.0890 1216	ntsyslog - ok
09:15:41.0937 1216	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:15:41.0937 1216	Null - ok
09:15:42.0078 1216	nv              (eb2858f920b8135b807b5ccaa3ed73dc) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:15:42.0187 1216	nv - ok
09:15:42.0281 1216	nvata           (9eccd189a9554c30a0d18a429778c7ba) C:\WINDOWS\system32\DRIVERS\nvata.sys
09:15:42.0281 1216	nvata - ok
09:15:42.0296 1216	NVENETFD        (4d6f0d3fb17c1ba64942f415c73adcdb) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
09:15:42.0296 1216	NVENETFD - ok
09:15:42.0328 1216	nvnetbus        (921e63aa1e1a20302223d016acafb52b) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
09:15:42.0328 1216	nvnetbus - ok
09:15:42.0359 1216	NVSvc           (36032035fa55f030d55237d5c639a81d) C:\WINDOWS\system32\nvsvc32.exe
09:15:42.0359 1216	NVSvc - ok
09:15:42.0390 1216	nwdls - ok
09:15:42.0437 1216	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:15:42.0437 1216	NwlnkFlt - ok
09:15:42.0468 1216	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:15:42.0468 1216	NwlnkFwd - ok
09:15:42.0515 1216	Parport         (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
09:15:42.0515 1216	Parport - ok
09:15:42.0562 1216	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:15:42.0562 1216	PartMgr - ok
09:15:42.0609 1216	ParVdm          (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
09:15:42.0609 1216	ParVdm - ok
09:15:42.0640 1216	PCI             (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
09:15:42.0640 1216	PCI - ok
09:15:42.0656 1216	PCIDump - ok
09:15:42.0687 1216	PCIIde          (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:15:42.0687 1216	PCIIde - ok
09:15:42.0734 1216	Pcmcia          (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:15:42.0734 1216	Pcmcia - ok
09:15:42.0734 1216	PDCOMP - ok
09:15:42.0765 1216	PDFRAME - ok
09:15:42.0781 1216	PDRELI - ok
09:15:42.0796 1216	PDRFRAME - ok
09:15:42.0812 1216	perc2 - ok
09:15:42.0828 1216	perc2hib - ok
09:15:42.0906 1216	PlugPlay        (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
09:15:42.0906 1216	PlugPlay - ok
09:15:42.0921 1216	PolicyAgent     (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:15:42.0921 1216	PolicyAgent - ok
09:15:42.0953 1216	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:15:42.0953 1216	PptpMiniport - ok
09:15:43.0000 1216	Processor       (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
09:15:43.0000 1216	Processor - ok
09:15:43.0015 1216	ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:15:43.0015 1216	ProtectedStorage - ok
09:15:43.0046 1216	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:15:43.0046 1216	PSched - ok
09:15:43.0078 1216	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:15:43.0078 1216	Ptilink - ok
09:15:43.0093 1216	ql1080 - ok
09:15:43.0125 1216	Ql10wnt - ok
09:15:43.0140 1216	ql12160 - ok
09:15:43.0156 1216	ql1240 - ok
09:15:43.0171 1216	ql1280 - ok
09:15:43.0203 1216	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:15:43.0203 1216	RasAcd - ok
09:15:43.0234 1216	RasAuto         (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
09:15:43.0250 1216	RasAuto - ok
09:15:43.0281 1216	Rasirda         (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
09:15:43.0281 1216	Rasirda - ok
09:15:43.0312 1216	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:15:43.0328 1216	Rasl2tp - ok
09:15:43.0375 1216	RasMan          (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
09:15:43.0375 1216	RasMan - ok
09:15:43.0421 1216	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:15:43.0421 1216	RasPppoe - ok
09:15:43.0437 1216	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:15:43.0437 1216	Raspti - ok
09:15:43.0484 1216	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:15:43.0484 1216	Rdbss - ok
09:15:43.0531 1216	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:15:43.0531 1216	RDPCDD - ok
09:15:43.0609 1216	RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
09:15:43.0609 1216	RDPWD - ok
09:15:43.0656 1216	RDSessMgr       (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
09:15:43.0656 1216	RDSessMgr - ok
09:15:43.0703 1216	redbook         (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:15:43.0703 1216	redbook - ok
09:15:43.0734 1216	RemoteAccess    (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
09:15:43.0750 1216	RemoteAccess - ok
09:15:43.0781 1216	RpcLocator      (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
09:15:43.0796 1216	RpcLocator - ok
09:15:43.0828 1216	rpcnet - ok
09:15:43.0875 1216	RpcSs           (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
09:15:43.0875 1216	RpcSs - ok
09:15:43.0921 1216	RSVP            (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
09:15:43.0921 1216	RSVP - ok
09:15:43.0953 1216	rtl8023 - ok
09:15:43.0968 1216	RTSTOR - ok
09:15:44.0031 1216	SamSs           (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:15:44.0031 1216	SamSs - ok
09:15:44.0093 1216	SASKUTIL - ok
09:15:44.0281 1216	SBAMSvc         (2977a3760a2780b467e92ffa6c92d426) C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
09:15:44.0375 1216	SBAMSvc - ok
09:15:44.0453 1216	sbaphd          (62ba65cc0b4a4bd1eaff5fed6e2b5069) C:\WINDOWS\system32\drivers\sbaphd.sys
09:15:44.0453 1216	sbaphd - ok
09:15:44.0484 1216	sbapifs         (3fff8cda4d2f29ca06f1557e85163c30) C:\WINDOWS\system32\drivers\sbapifs.sys
09:15:44.0484 1216	sbapifs - ok
09:15:44.0609 1216	SBPIMSvc        (7d7652fb094a4632b0314641de976855) C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
09:15:44.0609 1216	SBPIMSvc - ok
09:15:44.0671 1216	SBRE            (1fd538c4feb36b793d2121f20bbdc16f) C:\WINDOWS\system32\drivers\SBREdrv.sys
09:15:44.0671 1216	SBRE - ok
09:15:44.0718 1216	SbTis           (8bb1632b79ff24f570956ebb43a07501) C:\WINDOWS\system32\drivers\sbtis.sys
09:15:44.0718 1216	SbTis - ok
09:15:44.0781 1216	SCardSvr        (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
09:15:44.0781 1216	SCardSvr - ok
09:15:44.0828 1216	Schedule        (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
09:15:44.0843 1216	Schedule - ok
09:15:44.0875 1216	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:15:44.0875 1216	Secdrv - ok
09:15:44.0906 1216	seclogon        (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
09:15:44.0906 1216	seclogon - ok
09:15:44.0937 1216	SENS            (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
09:15:44.0937 1216	SENS - ok
09:15:44.0984 1216	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
09:15:44.0984 1216	serenum - ok
09:15:45.0015 1216	Serial          (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
09:15:45.0015 1216	Serial - ok
09:15:45.0093 1216	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:15:45.0093 1216	Sfloppy - ok
09:15:45.0156 1216	SharedAccess    (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
09:15:45.0171 1216	SharedAccess - ok
09:15:45.0234 1216	ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:15:45.0234 1216	ShellHWDetection - ok
09:15:45.0250 1216	Simbad - ok
09:15:45.0281 1216	Sparrow - ok
09:15:45.0312 1216	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:15:45.0328 1216	splitter - ok
09:15:45.0390 1216	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
09:15:45.0406 1216	Spooler - ok
09:15:45.0437 1216	sr              (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
09:15:45.0437 1216	sr - ok
09:15:45.0515 1216	srservice       (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
09:15:45.0515 1216	srservice - ok
09:15:45.0593 1216	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
09:15:45.0593 1216	Srv - ok
09:15:45.0671 1216	SSDPSRV         (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
09:15:45.0671 1216	SSDPSRV - ok
09:15:45.0703 1216	stisvc          (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
09:15:45.0718 1216	stisvc - ok
09:15:45.0750 1216	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:15:45.0750 1216	swenum - ok
09:15:45.0796 1216	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:15:45.0796 1216	swmidi - ok
09:15:45.0828 1216	SwPrv - ok
09:15:45.0843 1216	symc810 - ok
09:15:45.0859 1216	symc8xx - ok
09:15:45.0890 1216	sym_hi - ok
09:15:45.0906 1216	sym_u3 - ok
09:15:45.0953 1216	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:15:45.0953 1216	sysaudio - ok
09:15:45.0984 1216	SysmonLog       (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
09:15:46.0000 1216	SysmonLog - ok
09:15:46.0031 1216	TapiSrv         (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
09:15:46.0046 1216	TapiSrv - ok
09:15:46.0078 1216	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:15:46.0093 1216	Tcpip - ok
09:15:46.0125 1216	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:15:46.0125 1216	TDPIPE - ok
09:15:46.0171 1216	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:15:46.0187 1216	TDTCP - ok
09:15:46.0218 1216	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:15:46.0218 1216	TermDD - ok
09:15:46.0250 1216	TermService     (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
09:15:46.0250 1216	TermService - ok
09:15:46.0281 1216	Themes          (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:15:46.0296 1216	Themes - ok
09:15:46.0406 1216	TomTomHOMEService (efef22b9577e5051057fde1ae381b50c) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
09:15:46.0406 1216	TomTomHOMEService - ok
09:15:46.0437 1216	TosIde - ok
09:15:46.0484 1216	TrkWks          (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
09:15:46.0484 1216	TrkWks - ok
09:15:46.0531 1216	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:15:46.0531 1216	Udfs - ok
09:15:46.0546 1216	ultra - ok
09:15:46.0562 1216	ultra66 - ok
09:15:46.0609 1216	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:15:46.0609 1216	Update - ok
09:15:46.0640 1216	upnphost        (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
09:15:46.0656 1216	upnphost - ok
09:15:46.0687 1216	UPS             (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
09:15:46.0687 1216	UPS - ok
09:15:46.0718 1216	USBAAPL         (026f7f224f088ee11e383bca448fff81) C:\WINDOWS\system32\Drivers\usbaapl.sys
09:15:46.0718 1216	USBAAPL - ok
09:15:46.0781 1216	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:15:46.0781 1216	usbccgp - ok
09:15:46.0828 1216	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:15:46.0828 1216	usbehci - ok
09:15:46.0843 1216	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:15:46.0843 1216	usbhub - ok
09:15:46.0890 1216	usbohci         (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\drivers\usbohci.sys
09:15:46.0890 1216	usbohci - ok
09:15:46.0921 1216	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:15:46.0921 1216	usbprint - ok
09:15:46.0937 1216	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:15:46.0953 1216	usbscan - ok
09:15:46.0968 1216	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:15:46.0968 1216	USBSTOR - ok
09:15:46.0984 1216	USB_RNDIS_XP    (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys
09:15:46.0984 1216	USB_RNDIS_XP - ok
09:15:47.0015 1216	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:15:47.0015 1216	VgaSave - ok
09:15:47.0046 1216	ViaIde - ok
09:15:47.0093 1216	VolSnap         (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
09:15:47.0093 1216	VolSnap - ok
09:15:47.0125 1216	VSS             (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
09:15:47.0140 1216	VSS - ok
09:15:47.0218 1216	W32Time         (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
09:15:47.0218 1216	W32Time - ok
09:15:47.0265 1216	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:15:47.0265 1216	Wanarp - ok
09:15:47.0281 1216	WDICA - ok
09:15:47.0343 1216	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:15:47.0343 1216	wdmaud - ok
09:15:47.0390 1216	WebClient       (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
09:15:47.0390 1216	WebClient - ok
09:15:47.0484 1216	winmgmt         (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
09:15:47.0484 1216	winmgmt - ok
09:15:47.0546 1216	WinRM           (18f347402da544a780949b8fdf83351b) C:\WINDOWS\system32\WsmSvc.dll
09:15:47.0640 1216	WinRM - ok
09:15:47.0828 1216	wlidsvc         (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:15:47.0875 1216	wlidsvc - ok
09:15:47.0984 1216	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
09:15:48.0000 1216	WmdmPmSN - ok
09:15:48.0078 1216	WmiApSrv        (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:15:48.0093 1216	WmiApSrv - ok
09:15:48.0187 1216	WMPNetworkSvc   (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
09:15:48.0203 1216	WMPNetworkSvc - ok
09:15:48.0250 1216	wuauserv        (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
09:15:48.0265 1216	wuauserv - ok
09:15:48.0296 1216	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:15:48.0312 1216	WudfPf - ok
09:15:48.0343 1216	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:15:48.0343 1216	WudfRd - ok
09:15:48.0390 1216	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
09:15:48.0406 1216	WudfSvc - ok
09:15:48.0484 1216	WZCSVC          (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
09:15:48.0484 1216	WZCSVC - ok
09:15:48.0546 1216	xmlprov         (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
09:15:48.0546 1216	xmlprov - ok
09:15:48.0562 1216	zdeviceservice - ok
09:15:48.0609 1216	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
09:15:48.0703 1216	\Device\Harddisk0\DR0 - ok
09:15:48.0718 1216	MBR (0x1B8)     (996dd28ffe22994059bafa016fadfd2a) \Device\Harddisk1\DR2
09:15:48.0734 1216	\Device\Harddisk1\DR2 - ok
09:15:48.0750 1216	Boot (0x1200)   (5b1ca1a41c8dc5897e81d8d1f4f806ca) \Device\Harddisk0\DR0\Partition0
09:15:48.0750 1216	\Device\Harddisk0\DR0\Partition0 - ok
09:15:48.0765 1216	Boot (0x1200)   (cadeb175a7a78ec853c5dc4d4bc663f4) \Device\Harddisk1\DR2\Partition0
09:15:48.0765 1216	\Device\Harddisk1\DR2\Partition0 - ok
09:15:48.0765 1216	============================================================
09:15:48.0765 1216	Scan finished
09:15:48.0765 1216	============================================================
09:15:48.0796 1184	Detected object count: 0
09:15:48.0796 1184	Actual detected object count: 0
09:15:52.0203 1192	Deinitialize success


#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:13 PM

Posted 07 May 2012 - 09:39 AM

Hi

Those 2 logs are clean

It says there was a write error.

Please explain what happens in order to get this?
Do you still receive this message?

Edited by dev00790, 07 May 2012 - 09:39 AM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 ARKaMAN

ARKaMAN
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:13 PM

Posted 07 May 2012 - 10:30 AM

Safemode With Networking.

Open MWB

Update MWB

Error

#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:13 PM

Posted 07 May 2012 - 01:05 PM

Hi Arkaman,

  • Please take a screenshot of the error (How to take a screenshot)
  • Save it as a picture file (eg .jpg / .gif) to your desktop
  • Upload the file saved on your desktop to a site like Mediafire
  • Please post the link to the file in your next reply.



Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 ARKaMAN

ARKaMAN
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:13 PM

Posted 07 May 2012 - 03:42 PM

http://i.imgur.com/mWicI.png

#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:13 PM

Posted 07 May 2012 - 03:52 PM

Hi

Please do the following:

  • Download FixExec.exe to your desktop.
  • Double click on downloaded file to run the fix.
  • When the program has finished, it will generate a log on the desktop called FixExec.exe.
  • Post the log in your next reply.


NOTE:
If for any reason you're not able to execute FixExec.exe rename it to FixExec.com, FixExec.pif or FixExec.scr.

Edited by dev00790, 07 May 2012 - 04:03 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:13 PM

Posted 07 May 2012 - 04:01 PM

Note - I have edited the previous post (instructions were incorrect)

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#10 ARKaMAN

ARKaMAN
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:13 PM

Posted 07 May 2012 - 04:41 PM

Unfortunately the customer needs it back tomorrow. So I have already backed up data and started a reinstall. I will continue this thread if we get another computer in like this. We get a few Virus computers a week.

Edited by ARKaMAN, 07 May 2012 - 04:41 PM.


#11 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:13 PM

Posted 07 May 2012 - 06:31 PM

Ok thanks for letting me know

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#12 ARKaMAN

ARKaMAN
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:13 PM

Posted 08 May 2012 - 09:44 AM

Guess what, we just got another computer in with the same virus! I will follow the steps above and post my results.

#13 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:13 PM

Posted 08 May 2012 - 09:52 AM

Hi

Actually please start a new post in this forum. Reference this topic in the new post.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users