Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Think i have a virus still


  • Please log in to reply
5 replies to this topic

#1 andyc68

andyc68

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 23 May 2012 - 04:16 AM

Hi our computer has been really slow recently and i downloaded malware malbytes and found 2 worms and 2 trojan downloaders.It got rid of them and i did a recheck but the computer still seems laggy and the mouse pointer flashes very fast sometimes as an egg timer.I found this site from searching the internet, is there anything else we can do to check it for infections? thx

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,898 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 23 May 2012 - 08:56 PM

Hello and welcome.

Please post that MBAM log.
The log is automatically saved and can be viewed by clicking the Logs tab.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.


Now we'll look some more.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Next run Superantisypware (SAS):

Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
  • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
  • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
  • Click the Scan your computer... button.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.




Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.



Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, [color="#8B0000"]Post new scan log
and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 andyc68

andyc68
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 24 May 2012 - 05:32 AM

Hi, thanks for your help, here are the logs:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.22.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Andy :: ANDY-HOME [administrator]

22/05/2012 16:03:45
mbam-log-2012-05-22 (16-03-45).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 386160
Time elapsed: 1 hour(s), 21 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 6
C:\Documents and Settings\Andy\My Documents\Downloads\installer_counter-strike.exe (PUP.BundleInstaller.BT) -> Quarantined and deleted successfully.
C:\Documents and Settings\Andy\My Documents\Downloads\SEO Stuff\ProxyFire.Master.Suite.Professional.v1.22\ProxyFire.Master.Suite.Professional.v1.22\install.exe (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Program Files\Tweet Adder 2010\Tweet Adder v2010 Build 100125 Patch.exe (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-861567501-682003330-1801674531-1003\Dc2.0\DVT\Patch.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D741C188-27FF-45ED-8D8F-9BD7879574E5}\RP588\A0305007.exe (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D741C188-27FF-45ED-8D8F-9BD7879574E5}\RP588\A0305008.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.

(end)
-----------------------------------------------------------------------------------------------------------------------------------------------------------------


MiniToolBox by Farbar Version: 18-01-2012
Ran by Andy (administrator) on 24-05-2012 at 11:33:42
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15173 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Atheros AR5006X Wireless Network Adapter = Wireless Network Connection (Connected)
Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : andy-home

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller

Physical Address. . . . . . . . . : 00-1D-60-1B-86-28



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Atheros AR5006X Wireless Network Adapter

Physical Address. . . . . . . . . : 00-15-AF-21-C7-C0

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.4

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

Lease Obtained. . . . . . . . . . : 24 May 2012 09:34:08

Lease Expires . . . . . . . . . . : 27 May 2012 09:34:08

Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 173.194.34.238, 173.194.34.224, 173.194.34.225, 173.194.34.226
173.194.34.227, 173.194.34.228, 173.194.34.229, 173.194.34.230, 173.194.34.231
173.194.34.232, 173.194.34.233



Pinging google.com [173.194.34.233] with 32 bytes of data:



Reply from 173.194.34.233: bytes=32 time=85ms TTL=55

Reply from 173.194.34.233: bytes=32 time=86ms TTL=55



Ping statistics for 173.194.34.233:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 85ms, Maximum = 86ms, Average = 85ms

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24, 209.191.122.70, 72.30.38.140



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=243ms TTL=45

Reply from 72.30.38.140: bytes=32 time=243ms TTL=45



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 243ms, Maximum = 243ms, Average = 243ms

Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1d 60 1b 86 28 ...... Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller - Packet Scheduler Miniport
0x10004 ...00 15 af 21 c7 c0 ...... Atheros AR5006X Wireless Network Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.4 192.168.1.4 20
192.168.1.0 255.255.255.0 192.168.1.4 192.168.1.4 25
192.168.1.4 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.4 192.168.1.4 25
224.0.0.0 240.0.0.0 192.168.1.4 192.168.1.4 25
255.255.255.255 255.255.255.255 192.168.1.4 2 1
255.255.255.255 255.255.255.255 192.168.1.4 192.168.1.4 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/23/2012 03:33:40 PM) (Source: Application Hang) (User: )
Description: Hanging application Adobe Fireworks CS.exe, version 9.0.0.1188, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/23/2012 08:46:32 AM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.60.0.80, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/23/2012 08:46:29 AM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.60.0.80, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/19/2012 06:10:01 PM) (Source: Application Hang) (User: )
Description: Hanging application IEXPLORE.EXE, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/15/2012 03:55:31 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (05/15/2012 03:13:48 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80070005

Error: (04/28/2012 03:01:41 PM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5634, faulting module unknown, version 0.0.0.0, fault address 0x00d20fa6.
Processing media-specific event for [explorer.exe!ws!]

Error: (04/23/2012 02:58:45 PM) (Source: .NET Runtime) (User: )
Description: Application: SENuke.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000094, exception address 76B4593D

Error: (04/23/2012 02:58:43 PM) (Source: .NET Runtime 4.0 Error Reporting) (User: )
Description: Faulting application senuke.exe, version 2.5.9.0, stamp 4f7f8323, faulting module winmm.dll, version 5.1.2600.6160, stamp 4e984b81, debug? 0, fault address 0x0000593d.

Error: (04/19/2012 11:54:27 AM) (Source: .NET Runtime) (User: )
Description: Application: SENuke.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000094, exception address 76B4593D


System errors:
=============
Error: (05/23/2012 04:17:19 PM) (Source: DCOM) (User: Andy)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (05/23/2012 03:10:55 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (05/23/2012 01:50:59 PM) (Source: DCOM) (User: Andy)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (05/23/2012 00:54:47 PM) (Source: DCOM) (User: Andy)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (05/23/2012 00:48:40 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (05/23/2012 11:09:15 AM) (Source: DCOM) (User: Andy)
Description: DCOM got error "%%1058" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (05/23/2012 08:39:06 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/23/2012 08:38:48 AM) (Source: DCOM) (User: Andy)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error: (05/23/2012 08:38:48 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/23/2012 00:01:42 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}


Microsoft Office Sessions:
=========================
Error: (07/05/2011 02:14:06 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 30 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/12/2011 09:48:21 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/12/2011 09:46:11 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/13/2010 02:01:39 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/26/2010 11:10:28 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/29/2010 08:36:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 234 seconds with 180 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Adobe AIR (Version: 2.7.1.19610)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Dreamweaver CS3 (Version: 9)
Adobe Dreamweaver CS3 (Version: 9.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Extension Manager CS3 (Version: 1.8)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Help Viewer CS3 (Version: 1)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe PDF Library Files (Version: 8.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Setup (Version: 1.0)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Atheros Communications Inc.® L1 Gigabit Ethernet Driver (Version: 2.3.7.14)
µTorrent (Version: 3.1.3)
Bandoo
BulletProof FTP
CCleaner (Version: 3.18)
ConvertXtoDVD 4.1.7.343 (Version: 4.1.7.343)
Crimson Editor SVN286M (Version: SVN286M)
DivX Setup (Version: 2.6.1.5)
DVD Decrypter (Remove Only)
ffdshow [rev 3299] [2010-03-03] (Version: 1.0.0.3299)
FTP Commander
Google Chrome (Version: 19.0.1084.52)
Google Update Helper (Version: 1.3.21.111)
HTC BMP USB Driver (Version: 1.0.5375)
HTC Driver Installer (Version: 3.0.0.013)
HTC Sync (Version: 3.0.5579)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
K-Lite Codec Pack 8.4.0 (Standard) (Version: 8.4.0)
Kaspersky Internet Security 2012 (Version: 12.0.0.374)
Keyword Research Pro (Version: 1.0.19)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 1.2.123.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server System CLR Types (Version: 10.51.2500.0)
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Web Platform Installer 3.0 (Version: 3.0.5)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MyPhoneExplorer (Version: 1.8.2)
NVIDIA Control Panel 285.58 (Version: 285.58)
NVIDIA Graphics Driver 285.58 (Version: 285.58)
NVIDIA Install Application (Version: 2.1002.46.235)
NVIDIA nView 135.95 (Version: 135.95)
NVIDIA nView Desktop Manager (Version: 6.14.10.13585)
NVIDIA Update 1.5.20 (Version: 1.5.20)
NVIDIA Update Components (Version: 1.5.20)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PC Connectivity Solution (Version: 10.24.0.0)
QuickTime (Version: 7.70.80.34)
RankBuilder (Version: 2.9.94)
Realtek High Definition Audio Driver
Segoe UI (Version: 14.0.4327.805)
Spybot - Search & Destroy (Version: 1.6.2)
SUPERAntiSpyware (Version: 4.48.1000)
Traffic Travis 4.1.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2362765) (Version: 1)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB980302) (Version: 1)
Update for Windows Internet Explorer 8 (KB982632) (Version: 1)
Update for Windows Internet Explorer 8 (KB982664) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual Email Searcher 3.10
Web Content Extractor 4.0
WebFldrs XP (Version: 9.50.7523)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Management Framework Core
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows Media Format 11 runtime
Windows PowerShell™ 1.0 MUI pack (Version: 2)
Windows Rights Management Client Backwards Compatibility SP2 (Version: 5.2.95)
Windows Rights Management Client with Service Pack 2 (Version: 5.2.95)
Windows Search 4.0 (Version: 04.00.6001.503)
WinHTTrack Website Copier 3.45-4 (Version: 3.45.4)
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 3071.17 MB
Available physical RAM: 2118.4 MB
Total Pagefile: 4951.93 MB
Available Pagefile: 4088.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:465.75 GB) (Free:390.76 GB) NTFS

========================= Users: ========================================

User accounts for \\ANDY-HOME

Administrator Andy ASPNET
Guest HelpAssistant SUPPORT_388945a0
UpdatusUser


**** End of log ****
-------------------------------------------------------------------------------

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/24/2012 at 12:09 PM

Application Version : 5.0.1142

Core Rules Database Version : 8641
Trace Rules Database Version: 6453

Scan type : Complete Scan
Total Scan Time : 00:45:49

Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 439
Memory threats detected : 0
Registry items scanned : 26799
Registry threats detected : 0
File items scanned : 159727
File threats detected : 0
-----------------------------------------------------------------

12:21:34.0640 0160 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
12:21:34.0984 0160 ============================================================
12:21:34.0984 0160 Current date / time: 2012/05/24 12:21:34.0984
12:21:34.0984 0160 SystemInfo:
12:21:34.0984 0160
12:21:34.0984 0160 OS Version: 5.1.2600 ServicePack: 3.0
12:21:34.0984 0160 Product type: Workstation
12:21:34.0984 0160 ComputerName: ANDY-HOME
12:21:34.0984 0160 UserName: Andy
12:21:34.0984 0160 Windows directory: C:\WINDOWS
12:21:34.0984 0160 System windows directory: C:\WINDOWS
12:21:34.0984 0160 Processor architecture: Intel x86
12:21:34.0984 0160 Number of processors: 4
12:21:34.0984 0160 Page size: 0x1000
12:21:34.0984 0160 Boot type: Normal boot
12:21:34.0984 0160 ============================================================
12:21:39.0750 0160 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:21:39.0765 0160 ============================================================
12:21:39.0765 0160 \Device\Harddisk0\DR0:
12:21:39.0765 0160 MBR partitions:
12:21:39.0765 0160 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
12:21:39.0765 0160 ============================================================
12:21:39.0937 0160 C: <-> \Device\Harddisk0\DR0\Partition0
12:21:40.0046 0160 ============================================================
12:21:40.0046 0160 Initialize success
12:21:40.0046 0160 ============================================================
12:21:44.0750 2488 ============================================================
12:21:44.0750 2488 Scan started
12:21:44.0750 2488 Mode: Manual;
12:21:44.0750 2488 ============================================================
12:21:45.0671 2488 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
12:21:45.0671 2488 !SASCORE - ok
12:21:45.0750 2488 Abiosdsk - ok
12:21:45.0750 2488 abp480n5 - ok
12:21:45.0781 2488 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:21:45.0796 2488 ACPI - ok
12:21:45.0843 2488 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:21:45.0843 2488 ACPIEC - ok
12:21:45.0921 2488 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:21:45.0921 2488 AdobeFlashPlayerUpdateSvc - ok
12:21:45.0921 2488 adpu160m - ok
12:21:45.0953 2488 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:21:45.0953 2488 aec - ok
12:21:45.0984 2488 AFD (f6b7b1ecd7b41736bdb6ff4b092bcb79) C:\WINDOWS\System32\drivers\afd.sys
12:21:45.0984 2488 AFD - ok
12:21:46.0000 2488 Aha154x - ok
12:21:46.0000 2488 aic78u2 - ok
12:21:46.0000 2488 aic78xx - ok
12:21:46.0015 2488 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
12:21:46.0015 2488 Alerter - ok
12:21:46.0031 2488 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
12:21:46.0031 2488 ALG - ok
12:21:46.0031 2488 AliIde - ok
12:21:46.0031 2488 amsint - ok
12:21:46.0062 2488 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
12:21:46.0062 2488 AppMgmt - ok
12:21:46.0109 2488 AR5211 (6d5f95602b8d0d994d31a864872b38ef) C:\WINDOWS\system32\DRIVERS\ar5211.sys
12:21:46.0109 2488 AR5211 - ok
12:21:46.0187 2488 AR5416 (dde307d6c228960df411b55765a4af90) C:\WINDOWS\system32\DRIVERS\athw.sys
12:21:46.0218 2488 AR5416 - ok
12:21:46.0265 2488 asc - ok
12:21:46.0265 2488 asc3350p - ok
12:21:46.0281 2488 asc3550 - ok
12:21:46.0734 2488 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:21:46.0734 2488 aspnet_state - ok
12:21:46.0828 2488 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:21:46.0828 2488 AsyncMac - ok
12:21:46.0953 2488 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:21:46.0968 2488 atapi - ok
12:21:47.0046 2488 AtcL001 (d15224424c9ac6771100b0bf1b6c2db4) C:\WINDOWS\system32\DRIVERS\l151x86.sys
12:21:47.0046 2488 AtcL001 - ok
12:21:47.0046 2488 Atdisk - ok
12:21:47.0093 2488 ATE_PROCMON - ok
12:21:47.0109 2488 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:21:47.0109 2488 Atmarpc - ok
12:21:47.0140 2488 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
12:21:47.0140 2488 AudioSrv - ok
12:21:47.0171 2488 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:21:47.0171 2488 audstub - ok
12:21:47.0218 2488 AVP (2718dc27571bd1e37813f5759d2dc118) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
12:21:47.0234 2488 AVP - ok
12:21:47.0250 2488 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:21:47.0250 2488 Beep - ok
12:21:47.0296 2488 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
12:21:47.0296 2488 BITS - ok
12:21:47.0359 2488 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
12:21:47.0359 2488 Bonjour Service - ok
12:21:47.0390 2488 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
12:21:47.0390 2488 Browser - ok
12:21:47.0390 2488 BT - ok
12:21:47.0390 2488 Btcsrusb - ok
12:21:47.0453 2488 BtHidBus (ac2e61482a57ea50730f8c2679f37040) C:\WINDOWS\system32\Drivers\BtHidBus.sys
12:21:47.0453 2488 BtHidBus - ok
12:21:47.0500 2488 btnetBUs (6783c5c81bfb640469468a80dfa1ccb3) C:\WINDOWS\system32\Drivers\btnetBus.sys
12:21:47.0500 2488 btnetBUs - ok
12:21:47.0531 2488 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:21:47.0531 2488 cbidf2k - ok
12:21:47.0562 2488 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:21:47.0562 2488 CCDECODE - ok
12:21:47.0562 2488 cd20xrnt - ok
12:21:47.0578 2488 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:21:47.0578 2488 Cdaudio - ok
12:21:47.0578 2488 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:21:47.0578 2488 Cdfs - ok
12:21:47.0593 2488 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:21:47.0593 2488 Cdrom - ok
12:21:47.0593 2488 Changer - ok
12:21:47.0625 2488 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
12:21:47.0625 2488 CiSvc - ok
12:21:47.0625 2488 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
12:21:47.0625 2488 ClipSrv - ok
12:21:47.0750 2488 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:21:47.0750 2488 clr_optimization_v2.0.50727_32 - ok
12:21:47.0796 2488 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:21:47.0796 2488 clr_optimization_v4.0.30319_32 - ok
12:21:47.0796 2488 CmdIde - ok
12:21:47.0796 2488 COMSysApp - ok
12:21:47.0796 2488 Cpqarray - ok
12:21:47.0812 2488 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
12:21:47.0812 2488 CryptSvc - ok
12:21:47.0812 2488 dac2w2k - ok
12:21:47.0812 2488 dac960nt - ok
12:21:47.0859 2488 DcomLaunch (9222562d44021b988b9f9f62207fb6f2) C:\WINDOWS\system32\rpcss.dll
12:21:47.0859 2488 DcomLaunch - ok
12:21:47.0875 2488 Dhcp (c51de19619d50cbd03708647aca10e70) C:\WINDOWS\System32\dhcpcsvc.dll
12:21:47.0875 2488 Dhcp - ok
12:21:47.0890 2488 Disk (47b6aaec570f2c11d8bad80a064d8ed1) C:\WINDOWS\system32\DRIVERS\disk.sys
12:21:47.0890 2488 Disk - ok
12:21:47.0890 2488 dmadmin - ok
12:21:47.0921 2488 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:21:47.0937 2488 dmboot - ok
12:21:47.0937 2488 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:21:47.0937 2488 dmio - ok
12:21:47.0968 2488 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:21:47.0968 2488 dmload - ok
12:21:47.0968 2488 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
12:21:47.0968 2488 dmserver - ok
12:21:48.0000 2488 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:21:48.0000 2488 DMusic - ok
12:21:48.0015 2488 Dnscache (d977659ae4d8ece5286d99d1ed34614d) C:\WINDOWS\System32\dnsrslvr.dll
12:21:48.0015 2488 Dnscache - ok
12:21:48.0031 2488 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
12:21:48.0046 2488 Dot3svc - ok
12:21:48.0046 2488 dpti2o - ok
12:21:48.0046 2488 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:21:48.0046 2488 drmkaud - ok
12:21:48.0046 2488 EagleXNt - ok
12:21:48.0062 2488 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
12:21:48.0062 2488 EapHost - ok
12:21:48.0062 2488 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
12:21:48.0062 2488 ERSvc - ok
12:21:48.0093 2488 Eventlog (020ceaaedc8eb655b6506b8c70d53bb6) C:\WINDOWS\system32\services.exe
12:21:48.0093 2488 Eventlog - ok
12:21:48.0109 2488 EventSystem (f17f6226bdc0cd5f0bef0daf84d29bec) C:\WINDOWS\system32\es.dll
12:21:48.0109 2488 EventSystem - ok
12:21:48.0140 2488 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:21:48.0140 2488 Fastfat - ok
12:21:48.0171 2488 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:21:48.0171 2488 FastUserSwitchingCompatibility - ok
12:21:48.0187 2488 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:21:48.0187 2488 Fdc - ok
12:21:48.0203 2488 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:21:48.0203 2488 Fips - ok
12:21:48.0281 2488 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:21:48.0281 2488 FLEXnet Licensing Service - ok
12:21:48.0296 2488 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:21:48.0296 2488 Flpydisk - ok
12:21:48.0328 2488 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
12:21:48.0328 2488 FltMgr - ok
12:21:48.0406 2488 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:21:48.0406 2488 FontCache3.0.0.0 - ok
12:21:48.0421 2488 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:21:48.0421 2488 Fs_Rec - ok
12:21:48.0421 2488 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:21:48.0421 2488 Ftdisk - ok
12:21:48.0468 2488 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:21:48.0468 2488 Gpc - ok
12:21:48.0531 2488 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:21:48.0531 2488 gupdate - ok
12:21:48.0546 2488 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:21:48.0546 2488 gupdatem - ok
12:21:48.0781 2488 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:21:48.0781 2488 HDAudBus - ok
12:21:48.0875 2488 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:21:48.0875 2488 helpsvc - ok
12:21:48.0875 2488 HidServ - ok
12:21:48.0906 2488 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:21:48.0906 2488 hidusb - ok
12:21:48.0937 2488 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
12:21:48.0937 2488 hkmsvc - ok
12:21:48.0937 2488 hpn - ok
12:21:48.0968 2488 HTCAND32 (cbd09ed9cf6822177ee85aea4d8816a2) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
12:21:48.0968 2488 HTCAND32 - ok
12:21:48.0984 2488 htcnprot (04e3b3554076b8192a668efe88a682a1) C:\WINDOWS\system32\DRIVERS\htcnprot.sys
12:21:48.0984 2488 htcnprot - ok
12:21:49.0015 2488 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:21:49.0015 2488 HTTP - ok
12:21:49.0062 2488 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
12:21:49.0062 2488 HTTPFilter - ok
12:21:49.0062 2488 i2omgmt - ok
12:21:49.0062 2488 i2omp - ok
12:21:49.0125 2488 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:21:49.0125 2488 i8042prt - ok
12:21:49.0312 2488 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:21:49.0312 2488 idsvc - ok
12:21:49.0328 2488 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:21:49.0328 2488 Imapi - ok
12:21:49.0343 2488 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
12:21:49.0359 2488 ImapiService - ok
12:21:49.0359 2488 ini910u - ok
12:21:49.0484 2488 IntcAzAudAddService (6400500a8431aea157e230f57f06352e) C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:21:49.0593 2488 IntcAzAudAddService - ok
12:21:49.0671 2488 IntelIde - ok
12:21:49.0687 2488 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:21:49.0687 2488 intelppm - ok
12:21:49.0703 2488 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
12:21:49.0718 2488 Ip6Fw - ok
12:21:49.0750 2488 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:21:49.0750 2488 IpFilterDriver - ok
12:21:49.0750 2488 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:21:49.0750 2488 IpInIp - ok
12:21:49.0765 2488 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:21:49.0781 2488 IpNat - ok
12:21:49.0781 2488 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:21:49.0781 2488 IPSec - ok
12:21:49.0812 2488 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:21:49.0812 2488 IRENUM - ok
12:21:49.0843 2488 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:21:49.0843 2488 isapnp - ok
12:21:49.0890 2488 IvtBtBUs (01cbb39001afda1152f3fce15ab646ea) C:\WINDOWS\system32\Drivers\IvtBtBus.sys
12:21:49.0890 2488 IvtBtBUs - ok
12:21:49.0984 2488 JavaQuickStarterService (5472d771c0197355c1d347f20392b982) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
12:21:49.0984 2488 JavaQuickStarterService - ok
12:21:50.0000 2488 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:21:50.0000 2488 Kbdclass - ok
12:21:50.0031 2488 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\WINDOWS\system32\DRIVERS\kl1.sys
12:21:50.0031 2488 KL1 - ok
12:21:50.0046 2488 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\WINDOWS\system32\DRIVERS\kl2.sys
12:21:50.0046 2488 kl2 - ok
12:21:50.0109 2488 KLIF (5d92a03045a6a98708975b3d77b39a36) C:\WINDOWS\system32\DRIVERS\klif.sys
12:21:50.0109 2488 KLIF - ok
12:21:50.0140 2488 klim5 (96a7ec308a93da26dfe481308baac2a2) C:\WINDOWS\system32\DRIVERS\klim5.sys
12:21:50.0140 2488 klim5 - ok
12:21:50.0140 2488 klmouflt (3959530f69e19da56f1f24f2c89f1e2c) C:\WINDOWS\system32\DRIVERS\klmouflt.sys
12:21:50.0140 2488 klmouflt - ok
12:21:50.0187 2488 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:21:50.0187 2488 kmixer - ok
12:21:50.0203 2488 KSecDD (c6ebf1d6ad71df30db49b8d3287e1368) C:\WINDOWS\system32\drivers\KSecDD.sys
12:21:50.0203 2488 KSecDD - ok
12:21:50.0218 2488 LanmanServer (3695b8d03745b2f8022b161238347a9d) C:\WINDOWS\System32\srvsvc.dll
12:21:50.0218 2488 LanmanServer - ok
12:21:50.0234 2488 lanmanworkstation (3b9324d60dd321bab7bf6f77931d3fd1) C:\WINDOWS\System32\wkssvc.dll
12:21:50.0234 2488 lanmanworkstation - ok
12:21:50.0265 2488 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\WINDOWS\system32\DRIVERS\Lbd.sys
12:21:50.0265 2488 Lbd - ok
12:21:50.0265 2488 lbrtfdc - ok
12:21:50.0296 2488 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
12:21:50.0296 2488 LmHosts - ok
12:21:50.0328 2488 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
12:21:50.0328 2488 Messenger - ok
12:21:50.0406 2488 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
12:21:50.0406 2488 Microsoft Office Groove Audit Service - ok
12:21:50.0421 2488 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:21:50.0421 2488 mnmdd - ok
12:21:50.0453 2488 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
12:21:50.0453 2488 mnmsrvc - ok
12:21:50.0531 2488 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:21:50.0531 2488 Modem - ok
12:21:50.0562 2488 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:21:50.0562 2488 Mouclass - ok
12:21:50.0609 2488 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:21:50.0609 2488 mouhid - ok
12:21:50.0640 2488 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:21:50.0640 2488 MountMgr - ok
12:21:50.0718 2488 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:21:50.0718 2488 MozillaMaintenance - ok
12:21:50.0718 2488 mraid35x - ok
12:21:50.0734 2488 MRxDAV (65e818c473e220b6ab762e1966296fd1) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:21:50.0734 2488 MRxDAV - ok
12:21:50.0781 2488 MRxSmb (fb2fccc70f7174c7bf64f48e96d3adf4) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:21:50.0781 2488 MRxSmb - ok
12:21:50.0812 2488 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
12:21:50.0812 2488 MSDTC - ok
12:21:50.0812 2488 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:21:50.0812 2488 Msfs - ok
12:21:50.0812 2488 MSIServer - ok
12:21:50.0828 2488 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:21:50.0828 2488 MSKSSRV - ok
12:21:50.0828 2488 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:21:50.0828 2488 MSPCLOCK - ok
12:21:50.0828 2488 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:21:50.0843 2488 MSPQM - ok
12:21:50.0859 2488 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:21:50.0859 2488 mssmbios - ok
12:21:50.0859 2488 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:21:50.0875 2488 MSTEE - ok
12:21:50.0906 2488 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
12:21:50.0906 2488 MTsensor - ok
12:21:50.0906 2488 Mup (f7b1ad991491f02af6da70b00b8bf114) C:\WINDOWS\system32\drivers\Mup.sys
12:21:50.0906 2488 Mup - ok
12:21:50.0937 2488 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:21:50.0937 2488 NABTSFEC - ok
12:21:50.0984 2488 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
12:21:50.0984 2488 napagent - ok
12:21:51.0000 2488 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:21:51.0000 2488 NDIS - ok
12:21:51.0000 2488 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:21:51.0000 2488 NdisIP - ok
12:21:51.0000 2488 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:21:51.0000 2488 NdisTapi - ok
12:21:51.0015 2488 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:21:51.0015 2488 Ndisuio - ok
12:21:51.0031 2488 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:21:51.0031 2488 NdisWan - ok
12:21:51.0062 2488 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:21:51.0062 2488 NDProxy - ok
12:21:51.0062 2488 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:21:51.0062 2488 NetBIOS - ok
12:21:51.0078 2488 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:21:51.0078 2488 NetBT - ok
12:21:51.0093 2488 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:21:51.0093 2488 NetDDE - ok
12:21:51.0093 2488 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:21:51.0093 2488 NetDDEdsdm - ok
12:21:51.0125 2488 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:21:51.0125 2488 Netlogon - ok
12:21:51.0140 2488 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
12:21:51.0140 2488 Netman - ok
12:21:51.0218 2488 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:21:51.0218 2488 NetTcpPortSharing - ok
12:21:51.0234 2488 Nla (290c1a30defc723bbe10910ac2d6f6d0) C:\WINDOWS\System32\mswsock.dll
12:21:51.0250 2488 Nla - ok
12:21:51.0250 2488 nmwcd - ok
12:21:51.0250 2488 nmwcdc - ok
12:21:51.0265 2488 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:21:51.0265 2488 Npfs - ok
12:21:51.0281 2488 NSNDIS5 - ok
12:21:51.0500 2488 Ntfs (4c51d5275ae8a16999edfe7e647d00de) C:\WINDOWS\system32\drivers\Ntfs.sys
12:21:51.0500 2488 Ntfs - ok
12:21:51.0500 2488 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:21:51.0500 2488 NtLmSsp - ok
12:21:51.0531 2488 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
12:21:51.0546 2488 NtmsSvc - ok
12:21:51.0578 2488 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:21:51.0578 2488 Null - ok
12:21:51.0906 2488 nv (4b54dcd6adee535df80f07c59ddd8f14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:21:52.0109 2488 nv - ok
12:21:52.0218 2488 nvsvc (0573c75a2895d973ea6ef2495620ba49) C:\WINDOWS\system32\nvsvc32.exe
12:21:52.0234 2488 nvsvc - ok
12:21:52.0328 2488 nvUpdatusService (9c84945feee40ea42d3bca5c22250d47) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
12:21:52.0375 2488 nvUpdatusService - ok
12:21:52.0437 2488 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:21:52.0437 2488 NwlnkFlt - ok
12:21:52.0484 2488 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:21:52.0484 2488 NwlnkFwd - ok
12:21:52.0562 2488 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:21:52.0562 2488 odserv - ok
12:21:52.0609 2488 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:21:52.0609 2488 ose - ok
12:21:52.0656 2488 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
12:21:52.0656 2488 Parport - ok
12:21:52.0671 2488 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:21:52.0671 2488 PartMgr - ok
12:21:52.0718 2488 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:21:52.0718 2488 ParVdm - ok
12:21:52.0750 2488 PassThru Service (68139940b5ac84affb7eb1b713be66e7) C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
12:21:52.0765 2488 PassThru Service - ok
12:21:52.0796 2488 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
12:21:52.0796 2488 pccsmcfd - ok
12:21:52.0828 2488 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
12:21:52.0828 2488 PCI - ok
12:21:52.0828 2488 PCIDump - ok
12:21:52.0828 2488 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:21:52.0828 2488 PCIIde - ok
12:21:52.0859 2488 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:21:52.0859 2488 Pcmcia - ok
12:21:52.0875 2488 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
12:21:52.0890 2488 pcouffin - ok
12:21:52.0890 2488 PDCOMP - ok
12:21:52.0890 2488 PDFRAME - ok
12:21:52.0890 2488 PDRELI - ok
12:21:52.0890 2488 PDRFRAME - ok
12:21:52.0890 2488 perc2 - ok
12:21:52.0890 2488 perc2hib - ok
12:21:52.0921 2488 phaudlwr (427e58b9357fba0fdcec08f3930a7325) C:\WINDOWS\system32\DRIVERS\phaudlwr.sys
12:21:52.0937 2488 phaudlwr - ok
12:21:52.0968 2488 PlugPlay (020ceaaedc8eb655b6506b8c70d53bb6) C:\WINDOWS\system32\services.exe
12:21:52.0968 2488 PlugPlay - ok
12:21:53.0000 2488 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:21:53.0000 2488 PolicyAgent - ok
12:21:53.0015 2488 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:21:53.0015 2488 PptpMiniport - ok
12:21:53.0015 2488 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:21:53.0015 2488 ProtectedStorage - ok
12:21:53.0015 2488 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:21:53.0015 2488 PSched - ok
12:21:53.0046 2488 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:21:53.0046 2488 Ptilink - ok
12:21:53.0046 2488 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:21:53.0046 2488 PxHelp20 - ok
12:21:53.0062 2488 ql1080 - ok
12:21:53.0062 2488 Ql10wnt - ok
12:21:53.0062 2488 ql12160 - ok
12:21:53.0062 2488 ql1240 - ok
12:21:53.0062 2488 ql1280 - ok
12:21:53.0078 2488 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:21:53.0078 2488 RasAcd - ok
12:21:53.0093 2488 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
12:21:53.0093 2488 RasAuto - ok
12:21:53.0109 2488 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:21:53.0109 2488 Rasl2tp - ok
12:21:53.0125 2488 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
12:21:53.0125 2488 RasMan - ok
12:21:53.0125 2488 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:21:53.0125 2488 RasPppoe - ok
12:21:53.0125 2488 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:21:53.0125 2488 Raspti - ok
12:21:53.0156 2488 Rdbss (77050c6615f6eb5402f832b27fd695e0) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:21:53.0156 2488 Rdbss - ok
12:21:53.0171 2488 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:21:53.0171 2488 RDPCDD - ok
12:21:53.0203 2488 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:21:53.0218 2488 rdpdr - ok
12:21:53.0218 2488 RDPWD (2d293b720c206473a05950ce007db12a) C:\WINDOWS\system32\drivers\RDPWD.sys
12:21:53.0218 2488 RDPWD - ok
12:21:53.0250 2488 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
12:21:53.0250 2488 RDSessMgr - ok
12:21:53.0265 2488 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:21:53.0265 2488 redbook - ok
12:21:53.0281 2488 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
12:21:53.0281 2488 RemoteAccess - ok
12:21:53.0296 2488 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
12:21:53.0312 2488 RemoteRegistry - ok
12:21:53.0312 2488 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
12:21:53.0312 2488 RpcLocator - ok
12:21:53.0343 2488 RpcSs (9222562d44021b988b9f9f62207fb6f2) C:\WINDOWS\system32\rpcss.dll
12:21:53.0359 2488 RpcSs - ok
12:21:53.0359 2488 rspndr (743d7d59767073a617b1dcc6c546f234) C:\WINDOWS\system32\DRIVERS\rspndr.sys
12:21:53.0359 2488 rspndr - ok
12:21:53.0390 2488 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
12:21:53.0390 2488 RSVP - ok
12:21:53.0406 2488 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:21:53.0406 2488 SamSs - ok
12:21:53.0484 2488 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
12:21:53.0484 2488 SASDIFSV - ok
12:21:53.0578 2488 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
12:21:53.0578 2488 SASKUTIL - ok
12:21:53.0640 2488 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
12:21:53.0640 2488 SCardSvr - ok
12:21:53.0828 2488 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
12:21:53.0828 2488 Schedule - ok
12:21:53.0890 2488 SeaPort (d358e077a0a05d9b12da22d137ee8464) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
12:21:53.0890 2488 SeaPort - ok
12:21:53.0921 2488 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:21:53.0921 2488 Secdrv - ok
12:21:53.0937 2488 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
12:21:53.0937 2488 seclogon - ok
12:21:53.0937 2488 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
12:21:53.0953 2488 SENS - ok
12:21:53.0953 2488 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:21:53.0953 2488 serenum - ok
12:21:53.0953 2488 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
12:21:53.0953 2488 Serial - ok
12:21:54.0015 2488 ServiceLayer (2d841b7b7f6dec32162edfcc69d61f42) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:21:54.0031 2488 ServiceLayer - ok
12:21:54.0046 2488 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:21:54.0046 2488 Sfloppy - ok
12:21:54.0078 2488 SharedAccess (4f10a2fa76b5bd54cd68afa94e8adb39) C:\WINDOWS\System32\ipnathlp.dll
12:21:54.0078 2488 SharedAccess - ok
12:21:54.0109 2488 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:21:54.0125 2488 ShellHWDetection - ok
12:21:54.0125 2488 Simbad - ok
12:21:54.0187 2488 SKYNET (8bcd2dac603deda4efa9f78c37b35d47) C:\WINDOWS\system32\DRIVERS\SkyNET.SYS
12:21:54.0187 2488 SKYNET - ok
12:21:54.0234 2488 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:21:54.0234 2488 SLIP - ok
12:21:54.0234 2488 Sparrow - ok
12:21:54.0281 2488 SPC530 (437198c0d349b0e0d4305d3081c5e912) C:\WINDOWS\system32\drivers\SPC530.sys
12:21:54.0281 2488 SPC530 - ok
12:21:54.0312 2488 SPC530m (92e0ce241498b483404a957e709329cc) C:\WINDOWS\system32\drivers\SPC530m.sys
12:21:54.0312 2488 SPC530m - ok
12:21:54.0312 2488 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:21:54.0328 2488 splitter - ok
12:21:54.0328 2488 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
12:21:54.0343 2488 Spooler - ok
12:21:54.0375 2488 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:21:54.0375 2488 sr - ok
12:21:54.0406 2488 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
12:21:54.0406 2488 srservice - ok
12:21:54.0453 2488 Srv (9b390283569ea58d43d2586032b892f5) C:\WINDOWS\system32\DRIVERS\srv.sys
12:21:54.0453 2488 Srv - ok
12:21:54.0453 2488 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
12:21:54.0468 2488 SSDPSRV - ok
12:21:54.0500 2488 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
12:21:54.0500 2488 stisvc - ok
12:21:54.0515 2488 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:21:54.0515 2488 streamip - ok
12:21:54.0531 2488 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:21:54.0531 2488 swenum - ok
12:21:54.0546 2488 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:21:54.0546 2488 swmidi - ok
12:21:54.0546 2488 SwPrv - ok
12:21:54.0546 2488 symc810 - ok
12:21:54.0546 2488 symc8xx - ok
12:21:54.0546 2488 sym_hi - ok
12:21:54.0546 2488 sym_u3 - ok
12:21:54.0562 2488 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:21:54.0562 2488 sysaudio - ok
12:21:54.0578 2488 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
12:21:54.0578 2488 SysmonLog - ok
12:21:54.0609 2488 TapiSrv (e2b32b10acc5d97623275aafb67e5f03) C:\WINDOWS\System32\tapisrv.dll
12:21:54.0609 2488 TapiSrv - ok
12:21:54.0625 2488 Tcpip (367de8e5f638c091f49273144274f629) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:21:54.0625 2488 Tcpip - ok
12:21:54.0687 2488 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:21:54.0687 2488 TDPIPE - ok
12:21:54.0687 2488 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:21:54.0687 2488 TDTCP - ok
12:21:54.0703 2488 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:21:54.0703 2488 TermDD - ok
12:21:54.0718 2488 TermService (37981a741ad7b04258e87129ffe79ab9) C:\WINDOWS\System32\termsrv.dll
12:21:54.0718 2488 TermService - ok
12:21:54.0750 2488 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:21:54.0765 2488 Themes - ok
12:21:54.0781 2488 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
12:21:54.0781 2488 TlntSvr - ok
12:21:54.0781 2488 TosIde - ok
12:21:54.0796 2488 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
12:21:54.0812 2488 TrkWks - ok
12:21:54.0828 2488 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:21:54.0828 2488 Udfs - ok
12:21:54.0828 2488 ultra - ok
12:21:54.0843 2488 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:21:54.0843 2488 Update - ok
12:21:54.0875 2488 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
12:21:54.0875 2488 upnphost - ok
12:21:54.0875 2488 upperdev - ok
12:21:54.0890 2488 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
12:21:54.0890 2488 UPS - ok
12:21:54.0906 2488 USBAAPL - ok
12:21:54.0921 2488 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
12:21:54.0921 2488 usbaudio - ok
12:21:54.0953 2488 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:21:54.0953 2488 usbccgp - ok
12:21:54.0984 2488 usbehci (152ee0baa614388273a0b9ae9c9fd5a0) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:21:54.0984 2488 usbehci - ok
12:21:54.0984 2488 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:21:54.0984 2488 usbhub - ok
12:21:55.0015 2488 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:21:55.0015 2488 usbprint - ok
12:21:55.0046 2488 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:21:55.0046 2488 usbscan - ok
12:21:55.0093 2488 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
12:21:55.0093 2488 usbser - ok
12:21:55.0093 2488 UsbserFilt - ok
12:21:55.0093 2488 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:21:55.0093 2488 usbstor - ok
12:21:55.0109 2488 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:21:55.0109 2488 usbuhci - ok
12:21:55.0140 2488 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
12:21:55.0140 2488 usbvideo - ok
12:21:55.0281 2488 vcdrom (bfa4ae30b3ac10e9223830bf103f5a3f) C:\Documents and Settings\Andy\My Documents\Downloads\winxpvirtualcd\VCdRom.sys
12:21:55.0281 2488 vcdrom - ok
12:21:55.0281 2488 VComm - ok
12:21:55.0281 2488 VcommMgr - ok
12:21:55.0312 2488 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:21:55.0312 2488 VgaSave - ok
12:21:55.0312 2488 ViaIde - ok
12:21:55.0343 2488 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:21:55.0343 2488 VolSnap - ok
12:21:55.0375 2488 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
12:21:55.0375 2488 VSS - ok
12:21:55.0390 2488 W32Time (9f8a0d0cbb2fa265a754516128c00e22) C:\WINDOWS\system32\w32time.dll
12:21:55.0390 2488 W32Time - ok
12:21:55.0406 2488 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:21:55.0406 2488 Wanarp - ok
12:21:55.0468 2488 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:21:55.0468 2488 Wdf01000 - ok
12:21:55.0468 2488 WDICA - ok
12:21:55.0500 2488 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:21:55.0500 2488 wdmaud - ok
12:21:55.0515 2488 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
12:21:55.0515 2488 WebClient - ok
12:21:55.0593 2488 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:21:55.0593 2488 winmgmt - ok
12:21:55.0734 2488 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:21:55.0765 2488 wlidsvc - ok
12:21:55.0812 2488 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
12:21:55.0812 2488 WmdmPmSN - ok
12:21:56.0046 2488 Wmi (c8a6c82f90b055149925dc7526b2d78c) C:\WINDOWS\System32\advapi32.dll
12:21:56.0046 2488 Wmi - ok
12:21:56.0093 2488 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:21:56.0109 2488 WmiApSrv - ok
12:21:56.0171 2488 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
12:21:56.0187 2488 WMPNetworkSvc - ok
12:21:56.0296 2488 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:21:56.0312 2488 WPFFontCache_v0400 - ok
12:21:56.0375 2488 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:21:56.0375 2488 WS2IFSL - ok
12:21:56.0390 2488 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
12:21:56.0390 2488 wscsvc - ok
12:21:56.0390 2488 WSearch - ok
12:21:56.0437 2488 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:21:56.0437 2488 WSTCODEC - ok
12:21:56.0468 2488 wuauserv (aae1a6ffba2b0436e91795120f48c461) C:\WINDOWS\system32\wuauserv.dll
12:21:56.0468 2488 wuauserv - ok
12:21:56.0531 2488 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:21:56.0531 2488 WudfPf - ok
12:21:56.0546 2488 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:21:56.0546 2488 WudfRd - ok
12:21:56.0578 2488 WudfSvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\WINDOWS\System32\WUDFSvc.dll
12:21:56.0578 2488 WudfSvc - ok
12:21:56.0593 2488 WZCSVC (349b8d2bb755e8c3b0e3e82a87663e55) C:\WINDOWS\System32\wzcsvc.dll
12:21:56.0593 2488 WZCSVC - ok
12:21:56.0609 2488 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
12:21:56.0609 2488 xmlprov - ok
12:21:56.0625 2488 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:21:56.0890 2488 \Device\Harddisk0\DR0 - ok
12:21:56.0906 2488 Boot (0x1200) (8c228c929eee9b2a987a94f3c96edb88) \Device\Harddisk0\DR0\Partition0
12:21:56.0906 2488 \Device\Harddisk0\DR0\Partition0 - ok
12:21:56.0906 2488 ============================================================
12:21:56.0906 2488 Scan finished
12:21:56.0906 2488 ============================================================
12:21:56.0906 3516 Detected object count: 0
12:21:56.0906 3516 Actual detected object count: 0

-----------------------------------------------------------------------------------------------------------

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.23.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Andy :: ANDY-HOME [administrator]

24/05/2012 12:25:39
mbam-log-2012-05-24 (12-25-39).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 233404
Time elapsed: 3 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


thanks

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,898 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 24 May 2012 - 09:21 AM

Hello, looks good. I am fairly certain you infected yourself via a torrent download as these needed to be allowed to pass KIS.
Most torrents carry malware ,it's why they are free.

Please go into Add/Remove Programs and remove this..Java™ 6 Update 31 (Version: 6.0.310)
It is old and exploitable. Reboot.

How is it running now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 andyc68

andyc68
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 25 May 2012 - 04:04 AM

Thanks for your help Boopme, seems pretty much better now :)

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,898 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 25 May 2012 - 07:18 PM

Lets take a last look and be sire we left nothing.

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users