Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Several instances of nasty virus/possible malware or rootkit


  • This topic is locked This topic is locked
8 replies to this topic

#1 jthomp.uscav

jthomp.uscav

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 23 May 2012 - 09:08 AM

Hello-

After reading through the tutorials, here is my first official post:

PC in questions: Dell Optiplex 380/ Intel Core 2 Duo/ E7500 @ 2.93GHz/ 2GB RAM.

History: Yesterday I was running through uninstalling Microsoft Online Services (MSOL) from a user's PC due to a seemingly unrelated issue. Once I uninstalled the application, I rebooted the machine. There were no issues until it go to the desktop. It loaded the background image and task bar. I tried to re-run the task (Task Manager>New task>explorer.exe) After a couple of attempts, I finally got it to load completely however, I began to get hammered with Symantec Endpoint Protection (SEP) notifications of quarantined infections. it stopped at 37 instances of Trojan.Gen.2, TrojanFakeAV, Bloodhound.MalPE and Trojan.Zeroaccess--80000032.@ filename is mostly linked to the various risks. The SEP client is running intermittently, as in I can open the interface just fine but it will freeze to the point I have to use task manager to close it. I was able to export the SEP report to a .csv file. I can attach that if needed.

I just finished an MBAM scan which yielded nothing. I have SEP running another scan as I type this. When I think it's clean, the infections pop back up. It is my belief (through reading Google) that these are extremely invasive infections that I simply don't have the experience to deal with properly. I look forward to any help that can be offered. If I have missed any relevant information, I apologize. Thank you in advance.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:13 AM

Posted 23 May 2012 - 09:26 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 jthomp.uscav

jthomp.uscav
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 23 May 2012 - 10:38 AM

11:31:51.0875 2508 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
11:31:51.0921 2508 ============================================================
11:31:51.0921 2508 Current date / time: 2012/05/23 11:31:51.0921
11:31:51.0921 2508 SystemInfo:
11:31:51.0921 2508
11:31:51.0921 2508 OS Version: 5.1.2600 ServicePack: 3.0
11:31:51.0921 2508 Product type: Workstation
11:31:51.0921 2508 ComputerName: ********
11:31:51.0921 2508 UserName: ********
11:31:51.0921 2508 Windows directory: C:\WINDOWS
11:31:51.0921 2508 System windows directory: C:\WINDOWS
11:31:51.0921 2508 Processor architecture: Intel x86
11:31:51.0921 2508 Number of processors: 2
11:31:51.0921 2508 Page size: 0x1000
11:31:51.0921 2508 Boot type: Normal boot
11:31:51.0921 2508 ============================================================
11:31:54.0468 2508 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:31:54.0484 2508 Drive \Device\Harddisk1\DR3 - Size: 0x1E07FFE00 (7.51 Gb), SectorSize: 0x200, Cylinders: 0x3D4, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:31:54.0484 2508 ============================================================
11:31:54.0484 2508 \Device\Harddisk0\DR0:
11:31:54.0484 2508 MBR partitions:
11:31:54.0484 2508 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x129F1737
11:31:54.0484 2508 \Device\Harddisk1\DR3:
11:31:54.0484 2508 MBR partitions:
11:31:54.0484 2508 \Device\Harddisk1\DR3\Partition0: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0xF03FDF
11:31:54.0484 2508 ============================================================
11:31:54.0531 2508 C: <-> \Device\Harddisk0\DR0\Partition0
11:31:54.0531 2508 ============================================================
11:31:54.0531 2508 Initialize success
11:31:54.0531 2508 ============================================================
11:32:12.0796 4064 ============================================================
11:32:12.0796 4064 Scan started
11:32:12.0796 4064 Mode: Manual; TDLFS;
11:32:12.0796 4064 ============================================================
11:32:13.0171 4064 Abiosdsk - ok
11:32:13.0203 4064 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
11:32:13.0203 4064 abp480n5 - ok
11:32:13.0234 4064 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:32:13.0234 4064 ACPI - ok
11:32:13.0250 4064 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:32:13.0250 4064 ACPIEC - ok
11:32:13.0250 4064 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
11:32:13.0265 4064 adpu160m - ok
11:32:13.0296 4064 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:32:13.0296 4064 aec - ok
11:32:13.0328 4064 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
11:32:13.0328 4064 AFD - ok
11:32:13.0343 4064 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
11:32:13.0343 4064 agp440 - ok
11:32:13.0343 4064 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
11:32:13.0343 4064 agpCPQ - ok
11:32:13.0359 4064 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
11:32:13.0359 4064 Aha154x - ok
11:32:13.0359 4064 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
11:32:13.0375 4064 aic78u2 - ok
11:32:13.0375 4064 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
11:32:13.0375 4064 aic78xx - ok
11:32:13.0421 4064 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
11:32:13.0421 4064 Alerter - ok
11:32:13.0453 4064 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
11:32:13.0453 4064 ALG - ok
11:32:13.0468 4064 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
11:32:13.0531 4064 AliIde - ok
11:32:13.0531 4064 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
11:32:13.0531 4064 alim1541 - ok
11:32:13.0531 4064 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
11:32:13.0546 4064 amdagp - ok
11:32:13.0546 4064 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
11:32:13.0546 4064 amsint - ok
11:32:13.0562 4064 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
11:32:13.0562 4064 AppMgmt - ok
11:32:13.0578 4064 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
11:32:13.0578 4064 asc - ok
11:32:13.0578 4064 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
11:32:13.0593 4064 asc3350p - ok
11:32:13.0593 4064 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
11:32:13.0609 4064 asc3550 - ok
11:32:13.0734 4064 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:32:13.0734 4064 aspnet_state - ok
11:32:13.0750 4064 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:32:13.0750 4064 AsyncMac - ok
11:32:13.0796 4064 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:32:13.0796 4064 atapi - ok
11:32:13.0796 4064 Atdisk - ok
11:32:13.0828 4064 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:32:13.0828 4064 Atmarpc - ok
11:32:13.0859 4064 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
11:32:13.0859 4064 AudioSrv - ok
11:32:13.0875 4064 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:32:13.0875 4064 audstub - ok
11:32:13.0937 4064 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
11:32:13.0937 4064 BcmSqlStartupSvc - ok
11:32:13.0937 4064 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:32:13.0937 4064 Beep - ok
11:32:13.0984 4064 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
11:32:14.0000 4064 BITS - ok
11:32:14.0031 4064 Blfp (3edae8e7b40257da798c6952edb26eb0) C:\WINDOWS\system32\DRIVERS\baspxp32.sys
11:32:14.0031 4064 Blfp - ok
11:32:14.0046 4064 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
11:32:14.0046 4064 Browser - ok
11:32:14.0078 4064 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
11:32:14.0078 4064 cbidf - ok
11:32:14.0078 4064 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:32:14.0093 4064 cbidf2k - ok
11:32:14.0125 4064 ccEvtMgr (73f7e0619d6ce8480f3a575619fc974f) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
11:32:14.0125 4064 ccEvtMgr - ok
11:32:14.0125 4064 ccSetMgr (73f7e0619d6ce8480f3a575619fc974f) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
11:32:14.0125 4064 ccSetMgr - ok
11:32:14.0140 4064 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
11:32:14.0171 4064 cd20xrnt - ok
11:32:14.0171 4064 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:32:14.0171 4064 Cdaudio - ok
11:32:14.0187 4064 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:32:14.0203 4064 Cdfs - ok
11:32:14.0218 4064 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:32:14.0218 4064 Cdrom - ok
11:32:14.0218 4064 Changer - ok
11:32:14.0265 4064 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
11:32:14.0265 4064 CiSvc - ok
11:32:14.0281 4064 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
11:32:14.0296 4064 ClipSrv - ok
11:32:14.0390 4064 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:32:14.0421 4064 clr_optimization_v2.0.50727_32 - ok
11:32:14.0468 4064 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:32:14.0468 4064 clr_optimization_v4.0.30319_32 - ok
11:32:14.0484 4064 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
11:32:14.0500 4064 CmdIde - ok
11:32:14.0515 4064 COH_Mon (de88a385898f6d13026f94f749fbaed2) C:\WINDOWS\system32\Drivers\COH_Mon.sys
11:32:14.0531 4064 COH_Mon - ok
11:32:14.0531 4064 COMSysApp - ok
11:32:14.0531 4064 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
11:32:14.0546 4064 Cpqarray - ok
11:32:14.0562 4064 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
11:32:14.0578 4064 CryptSvc - ok
11:32:14.0578 4064 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
11:32:14.0593 4064 dac2w2k - ok
11:32:14.0593 4064 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
11:32:14.0609 4064 dac960nt - ok
11:32:14.0640 4064 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
11:32:14.0640 4064 DcomLaunch - ok
11:32:14.0671 4064 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
11:32:14.0671 4064 Dhcp - ok
11:32:14.0687 4064 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:32:14.0687 4064 Disk - ok
11:32:14.0703 4064 dmadmin - ok
11:32:14.0750 4064 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
11:32:14.0765 4064 dmboot - ok
11:32:14.0781 4064 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
11:32:14.0781 4064 dmio - ok
11:32:14.0781 4064 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:32:14.0781 4064 dmload - ok
11:32:14.0796 4064 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
11:32:14.0796 4064 dmserver - ok
11:32:14.0828 4064 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:32:14.0828 4064 DMusic - ok
11:32:14.0859 4064 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
11:32:14.0859 4064 Dnscache - ok
11:32:14.0890 4064 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
11:32:14.0906 4064 Dot3svc - ok
11:32:14.0906 4064 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
11:32:14.0921 4064 dpti2o - ok
11:32:14.0937 4064 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:32:14.0937 4064 drmkaud - ok
11:32:14.0968 4064 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
11:32:14.0968 4064 EapHost - ok
11:32:15.0046 4064 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
11:32:15.0046 4064 eeCtrl - ok
11:32:15.0078 4064 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:32:15.0078 4064 EraserUtilRebootDrv - ok
11:32:15.0093 4064 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
11:32:15.0093 4064 ERSvc - ok
11:32:15.0125 4064 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
11:32:15.0125 4064 Eventlog - ok
11:32:15.0140 4064 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
11:32:15.0140 4064 EventSystem - ok
11:32:15.0187 4064 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:32:15.0187 4064 Fastfat - ok
11:32:15.0234 4064 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
11:32:15.0234 4064 FastUserSwitchingCompatibility - ok
11:32:15.0265 4064 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
11:32:15.0281 4064 Fax - ok
11:32:15.0281 4064 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
11:32:15.0296 4064 Fdc - ok
11:32:15.0343 4064 FDXAPISVC (26fea5d2c9466ba9345ad8b0ecd04601) C:\Program Files\FedEx\FedEx Ship Manager API\Atom\AtomSvc.exe
11:32:15.0343 4064 FDXAPISVC - ok
11:32:15.0359 4064 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
11:32:15.0359 4064 Fips - ok
11:32:15.0406 4064 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:32:15.0437 4064 FLEXnet Licensing Service - ok
11:32:15.0453 4064 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:32:15.0453 4064 Flpydisk - ok
11:32:15.0468 4064 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:32:15.0468 4064 FltMgr - ok
11:32:15.0562 4064 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:32:15.0578 4064 FontCache3.0.0.0 - ok
11:32:15.0593 4064 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:32:15.0593 4064 Fs_Rec - ok
11:32:15.0593 4064 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:32:15.0593 4064 Ftdisk - ok
11:32:15.0609 4064 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:32:15.0609 4064 Gpc - ok
11:32:15.0625 4064 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:32:15.0625 4064 HDAudBus - ok
11:32:15.0671 4064 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:32:15.0671 4064 helpsvc - ok
11:32:15.0703 4064 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
11:32:15.0703 4064 HidServ - ok
11:32:15.0718 4064 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:32:15.0718 4064 hidusb - ok
11:32:15.0734 4064 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
11:32:15.0750 4064 hkmsvc - ok
11:32:15.0765 4064 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
11:32:15.0765 4064 hpn - ok
11:32:15.0796 4064 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:32:15.0812 4064 HTTP - ok
11:32:15.0828 4064 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
11:32:15.0843 4064 HTTPFilter - ok
11:32:15.0843 4064 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
11:32:15.0843 4064 i2omgmt - ok
11:32:15.0843 4064 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
11:32:15.0859 4064 i2omp - ok
11:32:16.0140 4064 ialm (a01bb8da8d73bca83702a4cf1cd56dce) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
11:32:16.0281 4064 ialm - ok
11:32:16.0437 4064 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:32:16.0484 4064 idsvc - ok
11:32:16.0578 4064 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:32:16.0578 4064 Imapi - ok
11:32:16.0609 4064 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
11:32:16.0609 4064 ImapiService - ok
11:32:16.0640 4064 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
11:32:16.0640 4064 ini910u - ok
11:32:16.0937 4064 IntcAzAudAddService (9126d796a5101765650cc39d99c5ace7) C:\WINDOWS\system32\drivers\RtDHDAud.sys
11:32:17.0031 4064 IntcAzAudAddService - ok
11:32:17.0140 4064 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
11:32:17.0140 4064 IntelIde - ok
11:32:17.0156 4064 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:32:17.0171 4064 intelppm - ok
11:32:17.0187 4064 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:32:17.0203 4064 Ip6Fw - ok
11:32:17.0218 4064 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:32:17.0218 4064 IpFilterDriver - ok
11:32:17.0234 4064 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:32:17.0250 4064 IpInIp - ok
11:32:17.0265 4064 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:32:17.0265 4064 IpNat - ok
11:32:17.0296 4064 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:32:17.0296 4064 IPSec - ok
11:32:17.0312 4064 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:32:17.0328 4064 IRENUM - ok
11:32:17.0343 4064 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:32:17.0343 4064 isapnp - ok
11:32:17.0406 4064 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
11:32:17.0406 4064 JavaQuickStarterService - ok
11:32:17.0437 4064 k57w2k (997190701bd80dd0f4412ed202cc7816) C:\WINDOWS\system32\DRIVERS\k57xp32.sys
11:32:17.0437 4064 k57w2k - ok
11:32:17.0453 4064 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:32:17.0453 4064 Kbdclass - ok
11:32:17.0468 4064 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:32:17.0468 4064 kbdhid - ok
11:32:17.0500 4064 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:32:17.0500 4064 kmixer - ok
11:32:17.0515 4064 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:32:17.0515 4064 KSecDD - ok
11:32:17.0546 4064 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
11:32:17.0546 4064 LanmanServer - ok
11:32:17.0578 4064 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
11:32:17.0578 4064 lanmanworkstation - ok
11:32:17.0578 4064 lbrtfdc - ok
11:32:17.0781 4064 LiveUpdate (3aa70dcfb4ecb5fcfe6b9ff7cec3a5ea) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
11:32:17.0843 4064 LiveUpdate - ok
11:32:17.0921 4064 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
11:32:17.0921 4064 LmHosts - ok
11:32:18.0000 4064 LMIGuardianSvc (c2bc96051da4330c1fcf2fe13f60a748) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
11:32:18.0000 4064 LMIGuardianSvc - ok
11:32:18.0031 4064 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
11:32:18.0031 4064 LMIInfo - ok
11:32:18.0046 4064 LMIMaint (8960ac10842199c9dc2ec0956f5a4a8d) C:\Program Files\LogMeIn\x86\RaMaint.exe
11:32:18.0046 4064 LMIMaint - ok
11:32:18.0093 4064 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
11:32:18.0093 4064 lmimirr - ok
11:32:18.0093 4064 LMIRfsClientNP - ok
11:32:18.0109 4064 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
11:32:18.0109 4064 LMIRfsDriver - ok
11:32:18.0156 4064 LogMeIn (432618fa75b61059d2c57d6a7e55147a) C:\Program Files\LogMeIn\x86\LogMeIn.exe
11:32:18.0156 4064 LogMeIn - ok
11:32:18.0187 4064 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
11:32:18.0187 4064 MBAMProtector - ok
11:32:18.0234 4064 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:32:18.0250 4064 MBAMService - ok
11:32:18.0281 4064 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
11:32:18.0296 4064 Messenger - ok
11:32:18.0328 4064 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:32:18.0328 4064 mnmdd - ok
11:32:18.0359 4064 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
11:32:18.0375 4064 mnmsrvc - ok
11:32:18.0390 4064 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
11:32:18.0390 4064 Modem - ok
11:32:18.0406 4064 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:32:18.0406 4064 Mouclass - ok
11:32:18.0421 4064 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:32:18.0421 4064 mouhid - ok
11:32:18.0421 4064 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:32:18.0421 4064 MountMgr - ok
11:32:18.0437 4064 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
11:32:18.0453 4064 mraid35x - ok
11:32:18.0453 4064 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:32:18.0453 4064 MRxDAV - ok
11:32:18.0500 4064 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:32:18.0500 4064 MRxSmb - ok
11:32:18.0531 4064 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
11:32:18.0546 4064 MSDTC - ok
11:32:18.0546 4064 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:32:18.0546 4064 Msfs - ok
11:32:18.0562 4064 MSIServer - ok
11:32:18.0609 4064 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:32:18.0609 4064 MSKSSRV - ok
11:32:18.0656 4064 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:32:18.0656 4064 MSPCLOCK - ok
11:32:18.0703 4064 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:32:18.0718 4064 MSPQM - ok
11:32:18.0734 4064 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:32:18.0734 4064 mssmbios - ok
11:32:18.0812 4064 MSSQL$MSSMLBIZ - ok
11:32:18.0843 4064 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
11:32:18.0859 4064 MSSQLServerADHelper - ok
11:32:18.0890 4064 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
11:32:18.0906 4064 Mup - ok
11:32:18.0953 4064 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
11:32:18.0968 4064 napagent - ok
11:32:19.0031 4064 NAVENG (f11033730b38260b6892e837c457fb4b) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120522.005\NAVENG.SYS
11:32:19.0046 4064 NAVENG - ok
11:32:19.0125 4064 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120522.005\NAVEX15.SYS
11:32:19.0156 4064 NAVEX15 - ok
11:32:19.0265 4064 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:32:19.0265 4064 NDIS - ok
11:32:19.0265 4064 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:32:19.0265 4064 NdisTapi - ok
11:32:19.0281 4064 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:32:19.0281 4064 Ndisuio - ok
11:32:19.0281 4064 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:32:19.0296 4064 NdisWan - ok
11:32:19.0312 4064 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:32:19.0312 4064 NDProxy - ok
11:32:19.0328 4064 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:32:19.0328 4064 NetBIOS - ok
11:32:19.0343 4064 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:32:19.0343 4064 NetBT - ok
11:32:19.0375 4064 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
11:32:19.0453 4064 NetDDE - ok
11:32:19.0453 4064 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
11:32:19.0453 4064 NetDDEdsdm - ok
11:32:19.0500 4064 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:32:19.0500 4064 Netlogon - ok
11:32:19.0515 4064 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
11:32:19.0515 4064 Netman - ok
11:32:19.0609 4064 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:32:19.0609 4064 NetTcpPortSharing - ok
11:32:19.0671 4064 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
11:32:19.0671 4064 Nla - ok
11:32:19.0703 4064 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:32:19.0718 4064 Npfs - ok
11:32:19.0750 4064 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:32:19.0765 4064 Ntfs - ok
11:32:19.0765 4064 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:32:19.0765 4064 NtLmSsp - ok
11:32:19.0812 4064 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
11:32:19.0812 4064 NtmsSvc - ok
11:32:19.0828 4064 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:32:19.0828 4064 Null - ok
11:32:19.0843 4064 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:32:19.0843 4064 NwlnkFlt - ok
11:32:19.0843 4064 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:32:19.0859 4064 NwlnkFwd - ok
11:32:19.0937 4064 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:32:20.0000 4064 odserv - ok
11:32:20.0031 4064 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:32:20.0109 4064 ose - ok
11:32:20.0140 4064 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
11:32:20.0140 4064 Parport - ok
11:32:20.0140 4064 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:32:20.0156 4064 PartMgr - ok
11:32:20.0156 4064 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
11:32:20.0156 4064 ParVdm - ok
11:32:20.0171 4064 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\WINDOWS\system32\DRIVERS\PBADRV.sys
11:32:20.0171 4064 PBADRV - ok
11:32:20.0171 4064 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
11:32:20.0171 4064 PCI - ok
11:32:20.0187 4064 PCIDump - ok
11:32:20.0203 4064 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:32:20.0203 4064 PCIIde - ok
11:32:20.0218 4064 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:32:20.0234 4064 Pcmcia - ok
11:32:20.0234 4064 PDCOMP - ok
11:32:20.0234 4064 PDFRAME - ok
11:32:20.0234 4064 PDRELI - ok
11:32:20.0234 4064 PDRFRAME - ok
11:32:20.0250 4064 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
11:32:20.0296 4064 perc2 - ok
11:32:20.0296 4064 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
11:32:20.0296 4064 perc2hib - ok
11:32:20.0343 4064 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
11:32:20.0343 4064 PlugPlay - ok
11:32:20.0375 4064 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:32:20.0375 4064 PolicyAgent - ok
11:32:20.0375 4064 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:32:20.0375 4064 PptpMiniport - ok
11:32:20.0390 4064 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:32:20.0390 4064 ProtectedStorage - ok
11:32:20.0390 4064 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:32:20.0390 4064 PSched - ok
11:32:20.0390 4064 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:32:20.0390 4064 Ptilink - ok
11:32:20.0421 4064 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:32:20.0421 4064 PxHelp20 - ok
11:32:20.0437 4064 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
11:32:20.0515 4064 ql1080 - ok
11:32:20.0515 4064 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
11:32:20.0531 4064 Ql10wnt - ok
11:32:20.0531 4064 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
11:32:20.0546 4064 ql12160 - ok
11:32:20.0546 4064 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
11:32:20.0562 4064 ql1240 - ok
11:32:20.0562 4064 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
11:32:20.0562 4064 ql1280 - ok
11:32:20.0593 4064 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:32:20.0593 4064 RasAcd - ok
11:32:20.0625 4064 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
11:32:20.0625 4064 RasAuto - ok
11:32:20.0640 4064 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:32:20.0640 4064 Rasl2tp - ok
11:32:20.0671 4064 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
11:32:20.0671 4064 RasMan - ok
11:32:20.0671 4064 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:32:20.0671 4064 RasPppoe - ok
11:32:20.0671 4064 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:32:20.0671 4064 Raspti - ok
11:32:20.0703 4064 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:32:20.0703 4064 Rdbss - ok
11:32:20.0703 4064 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:32:20.0703 4064 RDPCDD - ok
11:32:20.0718 4064 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:32:20.0718 4064 rdpdr - ok
11:32:20.0750 4064 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
11:32:20.0750 4064 RDPWD - ok
11:32:20.0796 4064 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
11:32:20.0859 4064 RDSessMgr - ok
11:32:20.0890 4064 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:32:20.0890 4064 redbook - ok
11:32:20.0921 4064 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
11:32:20.0921 4064 RemoteAccess - ok
11:32:20.0968 4064 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
11:32:20.0968 4064 RemoteRegistry - ok
11:32:20.0984 4064 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
11:32:21.0000 4064 RpcLocator - ok
11:32:21.0046 4064 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
11:32:21.0046 4064 RpcSs - ok
11:32:21.0062 4064 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
11:32:21.0125 4064 RSVP - ok
11:32:21.0156 4064 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:32:21.0156 4064 SamSs - ok
11:32:21.0187 4064 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
11:32:21.0187 4064 SCardSvr - ok
11:32:21.0218 4064 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
11:32:21.0218 4064 Schedule - ok
11:32:21.0296 4064 SeaPort (d358e077a0a05d9b12da22d137ee8464) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
11:32:21.0296 4064 SeaPort - ok
11:32:21.0359 4064 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:32:21.0359 4064 Secdrv - ok
11:32:21.0390 4064 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
11:32:21.0390 4064 seclogon - ok
11:32:21.0531 4064 SecureStorageService (d7f978c1b6387544fe132eb5b915ed1a) C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
11:32:21.0640 4064 SecureStorageService - ok
11:32:21.0671 4064 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
11:32:21.0671 4064 SENS - ok
11:32:21.0671 4064 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:32:21.0671 4064 Serenum - ok
11:32:21.0687 4064 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
11:32:21.0687 4064 Serial - ok
11:32:21.0703 4064 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:32:21.0703 4064 Sfloppy - ok
11:32:21.0734 4064 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
11:32:21.0750 4064 ShellHWDetection - ok
11:32:21.0750 4064 Simbad - ok
11:32:21.0765 4064 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
11:32:21.0765 4064 sisagp - ok
11:32:21.0921 4064 SmcService (9672e993c5f09bb15adb757a8af7765e) C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
11:32:21.0937 4064 SmcService - ok
11:32:22.0015 4064 SNAC (229b0890af1a54e2f57099542cd18642) C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
11:32:22.0078 4064 SNAC - ok
11:32:22.0187 4064 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
11:32:22.0203 4064 Sparrow - ok
11:32:22.0265 4064 SPBBCDrv (e87cf104f12c92401c4d33c50a3d5dc8) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
11:32:22.0281 4064 SPBBCDrv - ok
11:32:22.0296 4064 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:32:22.0296 4064 splitter - ok
11:32:22.0328 4064 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
11:32:22.0328 4064 Spooler - ok
11:32:22.0390 4064 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
11:32:22.0390 4064 SQLBrowser - ok
11:32:22.0406 4064 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:32:22.0406 4064 SQLWriter - ok
11:32:22.0421 4064 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
11:32:22.0421 4064 sr - ok
11:32:22.0453 4064 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
11:32:22.0453 4064 srservice - ok
11:32:22.0484 4064 SRTSP (14389e87d0d2e25b12bf2cc74cfaee07) C:\WINDOWS\system32\Drivers\SRTSP.SYS
11:32:22.0484 4064 SRTSP - ok
11:32:22.0515 4064 SRTSPL (aed0f68c185fe698a21cefcd76f0b8a4) C:\WINDOWS\system32\Drivers\SRTSPL.SYS
11:32:22.0531 4064 SRTSPL - ok
11:32:22.0546 4064 SRTSPX (0e2ca6326726477fe29863808bbad413) C:\WINDOWS\system32\Drivers\SRTSPX.SYS
11:32:22.0546 4064 SRTSPX - ok
11:32:22.0593 4064 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:32:22.0609 4064 Srv - ok
11:32:22.0640 4064 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
11:32:22.0640 4064 SSDPSRV - ok
11:32:22.0671 4064 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
11:32:22.0671 4064 stisvc - ok
11:32:22.0750 4064 stllssvr (e476c66713c842f58e61a95826ed1d57) c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
11:32:22.0765 4064 stllssvr - ok
11:32:22.0812 4064 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:32:22.0812 4064 swenum - ok
11:32:22.0843 4064 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:32:22.0843 4064 swmidi - ok
11:32:22.0843 4064 SwPrv - ok
11:32:22.0953 4064 Symantec AntiVirus (409ebed03f66e3941e33e412795e6c2c) C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
11:32:22.0968 4064 Symantec AntiVirus - ok
11:32:23.0078 4064 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
11:32:23.0078 4064 symc810 - ok
11:32:23.0078 4064 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
11:32:23.0093 4064 symc8xx - ok
11:32:23.0125 4064 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
11:32:23.0140 4064 SymEvent - ok
11:32:23.0171 4064 SYMREDRV (394b2368212114d538316812af60fddd) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
11:32:23.0171 4064 SYMREDRV - ok
11:32:23.0187 4064 SYMTDI (d46676bb414c7531bdffe637a33f5033) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
11:32:23.0187 4064 SYMTDI - ok
11:32:23.0187 4064 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
11:32:23.0203 4064 sym_hi - ok
11:32:23.0203 4064 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
11:32:23.0203 4064 sym_u3 - ok
11:32:23.0234 4064 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:32:23.0234 4064 sysaudio - ok
11:32:23.0265 4064 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
11:32:23.0281 4064 SysmonLog - ok
11:32:23.0312 4064 SysPlant (e2433edc2fd23f7d7272d6e74f22bd79) C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys
11:32:23.0312 4064 SysPlant - ok
11:32:23.0343 4064 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
11:32:23.0343 4064 TapiSrv - ok
11:32:23.0390 4064 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:32:23.0390 4064 Tcpip - ok
11:32:23.0500 4064 tcsd_win32.exe (69f1a38a6dbfe682491cb61a596662e3) C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
11:32:23.0515 4064 tcsd_win32.exe - ok
11:32:23.0656 4064 TdmService (a62f1de032e59c4bb35557a2219cb160) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
11:32:23.0656 4064 TdmService - ok
11:32:23.0781 4064 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:32:23.0781 4064 TDPIPE - ok
11:32:23.0796 4064 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:32:23.0796 4064 TDTCP - ok
11:32:23.0906 4064 TeamViewer5 (750b0b1d274b0dce354058435e867fa9) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
11:32:23.0906 4064 TeamViewer5 - ok
11:32:23.0937 4064 Teefer2 (75346634d815c9fda103ae5fada072b3) C:\WINDOWS\system32\DRIVERS\teefer2.sys
11:32:23.0937 4064 Teefer2 - ok
11:32:23.0953 4064 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:32:23.0953 4064 TermDD - ok
11:32:23.0984 4064 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
11:32:23.0984 4064 TermService - ok
11:32:24.0031 4064 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
11:32:24.0031 4064 Themes - ok
11:32:24.0062 4064 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
11:32:24.0109 4064 TlntSvr - ok
11:32:24.0125 4064 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
11:32:24.0125 4064 TosIde - ok
11:32:24.0171 4064 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
11:32:24.0171 4064 TrkWks - ok
11:32:24.0203 4064 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:32:24.0218 4064 Udfs - ok
11:32:24.0218 4064 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
11:32:24.0234 4064 ultra - ok
11:32:24.0250 4064 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:32:24.0250 4064 Update - ok
11:32:24.0296 4064 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
11:32:24.0312 4064 upnphost - ok
11:32:24.0328 4064 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
11:32:24.0328 4064 UPS - ok
11:32:24.0359 4064 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:32:24.0359 4064 usbccgp - ok
11:32:24.0390 4064 usbehci (4bac8df07f1d8434fc640e677a62204e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:32:24.0390 4064 usbehci - ok
11:32:24.0406 4064 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:32:24.0406 4064 usbhub - ok
11:32:24.0437 4064 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:32:24.0437 4064 usbprint - ok
11:32:24.0453 4064 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:32:24.0468 4064 usbscan - ok
11:32:24.0484 4064 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:32:24.0500 4064 USBSTOR - ok
11:32:24.0515 4064 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:32:24.0515 4064 usbuhci - ok
11:32:24.0531 4064 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:32:24.0531 4064 VgaSave - ok
11:32:24.0546 4064 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
11:32:24.0546 4064 viaagp - ok
11:32:24.0546 4064 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
11:32:24.0562 4064 ViaIde - ok
11:32:24.0578 4064 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
11:32:24.0578 4064 VolSnap - ok
11:32:24.0625 4064 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
11:32:24.0671 4064 VSS - ok
11:32:24.0703 4064 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
11:32:24.0718 4064 w32time - ok
11:32:24.0718 4064 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:32:24.0718 4064 Wanarp - ok
11:32:24.0750 4064 WavxDMgr (e1369c7a53c76eb681afd0eba348b45a) C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
11:32:24.0750 4064 WavxDMgr - ok
11:32:24.0750 4064 WDICA - ok
11:32:24.0781 4064 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:32:24.0781 4064 wdmaud - ok
11:32:24.0781 4064 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
11:32:24.0796 4064 WebClient - ok
11:32:24.0843 4064 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
11:32:24.0843 4064 winmgmt - ok
11:32:24.0921 4064 WinRM (18f347402da544a780949b8fdf83351b) C:\WINDOWS\system32\WsmSvc.dll
11:32:24.0953 4064 WinRM - ok
11:32:25.0015 4064 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll
11:32:25.0015 4064 WmdmPmSN - ok
11:32:25.0062 4064 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
11:32:25.0062 4064 Wmi - ok
11:32:25.0109 4064 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
11:32:25.0109 4064 WmiAcpi - ok
11:32:25.0140 4064 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:32:25.0156 4064 WmiApSrv - ok
11:32:25.0312 4064 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:32:25.0328 4064 WPFFontCache_v0400 - ok
11:32:25.0375 4064 WPS (5b873300a1802a6d254af59943f6c1a2) C:\WINDOWS\system32\drivers\wpsdrvnt.sys
11:32:25.0375 4064 WPS - ok
11:32:25.0406 4064 WpsHelper (ff983a25ae6f7d3f87f26bf51f02a201) C:\WINDOWS\system32\drivers\WpsHelper.sys
11:32:25.0406 4064 WpsHelper - ok
11:32:25.0421 4064 WSearch - ok
11:32:25.0453 4064 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
11:32:25.0484 4064 WZCSVC - ok
11:32:25.0515 4064 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
11:32:25.0515 4064 xmlprov - ok
11:32:25.0531 4064 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
11:32:25.0796 4064 \Device\Harddisk0\DR0 - ok
11:32:25.0796 4064 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR3
11:32:28.0125 4064 \Device\Harddisk1\DR3 - ok
11:32:28.0125 4064 Boot (0x1200) (cd862edfeb44c839565b9f820607c2b6) \Device\Harddisk0\DR0\Partition0
11:32:28.0125 4064 \Device\Harddisk0\DR0\Partition0 - ok
11:32:28.0125 4064 Boot (0x1200) (dc318442dd679361a9725bc9412a4b10) \Device\Harddisk1\DR3\Partition0
11:32:28.0125 4064 \Device\Harddisk1\DR3\Partition0 - ok
11:32:28.0125 4064 ============================================================
11:32:28.0125 4064 Scan finished
11:32:28.0125 4064 ============================================================
11:32:28.0125 4016 Detected object count: 0
11:32:28.0125 4016 Actual detected object count: 0
11:33:23.0453 2808 Deinitialize success

Edited by jthomp.uscav, 23 May 2012 - 10:44 AM.


#4 jthomp.uscav

jthomp.uscav
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 23 May 2012 - 10:41 AM

This is the second log file.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-23 11:33:50
-----------------------------
11:33:50.156 OS Version: Windows 5.1.2600 Service Pack 3
11:33:50.156 Number of processors: 2 586 0x170A
11:33:50.156 ComputerName: ******** UserName: ******** (Due to Security policies within my company, I omitted the PC and user names)
11:33:50.640 Initialize success
11:33:54.078 AVAST engine download error: 0
11:34:13.406 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
11:34:13.406 Disk 0 Vendor: WDC_WD1600AAJS-75M0A0 02.03E02 Size: 152587MB BusType: 3
11:34:13.421 Disk 0 MBR read successfully
11:34:13.421 Disk 0 MBR scan
11:34:13.421 Disk 0 Windows VISTA default MBR code
11:34:13.421 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
11:34:13.421 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 152546 MB offset 80325
11:34:13.421 Disk 0 scanning sectors +312496380
11:34:13.500 Disk 0 scanning C:\WINDOWS\system32\drivers
11:34:17.203 Service scanning
11:34:23.578 Service SysPlant C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys **LOCKED** 32
11:34:23.890 Service Teefer2 C:\WINDOWS\system32\DRIVERS\teefer2.sys **LOCKED** 32
11:34:24.859 Service WPS C:\WINDOWS\system32\drivers\wpsdrvnt.sys **LOCKED** 32
11:34:24.890 Service WpsHelper C:\WINDOWS\system32\drivers\WpsHelper.sys **LOCKED** 32
11:34:25.500 Modules scanning
11:34:28.968 Disk 0 trace - called modules:
11:34:29.000 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
11:34:29.000 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a37dab8]
11:34:29.000 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a36cd98]
11:34:29.000 Scan finished successfully
11:34:48.875 Disk 0 MBR has been saved successfully to "E:\DonnaPCrepair\MBR.dat"
11:34:48.875 The log file has been saved successfully to "E:\DonnaPCrepair\aswMBR.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:13 AM

Posted 23 May 2012 - 11:02 AM

We needs advanced tools here

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#6 jthomp.uscav

jthomp.uscav
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 23 May 2012 - 12:14 PM

Thanks! :)

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:13 AM

Posted 23 May 2012 - 10:27 PM

welcome :)

#8 symthomas

symthomas

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:13 AM

Posted 24 May 2012 - 10:11 AM

Hi, Symantec offers some addition tools to eliminate deeply embedded and difficult to remove threats that traditional virus scanning doesn't always detect.

See this thread for complete information - https://www-secure.symantec.com/connect/forums/your-system-infected

#9 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:13 PM

Posted 24 May 2012 - 04:35 PM

Malware topic here: http://www.bleepingcomputer.com/forums/topic454732.html

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MR Team member is already assisting you and not open the thread to respond.

To avoid confusion, I am closing this topic.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users