Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

svchost.exe considered as a virus by AVG


  • Please log in to reply
11 replies to this topic

#1 vtiger5

vtiger5

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:02 PM

Posted 01 July 2012 - 09:09 AM

recently when i start my computer i get 3 errors saying that 0xc0000... has stopped working, if i would ignore this and click ok, after 5-10 mins AVG would come and say that svchost.exe is a very high unknown threat (it also makes my computer extremely slow) and if i remove it , it will turn of my computer with a blue screen. However, when the 3 errors show up if i open the task manager i see 6 programs , if i delete the processes that make that error, i can work normally with my computer, how can i remove this virus/Trojan that is causing all this havoc?

Edited by hamluis, 01 July 2012 - 09:13 AM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:02 PM

Posted 01 July 2012 - 09:50 AM

Boot into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 vtiger5

vtiger5
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:02 PM

Posted 01 July 2012 - 10:32 AM

i allready did somthing similar to that with Hijackthis, here is what it found:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:45:43, on 01-07-2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal


EDT: removed HJT log`` boopme

Edited by boopme, 01 July 2012 - 12:06 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:02 PM

Posted 01 July 2012 - 10:59 AM

Please do not post hijack this logs here

#5 vtiger5

vtiger5
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:02 PM

Posted 01 July 2012 - 11:48 AM

Please do not post hijack this logs here


why? the website (of hijackthis) told me that this is one of the sites that i could post the log

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:02 PM

Posted 01 July 2012 - 12:05 PM

It's a bit confusing but they get posted here Virus, Trojan, Spyware, and Malware Removal Logs, if needed barenxp will request it. Thanks.
I remoced it.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:02 PM

Posted 01 July 2012 - 12:11 PM

why? the website (of hijackthis) told me that this is one of the sites that i could post the log

I'm sorry i was not clear.As boopme suggested we do not analyse hijack this logs in this forum.We have separate forum for hijack this and DDS logs

http://www.bleepingcomputer.com/forums/forum22.html

Lets see if we could remove the infection without hijack this log.Please follow my instructions given above.

#8 vtiger5

vtiger5
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:02 PM

Posted 02 July 2012 - 10:55 AM

okay, recently ive been having some trouble getting the computer to stay on, after 1-2min it blue screens, but i finnaly managed to get on safe mode, i have finished the TDSS killer scan and the others are currently scaning here is the log


16:41:17.0546 1564 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
16:41:19.0546 1564 ============================================================
16:41:19.0546 1564 Current date / time: 2012/07/02 16:41:19.0546
16:41:19.0546 1564 SystemInfo:
16:41:19.0546 1564
16:41:19.0546 1564 OS Version: 5.1.2600 ServicePack: 3.0
16:41:19.0546 1564 Product type: Workstation
16:41:19.0546 1564 ComputerName: TOSHIBA
16:41:19.0546 1564 UserName: Kmatias
16:41:19.0546 1564 Windows directory: C:\WINDOWS
16:41:19.0546 1564 System windows directory: C:\WINDOWS
16:41:19.0546 1564 Processor architecture: Intel x86
16:41:19.0546 1564 Number of processors: 2
16:41:19.0546 1564 Page size: 0x1000
16:41:19.0546 1564 Boot type: Safe boot with network
16:41:19.0546 1564 ============================================================
16:41:19.0859 1564 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:41:19.0859 1564 ============================================================
16:41:19.0859 1564 \Device\Harddisk0\DR0:
16:41:19.0859 1564 MBR partitions:
16:41:19.0875 1564 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2F10FF, BlocksNum 0xC86939A
16:41:19.0875 1564 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xCB5D800, BlocksNum 0xC350000
16:41:19.0875 1564 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x18EAD800, BlocksNum 0xC581000
16:41:19.0875 1564 ============================================================
16:41:19.0921 1564 D: <-> \Device\Harddisk0\DR0\Partition1
16:41:19.0953 1564 E: <-> \Device\Harddisk0\DR0\Partition2
16:41:20.0000 1564 C: <-> \Device\Harddisk0\DR0\Partition0
16:41:20.0000 1564 ============================================================
16:41:20.0000 1564 Initialize success
16:41:20.0000 1564 ============================================================
16:41:33.0671 0288 ============================================================
16:41:33.0671 0288 Scan started
16:41:33.0671 0288 Mode: Manual; TDLFS;
16:41:33.0671 0288 ============================================================
16:41:35.0000 0288 1394hub - ok
16:41:35.0062 0288 Aavmker4 (5803b5f166ee9865a3c763127dce02fd) C:\WINDOWS\system32\drivers\Aavmker4.sys
16:41:35.0062 0288 Aavmker4 - ok
16:41:35.0078 0288 Abiosdsk - ok
16:41:35.0109 0288 abp480n5 - ok
16:41:35.0187 0288 ACPI (e353cb4d44454643bd81e0ffd3e3832c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:41:35.0187 0288 ACPI - ok
16:41:35.0203 0288 ACPIEC (4cbbd5516d8f7eb18314c9a593da7744) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
16:41:35.0203 0288 ACPIEC - ok
16:41:35.0296 0288 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:41:35.0328 0288 AdobeFlashPlayerUpdateSvc - ok
16:41:35.0343 0288 adpu160m - ok
16:41:35.0390 0288 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:41:35.0406 0288 aec - ok
16:41:35.0453 0288 AFD (f6b7b1ecd7b41736bdb6ff4b092bcb79) C:\WINDOWS\System32\drivers\afd.sys
16:41:35.0453 0288 AFD - ok
16:41:35.0468 0288 Aha154x - ok
16:41:35.0500 0288 aic78u2 - ok
16:41:35.0531 0288 aic78xx - ok
16:41:35.0812 0288 Akamai (c775d704feb2b600a5bf7b0b088546af) c:\programas\ficheiros comuns\akamai/netsession_win_80c2ffa.dll
16:41:35.0812 0288 Suspicious file (Hidden): c:\programas\ficheiros comuns\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af
16:41:35.0828 0288 Akamai ( HiddenFile.Multi.Generic ) - warning
16:41:35.0828 0288 Akamai - detected HiddenFile.Multi.Generic (1)
16:41:36.0140 0288 Alerter (6f70bd1353e44102e351e5652e6c0bc8) C:\WINDOWS\system32\alrsvc.dll
16:41:36.0140 0288 Alerter - ok
16:41:36.0171 0288 ALG (8e4a4591879b2eb4af817f405b436449) C:\WINDOWS\System32\alg.exe
16:41:36.0171 0288 ALG - ok
16:41:36.0203 0288 AliIde - ok
16:41:36.0500 0288 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
16:41:36.0531 0288 Ambfilt - ok
16:41:36.0609 0288 amsint - ok
16:41:36.0718 0288 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:41:36.0718 0288 Apple Mobile Device - ok
16:41:36.0781 0288 AppMgmt (d312a4005e1c6544baa501ebdd18ca02) C:\WINDOWS\System32\appmgmts.dll
16:41:36.0781 0288 AppMgmt - ok
16:41:36.0843 0288 AR5211 (89873aebbf0309393f0737e26d891209) C:\WINDOWS\system32\DRIVERS\ar5211.sys
16:41:36.0859 0288 AR5211 - ok
16:41:37.0046 0288 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
16:41:37.0046 0288 Arp1394 - ok
16:41:37.0171 0288 asc - ok
16:41:37.0234 0288 asc3350p - ok
16:41:37.0265 0288 asc3550 - ok
16:41:37.0453 0288 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:41:37.0468 0288 aspnet_state - ok
16:41:37.0500 0288 aswFsBlk (5679eaf49f7e2a93ceadcf0aaf6fa3a3) C:\WINDOWS\system32\drivers\aswFsBlk.sys
16:41:37.0500 0288 aswFsBlk - ok
16:41:37.0546 0288 aswMon2 (61c194bc48521cb55be2763a33f77d44) C:\WINDOWS\system32\drivers\aswMon2.sys
16:41:37.0546 0288 aswMon2 - ok
16:41:37.0578 0288 AswRdr (b221d97841c02ae79ec5c56172724f5c) C:\WINDOWS\system32\drivers\AswRdr.sys
16:41:37.0578 0288 AswRdr - ok
16:41:37.0656 0288 aswSnx (1aee85af4b664ea9e22ebe41e8f96571) C:\WINDOWS\system32\drivers\aswSnx.sys
16:41:37.0656 0288 aswSnx - ok
16:41:37.0703 0288 aswSP (3c9d1aeb0fafa8493335503ebee9a301) C:\WINDOWS\system32\drivers\aswSP.sys
16:41:37.0703 0288 aswSP - ok
16:41:37.0750 0288 aswTdi (74f58f4adafaf50b9a09cb6e17b4ee49) C:\WINDOWS\system32\drivers\aswTdi.sys
16:41:37.0750 0288 aswTdi - ok
16:41:37.0781 0288 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:41:37.0781 0288 AsyncMac - ok
16:41:37.0828 0288 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:41:37.0828 0288 atapi - ok
16:41:37.0843 0288 Atdisk - ok
16:41:37.0921 0288 Ati HotKey Poller (fac0ea5a580c8768e20826baa475a22f) C:\WINDOWS\system32\Ati2evxx.exe
16:41:37.0937 0288 Ati HotKey Poller - ok
16:41:38.0062 0288 ati2mtag (871f673f7838249f0bf12ff070385ef5) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
16:41:38.0109 0288 ati2mtag - ok
16:41:38.0234 0288 AtiHDAudioService (bd9ca8136738040d3257363ed12be693) C:\WINDOWS\system32\drivers\AtihdXP3.sys
16:41:38.0234 0288 AtiHDAudioService - ok
16:41:38.0281 0288 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:41:38.0281 0288 Atmarpc - ok
16:41:38.0312 0288 AudioSrv (51ca4381d092c5530a76ab32c90bd93e) C:\WINDOWS\System32\audiosrv.dll
16:41:38.0312 0288 AudioSrv - ok
16:41:38.0359 0288 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:41:38.0359 0288 audstub - ok
16:41:38.0390 0288 Automatic CDROM Monitor (0f4113d4c0ff4fa355e6b204ba824a7a) C:\WINDOWS\system32\SupportAppPT\ztemon_cd.exe
16:41:38.0390 0288 Automatic CDROM Monitor - ok
16:41:38.0515 0288 avast! Antivirus (b31f785751157aa8e2a33ea1cb4dc5be) C:\Programas\AVAST Software\Avast\AvastSvc.exe
16:41:38.0515 0288 avast! Antivirus - ok
16:41:38.0609 0288 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:41:38.0609 0288 Beep - ok
16:41:38.0687 0288 BITS (d938061d85b58d795f2634d612637598) C:\WINDOWS\system32\qmgr.dll
16:41:38.0843 0288 BITS - ok
16:41:38.0906 0288 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Programas\Bonjour\mDNSResponder.exe
16:41:38.0906 0288 Bonjour Service - ok
16:41:38.0968 0288 Browser (d2803e17903c30ece5cfa442d74bf693) C:\WINDOWS\System32\browser.dll
16:41:38.0968 0288 Browser - ok
16:41:39.0031 0288 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:41:39.0031 0288 cbidf2k - ok
16:41:39.0046 0288 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:41:39.0046 0288 CCDECODE - ok
16:41:39.0093 0288 cd20xrnt - ok
16:41:39.0140 0288 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:41:39.0140 0288 Cdaudio - ok
16:41:39.0171 0288 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:41:39.0171 0288 Cdfs - ok
16:41:39.0218 0288 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:41:39.0218 0288 Cdrom - ok
16:41:39.0250 0288 CFSvcs (3cb0cc8879956c187e87e18634ee5164) C:\Programas\TOSHIBA\ConfigFree\CFSvcs.exe
16:41:39.0250 0288 CFSvcs - ok
16:41:39.0281 0288 Changer - ok
16:41:39.0328 0288 ClipSrv (93bf551c48b207e8974129b8281f6c3c) C:\WINDOWS\system32\clipsrv.exe
16:41:39.0328 0288 ClipSrv - ok
16:41:39.0390 0288 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:41:39.0437 0288 clr_optimization_v2.0.50727_32 - ok
16:41:39.0484 0288 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:41:39.0531 0288 clr_optimization_v4.0.30319_32 - ok
16:41:39.0562 0288 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
16:41:39.0562 0288 CmBatt - ok
16:41:39.0593 0288 CmdIde - ok
16:41:39.0656 0288 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
16:41:39.0656 0288 Compbatt - ok
16:41:39.0671 0288 COMSysApp - ok
16:41:39.0687 0288 Cpqarray - ok
16:41:39.0750 0288 CryptSvc (d2df1eaab0d7db8419c1034eb14cbfff) C:\WINDOWS\System32\cryptsvc.dll
16:41:39.0750 0288 CryptSvc - ok
16:41:39.0765 0288 dac2w2k - ok
16:41:39.0812 0288 dac960nt - ok
16:41:39.0875 0288 DcomLaunch (7b2e470e17b66c5d89a83c4ef9372459) C:\WINDOWS\system32\rpcss.dll
16:41:39.0875 0288 DcomLaunch - ok
16:41:39.0921 0288 Dhcp (1f8a89693f9f0abcd66a57f0788db09f) C:\WINDOWS\System32\dhcpcsvc.dll
16:41:39.0921 0288 Dhcp - ok
16:41:39.0937 0288 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:41:39.0937 0288 Disk - ok
16:41:39.0984 0288 dmadmin - ok
16:41:40.0078 0288 dmboot (875cb9847c86e2bff5092edd72b52d94) C:\WINDOWS\system32\drivers\dmboot.sys
16:41:40.0093 0288 dmboot - ok
16:41:40.0125 0288 dmio (640ee82b51017fb496b525026452cc31) C:\WINDOWS\system32\drivers\dmio.sys
16:41:40.0140 0288 dmio - ok
16:41:40.0156 0288 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:41:40.0156 0288 dmload - ok
16:41:40.0218 0288 dmserver (ac7e353edc316d11a11c0e71d36eebcc) C:\WINDOWS\System32\dmserver.dll
16:41:40.0218 0288 dmserver - ok
16:41:40.0250 0288 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:41:40.0250 0288 DMusic - ok
16:41:40.0296 0288 Dnscache (ada57abdfd83029f15a494714619ce56) C:\WINDOWS\System32\dnsrslvr.dll
16:41:40.0296 0288 Dnscache - ok
16:41:40.0328 0288 Dot3svc (f472f560e4cb0f48cb811d801c9edfe6) C:\WINDOWS\System32\dot3svc.dll
16:41:40.0343 0288 Dot3svc - ok
16:41:40.0359 0288 dpti2o - ok
16:41:40.0421 0288 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:41:40.0421 0288 drmkaud - ok
16:41:40.0453 0288 EapHost (4f822394f5f0bd5eec1f05a150012d97) C:\WINDOWS\System32\eapsvc.dll
16:41:40.0453 0288 EapHost - ok
16:41:40.0484 0288 ERSvc (16a716f0d9ed0751403202c6abe563b3) C:\WINDOWS\System32\ersvc.dll
16:41:40.0500 0288 ERSvc - ok
16:41:40.0531 0288 Eventlog (a172613468c7d1f8994f5863cd4a7fbf) C:\WINDOWS\system32\services.exe
16:41:40.0531 0288 Eventlog - ok
16:41:40.0578 0288 EventSystem (c1679af7d9c99bceffe9566ca6cb6cc4) C:\WINDOWS\system32\es.dll
16:41:40.0578 0288 EventSystem - ok
16:41:40.0734 0288 EverestDriver (b2ee9673cc4f227bc40bb4c67534d80e) C:\Programas\Lavalys\EVEREST Ultimate Edition\kerneld.wnt
16:41:40.0734 0288 EverestDriver - ok
16:41:40.0781 0288 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:41:40.0781 0288 Fastfat - ok
16:41:40.0828 0288 FastUserSwitchingCompatibility (6b94443222a399dfb2721eaf9238644c) C:\WINDOWS\System32\shsvcs.dll
16:41:40.0828 0288 FastUserSwitchingCompatibility - ok
16:41:40.0859 0288 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
16:41:40.0859 0288 Fdc - ok
16:41:40.0906 0288 Fips (a4542ec275d6b2264d23ce1cd0d223be) C:\WINDOWS\system32\drivers\Fips.sys
16:41:40.0906 0288 Fips - ok
16:41:40.0921 0288 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
16:41:40.0921 0288 Flpydisk - ok
16:41:40.0984 0288 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
16:41:40.0984 0288 FltMgr - ok
16:41:41.0046 0288 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:41:41.0046 0288 FontCache3.0.0.0 - ok
16:41:41.0062 0288 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:41:41.0062 0288 Fs_Rec - ok
16:41:41.0125 0288 Ftdisk (aae88d91b75eefd3429ca49b07451812) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:41:41.0125 0288 Ftdisk - ok
16:41:41.0171 0288 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
16:41:41.0171 0288 GEARAspiWDM - ok
16:41:41.0234 0288 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Programas\Google\Google Desktop Search\GoogleDesktop.exe
16:41:41.0250 0288 GoogleDesktopManager-051210-111108 - ok
16:41:41.0281 0288 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:41:41.0281 0288 Gpc - ok
16:41:41.0312 0288 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Programas\Google\Update\GoogleUpdate.exe
16:41:41.0312 0288 gupdate - ok
16:41:41.0343 0288 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Programas\Google\Update\GoogleUpdate.exe
16:41:41.0343 0288 gupdatem - ok
16:41:41.0406 0288 gusvc (408ddd80eede47175f6844817b90213e) C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe
16:41:41.0406 0288 gusvc - ok
16:41:41.0421 0288 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
16:41:41.0421 0288 hamachi - ok
16:41:41.0546 0288 Hamachi2Svc (f31d7f8a7699575dbb3b3a3ab4aa6216) C:\Programas\LogMeIn Hamachi\hamachi-2.exe
16:41:41.0562 0288 Hamachi2Svc - ok
16:41:41.0609 0288 HdAudAddService (56bf27d7a539f9e6bbc1de201aba0edf) C:\WINDOWS\system32\drivers\AtiHdAud.sys
16:41:41.0609 0288 HdAudAddService - ok
16:41:41.0671 0288 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:41:41.0671 0288 HDAudBus - ok
16:41:41.0734 0288 helpsvc (218d2f259b53e03949cf66f7b4988df1) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:41:41.0734 0288 helpsvc - ok
16:41:41.0781 0288 HidServ (25e14c5b2127785fa198f557f2fc6971) C:\WINDOWS\System32\hidserv.dll
16:41:41.0781 0288 HidServ - ok
16:41:41.0828 0288 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:41:41.0828 0288 hidusb - ok
16:41:41.0875 0288 hkmsvc (bc06fe407893562ffcfbdacbc50b3f5a) C:\WINDOWS\System32\kmsvc.dll
16:41:41.0875 0288 hkmsvc - ok
16:41:41.0906 0288 hpn - ok
16:41:41.0968 0288 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:41:41.0968 0288 HTTP - ok
16:41:42.0015 0288 HTTPFilter (f6520b70115e39aa3e26f3d1727f9ba3) C:\WINDOWS\System32\w3ssl.dll
16:41:42.0015 0288 HTTPFilter - ok
16:41:42.0031 0288 i2omgmt - ok
16:41:42.0078 0288 i2omp - ok
16:41:42.0125 0288 i8042prt (7edadcb7d0161a33ae3e00e163759c36) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:41:42.0125 0288 i8042prt - ok
16:41:42.0171 0288 iaStor (8ef427c54497c5f8a7a645990e4278c7) C:\WINDOWS\system32\DRIVERS\iaStor.sys
16:41:42.0171 0288 iaStor - ok
16:41:42.0218 0288 iastor78 (e5a0034847537eaee3c00349d5c34c5f) C:\WINDOWS\system32\drivers\iastor78.sys
16:41:42.0234 0288 iastor78 - ok
16:41:42.0312 0288 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Programas\Ficheiros comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe
16:41:42.0312 0288 IDriverT - ok
16:41:42.0421 0288 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:41:42.0437 0288 idsvc - ok
16:41:42.0484 0288 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:41:42.0484 0288 Imapi - ok
16:41:42.0531 0288 ImapiService (09a79502623dc662dda41aba7bb969c8) C:\WINDOWS\system32\imapi.exe
16:41:42.0546 0288 ImapiService - ok
16:41:42.0578 0288 ini910u - ok
16:41:42.0906 0288 IntcAzAudAddService (ed90e04f7a1e385e2ea956cad83f8070) C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:41:43.0062 0288 IntcAzAudAddService - ok
16:41:43.0140 0288 IntelIde - ok
16:41:43.0203 0288 intelppm (c5e9ce8183f978ad5a210fa36290f6b1) C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:41:43.0203 0288 intelppm - ok
16:41:43.0234 0288 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
16:41:43.0234 0288 Ip6Fw - ok
16:41:43.0296 0288 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:41:43.0296 0288 IpFilterDriver - ok
16:41:43.0312 0288 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:41:43.0312 0288 IpInIp - ok
16:41:43.0375 0288 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:41:43.0375 0288 IpNat - ok
16:41:43.0468 0288 iPod Service (ca9d4b998bff311a539604ed87318fa0) C:\Programas\iPod\bin\iPodService.exe
16:41:43.0484 0288 iPod Service - ok
16:41:43.0531 0288 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:41:43.0531 0288 IPSec - ok
16:41:43.0578 0288 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:41:43.0578 0288 IRENUM - ok
16:41:43.0609 0288 isapnp (fabff8a637ecc7fd67e4799403c0100e) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:41:43.0609 0288 isapnp - ok
16:41:43.0687 0288 ISWKL (d068bf274c6fc880e43d7b4a7740c451) C:\Programas\CheckPoint\ZAForceField\ISWKL.sys
16:41:43.0687 0288 ISWKL - ok
16:41:43.0703 0288 IswSvc - ok
16:41:43.0812 0288 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programas\Java\jre6\bin\jqs.exe
16:41:43.0812 0288 JavaQuickStarterService - ok
16:41:43.0843 0288 Kbdclass (bd70df1c21082c9115d9fbcb11d871eb) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:41:43.0843 0288 Kbdclass - ok
16:41:43.0890 0288 kbdhid (161fc0544a74e5701e5bbbef24f54f7d) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:41:43.0890 0288 kbdhid - ok
16:41:43.0937 0288 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:41:43.0937 0288 kmixer - ok
16:41:43.0968 0288 KSecDD (c6ebf1d6ad71df30db49b8d3287e1368) C:\WINDOWS\system32\drivers\KSecDD.sys
16:41:43.0968 0288 KSecDD - ok
16:41:44.0015 0288 LanmanServer (67e4e78d92dead66e19b33fd12bb7fc0) C:\WINDOWS\System32\srvsvc.dll
16:41:44.0015 0288 LanmanServer - ok
16:41:44.0046 0288 lanmanworkstation (fcb9d63707c937517916c43f42dee756) C:\WINDOWS\System32\wkssvc.dll
16:41:44.0062 0288 lanmanworkstation - ok
16:41:44.0078 0288 lbrtfdc - ok
16:41:44.0156 0288 LmHosts (31508575faabbc579456c72963cc1e98) C:\WINDOWS\System32\lmhsvc.dll
16:41:44.0156 0288 LmHosts - ok
16:41:44.0234 0288 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
16:41:44.0234 0288 McAfee SiteAdvisor Service - ok
16:41:44.0281 0288 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
16:41:44.0281 0288 mcdbus - ok
16:41:44.0312 0288 Messenger (6eafb27c9dfbffb635dfcd05ed5032a9) C:\WINDOWS\System32\msgsvc.dll
16:41:44.0312 0288 Messenger - ok
16:41:44.0359 0288 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Programas\Microsoft Office\Office12\GrooveAuditService.exe
16:41:44.0359 0288 Microsoft Office Groove Audit Service - ok
16:41:44.0390 0288 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:41:44.0390 0288 mnmdd - ok
16:41:44.0437 0288 mnmsrvc (357e2c154150018f7fa17a91102ef12e) C:\WINDOWS\system32\mnmsrvc.exe
16:41:44.0437 0288 mnmsrvc - ok
16:41:44.0500 0288 Modem (54c089cf7115bc80a3fecd11294b73f5) C:\WINDOWS\system32\drivers\Modem.sys
16:41:44.0500 0288 Modem - ok
16:41:44.0640 0288 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
16:41:44.0656 0288 Monfilt - ok
16:41:44.0703 0288 Mouclass (4722326253a4b2f51259535d11933193) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:41:44.0703 0288 Mouclass - ok
16:41:44.0718 0288 mouhid (ffb65f7837e634e2f5a4c4141479f019) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:41:44.0718 0288 mouhid - ok
16:41:44.0765 0288 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:41:44.0765 0288 MountMgr - ok
16:41:44.0843 0288 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Programas\Mozilla Maintenance Service\maintenanceservice.exe
16:41:44.0843 0288 MozillaMaintenance - ok
16:41:44.0843 0288 mraid35x - ok
16:41:44.0859 0288 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:41:44.0859 0288 MRxDAV - ok
16:41:44.0921 0288 MRxSmb (fb2fccc70f7174c7bf64f48e96d3adf4) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:41:44.0921 0288 MRxSmb - ok
16:41:44.0953 0288 MSDTC (9a50a0bb531726a7203958ff0f9848a5) C:\WINDOWS\system32\msdtc.exe
16:41:44.0953 0288 MSDTC - ok
16:41:44.0984 0288 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:41:44.0984 0288 Msfs - ok
16:41:44.0984 0288 MSIServer - ok
16:41:45.0015 0288 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:41:45.0015 0288 MSKSSRV - ok
16:41:45.0015 0288 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:41:45.0015 0288 MSPCLOCK - ok
16:41:45.0031 0288 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:41:45.0031 0288 MSPQM - ok
16:41:45.0062 0288 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:41:45.0062 0288 mssmbios - ok
16:41:45.0234 0288 MSTEE (d5059366b361f0e1124753447af08aa2) C:\WINDOWS\system32\drivers\MSTEE.sys
16:41:45.0234 0288 MSTEE - ok
16:41:45.0265 0288 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:41:45.0265 0288 Mup - ok
16:41:45.0296 0288 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:41:45.0296 0288 NABTSFEC - ok
16:41:45.0328 0288 napagent (ed84d5e22622e42d38264d7b93d7117a) C:\WINDOWS\System32\qagentrt.dll
16:41:45.0328 0288 napagent - ok
16:41:45.0421 0288 NBService (6d8fcdd5bb3b676ef58fa234073492c6) C:\Programas\Nero 7\Nero BackItUp\NBService.exe
16:41:45.0437 0288 NBService - ok
16:41:45.0484 0288 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:41:45.0484 0288 NDIS - ok
16:41:45.0500 0288 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:41:45.0500 0288 NdisIP - ok
16:41:45.0531 0288 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:41:45.0531 0288 NdisTapi - ok
16:41:45.0546 0288 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:41:45.0546 0288 Ndisuio - ok
16:41:45.0546 0288 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:41:45.0546 0288 NdisWan - ok
16:41:45.0578 0288 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:41:45.0578 0288 NDProxy - ok
16:41:45.0578 0288 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:41:45.0578 0288 NetBIOS - ok
16:41:45.0625 0288 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:41:45.0625 0288 NetBT - ok
16:41:45.0671 0288 NetDDE (2705538b00a34e930078ab426503ee1e) C:\WINDOWS\system32\netdde.exe
16:41:45.0671 0288 NetDDE - ok
16:41:45.0671 0288 NetDDEdsdm (2705538b00a34e930078ab426503ee1e) C:\WINDOWS\system32\netdde.exe
16:41:45.0671 0288 NetDDEdsdm - ok
16:41:45.0703 0288 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys
16:41:45.0703 0288 Netdevio - ok
16:41:45.0750 0288 Netlogon (3d52a3dc53dd0632850ab8aa91e4795e) C:\WINDOWS\system32\lsass.exe
16:41:45.0750 0288 Netlogon - ok
16:41:45.0765 0288 Netman (0dcbe421b636b919b6a328d2e7f711ed) C:\WINDOWS\System32\netman.dll
16:41:45.0781 0288 Netman - ok
16:41:45.0890 0288 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:41:45.0906 0288 NetTcpPortSharing - ok
16:41:45.0921 0288 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
16:41:45.0921 0288 NIC1394 - ok
16:41:45.0953 0288 Nla (d359a6b2609171fe948060c001c0f993) C:\WINDOWS\System32\mswsock.dll
16:41:45.0953 0288 Nla - ok
16:41:46.0140 0288 NMIndexingService (060daf68493ad7adf104413e5a62afa8) C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe
16:41:46.0140 0288 NMIndexingService - ok
16:41:46.0187 0288 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:41:46.0187 0288 Npfs - ok
16:41:46.0187 0288 npggsvc - ok
16:41:46.0218 0288 NSNDIS5 (53f7546e8daefb3a0813f5e19c4613c9) C:\WINDOWS\system32\NSNDIS5.SYS
16:41:46.0218 0288 NSNDIS5 - ok
16:41:46.0265 0288 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:41:46.0265 0288 Ntfs - ok
16:41:46.0312 0288 NtLmSsp (3d52a3dc53dd0632850ab8aa91e4795e) C:\WINDOWS\system32\lsass.exe
16:41:46.0312 0288 NtLmSsp - ok
16:41:46.0343 0288 NtmsSvc (65951fe353e4fdc3ab154c04c9deaed4) C:\WINDOWS\system32\ntmssvc.dll
16:41:46.0343 0288 NtmsSvc - ok
16:41:46.0375 0288 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:41:46.0375 0288 Null - ok
16:41:46.0406 0288 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:41:46.0406 0288 NwlnkFlt - ok
16:41:46.0406 0288 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:41:46.0406 0288 NwlnkFwd - ok
16:41:46.0546 0288 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Programas\Ficheiros comuns\Microsoft Shared\OFFICE12\ODSERV.EXE
16:41:46.0546 0288 odserv - ok
16:41:46.0593 0288 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
16:41:46.0593 0288 ohci1394 - ok
16:41:46.0640 0288 ose (5a432a042dae460abe7199b758e8606c) C:\Programas\Ficheiros comuns\Microsoft Shared\Source Engine\OSE.EXE
16:41:46.0640 0288 ose - ok
16:41:46.0703 0288 Parport (5ba9e672fc3fcb436a92b0646dd37625) C:\WINDOWS\system32\drivers\Parport.sys
16:41:46.0703 0288 Parport - ok
16:41:46.0703 0288 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:41:46.0703 0288 PartMgr - ok
16:41:46.0734 0288 ParVdm (5be4416a102731c5271badd028608452) C:\WINDOWS\system32\drivers\ParVdm.sys
16:41:46.0734 0288 ParVdm - ok
16:41:46.0765 0288 PCI (b772ba8c5f3dfcbfc062fc52313086a6) C:\WINDOWS\system32\DRIVERS\pci.sys
16:41:46.0765 0288 PCI - ok
16:41:46.0765 0288 PCIDump - ok
16:41:46.0796 0288 PCIIde (935346d9049480ba68e31a41ec92627b) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:41:46.0812 0288 PCIIde - ok
16:41:46.0812 0288 Pcmcia (ba058da99ae2f815d3df74009b6d50a8) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
16:41:46.0812 0288 Pcmcia - ok
16:41:46.0812 0288 PDCOMP - ok
16:41:46.0828 0288 PDFRAME - ok
16:41:46.0828 0288 PDRELI - ok
16:41:46.0828 0288 PDRFRAME - ok
16:41:46.0828 0288 perc2 - ok
16:41:46.0828 0288 perc2hib - ok
16:41:46.0875 0288 PlugPlay (a172613468c7d1f8994f5863cd4a7fbf) C:\WINDOWS\system32\services.exe
16:41:46.0875 0288 PlugPlay - ok
16:41:46.0906 0288 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\WINDOWS\system32\PnkBstrA.exe
16:41:46.0906 0288 PnkBstrA - ok
16:41:46.0953 0288 PolicyAgent (3d52a3dc53dd0632850ab8aa91e4795e) C:\WINDOWS\system32\lsass.exe
16:41:46.0953 0288 PolicyAgent - ok
16:41:47.0000 0288 Poweroff (d7c961725dbb24010e4549c98acb7b42) C:\WINDOWS\system32\poweroff.exe
16:41:47.0015 0288 Poweroff - ok
16:41:47.0046 0288 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:41:47.0046 0288 PptpMiniport - ok
16:41:47.0046 0288 ProtectedStorage (3d52a3dc53dd0632850ab8aa91e4795e) C:\WINDOWS\system32\lsass.exe
16:41:47.0062 0288 ProtectedStorage - ok
16:41:47.0062 0288 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
16:41:47.0062 0288 PSched - ok
16:41:47.0078 0288 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:41:47.0078 0288 Ptilink - ok
16:41:47.0078 0288 ql1080 - ok
16:41:47.0078 0288 Ql10wnt - ok
16:41:47.0093 0288 ql12160 - ok
16:41:47.0093 0288 ql1240 - ok
16:41:47.0093 0288 ql1280 - ok
16:41:47.0125 0288 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:41:47.0125 0288 RasAcd - ok
16:41:47.0140 0288 RasAuto (7a77a689e9cc896a726c6db3c50340ff) C:\WINDOWS\System32\rasauto.dll
16:41:47.0140 0288 RasAuto - ok
16:41:47.0171 0288 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:41:47.0171 0288 Rasl2tp - ok
16:41:47.0187 0288 RasMan (bade9b31d071df2321fabc213524fcde) C:\WINDOWS\System32\rasmans.dll
16:41:47.0203 0288 RasMan - ok
16:41:47.0203 0288 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:41:47.0203 0288 RasPppoe - ok
16:41:47.0203 0288 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:41:47.0203 0288 Raspti - ok
16:41:47.0234 0288 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:41:47.0234 0288 Rdbss - ok
16:41:47.0234 0288 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:41:47.0234 0288 RDPCDD - ok
16:41:47.0281 0288 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:41:47.0296 0288 rdpdr - ok
16:41:47.0328 0288 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
16:41:47.0328 0288 RDPWD - ok
16:41:47.0359 0288 RDSessMgr (96cdee3b99b7dafe76f17afc9fd7924d) C:\WINDOWS\system32\sessmgr.exe
16:41:47.0359 0288 RDSessMgr - ok
16:41:47.0375 0288 redbook (b169d51385049145a8ddb1a87ab5f7bf) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:41:47.0375 0288 redbook - ok
16:41:47.0406 0288 RemoteAccess (52f04fd9aa690583ba1bc3a91058cc9b) C:\WINDOWS\System32\mprdim.dll
16:41:47.0406 0288 RemoteAccess - ok
16:41:47.0437 0288 RemoteRegistry (45aedf4724d76ca5a31b6435993b524e) C:\WINDOWS\system32\regsvc.dll
16:41:47.0437 0288 RemoteRegistry - ok
16:41:47.0468 0288 RpcLocator (59b58d88ae64beebdda9187157e0e1a9) C:\WINDOWS\system32\locator.exe
16:41:47.0468 0288 RpcLocator - ok
16:41:47.0500 0288 RpcSs (7b2e470e17b66c5d89a83c4ef9372459) C:\WINDOWS\system32\rpcss.dll
16:41:47.0515 0288 RpcSs - ok
16:41:47.0546 0288 RSVP (09405a46f4bd1d19074c71841da1159e) C:\WINDOWS\system32\rsvp.exe
16:41:47.0546 0288 RSVP - ok
16:41:47.0578 0288 RTLE8023xp (bb0ae2171f08129f4f3ff9df20ffbf89) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
16:41:47.0593 0288 RTLE8023xp - ok
16:41:47.0625 0288 SamSs (3d52a3dc53dd0632850ab8aa91e4795e) C:\WINDOWS\system32\lsass.exe
16:41:47.0625 0288 SamSs - ok
16:41:47.0656 0288 SCardSvr (c6460ba8ddad1448edb481a917d48790) C:\WINDOWS\System32\SCardSvr.exe
16:41:47.0671 0288 SCardSvr - ok
16:41:47.0734 0288 Schedule (c56b873acf6a32cefa247131a2ab3d27) C:\WINDOWS\system32\schedsvc.dll
16:41:47.0734 0288 Schedule - ok
16:41:47.0765 0288 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
16:41:47.0765 0288 sdbus - ok
16:41:47.0812 0288 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:41:47.0812 0288 Secdrv - ok
16:41:47.0828 0288 seclogon (133c8e3c8b48e6453361075c40162d55) C:\WINDOWS\System32\seclogon.dll
16:41:47.0828 0288 seclogon - ok
16:41:47.0828 0288 SENS (33b58188b657448af3eaeb4c49c6e0a9) C:\WINDOWS\system32\sens.dll
16:41:47.0843 0288 SENS - ok
16:41:47.0859 0288 Serial (d801b66244d750792ec2b74c0e8bc183) C:\WINDOWS\system32\drivers\Serial.sys
16:41:47.0859 0288 Serial - ok
16:41:47.0890 0288 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:41:47.0890 0288 Sfloppy - ok
16:41:47.0953 0288 SharedAccess (3778b0689541ab8d49fbfe43b9c24a44) C:\WINDOWS\System32\ipnathlp.dll
16:41:47.0953 0288 SharedAccess - ok
16:41:47.0984 0288 ShellHWDetection (6b94443222a399dfb2721eaf9238644c) C:\WINDOWS\System32\shsvcs.dll
16:41:47.0984 0288 ShellHWDetection - ok
16:41:48.0000 0288 Simbad - ok
16:41:48.0031 0288 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:41:48.0031 0288 SLIP - ok
16:41:48.0031 0288 Sparrow - ok
16:41:48.0062 0288 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:41:48.0062 0288 splitter - ok
16:41:48.0109 0288 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
16:41:48.0109 0288 Spooler - ok
16:41:48.0187 0288 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
16:41:48.0187 0288 sptd - ok
16:41:48.0218 0288 sr (6593326ac89da535228e046a859dbe06) C:\WINDOWS\system32\DRIVERS\sr.sys
16:41:48.0218 0288 sr - ok
16:41:48.0234 0288 srservice (6126a4ffc49d210fb3f3a16e67a62ecb) C:\WINDOWS\system32\srsvc.dll
16:41:48.0250 0288 srservice - ok
16:41:48.0296 0288 Srv (9b390283569ea58d43d2586032b892f5) C:\WINDOWS\system32\DRIVERS\srv.sys
16:41:48.0296 0288 Srv - ok
16:41:48.0312 0288 SSDPSRV (f03cc354fcdd783bd24cb5c195890503) C:\WINDOWS\System32\ssdpsrv.dll
16:41:48.0312 0288 SSDPSRV - ok
16:41:48.0390 0288 StarWindServiceAE (b1691af4a072cb674d600db16dd7308e) C:\Programas\Alcohol 120\StarWind\StarWindServiceAE.exe
16:41:48.0390 0288 StarWindServiceAE - ok
16:41:48.0437 0288 stisvc (fbf66128f9035a746a3dc050707e1e8e) C:\WINDOWS\system32\wiaservc.dll
16:41:48.0453 0288 stisvc - ok
16:41:48.0468 0288 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:41:48.0468 0288 streamip - ok
16:41:48.0500 0288 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:41:48.0500 0288 swenum - ok
16:41:48.0531 0288 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:41:48.0531 0288 swmidi - ok
16:41:48.0531 0288 SwPrv - ok
16:41:48.0531 0288 symc810 - ok
16:41:48.0531 0288 symc8xx - ok
16:41:48.0546 0288 sym_hi - ok
16:41:48.0546 0288 sym_u3 - ok
16:41:48.0656 0288 SynTP (d302eb76f9df62191c9c32c30fbd1b0a) C:\WINDOWS\system32\DRIVERS\SynTP.sys
16:41:48.0656 0288 SynTP - ok
16:41:48.0687 0288 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:41:48.0687 0288 sysaudio - ok
16:41:48.0703 0288 SysmonLog (b9c629f089e963326e529e3002b173c7) C:\WINDOWS\system32\smlogsvc.exe
16:41:48.0718 0288 SysmonLog - ok
16:41:48.0765 0288 tap0901t (b7aee68d2e867cbf69b649b18fcedbbb) C:\WINDOWS\system32\DRIVERS\tap0901t.sys
16:41:48.0765 0288 tap0901t - ok
16:41:48.0812 0288 TapiSrv (aed404e1a121daa9c5021820448ff8a1) C:\WINDOWS\System32\tapisrv.dll
16:41:48.0828 0288 TapiSrv - ok
16:41:48.0875 0288 Tcpip (ad978a1b783b5719720cff204b666c8e) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:41:48.0875 0288 Tcpip - ok
16:41:48.0906 0288 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:41:48.0906 0288 TDPIPE - ok
16:41:48.0937 0288 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:41:48.0937 0288 TDTCP - ok
16:41:48.0984 0288 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:41:48.0984 0288 TermDD - ok
16:41:49.0015 0288 TermService (8dba00dc2b689405f54925807affb55c) C:\WINDOWS\System32\termsrv.dll
16:41:49.0015 0288 TermService - ok
16:41:49.0062 0288 Themes (6b94443222a399dfb2721eaf9238644c) C:\WINDOWS\System32\shsvcs.dll
16:41:49.0062 0288 Themes - ok
16:41:49.0109 0288 tifm21 (78213f01ce781f93180bef5eb5b3ad81) C:\WINDOWS\system32\drivers\tifm21.sys
16:41:49.0109 0288 tifm21 - ok
16:41:49.0140 0288 TlntSvr (b08b149b1930e66f995c027240537c00) C:\WINDOWS\system32\tlntsvr.exe
16:41:49.0140 0288 TlntSvr - ok
16:41:49.0140 0288 TosIde - ok
16:41:49.0140 0288 Tosrfcom - ok
16:41:49.0187 0288 TPwSav (9ffffb4c5b06c7b75e8159f1106006ac) C:\WINDOWS\system32\drivers\TPwSav.sys
16:41:49.0187 0288 TPwSav - ok
16:41:49.0203 0288 TrkWks (b5d65eef23add0828ceef4677a9b16ec) C:\WINDOWS\system32\trkwks.dll
16:41:49.0203 0288 TrkWks - ok
16:41:49.0390 0288 TunngleService (f8302e3e534af5e3f2588a974bea80df) C:\Programas\Tunngle\TnglCtrl.exe
16:41:49.0390 0288 TunngleService - ok
16:41:49.0437 0288 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:41:49.0437 0288 Udfs - ok
16:41:49.0437 0288 ultra - ok
16:41:49.0484 0288 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:41:49.0484 0288 Update - ok
16:41:49.0515 0288 upnphost (4b020a39f52bd8df6c3f133a4d1c7200) C:\WINDOWS\System32\upnphost.dll
16:41:49.0515 0288 upnphost - ok
16:41:49.0546 0288 UPS (9ed6eae705b2a0c8fc3e8a5813ca5874) C:\WINDOWS\System32\ups.exe
16:41:49.0546 0288 UPS - ok
16:41:49.0593 0288 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
16:41:49.0593 0288 USBAAPL - ok
16:41:49.0625 0288 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:41:49.0625 0288 usbccgp - ok
16:41:49.0656 0288 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:41:49.0656 0288 usbehci - ok
16:41:49.0703 0288 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:41:49.0703 0288 usbhub - ok
16:41:49.0734 0288 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:41:49.0734 0288 USBSTOR - ok
16:41:49.0750 0288 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:41:49.0750 0288 usbuhci - ok
16:41:49.0765 0288 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
16:41:49.0765 0288 usbvideo - ok
16:41:49.0828 0288 UserAccess7 (2cdea42b09dc5b3705f06939adbd2fe4) C:\WINDOWS\system32\UAService7.exe
16:41:49.0843 0288 UserAccess7 - ok
16:41:49.0875 0288 UVCFTR (3b929a72aaea96dc0150d3a6da268c89) C:\WINDOWS\system32\Drivers\UVCFTR_S.SYS
16:41:49.0875 0288 UVCFTR - ok
16:41:49.0906 0288 VClone (fce98c43b5c5db8e0da8ea0e2b45e044) C:\WINDOWS\system32\DRIVERS\VClone.sys
16:41:49.0906 0288 VClone - ok
16:41:49.0937 0288 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:41:49.0937 0288 VgaSave - ok
16:41:49.0937 0288 ViaIde - ok
16:41:49.0953 0288 VolSnap (a2e5b9b25d77af18be1ece69f15f436c) C:\WINDOWS\system32\drivers\VolSnap.sys
16:41:49.0953 0288 VolSnap - ok
16:41:50.0015 0288 Vsdatant (265c7cb9611e8ce0e9115cda45f109b2) C:\WINDOWS\system32\vsdatant.sys
16:41:50.0015 0288 Vsdatant - ok
16:41:50.0062 0288 vsmon - ok
16:41:50.0078 0288 VSS (4c4b9aec4f318331d42062fec7cee8d7) C:\WINDOWS\System32\vssvc.exe
16:41:50.0078 0288 VSS - ok
16:41:50.0109 0288 W32Time (1501fdb2f136c33ee982c6635fac338d) C:\WINDOWS\system32\w32time.dll
16:41:50.0109 0288 W32Time - ok
16:41:50.0140 0288 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:41:50.0140 0288 Wanarp - ok
16:41:50.0171 0288 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
16:41:50.0187 0288 Wdf01000 - ok
16:41:50.0187 0288 WDICA - ok
16:41:50.0218 0288 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:41:50.0218 0288 wdmaud - ok
16:41:50.0234 0288 WebClient (313f8fb0dd7f7970353e78080b42fddf) C:\WINDOWS\System32\webclnt.dll
16:41:50.0234 0288 WebClient - ok
16:41:50.0296 0288 winmgmt (0f0b6935acd5248374313e0a5b21f2ed) C:\WINDOWS\system32\wbem\WMIsvc.dll
16:41:50.0296 0288 winmgmt - ok
16:41:50.0437 0288 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:41:50.0453 0288 wlidsvc - ok
16:41:50.0546 0288 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\mspmsnsv.dll
16:41:50.0546 0288 WmdmPmSN - ok
16:41:50.0593 0288 Wmi (b8eb171103e691caccc79405b7e97001) C:\WINDOWS\System32\advapi32.dll
16:41:50.0609 0288 Wmi - ok
16:41:50.0671 0288 WmiApSrv (214d7316e4853fa0337573a06220e89d) C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:41:50.0671 0288 WmiApSrv - ok
16:41:50.0843 0288 WMPNetworkSvc (c12d2a4923a1370a99a8fe4e79d40420) C:\Programas\Windows Media Player\WMPNetwk.exe
16:41:50.0859 0288 WMPNetworkSvc - ok
16:41:51.0015 0288 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:41:51.0015 0288 WPFFontCache_v0400 - ok
16:41:51.0109 0288 wscsvc (14e2f2872c0e32a517aff218de28c16d) C:\WINDOWS\system32\wscsvc.dll
16:41:51.0109 0288 wscsvc - ok
16:41:51.0125 0288 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:41:51.0125 0288 WSTCODEC - ok
16:41:51.0156 0288 wuauserv (8c54a36db7a4ec23927f454030364b35) C:\WINDOWS\system32\wuauserv.dll
16:41:51.0156 0288 wuauserv - ok
16:41:51.0171 0288 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:41:51.0171 0288 WudfPf - ok
16:41:51.0203 0288 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:41:51.0203 0288 WudfRd - ok
16:41:51.0218 0288 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
16:41:51.0250 0288 WudfSvc - ok
16:41:51.0281 0288 WZCSVC (ecd109240759d19315d004221bcf09f3) C:\WINDOWS\System32\wzcsvc.dll
16:41:51.0281 0288 WZCSVC - ok
16:41:51.0312 0288 xmlprov (d3335a028c9a736fee0c6b87c54ad47b) C:\WINDOWS\System32\xmlprov.dll
16:41:51.0406 0288 xmlprov - ok
16:41:51.0437 0288 ZTEusbmdm6k (1d4eb2e5fc4276cd5e9b862d349f68bd) C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
16:41:51.0437 0288 ZTEusbmdm6k - ok
16:41:51.0453 0288 ZTEusbnmea (1d4eb2e5fc4276cd5e9b862d349f68bd) C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
16:41:51.0453 0288 ZTEusbnmea - ok
16:41:51.0468 0288 ZTEusbser6k (1d4eb2e5fc4276cd5e9b862d349f68bd) C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
16:41:51.0468 0288 ZTEusbser6k - ok
16:41:51.0500 0288 MBR (0x1B8) (da78e083d0717e99af44eda1bb65f878) \Device\Harddisk0\DR0
16:41:52.0859 0288 \Device\Harddisk0\DR0 - ok
16:41:52.0859 0288 Boot (0x1200) (06afbb26aa536cf5a88a22b0830d9344) \Device\Harddisk0\DR0\Partition0
16:41:52.0859 0288 \Device\Harddisk0\DR0\Partition0 - ok
16:41:52.0921 0288 Boot (0x1200) (fc3de9353f7fbbab78202c1b46380fe1) \Device\Harddisk0\DR0\Partition1
16:41:52.0921 0288 \Device\Harddisk0\DR0\Partition1 - ok
16:41:52.0937 0288 Boot (0x1200) (f41517cd51f1c89a7b425a93f420ad19) \Device\Harddisk0\DR0\Partition2
16:41:52.0937 0288 \Device\Harddisk0\DR0\Partition2 - ok
16:41:52.0937 0288 ============================================================
16:41:52.0937 0288 Scan finished
16:41:52.0937 0288 ============================================================
16:41:52.0937 0292 Detected object count: 1
16:41:52.0937 0292 Actual detected object count: 1
16:42:15.0203 0292 c:\programas\ficheiros comuns\akamai/netsession_win_80c2ffa.dll - copied to quarantine
16:42:15.0203 0292 Akamai ( HiddenFile.Multi.Generic ) - User select action: Quarantine
16:43:14.0953 0676 Deinitialize success


(for some reason the upload file is not around when im in safe mode

#9 vtiger5

vtiger5
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:02 PM

Posted 02 July 2012 - 11:00 AM

The second one has just completed here it is:





aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-02 16:42:28
-----------------------------
16:42:28.687 OS Version: Windows 5.1.2600 Service Pack 3
16:42:28.687 Number of processors: 2 586 0xF0D
16:42:28.687 ComputerName: TOSHIBA UserName: Kmatias
16:42:29.859 Initialize success
16:42:31.015 AVAST engine defs: 12062800
16:42:49.812 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
16:42:49.828 Disk 0 Vendor: TOSHIBA_ LV01 Size: 305245MB BusType: 3
16:42:49.875 Disk 0 MBR read successfully
16:42:49.890 Disk 0 MBR scan
16:42:50.421 Disk 0 Windows XP default MBR code
16:42:50.453 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
16:42:51.171 Disk 0 Partition - 00 0F Extended LBA 102610 MB offset 3084480
16:42:51.203 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100000 MB offset 213243904
16:42:51.515 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 101122 MB offset 418043904
16:42:51.593 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 102610 MB offset 3084543
16:42:51.625 Disk 0 scanning sectors +625141760
16:42:52.046 Disk 0 scanning C:\WINDOWS\system32\drivers
16:43:08.015 Service scanning
16:43:31.109 Modules scanning
16:43:50.703 Disk 0 trace - called modules:
16:43:50.734 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
16:43:50.734 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a578030]
16:43:50.734 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\0000008b[0x89fb9f18]
16:43:50.734 5 ACPI.sys[f74a2620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8a592028]
16:43:51.515 AVAST engine scan C:\WINDOWS
16:43:57.406 AVAST engine scan C:\WINDOWS\system32
16:46:43.453 AVAST engine scan C:\WINDOWS\system32\drivers
16:46:56.859 AVAST engine scan C:\Documents and Settings\Kmatias
16:51:05.390 File: C:\Documents and Settings\Kmatias\Ambiente de trabalho\Set_Up_32_64_Bit.exe **INFECTED** Win32:Malware-gen
16:56:35.375 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Kmatias\Ambiente de trabalho\MBR.dat"
16:56:35.375 The log file has been saved successfully to "C:\Documents and Settings\Kmatias\Ambiente de trabalho\aswMBR.txt"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:02 PM

Posted 02 July 2012 - 11:43 AM

ESET log :thumbup2:

#11 vtiger5

vtiger5
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:02 PM

Posted 02 July 2012 - 12:35 PM

and finnaly here is the ESET log :

C:\Programas\Acelerador de Downloads\babylon.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined

i think it was the C:\Documents and Settings\Kmatias\Ambiente de trabalho\Set_Up_32_64_Bit.exe
file, but if aswMBR cleaned it their should be no problem

EDIT: whenever i start my system normally i get the blue screen saying

Bad_Pool_caller

Technical Info

*** STOP:0x000000C2 (0x00000007, 0x00000CD4, 0x00000000, 0xE350CC00)

Edited by vtiger5, 02 July 2012 - 12:50 PM.


#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:02 PM

Posted 02 July 2012 - 09:05 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users