Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AVG doesn't work because of a malware


  • Please log in to reply
6 replies to this topic

#1 thunder071

thunder071

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 05 July 2012 - 04:03 AM

Hello,

Yesterday AVG found a virus in my computer and it said removed succesfully but after the reboot AVG antivirus doesn't work anymore. Also Windows Update seems to be disabled. I already tried Superantispyware which keeps finding a trojan and Malwarebytes' Antimalware.

I need help to resolve this problem.

Thank you

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:37 AM

Posted 05 July 2012 - 04:44 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 thunder071

thunder071
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 05 July 2012 - 09:59 AM

Hey thanks for the help. I think tdsskiller solved my problem. I had already tried avas before the thread but was unable to start a scan. I'm not sure if u still wants logs but here they are :).

:10:04.0156 5112 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
14:10:04.0453 5112 ============================================================
14:10:04.0453 5112 Current date / time: 2012/07/05 14:10:04.0453
14:10:04.0453 5112 SystemInfo:
14:10:04.0453 5112
14:10:04.0453 5112 OS Version: 5.1.2600 ServicePack: 3.0
14:10:04.0453 5112 Product type: Workstation
14:10:04.0453 5112 ComputerName: DOGAN
14:10:04.0453 5112 UserName: doğan
14:10:04.0453 5112 Windows directory: C:\WINDOWS
14:10:04.0453 5112 System windows directory: C:\WINDOWS
14:10:04.0453 5112 Processor architecture: Intel x86
14:10:04.0453 5112 Number of processors: 4
14:10:04.0453 5112 Page size: 0x1000
14:10:04.0453 5112 Boot type: Normal boot
14:10:04.0453 5112 ============================================================
14:10:15.0234 5112 !crdlk
14:10:15.0546 5112 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
14:10:15.0546 5112 ============================================================
14:10:15.0546 5112 \Device\Harddisk0\DR0:
14:10:15.0546 5112 MBR partitions:
14:10:15.0546 5112 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x926F997
14:10:15.0546 5112 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x926F9D6, BlocksNum 0x139DC886
14:10:15.0578 5112 ============================================================
14:10:15.0625 5112 D: <-> \Device\Harddisk0\DR0\Partition1
14:10:15.0656 5112 C: <-> \Device\Harddisk0\DR0\Partition0
14:10:15.0656 5112 ============================================================
14:10:15.0656 5112 Initialize success
14:10:15.0656 5112 ============================================================
14:10:25.0218 3964 ============================================================
14:10:25.0218 3964 Scan started
14:10:25.0218 3964 Mode: Manual;
14:10:25.0218 3964 ============================================================
14:10:25.0468 3964 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
14:10:25.0468 3964 !SASCORE - ok
14:10:25.0562 3964 Abiosdsk - ok
14:10:25.0578 3964 abp480n5 - ok
14:10:25.0625 3964 ACPI (bb0cf9772aae5c5f9c8efa6abcb46ce7) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:10:25.0625 3964 ACPI - ok
14:10:25.0671 3964 ACPIEC (5d82ecc8b8f9f230dc88f7a68781b306) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:10:25.0671 3964 ACPIEC - ok
14:10:25.0687 3964 adpu160m - ok
14:10:25.0734 3964 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:10:25.0734 3964 aec - ok
14:10:25.0781 3964 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:10:25.0781 3964 AFD - ok
14:10:25.0796 3964 Aha154x - ok
14:10:25.0812 3964 aic78u2 - ok
14:10:25.0812 3964 aic78xx - ok
14:10:25.0843 3964 Alerter (d0e6300e552368337ae47a78283efa17) C:\WINDOWS\system32\alrsvc.dll
14:10:25.0859 3964 Alerter - ok
14:10:25.0875 3964 ALG (d5e9ed7e9023e83058fd01945c289269) C:\WINDOWS\System32\alg.exe
14:10:25.0875 3964 ALG - ok
14:10:25.0890 3964 AliIde - ok
14:10:26.0015 3964 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
14:10:26.0031 3964 Ambfilt - ok
14:10:26.0078 3964 amsint - ok
14:10:26.0109 3964 AppMgmt - ok
14:10:26.0125 3964 asc - ok
14:10:26.0140 3964 asc3350p - ok
14:10:26.0156 3964 asc3550 - ok
14:10:26.0156 3964 asmthub3 - ok
14:10:26.0171 3964 asmtxhci - ok
14:10:26.0281 3964 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:10:26.0281 3964 aspnet_state - ok
14:10:26.0328 3964 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:10:26.0328 3964 AsyncMac - ok
14:10:26.0343 3964 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:10:26.0359 3964 atapi - ok
14:10:26.0359 3964 Atdisk - ok
14:10:26.0437 3964 Ati HotKey Poller (192a651df943ee391dfd2e4a123f07f6) C:\WINDOWS\system32\Ati2evxx.exe
14:10:26.0453 3964 Ati HotKey Poller - ok
14:10:26.0796 3964 ati2mtag (0a8b257db810be78ac9fd1860b4ba22b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
14:10:26.0937 3964 ati2mtag - ok
14:10:27.0093 3964 AtiHDAudioService (de4a84289722705231013745c1e15829) C:\WINDOWS\system32\drivers\AtihdXP3.sys
14:10:27.0093 3964 AtiHDAudioService - ok
14:10:27.0156 3964 atksgt (70f72c50d39f5afa76c17f86223a7c4f) C:\WINDOWS\system32\DRIVERS\atksgt.sys
14:10:27.0171 3964 atksgt - ok
14:10:27.0203 3964 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:10:27.0203 3964 Atmarpc - ok
14:10:27.0250 3964 AudioSrv (95e8ecde1014e41c2962c9311a53b433) C:\WINDOWS\System32\audiosrv.dll
14:10:27.0250 3964 AudioSrv - ok
14:10:27.0281 3964 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:10:27.0281 3964 audstub - ok
14:10:27.0906 3964 AVGIDSAgent (55893fff154ffd7c29919d2b9218210c) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
14:10:28.0281 3964 AVGIDSAgent - ok
14:10:28.0421 3964 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
14:10:28.0421 3964 AVGIDSDriver - ok
14:10:28.0500 3964 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
14:10:28.0500 3964 AVGIDSFilter - ok
14:10:28.0546 3964 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\WINDOWS\system32\DRIVERS\avgidshx.sys
14:10:28.0546 3964 AVGIDSHX - ok
14:10:28.0578 3964 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
14:10:28.0593 3964 AVGIDSShim - ok
14:10:28.0625 3964 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
14:10:28.0625 3964 Avgldx86 - ok
14:10:28.0640 3964 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
14:10:28.0640 3964 Avgmfx86 - ok
14:10:28.0671 3964 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
14:10:28.0687 3964 Avgrkx86 - ok
14:10:28.0718 3964 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
14:10:28.0718 3964 Avgtdix - ok
14:10:28.0843 3964 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
14:10:28.0843 3964 avgwd - ok
14:10:28.0859 3964 Suspicious service (NoAccess): b7d8abe61239507d
14:10:28.0921 3964 b7d8abe61239507d ( LockedService.Multi.Generic ) - warning
14:10:28.0921 3964 b7d8abe61239507d - detected LockedService.Multi.Generic (1)
14:10:28.0968 3964 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:10:28.0968 3964 Beep - ok
14:10:29.0015 3964 BITS (175e298e7a00cea36b24357ce5cac97a) C:\WINDOWS\system32\qmgr.dll
14:10:29.0078 3964 BITS - ok
14:10:29.0125 3964 Browser (3ecdade496908b77ad077b3d9e4c30d9) C:\WINDOWS\System32\browser.dll
14:10:29.0125 3964 Browser - ok
14:10:29.0140 3964 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:10:29.0140 3964 cbidf2k - ok
14:10:29.0156 3964 cd20xrnt - ok
14:10:29.0187 3964 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:10:29.0187 3964 Cdaudio - ok
14:10:29.0234 3964 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:10:29.0250 3964 Cdfs - ok
14:10:29.0375 3964 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:10:29.0390 3964 Cdrom - ok
14:10:29.0421 3964 Changer - ok
14:10:29.0531 3964 CiSvc (3a0cef7ef1f760d9b14ddc64f3adc674) C:\WINDOWS\system32\cisvc.exe
14:10:29.0531 3964 CiSvc - ok
14:10:29.0578 3964 ClipSrv (32e967728a2fbb1ca8f8b81c8e14ae02) C:\WINDOWS\system32\clipsrv.exe
14:10:29.0578 3964 ClipSrv - ok
14:10:29.0703 3964 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:10:29.0703 3964 clr_optimization_v2.0.50727_32 - ok
14:10:29.0718 3964 CmdIde - ok
14:10:29.0734 3964 COMSysApp - ok
14:10:29.0750 3964 Cpqarray - ok
14:10:29.0796 3964 CryptSvc (f23f008a3fc0231f238f932e96781860) C:\WINDOWS\System32\cryptsvc.dll
14:10:29.0796 3964 CryptSvc - ok
14:10:29.0812 3964 dac2w2k - ok
14:10:29.0828 3964 dac960nt - ok
14:10:29.0875 3964 DcomLaunch (49ca71b047c7e3d84d7004b96a93ab28) C:\WINDOWS\system32\rpcss.dll
14:10:29.0890 3964 DcomLaunch - ok
14:10:29.0937 3964 Dhcp (e2232c5f049655931b9291bf2d9ed934) C:\WINDOWS\System32\dhcpcsvc.dll
14:10:29.0937 3964 Dhcp - ok
14:10:29.0984 3964 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:10:29.0984 3964 Disk - ok
14:10:29.0984 3964 dmadmin - ok
14:10:30.0078 3964 dmboot (75c73e044ac4b29b943153aadb0d7401) C:\WINDOWS\system32\drivers\dmboot.sys
14:10:30.0093 3964 dmboot - ok
14:10:30.0109 3964 dmio (66bf7ba8c0734c0dab744833ec40f34d) C:\WINDOWS\system32\drivers\dmio.sys
14:10:30.0109 3964 dmio - ok
14:10:30.0125 3964 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:10:30.0125 3964 dmload - ok
14:10:30.0156 3964 dmserver (7785d95ae8aca7619b838ac296d94fea) C:\WINDOWS\System32\dmserver.dll
14:10:30.0156 3964 dmserver - ok
14:10:30.0218 3964 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:10:30.0218 3964 DMusic - ok
14:10:30.0265 3964 Dnscache (e4f691837443858ef4cdb7b1305aa9b1) C:\WINDOWS\System32\dnsrslvr.dll
14:10:30.0265 3964 Dnscache - ok
14:10:30.0328 3964 Dot3svc (1d71549003ddc7e2088184013052718e) C:\WINDOWS\System32\dot3svc.dll
14:10:30.0328 3964 Dot3svc - ok
14:10:30.0343 3964 dpti2o - ok
14:10:30.0390 3964 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:10:30.0390 3964 drmkaud - ok
14:10:30.0468 3964 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
14:10:30.0468 3964 dtsoftbus01 - ok
14:10:30.0500 3964 EapHost (b94e2a6bd22c5531675d3420f3554fd2) C:\WINDOWS\System32\eapsvc.dll
14:10:30.0500 3964 EapHost - ok
14:10:30.0546 3964 ERSvc (f793f397c6214a74ba5eef98f5e9510c) C:\WINDOWS\System32\ersvc.dll
14:10:30.0546 3964 ERSvc - ok
14:10:30.0593 3964 Eventlog (782ee83d0f77f497ecf0a07da1c3589f) C:\WINDOWS\system32\services.exe
14:10:30.0609 3964 Eventlog - ok
14:10:30.0640 3964 EventSystem (49ec8fce84f0d35d99f405fdd7a69cef) C:\WINDOWS\system32\es.dll
14:10:30.0640 3964 EventSystem - ok
14:10:30.0765 3964 ExpatSrv (2cfea9c337b699aca38487e8a7438f35) C:\Program Files\Expat Shield\HssWPR\hsssrv.exe
14:10:30.0765 3964 ExpatSrv - ok
14:10:30.0781 3964 ExpatWd - ok
14:10:30.0812 3964 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:10:30.0812 3964 Fastfat - ok
14:10:30.0875 3964 FastUserSwitchingCompatibility (8e189f5394f9fd792ef0751a9ef4bea3) C:\WINDOWS\System32\shsvcs.dll
14:10:30.0875 3964 FastUserSwitchingCompatibility - ok
14:10:30.0921 3964 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
14:10:30.0921 3964 Fdc - ok
14:10:30.0937 3964 Fips (f0003ec4c35590ab6b6eaf8dc10a93ba) C:\WINDOWS\system32\drivers\Fips.sys
14:10:30.0937 3964 Fips - ok
14:10:30.0968 3964 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:10:30.0968 3964 Flpydisk - ok
14:10:31.0000 3964 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:10:31.0000 3964 FltMgr - ok
14:10:31.0109 3964 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:10:31.0109 3964 FontCache3.0.0.0 - ok
14:10:31.0140 3964 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:10:31.0140 3964 Fs_Rec - ok
14:10:31.0171 3964 Ftdisk (97a671403a4554556859812b4d7ccac4) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:10:31.0171 3964 Ftdisk - ok
14:10:31.0187 3964 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:10:31.0187 3964 Gpc - ok
14:10:31.0234 3964 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
14:10:31.0234 3964 hamachi - ok
14:10:31.0375 3964 Hamachi2Svc (f31d7f8a7699575dbb3b3a3ab4aa6216) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
14:10:31.0390 3964 Hamachi2Svc - ok
14:10:31.0421 3964 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:10:31.0421 3964 HDAudBus - ok
14:10:31.0484 3964 helpsvc (38583f49862c1cd95f5f0430898744b2) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:10:31.0484 3964 helpsvc - ok
14:10:31.0515 3964 HidServ (76e19dc866f2aff41812cf3db1c5e4b4) C:\WINDOWS\System32\hidserv.dll
14:10:31.0515 3964 HidServ - ok
14:10:31.0546 3964 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:10:31.0546 3964 hidusb - ok
14:10:31.0593 3964 hkmsvc (b214e053798bd806b6fe8c513be85a94) C:\WINDOWS\System32\kmsvc.dll
14:10:31.0593 3964 hkmsvc - ok
14:10:31.0609 3964 hpn - ok
14:10:31.0781 3964 hshld (b7cfe93627e7796624004687125a729f) C:\Program Files\Hotspot Shield\bin\openvpnas.exe
14:10:31.0781 3964 hshld - ok
14:10:31.0890 3964 HssDrv (4f28652ec514fa1ba473bc1a695a5c98) C:\WINDOWS\system32\DRIVERS\HssDrv.sys
14:10:31.0890 3964 HssDrv - ok
14:10:31.0984 3964 HssSrv (2cfea9c337b699aca38487e8a7438f35) C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
14:10:31.0984 3964 HssSrv - ok
14:10:32.0015 3964 HssTrayService (b3c6eeeff5c5ea3235b7d84317c1fb3f) C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
14:10:32.0015 3964 HssTrayService - ok
14:10:32.0031 3964 HssWd - ok
14:10:32.0078 3964 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:10:32.0078 3964 HTTP - ok
14:10:32.0125 3964 HTTPFilter (6cf2dfeb51da479cebbda1a42de328e9) C:\WINDOWS\System32\w3ssl.dll
14:10:32.0125 3964 HTTPFilter - ok
14:10:32.0140 3964 i2omgmt - ok
14:10:32.0156 3964 i2omp - ok
14:10:32.0171 3964 i8042prt (8d505bbfb10089d7c60346a6e179547c) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:10:32.0171 3964 i8042prt - ok
14:10:32.0312 3964 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:10:32.0328 3964 idsvc - ok
14:10:32.0343 3964 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:10:32.0343 3964 Imapi - ok
14:10:32.0375 3964 ImapiService (81d474a8aaa850c7a6e6d1630dd489ae) C:\WINDOWS\system32\imapi.exe
14:10:32.0390 3964 ImapiService - ok
14:10:32.0406 3964 ini910u - ok
14:10:32.0750 3964 IntcAzAudAddService (52b1c4ce44ee58f7e781c561efb22517) C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:10:32.0859 3964 IntcAzAudAddService - ok
14:10:32.0968 3964 IntelIde - ok
14:10:33.0000 3964 intelppm (25a30e8d0ee51307e4e135b20f2ceac7) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:10:33.0000 3964 intelppm - ok
14:10:33.0015 3964 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:10:33.0015 3964 Ip6Fw - ok
14:10:33.0046 3964 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:10:33.0046 3964 IpFilterDriver - ok
14:10:33.0062 3964 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:10:33.0062 3964 IpInIp - ok
14:10:33.0109 3964 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:10:33.0109 3964 IpNat - ok
14:10:33.0125 3964 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:10:33.0140 3964 IPSec - ok
14:10:33.0140 3964 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:10:33.0140 3964 IRENUM - ok
14:10:33.0187 3964 isapnp (8331402d6fdc8716fc04881fb35dd3e3) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:10:33.0187 3964 isapnp - ok
14:10:33.0296 3964 JavaQuickStarterService (a38441ed570f190cc041a7be49488fa7) C:\Program Files\Java\jre6\bin\jqs.exe
14:10:33.0296 3964 JavaQuickStarterService - ok
14:10:33.0312 3964 Kbdclass (7c9a827ddec6cfc7fcc7d3c6333db8c3) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:10:33.0312 3964 Kbdclass - ok
14:10:33.0343 3964 kbdhid (80d2928120936e07976a189048d1b6d5) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:10:33.0343 3964 kbdhid - ok
14:10:33.0406 3964 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:10:33.0406 3964 kmixer - ok
14:10:33.0437 3964 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:10:33.0437 3964 KSecDD - ok
14:10:33.0484 3964 lanmanserver (bbadceeea6098155d71c1e39ff757265) C:\WINDOWS\System32\srvsvc.dll
14:10:33.0484 3964 lanmanserver - ok
14:10:33.0562 3964 lanmanworkstation (8f74f0f60f032e86a2a1ed8ef26a663b) C:\WINDOWS\System32\wkssvc.dll
14:10:33.0562 3964 lanmanworkstation - ok
14:10:33.0593 3964 LBeepKE (be2dc24d403643a2d1d98f33c7087b38) C:\WINDOWS\system32\Drivers\LBeepKE.sys
14:10:33.0593 3964 LBeepKE - ok
14:10:33.0609 3964 lbrtfdc - ok
14:10:33.0687 3964 LBTServ (910344e2a984010435ae84783b25e5eb) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
14:10:33.0703 3964 LBTServ - ok
14:10:33.0765 3964 LHidFilt (01cc7fb6e790ef044b411377f3a1ff41) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
14:10:33.0765 3964 LHidFilt - ok
14:10:33.0875 3964 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
14:10:33.0875 3964 lirsgt - ok
14:10:33.0937 3964 LmHosts (e9106cf1da89f961e8c174030f7ea286) C:\WINDOWS\System32\lmhsvc.dll
14:10:33.0937 3964 LmHosts - ok
14:10:33.0953 3964 LMouFilt (a2e7eae8898d7b4b8c302b8f4e836bb5) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
14:10:33.0953 3964 LMouFilt - ok
14:10:34.0031 3964 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:10:34.0031 3964 LMS - ok
14:10:34.0062 3964 MEI (d86ac00883b9c98b570e7643aaf8e554) C:\WINDOWS\system32\DRIVERS\HECI.sys
14:10:34.0062 3964 MEI - ok
14:10:34.0109 3964 Messenger (d7af53a57778cb5307564414b19dd402) C:\WINDOWS\System32\msgsvc.dll
14:10:34.0109 3964 Messenger - ok
14:10:34.0156 3964 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:10:34.0156 3964 mnmdd - ok
14:10:34.0187 3964 mnmsrvc (70cdaa28f6173bee4929203eeb7ed58d) C:\WINDOWS\system32\mnmsrvc.exe
14:10:34.0187 3964 mnmsrvc - ok
14:10:34.0218 3964 Modem (e0ba1566270bc5afa0d00027b66c46ff) C:\WINDOWS\system32\drivers\Modem.sys
14:10:34.0218 3964 Modem - ok
14:10:34.0343 3964 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
14:10:34.0359 3964 Monfilt - ok
14:10:34.0390 3964 Mouclass (053ba6f6c1ee4cdbf3b2ad55ea96ca3f) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:10:34.0390 3964 Mouclass - ok
14:10:34.0406 3964 mouhid (d1b11868bceb4d822222cf2c86c09196) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:10:34.0406 3964 mouhid - ok
14:10:34.0468 3964 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:10:34.0468 3964 MountMgr - ok
14:10:34.0468 3964 mraid35x - ok
14:10:34.0500 3964 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:10:34.0500 3964 MRxDAV - ok
14:10:34.0546 3964 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:10:34.0546 3964 MRxSmb - ok
14:10:34.0593 3964 MSDTC (205655108b84b4890a909f4fd47a0706) C:\WINDOWS\system32\msdtc.exe
14:10:34.0593 3964 MSDTC - ok
14:10:34.0609 3964 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:10:34.0625 3964 Msfs - ok
14:10:34.0625 3964 MSIServer - ok
14:10:34.0656 3964 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:10:34.0656 3964 MSKSSRV - ok
14:10:34.0687 3964 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:10:34.0687 3964 MSPCLOCK - ok
14:10:34.0687 3964 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:10:34.0687 3964 MSPQM - ok
14:10:34.0734 3964 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:10:34.0734 3964 mssmbios - ok
14:10:34.0765 3964 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:10:34.0765 3964 Mup - ok
14:10:34.0859 3964 napagent (abed7ea0733c5956a992c11351320455) C:\WINDOWS\System32\qagentrt.dll
14:10:34.0859 3964 napagent - ok
14:10:34.0906 3964 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:10:34.0906 3964 NDIS - ok
14:10:34.0953 3964 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:10:34.0953 3964 NdisTapi - ok
14:10:35.0000 3964 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:10:35.0000 3964 Ndisuio - ok
14:10:35.0015 3964 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:10:35.0015 3964 NdisWan - ok
14:10:35.0031 3964 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:10:35.0031 3964 NDProxy - ok
14:10:35.0046 3964 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:10:35.0046 3964 NetBIOS - ok
14:10:35.0093 3964 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:10:35.0109 3964 NetBT - ok
14:10:35.0171 3964 NetDDE (240e632ed874a8f40d3099723d37c477) C:\WINDOWS\system32\netdde.exe
14:10:35.0171 3964 NetDDE - ok
14:10:35.0187 3964 NetDDEdsdm (240e632ed874a8f40d3099723d37c477) C:\WINDOWS\system32\netdde.exe
14:10:35.0187 3964 NetDDEdsdm - ok
14:10:35.0218 3964 Netlogon (f37b5c30ea09062da4dfc2288560c485) C:\WINDOWS\system32\lsass.exe
14:10:35.0234 3964 Netlogon - ok
14:10:35.0296 3964 Netman (c1356692171443241694e1987dc19c2b) C:\WINDOWS\System32\netman.dll
14:10:35.0312 3964 Netman - ok
14:10:35.0406 3964 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:10:35.0421 3964 NetTcpPortSharing - ok
14:10:35.0484 3964 Nla (9d24a369438439ac3a9c7131b01b1d92) C:\WINDOWS\System32\mswsock.dll
14:10:35.0484 3964 Nla - ok
14:10:35.0500 3964 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:10:35.0500 3964 Npfs - ok
14:10:35.0546 3964 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:10:35.0546 3964 Ntfs - ok
14:10:35.0562 3964 NtLmSsp (f37b5c30ea09062da4dfc2288560c485) C:\WINDOWS\system32\lsass.exe
14:10:35.0562 3964 NtLmSsp - ok
14:10:35.0609 3964 NtmsSvc (9869f673909a3004a3a8732b51303296) C:\WINDOWS\system32\ntmssvc.dll
14:10:35.0625 3964 NtmsSvc - ok
14:10:35.0656 3964 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:10:35.0656 3964 Null - ok
14:10:35.0687 3964 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:10:35.0687 3964 NwlnkFlt - ok
14:10:35.0703 3964 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:10:35.0703 3964 NwlnkFwd - ok
14:10:35.0734 3964 Parport (99b680f4847b085d9b9acd000b38b965) C:\WINDOWS\system32\DRIVERS\parport.sys
14:10:35.0734 3964 Parport - ok
14:10:35.0781 3964 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:10:35.0796 3964 PartMgr - ok
14:10:35.0828 3964 ParVdm (4c8654da30ad5904fa3357d4d9ae2b48) C:\WINDOWS\system32\drivers\ParVdm.sys
14:10:35.0828 3964 ParVdm - ok
14:10:35.0843 3964 PCI (dcb0e536286b17ee4e3072eb7b81f3b3) C:\WINDOWS\system32\DRIVERS\pci.sys
14:10:35.0843 3964 PCI - ok
14:10:35.0859 3964 PCIDump - ok
14:10:35.0890 3964 PCIIde (a381ed297f58ba5bfe1d0b89384561fe) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:10:35.0890 3964 PCIIde - ok
14:10:35.0921 3964 Pcmcia (9350af4ed9ea927179ae068c2d3980c4) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:10:35.0921 3964 Pcmcia - ok
14:10:35.0937 3964 PDCOMP - ok
14:10:35.0937 3964 PDFRAME - ok
14:10:35.0953 3964 PDRELI - ok
14:10:35.0953 3964 PDRFRAME - ok
14:10:35.0968 3964 perc2 - ok
14:10:35.0984 3964 perc2hib - ok
14:10:36.0031 3964 PlugPlay (782ee83d0f77f497ecf0a07da1c3589f) C:\WINDOWS\system32\services.exe
14:10:36.0031 3964 PlugPlay - ok
14:10:36.0078 3964 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\WINDOWS\system32\PnkBstrA.exe
14:10:36.0093 3964 PnkBstrA - ok
14:10:36.0093 3964 PolicyAgent (f37b5c30ea09062da4dfc2288560c485) C:\WINDOWS\system32\lsass.exe
14:10:36.0093 3964 PolicyAgent - ok
14:10:36.0125 3964 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:10:36.0125 3964 PptpMiniport - ok
14:10:36.0140 3964 ProtectedStorage (f37b5c30ea09062da4dfc2288560c485) C:\WINDOWS\system32\lsass.exe
14:10:36.0140 3964 ProtectedStorage - ok
14:10:36.0156 3964 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:10:36.0156 3964 PSched - ok
14:10:36.0203 3964 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:10:36.0203 3964 Ptilink - ok
14:10:36.0203 3964 ql1080 - ok
14:10:36.0218 3964 Ql10wnt - ok
14:10:36.0234 3964 ql12160 - ok
14:10:36.0234 3964 ql1240 - ok
14:10:36.0250 3964 ql1280 - ok
14:10:36.0265 3964 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:10:36.0265 3964 RasAcd - ok
14:10:36.0296 3964 RasAuto (bd44beab602cb156f3c8c990fe931b0c) C:\WINDOWS\System32\rasauto.dll
14:10:36.0296 3964 RasAuto - ok
14:10:36.0312 3964 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:10:36.0328 3964 Rasl2tp - ok
14:10:36.0375 3964 RasMan (981cb057e6aff8f8b4a599fb5ab69557) C:\WINDOWS\System32\rasmans.dll
14:10:36.0375 3964 RasMan - ok
14:10:36.0390 3964 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:10:36.0390 3964 RasPppoe - ok
14:10:36.0406 3964 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:10:36.0406 3964 Raspti - ok
14:10:36.0437 3964 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:10:36.0437 3964 Rdbss - ok
14:10:36.0453 3964 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:10:36.0453 3964 RDPCDD - ok
14:10:36.0500 3964 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
14:10:36.0500 3964 RDPWD - ok
14:10:36.0546 3964 RDSessMgr (9dd93ffbcea84cfaf4019c95bcfcc277) C:\WINDOWS\system32\sessmgr.exe
14:10:36.0546 3964 RDSessMgr - ok
14:10:36.0578 3964 redbook (c17a980e3f07e8ea6f61142511ab8196) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:10:36.0578 3964 redbook - ok
14:10:36.0609 3964 RemoteAccess (6c3f43697e4e0d7325c681579001720a) C:\WINDOWS\System32\mprdim.dll
14:10:36.0609 3964 RemoteAccess - ok
14:10:36.0625 3964 RpcLocator (d978b60227d9f6fc5c6e3fb5097e85e1) C:\WINDOWS\system32\locator.exe
14:10:36.0625 3964 RpcLocator - ok
14:10:36.0703 3964 RpcSs (49ca71b047c7e3d84d7004b96a93ab28) C:\WINDOWS\system32\rpcss.dll
14:10:36.0703 3964 RpcSs - ok
14:10:36.0718 3964 RSVP (b4af6cbd893a01f1a49d70f101e70e88) C:\WINDOWS\system32\rsvp.exe
14:10:36.0734 3964 RSVP - ok
14:10:36.0750 3964 SamSs (f37b5c30ea09062da4dfc2288560c485) C:\WINDOWS\system32\lsass.exe
14:10:36.0750 3964 SamSs - ok
14:10:36.0875 3964 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:10:36.0875 3964 SASDIFSV - ok
14:10:36.0937 3964 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:10:36.0937 3964 SASKUTIL - ok
14:10:36.0968 3964 SCardSvr (4c6453708926e45dc84a3b5e7ce4d22b) C:\WINDOWS\System32\SCardSvr.exe
14:10:36.0968 3964 SCardSvr - ok
14:10:37.0046 3964 Schedule (b83bf888d7e5c5f7ec89523ec8b726e6) C:\WINDOWS\system32\schedsvc.dll
14:10:37.0046 3964 Schedule - ok
14:10:37.0078 3964 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:10:37.0078 3964 Secdrv - ok
14:10:37.0109 3964 seclogon (a6100b21ae48e6e776620fd59936c3c1) C:\WINDOWS\System32\seclogon.dll
14:10:37.0109 3964 seclogon - ok
14:10:37.0140 3964 SENS (f27276feb25502ad6bf6e2d74e157181) C:\WINDOWS\system32\sens.dll
14:10:37.0140 3964 SENS - ok
14:10:37.0171 3964 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:10:37.0171 3964 serenum - ok
14:10:37.0187 3964 Serial (44874df5c7f1a379a82fdaf8f0f4cc57) C:\WINDOWS\system32\DRIVERS\serial.sys
14:10:37.0203 3964 Serial - ok
14:10:37.0250 3964 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:10:37.0250 3964 Sfloppy - ok
14:10:37.0312 3964 SharedAccess (4a26a3faca4b3b019a2be42f4d4d8b2b) C:\WINDOWS\System32\ipnathlp.dll
14:10:37.0312 3964 SharedAccess - ok
14:10:37.0359 3964 ShellHWDetection (8e189f5394f9fd792ef0751a9ef4bea3) C:\WINDOWS\System32\shsvcs.dll
14:10:37.0359 3964 ShellHWDetection - ok
14:10:37.0359 3964 Simbad - ok
14:10:37.0437 3964 SkypeUpdate (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files\Skype\Updater\Updater.exe
14:10:37.0437 3964 SkypeUpdate - ok
14:10:37.0500 3964 SmartDefragDriver (14bb60a4f1c5291217a05d5728c403e6) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
14:10:37.0500 3964 SmartDefragDriver - ok
14:10:37.0515 3964 Sparrow - ok
14:10:37.0562 3964 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:10:37.0562 3964 splitter - ok
14:10:37.0609 3964 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
14:10:37.0609 3964 Spooler - ok
14:10:37.0625 3964 sr (766ce6120a9d27d3ababb138c4138af9) C:\WINDOWS\system32\DRIVERS\sr.sys
14:10:37.0625 3964 sr - ok
14:10:37.0671 3964 srservice (725293069c64665967f18a9458957250) C:\WINDOWS\system32\srsvc.dll
14:10:37.0671 3964 srservice - ok
14:10:37.0703 3964 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:10:37.0718 3964 Srv - ok
14:10:37.0750 3964 SSDPSRV (60ec79d77fd6620fe2ea103764256ec4) C:\WINDOWS\System32\ssdpsrv.dll
14:10:37.0750 3964 SSDPSRV - ok
14:10:37.0796 3964 Steam Client Service - ok
14:10:37.0859 3964 stisvc (cffa355b7951a3806bb363c67d5510cc) C:\WINDOWS\system32\wiaservc.dll
14:10:37.0875 3964 stisvc - ok
14:10:37.0906 3964 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:10:37.0906 3964 swenum - ok
14:10:37.0968 3964 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:10:37.0968 3964 swmidi - ok
14:10:37.0984 3964 SwPrv - ok
14:10:38.0000 3964 symc810 - ok
14:10:38.0015 3964 symc8xx - ok
14:10:38.0015 3964 sym_hi - ok
14:10:38.0031 3964 sym_u3 - ok
14:10:38.0078 3964 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:10:38.0078 3964 sysaudio - ok
14:10:38.0125 3964 SysmonLog (040620073707c2f77f230b1b537eef97) C:\WINDOWS\system32\smlogsvc.exe
14:10:38.0125 3964 SysmonLog - ok
14:10:38.0156 3964 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys
14:10:38.0156 3964 taphss - ok
14:10:38.0218 3964 TapiSrv (dad0b2f0afa9c03f043848db16696224) C:\WINDOWS\System32\tapisrv.dll
14:10:38.0218 3964 TapiSrv - ok
14:10:38.0281 3964 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:10:38.0281 3964 Tcpip - ok
14:10:38.0312 3964 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:10:38.0312 3964 TDPIPE - ok
14:10:38.0328 3964 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:10:38.0328 3964 TDTCP - ok
14:10:38.0375 3964 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:10:38.0375 3964 TermDD - ok
14:10:38.0437 3964 TermService (95610769d9b59dcdae9bc463c1c0962c) C:\WINDOWS\System32\termsrv.dll
14:10:38.0453 3964 TermService - ok
14:10:38.0484 3964 Themes (8e189f5394f9fd792ef0751a9ef4bea3) C:\WINDOWS\System32\shsvcs.dll
14:10:38.0484 3964 Themes - ok
14:10:38.0500 3964 TosIde - ok
14:10:38.0546 3964 TrkWks (02a4096174745ad6e11ab5ec097eb8bb) C:\WINDOWS\system32\trkwks.dll
14:10:38.0546 3964 TrkWks - ok
14:10:38.0562 3964 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:10:38.0578 3964 Udfs - ok
14:10:38.0578 3964 ultra - ok
14:10:38.0812 3964 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:10:38.0828 3964 UNS - ok
14:10:38.0984 3964 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:10:38.0984 3964 Update - ok
14:10:39.0046 3964 upnphost (b69b61c2219f5fe503e5333194cdc8a7) C:\WINDOWS\System32\upnphost.dll
14:10:39.0046 3964 upnphost - ok
14:10:39.0078 3964 UPS (b13f0403fab578c2280e80703797ad07) C:\WINDOWS\System32\ups.exe
14:10:39.0078 3964 UPS - ok
14:10:39.0093 3964 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:10:39.0093 3964 usbccgp - ok
14:10:39.0109 3964 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:10:39.0109 3964 usbehci - ok
14:10:39.0140 3964 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:10:39.0140 3964 usbhub - ok
14:10:39.0187 3964 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:10:39.0187 3964 USBSTOR - ok
14:10:39.0218 3964 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:10:39.0218 3964 VgaSave - ok
14:10:39.0234 3964 ViaIde - ok
14:10:39.0265 3964 VolSnap (2a405a3e1d925b49e09369999854e853) C:\WINDOWS\system32\drivers\VolSnap.sys
14:10:39.0281 3964 VolSnap - ok
14:10:39.0328 3964 VSS (ee0393dbf85980500a1f7774e1c81f6d) C:\WINDOWS\System32\vssvc.exe
14:10:39.0328 3964 VSS - ok
14:10:39.0359 3964 W32Time (2d1385433ab3f76f324023fafcd8a711) C:\WINDOWS\system32\w32time.dll
14:10:39.0359 3964 W32Time - ok
14:10:39.0375 3964 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:10:39.0375 3964 Wanarp - ok
14:10:39.0437 3964 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
14:10:39.0437 3964 Wdf01000 - ok
14:10:39.0453 3964 WDICA - ok
14:10:39.0500 3964 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:10:39.0500 3964 wdmaud - ok
14:10:39.0531 3964 WebClient (aeecaaac59cdd24dde0d5c0164250d96) C:\WINDOWS\System32\webclnt.dll
14:10:39.0546 3964 WebClient - ok
14:10:39.0625 3964 winmgmt (f2424c8eb744e9aef66f3691e82fc6dd) C:\WINDOWS\system32\wbem\WMIsvc.dll
14:10:39.0640 3964 winmgmt - ok
14:10:39.0781 3964 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:10:39.0796 3964 wlidsvc - ok
14:10:39.0921 3964 WmdmPmSN (f7cf059d9e8a6ddfd25147bc07bbf64b) C:\WINDOWS\system32\mspmsnsv.dll
14:10:39.0921 3964 WmdmPmSN - ok
14:10:39.0968 3964 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
14:10:39.0968 3964 WmiAcpi - ok
14:10:40.0046 3964 WmiApSrv (2a86994cbab96d9d5f5e4cee99e09ee0) C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:10:40.0046 3964 WmiApSrv - ok
14:10:40.0125 3964 WN4501HLFFA (ba72a1569473cde474a90e73675f8ee5) C:\WINDOWS\system32\DRIVERS\AIRWGU.sys
14:10:40.0140 3964 WN4501HLFFA - ok
14:10:40.0171 3964 wscsvc (ad3204b412f8dc6443363392d9da3b26) C:\WINDOWS\system32\wscsvc.dll
14:10:40.0187 3964 wscsvc - ok
14:10:40.0203 3964 wuauserv (7e2a44a76f9724d4cc6a6198323eb475) C:\WINDOWS\system32\wuauserv.dll
14:10:40.0281 3964 wuauserv - ok
14:10:40.0343 3964 WZCSVC (229b9795979fd2f437aab2d85030245e) C:\WINDOWS\System32\wzcsvc.dll
14:10:40.0343 3964 WZCSVC - ok
14:10:40.0390 3964 xmlprov (9c76585f186648f69b2014c19030a571) C:\WINDOWS\System32\xmlprov.dll
14:10:40.0453 3964 xmlprov - ok
14:10:40.0500 3964 MBR (0x1B8) (988ed281fd011a58dab7e4ae71ded8f5) \Device\Harddisk0\DR0
14:10:40.0765 3964 \Device\Harddisk0\DR0 - ok
14:10:40.0765 3964 Boot (0x1200) (a4f292f2ba2f3c9ed066d0208bf3996e) \Device\Harddisk0\DR0\Partition0
14:10:40.0781 3964 \Device\Harddisk0\DR0\Partition0 - ok
14:10:40.0796 3964 Boot (0x1200) (28a28cff508ecc689aabc7245fc5f4c4) \Device\Harddisk0\DR0\Partition1
14:10:40.0796 3964 \Device\Harddisk0\DR0\Partition1 - ok
14:10:40.0796 3964 ============================================================
14:10:40.0796 3964 Scan finished
14:10:40.0796 3964 ============================================================
14:10:40.0796 3520 Detected object count: 1
14:10:40.0796 3520 Actual detected object count: 1
14:10:52.0406 3520 HKLM\SYSTEM\ControlSet001\services\b7d8abe61239507d - will be deleted on reboot
14:10:52.0468 3520 HKLM\SYSTEM\ControlSet002\services\b7d8abe61239507d - will be deleted on reboot
14:10:52.0640 3520 C:\WINDOWS\System32\Drivers\b7d8abe61239507d.sys - will be deleted on reboot
14:10:52.0640 3520 b7d8abe61239507d ( LockedService.Multi.Generic ) - User select action: Delete



C:\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Documents and Settings\do?an\Application Data\Sun\Java\Deployment\cache\6.0\13\198a9f0d-3c07e4fb Java/Exploit.CVE-2012-0507.BR trojan cleaned by deleting - quarantined
C:\Documents and Settings\do?an\Application Data\Sun\Java\Deployment\cache\6.0\17\7e9919d1-7a63f241 Java/Exploit.Agent.NCP trojan cleaned by deleting - quarantined
C:\Documents and Settings\do?an\Application Data\Sun\Java\Deployment\cache\6.0\55\74991b7-7e712201 probably a variant of Win32/Kryptik.AHXK trojan deleted - quarantined
C:\Documents and Settings\do?an\Local Settings\Temp\ICReinstall_ICReinstall_ICReinstall_JDownloaderSetup.exe a variant of Win32/InstallCore.W application cleaned by deleting - quarantined
C:\Documents and Settings\do?an\Local Settings\Temp\ICReinstall_ICReinstall_JDownloaderSetup.exe a variant of Win32/InstallCore.W application cleaned by deleting - quarantined
C:\Documents and Settings\do?an\Local Settings\Temp\ICReinstall_JDownloaderSetup.exe a variant of Win32/InstallCore.W application cleaned by deleting - quarantined
C:\Documents and Settings\do?an\Local Settings\Temp\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\Documents and Settings\do?an\Local Settings\Temp\YontooSetup-S.exe probably a variant of Win32/Adware.SLITAT application cleaned by deleting - quarantined
C:\Documents and Settings\do?an\Local Settings\Temp\YontooSetup-Silent.exe Win32/Adware.Yontoo application cleaned by deleting - quarantined
C:\Documents and Settings\do?an\Local Settings\Temp\is1070216317\ezLooker-S-Setup_Suite1.exe probably a variant of Win32/Adware.DFJFHGU application cleaned by deleting - quarantined
C:\Documents and Settings\do?an\Local Settings\Temp\is1070216317\FreeTwitTubeSetup-Silent-B2.exe probably a variant of Win32/Adware.NGNBVY application cleaned by deleting - quarantined
C:\Program Files\Yontoo\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting (after the next restart) - quarantined
Operating memory a variant of Win32/Adware.Yontoo.A application

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:37 AM

Posted 05 July 2012 - 01:29 PM

ASWMBR is different from normal scanner.Please post the log

#5 thunder071

thunder071
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 07 July 2012 - 05:10 AM

ASWMBR is different from normal scanner.Please post the log


Finall the post


12:52:11.359 OS Version: Windows 5.1.2600 Service Pack 3
12:52:11.359 Number of processors: 4 586 0x2A07
12:52:11.359 ComputerName: DOGAN UserName: doğan
12:52:13.375 Initialize success
12:57:22.531 AVAST engine defs: 12070700
13:01:00.875 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
13:01:00.875 Disk 0 Vendor: SAMSUNG_SP2504C VT100-41 Size: 238475MB BusType: 3
13:01:00.906 Disk 0 MBR read successfully
13:01:00.906 Disk 0 MBR scan
13:01:00.953 Disk 0 Windows XP default MBR code
13:01:00.968 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 74975 MB offset 63
13:01:00.968 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 160697 MB offset 153549270
13:01:00.984 Disk 0 Partition - 00 0F Extended LBA 2800 MB offset 482656860
13:01:01.031 Disk 0 Partition 3 00 1B Hidd FAT32 MSWIN4.1 2800 MB offset 482656923
13:01:01.062 Disk 0 scanning sectors +488392065
13:01:01.140 Disk 0 scanning C:\WINDOWS\system32\drivers
13:01:11.953 Service scanning
13:01:23.703 Modules scanning
13:01:27.218 Disk 0 trace - called modules:
13:01:27.234 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
13:01:27.234 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a4deab8]
13:01:27.234 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000070[0x8a4a5f18]
13:01:27.234 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a4e0940]
13:01:27.781 AVAST engine scan C:\WINDOWS
13:01:33.062 AVAST engine scan C:\WINDOWS\system32
13:03:19.062 AVAST engine scan C:\WINDOWS\system32\drivers
13:03:29.062 AVAST engine scan C:\Documents and Settings\doğan
13:07:36.718 AVAST engine scan C:\Documents and Settings\All Users
13:08:18.687 Scan finished successfully
13:08:47.265 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\doğan\Desktop\MBR.dat"
13:08:47.265 The log file has been saved successfully to "C:\Documents and Settings\doğan\Desktop\aswMBR.txt"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:37 AM

Posted 07 July 2012 - 05:16 AM

Run superantispyware again and post the log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#7 thunder071

thunder071
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:37 AM

Posted 07 July 2012 - 02:20 PM

Why i'm still doing these scans?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users