Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

redirecting /popups in browser


  • Please log in to reply
16 replies to this topic

#1 hostile17

hostile17

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 01 August 2012 - 06:43 PM

I even tried to run tdsskiller, but it won't work. please help.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:06 PM

Posted 01 August 2012 - 06:53 PM

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot ,click on REPAIR

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 hostile17

hostile17
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 01 August 2012 - 08:55 PM

Hello. Thanks for responding.

I downloaded FixTDSS, and when I click on it, I get the standard "Open File - Security Warning" box. I then click "run" and the program doesn't open up after that. The aswMBR program will also not start.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:06 PM

Posted 01 August 2012 - 09:04 PM

Let me know if you're able to run this

TDSS fix

#5 hostile17

hostile17
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 01 August 2012 - 09:10 PM

yes, i am.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:06 PM

Posted 01 August 2012 - 09:12 PM

Launch it and Click on "Scan".Let me know if it detects rootkit :thumbup2:

#7 hostile17

hostile17
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 01 August 2012 - 09:16 PM

It found:

Rootkit.Boot.SST.a
Physical drive: \Device\Harddisk0\DR0
Malware object, high risk

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:06 PM

Posted 01 August 2012 - 09:17 PM

Remove it :thumbup2:

Restart the PC and post the logs as instructed before

#9 hostile17

hostile17
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 01 August 2012 - 10:05 PM

here's TDSS and aswMBR. The ESET is sill running and i'll post the results ASAP. Thanks :thumbsup:


19:24:50.0578 3244 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
19:24:51.0359 3244 ============================================================
19:24:51.0359 3244 Current date / time: 2012/08/01 19:24:51.0359
19:24:51.0359 3244 SystemInfo:
19:24:51.0359 3244
19:24:51.0359 3244 OS Version: 5.1.2600 ServicePack: 3.0
19:24:51.0359 3244 Product type: Workstation
19:24:51.0359 3244 ComputerName: LAPTOP
19:24:51.0359 3244 UserName: laptop 2
19:24:51.0359 3244 Windows directory: C:\WINDOWS
19:24:51.0359 3244 System windows directory: C:\WINDOWS
19:24:51.0359 3244 Processor architecture: Intel x86
19:24:51.0359 3244 Number of processors: 1
19:24:51.0359 3244 Page size: 0x1000
19:24:51.0359 3244 Boot type: Normal boot
19:24:51.0359 3244 ============================================================
19:24:53.0359 3244 Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:24:53.0375 3244 ============================================================
19:24:53.0375 3244 \Device\Harddisk0\DR0:
19:24:53.0375 3244 MBR partitions:
19:24:53.0375 3244 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
19:24:53.0375 3244 ============================================================
19:24:53.0390 3244 C: <-> \Device\Harddisk0\DR0\Partition0
19:24:53.0390 3244 ============================================================
19:24:53.0390 3244 Initialize success
19:24:53.0390 3244 ============================================================
19:24:57.0687 3304 ============================================================
19:24:57.0687 3304 Scan started
19:24:57.0687 3304 Mode: Manual; TDLFS;
19:24:57.0687 3304 ============================================================
19:24:59.0078 3304 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
19:24:59.0078 3304 !SASCORE - ok
19:24:59.0203 3304 Abiosdsk - ok
19:24:59.0203 3304 abp480n5 - ok
19:24:59.0250 3304 Access Utility Service (89d193edc63b8f194c889ef06c51f0cb) C:\Program Files\Sprint\Mobile Broadband\SMBAUtilSvc.exe
19:24:59.0265 3304 Access Utility Service - ok
19:24:59.0312 3304 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:24:59.0312 3304 ACPI - ok
19:24:59.0359 3304 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:24:59.0359 3304 ACPIEC - ok
19:24:59.0375 3304 adpu160m - ok
19:24:59.0421 3304 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:24:59.0421 3304 aec - ok
19:24:59.0484 3304 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:24:59.0484 3304 AFD - ok
19:24:59.0484 3304 Aha154x - ok
19:24:59.0500 3304 aic78u2 - ok
19:24:59.0515 3304 aic78xx - ok
19:24:59.0531 3304 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
19:24:59.0531 3304 Alerter - ok
19:24:59.0562 3304 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
19:24:59.0562 3304 ALG - ok
19:24:59.0578 3304 AliIde - ok
19:24:59.0578 3304 amsint - ok
19:24:59.0593 3304 apfiltrservice - ok
19:24:59.0625 3304 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
19:24:59.0625 3304 APPDRV - ok
19:24:59.0750 3304 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:24:59.0750 3304 Apple Mobile Device - ok
19:24:59.0796 3304 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
19:24:59.0796 3304 AppMgmt - ok
19:24:59.0812 3304 asapiw2k - ok
19:24:59.0812 3304 asc - ok
19:24:59.0828 3304 asc3350p - ok
19:24:59.0843 3304 asc3550 - ok
19:24:59.0953 3304 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:24:59.0968 3304 aspnet_state - ok
19:25:00.0015 3304 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:25:00.0015 3304 atapi - ok
19:25:00.0015 3304 Atdisk - ok
19:25:00.0031 3304 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:25:00.0031 3304 Atmarpc - ok
19:25:00.0062 3304 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
19:25:00.0062 3304 AudioSrv - ok
19:25:00.0109 3304 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:25:00.0109 3304 audstub - ok
19:25:00.0125 3304 AVRec - ok
19:25:00.0187 3304 b57w2k (3a3a82ffd268bcfb7ae6a48cecf00ad9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
19:25:00.0187 3304 b57w2k - ok
19:25:00.0515 3304 BCM43XX (4eda899a470c7912b090e38f20fe1c3f) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
19:25:00.0546 3304 BCM43XX - ok
19:25:00.0703 3304 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:25:00.0703 3304 Beep - ok
19:25:00.0765 3304 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
19:25:00.0781 3304 BITS - ok
19:25:00.0859 3304 BlueletAudio (b77f00b776f53a470adfda3c81651807) C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
19:25:00.0875 3304 BlueletAudio - ok
19:25:00.0921 3304 BlueletSCOAudio (bd91afc523fd59f881e1763c38fb772f) C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys
19:25:00.0921 3304 BlueletSCOAudio - ok
19:25:01.0125 3304 BlueSoleilCS (6a2f1a0787139a28f93b7cdab830e354) C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
19:25:01.0140 3304 BlueSoleilCS - ok
19:25:01.0203 3304 Bluetooth Hid Switch Service (b26e18adaa16e507166e3b61e79a1e25) C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe
19:25:01.0203 3304 Bluetooth Hid Switch Service - ok
19:25:01.0281 3304 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files\Bonjour\mDNSResponder.exe
19:25:01.0281 3304 Bonjour Service - ok
19:25:01.0390 3304 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
19:25:01.0390 3304 Browser - ok
19:25:01.0437 3304 BsHelpCS (43fad5549b09e769b61bbeb58c02ab59) C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
19:25:01.0437 3304 BsHelpCS - ok
19:25:01.0500 3304 BT (c5cce2b26f73f8cf7f3c82159e79aa08) C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
19:25:01.0500 3304 BT - ok
19:25:01.0546 3304 Btcsrusb (fb2abc6d08d9f8d5ed8e02cbd18b39bb) C:\WINDOWS\system32\Drivers\btcusb.sys
19:25:01.0546 3304 Btcsrusb - ok
19:25:01.0593 3304 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
19:25:01.0593 3304 BthEnum - ok
19:25:01.0656 3304 BTHidEnum (ce643d0918123d76a5caab008fca9663) C:\WINDOWS\system32\Drivers\vbtenum.sys
19:25:01.0656 3304 BTHidEnum - ok
19:25:01.0671 3304 BTHidMgr (dfca4fe4c8aec786b4d0f432eb730f48) C:\WINDOWS\system32\Drivers\BTHidMgr.sys
19:25:01.0671 3304 BTHidMgr - ok
19:25:01.0703 3304 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
19:25:01.0703 3304 BthPan - ok
19:25:01.0765 3304 BTHPORT (662bfd909447dd9cc15b1a1c366583b4) C:\WINDOWS\system32\Drivers\BTHport.sys
19:25:01.0765 3304 BTHPORT - ok
19:25:01.0843 3304 BthServ (f4c43c66471b87996d95db7a3a664a37) C:\WINDOWS\System32\bthserv.dll
19:25:01.0843 3304 BthServ - ok
19:25:01.0875 3304 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
19:25:01.0875 3304 BTHUSB - ok
19:25:01.0875 3304 BTKRNL - ok
19:25:01.0953 3304 BTMUSB (66613f790a6d2b4ef3aed0925e4b116c) C:\WINDOWS\system32\Drivers\btmusb.sys
19:25:01.0953 3304 BTMUSB - ok
19:25:02.0000 3304 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:25:02.0000 3304 cbidf2k - ok
19:25:02.0046 3304 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:25:02.0046 3304 CCDECODE - ok
19:25:02.0046 3304 cd20xrnt - ok
19:25:02.0093 3304 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:25:02.0093 3304 Cdaudio - ok
19:25:02.0140 3304 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:25:02.0140 3304 Cdfs - ok
19:25:02.0203 3304 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:25:02.0203 3304 Cdrom - ok
19:25:02.0250 3304 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
19:25:02.0250 3304 cercsr6 - ok
19:25:02.0250 3304 Changer - ok
19:25:02.0296 3304 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
19:25:02.0296 3304 CiSvc - ok
19:25:02.0312 3304 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
19:25:02.0328 3304 ClipSrv - ok
19:25:02.0421 3304 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:25:02.0421 3304 clr_optimization_v2.0.50727_32 - ok
19:25:02.0437 3304 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:25:02.0437 3304 CmBatt - ok
19:25:02.0453 3304 CmdIde - ok
19:25:02.0500 3304 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:25:02.0500 3304 Compbatt - ok
19:25:02.0500 3304 COMSysApp - ok
19:25:02.0515 3304 Cpqarray - ok
19:25:02.0546 3304 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
19:25:02.0546 3304 CryptSvc - ok
19:25:02.0562 3304 cusrvc - ok
19:25:02.0562 3304 CYUSB - ok
19:25:02.0578 3304 dac2w2k - ok
19:25:02.0578 3304 dac960nt - ok
19:25:02.0656 3304 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
19:25:02.0671 3304 DcomLaunch - ok
19:25:02.0718 3304 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
19:25:02.0718 3304 Dhcp - ok
19:25:02.0734 3304 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:25:02.0734 3304 Disk - ok
19:25:02.0750 3304 djsnetcn - ok
19:25:02.0750 3304 dmadmin - ok
19:25:02.0890 3304 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
19:25:02.0906 3304 dmboot - ok
19:25:02.0937 3304 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
19:25:02.0937 3304 dmio - ok
19:25:02.0984 3304 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:25:02.0984 3304 dmload - ok
19:25:03.0015 3304 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
19:25:03.0015 3304 dmserver - ok
19:25:03.0062 3304 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:25:03.0062 3304 DMusic - ok
19:25:03.0171 3304 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
19:25:03.0171 3304 Dnscache - ok
19:25:03.0218 3304 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
19:25:03.0218 3304 Dot3svc - ok
19:25:03.0218 3304 dpti2o - ok
19:25:03.0265 3304 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:25:03.0281 3304 drmkaud - ok
19:25:03.0312 3304 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
19:25:03.0312 3304 EapHost - ok
19:25:03.0343 3304 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
19:25:03.0343 3304 ERSvc - ok
19:25:03.0375 3304 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
19:25:03.0375 3304 Eventlog - ok
19:25:03.0437 3304 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
19:25:03.0437 3304 EventSystem - ok
19:25:03.0531 3304 Fabs - ok
19:25:03.0562 3304 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:25:03.0562 3304 Fastfat - ok
19:25:03.0625 3304 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:25:03.0625 3304 FastUserSwitchingCompatibility - ok
19:25:03.0671 3304 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
19:25:03.0671 3304 Fdc - ok
19:25:03.0687 3304 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
19:25:03.0687 3304 Fips - ok
19:25:04.0000 3304 FirebirdServerMAGIXInstance (fff1130f7c9fa01d093a1edfc5cce8fc) C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
19:25:04.0015 3304 FirebirdServerMAGIXInstance - ok
19:25:04.0125 3304 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
19:25:04.0125 3304 Flpydisk - ok
19:25:04.0171 3304 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:25:04.0187 3304 FltMgr - ok
19:25:04.0312 3304 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:25:04.0312 3304 FontCache3.0.0.0 - ok
19:25:04.0359 3304 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:25:04.0359 3304 Fs_Rec - ok
19:25:04.0375 3304 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:25:04.0375 3304 Ftdisk - ok
19:25:04.0406 3304 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:25:04.0406 3304 GEARAspiWDM - ok
19:25:04.0453 3304 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:25:04.0453 3304 Gpc - ok
19:25:04.0484 3304 GTIPCI21 (cea72ac01892b12514d15e21ef1bc75d) C:\WINDOWS\system32\DRIVERS\gtipci21.sys
19:25:04.0484 3304 GTIPCI21 - ok
19:25:04.0531 3304 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:25:04.0531 3304 helpsvc - ok
19:25:04.0531 3304 HidServ - ok
19:25:04.0578 3304 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:25:04.0578 3304 HidUsb - ok
19:25:04.0656 3304 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
19:25:04.0656 3304 hkmsvc - ok
19:25:04.0656 3304 hpn - ok
19:25:04.0671 3304 hpt3xx - ok
19:25:04.0968 3304 HSFHWICH (a84bbbdd125d370593004f6429f8445c) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
19:25:04.0968 3304 HSFHWICH - ok
19:25:05.0484 3304 HSF_DPV (b678fa91cf4a1c19b462d8db04cd02ab) C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS
19:25:05.0500 3304 HSF_DPV - ok
19:25:05.0562 3304 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:25:05.0562 3304 HTTP - ok
19:25:05.0609 3304 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
19:25:05.0609 3304 HTTPFilter - ok
19:25:05.0625 3304 i2omgmt - ok
19:25:05.0625 3304 i2omp - ok
19:25:05.0687 3304 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:25:05.0687 3304 i8042prt - ok
19:25:06.0812 3304 ialm (643162fbc619e35d3f1a90a095a5bb42) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
19:25:06.0828 3304 ialm - ok
19:25:07.0046 3304 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:25:07.0062 3304 idsvc - ok
19:25:07.0187 3304 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:25:07.0187 3304 Imapi - ok
19:25:07.0250 3304 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
19:25:07.0250 3304 ImapiService - ok
19:25:07.0250 3304 ini910u - ok
19:25:07.0281 3304 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
19:25:07.0281 3304 IntelIde - ok
19:25:07.0312 3304 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:25:07.0312 3304 intelppm - ok
19:25:07.0328 3304 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:25:07.0328 3304 Ip6Fw - ok
19:25:07.0375 3304 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:25:07.0375 3304 IpFilterDriver - ok
19:25:07.0390 3304 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:25:07.0390 3304 IpInIp - ok
19:25:07.0406 3304 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:25:07.0421 3304 IpNat - ok
19:25:07.0593 3304 iPod Service (f62c69376a95795fe7cdb1c778edaca4) C:\Program Files\iPod\bin\iPodService.exe
19:25:07.0609 3304 iPod Service - ok
19:25:07.0640 3304 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:25:07.0640 3304 IPSec - ok
19:25:07.0656 3304 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:25:07.0656 3304 IRENUM - ok
19:25:07.0687 3304 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:25:07.0687 3304 isapnp - ok
19:25:07.0750 3304 JavaQuickStarterService (5472d771c0197355c1d347f20392b982) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
19:25:07.0750 3304 JavaQuickStarterService - ok
19:25:07.0765 3304 k750mdfl - ok
19:25:07.0765 3304 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:25:07.0765 3304 Kbdclass - ok
19:25:07.0875 3304 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:25:07.0875 3304 kmixer - ok
19:25:07.0875 3304 KMWDFILTER - ok
19:25:07.0921 3304 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:25:07.0921 3304 KSecDD - ok
19:25:07.0968 3304 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
19:25:07.0968 3304 lanmanserver - ok
19:25:08.0031 3304 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
19:25:08.0031 3304 lanmanworkstation - ok
19:25:08.0031 3304 lbrtfdc - ok
19:25:08.0093 3304 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
19:25:08.0093 3304 LmHosts - ok
19:25:08.0140 3304 LVUSBSta (c5efbd05a5195402121711a6ebbb271f) C:\WINDOWS\system32\drivers\lvusbsta.sys
19:25:08.0140 3304 LVUSBSta - ok
19:25:08.0171 3304 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:25:08.0171 3304 mdmxsdk - ok
19:25:08.0203 3304 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
19:25:08.0203 3304 Messenger - ok
19:25:08.0218 3304 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:25:08.0218 3304 mnmdd - ok
19:25:08.0265 3304 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
19:25:08.0265 3304 mnmsrvc - ok
19:25:08.0296 3304 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
19:25:08.0296 3304 Modem - ok
19:25:08.0296 3304 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:25:08.0296 3304 Mouclass - ok
19:25:08.0328 3304 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:25:08.0328 3304 MountMgr - ok
19:25:08.0421 3304 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:25:08.0421 3304 MozillaMaintenance - ok
19:25:08.0437 3304 mraid35x - ok
19:25:08.0453 3304 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:25:08.0453 3304 MRxDAV - ok
19:25:08.0531 3304 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:25:08.0531 3304 MRxSmb - ok
19:25:08.0546 3304 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
19:25:08.0562 3304 MSDTC - ok
19:25:08.0625 3304 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:25:08.0625 3304 Msfs - ok
19:25:08.0625 3304 MSIServer - ok
19:25:08.0687 3304 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:25:08.0687 3304 MSKSSRV - ok
19:25:08.0687 3304 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:25:08.0687 3304 MSPCLOCK - ok
19:25:08.0718 3304 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:25:08.0718 3304 MSPQM - ok
19:25:08.0765 3304 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:25:08.0765 3304 mssmbios - ok
19:25:08.0796 3304 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:25:08.0796 3304 MSTEE - ok
19:25:08.0890 3304 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:25:08.0890 3304 Mup - ok
19:25:08.0890 3304 mwlsvc - ok
19:25:08.0937 3304 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:25:08.0937 3304 NABTSFEC - ok
19:25:09.0000 3304 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
19:25:09.0015 3304 napagent - ok
19:25:09.0015 3304 navap - ok
19:25:09.0062 3304 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:25:09.0078 3304 NDIS - ok
19:25:09.0093 3304 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:25:09.0093 3304 NdisIP - ok
19:25:09.0140 3304 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:25:09.0140 3304 NdisTapi - ok
19:25:09.0156 3304 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:25:09.0156 3304 Ndisuio - ok
19:25:09.0156 3304 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:25:09.0156 3304 NdisWan - ok
19:25:09.0203 3304 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:25:09.0218 3304 NDProxy - ok
19:25:09.0218 3304 NeroMediaHomeService.4 - ok
19:25:09.0234 3304 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:25:09.0234 3304 NetBIOS - ok
19:25:09.0265 3304 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:25:09.0265 3304 NetBT - ok
19:25:09.0312 3304 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
19:25:09.0312 3304 NetDDE - ok
19:25:09.0312 3304 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
19:25:09.0312 3304 NetDDEdsdm - ok
19:25:09.0343 3304 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:25:09.0343 3304 Netlogon - ok
19:25:09.0375 3304 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
19:25:09.0375 3304 Netman - ok
19:25:09.0484 3304 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:25:09.0484 3304 NetTcpPortSharing - ok
19:25:09.0593 3304 NICCONFIGSVC (c82dcfcc00c10b91346abb953ff79ee8) C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
19:25:09.0609 3304 NICCONFIGSVC - ok
19:25:09.0671 3304 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
19:25:09.0671 3304 Nla - ok
19:25:09.0734 3304 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:25:09.0734 3304 Npfs - ok
19:25:09.0734 3304 nsvclog - ok
19:25:09.0812 3304 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:25:09.0812 3304 Ntfs - ok
19:25:09.0875 3304 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:25:09.0875 3304 NtLmSsp - ok
19:25:10.0812 3304 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
19:25:10.0812 3304 NtmsSvc - ok
19:25:10.0890 3304 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:25:10.0890 3304 Null - ok
19:25:10.0921 3304 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:25:10.0921 3304 NwlnkFlt - ok
19:25:10.0953 3304 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:25:10.0953 3304 NwlnkFwd - ok
19:25:10.0953 3304 ohci1394 - ok
19:25:10.0968 3304 OVT511Plus - ok
19:25:10.0968 3304 p1110vid - ok
19:25:11.0000 3304 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
19:25:11.0000 3304 Parport - ok
19:25:11.0015 3304 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:25:11.0015 3304 PartMgr - ok
19:25:11.0031 3304 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:25:11.0031 3304 ParVdm - ok
19:25:11.0046 3304 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
19:25:11.0046 3304 PCI - ok
19:25:11.0046 3304 PCIDump - ok
19:25:11.0093 3304 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
19:25:11.0093 3304 PCIIde - ok
19:25:11.0109 3304 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
19:25:11.0109 3304 Pcmcia - ok
19:25:11.0156 3304 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
19:25:11.0156 3304 pcouffin - ok
19:25:11.0171 3304 pctfw1 - ok
19:25:11.0171 3304 PDCOMP - ok
19:25:11.0171 3304 PDFRAME - ok
19:25:11.0187 3304 PDRELI - ok
19:25:11.0187 3304 PDRFRAME - ok
19:25:11.0234 3304 pepifilter (2a3efd6c3f116675d149da5e36a010a4) C:\WINDOWS\system32\DRIVERS\lv302af.sys
19:25:11.0234 3304 pepifilter - ok
19:25:11.0234 3304 perc2 - ok
19:25:11.0250 3304 perc2hib - ok
19:25:11.0265 3304 pgfilter - ok
19:25:11.0375 3304 PID_08A0 (cebefeae6156f4fee41f56be89ea9c96) C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
19:25:11.0375 3304 PID_08A0 - ok
19:25:11.0390 3304 PID_PEPI - ok
19:25:11.0437 3304 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
19:25:11.0437 3304 PlugPlay - ok
19:25:11.0484 3304 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:25:11.0484 3304 PolicyAgent - ok
19:25:11.0531 3304 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:25:11.0531 3304 PptpMiniport - ok
19:25:11.0531 3304 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:25:11.0531 3304 ProtectedStorage - ok
19:25:11.0593 3304 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:25:11.0593 3304 PSched - ok
19:25:11.0640 3304 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:25:11.0640 3304 Ptilink - ok
19:25:11.0656 3304 ql1080 - ok
19:25:11.0656 3304 Ql10wnt - ok
19:25:11.0656 3304 ql12160 - ok
19:25:11.0671 3304 ql1240 - ok
19:25:11.0671 3304 ql1280 - ok
19:25:11.0687 3304 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:25:11.0687 3304 RasAcd - ok
19:25:11.0703 3304 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
19:25:11.0703 3304 RasAuto - ok
19:25:11.0718 3304 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:25:11.0718 3304 Rasl2tp - ok
19:25:11.0781 3304 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
19:25:11.0781 3304 RasMan - ok
19:25:11.0796 3304 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:25:11.0796 3304 RasPppoe - ok
19:25:11.0796 3304 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:25:11.0796 3304 Raspti - ok
19:25:11.0859 3304 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:25:11.0859 3304 Rdbss - ok
19:25:11.0875 3304 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:25:11.0875 3304 RDPCDD - ok
19:25:11.0906 3304 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:25:11.0906 3304 rdpdr - ok
19:25:11.0968 3304 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
19:25:11.0968 3304 RDPWD - ok
19:25:12.0000 3304 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
19:25:12.0015 3304 RDSessMgr - ok
19:25:12.0031 3304 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:25:12.0031 3304 redbook - ok
19:25:12.0078 3304 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
19:25:12.0093 3304 RemoteAccess - ok
19:25:12.0109 3304 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
19:25:12.0109 3304 RemoteRegistry - ok
19:25:12.0156 3304 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys
19:25:12.0156 3304 Revoflt - ok
19:25:12.0203 3304 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
19:25:12.0203 3304 RFCOMM - ok
19:25:12.0218 3304 roxliveshare - ok
19:25:12.0218 3304 roxupnpserver - ok
19:25:12.0265 3304 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
19:25:12.0265 3304 RpcLocator - ok
19:25:12.0343 3304 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
19:25:12.0343 3304 RpcSs - ok
19:25:12.0406 3304 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
19:25:12.0406 3304 RSVP - ok
19:25:12.0421 3304 s24trans - ok
19:25:12.0437 3304 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:25:12.0437 3304 SamSs - ok
19:25:12.0562 3304 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:25:12.0562 3304 SASDIFSV - ok
19:25:12.0640 3304 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
19:25:12.0640 3304 SASKUTIL - ok
19:25:12.0703 3304 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
19:25:12.0703 3304 SCardSvr - ok
19:25:12.0765 3304 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
19:25:12.0765 3304 Schedule - ok
19:25:12.0781 3304 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:25:12.0781 3304 Secdrv - ok
19:25:12.0843 3304 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
19:25:12.0843 3304 seclogon - ok
19:25:12.0875 3304 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
19:25:12.0875 3304 SENS - ok
19:25:12.0890 3304 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:25:12.0890 3304 serenum - ok
19:25:12.0906 3304 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
19:25:12.0921 3304 Serial - ok
19:25:12.0968 3304 sfdrv01 (00de597b81b381053cb5b21a7f20e365) C:\WINDOWS\system32\drivers\sfdrv01.sys
19:25:12.0968 3304 sfdrv01 - ok
19:25:13.0250 3304 sfhlp02 (64b9ab76f1b16eb059cb6cdd906c067a) C:\WINDOWS\system32\drivers\sfhlp02.sys
19:25:13.0250 3304 sfhlp02 - ok
19:25:13.0250 3304 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:25:13.0250 3304 Sfloppy - ok
19:25:13.0328 3304 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
19:25:13.0328 3304 SharedAccess - ok
19:25:13.0390 3304 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:25:13.0390 3304 ShellHWDetection - ok
19:25:13.0406 3304 Simbad - ok
19:25:13.0437 3304 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:25:13.0437 3304 SLIP - ok
19:25:13.0609 3304 smserial (859e3adc59d1c89a66aa6492c14d379e) C:\WINDOWS\system32\DRIVERS\smserial.sys
19:25:13.0625 3304 smserial - ok
19:25:13.0640 3304 snoopfree - ok
19:25:13.0968 3304 SNP2UVC (4e225e5876714bb0a594a6440d154800) C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
19:25:14.0000 3304 SNP2UVC - ok
19:25:14.0093 3304 Sparrow - ok
19:25:14.0125 3304 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:25:14.0125 3304 splitter - ok
19:25:14.0156 3304 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
19:25:14.0156 3304 Spooler - ok
19:25:14.0187 3304 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
19:25:14.0187 3304 sr - ok
19:25:14.0234 3304 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
19:25:14.0250 3304 srservice - ok
19:25:14.0734 3304 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:25:14.0750 3304 Srv - ok
19:25:14.0781 3304 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
19:25:14.0781 3304 SSDPSRV - ok
19:25:14.0796 3304 ssoftservice - ok
19:25:14.0859 3304 STAC97 (305cc42945a713347f978d78566113f3) C:\WINDOWS\system32\drivers\STAC97.sys
19:25:14.0859 3304 STAC97 - ok
19:25:15.0203 3304 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
19:25:15.0203 3304 stisvc - ok
19:25:15.0250 3304 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:25:15.0265 3304 streamip - ok
19:25:15.0265 3304 STV672 - ok
19:25:15.0281 3304 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:25:15.0296 3304 swenum - ok
19:25:15.0312 3304 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:25:15.0312 3304 swmidi - ok
19:25:15.0312 3304 SwPrv - ok
19:25:15.0328 3304 symc810 - ok
19:25:15.0328 3304 symc8xx - ok
19:25:15.0343 3304 sym_hi - ok
19:25:15.0343 3304 sym_u3 - ok
19:25:15.0359 3304 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:25:15.0359 3304 sysaudio - ok
19:25:15.0421 3304 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
19:25:15.0421 3304 SysmonLog - ok
19:25:15.0453 3304 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
19:25:15.0453 3304 TapiSrv - ok
19:25:15.0515 3304 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:25:15.0515 3304 Tcpip - ok
19:25:15.0843 3304 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:25:15.0843 3304 TDPIPE - ok
19:25:15.0890 3304 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:25:15.0890 3304 TDTCP - ok
19:25:15.0921 3304 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:25:15.0921 3304 TermDD - ok
19:25:15.0953 3304 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
19:25:15.0953 3304 TermService - ok
19:25:16.0015 3304 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:25:16.0015 3304 Themes - ok
19:25:16.0062 3304 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
19:25:16.0062 3304 TlntSvr - ok
19:25:16.0078 3304 TosIde - ok
19:25:16.0078 3304 trcboot - ok
19:25:16.0125 3304 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
19:25:16.0125 3304 TrkWks - ok
19:25:16.0140 3304 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:25:16.0140 3304 Udfs - ok
19:25:16.0156 3304 UIUSys - ok
19:25:16.0156 3304 ultra - ok
19:25:16.0250 3304 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys
19:25:16.0250 3304 UnlockerDriver5 - ok
19:25:16.0312 3304 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:25:16.0328 3304 Update - ok
19:25:16.0343 3304 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
19:25:16.0359 3304 upnphost - ok
19:25:16.0375 3304 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
19:25:16.0375 3304 UPS - ok
19:25:16.0421 3304 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
19:25:16.0421 3304 USBAAPL - ok
19:25:16.0453 3304 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
19:25:16.0453 3304 usbaudio - ok
19:25:16.0484 3304 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:25:16.0484 3304 usbccgp - ok
19:25:16.0531 3304 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:25:16.0531 3304 usbehci - ok
19:25:16.0578 3304 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:25:16.0578 3304 usbhub - ok
19:25:16.0640 3304 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:25:16.0640 3304 USBSTOR - ok
19:25:16.0687 3304 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:25:16.0687 3304 usbuhci - ok
19:25:16.0703 3304 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
19:25:16.0703 3304 usb_rndisx - ok
19:25:16.0703 3304 V0070VID - ok
19:25:16.0750 3304 VComm (51750b0539986186c6931fc40d171521) C:\WINDOWS\system32\DRIVERS\VComm.sys
19:25:16.0765 3304 VComm - ok
19:25:16.0765 3304 VcommMgr (6d9c891c0a761afed1f3609c2e56f2b9) C:\WINDOWS\system32\Drivers\VcommMgr.sys
19:25:16.0765 3304 VcommMgr - ok
19:25:16.0781 3304 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:25:16.0781 3304 VgaSave - ok
19:25:16.0796 3304 ViaIde - ok
19:25:16.0796 3304 VIAudio - ok
19:25:16.0859 3304 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
19:25:16.0859 3304 VolSnap - ok
19:25:16.0906 3304 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
19:25:16.0921 3304 VSS - ok
19:25:16.0953 3304 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
19:25:16.0953 3304 W32Time - ok
19:25:16.0968 3304 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:25:16.0968 3304 Wanarp - ok
19:25:17.0046 3304 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
19:25:17.0046 3304 Wdf01000 - ok
19:25:17.0046 3304 WDICA - ok
19:25:17.0093 3304 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:25:17.0093 3304 wdmaud - ok
19:25:17.0125 3304 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
19:25:17.0125 3304 WebClient - ok
19:25:17.0125 3304 wfxsvc - ok
19:25:17.0140 3304 wg4n - ok
19:25:17.0234 3304 winachsf (0c5b9cf1bdf998750d9c5eeb5f8c55ac) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
19:25:17.0234 3304 winachsf - ok
19:25:17.0328 3304 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:25:17.0328 3304 winmgmt - ok
19:25:17.0453 3304 WinRM (18f347402da544a780949b8fdf83351b) C:\WINDOWS\system32\WsmSvc.dll
19:25:17.0468 3304 WinRM - ok
19:25:17.0609 3304 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
19:25:17.0609 3304 WinUSB - ok
19:25:17.0609 3304 wltrysvc - ok
19:25:17.0656 3304 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
19:25:17.0656 3304 WmdmPmSN - ok
19:25:17.0734 3304 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
19:25:17.0750 3304 Wmi - ok
19:25:17.0765 3304 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:25:17.0765 3304 WmiApSrv - ok
19:25:18.0000 3304 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
19:25:18.0000 3304 WMPNetworkSvc - ok
19:25:18.0015 3304 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:25:18.0015 3304 WpdUsb - ok
19:25:18.0062 3304 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
19:25:18.0062 3304 wscsvc - ok
19:25:18.0109 3304 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:25:18.0125 3304 WSTCODEC - ok
19:25:18.0140 3304 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
19:25:18.0140 3304 wuauserv - ok
19:25:18.0203 3304 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:25:18.0203 3304 WudfPf - ok
19:25:18.0218 3304 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:25:18.0218 3304 WudfRd - ok
19:25:18.0250 3304 WudfSvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\WINDOWS\System32\WUDFSvc.dll
19:25:18.0250 3304 WudfSvc - ok
19:25:18.0265 3304 WUSB54GPV4SRV - ok
19:25:18.0343 3304 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
19:25:18.0343 3304 WZCSVC - ok
19:25:18.0390 3304 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
19:25:18.0390 3304 xmlprov - ok
19:25:18.0546 3304 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:25:18.0546 3304 YahooAUService - ok
19:25:18.0593 3304 zumbus - ok
19:25:18.0609 3304 {a7447300-8075-4b0d-83f1-3d75c8ebc623} - ok
19:25:18.0640 3304 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:25:19.0140 3304 \Device\Harddisk0\DR0 - ok
19:25:19.0140 3304 Boot (0x1200) (fd2a610b772ea60f2c6123c3b3285ba5) \Device\Harddisk0\DR0\Partition0
19:25:19.0140 3304 \Device\Harddisk0\DR0\Partition0 - ok
19:25:19.0156 3304 ============================================================
19:25:19.0156 3304 Scan finished
19:25:19.0156 3304 ============================================================
19:25:19.0156 3296 Detected object count: 0
19:25:19.0156 3296 Actual detected object count: 0


_____________________________________________________________________________________________


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-01 19:25:04
-----------------------------
19:25:04.875 OS Version: Windows 5.1.2600 Service Pack 3
19:25:04.875 Number of processors: 1 586 0xD08
19:25:04.875 ComputerName: LAPTOP UserName:
19:25:05.812 Initialize success
19:41:10.750 AVAST engine defs: 12080101
19:41:37.625 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
19:41:37.625 Disk 0 Vendor: Hitachi_HTS541040G9AT00 MB2OA61A Size: 38154MB BusType: 3
19:41:37.640 Disk 0 MBR read successfully
19:41:37.640 Disk 0 MBR scan
19:41:37.765 Disk 0 Windows XP default MBR code
19:41:37.765 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38154 MB offset 63
19:41:37.781 Disk 0 scanning sectors +78140160
19:41:38.453 Disk 0 scanning C:\WINDOWS\system32\drivers
19:42:15.203 Service scanning
19:42:50.609 Modules scanning
19:43:31.187 Disk 0 trace - called modules:
19:43:31.218 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
19:43:31.218 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86d5bab8]
19:43:31.750 3 CLASSPNP.SYS[f7587fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86d14d98]
19:43:39.328 AVAST engine scan C:\WINDOWS
19:43:49.062 AVAST engine scan C:\WINDOWS\system32
19:51:05.328 AVAST engine scan C:\WINDOWS\system32\drivers
19:51:42.531 AVAST engine scan C:\Documents and Settings\laptop 2
19:54:47.671 File: C:\Documents and Settings\laptop 2\Local Settings\Application Data\{b325156e-99e5-a6d9-fc52-2d3f001c58ed}\U\000000cb.@ **INFECTED** Win32:Malware-gen
19:55:35.328 AVAST engine scan C:\Documents and Settings\All Users
19:56:06.546 Scan finished successfully
20:03:02.625 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\laptop 2\Desktop\MBR.dat"
20:03:02.640 The log file has been saved successfully to "C:\Documents and Settings\laptop 2\Desktop\aswMBR.txt"

#10 hostile17

hostile17
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 01 August 2012 - 10:23 PM

okay..the ESET finished and said 'No threats found.'

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:06 PM

Posted 01 August 2012 - 10:34 PM

Download

systemlook

Launch it and copy this script and paste in the BOX

:folderfind
{b325156e-99e5-a6d9-fc52-2d3f001c58ed}

Click on LOOK,post the generated log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#12 hostile17

hostile17
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 01 August 2012 - 11:53 PM

Ok..I think this is all of them:

Edited by hostile17, 02 August 2012 - 11:25 PM.


#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:06 PM

Posted 02 August 2012 - 12:05 AM

Open your C drive

On top,click on Tools-folder options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Documents and Settings\laptop 2\Local Settings\Application Data\{b325156e-99e5-a6d9-fc52-2d3f001c58ed}
C:\WINDOWS\Installer\{b325156e-99e5-a6d9-fc52-2d3f001c58ed}

delete the folders

Do you have any current issues?

#14 hostile17

hostile17
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 02 August 2012 - 12:10 AM

ok. i deleted the folders. everything seems to be working properly.

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:06 PM

Posted 02 August 2012 - 12:23 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users