Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirecting Virus Help


  • This topic is locked This topic is locked
67 replies to this topic

#1 Ellykitty

Ellykitty

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 05 August 2012 - 10:54 PM

Hello, I have Mozilla Firefox and when I do search on google, my searches are being re-directed to (seachportals.com)and many other web sites through that one. I have Kaspersky 2012 and also recently loaded Malwarebytes wich found 23 trojans and other viruses. Still the problem with the google searches being re-directed will not go. I have tried tools and advance options to check if there were any websites on the allowed list and there was one that I deleted but still the problem remains. Also the PC is very slow since all the viruses.

I have a saved logs from MalwareBytes, Please can anyone help with my problem?

Many thanks

Elly

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:53 AM

Posted 08 August 2012 - 08:16 AM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Ellykitty

Ellykitty
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 09 August 2012 - 05:44 PM

Dear Gringo, thank you for your reply. I have managed to stop the virus while i was waiting for a reply from this forum through the help of MalwareBytes. Apparently there was a Tool bar type Virus called PUP.TOOLBAR.DO in my Download folder. Currently the toolbar virus is in quarantine and the redirection seems to have stopped. However There are sometimes delete and back up copies for these viruses to stay within the PC so it might be a good idea to continue with your help instructions just to be sure.

While I am following your instructions, will I still be able to use my PC and the internet in a separate window?

It will not make my computer unstable in any way i.e. speed etc? (Although it is slow anyway)

I will wait for your reply before proceeding with your help instruction, this procedure could take some time so plz do not close this forum thread/post.

Many thanks for your kind help

Elly

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:53 AM

Posted 09 August 2012 - 07:21 PM

Greetings


you can use it while we are working together - the only thing I ask is not to install any new software so the reports don't change drastically



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:53 AM

Posted 12 August 2012 - 12:13 AM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 Ellykitty

Ellykitty
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 13 August 2012 - 06:53 PM

Dear gringo, thank you for your reply. I need some more time, I hope that is ok with you.
I will email you again to let you know of the progress.

Thank you for your patience.

Kind regards

Elly

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:53 AM

Posted 14 August 2012 - 12:27 AM

No problem and I will check on you in a couple of days if I have not heard from you




gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 Ellykitty

Ellykitty
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 21 August 2012 - 03:44 PM

Dear Gringo, Thank you for your patience. I have followed your instructions and here is the Note pad Log from the SecurityCheck.exe:

Results of screen317's Security Check version 0.99.46
Windows XP Service Pack 2 x86
Out of date service pack!!
Internet Explorer 6 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
AOL Spyware Protection
Malwarebytes Anti-Malware version 1.62.0.1300
Java™ 6 Update 21
Java 2 Runtime Environment, SE v1.4.2_03
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.0.1.152
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (14.0.1)
````````Process Check: objlist.exe by Laurent````````
Kaspersky Lab Kaspersky Internet Security 2012 avp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 24% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````



I will do the next step and post again, just in case something goes wrong.

Many Thanks

Elly

#9 Ellykitty

Ellykitty
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 21 August 2012 - 03:58 PM

Dear Gringo, I have now completed the DDs Scan and here is the DDS log, but Im not sure how to ZIP a document so I don't know how to post the Attach Log becaeuse it needs to be zipped before posting it to you?

Here is the DDS Log:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_21
Run by Elly1 at 21:49:29 on 2012-08-21
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2038.1301 [GMT 1:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGAE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Elly1\Desktop\Defogger.exe
C:\Documents and Settings\Elly1\Desktop\SecurityCheck.exe
C:\Program Files\Common Files\Corel\Standby\Standby.exe
C:\WINDOWS\system32\notepad.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.co.uk/
uSearch Page =
uDefault_Page_URL = hxxp://www.dell.co.uk/myway
uSearch Bar =
mDefault_Page_URL = hxxp://www.orange.co.uk/
uInternet Connection Wizard,ShellNext = hxxp://www.dell.co.uk/myway
mSearchAssistant =
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2012\ievkbd.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ISUSPM] "c:\documents and settings\all users\application data\flexnet\connect\11\ISUSPM.exe" -scheduler
uRun: [EPSON SX525WD Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatigae.exe /fu "c:\windows\temp\E_S343.tmp" /EF "HKCU"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [AOL Spyware Protection] "c:\progra~1\common~1\aol\aolspy~1\AOLSP Scheduler.exe"
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall
mRun: [Nuance PDF Reader-reminder] "c:\program files\nuance\pdf reader\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\nuance\pdf reader\ereg\Ereg.ini"
mRun: [SweetIM] c:\program files\sweetim\messenger\SweetIM.exe
mRun: [Adobe Reader Speed Launcher] "i:\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Corel File Shell Monitor] c:\program files\corel\corel paintshop photo pro\x3\pspclassic\CorelIOMonitor.exe
mRun: [Standby] "c:\program files\common files\corel\standby\Standby.exe" -START
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aol90t~1.lnk - c:\program files\aol 9.0\aoltray.exe
dPolicies-explorer: NofolderOptions = 1 (0x1)
dPolicies-system: DisableTaskMgr = 1 (0x1)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2012\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2012\ievkbd.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.2
TCP: Interfaces\{1B73639C-3B19-4DE5-843D-645DFA9D8ED6} : DhcpNameServer = 192.168.1.2
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: klogon - c:\windows\system32\klogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\elly1\application data\mozilla\firefox\profiles\fgs1zo0k.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - SweetIM Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - component: c:\program files\mozilla firefox\extensions\kavantibanner@kaspersky.ru\components\abhelperxpcom.dll
FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\nuance\pdf reader\bin\nppdf.dll
FF - plugin: c:\program files\nuance\pdf reader\bin\nppdf.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: i:\reader\browser\nppdf32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R0 KL1;kl1;c:\windows\system32\drivers\kl1.sys [2011-3-4 133208]
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2011-3-4 11352]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2010-9-19 565552]
R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe -r --> c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe -r [?]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R3 iadusb;MT882;c:\windows\system32\drivers\glauiad.sys [2010-9-19 30336]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2010-5-7 34608]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19472]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-8-19 40776]
R4 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys --> c:\windows\system32\drivers\mbam.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-6 113120]
.
=============== Created Last 30 ================
.
2012-08-19 06:15:58 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-08-06 00:33:04 -------- d-----w- c:\documents and settings\elly1\local settings\application data\Help
2012-08-05 22:16:40 -------- d-----w- c:\documents and settings\elly1\application data\Malwarebytes
2012-08-05 22:16:17 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-08-05 22:16:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-03 21:36:01 -------- d-----w- c:\documents and settings\elly1\local settings\application data\Identities
2012-08-03 21:35:57 -------- d-----w- c:\documents and settings\all users\application data\036E18D4004A57070000DF8EE56C3425
2012-08-03 21:35:54 -------- d-----w- c:\documents and settings\elly1\application data\Raaxe
2012-08-03 21:35:54 -------- d-----w- c:\documents and settings\elly1\application data\Ongao
2012-08-03 21:35:54 -------- d-----w- c:\documents and settings\elly1\application data\Anebla
2012-08-03 21:34:42 -------- d-sh--r- c:\windows\S-1-5-21-3592245751-2091714451-691278546-8883
2012-08-01 23:13:35 -------- d--h--w- c:\windows\system32\GroupPolicy
2012-08-01 23:04:19 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-08-01 23:04:19 -------- d-----w- c:\windows\system32\wbem\Repository
.
==================== Find3M ====================
.
2012-08-10 12:55:58 4444 --sha-w- c:\windows\system32\KGyGaAvL.sys
2012-08-10 12:55:56 56 --sh--r- c:\windows\system32\165EE3D80F.sys
2012-06-28 03:11:27 2516 --sha-w- c:\documents and settings\all users\application data\KGyGaAvL.sys
2012-06-28 03:11:09 88 --sh--r- c:\documents and settings\all users\application data\A7D495935E.sys
.
============= FINISH: 21:50:17.48 ===============



Once again thank you for your kind help. I await your reply once you have checked the Logs.

Kind regards

Elly

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:53 AM

Posted 21 August 2012 - 05:07 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 Ellykitty

Ellykitty
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 21 August 2012 - 06:27 PM

Hello, Thanks for your reply. I tried to run Combofix tool, It asked to update Recovery Console and when I clicked yes it tired to do it but n error message came back saying
(Failed to download Files..Aborting. Shall try continue scanning for antimalware)
I was already on the internet so I don't know what happened.

Continued with the scan but unfortunately I got a big blue screen saying that (Windows will have to shut down to protect damage to your computer. Plug and play detected error most likely caused by a faulty driver etc etc lots of writing then at the bottom it said

Technical info: STOP: 0X000000CA (OX000000004 0X8A13CC10)0X000000000/0X00000000

Beginning dump of Physical memory
Physical memory dump completed

I don't know what all this means, and there was no Log to show you in the forum.

What is your advise please, what is the next step?

How do I update Recovery Console without it failing ?

Anyway, its midnight here so I will check for your reply tomorrow. Thanks for your help.

Regards

Elly

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:53 AM

Posted 21 August 2012 - 07:16 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Ellykitty

Ellykitty
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 22 August 2012 - 02:33 PM

Hello Gringo, I have followed your instructions and here is the TDSSKILLER report you requested:

20:06:41.0484 2708 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
20:06:41.0734 2708 ============================================================
20:06:41.0734 2708 Current date / time: 2012/08/22 20:06:41.0734
20:06:41.0734 2708 SystemInfo:
20:06:41.0734 2708
20:06:41.0734 2708 OS Version: 5.1.2600 ServicePack: 2.0
20:06:41.0734 2708 Product type: Workstation
20:06:41.0734 2708 ComputerName: ELLY
20:06:41.0734 2708 UserName: Elly1
20:06:41.0734 2708 Windows directory: C:\WINDOWS
20:06:41.0734 2708 System windows directory: C:\WINDOWS
20:06:41.0734 2708 Processor architecture: Intel x86
20:06:41.0734 2708 Number of processors: 2
20:06:41.0734 2708 Page size: 0x1000
20:06:41.0734 2708 Boot type: Normal boot
20:06:41.0734 2708 ============================================================
20:06:42.0593 2708 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:06:42.0656 2708 ============================================================
20:06:42.0656 2708 \Device\Harddisk0\DR0:
20:06:42.0656 2708 MBR partitions:
20:06:42.0656 2708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x120A4B98
20:06:42.0656 2708 ============================================================
20:06:42.0687 2708 C: <-> \Device\Harddisk0\DR0\Partition1
20:06:42.0687 2708 ============================================================
20:06:42.0687 2708 Initialize success
20:06:42.0687 2708 ============================================================
20:06:48.0765 2392 ============================================================
20:06:48.0765 2392 Scan started
20:06:48.0765 2392 Mode: Manual;
20:06:48.0765 2392 ============================================================
20:06:48.0875 2392 ================ Scan system memory ========================
20:06:48.0875 2392 System memory - ok
20:06:48.0875 2392 ================ Scan services =============================
20:06:49.0109 2392 Abiosdsk - ok
20:06:49.0125 2392 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
20:06:49.0125 2392 abp480n5 - ok
20:06:49.0156 2392 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:06:49.0156 2392 ACPI - ok
20:06:49.0171 2392 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:06:49.0171 2392 ACPIEC - ok
20:06:49.0187 2392 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:06:49.0203 2392 adpu160m - ok
20:06:49.0218 2392 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:06:49.0234 2392 aec - ok
20:06:49.0265 2392 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:06:49.0265 2392 AFD - ok
20:06:49.0281 2392 [ 2C428FA0C3E3A01ED93C9B2A27D8D4BB ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
20:06:49.0281 2392 agp440 - ok
20:06:49.0281 2392 [ 67288B07D6ABA6C1267B626E67BC56FD ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
20:06:49.0281 2392 agpCPQ - ok
20:06:49.0296 2392 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
20:06:49.0296 2392 Aha154x - ok
20:06:49.0312 2392 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:06:49.0328 2392 aic78u2 - ok
20:06:49.0328 2392 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:06:49.0328 2392 aic78xx - ok
20:06:49.0359 2392 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:06:49.0359 2392 Alerter - ok
20:06:49.0375 2392 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
20:06:49.0375 2392 ALG - ok
20:06:49.0390 2392 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
20:06:49.0406 2392 AliIde - ok
20:06:49.0406 2392 [ F312B7CEF21EFF52FA23056B9D815FAD ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
20:06:49.0421 2392 alim1541 - ok
20:06:49.0421 2392 [ 675C16A3C1F8482F85EE4A97FC0DDE3D ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
20:06:49.0421 2392 amdagp - ok
20:06:49.0437 2392 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
20:06:49.0437 2392 amsint - ok
20:06:49.0578 2392 [ 7F8A24A83193A3A1998EBFFDEF8E03FB ] AOL ACS C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
20:06:49.0578 2392 AOL ACS - ok
20:06:49.0593 2392 [ 9C3C12975C97119412802B181FBEEFFE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:06:49.0593 2392 AppMgmt - ok
20:06:49.0609 2392 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
20:06:49.0609 2392 asc - ok
20:06:49.0609 2392 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
20:06:49.0625 2392 asc3350p - ok
20:06:49.0625 2392 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
20:06:49.0625 2392 asc3550 - ok
20:06:49.0843 2392 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:06:49.0859 2392 aspnet_state - ok
20:06:49.0859 2392 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:06:49.0875 2392 AsyncMac - ok
20:06:49.0890 2392 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:06:49.0890 2392 atapi - ok
20:06:49.0890 2392 Atdisk - ok
20:06:49.0906 2392 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:06:49.0906 2392 Atmarpc - ok
20:06:49.0937 2392 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:06:49.0953 2392 AudioSrv - ok
20:06:49.0953 2392 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:06:49.0953 2392 audstub - ok
20:06:50.0000 2392 AVP - ok
20:06:50.0015 2392 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:06:50.0015 2392 Beep - ok
20:06:50.0062 2392 [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS C:\WINDOWS\System32\qmgr.dll
20:06:50.0093 2392 BITS - ok
20:06:50.0125 2392 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser C:\WINDOWS\System32\browser.dll
20:06:50.0140 2392 Browser - ok
20:06:50.0140 2392 bvrp_pci - ok
20:06:50.0296 2392 catchme - ok
20:06:50.0328 2392 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
20:06:50.0328 2392 cbidf - ok
20:06:50.0343 2392 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:06:50.0343 2392 cbidf2k - ok
20:06:50.0359 2392 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:06:50.0359 2392 CCDECODE - ok
20:06:50.0375 2392 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
20:06:50.0375 2392 cd20xrnt - ok
20:06:50.0406 2392 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:06:50.0406 2392 Cdaudio - ok
20:06:50.0421 2392 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:06:50.0421 2392 Cdfs - ok
20:06:50.0468 2392 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:06:50.0468 2392 Cdrom - ok
20:06:50.0484 2392 Changer - ok
20:06:50.0515 2392 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:06:50.0515 2392 CiSvc - ok
20:06:50.0515 2392 [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:06:50.0531 2392 ClipSrv - ok
20:06:50.0562 2392 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:06:50.0593 2392 clr_optimization_v2.0.50727_32 - ok
20:06:50.0609 2392 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
20:06:50.0625 2392 CmdIde - ok
20:06:50.0625 2392 COMSysApp - ok
20:06:50.0640 2392 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
20:06:50.0640 2392 Cpqarray - ok
20:06:50.0671 2392 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:06:50.0671 2392 CryptSvc - ok
20:06:50.0687 2392 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
20:06:50.0703 2392 dac2w2k - ok
20:06:50.0703 2392 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
20:06:50.0703 2392 dac960nt - ok
20:06:50.0734 2392 [ 24B5D53B9ACCC1E2EDCF0A878D6659D4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:06:50.0750 2392 DcomLaunch - ok
20:06:50.0781 2392 [ CB6CA3E5261D65F6F809EED23BF167AA ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:06:50.0781 2392 Dhcp - ok
20:06:50.0812 2392 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:06:50.0828 2392 Disk - ok
20:06:50.0890 2392 [ E2D0DE31442390C35E3163C87CB6A9EB ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
20:06:50.0890 2392 DLABOIOM - ok
20:06:50.0906 2392 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
20:06:50.0906 2392 DLACDBHM - ok
20:06:50.0906 2392 [ 83545593E297F50A8E2524B4C071A153 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
20:06:50.0906 2392 DLADResN - ok
20:06:50.0921 2392 [ 96E01D901CDC98C7817155CC057001BF ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
20:06:50.0921 2392 DLAIFS_M - ok
20:06:50.0921 2392 [ 0A60A39CC5E767980A31CA5D7238DFA9 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
20:06:50.0921 2392 DLAOPIOM - ok
20:06:50.0937 2392 [ 9FE2B72558FC808357F427FD83314375 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
20:06:50.0937 2392 DLAPoolM - ok
20:06:50.0937 2392 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
20:06:50.0937 2392 DLARTL_N - ok
20:06:50.0953 2392 [ F08E1DAFAC457893399E03430A6A1397 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
20:06:50.0953 2392 DLAUDFAM - ok
20:06:50.0953 2392 [ E7D105ED1E694449D444A9933DF8E060 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
20:06:50.0953 2392 DLAUDF_M - ok
20:06:50.0968 2392 dmadmin - ok
20:06:51.0015 2392 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:06:51.0046 2392 dmboot - ok
20:06:51.0046 2392 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:06:51.0046 2392 dmio - ok
20:06:51.0062 2392 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:06:51.0062 2392 dmload - ok
20:06:51.0078 2392 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
20:06:51.0078 2392 dmserver - ok
20:06:51.0093 2392 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:06:51.0093 2392 DMusic - ok
20:06:51.0140 2392 [ 7379DE06FD196E396A00AA97B990C00D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:06:51.0140 2392 Dnscache - ok
20:06:51.0171 2392 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20:06:51.0171 2392 dpti2o - ok
20:06:51.0171 2392 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:06:51.0171 2392 drmkaud - ok
20:06:51.0203 2392 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
20:06:51.0203 2392 DRVMCDB - ok
20:06:51.0203 2392 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
20:06:51.0218 2392 DRVNDDM - ok
20:06:51.0234 2392 [ 95974E66D3DE4951D29E28E8BC0B644C ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
20:06:51.0234 2392 E100B - ok
20:06:51.0312 2392 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
20:06:51.0312 2392 ehRecvr - ok
20:06:51.0359 2392 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
20:06:51.0359 2392 ehSched - ok
20:06:51.0375 2392 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:06:51.0375 2392 ERSvc - ok
20:06:51.0406 2392 [ 4712531AB7A01B7EE059853CA17D39BD ] Eventlog C:\WINDOWS\system32\services.exe
20:06:51.0406 2392 Eventlog - ok
20:06:51.0437 2392 [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem C:\WINDOWS\system32\es.dll
20:06:51.0437 2392 EventSystem - ok
20:06:51.0468 2392 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:06:51.0468 2392 Fastfat - ok
20:06:51.0515 2392 [ E7518DC542D3EBDCB80EDD98462C7821 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:06:51.0515 2392 FastUserSwitchingCompatibility - ok
20:06:51.0546 2392 [ FCBD571FA0EE8DC238944AE5FAB74461 ] Fax C:\WINDOWS\system32\fxssvc.exe
20:06:51.0562 2392 Fax - ok
20:06:51.0578 2392 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
20:06:51.0578 2392 Fdc - ok
20:06:51.0593 2392 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:06:51.0593 2392 Fips - ok
20:06:51.0625 2392 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:06:51.0625 2392 Flpydisk - ok
20:06:51.0640 2392 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:06:51.0656 2392 FltMgr - ok
20:06:51.0718 2392 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:06:51.0718 2392 FontCache3.0.0.0 - ok
20:06:51.0734 2392 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:06:51.0734 2392 Fs_Rec - ok
20:06:51.0750 2392 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:06:51.0750 2392 Ftdisk - ok
20:06:51.0781 2392 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:06:51.0781 2392 Gpc - ok
20:06:51.0812 2392 [ ECC2B633B909448C2806EA36FFEA1933 ] hcwPP2 C:\WINDOWS\system32\DRIVERS\hcwPP2.sys
20:06:51.0828 2392 hcwPP2 - ok
20:06:51.0875 2392 [ E31363D186B3E1D7C4E9117884A6AEE5 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:06:51.0875 2392 HDAudBus - ok
20:06:51.0921 2392 [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:06:51.0921 2392 helpsvc - ok
20:06:51.0937 2392 [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ C:\WINDOWS\System32\hidserv.dll
20:06:51.0937 2392 HidServ - ok
20:06:51.0953 2392 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:06:51.0953 2392 HidUsb - ok
20:06:51.0968 2392 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
20:06:51.0968 2392 hpn - ok
20:06:52.0000 2392 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:06:52.0000 2392 HTTP - ok
20:06:52.0031 2392 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:06:52.0031 2392 HTTPFilter - ok
20:06:52.0062 2392 [ 8F09F91B5C91363B77BCD15599570F2C ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
20:06:52.0062 2392 i2omgmt - ok
20:06:52.0093 2392 [ ED6BF9E441FDEA13292A6D30A64A24C3 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
20:06:52.0093 2392 i2omp - ok
20:06:52.0093 2392 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:06:52.0093 2392 i8042prt - ok
20:06:52.0109 2392 [ 6B9AB7919228559A57D94F762413459D ] iadusb C:\WINDOWS\system32\DRIVERS\glauiad.sys
20:06:52.0109 2392 iadusb - ok
20:06:52.0187 2392 [ 5A8E05F1D5C36ABD58CFFA111EB325EA ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
20:06:52.0234 2392 ialm - ok
20:06:52.0343 2392 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:06:52.0375 2392 idsvc - ok
20:06:52.0406 2392 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:06:52.0406 2392 Imapi - ok
20:06:52.0453 2392 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:06:52.0453 2392 ImapiService - ok
20:06:52.0484 2392 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
20:06:52.0484 2392 ini910u - ok
20:06:52.0546 2392 [ 7509C548400F4C9E0211E3F6E66ABBE6 ] IntelC51 C:\WINDOWS\system32\DRIVERS\IntelC51.sys
20:06:52.0546 2392 IntelC51 - ok
20:06:52.0609 2392 [ 9584FFDD41D37F2C239681D0DAC2513E ] IntelC52 C:\WINDOWS\system32\DRIVERS\IntelC52.sys
20:06:52.0609 2392 IntelC52 - ok
20:06:52.0656 2392 [ CF0B937710CEC6EF39416EDECD803CBB ] IntelC53 C:\WINDOWS\system32\DRIVERS\IntelC53.sys
20:06:52.0656 2392 IntelC53 - ok
20:06:52.0671 2392 [ 2D722B2B54AB55B2FA475EB58D7B2AAD ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
20:06:52.0671 2392 IntelIde - ok
20:06:52.0687 2392 [ 279FB78702454DFF2BB445F238C048D2 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:06:52.0687 2392 intelppm - ok
20:06:52.0718 2392 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:06:52.0718 2392 Ip6Fw - ok
20:06:52.0750 2392 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:06:52.0750 2392 IpFilterDriver - ok
20:06:52.0750 2392 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:06:52.0750 2392 IpInIp - ok
20:06:52.0765 2392 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:06:52.0781 2392 IpNat - ok
20:06:52.0812 2392 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:06:52.0812 2392 IPSec - ok
20:06:52.0828 2392 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:06:52.0828 2392 IRENUM - ok
20:06:52.0843 2392 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:06:52.0843 2392 isapnp - ok
20:06:52.0968 2392 [ 126A16F569122AE00AD3D12EF831D651 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
20:06:52.0968 2392 JavaQuickStarterService - ok
20:06:53.0000 2392 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:06:53.0015 2392 Kbdclass - ok
20:06:53.0015 2392 [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:06:53.0031 2392 kbdhid - ok
20:06:53.0046 2392 [ 186B54479D98E48AEE0E9ADA4B3C4D31 ] KL1 C:\WINDOWS\system32\drivers\kl1.sys
20:06:53.0046 2392 KL1 - ok
20:06:53.0046 2392 [ BF485BFBA13C0AB116701FD9C55324D0 ] kl2 C:\WINDOWS\system32\DRIVERS\kl2.sys
20:06:53.0062 2392 kl2 - ok
20:06:53.0093 2392 [ 5D92A03045A6A98708975B3D77B39A36 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
20:06:53.0109 2392 KLIF - ok
20:06:53.0156 2392 [ 96A7EC308A93DA26DFE481308BAAC2A2 ] klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys
20:06:53.0156 2392 klim5 - ok
20:06:53.0156 2392 [ 3959530F69E19DA56F1F24F2C89F1E2C ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
20:06:53.0156 2392 klmouflt - ok
20:06:53.0203 2392 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:06:53.0203 2392 kmixer - ok
20:06:53.0234 2392 [ 1BE7CC2535D760AE4D481576EB789F24 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:06:53.0234 2392 KSecDD - ok
20:06:53.0250 2392 [ 93D32468D34E000CB3407947D1D6E22A ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:06:53.0250 2392 lanmanserver - ok
20:06:53.0281 2392 [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:06:53.0281 2392 lanmanworkstation - ok
20:06:53.0281 2392 lbrtfdc - ok
20:06:53.0343 2392 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:06:53.0343 2392 LmHosts - ok
20:06:53.0359 2392 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
20:06:53.0375 2392 MBAMSwissArmy - ok
20:06:53.0406 2392 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
20:06:53.0406 2392 McrdSvc - ok
20:06:53.0421 2392 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:06:53.0421 2392 Messenger - ok
20:06:53.0453 2392 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
20:06:53.0453 2392 MHN - ok
20:06:53.0468 2392 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
20:06:53.0468 2392 MHNDRV - ok
20:06:53.0484 2392 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:06:53.0484 2392 mnmdd - ok
20:06:53.0531 2392 [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:06:53.0531 2392 mnmsrvc - ok
20:06:53.0546 2392 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:06:53.0546 2392 Modem - ok
20:06:53.0562 2392 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
20:06:53.0562 2392 MODEMCSA - ok
20:06:53.0562 2392 [ 59B8B11FF70728EEC60E72131C58B716 ] mohfilt C:\WINDOWS\system32\DRIVERS\mohfilt.sys
20:06:53.0562 2392 mohfilt - ok
20:06:53.0578 2392 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:06:53.0578 2392 Mouclass - ok
20:06:53.0593 2392 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:06:53.0593 2392 mouhid - ok
20:06:53.0593 2392 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:06:53.0593 2392 MountMgr - ok
20:06:53.0656 2392 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:06:53.0671 2392 MozillaMaintenance - ok
20:06:53.0687 2392 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
20:06:53.0687 2392 mraid35x - ok
20:06:53.0687 2392 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:06:53.0687 2392 MRxDAV - ok
20:06:53.0734 2392 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:06:53.0750 2392 MRxSmb - ok
20:06:53.0781 2392 [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:06:53.0781 2392 MSDTC - ok
20:06:53.0796 2392 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:06:53.0796 2392 Msfs - ok
20:06:53.0796 2392 MSIServer - ok
20:06:53.0812 2392 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:06:53.0812 2392 MSKSSRV - ok
20:06:53.0828 2392 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:06:53.0828 2392 MSPCLOCK - ok
20:06:53.0843 2392 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:06:53.0843 2392 MSPQM - ok
20:06:53.0875 2392 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:06:53.0875 2392 mssmbios - ok
20:06:53.0890 2392 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:06:53.0890 2392 MSTEE - ok
20:06:53.0890 2392 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:06:53.0906 2392 Mup - ok
20:06:53.0906 2392 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:06:53.0906 2392 NABTSFEC - ok
20:06:53.0937 2392 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:06:53.0937 2392 NDIS - ok
20:06:53.0937 2392 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:06:53.0953 2392 NdisIP - ok
20:06:53.0968 2392 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:06:53.0968 2392 NdisTapi - ok
20:06:53.0968 2392 [ EEFA1CE63805D2145978621BE5C6D955 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:06:53.0968 2392 Ndisuio - ok
20:06:53.0984 2392 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:06:53.0984 2392 NdisWan - ok
20:06:53.0984 2392 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:06:53.0984 2392 NDProxy - ok
20:06:54.0000 2392 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:06:54.0000 2392 NetBIOS - ok
20:06:54.0015 2392 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:06:54.0015 2392 NetBT - ok
20:06:54.0046 2392 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
20:06:54.0062 2392 NetDDE - ok
20:06:54.0062 2392 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:06:54.0062 2392 NetDDEdsdm - ok
20:06:54.0093 2392 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:06:54.0093 2392 Netlogon - ok
20:06:54.0109 2392 [ DAB9E6C7105D2EF49876FE92C524F565 ] Netman C:\WINDOWS\System32\netman.dll
20:06:54.0125 2392 Netman - ok
20:06:54.0203 2392 [ 9DA26B773BD04B867A8E9F427CD048FC ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
20:06:54.0203 2392 NetSvc - ok
20:06:54.0250 2392 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:06:54.0250 2392 NetTcpPortSharing - ok
20:06:54.0296 2392 [ 097722F235A1FB698BF9234E01B52637 ] Nla C:\WINDOWS\System32\mswsock.dll
20:06:54.0296 2392 Nla - ok
20:06:54.0312 2392 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:06:54.0312 2392 Npfs - ok
20:06:54.0375 2392 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:06:54.0390 2392 Ntfs - ok
20:06:54.0406 2392 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:06:54.0421 2392 NtLmSsp - ok
20:06:54.0453 2392 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:06:54.0453 2392 NtmsSvc - ok
20:06:54.0562 2392 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:06:54.0562 2392 Null - ok
20:06:54.0687 2392 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:06:54.0906 2392 nv - ok
20:06:54.0937 2392 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:06:54.0937 2392 NwlnkFlt - ok
20:06:54.0953 2392 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:06:54.0953 2392 NwlnkFwd - ok
20:06:55.0046 2392 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:06:55.0062 2392 odserv - ok
20:06:55.0093 2392 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:06:55.0093 2392 ose - ok
20:06:55.0109 2392 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:06:55.0109 2392 Parport - ok
20:06:55.0140 2392 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:06:55.0140 2392 PartMgr - ok
20:06:55.0156 2392 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:06:55.0156 2392 ParVdm - ok
20:06:55.0156 2392 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:06:55.0171 2392 PCI - ok
20:06:55.0171 2392 PCIDump - ok
20:06:55.0171 2392 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:06:55.0171 2392 PCIIde - ok
20:06:55.0203 2392 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:06:55.0203 2392 Pcmcia - ok
20:06:55.0203 2392 PDCOMP - ok
20:06:55.0203 2392 PDFRAME - ok
20:06:55.0218 2392 PDRELI - ok
20:06:55.0218 2392 PDRFRAME - ok
20:06:55.0218 2392 pepifilter - ok
20:06:55.0265 2392 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
20:06:55.0265 2392 perc2 - ok
20:06:55.0281 2392 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
20:06:55.0281 2392 perc2hib - ok
20:06:55.0390 2392 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\ComboFix\pev.3XE
20:06:55.0421 2392 PEVSystemStart - ok
20:06:55.0421 2392 PID_08A0 - ok
20:06:55.0453 2392 [ 4712531AB7A01B7EE059853CA17D39BD ] PlugPlay C:\WINDOWS\system32\services.exe
20:06:55.0468 2392 PlugPlay - ok
20:06:55.0468 2392 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:06:55.0484 2392 PolicyAgent - ok
20:06:55.0484 2392 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:06:55.0484 2392 PptpMiniport - ok
20:06:55.0500 2392 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:06:55.0500 2392 ProtectedStorage - ok
20:06:55.0500 2392 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:06:55.0500 2392 PSched - ok
20:06:55.0562 2392 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
20:06:55.0562 2392 PSI_SVC_2 - ok
20:06:55.0578 2392 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:06:55.0578 2392 Ptilink - ok
20:06:55.0593 2392 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:06:55.0593 2392 PxHelp20 - ok
20:06:55.0625 2392 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
20:06:55.0625 2392 ql1080 - ok
20:06:55.0625 2392 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
20:06:55.0625 2392 Ql10wnt - ok
20:06:55.0640 2392 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
20:06:55.0640 2392 ql12160 - ok
20:06:55.0640 2392 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
20:06:55.0640 2392 ql1240 - ok
20:06:55.0656 2392 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
20:06:55.0656 2392 ql1280 - ok
20:06:55.0671 2392 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:06:55.0687 2392 RasAcd - ok
20:06:55.0703 2392 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:06:55.0718 2392 RasAuto - ok
20:06:55.0734 2392 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:06:55.0734 2392 Rasl2tp - ok
20:06:55.0765 2392 [ 41A3C11E3517C962C9B44893BCEC3B34 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:06:55.0765 2392 RasMan - ok
20:06:55.0781 2392 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:06:55.0781 2392 RasPppoe - ok
20:06:55.0781 2392 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:06:55.0781 2392 Raspti - ok
20:06:55.0828 2392 [ 809CA45CAA9072B3176AD44579D7F688 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:06:55.0828 2392 Rdbss - ok
20:06:55.0828 2392 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:06:55.0843 2392 RDPCDD - ok
20:06:55.0843 2392 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:06:55.0859 2392 rdpdr - ok
20:06:55.0906 2392 [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:06:55.0906 2392 RDPWD - ok
20:06:55.0937 2392 [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:06:55.0937 2392 RDSessMgr - ok
20:06:55.0953 2392 [ B31B4588E4086D8D84ADBF9845C2402B ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:06:55.0953 2392 redbook - ok
20:06:55.0984 2392 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:06:55.0984 2392 RemoteAccess - ok
20:06:56.0015 2392 [ 3151427DB7D87107D1C5BE58FAC53960 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:06:56.0015 2392 RemoteRegistry - ok
20:06:56.0046 2392 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\system32\locator.exe
20:06:56.0046 2392 RpcLocator - ok
20:06:56.0078 2392 [ 24B5D53B9ACCC1E2EDCF0A878D6659D4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:06:56.0078 2392 RpcSs - ok
20:06:56.0125 2392 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:06:56.0125 2392 RSVP - ok
20:06:56.0156 2392 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
20:06:56.0156 2392 SamSs - ok
20:06:56.0187 2392 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:06:56.0187 2392 SCardSvr - ok
20:06:56.0218 2392 [ 92360854316611F6CC471612213C3D92 ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:06:56.0218 2392 Schedule - ok
20:06:56.0250 2392 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:06:56.0250 2392 Secdrv - ok
20:06:56.0281 2392 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
20:06:56.0281 2392 seclogon - ok
20:06:56.0312 2392 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
20:06:56.0312 2392 SENS - ok
20:06:56.0328 2392 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:06:56.0328 2392 serenum - ok
20:06:56.0359 2392 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:06:56.0359 2392 Serial - ok
20:06:56.0406 2392 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:06:56.0406 2392 Sfloppy - ok
20:06:56.0421 2392 [ E7518DC542D3EBDCB80EDD98462C7821 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:06:56.0421 2392 ShellHWDetection - ok
20:06:56.0437 2392 Simbad - ok
20:06:56.0468 2392 [ 732D859B286DA692119F286B21A2A114 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
20:06:56.0468 2392 sisagp - ok
20:06:56.0484 2392 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:06:56.0484 2392 SLIP - ok
20:06:56.0484 2392 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
20:06:56.0500 2392 Sparrow - ok
20:06:56.0515 2392 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:06:56.0515 2392 splitter - ok
20:06:56.0562 2392 [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:06:56.0562 2392 Spooler - ok
20:06:56.0578 2392 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:06:56.0578 2392 sr - ok
20:06:56.0625 2392 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice C:\WINDOWS\system32\srsvc.dll
20:06:56.0625 2392 srservice - ok
20:06:56.0640 2392 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:06:56.0656 2392 Srv - ok
20:06:56.0687 2392 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:06:56.0687 2392 SSDPSRV - ok
20:06:56.0750 2392 [ 26EB7ACF476A3461B85F5BCE9A677A4A ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
20:06:56.0750 2392 STHDA - ok
20:06:56.0796 2392 [ D9F6C4F6B1E188ADAFC42B561D9BC2E6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:06:56.0796 2392 stisvc - ok
20:06:56.0812 2392 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:06:56.0812 2392 streamip - ok
20:06:56.0828 2392 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:06:56.0828 2392 swenum - ok
20:06:56.0828 2392 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:06:56.0828 2392 swmidi - ok
20:06:56.0843 2392 SwPrv - ok
20:06:56.0859 2392 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
20:06:56.0859 2392 symc810 - ok
20:06:56.0875 2392 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:06:56.0875 2392 symc8xx - ok
20:06:56.0890 2392 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
20:06:56.0890 2392 sym_hi - ok
20:06:56.0890 2392 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:06:56.0890 2392 sym_u3 - ok
20:06:56.0921 2392 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:06:56.0921 2392 sysaudio - ok
20:06:56.0953 2392 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:06:56.0953 2392 SysmonLog - ok
20:06:56.0968 2392 [ EB4A4187D74A8EFDCBEA3EA2CB1BDFBD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:06:56.0968 2392 TapiSrv - ok
20:06:57.0015 2392 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:06:57.0015 2392 Tcpip - ok
20:06:57.0031 2392 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:06:57.0031 2392 TDPIPE - ok
20:06:57.0046 2392 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:06:57.0046 2392 TDTCP - ok
20:06:57.0109 2392 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:06:57.0109 2392 TermDD - ok
20:06:57.0171 2392 [ C29A5286E64D97385178452D5F307B98 ] TermService C:\WINDOWS\System32\termsrv.dll
20:06:57.0171 2392 TermService - ok
20:06:57.0187 2392 [ E7518DC542D3EBDCB80EDD98462C7821 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:06:57.0203 2392 Themes - ok
20:06:57.0250 2392 [ 37DB0A7D097310E8B4DE803FC3119C78 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:06:57.0250 2392 TlntSvr - ok
20:06:57.0250 2392 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
20:06:57.0265 2392 TosIde - ok
20:06:57.0281 2392 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:06:57.0281 2392 TrkWks - ok
20:06:57.0312 2392 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:06:57.0312 2392 Udfs - ok
20:06:57.0312 2392 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
20:06:57.0312 2392 ultra - ok
20:06:57.0328 2392 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:06:57.0328 2392 Update - ok
20:06:57.0359 2392 [ 0546477BDE979E33294FE97F6B3DE84A ] upnphost C:\WINDOWS\System32\upnphost.dll
20:06:57.0359 2392 upnphost - ok
20:06:57.0390 2392 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
20:06:57.0390 2392 UPS - ok
20:06:57.0421 2392 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
20:06:57.0421 2392 usbaudio - ok
20:06:57.0437 2392 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:06:57.0437 2392 usbccgp - ok
20:06:57.0453 2392 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:06:57.0453 2392 usbehci - ok
20:06:57.0484 2392 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:06:57.0500 2392 usbhub - ok
20:06:57.0531 2392 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:06:57.0531 2392 usbprint - ok
20:06:57.0562 2392 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:06:57.0562 2392 usbscan - ok
20:06:57.0578 2392 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:06:57.0578 2392 USBSTOR - ok
20:06:57.0593 2392 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:06:57.0593 2392 usbuhci - ok
20:06:57.0625 2392 [ 8968FF3973A883C49E8B564200F565B9 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
20:06:57.0625 2392 usbvideo - ok
20:06:57.0625 2392 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:06:57.0625 2392 VgaSave - ok
20:06:57.0656 2392 [ D92E7C8A30CFD14D8E15B5F7F032151B ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
20:06:57.0656 2392 viaagp - ok
20:06:57.0671 2392 [ 59CB1338AD3654417BEA49636457F65D ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
20:06:57.0671 2392 ViaIde - ok
20:06:57.0687 2392 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:06:57.0687 2392 VolSnap - ok
20:06:57.0718 2392 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
20:06:57.0734 2392 VSS - ok
20:06:57.0765 2392 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] w32time C:\WINDOWS\system32\w32time.dll
20:06:57.0765 2392 w32time - ok
20:06:57.0796 2392 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:06:57.0796 2392 Wanarp - ok
20:06:57.0828 2392 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
20:06:57.0843 2392 wanatw - ok
20:06:57.0843 2392 WDICA - ok
20:06:57.0859 2392 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:06:57.0859 2392 wdmaud - ok
20:06:57.0875 2392 [ 5D0A442864BFBF3B19DCCA4CD29F6E99 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:06:57.0875 2392 WebClient - ok
20:06:57.0953 2392 [ F399242A80C4066FD155EFA4CF96658E ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:06:57.0953 2392 winmgmt - ok
20:06:58.0000 2392 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:06:58.0000 2392 WmdmPmSN - ok
20:06:58.0046 2392 [ E8E57B0F9EB03D1AABEC28D550C75116 ] Wmi C:\WINDOWS\System32\advapi32.dll
20:06:58.0062 2392 Wmi - ok
20:06:58.0125 2392 [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:06:58.0125 2392 WmiApSrv - ok
20:06:58.0187 2392 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
20:06:58.0203 2392 WMPNetworkSvc - ok
20:06:58.0234 2392 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:06:58.0234 2392 WS2IFSL - ok
20:06:58.0281 2392 [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:06:58.0281 2392 wscsvc - ok
20:06:58.0296 2392 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:06:58.0296 2392 WSTCODEC - ok
20:06:58.0328 2392 [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:06:58.0359 2392 wuauserv - ok
20:06:58.0375 2392 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:06:58.0375 2392 WudfPf - ok
20:06:58.0406 2392 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:06:58.0406 2392 WudfRd - ok
20:06:58.0421 2392 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:06:58.0421 2392 WudfSvc - ok
20:06:58.0468 2392 [ 247520EDED53A08AE89EA4FAE04F54D8 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:06:58.0484 2392 WZCSVC - ok
20:06:58.0515 2392 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:06:58.0515 2392 xmlprov - ok
20:06:58.0531 2392 ================ Scan global ===============================
20:06:58.0562 2392 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
20:06:58.0562 2392 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
20:06:58.0578 2392 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
20:06:58.0593 2392 [ 4712531AB7A01B7EE059853CA17D39BD ] C:\WINDOWS\system32\services.exe
20:06:58.0609 2392 [Global] - ok
20:06:58.0609 2392 ================ Scan MBR ==================================
20:06:58.0625 2392 [ 91722E6BC3A2B40FF00222DCA4A3DB3E ] \Device\Harddisk0\DR0
20:06:58.0781 2392 \Device\Harddisk0\DR0 - ok
20:06:58.0781 2392 ================ Scan VBR ==================================
20:06:58.0781 2392 [ 9F21FEC345593AB70FFEF9952150EE8B ] \Device\Harddisk0\DR0\Partition1
20:06:58.0796 2392 \Device\Harddisk0\DR0\Partition1 - ok
20:06:58.0796 2392 ============================================================
20:06:58.0796 2392 Scan finished
20:06:58.0796 2392 ============================================================
20:06:58.0796 2952 Detected object count: 0
20:06:58.0796 2952 Actual detected object count: 0
20:08:10.0703 1160 ============================================================
20:08:10.0703 1160 Scan started
20:08:10.0703 1160 Mode: Manual;
20:08:10.0703 1160 ============================================================
20:08:10.0828 1160 ================ Scan system memory ========================
20:08:10.0828 1160 System memory - ok
20:08:10.0828 1160 ================ Scan services =============================
20:08:10.0968 1160 Abiosdsk - ok
20:08:11.0000 1160 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
20:08:11.0000 1160 abp480n5 - ok
20:08:11.0046 1160 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:08:11.0046 1160 ACPI - ok
20:08:11.0062 1160 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:08:11.0062 1160 ACPIEC - ok
20:08:11.0078 1160 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:08:11.0078 1160 adpu160m - ok
20:08:11.0109 1160 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:08:11.0109 1160 aec - ok
20:08:11.0156 1160 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:08:11.0156 1160 AFD - ok
20:08:11.0156 1160 [ 2C428FA0C3E3A01ED93C9B2A27D8D4BB ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
20:08:11.0156 1160 agp440 - ok
20:08:11.0171 1160 [ 67288B07D6ABA6C1267B626E67BC56FD ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
20:08:11.0171 1160 agpCPQ - ok
20:08:11.0171 1160 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
20:08:11.0171 1160 Aha154x - ok
20:08:11.0203 1160 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:08:11.0203 1160 aic78u2 - ok
20:08:11.0203 1160 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:08:11.0203 1160 aic78xx - ok
20:08:11.0234 1160 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:08:11.0234 1160 Alerter - ok
20:08:11.0250 1160 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
20:08:11.0250 1160 ALG - ok
20:08:11.0265 1160 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
20:08:11.0265 1160 AliIde - ok
20:08:11.0281 1160 [ F312B7CEF21EFF52FA23056B9D815FAD ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
20:08:11.0281 1160 alim1541 - ok
20:08:11.0281 1160 [ 675C16A3C1F8482F85EE4A97FC0DDE3D ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
20:08:11.0296 1160 amdagp - ok
20:08:11.0296 1160 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
20:08:11.0296 1160 amsint - ok
20:08:11.0421 1160 [ 7F8A24A83193A3A1998EBFFDEF8E03FB ] AOL ACS C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
20:08:11.0437 1160 AOL ACS - ok
20:08:11.0437 1160 [ 9C3C12975C97119412802B181FBEEFFE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:08:11.0453 1160 AppMgmt - ok
20:08:11.0468 1160 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
20:08:11.0468 1160 asc - ok
20:08:11.0484 1160 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
20:08:11.0484 1160 asc3350p - ok
20:08:11.0484 1160 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
20:08:11.0484 1160 asc3550 - ok
20:08:11.0671 1160 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:08:11.0671 1160 aspnet_state - ok
20:08:11.0703 1160 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:08:11.0703 1160 AsyncMac - ok
20:08:11.0734 1160 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:08:11.0734 1160 atapi - ok
20:08:11.0734 1160 Atdisk - ok
20:08:11.0750 1160 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:08:11.0750 1160 Atmarpc - ok
20:08:11.0781 1160 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:08:11.0796 1160 AudioSrv - ok
20:08:11.0828 1160 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:08:11.0828 1160 audstub - ok
20:08:11.0875 1160 AVP - ok
20:08:11.0906 1160 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:08:11.0906 1160 Beep - ok
20:08:11.0953 1160 [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS C:\WINDOWS\System32\qmgr.dll
20:08:11.0968 1160 BITS - ok
20:08:12.0000 1160 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser C:\WINDOWS\System32\browser.dll
20:08:12.0000 1160 Browser - ok
20:08:12.0000 1160 bvrp_pci - ok
20:08:12.0171 1160 catchme - ok
20:08:12.0203 1160 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
20:08:12.0203 1160 cbidf - ok
20:08:12.0203 1160 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:08:12.0203 1160 cbidf2k - ok
20:08:12.0234 1160 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:08:12.0234 1160 CCDECODE - ok
20:08:12.0250 1160 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
20:08:12.0250 1160 cd20xrnt - ok
20:08:12.0281 1160 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:08:12.0281 1160 Cdaudio - ok
20:08:12.0296 1160 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:08:12.0312 1160 Cdfs - ok
20:08:12.0343 1160 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:08:12.0343 1160 Cdrom - ok
20:08:12.0359 1160 Changer - ok
20:08:12.0390 1160 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:08:12.0390 1160 CiSvc - ok
20:08:12.0390 1160 [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:08:12.0390 1160 ClipSrv - ok
20:08:12.0421 1160 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:08:12.0437 1160 clr_optimization_v2.0.50727_32 - ok
20:08:12.0437 1160 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
20:08:12.0453 1160 CmdIde - ok
20:08:12.0453 1160 COMSysApp - ok
20:08:12.0468 1160 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
20:08:12.0468 1160 Cpqarray - ok
20:08:12.0484 1160 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:08:12.0484 1160 CryptSvc - ok
20:08:12.0515 1160 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
20:08:12.0515 1160 dac2w2k - ok
20:08:12.0515 1160 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
20:08:12.0515 1160 dac960nt - ok
20:08:12.0562 1160 [ 24B5D53B9ACCC1E2EDCF0A878D6659D4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:08:12.0562 1160 DcomLaunch - ok
20:08:12.0593 1160 [ CB6CA3E5261D65F6F809EED23BF167AA ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:08:12.0593 1160 Dhcp - ok
20:08:12.0625 1160 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:08:12.0625 1160 Disk - ok
20:08:12.0671 1160 [ E2D0DE31442390C35E3163C87CB6A9EB ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
20:08:12.0671 1160 DLABOIOM - ok
20:08:12.0687 1160 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
20:08:12.0687 1160 DLACDBHM - ok
20:08:12.0687 1160 [ 83545593E297F50A8E2524B4C071A153 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
20:08:12.0687 1160 DLADResN - ok
20:08:12.0703 1160 [ 96E01D901CDC98C7817155CC057001BF ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
20:08:12.0703 1160 DLAIFS_M - ok
20:08:12.0703 1160 [ 0A60A39CC5E767980A31CA5D7238DFA9 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
20:08:12.0703 1160 DLAOPIOM - ok
20:08:12.0718 1160 [ 9FE2B72558FC808357F427FD83314375 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
20:08:12.0718 1160 DLAPoolM - ok
20:08:12.0718 1160 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
20:08:12.0718 1160 DLARTL_N - ok
20:08:12.0718 1160 [ F08E1DAFAC457893399E03430A6A1397 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
20:08:12.0734 1160 DLAUDFAM - ok
20:08:12.0734 1160 [ E7D105ED1E694449D444A9933DF8E060 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
20:08:12.0734 1160 DLAUDF_M - ok
20:08:12.0734 1160 dmadmin - ok
20:08:12.0796 1160 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:08:12.0796 1160 dmboot - ok
20:08:12.0828 1160 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:08:12.0828 1160 dmio - ok
20:08:12.0843 1160 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:08:12.0843 1160 dmload - ok
20:08:12.0859 1160 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
20:08:12.0859 1160 dmserver - ok
20:08:12.0875 1160 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:08:12.0875 1160 DMusic - ok
20:08:12.0875 1160 [ 7379DE06FD196E396A00AA97B990C00D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:08:12.0875 1160 Dnscache - ok
20:08:12.0906 1160 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20:08:12.0906 1160 dpti2o - ok
20:08:12.0906 1160 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:08:12.0906 1160 drmkaud - ok
20:08:12.0937 1160 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
20:08:12.0937 1160 DRVMCDB - ok
20:08:12.0937 1160 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
20:08:12.0953 1160 DRVNDDM - ok
20:08:12.0968 1160 [ 95974E66D3DE4951D29E28E8BC0B644C ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
20:08:12.0968 1160 E100B - ok
20:08:13.0046 1160 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
20:08:13.0046 1160 ehRecvr - ok
20:08:13.0078 1160 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
20:08:13.0078 1160 ehSched - ok
20:08:13.0109 1160 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:08:13.0109 1160 ERSvc - ok
20:08:13.0125 1160 [ 4712531AB7A01B7EE059853CA17D39BD ] Eventlog C:\WINDOWS\system32\services.exe
20:08:13.0140 1160 Eventlog - ok
20:08:13.0156 1160 [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem C:\WINDOWS\system32\es.dll
20:08:13.0156 1160 EventSystem - ok
20:08:13.0187 1160 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:08:13.0187 1160 Fastfat - ok
20:08:13.0218 1160 [ E7518DC542D3EBDCB80EDD98462C7821 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:08:13.0218 1160 FastUserSwitchingCompatibility - ok
20:08:13.0265 1160 [ FCBD571FA0EE8DC238944AE5FAB74461 ] Fax C:\WINDOWS\system32\fxssvc.exe
20:08:13.0265 1160 Fax - ok
20:08:13.0296 1160 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
20:08:13.0296 1160 Fdc - ok
20:08:13.0312 1160 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:08:13.0312 1160 Fips - ok
20:08:13.0328 1160 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:08:13.0328 1160 Flpydisk - ok
20:08:13.0359 1160 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:08:13.0359 1160 FltMgr - ok
20:08:13.0437 1160 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:08:13.0437 1160 FontCache3.0.0.0 - ok
20:08:13.0437 1160 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:08:13.0453 1160 Fs_Rec - ok
20:08:13.0468 1160 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:08:13.0468 1160 Ftdisk - ok
20:08:13.0484 1160 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:08:13.0500 1160 Gpc - ok
20:08:13.0500 1160 [ ECC2B633B909448C2806EA36FFEA1933 ] hcwPP2 C:\WINDOWS\system32\DRIVERS\hcwPP2.sys
20:08:13.0500 1160 hcwPP2 - ok
20:08:13.0546 1160 [ E31363D186B3E1D7C4E9117884A6AEE5 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:08:13.0546 1160 HDAudBus - ok
20:08:13.0578 1160 [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:08:13.0593 1160 helpsvc - ok
20:08:13.0609 1160 [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ C:\WINDOWS\System32\hidserv.dll
20:08:13.0609 1160 HidServ - ok
20:08:13.0625 1160 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:08:13.0625 1160 HidUsb - ok
20:08:13.0625 1160 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
20:08:13.0625 1160 hpn - ok
20:08:13.0656 1160 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:08:13.0671 1160 HTTP - ok
20:08:13.0687 1160 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:08:13.0703 1160 HTTPFilter - ok
20:08:13.0718 1160 [ 8F09F91B5C91363B77BCD15599570F2C ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
20:08:13.0718 1160 i2omgmt - ok
20:08:13.0718 1160 [ ED6BF9E441FDEA13292A6D30A64A24C3 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
20:08:13.0734 1160 i2omp - ok
20:08:13.0734 1160 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:08:13.0734 1160 i8042prt - ok
20:08:13.0765 1160 [ 6B9AB7919228559A57D94F762413459D ] iadusb C:\WINDOWS\system32\DRIVERS\glauiad.sys
20:08:13.0765 1160 iadusb - ok
20:08:13.0828 1160 [ 5A8E05F1D5C36ABD58CFFA111EB325EA ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
20:08:13.0828 1160 ialm - ok
20:08:13.0937 1160 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:08:13.0937 1160 idsvc - ok
20:08:13.0968 1160 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:08:13.0968 1160 Imapi - ok
20:08:14.0015 1160 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:08:14.0015 1160 ImapiService - ok
20:08:14.0031 1160 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
20:08:14.0046 1160 ini910u - ok
20:08:14.0093 1160 [ 7509C548400F4C9E0211E3F6E66ABBE6 ] IntelC51 C:\WINDOWS\system32\DRIVERS\IntelC51.sys
20:08:14.0109 1160 IntelC51 - ok
20:08:14.0156 1160 [ 9584FFDD41D37F2C239681D0DAC2513E ] IntelC52 C:\WINDOWS\system32\DRIVERS\IntelC52.sys
20:08:14.0156 1160 IntelC52 - ok
20:08:14.0171 1160 [ CF0B937710CEC6EF39416EDECD803CBB ] IntelC53 C:\WINDOWS\system32\DRIVERS\IntelC53.sys
20:08:14.0171 1160 IntelC53 - ok
20:08:14.0203 1160 [ 2D722B2B54AB55B2FA475EB58D7B2AAD ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
20:08:14.0203 1160 IntelIde - ok
20:08:14.0218 1160 [ 279FB78702454DFF2BB445F238C048D2 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:08:14.0218 1160 intelppm - ok
20:08:14.0250 1160 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:08:14.0250 1160 Ip6Fw - ok
20:08:14.0265 1160 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:08:14.0265 1160 IpFilterDriver - ok
20:08:14.0281 1160 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:08:14.0281 1160 IpInIp - ok
20:08:14.0296 1160 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:08:14.0296 1160 IpNat - ok
20:08:14.0343 1160 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:08:14.0343 1160 IPSec - ok
20:08:14.0359 1160 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:08:14.0359 1160 IRENUM - ok
20:08:14.0359 1160 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:08:14.0375 1160 isapnp - ok
20:08:14.0468 1160 [ 126A16F569122AE00AD3D12EF831D651 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
20:08:14.0468 1160 JavaQuickStarterService - ok
20:08:14.0468 1160 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:08:14.0484 1160 Kbdclass - ok
20:08:14.0484 1160 [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:08:14.0484 1160 kbdhid - ok
20:08:14.0515 1160 [ 186B54479D98E48AEE0E9ADA4B3C4D31 ] KL1 C:\WINDOWS\system32\drivers\kl1.sys
20:08:14.0515 1160 KL1 - ok
20:08:14.0515 1160 [ BF485BFBA13C0AB116701FD9C55324D0 ] kl2 C:\WINDOWS\system32\DRIVERS\kl2.sys
20:08:14.0515 1160 kl2 - ok
20:08:14.0562 1160 [ 5D92A03045A6A98708975B3D77B39A36 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
20:08:14.0578 1160 KLIF - ok
20:08:14.0609 1160 [ 96A7EC308A93DA26DFE481308BAAC2A2 ] klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys
20:08:14.0609 1160 klim5 - ok
20:08:14.0609 1160 [ 3959530F69E19DA56F1F24F2C89F1E2C ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
20:08:14.0609 1160 klmouflt - ok
20:08:14.0656 1160 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:08:14.0656 1160 kmixer - ok
20:08:14.0671 1160 [ 1BE7CC2535D760AE4D481576EB789F24 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:08:14.0671 1160 KSecDD - ok
20:08:14.0687 1160 [ 93D32468D34E000CB3407947D1D6E22A ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:08:14.0687 1160 lanmanserver - ok
20:08:14.0718 1160 [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:08:14.0718 1160 lanmanworkstation - ok
20:08:14.0718 1160 lbrtfdc - ok
20:08:14.0750 1160 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:08:14.0750 1160 LmHosts - ok
20:08:14.0765 1160 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
20:08:14.0765 1160 MBAMSwissArmy - ok
20:08:14.0796 1160 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
20:08:14.0796 1160 McrdSvc - ok
20:08:14.0828 1160 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:08:14.0828 1160 Messenger - ok
20:08:14.0843 1160 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
20:08:14.0859 1160 MHN - ok
20:08:14.0859 1160 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
20:08:14.0859 1160 MHNDRV - ok
20:08:14.0890 1160 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:08:14.0890 1160 mnmdd - ok
20:08:14.0921 1160 [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:08:14.0921 1160 mnmsrvc - ok
20:08:14.0953 1160 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:08:14.0953 1160 Modem - ok
20:08:14.0953 1160 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
20:08:14.0953 1160 MODEMCSA - ok
20:08:14.0968 1160 [ 59B8B11FF70728EEC60E72131C58B716 ] mohfilt C:\WINDOWS\system32\DRIVERS\mohfilt.sys
20:08:14.0968 1160 mohfilt - ok
20:08:14.0984 1160 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:08:14.0984 1160 Mouclass - ok
20:08:14.0984 1160 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:08:14.0984 1160 mouhid - ok
20:08:15.0000 1160 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:08:15.0000 1160 MountMgr - ok
20:08:15.0062 1160 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:08:15.0062 1160 MozillaMaintenance - ok
20:08:15.0062 1160 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
20:08:15.0078 1160 mraid35x - ok
20:08:15.0078 1160 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:08:15.0078 1160 MRxDAV - ok
20:08:15.0125 1160 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:08:15.0140 1160 MRxSmb - ok
20:08:15.0156 1160 [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:08:15.0171 1160 MSDTC - ok
20:08:15.0187 1160 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:08:15.0187 1160 Msfs - ok
20:08:15.0187 1160 MSIServer - ok
20:08:15.0203 1160 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:08:15.0203 1160 MSKSSRV - ok
20:08:15.0203 1160 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:08:15.0203 1160 MSPCLOCK - ok
20:08:15.0218 1160 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:08:15.0234 1160 MSPQM - ok
20:08:15.0250 1160 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:08:15.0250 1160 mssmbios - ok
20:08:15.0265 1160 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:08:15.0265 1160 MSTEE - ok
20:08:15.0281 1160 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:08:15.0281 1160 Mup - ok
20:08:15.0281 1160 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:08:15.0281 1160 NABTSFEC - ok
20:08:15.0312 1160 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:08:15.0328 1160 NDIS - ok
20:08:15.0328 1160 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:08:15.0328 1160 NdisIP - ok
20:08:15.0343 1160 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:08:15.0343 1160 NdisTapi - ok
20:08:15.0359 1160 [ EEFA1CE63805D2145978621BE5C6D955 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:08:15.0359 1160 Ndisuio - ok
20:08:15.0359 1160 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:08:15.0359 1160 NdisWan - ok
20:08:15.0375 1160 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:08:15.0375 1160 NDProxy - ok
20:08:15.0375 1160 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:08:15.0375 1160 NetBIOS - ok
20:08:15.0406 1160 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:08:15.0406 1160 NetBT - ok
20:08:15.0437 1160 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
20:08:15.0437 1160 NetDDE - ok
20:08:15.0453 1160 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:08:15.0453 1160 NetDDEdsdm - ok
20:08:15.0468 1160 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:08:15.0484 1160 Netlogon - ok
20:08:15.0500 1160 [ DAB9E6C7105D2EF49876FE92C524F565 ] Netman C:\WINDOWS\System32\netman.dll
20:08:15.0500 1160 Netman - ok
20:08:15.0578 1160 [ 9DA26B773BD04B867A8E9F427CD048FC ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
20:08:15.0578 1160 NetSvc - ok
20:08:15.0625 1160 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:08:15.0625 1160 NetTcpPortSharing - ok
20:08:15.0671 1160 [ 097722F235A1FB698BF9234E01B52637 ] Nla C:\WINDOWS\System32\mswsock.dll
20:08:15.0671 1160 Nla - ok
20:08:15.0703 1160 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:08:15.0703 1160 Npfs - ok
20:08:15.0750 1160 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:08:15.0750 1160 Ntfs - ok
20:08:15.0765 1160 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:08:15.0765 1160 NtLmSsp - ok
20:08:15.0796 1160 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:08:15.0812 1160 NtmsSvc - ok
20:08:15.0843 1160 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:08:15.0843 1160 Null - ok
20:08:15.0937 1160 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:08:15.0937 1160 nv - ok
20:08:15.0968 1160 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:08:15.0968 1160 NwlnkFlt - ok
20:08:15.0968 1160 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:08:15.0968 1160 NwlnkFwd - ok
20:08:16.0062 1160 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:08:16.0062 1160 odserv - ok
20:08:16.0093 1160 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:08:16.0109 1160 ose - ok
20:08:16.0125 1160 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:08:16.0125 1160 Parport - ok
20:08:16.0140 1160 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:08:16.0140 1160 PartMgr - ok
20:08:16.0171 1160 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:08:16.0171 1160 ParVdm - ok
20:08:16.0171 1160 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:08:16.0171 1160 PCI - ok
20:08:16.0187 1160 PCIDump - ok
20:08:16.0187 1160 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:08:16.0187 1160 PCIIde - ok
20:08:16.0203 1160 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:08:16.0203 1160 Pcmcia - ok
20:08:16.0218 1160 PDCOMP - ok
20:08:16.0218 1160 PDFRAME - ok
20:08:16.0218 1160 PDRELI - ok
20:08:16.0234 1160 PDRFRAME - ok
20:08:16.0234 1160 pepifilter - ok
20:08:16.0250 1160 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
20:08:16.0250 1160 perc2 - ok
20:08:16.0265 1160 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
20:08:16.0265 1160 perc2hib - ok
20:08:16.0375 1160 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\ComboFix\pev.3XE
20:08:16.0375 1160 PEVSystemStart - ok
20:08:16.0375 1160 PID_08A0 - ok
20:08:16.0390 1160 [ 4712531AB7A01B7EE059853CA17D39BD ] PlugPlay C:\WINDOWS\system32\services.exe
20:08:16.0390 1160 PlugPlay - ok
20:08:16.0406 1160 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:08:16.0406 1160 PolicyAgent - ok
20:08:16.0421 1160 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:08:16.0421 1160 PptpMiniport - ok
20:08:16.0421 1160 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:08:16.0421 1160 ProtectedStorage - ok
20:08:16.0437 1160 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:08:16.0437 1160 PSched - ok
20:08:16.0484 1160 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
20:08:16.0484 1160 PSI_SVC_2 - ok
20:08:16.0500 1160 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:08:16.0500 1160 Ptilink - ok
20:08:16.0500 1160 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:08:16.0500 1160 PxHelp20 - ok
20:08:16.0531 1160 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
20:08:16.0546 1160 ql1080 - ok
20:08:16.0546 1160 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
20:08:16.0546 1160 Ql10wnt - ok
20:08:16.0546 1160 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
20:08:16.0562 1160 ql12160 - ok
20:08:16.0562 1160 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
20:08:16.0562 1160 ql1240 - ok
20:08:16.0562 1160 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
20:08:16.0578 1160 ql1280 - ok
20:08:16.0593 1160 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:08:16.0593 1160 RasAcd - ok
20:08:16.0625 1160 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:08:16.0625 1160 RasAuto - ok
20:08:16.0656 1160 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:08:16.0656 1160 Rasl2tp - ok
20:08:16.0671 1160 [ 41A3C11E3517C962C9B44893BCEC3B34 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:08:16.0671 1160 RasMan - ok
20:08:16.0687 1160 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:08:16.0687 1160 RasPppoe - ok
20:08:16.0703 1160 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:08:16.0703 1160 Raspti - ok
20:08:16.0750 1160 [ 809CA45CAA9072B3176AD44579D7F688 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:08:16.0750 1160 Rdbss - ok
20:08:16.0765 1160 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:08:16.0765 1160 RDPCDD - ok
20:08:16.0781 1160 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:08:16.0781 1160 rdpdr - ok
20:08:16.0812 1160 [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:08:16.0828 1160 RDPWD - ok
20:08:16.0859 1160 [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:08:16.0859 1160 RDSessMgr - ok
20:08:16.0875 1160 [ B31B4588E4086D8D84ADBF9845C2402B ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:08:16.0875 1160 redbook - ok
20:08:16.0906 1160 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:08:16.0921 1160 RemoteAccess - ok
20:08:16.0937 1160 [ 3151427DB7D87107D1C5BE58FAC53960 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:08:16.0937 1160 RemoteRegistry - ok
20:08:16.0968 1160 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\system32\locator.exe
20:08:16.0968 1160 RpcLocator - ok
20:08:17.0000 1160 [ 24B5D53B9ACCC1E2EDCF0A878D6659D4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:08:17.0000 1160 RpcSs - ok
20:08:17.0046 1160 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:08:17.0046 1160 RSVP - ok
20:08:17.0062 1160 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
20:08:17.0062 1160 SamSs - ok
20:08:17.0093 1160 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:08:17.0093 1160 SCardSvr - ok
20:08:17.0125 1160 [ 92360854316611F6CC471612213C3D92 ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:08:17.0140 1160 Schedule - ok
20:08:17.0156 1160 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:08:17.0156 1160 Secdrv - ok
20:08:17.0187 1160 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
20:08:17.0187 1160 seclogon - ok
20:08:17.0218 1160 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
20:08:17.0234 1160 SENS - ok
20:08:17.0250 1160 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:08:17.0250 1160 serenum - ok
20:08:17.0281 1160 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:08:17.0281 1160 Serial - ok
20:08:17.0296 1160 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:08:17.0296 1160 Sfloppy - ok
20:08:17.0312 1160 [ E7518DC542D3EBDCB80EDD98462C7821 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:08:17.0328 1160 ShellHWDetection - ok
20:08:17.0328 1160 Simbad - ok
20:08:17.0359 1160 [ 732D859B286DA692119F286B21A2A114 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
20:08:17.0359 1160 sisagp - ok
20:08:17.0359 1160 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:08:17.0359 1160 SLIP - ok
20:08:17.0375 1160 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
20:08:17.0375 1160 Sparrow - ok
20:08:17.0390 1160 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:08:17.0390 1160 splitter - ok
20:08:17.0437 1160 [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:08:17.0437 1160 Spooler - ok
20:08:17.0453 1160 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:08:17.0453 1160 sr - ok
20:08:17.0484 1160 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice C:\WINDOWS\system32\srsvc.dll
20:08:17.0500 1160 srservice - ok
20:08:17.0531 1160 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:08:17.0531 1160 Srv - ok
20:08:17.0562 1160 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:08:17.0578 1160 SSDPSRV - ok
20:08:17.0625 1160 [ 26EB7ACF476A3461B85F5BCE9A677A4A ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
20:08:17.0640 1160 STHDA - ok
20:08:17.0687 1160 [ D9F6C4F6B1E188ADAFC42B561D9BC2E6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:08:17.0687 1160 stisvc - ok
20:08:17.0703 1160 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:08:17.0703 1160 streamip - ok
20:08:17.0734 1160 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:08:17.0734 1160 swenum - ok
20:08:17.0750 1160 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:08:17.0750 1160 swmidi - ok
20:08:17.0765 1160 SwPrv - ok
20:08:17.0781 1160 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
20:08:17.0781 1160 symc810 - ok
20:08:17.0796 1160 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:08:17.0796 1160 symc8xx - ok
20:08:17.0796 1160 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
20:08:17.0796 1160 sym_hi - ok
20:08:17.0812 1160 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:08:17.0812 1160 sym_u3 - ok
20:08:17.0843 1160 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:08:17.0843 1160 sysaudio - ok
20:08:17.0875 1160 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:08:17.0875 1160 SysmonLog - ok
20:08:17.0890 1160 [ EB4A4187D74A8EFDCBEA3EA2CB1BDFBD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:08:17.0906 1160 TapiSrv - ok
20:08:17.0937 1160 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:08:17.0937 1160 Tcpip - ok
20:08:17.0953 1160 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:08:17.0953 1160 TDPIPE - ok
20:08:17.0968 1160 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:08:17.0968 1160 TDTCP - ok
20:08:17.0984 1160 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:08:17.0984 1160 TermDD - ok
20:08:18.0031 1160 [ C29A5286E64D97385178452D5F307B98 ] TermService C:\WINDOWS\System32\termsrv.dll
20:08:18.0046 1160 TermService - ok
20:08:18.0046 1160 [ E7518DC542D3EBDCB80EDD98462C7821 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:08:18.0062 1160 Themes - ok
20:08:18.0078 1160 [ 37DB0A7D097310E8B4DE803FC3119C78 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:08:18.0078 1160 TlntSvr - ok
20:08:18.0093 1160 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
20:08:18.0093 1160 TosIde - ok
20:08:18.0125 1160 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:08:18.0125 1160 TrkWks - ok
20:08:18.0171 1160 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:08:18.0171 1160 Udfs - ok
20:08:18.0187 1160 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
20:08:18.0187 1160 ultra - ok
20:08:18.0203 1160 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:08:18.0203 1160 Update - ok
20:08:18.0218 1160 [ 0546477BDE979E33294FE97F6B3DE84A ] upnphost C:\WINDOWS\System32\upnphost.dll
20:08:18.0234 1160 upnphost - ok
20:08:18.0250 1160 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
20:08:18.0250 1160 UPS - ok
20:08:18.0296 1160 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
20:08:18.0296 1160 usbaudio - ok
20:08:18.0328 1160 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:08:18.0328 1160 usbccgp - ok
20:08:18.0328 1160 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:08:18.0343 1160 usbehci - ok
20:08:18.0375 1160 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:08:18.0375 1160 usbhub - ok
20:08:18.0406 1160 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:08:18.0406 1160 usbprint - ok
20:08:18.0437 1160 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:08:18.0437 1160 usbscan - ok
20:08:18.0453 1160 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:08:18.0453 1160 USBSTOR - ok
20:08:18.0468 1160 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:08:18.0468 1160 usbuhci - ok
20:08:18.0500 1160 [ 8968FF3973A883C49E8B564200F565B9 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
20:08:18.0500 1160 usbvideo - ok
20:08:18.0500 1160 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:08:18.0515 1160 VgaSave - ok
20:08:18.0531 1160 [ D92E7C8A30CFD14D8E15B5F7F032151B ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
20:08:18.0531 1160 viaagp - ok
20:08:18.0546 1160 [ 59CB1338AD3654417BEA49636457F65D ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
20:08:18.0546 1160 ViaIde - ok
20:08:18.0562 1160 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:08:18.0562 1160 VolSnap - ok
20:08:18.0593 1160 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
20:08:18.0609 1160 VSS - ok
20:08:18.0640 1160 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] w32time C:\WINDOWS\system32\w32time.dll
20:08:18.0640 1160 w32time - ok
20:08:18.0656 1160 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:08:18.0656 1160 Wanarp - ok
20:08:18.0703 1160 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
20:08:18.0718 1160 wanatw - ok
20:08:18.0718 1160 WDICA - ok
20:08:18.0734 1160 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:08:18.0734 1160 wdmaud - ok
20:08:18.0750 1160 [ 5D0A442864BFBF3B19DCCA4CD29F6E99 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:08:18.0750 1160 WebClient - ok
20:08:18.0828 1160 [ F399242A80C4066FD155EFA4CF96658E ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:08:18.0828 1160 winmgmt - ok
20:08:18.0906 1160 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:08:18.0906 1160 WmdmPmSN - ok
20:08:18.0937 1160 [ E8E57B0F9EB03D1AABEC28D550C75116 ] Wmi C:\WINDOWS\System32\advapi32.dll
20:08:18.0953 1160 Wmi - ok
20:08:18.0984 1160 [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:08:18.0984 1160 WmiApSrv - ok
20:08:19.0062 1160 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
20:08:19.0062 1160 WMPNetworkSvc - ok
20:08:19.0078 1160 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:08:19.0093 1160 WS2IFSL - ok
20:08:19.0125 1160 [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:08:19.0125 1160 wscsvc - ok
20:08:19.0156 1160 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:08:19.0156 1160 WSTCODEC - ok
20:08:19.0187 1160 [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:08:19.0187 1160 wuauserv - ok
20:08:19.0218 1160 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:08:19.0218 1160 WudfPf - ok
20:08:19.0218 1160 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:08:19.0234 1160 WudfRd - ok
20:08:19.0234 1160 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:08:19.0250 1160 WudfSvc - ok
20:08:19.0281 1160 [ 247520EDED53A08AE89EA4FAE04F54D8 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:08:19.0296 1160 WZCSVC - ok
20:08:19.0328 1160 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:08:19.0328 1160 xmlprov - ok
20:08:19.0343 1160 ================ Scan global ===============================
20:08:19.0375 1160 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
20:08:19.0375 1160 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
20:08:19.0390 1160 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
20:08:19.0406 1160 [ 4712531AB7A01B7EE059853CA17D39BD ] C:\WINDOWS\system32\services.exe
20:08:19.0406 1160 [Global] - ok
20:08:19.0406 1160 ================ Scan MBR ==================================
20:08:19.0421 1160 [ 91722E6BC3A2B40FF00222DCA4A3DB3E ] \Device\Harddisk0\DR0
20:08:19.0578 1160 \Device\Harddisk0\DR0 - ok
20:08:19.0578 1160 ================ Scan VBR ==================================
20:08:19.0593 1160 [ 9F21FEC345593AB70FFEF9952150EE8B ] \Device\Harddisk0\DR0\Partition1
20:08:19.0593 1160 \Device\Harddisk0\DR0\Partition1 - ok
20:08:19.0593 1160 ============================================================
20:08:19.0593 1160 Scan finished
20:08:19.0593 1160 ============================================================
20:08:19.0593 3216 Detected object count: 0
20:08:19.0593 3216 Actual detected object count: 0



Gringo, I was in middle of doing the other scan ASWMBR and after few minutes an error msg showed up saying (windows has experienced a problem with Avast and will shut down to protect the computer) and then the scan was closed.

What do you suggest? In the scan I saw some yellow technical writing saying that some win32 drivers were locked and then few lines down it said in red writing that some win32 file was suspicious.
What do you make of this? What is your next instructions?

Do you think I should do the MBR scan again?

I await your instructions.

Many thanks

elly

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:53 AM

Posted 22 August 2012 - 03:39 PM

try running it once more



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 Ellykitty

Ellykitty
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 22 August 2012 - 04:02 PM

Hi, here is the MBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-22 21:47:36
-----------------------------
21:47:36.093 OS Version: Windows 5.1.2600 Service Pack 2
21:47:36.093 Number of processors: 2 586 0x403
21:47:36.093 ComputerName: ELLY UserName:
21:47:36.625 Initialize success
21:47:46.046 AVAST engine defs: 12082201
21:47:50.843 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e
21:47:50.859 Disk 0 Vendor: ST3160828AS 8.03 Size: 152587MB BusType: 3
21:47:50.875 Disk 0 MBR read successfully
21:47:50.875 Disk 0 MBR scan
21:47:50.906 Disk 0 unknown MBR code
21:47:50.906 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
21:47:50.937 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 147785 MB offset 96390
21:47:50.968 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 4753 MB offset 302760990
21:47:50.968 Disk 0 scanning sectors +312496380
21:47:51.031 Disk 0 scanning C:\WINDOWS\system32\drivers
21:48:00.390 Service scanning
21:48:06.437 Service KL1 C:\WINDOWS\system32\drivers\kl1.sys **LOCKED** 5
21:48:06.453 Service kl2 C:\WINDOWS\system32\DRIVERS\kl2.sys **LOCKED** 5
21:48:06.593 Service klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys **LOCKED** 5
21:48:06.640 Service klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys **LOCKED** 5
21:48:15.609 Modules scanning
21:48:20.328 Module: C:\WINDOWS\System32\DLA\DLADResN.SYS **SUSPICIOUS**
21:48:21.609 Disk 0 trace - called modules:
21:48:21.640 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
21:48:21.640 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a3a8ab8]
21:48:21.640 3 CLASSPNP.SYS[ba0e905b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-e[0x8a3a9d98]
21:48:22.156 AVAST engine scan C:\WINDOWS
21:48:35.375 AVAST engine scan C:\WINDOWS\system32
21:52:06.625 AVAST engine scan C:\WINDOWS\system32\drivers
21:52:30.375 AVAST engine scan C:\Documents and Settings\Elly1
21:59:56.468 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Elly1\Desktop\MBR.dat"
21:59:56.484 The log file has been saved successfully to "C:\Documents and Settings\Elly1\Desktop\aswMBRLog.txt"




Please let me know whats going on with my PC and the next step.

Regards

Elly




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users