Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Getting Redirected


  • Please log in to reply
6 replies to this topic

#1 Plight

Plight

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 08 August 2012 - 01:44 PM

Thank you all for any help.

I had the virus,trojan,malware? "Live Platinum Security". I managed to get rid of it but I am still having problems.

Problem:

I cant access microsoft.com website, when I go onto security websites to get help I get diverted, it goes like:

Google - Microsoft.com error404 (Or it goes back to google...)

I have ran:

Zonealarm,
Malawarebytes Anti-Malware
Spybot

They did find items I destroyed them. Yet I still am having problems.

I have a w-vista 32 bit computer.

Any help will be appreciated. Any questions I will try to answer to my best of my ability.

I dont know what to do at this moment in time. I am lost.

Hope you all have a good day, evening and night.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:56 AM

Posted 08 August 2012 - 02:24 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Plight

Plight
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 08 August 2012 - 03:27 PM

Not sure how to insert the logs so will do a copy/paste - sorry all.

TDSS


21:05:48.0058 3500 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
21:05:48.0683 3500 ============================================================
21:05:48.0683 3500 Current date / time: 2012/08/08 21:05:48.0683
21:05:48.0683 3500 SystemInfo:
21:05:48.0683 3500
21:05:48.0683 3500 OS Version: 6.0.6002 ServicePack: 2.0
21:05:48.0683 3500 Product type: Workstation
21:05:48.0683 3500 ComputerName: GRYFFIN
21:05:48.0683 3500 UserName: Richard
21:05:48.0683 3500 Windows directory: C:\Windows
21:05:48.0683 3500 System windows directory: C:\Windows
21:05:48.0683 3500 Processor architecture: Intel x86
21:05:48.0683 3500 Number of processors: 2
21:05:48.0683 3500 Page size: 0x1000
21:05:48.0683 3500 Boot type: Normal boot
21:05:48.0683 3500 ============================================================
21:05:49.0761 3500 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:05:49.0949 3500 ============================================================
21:05:49.0949 3500 \Device\Harddisk0\DR0:
21:05:50.0324 3500 MBR partitions:
21:05:50.0324 3500 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x10029D5, BlocksNum 0x11A16CDB
21:05:50.0324 3500 ============================================================
21:05:50.0402 3500 C: <-> \Device\Harddisk0\DR0\Partition0
21:05:50.0402 3500 ============================================================
21:05:50.0402 3500 Initialize success
21:05:50.0402 3500 ============================================================
21:05:56.0167 3400 ============================================================
21:05:56.0167 3400 Scan started
21:05:56.0167 3400 Mode: Manual; TDLFS;
21:05:56.0167 3400 ============================================================
21:05:57.0183 3400 ACEDRV07 (4e5451dd0aec8504d7f8030dd2d4c416) C:\Windows\system32\drivers\ACEDRV07.sys
21:05:57.0183 3400 ACEDRV07 - ok
21:05:57.0292 3400 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
21:05:57.0308 3400 ACPI - ok
21:05:57.0792 3400 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
21:05:57.0808 3400 adp94xx - ok
21:05:57.0839 3400 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
21:05:57.0839 3400 adpahci - ok
21:05:57.0886 3400 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
21:05:57.0886 3400 adpu160m - ok
21:05:57.0917 3400 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
21:05:57.0917 3400 adpu320 - ok
21:05:58.0011 3400 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
21:05:58.0011 3400 AeLookupSvc - ok
21:05:58.0105 3400 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
21:05:58.0105 3400 AFD - ok
21:05:58.0199 3400 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
21:05:58.0199 3400 agp440 - ok
21:05:58.0324 3400 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
21:05:58.0324 3400 aic78xx - ok
21:05:58.0386 3400 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
21:05:58.0386 3400 ALG - ok
21:05:58.0449 3400 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
21:05:58.0449 3400 aliide - ok
21:05:58.0496 3400 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
21:05:58.0496 3400 amdagp - ok
21:05:58.0558 3400 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
21:05:58.0558 3400 amdide - ok
21:05:58.0636 3400 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
21:05:58.0636 3400 AmdK7 - ok
21:05:58.0746 3400 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
21:05:58.0746 3400 AmdK8 - ok
21:05:58.0839 3400 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
21:05:58.0839 3400 Appinfo - ok
21:05:59.0167 3400 Apple Mobile Device (acb095e7e1663f1b83a41c22c5d75f90) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:05:59.0183 3400 Apple Mobile Device - ok
21:05:59.0230 3400 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
21:05:59.0230 3400 arc - ok
21:05:59.0308 3400 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
21:05:59.0308 3400 arcsas - ok
21:05:59.0371 3400 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
21:05:59.0371 3400 AsyncMac - ok
21:05:59.0433 3400 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
21:05:59.0433 3400 atapi - ok
21:05:59.0699 3400 athrusb (44fa26470d4c8123ccf71f4200b782d3) C:\Windows\system32\DRIVERS\athrusb.sys
21:05:59.0699 3400 athrusb - ok
21:05:59.0792 3400 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
21:05:59.0808 3400 AudioEndpointBuilder - ok
21:05:59.0824 3400 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
21:05:59.0824 3400 Audiosrv - ok
21:06:00.0042 3400 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
21:06:00.0042 3400 Beep - ok
21:06:00.0058 3400 blbdrive - ok
21:06:00.0089 3400 BLKWGU(Belkin) - ok
21:06:00.0386 3400 Bonjour Service (a065f048e9e23e6c026a7bb548d126a7) C:\Program Files\Bonjour\mDNSResponder.exe
21:06:00.0386 3400 Bonjour Service - ok
21:06:00.0433 3400 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
21:06:00.0433 3400 bowser - ok
21:06:00.0480 3400 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
21:06:00.0480 3400 BrFiltLo - ok
21:06:00.0527 3400 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
21:06:00.0527 3400 BrFiltUp - ok
21:06:00.0699 3400 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
21:06:00.0699 3400 Browser - ok
21:06:00.0777 3400 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
21:06:00.0777 3400 Brserid - ok
21:06:00.0902 3400 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
21:06:00.0902 3400 BrSerWdm - ok
21:06:00.0980 3400 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
21:06:00.0980 3400 BrUsbMdm - ok
21:06:01.0011 3400 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
21:06:01.0027 3400 BrUsbSer - ok
21:06:01.0074 3400 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
21:06:01.0074 3400 BTHMODEM - ok
21:06:01.0230 3400 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
21:06:01.0230 3400 cdfs - ok
21:06:01.0339 3400 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
21:06:01.0339 3400 cdrom - ok
21:06:01.0386 3400 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
21:06:01.0386 3400 CertPropSvc - ok
21:06:01.0449 3400 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
21:06:01.0449 3400 circlass - ok
21:06:01.0621 3400 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
21:06:01.0621 3400 CLFS - ok
21:06:01.0980 3400 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:06:01.0980 3400 clr_optimization_v2.0.50727_32 - ok
21:06:02.0386 3400 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:06:02.0402 3400 clr_optimization_v4.0.30319_32 - ok
21:06:02.0433 3400 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
21:06:02.0433 3400 cmdide - ok
21:06:02.0464 3400 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
21:06:02.0464 3400 Compbatt - ok
21:06:02.0480 3400 COMSysApp - ok
21:06:02.0527 3400 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
21:06:02.0527 3400 crcdisk - ok
21:06:02.0542 3400 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
21:06:02.0558 3400 Crusoe - ok
21:06:02.0667 3400 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
21:06:02.0667 3400 CryptSvc - ok
21:06:02.0792 3400 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
21:06:02.0808 3400 DcomLaunch - ok
21:06:02.0871 3400 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
21:06:02.0871 3400 DfsC - ok
21:06:03.0167 3400 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
21:06:03.0199 3400 DFSR - ok
21:06:03.0652 3400 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
21:06:03.0652 3400 Dhcp - ok
21:06:03.0777 3400 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
21:06:03.0777 3400 disk - ok
21:06:03.0980 3400 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
21:06:03.0980 3400 Dnscache - ok
21:06:04.0121 3400 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
21:06:04.0121 3400 dot3svc - ok
21:06:04.0167 3400 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
21:06:04.0167 3400 Dot4 - ok
21:06:04.0199 3400 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:06:04.0199 3400 Dot4Print - ok
21:06:04.0246 3400 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
21:06:04.0246 3400 dot4usb - ok
21:06:04.0308 3400 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
21:06:04.0308 3400 DPS - ok
21:06:04.0371 3400 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
21:06:04.0371 3400 drmkaud - ok
21:06:04.0542 3400 DrvAgent32 (651554e483712b708ede864d0ca1aa73) C:\Windows\system32\Drivers\DrvAgent32.sys
21:06:04.0542 3400 DrvAgent32 - ok
21:06:04.0667 3400 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
21:06:04.0667 3400 DXGKrnl - ok
21:06:04.0714 3400 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
21:06:04.0714 3400 E1G60 - ok
21:06:04.0746 3400 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
21:06:04.0746 3400 EapHost - ok
21:06:04.0839 3400 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
21:06:04.0839 3400 Ecache - ok
21:06:04.0980 3400 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
21:06:04.0980 3400 ehRecvr - ok
21:06:05.0121 3400 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
21:06:05.0121 3400 ehSched - ok
21:06:05.0183 3400 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
21:06:05.0183 3400 ehstart - ok
21:06:05.0261 3400 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
21:06:05.0261 3400 elxstor - ok
21:06:05.0324 3400 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
21:06:05.0324 3400 EMDMgmt - ok
21:06:05.0496 3400 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
21:06:05.0511 3400 EventSystem - ok
21:06:05.0542 3400 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
21:06:05.0542 3400 exfat - ok
21:06:05.0589 3400 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
21:06:05.0589 3400 fastfat - ok
21:06:05.0667 3400 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
21:06:05.0667 3400 fdc - ok
21:06:05.0730 3400 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
21:06:05.0746 3400 fdPHost - ok
21:06:05.0839 3400 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
21:06:05.0839 3400 FDResPub - ok
21:06:05.0964 3400 FETND6V (eed13b8876a8aa9e8c1f77d08e002690) C:\Windows\system32\DRIVERS\fetnd6v.sys
21:06:05.0964 3400 FETND6V - ok
21:06:06.0074 3400 FETNDIS (b2b2c38e916184ff8523c7439ddd417f) C:\Windows\system32\DRIVERS\fetnd5.sys
21:06:06.0074 3400 FETNDIS - ok
21:06:06.0183 3400 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
21:06:06.0183 3400 FileInfo - ok
21:06:06.0214 3400 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
21:06:06.0230 3400 Filetrace - ok
21:06:06.0261 3400 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
21:06:06.0261 3400 flpydisk - ok
21:06:06.0324 3400 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
21:06:06.0324 3400 FltMgr - ok
21:06:06.0496 3400 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
21:06:06.0511 3400 FontCache - ok
21:06:06.0761 3400 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:06:06.0761 3400 FontCache3.0.0.0 - ok
21:06:06.0855 3400 fssfltr (b0082808a6856a252f7cdd939892ce50) C:\Windows\system32\DRIVERS\fssfltr.sys
21:06:06.0855 3400 fssfltr - ok
21:06:07.0292 3400 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
21:06:07.0308 3400 fsssvc - ok
21:06:07.0652 3400 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
21:06:07.0652 3400 Fs_Rec - ok
21:06:07.0714 3400 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
21:06:07.0714 3400 gagp30kx - ok
21:06:07.0777 3400 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:06:07.0777 3400 GEARAspiWDM - ok
21:06:07.0808 3400 giveio - ok
21:06:08.0152 3400 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
21:06:08.0152 3400 gpsvc - ok
21:06:08.0199 3400 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
21:06:08.0199 3400 HdAudAddService - ok
21:06:08.0433 3400 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:06:08.0433 3400 HDAudBus - ok
21:06:08.0464 3400 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
21:06:08.0464 3400 HidBth - ok
21:06:08.0480 3400 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
21:06:08.0480 3400 HidIr - ok
21:06:08.0589 3400 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
21:06:08.0589 3400 hidserv - ok
21:06:08.0667 3400 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
21:06:08.0667 3400 HidUsb - ok
21:06:10.0011 3400 HitmanPro36Crusader (9f0b128e73fcf64d19d4d8508e45650f) C:\Users\Richard\Downloads\HitmanPro36.exe
21:06:10.0074 3400 HitmanPro36Crusader - ok
21:06:10.0980 3400 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
21:06:10.0980 3400 hkmsvc - ok
21:06:11.0089 3400 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
21:06:11.0089 3400 HpCISSs - ok
21:06:11.0886 3400 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
21:06:11.0886 3400 HTTP - ok
21:06:11.0917 3400 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
21:06:11.0917 3400 i2omp - ok
21:06:11.0964 3400 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
21:06:11.0964 3400 i8042prt - ok
21:06:11.0996 3400 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
21:06:12.0011 3400 iaStorV - ok
21:06:12.0105 3400 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:06:12.0105 3400 IDriverT - ok
21:06:12.0542 3400 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:06:12.0558 3400 idsvc - ok
21:06:12.0871 3400 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
21:06:12.0871 3400 iirsp - ok
21:06:13.0042 3400 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
21:06:13.0058 3400 IKEEXT - ok
21:06:13.0589 3400 IntcAzAudAddService (219ca9a36d6de2ec04f958c907673436) C:\Windows\system32\drivers\RTKVHDA.sys
21:06:13.0605 3400 IntcAzAudAddService - ok
21:06:14.0042 3400 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
21:06:14.0042 3400 intelide - ok
21:06:14.0136 3400 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
21:06:14.0136 3400 intelppm - ok
21:06:14.0214 3400 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
21:06:14.0230 3400 IPBusEnum - ok
21:06:14.0292 3400 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:06:14.0292 3400 IpFilterDriver - ok
21:06:14.0292 3400 IpInIp - ok
21:06:14.0339 3400 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
21:06:14.0339 3400 IPMIDRV - ok
21:06:14.0433 3400 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
21:06:14.0433 3400 IPNAT - ok
21:06:15.0011 3400 iPod Service (d8389f60ec63fb8197772349e82b5bb7) C:\Program Files\iPod\bin\iPodService.exe
21:06:15.0011 3400 iPod Service - ok
21:06:15.0042 3400 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
21:06:15.0042 3400 IRENUM - ok
21:06:15.0074 3400 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
21:06:15.0089 3400 isapnp - ok
21:06:15.0167 3400 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
21:06:15.0167 3400 iScsiPrt - ok
21:06:15.0292 3400 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
21:06:15.0292 3400 iteatapi - ok
21:06:15.0324 3400 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
21:06:15.0324 3400 iteraid - ok
21:06:15.0386 3400 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:06:15.0386 3400 kbdclass - ok
21:06:15.0433 3400 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
21:06:15.0433 3400 kbdhid - ok
21:06:15.0464 3400 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
21:06:15.0464 3400 KeyIso - ok
21:06:15.0683 3400 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
21:06:15.0683 3400 KSecDD - ok
21:06:15.0808 3400 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
21:06:15.0808 3400 KtmRm - ok
21:06:15.0917 3400 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
21:06:15.0933 3400 LanmanServer - ok
21:06:16.0011 3400 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
21:06:16.0027 3400 LanmanWorkstation - ok
21:06:16.0105 3400 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
21:06:16.0105 3400 lltdio - ok
21:06:16.0152 3400 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
21:06:16.0167 3400 lltdsvc - ok
21:06:16.0230 3400 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
21:06:16.0230 3400 lmhosts - ok
21:06:16.0292 3400 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
21:06:16.0292 3400 LSI_FC - ok
21:06:16.0339 3400 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
21:06:16.0339 3400 LSI_SAS - ok
21:06:16.0402 3400 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
21:06:16.0402 3400 LSI_SCSI - ok
21:06:16.0511 3400 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
21:06:16.0511 3400 luafv - ok
21:06:16.0589 3400 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
21:06:16.0589 3400 Mcx2Svc - ok
21:06:16.0730 3400 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
21:06:16.0730 3400 megasas - ok
21:06:16.0871 3400 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
21:06:16.0871 3400 MMCSS - ok
21:06:16.0964 3400 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
21:06:16.0964 3400 Modem - ok
21:06:16.0996 3400 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
21:06:16.0996 3400 monitor - ok
21:06:17.0074 3400 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
21:06:17.0074 3400 mouclass - ok
21:06:17.0121 3400 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
21:06:17.0121 3400 mouhid - ok
21:06:17.0167 3400 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
21:06:17.0183 3400 MountMgr - ok
21:06:17.0230 3400 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
21:06:17.0230 3400 mpio - ok
21:06:17.0308 3400 MpKsl8db80754 - ok
21:06:17.0402 3400 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
21:06:17.0402 3400 mpsdrv - ok
21:06:17.0496 3400 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
21:06:17.0496 3400 Mraid35x - ok
21:06:17.0761 3400 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
21:06:17.0761 3400 MRxDAV - ok
21:06:18.0074 3400 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:06:18.0074 3400 mrxsmb - ok
21:06:18.0261 3400 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:06:18.0277 3400 mrxsmb10 - ok
21:06:18.0324 3400 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:06:18.0324 3400 mrxsmb20 - ok
21:06:18.0449 3400 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
21:06:18.0449 3400 msahci - ok
21:06:18.0527 3400 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
21:06:18.0527 3400 msdsm - ok
21:06:18.0652 3400 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
21:06:18.0652 3400 MSDTC - ok
21:06:18.0714 3400 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
21:06:18.0714 3400 Msfs - ok
21:06:18.0761 3400 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
21:06:18.0761 3400 msisadrv - ok
21:06:18.0855 3400 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
21:06:18.0871 3400 MSiSCSI - ok
21:06:18.0871 3400 msiserver - ok
21:06:18.0964 3400 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
21:06:18.0964 3400 MSKSSRV - ok
21:06:19.0011 3400 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
21:06:19.0011 3400 MSPCLOCK - ok
21:06:19.0042 3400 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
21:06:19.0042 3400 MSPQM - ok
21:06:19.0152 3400 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
21:06:19.0152 3400 MsRPC - ok
21:06:19.0230 3400 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
21:06:19.0230 3400 mssmbios - ok
21:06:19.0292 3400 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
21:06:19.0292 3400 MSTEE - ok
21:06:19.0386 3400 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
21:06:19.0386 3400 Mup - ok
21:06:19.0480 3400 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
21:06:19.0496 3400 napagent - ok
21:06:19.0652 3400 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
21:06:19.0652 3400 NativeWifiP - ok
21:06:19.0699 3400 NAVENG - ok
21:06:19.0699 3400 NAVEX15 - ok
21:06:19.0949 3400 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
21:06:19.0949 3400 NDIS - ok
21:06:19.0996 3400 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
21:06:19.0996 3400 NdisTapi - ok
21:06:20.0042 3400 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
21:06:20.0042 3400 Ndisuio - ok
21:06:20.0105 3400 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:06:20.0105 3400 NdisWan - ok
21:06:20.0136 3400 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
21:06:20.0136 3400 NDProxy - ok
21:06:20.0183 3400 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
21:06:20.0183 3400 NetBIOS - ok
21:06:20.0605 3400 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
21:06:20.0605 3400 netbt - ok
21:06:20.0667 3400 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
21:06:20.0667 3400 Netlogon - ok
21:06:20.0902 3400 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
21:06:20.0902 3400 Netman - ok
21:06:20.0964 3400 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
21:06:20.0964 3400 netprofm - ok
21:06:21.0292 3400 netr28u (b13cd27ca82d94e8e7f5e75022569e8d) C:\Windows\system32\DRIVERS\netr28u.sys
21:06:21.0308 3400 netr28u - ok
21:06:21.0558 3400 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:06:21.0558 3400 NetTcpPortSharing - ok
21:06:21.0683 3400 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
21:06:21.0683 3400 nfrd960 - ok
21:06:21.0792 3400 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
21:06:21.0808 3400 NlaSvc - ok
21:06:21.0839 3400 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
21:06:21.0839 3400 Npfs - ok
21:06:21.0871 3400 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
21:06:21.0871 3400 nsi - ok
21:06:21.0902 3400 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
21:06:21.0902 3400 nsiproxy - ok
21:06:22.0167 3400 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
21:06:22.0183 3400 Ntfs - ok
21:06:22.0261 3400 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
21:06:22.0261 3400 ntrigdigi - ok
21:06:22.0292 3400 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
21:06:22.0308 3400 Null - ok
21:06:22.0464 3400 NVHDA (a0a9e53b4aac3c6534a063aba69bc19f) C:\Windows\system32\drivers\nvhda32v.sys
21:06:22.0464 3400 NVHDA - ok
21:06:24.0496 3400 nvlddmkm (afb33a823aabc112fc7bd62afbcdb0cd) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:06:24.0589 3400 nvlddmkm - ok
21:06:25.0027 3400 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
21:06:25.0027 3400 nvraid - ok
21:06:25.0058 3400 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
21:06:25.0058 3400 nvstor - ok
21:06:25.0277 3400 nvsvc (782945716ad010ac3d41758e8e52c735) C:\Windows\system32\nvvsvc.exe
21:06:25.0277 3400 nvsvc - ok
21:06:25.0824 3400 nvUpdatusService (a974e5c310b9b00894070ceb055d467f) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:06:25.0839 3400 nvUpdatusService - ok
21:06:26.0261 3400 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
21:06:26.0261 3400 nv_agp - ok
21:06:26.0277 3400 NwlnkFlt - ok
21:06:26.0292 3400 NwlnkFwd - ok
21:06:26.0371 3400 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
21:06:26.0371 3400 ohci1394 - ok
21:06:26.0433 3400 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
21:06:26.0449 3400 p2pimsvc - ok
21:06:26.0464 3400 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
21:06:26.0464 3400 p2psvc - ok
21:06:26.0511 3400 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
21:06:26.0511 3400 Parport - ok
21:06:26.0621 3400 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
21:06:26.0621 3400 partmgr - ok
21:06:26.0683 3400 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
21:06:26.0683 3400 Parvdm - ok
21:06:26.0792 3400 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
21:06:26.0792 3400 PcaSvc - ok
21:06:26.0871 3400 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
21:06:26.0871 3400 pci - ok
21:06:26.0902 3400 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
21:06:26.0902 3400 pciide - ok
21:06:26.0933 3400 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
21:06:26.0933 3400 pcmcia - ok
21:06:27.0011 3400 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
21:06:27.0011 3400 PEAUTH - ok
21:06:27.0527 3400 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
21:06:27.0542 3400 pla - ok
21:06:27.0886 3400 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
21:06:27.0902 3400 PlugPlay - ok
21:06:27.0964 3400 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
21:06:27.0964 3400 PNRPAutoReg - ok
21:06:27.0980 3400 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
21:06:27.0996 3400 PNRPsvc - ok
21:06:28.0230 3400 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
21:06:28.0230 3400 PolicyAgent - ok
21:06:28.0371 3400 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
21:06:28.0371 3400 PptpMiniport - ok
21:06:28.0527 3400 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
21:06:28.0527 3400 Processor - ok
21:06:28.0621 3400 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
21:06:28.0621 3400 ProfSvc - ok
21:06:28.0667 3400 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
21:06:28.0667 3400 ProtectedStorage - ok
21:06:28.0714 3400 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
21:06:28.0714 3400 PSched - ok
21:06:28.0746 3400 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
21:06:28.0746 3400 PxHelp20 - ok
21:06:29.0027 3400 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
21:06:29.0027 3400 ql2300 - ok
21:06:29.0074 3400 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
21:06:29.0074 3400 ql40xx - ok
21:06:29.0277 3400 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
21:06:29.0277 3400 QWAVE - ok
21:06:29.0355 3400 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
21:06:29.0355 3400 QWAVEdrv - ok
21:06:29.0652 3400 RalinkRegistryWriter (432f5b15e21a54b48072593f03570326) C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe
21:06:29.0652 3400 RalinkRegistryWriter - ok
21:06:29.0699 3400 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
21:06:29.0699 3400 RasAcd - ok
21:06:29.0839 3400 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
21:06:29.0839 3400 RasAuto - ok
21:06:30.0027 3400 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:06:30.0027 3400 Rasl2tp - ok
21:06:30.0136 3400 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
21:06:30.0152 3400 RasMan - ok
21:06:30.0230 3400 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
21:06:30.0230 3400 RasPppoe - ok
21:06:30.0261 3400 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
21:06:30.0261 3400 RasSstp - ok
21:06:30.0308 3400 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
21:06:30.0308 3400 rdbss - ok
21:06:30.0386 3400 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:06:30.0386 3400 RDPCDD - ok
21:06:30.0542 3400 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
21:06:30.0542 3400 rdpdr - ok
21:06:30.0574 3400 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
21:06:30.0574 3400 RDPENCDD - ok
21:06:30.0761 3400 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
21:06:30.0761 3400 RDPWD - ok
21:06:30.0855 3400 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
21:06:30.0855 3400 RemoteAccess - ok
21:06:30.0964 3400 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
21:06:30.0964 3400 RemoteRegistry - ok
21:06:31.0417 3400 RoxMediaDB9 (9c19e4419a6acf8fff53f1dd1c305e9e) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
21:06:31.0433 3400 RoxMediaDB9 - ok
21:06:31.0527 3400 RoxWatch9 (9d95da35ec22511a1ceb38a8c3a0bc7e) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
21:06:31.0542 3400 RoxWatch9 - ok
21:06:31.0605 3400 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
21:06:31.0605 3400 RpcLocator - ok
21:06:31.0761 3400 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
21:06:31.0761 3400 RpcSs - ok
21:06:32.0058 3400 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
21:06:32.0058 3400 rspndr - ok
21:06:32.0121 3400 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
21:06:32.0121 3400 SamSs - ok
21:06:32.0292 3400 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
21:06:32.0292 3400 sbp2port - ok
21:06:32.0402 3400 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
21:06:32.0402 3400 SCardSvr - ok
21:06:32.0464 3400 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
21:06:32.0464 3400 Schedule - ok
21:06:32.0496 3400 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
21:06:32.0511 3400 SCPolicySvc - ok
21:06:32.0574 3400 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
21:06:32.0574 3400 SDRSVC - ok
21:06:32.0855 3400 SDScannerService (e1f35f902b825c7b18236271f398dda2) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
21:06:32.0871 3400 SDScannerService - ok
21:06:33.0386 3400 SDUpdateService (2db434f4ce96b3fb65d44b3ad5a4de3e) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
21:06:33.0402 3400 SDUpdateService - ok
21:06:33.0433 3400 SDWSCService (59dce6783f9ed27eb72c81466e363bf8) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
21:06:33.0433 3400 SDWSCService - ok
21:06:33.0777 3400 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:06:33.0777 3400 secdrv - ok
21:06:33.0855 3400 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
21:06:33.0855 3400 seclogon - ok
21:06:33.0933 3400 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
21:06:33.0933 3400 SENS - ok
21:06:33.0964 3400 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
21:06:33.0964 3400 Serenum - ok
21:06:34.0011 3400 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
21:06:34.0011 3400 Serial - ok
21:06:34.0042 3400 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
21:06:34.0042 3400 sermouse - ok
21:06:34.0136 3400 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
21:06:34.0136 3400 SessionEnv - ok
21:06:34.0199 3400 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
21:06:34.0199 3400 sffdisk - ok
21:06:34.0246 3400 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
21:06:34.0246 3400 sffp_mmc - ok
21:06:34.0292 3400 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
21:06:34.0292 3400 sffp_sd - ok
21:06:34.0371 3400 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
21:06:34.0371 3400 sfloppy - ok
21:06:34.0558 3400 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
21:06:34.0558 3400 ShellHWDetection - ok
21:06:34.0636 3400 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
21:06:34.0636 3400 sisagp - ok
21:06:34.0714 3400 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
21:06:34.0730 3400 SiSRaid2 - ok
21:06:34.0761 3400 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
21:06:34.0761 3400 SiSRaid4 - ok
21:06:35.0558 3400 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
21:06:35.0589 3400 slsvc - ok
21:06:36.0027 3400 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
21:06:36.0027 3400 SLUINotify - ok
21:06:36.0339 3400 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
21:06:36.0355 3400 Smb - ok
21:06:36.0402 3400 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
21:06:36.0402 3400 SNMPTRAP - ok
21:06:36.0464 3400 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
21:06:36.0464 3400 spldr - ok
21:06:36.0496 3400 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
21:06:36.0511 3400 Spooler - ok
21:06:36.0558 3400 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
21:06:36.0558 3400 srv - ok
21:06:36.0714 3400 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
21:06:36.0714 3400 srv2 - ok
21:06:36.0886 3400 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
21:06:36.0886 3400 srvnet - ok
21:06:37.0011 3400 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
21:06:37.0011 3400 SSDPSRV - ok
21:06:37.0058 3400 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
21:06:37.0058 3400 SstpSvc - ok
21:06:37.0417 3400 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:06:37.0417 3400 Stereo Service - ok
21:06:37.0511 3400 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
21:06:37.0511 3400 stisvc - ok
21:06:37.0589 3400 stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
21:06:37.0589 3400 stllssvr - ok
21:06:37.0714 3400 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
21:06:37.0714 3400 swenum - ok
21:06:38.0058 3400 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
21:06:38.0058 3400 swprv - ok
21:06:38.0089 3400 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
21:06:38.0089 3400 Symc8xx - ok
21:06:38.0105 3400 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
21:06:38.0105 3400 Sym_hi - ok
21:06:38.0121 3400 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
21:06:38.0121 3400 Sym_u3 - ok
21:06:38.0183 3400 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
21:06:38.0183 3400 SysMain - ok
21:06:38.0292 3400 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
21:06:38.0292 3400 TabletInputService - ok
21:06:38.0402 3400 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
21:06:38.0402 3400 TapiSrv - ok
21:06:38.0480 3400 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
21:06:38.0480 3400 TBS - ok
21:06:38.0777 3400 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys
21:06:38.0792 3400 Tcpip - ok
21:06:38.0824 3400 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys
21:06:38.0824 3400 Tcpip6 - ok
21:06:38.0871 3400 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys
21:06:38.0871 3400 tcpipreg - ok
21:06:38.0933 3400 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
21:06:38.0933 3400 TDPIPE - ok
21:06:39.0027 3400 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
21:06:39.0027 3400 TDTCP - ok
21:06:39.0246 3400 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
21:06:39.0246 3400 tdx - ok
21:06:39.0339 3400 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
21:06:39.0339 3400 TermDD - ok
21:06:39.0402 3400 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
21:06:39.0402 3400 TermService - ok
21:06:39.0449 3400 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
21:06:39.0464 3400 Themes - ok
21:06:39.0558 3400 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
21:06:39.0558 3400 THREADORDER - ok
21:06:39.0699 3400 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
21:06:39.0699 3400 TrkWks - ok
21:06:39.0824 3400 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
21:06:39.0824 3400 TrustedInstaller - ok
21:06:39.0917 3400 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:06:39.0917 3400 tssecsrv - ok
21:06:40.0011 3400 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
21:06:40.0011 3400 tunmp - ok
21:06:40.0105 3400 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
21:06:40.0105 3400 tunnel - ok
21:06:40.0183 3400 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
21:06:40.0183 3400 uagp35 - ok
21:06:40.0308 3400 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
21:06:40.0308 3400 udfs - ok
21:06:40.0355 3400 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
21:06:40.0355 3400 UI0Detect - ok
21:06:40.0386 3400 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
21:06:40.0386 3400 uliagpkx - ok
21:06:40.0433 3400 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
21:06:40.0433 3400 uliahci - ok
21:06:40.0449 3400 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
21:06:40.0449 3400 UlSata - ok
21:06:40.0480 3400 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
21:06:40.0480 3400 ulsata2 - ok
21:06:40.0511 3400 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
21:06:40.0511 3400 umbus - ok
21:06:40.0933 3400 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
21:06:40.0933 3400 upnphost - ok
21:06:41.0042 3400 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
21:06:41.0042 3400 usbaudio - ok
21:06:41.0136 3400 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
21:06:41.0136 3400 usbccgp - ok
21:06:41.0183 3400 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
21:06:41.0183 3400 usbcir - ok
21:06:41.0199 3400 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
21:06:41.0199 3400 usbehci - ok
21:06:41.0246 3400 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
21:06:41.0246 3400 usbhub - ok
21:06:41.0277 3400 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
21:06:41.0277 3400 usbohci - ok
21:06:41.0355 3400 USBPNPA (41b758cff0a3c10a69e088f440677399) C:\Windows\system32\drivers\CM108.sys
21:06:41.0355 3400 USBPNPA - ok
21:06:41.0980 3400 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
21:06:41.0980 3400 usbprint - ok
21:06:42.0011 3400 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:06:42.0011 3400 USBSTOR - ok
21:06:42.0105 3400 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
21:06:42.0105 3400 usbuhci - ok
21:06:42.0292 3400 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
21:06:42.0292 3400 usbvideo - ok
21:06:42.0355 3400 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
21:06:42.0355 3400 UxSms - ok
21:06:42.0464 3400 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
21:06:42.0464 3400 vds - ok
21:06:42.0511 3400 VF0270Dev (615d7eb05d35d8f035ab6c77c8a969ea) C:\Windows\system32\DRIVERS\V0270Dev.sys
21:06:42.0511 3400 VF0270Dev - ok
21:06:42.0574 3400 VF0270Vfx (8c6fc17847495c39a46f61584102a52f) C:\Windows\system32\DRIVERS\V0270VFx.sys
21:06:42.0574 3400 VF0270Vfx - ok
21:06:42.0652 3400 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
21:06:42.0652 3400 vga - ok
21:06:42.0746 3400 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
21:06:42.0746 3400 VgaSave - ok
21:06:42.0839 3400 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
21:06:42.0839 3400 viaagp - ok
21:06:42.0871 3400 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
21:06:42.0871 3400 ViaC7 - ok
21:06:42.0917 3400 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
21:06:42.0917 3400 viaide - ok
21:06:42.0933 3400 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
21:06:42.0933 3400 volmgr - ok
21:06:43.0167 3400 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
21:06:43.0167 3400 volmgrx - ok
21:06:43.0214 3400 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
21:06:43.0214 3400 volsnap - ok
21:06:43.0246 3400 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
21:06:43.0246 3400 vsmraid - ok
21:06:43.0636 3400 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
21:06:43.0652 3400 VSS - ok
21:06:44.0261 3400 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
21:06:44.0261 3400 W32Time - ok
21:06:44.0449 3400 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
21:06:44.0449 3400 WacomPen - ok
21:06:44.0527 3400 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:06:44.0527 3400 Wanarp - ok
21:06:44.0542 3400 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:06:44.0542 3400 Wanarpv6 - ok
21:06:44.0746 3400 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
21:06:44.0746 3400 wcncsvc - ok
21:06:44.0792 3400 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
21:06:44.0792 3400 WcsPlugInService - ok
21:06:44.0839 3400 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
21:06:44.0839 3400 Wd - ok
21:06:44.0996 3400 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
21:06:45.0011 3400 Wdf01000 - ok
21:06:45.0167 3400 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
21:06:45.0183 3400 WdiServiceHost - ok
21:06:45.0183 3400 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
21:06:45.0199 3400 WdiSystemHost - ok
21:06:45.0496 3400 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
21:06:45.0496 3400 WebClient - ok
21:06:45.0558 3400 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
21:06:45.0558 3400 Wecsvc - ok
21:06:45.0605 3400 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
21:06:45.0621 3400 wercplsupport - ok
21:06:45.0652 3400 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
21:06:45.0667 3400 WerSvc - ok
21:06:45.0667 3400 WinHttpAutoProxySvc - ok
21:06:45.0746 3400 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
21:06:45.0746 3400 Winmgmt - ok
21:06:46.0167 3400 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
21:06:46.0183 3400 WinRM - ok
21:06:46.0527 3400 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
21:06:46.0527 3400 Wlansvc - ok
21:06:46.0871 3400 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:06:46.0871 3400 wlcrasvc - ok
21:06:47.0355 3400 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:06:47.0371 3400 wlidsvc - ok
21:06:47.0902 3400 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
21:06:47.0902 3400 WmiAcpi - ok
21:06:48.0167 3400 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
21:06:48.0167 3400 wmiApSrv - ok
21:06:48.0761 3400 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
21:06:48.0761 3400 WMPNetworkSvc - ok
21:06:48.0980 3400 WN4501HLFZZ(Technology Corporation) (f7bba76f5e946991a654983abba64bb2) C:\Windows\system32\DRIVERS\O4501U.sys
21:06:48.0980 3400 WN4501HLFZZ(Technology Corporation) - ok
21:06:49.0089 3400 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
21:06:49.0105 3400 WPCSvc - ok
21:06:49.0308 3400 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
21:06:49.0324 3400 WPDBusEnum - ok
21:06:49.0386 3400 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
21:06:49.0386 3400 WpdUsb - ok
21:06:49.0746 3400 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:06:49.0761 3400 WPFFontCache_v0400 - ok
21:06:49.0808 3400 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
21:06:49.0808 3400 ws2ifsl - ok
21:06:49.0824 3400 WSearch - ok
21:06:50.0214 3400 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
21:06:50.0230 3400 wuauserv - ok
21:06:50.0542 3400 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:06:50.0542 3400 WUDFRd - ok
21:06:50.0683 3400 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
21:06:50.0699 3400 wudfsvc - ok
21:06:50.0714 3400 ZDPSp60 - ok
21:06:50.0777 3400 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:06:51.0277 3400 \Device\Harddisk0\DR0 - ok
21:06:51.0324 3400 Boot (0x1200) (88db5821e48e9d239c55b7b06234d22e) \Device\Harddisk0\DR0\Partition0
21:06:51.0339 3400 \Device\Harddisk0\DR0\Partition0 - ok
21:06:51.0339 3400 ============================================================
21:06:51.0339 3400 Scan finished
21:06:51.0339 3400 ============================================================
21:06:51.0355 3628 Detected object count: 0
21:06:51.0355 3628 Actual detected object count: 0
21:08:52.0605 1352 Deinitialize success


Problem:

Second scan (MBR) - I can see the log, but when I open it, its all gibberish. (When it ran - I said I had 3 infected items...)

As for the last ESET - when I clicked it - it says error 404.

Sorry for being a pain all.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:56 AM

Posted 08 August 2012 - 03:32 PM

Boot into safemode with networking

Let me know if you can run ESET scan from there

Regarding ASWMBR,Click on SAVE log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 Plight

Plight
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 08 August 2012 - 03:56 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Richard (administrator) on 08-08-2012 at

21:51:02
Microsoft® Windows Vista™ Home Premium Service

Pack 2 (X86)
Boot Mode: Network
***************************************************

************************

========================= Flush DNS:

===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings:

==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were

reset.
========================= Hosts content:

=================================

::1 localhost

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15212 more lines starting with

"127.0.0.1"

========================= IP Configuration:

================================

Edimax nLite Wireless USB Adapter = Wireless

Network Connection (Connected)
VIA Rhine II Fast Ethernet Adapter = Local Area

Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Gryffin
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : HG532.com

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : HG532.com
Description . . . . . . . . . . . : Edimax nLite

Wireless USB Adapter
Physical Address. . . . . . . . . : 00-1F-1F-64

-C6-0D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . :

fe80::5062:374a:b283:3942%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.4

(Preferred)
Subnet Mask . . . . . . . . . . . :

255.255.255.0
Lease Obtained. . . . . . . . . . : 08 August

2012 21:36:47
Lease Expires . . . . . . . . . . : 09 August

2012 21:36:47
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 251666207
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01

-0D-54-06-BE-00-19-DB-36-5C-DD
DNS Servers . . . . . . . . . . . : 192.168.1.1
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VIA Rhine II

Fast Ethernet Adapter
Physical Address. . . . . . . . . : 00-19-DB-36

-5C-DD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.

{23A2619B-32FB-42D5-B965-19025A0A581D}
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo

Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55

-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft

ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.

{C6A2292A-75E9-46B5-9001-489B7F9BEBCF}
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.

{C6A2292A-75E9-46B5-9001-489B7F9BEBCF}
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.

{C6A2292A-75E9-46B5-9001-489B7F9BEBCF}
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :

isatap.HG532.com
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.

{C6A2292A-75E9-46B5-9001-489B7F9BEBCF}
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 19:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :

isatap.HG532.com
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.

{C6A2292A-75E9-46B5-9001-489B7F9BEBCF}
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 21:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :

isatap.HG532.com
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 25:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :

isatap.HG532.com
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 26:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.

{C6A2292A-75E9-46B5-9001-489B7F9BEBCF}
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 27:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :

isatap.HG532.com
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 28:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.

{C6A2292A-75E9-46B5-9001-489B7F9BEBCF}
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 31:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :

isatap.HG532.com
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 33:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.

{C6A2292A-75E9-46B5-9001-489B7F9BEBCF}
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 34:

Media State . . . . . . . . . . . : Media

disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . :

isatap.HG532.com
Physical Address. . . . . . . . . : 00-00-00-00

-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2a00:1450:4009:808::100e
173.194.41.137
173.194.41.129
173.194.41.133
173.194.41.130
173.194.41.132
173.194.41.131
173.194.41.142
173.194.41.135
173.194.41.128
173.194.41.136
173.194.41.134

Pinging google.com [173.194.41.137] with 32 bytes

of data:Reply from 173.194.41.137: bytes=32

time=36ms TTL=54Reply from 173.194.41.137: bytes=32

time=35ms TTL=54Ping statistics for 173.194.41.137:

Packets: Sent = 2, Received = 2, Lost = 0 (0%

loss),Approximate round trip times in milli-

seconds: Minimum = 35ms, Maximum = 36ms, Average

= 35msServer: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70

Pinging yahoo.com [72.30.38.140] with 32 bytes of

data:Reply from 72.30.38.140: bytes=32 time=197ms

TTL=52Reply from 72.30.38.140: bytes=32 time=220ms

TTL=52Ping statistics for 72.30.38.140: Packets:

Sent = 2, Received = 2, Lost = 0 (0%

loss),Approximate round trip times in milli-

seconds: Minimum = 197ms, Maximum = 220ms,

Average = 208msServer: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32

bytes of data:Reply from 208.43.87.2: Destination

host unreachable.Reply from 208.43.87.2:

Destination host unreachable.Ping statistics for

208.43.87.2: Packets: Sent = 2, Received = 2,

Lost = 0 (0% loss),Pinging 127.0.0.1 with 32 bytes

of data:Reply from 127.0.0.1: bytes=32 time<1ms

TTL=128Reply from 127.0.0.1: bytes=32 time<1ms

TTL=128Ping statistics for 127.0.0.1: Packets:

Sent = 2, Received = 2, Lost = 0 (0%

loss),Approximate round trip times in milli-

seconds: Minimum = 0ms, Maximum = 0ms, Average =

0ms================================================

===========================
Interface List
14 ...00 1f 1f 64 c6 0d ...... Edimax nLite

Wireless USB Adapter
8 ...00 19 db 36 5c dd ......

VIA Rhine II Fast Ethernet Adapter
1

........................... Software Loopback

Interface 1
31 ...00 00 00 00 00 00 00 e0 isatap.

{23A2619B-32FB-42D5-B965-19025A0A581D}
9 ...02 00

54 55 4e 01 ...... Teredo Tunneling Pseudo-

Interface
13 ...00 00 00 00 00 00 00 e0 Microsoft

ISATAP Adapter #3
15 ...00 00 00 00 00 00 00 e0

isatap.{C6A2292A-75E9-46B5-9001-489B7F9BEBCF}
16

...00 00 00 00 00 00 00 e0 isatap.{C6A2292A-75E9-

46B5-9001-489B7F9BEBCF}
17 ...00 00 00 00 00 00 00

e0 isatap.{C6A2292A-75E9-46B5-9001-489B7F9BEBCF}


20 ...00 00 00 00 00 00 00 e0 isatap.HG532.com
19

...00 00 00 00 00 00 00 e0 isatap.{C6A2292A-75E9-

46B5-9001-489B7F9BEBCF}
21 ...00 00 00 00 00 00 00

e0 isatap.HG532.com
22 ...00 00 00 00 00 00 00 e0

isatap.{C6A2292A-75E9-46B5-9001-489B7F9BEBCF}
23

...00 00 00 00 00 00 00 e0 isatap.HG532.com
27

...00 00 00 00 00 00 00 e0 isatap.HG532.com
28

...00 00 00 00 00 00 00 e0 isatap.{C6A2292A-75E9-

46B5-9001-489B7F9BEBCF}
29 ...00 00 00 00 00 00 00

e0 isatap.HG532.com
30 ...00 00 00 00 00 00 00 e0

isatap.{C6A2292A-75E9-46B5-9001-489B7F9BEBCF}
34

...00 00 00 00 00 00 00 e0 isatap.HG532.com
36

...00 00 00 00 00 00 00 e0 isatap.{C6A2292A-75E9-

46B5-9001-489B7F9BEBCF}
37 ...00 00 00 00 00 00 00

e0 isatap.HG532.com
===================================================

========================

IPv4 Route Table
===================================================

========================
Active Routes:
Network Destination Netmask Gateway

Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1

192.168.1.4 25
127.0.0.0 255.0.0.0 On-link

127.0.0.1 306
127.0.0.1 255.255.255.255 On-link

127.0.0.1 306
127.255.255.255 255.255.255.255 On-link

127.0.0.1 306
192.168.1.0 255.255.255.0 On-link

192.168.1.4 281
192.168.1.4 255.255.255.255 On-link

192.168.1.4 281
192.168.1.255 255.255.255.255 On-link

192.168.1.4 281
224.0.0.0 240.0.0.0 On-link

127.0.0.1 306
224.0.0.0 240.0.0.0 On-link

192.168.1.4 281
255.255.255.255 255.255.255.255 On-link

127.0.0.1 306
255.255.255.255 255.255.255.255 On-link

192.168.1.4 281
===================================================

========================
Persistent Routes:
None

IPv6 Route Table
===================================================

========================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
14 281 fe80::/64 On-link
14 281 fe80::5062:374a:b283:3942/128
On-link
1 306 ff00::/8 On-link
14 281 ff00::/8 On-link
===================================================

========================
Persistent Routes:
None
========================= Winsock entries

=====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128]

(Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176]

(Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464]

(Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464]

(Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968]

(Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll

[152864] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll

[223232] (Microsoft Corporation)

========================= Event log errors:

===============================

Application errors:
==================
Error: (08/08/2012 09:36:42 PM) (Source:

EventSystem) (User: )
Description:

d:\longhorn\com\complus\src\events\tier1

\eventsystemobj.cpp458007043c

Error: (08/08/2012 02:36:28 AM) (Source: Windows

Search Service) (User: )
Description: The entry

<C:\USERS\RICHARD\APPDATA\ROAMING\MACROMEDIA\FLASH

PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#EFFE

CTIVEMEASURE.NET> in the hash map cannot be

updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is

not functioning. (0x8007001f)

Error: (08/08/2012 01:49:12 AM) (Source: Microsoft

-Windows-RestartManager) (User: Gryffin)Gryffin
Description: 0Matsvc.exeMicrosoft Automated

Troubleshooting Service03026217832440

Error: (08/07/2012 11:09:52 PM) (Source: Microsoft

-Windows-RestartManager) (User: Gryffin)Gryffin
Description: 0C:\Windows\explorer.exeWindows

Explorer0411719720

Error: (08/07/2012 11:08:06 PM) (Source: Microsoft

-Windows-RestartManager) (User: Gryffin)Gryffin
Description: 0C:\Program

Files\CheckPoint\Install\Install.exeCheck Point

Install Utility0111734760

Error: (08/07/2012 11:05:24 PM) (Source:

Application Error) (User: )
Description: Faulting application vsmon.exe,

version 10.2.73.0, time stamp 0x5016d917, faulting

module inetcomm.dll, version 6.0.6002.18463, time

stamp 0x4dbee731, exception code 0xc0000005, fault

offset 0x0000a749,
process id 0x6f8, application start time

0xvsmon.exe0.

Error: (08/07/2012 02:15:51 AM) (Source:

Application Hang) (User: )
Description: The program iexplore.exe version

9.0.8112.16447 stopped interacting with Windows and

was closed. To see if more information about the

problem is available, check the problem history in

the Problem Reports and Solutions control panel.
Process ID: 168c
Start Time: 01cd743961a88859
Termination Time: 78

Error: (08/07/2012 02:13:56 AM) (Source:

Application Hang) (User: )
Description: The program iexplore.exe version

9.0.8112.16447 stopped interacting with Windows and

was closed. To see if more information about the

problem is available, check the problem history in

the Problem Reports and Solutions control panel.
Process ID: c78
Start Time: 01cd7439756e28b7
Termination Time: 407

Error: (08/07/2012 01:40:04 AM) (Source: System

Restore) (User: )
Description: Failed to create restore point on

volume (Process =

c:\users\Richard\Downloads\HitmanPro36.exe ;

Descripton = ??????A?A A ?????????? ?

a????????????????????????????????

Aaaaaaaaaaaaaaaaaaaaaaa??; Hr = 0x80070057).

Error: (08/07/2012 00:53:54 AM) (Source:

Application Error) (User: )
Description: Faulting application MpCmdRun.exe,

version 4.0.1526.0, time stamp 0x4f710248, faulting

module unknown, version 0.0.0.0, time stamp

0x00000000, exception code 0xc0000005, fault offset

0x0001021e,
process id 0xa20, application start time

0xMpCmdRun.exe0.


System errors:
=============
Error: (08/08/2012 09:37:24 PM) (Source: Service

Control Manager) (User: )
Description: giveio
i8042prt
spldr
Wanarpv6

Error: (08/08/2012 09:37:24 PM) (Source: Service

Control Manager) (User: )
Description: Spybot-S&D 2 Security Center

Servicewscsvc

Error: (08/08/2012 09:37:24 PM) (Source: Service

Control Manager) (User: )
Description: IPsec Policy AgentBFE

Error: (08/08/2012 09:37:24 PM) (Source: Service

Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE

Error: (08/08/2012 09:37:24 PM) (Source: Service

Control Manager) (User: )
Description: Computer BrowserServer%%1068

Error: (08/08/2012 09:36:55 PM) (Source: DCOM)

(User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-

5C22C517CE39}

Error: (08/08/2012 09:36:53 PM) (Source: DCOM)

(User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-

505054503030}

Error: (08/08/2012 09:36:47 PM) (Source: DCOM)

(User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-

7C35AD3180EF}

Error: (08/08/2012 09:36:42 PM) (Source: Microsoft

-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: C:\Windows\system32\RAIHV.dll21

Error: (08/08/2012 09:36:42 PM) (Source: DCOM)

(User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-

B726-00C04FB926AF}


Microsoft Office Sessions:
=========================
Error: (08/08/2012 09:36:42 PM) (Source:

EventSystem)(User: )
Description:

d:\longhorn\com\complus\src\events\tier1

\eventsystemobj.cpp458007043c

Error: (08/08/2012 02:36:28 AM) (Source: Windows

Search Service)(User: )
Description: Context: Application, SystemIndex

Catalog

Details:
A device attached to the system is

not functioning. (0x8007001f)
C:\USERS\RICHARD\APPDATA\ROAMING\MACROMEDIA\FLASH

PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#EFFE

CTIVEMEASURE.NET

Error: (08/08/2012 01:49:12 AM) (Source: Microsoft

-Windows-RestartManager)(User: Gryffin)Gryffin
Description: 0Matsvc.exeMicrosoft Automated

Troubleshooting Service03026217832440

Error: (08/07/2012 11:09:52 PM) (Source: Microsoft

-Windows-RestartManager)(User: Gryffin)Gryffin
Description: 0C:\Windows\explorer.exeWindows

Explorer0411719720

Error: (08/07/2012 11:08:06 PM) (Source: Microsoft

-Windows-RestartManager)(User: Gryffin)Gryffin
Description: 0C:\Program

Files\CheckPoint\Install\Install.exeCheck Point

Install Utility0111734760

Error: (08/07/2012 11:05:24 PM) (Source:

Application Error)(User: )
Description:

vsmon.exe10.2.73.05016d917inetcomm.dll6.0.6002.1846

34dbee731c00000050000a7496f801cd74c27073baf1

Error: (08/07/2012 02:15:51 AM) (Source:

Application Hang)(User: )
Description:

iexplore.exe9.0.8112.16447168c01cd743961a8885978

Error: (08/07/2012 02:13:56 AM) (Source:

Application Hang)(User: )
Description:

iexplore.exe9.0.8112.16447c7801cd7439756e28b7407

Error: (08/07/2012 01:40:04 AM) (Source: System

Restore)(User: )
Description:

c:\users\Richard\Downloads\HitmanPro36.exe ??????

A?A A ?????????? ?

a????????????????????????????????

Aaaaaaaaaaaaaaaaaaaaaaa??0x80070057

Error: (08/07/2012 00:53:54 AM) (Source:

Application Error)(User: )
Description:

MpCmdRun.exe4.0.1526.04f710248unknown0.0.0.00000000

0c00000050001021ea2001cd742ebc02bdde


=========================== Installed Programs

============================

7-Zip 4.65
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version:

11.3.300.268)
Adobe Reader 9.5.1 (Version: 9.5.1)
Advanced Video FX Engine
Apple Application Support (Version: 1.2.1)
Apple Mobile Device Support (Version: 3.0.0.102)
Apple Software Update (Version: 2.1.1.116)
Belkin Wireless USB Utility (Version: 6.3.2.16)
Bonjour (Version: 2.0.0.34)
CCleaner (Version: 2.29)
Cisco EAP-FAST Module (Version: 2.1.6)
Cisco LEAP Module (Version: 1.0.12)
Cisco PEAP Module (Version: 1.0.13)
Creative Live! Cam Optia Driver (1.01.02.00)
Creative Photo Calendar
Creative Photo Manager
Creative System Information
Creator 9
D3DX10 (Version: 15.4.2368.0902)
DivX Content Uploader (Version: 1.2.1)
DivX Web Player (Version: 1.3.1)
Downloader
DriverAgent by eSupport.com
EBookCreator LITE
EDIMAX Edimax Wireless LAN (Version: 1.0.3.0)
Fraps (remove only)
Google Chrome (Version: 21.0.1180.60)
HDReg (Version: 2.0.0)
Infocentre Rev. 2.0
iTunes (Version: 9.1.0.79)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 32 (Version: 6.0.320)
Java™ SE Runtime Environment 6 (Version:

1.6.0.0)
Junk Mail filter update (Version: 15.4.3502.0922)
MAGIX Music Manager 2006 (UK) (Version: 7.2.0.167)
Malwarebytes Anti-Malware version 1.62.0.1300

(Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update

(KB2656353)
Microsoft .NET Framework 1.1 Security Update

(KB2656370)
Microsoft .NET Framework 1.1 Security Update

(KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version:

3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version:

4.0.30319)
Microsoft Application Error Reporting (Version:

12.0.6012.5000)
Microsoft LifeChat (Version: 1.30.196.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU]

(Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86

8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version:

8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version:

8.0.61001)
Microsoft Visual C++ 2008 Redistributable -

KB2467174 - x86 9.0.30729.5570 (Version:

9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86

9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86

9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86

9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.05.0818)
Microsoft Works 8.5
Microsoft XML Parser (Version: 8.0.7820.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Mumble and Murmur (Version: 1.2.2)
newnovelist
NirSoft BlueScreenView
NIS2007
NVIDIA 3D Vision Controller Driver (Version:

280.19)
NVIDIA 3D Vision Controller Driver 301.42 (Version:

301.42)
NVIDIA 3D Vision Driver 301.42 (Version: 301.42)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Display Control Panel (Version:

6.14.12.5896)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA HD Audio Driver 1.3.16.0 (Version: 1.3.16.0)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version:

9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version:

7.17.13.0142)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
Packard Bell Updator
PVSonyDll (Version: 1.00.0001)
QuickTime (Version: 7.66.71.0)
Realtek HD Audio V6.0.1.5322
Realtek High Definition Audio Driver (Version:

6.0.1.5322)
Roxio Creator 9 LE (Version: 9.0.156)
Sage Planning for Business v2 (Version: 2.1.6000.0)
Segoe UI (Version: 15.4.2271.0615)
SetUp My PC
SightSpeed (remove only) (Version: 6.0 (6088))
Skype 2.5.2.151
Skype 3.0 (Version: 3.0)
Skype Plugin Manager (Version: 1.0.217)
Spybot - Search & Destroy (Version: 2.0.8)
System Requirements Lab
System Requirements Lab CYRI (Version: 4.5.1.0)
TeamSpeak 2 RC2 (Version: 2.0.32.60)
TeamSpeak 3 Client
THE SETTLERS - Rise of an Empire (Version:

1.00.0000)
Ubisoft Game Launcher (Version: 1.0.0.0)
Update for Microsoft .NET Framework 3.5 SP1

(KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client

Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client

Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client

Profile (KB2600217) (Version: 1)
Ventrilo Client (Version: 3.0.5)
VIA Rhine Family Fast Ethernet Adapter
Video NVIDIA v97.19
Visual C++ 2008 x86 Runtime - (v9.0.30729)

(Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01

(Version: 9.0.30729.01)
Windows Live Communications Platform (Version:

15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version:

15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version:

7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote

Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version:

15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version:

15.4.3502.0922)
Windows Live PIMT Platform (Version:

15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version:

15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version:

15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version:

15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version:

15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version:

15.4.3502.0922)
WinRAR archiver
Wireless Network Manager (Version: 1.0.0.1)
World of Warcraft (Version: 4.0.6.13623)
Xfire (remove only)
ZoneAlarm LTD Toolbar

========================= Memory info:

===================================

Percentage of memory in use: 25%
Total physical RAM: 2045.76 MB
Available physical RAM: 1524.77 MB
Total Pagefile: 4326.77 MB
Available Pagefile: 3982.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1965.47 MB

========================= Partitions:

=====================================

1 Drive c: (HDD) (Fixed) (Total:141.04 GB)

(Free:35.32 GB) NTFS

========================= Users:

========================================

User accounts for \\GRYFFIN

Administrator ASPNET

Guest
Richard UpdatusUser


**** End of log ****

#6 Plight

Plight
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 08 August 2012 - 04:18 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-08 21:57:06
-----------------------------
21:57:06.496 OS Version: Windows 6.0.6002 Service Pack 2
21:57:06.496 Number of processors: 2 586 0x602
21:57:06.496 ComputerName: GRYFFIN UserName: Richard
21:57:44.589 Initialize success
21:58:03.699 AVAST engine defs: 12080800
21:58:15.730 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:58:15.730 Disk 0 Vendor: ST3160212AS 3.AAE Size: 152627MB BusType: 3
21:58:15.746 Disk 0 MBR read successfully
21:58:15.746 Disk 0 MBR scan
21:58:15.746 Disk 0 Windows VISTA default MBR code
21:58:15.746 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 8197 MB offset 63
21:58:15.777 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 144429 MB offset 16787925
21:58:15.792 Disk 0 scanning sectors +312579760
21:58:15.855 Disk 0 scanning C:\Windows\system32\drivers
21:58:27.183 Service scanning
21:59:08.261 Modules scanning
21:59:17.371 Disk 0 trace - called modules:
21:59:17.386
21:59:17.949 AVAST engine scan C:\Windows
21:59:20.464 AVAST engine scan C:\Windows\system32
22:02:55.949 AVAST engine scan C:\Windows\system32\drivers
22:03:09.964 AVAST engine scan C:\Users\Richard
22:05:10.917 File: C:\Users\Richard\AppData\Local\Temp\e3s.exe **INFECTED** Win32:Sirefef-AGC [Trj]
22:05:13.199 File: C:\Users\Richard\AppData\Local\Temp\~!#4ABB.tmp **INFECTED** Win32:Karagany-JG [Trj]
22:05:39.167 File: C:\Users\Richard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\357d943-50336017 **INFECTED** Win32:Sirefef-AGC [Trj]
22:12:09.058 AVAST engine scan C:\ProgramData
22:14:42.152 Scan finished successfully
22:17:46.339 Disk 0 MBR has been saved successfully to "C:\Users\Richard\Desktop\MBR.dat"
22:17:46.355 The log file has been saved successfully to "C:\Users\Richard\Desktop\aswMBR1.txt"

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:56 AM

Posted 09 August 2012 - 12:26 AM

Still need the MBAM log

Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here


Let me know if you can run ESET scanner in safemode with networking




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users