Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Comp keeps seizing up


  • This topic is locked This topic is locked
25 replies to this topic

#1 Rtexas22

Rtexas22

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 16 August 2012 - 11:48 AM

computer keeps seizing up
can someone take a look please. I cant open many things in Firefox and it makes it hard to browse

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:38 PM

Posted 21 August 2012 - 11:50 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/465460 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Rtexas22

Rtexas22
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 24 August 2012 - 07:57 AM

yes would still like help
thanks

new logs enclosed as asked

my comp keeps freezing for no reason and its really slow, logs enclosed

Attached Files



#4 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:38 AM

Posted 24 August 2012 - 08:40 AM

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days. :)


Hello there, Rtexas22

:welcome:

I'm Conspire, I'll be glad to help you with your computer problems.

Please observe these rules while we work:
  • Read the entire procedure
  • It is important to perform ALL actions in sequence.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with me till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.

IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.

---------------------------------------------------------------------------------------------------

We apologize for the delayed response.

---------------------------------------------------------------------------------------------------
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#5 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:38 AM

Posted 24 August 2012 - 08:40 AM

Hello,

Please download aswMBR.exe and save it to your desktop.
  • Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator)
  • Allow it to update where necessary
  • Click Scan

  • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
  • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.
===================================================

Download TDSSKiller.exe and save it to your desktop

Execute TDSSKiller.exe by doubleclicking on it.
Press Start Scan
If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

===================================================

On your next reply please post :
aswMBR log
MBR.dat (attachment)
TDSS Killer log


Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

Good Day!
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#6 Rtexas22

Rtexas22
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 24 August 2012 - 05:36 PM

Just a message from Malwareabyetes that someone was trying to drop a trojan in a fss.exe file. any idea what that was?

#7 Rtexas22

Rtexas22
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 24 August 2012 - 06:09 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-24 23:44:07
-----------------------------
23:44:07.793 OS Version: Windows 6.0.6002 Service Pack 2
23:44:07.793 Number of processors: 2 586 0xF0B
23:44:07.795 ComputerName: DELL-530 UserName: Chris
23:44:19.421 Initialize success
23:44:20.884 AVAST engine defs: 12082402
23:44:23.191 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-1
23:44:23.193 Disk 0 Vendor: ST3320613AS DE11 Size: 305245MB BusType: 3
23:44:23.213 Disk 0 MBR read successfully
23:44:23.215 Disk 0 MBR scan
23:44:23.218 Disk 0 Windows VISTA default MBR code
23:44:23.261 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 295243 MB offset 2048
23:44:23.289 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10000 MB offset 604659712
23:44:23.319 Disk 0 scanning sectors +625139712
23:44:23.402 Disk 0 scanning C:\Windows\system32\drivers
23:44:48.501 Service scanning
23:45:19.822 Modules scanning
23:45:30.299 Disk 0 trace - called modules:
23:45:30.335 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys
23:45:30.672 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86650528]
23:45:30.676 3 CLASSPNP.SYS[8afa68b3] -> nt!IofCallDriver -> [0x84fa2918]
23:45:30.681 5 acpi.sys[82e936bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-1[0x85d65b98]
23:45:35.605 AVAST engine scan C:\Windows
23:45:42.020 AVAST engine scan C:\Windows\system32
23:51:28.399 AVAST engine scan C:\Windows\system32\drivers
23:52:22.771 AVAST engine scan C:\Users\Chris
00:00:46.556 AVAST engine scan C:\ProgramData
00:04:36.025 Scan finished successfully
00:06:09.295 Disk 0 MBR has been saved successfully to "C:\Users\Chris\Desktop\MBR.dat"
00:06:09.301 The log file has been saved successfully to "C:\Users\Chris\Desktop\aswMBR.txt"

00:07:21.0399 3900 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
00:07:23.0401 3900 ============================================================
00:07:23.0401 3900 Current date / time: 2012/08/25 00:07:23.0401
00:07:23.0401 3900 SystemInfo:
00:07:23.0401 3900
00:07:23.0401 3900 OS Version: 6.0.6002 ServicePack: 2.0
00:07:23.0401 3900 Product type: Workstation
00:07:23.0401 3900 ComputerName: DELL-530
00:07:23.0401 3900 UserName: Chris
00:07:23.0401 3900 Windows directory: C:\Windows
00:07:23.0401 3900 System windows directory: C:\Windows
00:07:23.0401 3900 Processor architecture: Intel x86
00:07:23.0401 3900 Number of processors: 2
00:07:23.0401 3900 Page size: 0x1000
00:07:23.0401 3900 Boot type: Normal boot
00:07:23.0401 3900 ============================================================
00:07:26.0282 3900 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:07:26.0295 3900 ============================================================
00:07:26.0295 3900 \Device\Harddisk0\DR0:
00:07:26.0316 3900 MBR partitions:
00:07:26.0316 3900 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x240A5800
00:07:26.0316 3900 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x240A6000, BlocksNum 0x1388000
00:07:26.0316 3900 ============================================================
00:07:26.0458 3900 C: <-> \Device\Harddisk0\DR0\Partition1
00:07:26.0597 3900 D: <-> \Device\Harddisk0\DR0\Partition2
00:07:26.0597 3900 ============================================================
00:07:26.0597 3900 Initialize success
00:07:26.0597 3900 ============================================================
00:07:29.0329 1936 ============================================================
00:07:29.0330 1936 Scan started
00:07:29.0330 1936 Mode: Manual;
00:07:29.0330 1936 ============================================================
00:07:33.0480 1936 ================ Scan system memory ========================
00:07:33.0480 1936 System memory - ok
00:07:33.0480 1936 ================ Scan services =============================
00:07:33.0653 1936 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
00:07:33.0666 1936 !SASCORE - ok
00:07:33.0968 1936 0184651330180573mcinstcleanup - ok
00:07:34.0362 1936 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
00:07:34.0385 1936 ACPI - ok
00:07:34.0733 1936 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
00:07:34.0764 1936 AdobeARMservice - ok
00:07:34.0842 1936 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
00:07:34.0909 1936 adp94xx - ok
00:07:35.0012 1936 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
00:07:35.0077 1936 adpahci - ok
00:07:35.0098 1936 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
00:07:35.0103 1936 adpu160m - ok
00:07:35.0200 1936 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
00:07:35.0302 1936 adpu320 - ok
00:07:35.0362 1936 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:07:35.0364 1936 AeLookupSvc - ok
00:07:35.0450 1936 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
00:07:35.0476 1936 AFD - ok
00:07:35.0566 1936 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:07:35.0583 1936 agp440 - ok
00:07:35.0654 1936 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
00:07:35.0668 1936 aic78xx - ok
00:07:35.0705 1936 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
00:07:35.0722 1936 ALG - ok
00:07:35.0762 1936 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
00:07:35.0765 1936 aliide - ok
00:07:35.0802 1936 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
00:07:35.0805 1936 amdagp - ok
00:07:35.0893 1936 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
00:07:35.0919 1936 amdide - ok
00:07:36.0008 1936 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
00:07:36.0035 1936 AmdK7 - ok
00:07:36.0078 1936 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:07:36.0091 1936 AmdK8 - ok
00:07:36.0130 1936 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
00:07:36.0131 1936 Appinfo - ok
00:07:36.0440 1936 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:07:36.0443 1936 Apple Mobile Device - ok
00:07:36.0551 1936 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
00:07:36.0564 1936 arc - ok
00:07:36.0660 1936 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
00:07:36.0692 1936 arcsas - ok
00:07:36.0761 1936 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
00:07:36.0769 1936 aswFsBlk - ok
00:07:36.0863 1936 [ 09678587C5C70F91720631EF048B4744 ] aswFW C:\Windows\system32\drivers\aswFW.sys
00:07:36.0913 1936 aswFW - ok
00:07:36.0987 1936 [ 31E0D16EB06D09A248AFF20C76F9091B ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
00:07:36.0996 1936 aswKbd - ok
00:07:37.0091 1936 [ F76E51561562AC4105DBBE53FC99BC10 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
00:07:37.0113 1936 aswMonFlt - ok
00:07:37.0157 1936 [ 7B948E3657BEA62E437BC46CA6EF6012 ] aswNdis C:\Windows\system32\DRIVERS\aswNdis.sys
00:07:37.0173 1936 aswNdis - ok
00:07:37.0266 1936 [ C6E5E1E0FB3827B2359F4D394ECAA070 ] aswNdis2 C:\Windows\system32\drivers\aswNdis2.sys
00:07:37.0300 1936 aswNdis2 - ok
00:07:37.0364 1936 [ B7D5E4486BA658ED08624D8084ABB830 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
00:07:37.0376 1936 AswRdr - ok
00:07:37.0434 1936 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
00:07:37.0512 1936 aswSnx - ok
00:07:37.0624 1936 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\Windows\system32\drivers\aswSP.sys
00:07:37.0632 1936 aswSP - ok
00:07:37.0697 1936 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
00:07:37.0720 1936 aswTdi - ok
00:07:37.0752 1936 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:07:37.0753 1936 AsyncMac - ok
00:07:37.0781 1936 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
00:07:37.0781 1936 atapi - ok
00:07:37.0852 1936 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:07:37.0872 1936 AudioEndpointBuilder - ok
00:07:37.0894 1936 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
00:07:37.0897 1936 Audiosrv - ok
00:07:38.0128 1936 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:07:38.0140 1936 avast! Antivirus - ok
00:07:38.0214 1936 [ DD4C61CB3CDBC8B0A7D2107C6944DC71 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
00:07:38.0242 1936 avast! Firewall - ok
00:07:38.0323 1936 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
00:07:38.0329 1936 Beep - ok
00:07:38.0446 1936 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
00:07:38.0449 1936 BFE - ok
00:07:38.0520 1936 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
00:07:38.0649 1936 BITS - ok
00:07:38.0665 1936 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
00:07:38.0667 1936 blbdrive - ok
00:07:38.0735 1936 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:07:38.0749 1936 bowser - ok
00:07:38.0776 1936 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
00:07:38.0808 1936 BrFiltLo - ok
00:07:38.0834 1936 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
00:07:38.0836 1936 BrFiltUp - ok
00:07:38.0864 1936 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
00:07:38.0867 1936 Browser - ok
00:07:38.0909 1936 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
00:07:38.0939 1936 Brserid - ok
00:07:38.0964 1936 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
00:07:38.0966 1936 BrSerWdm - ok
00:07:38.0986 1936 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
00:07:39.0000 1936 BrUsbMdm - ok
00:07:39.0046 1936 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
00:07:39.0048 1936 BrUsbSer - ok
00:07:39.0087 1936 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
00:07:39.0089 1936 BTHMODEM - ok
00:07:39.0140 1936 catchme - ok
00:07:39.0194 1936 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:07:39.0197 1936 cdfs - ok
00:07:39.0236 1936 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:07:39.0242 1936 cdrom - ok
00:07:39.0337 1936 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
00:07:39.0338 1936 CertPropSvc - ok
00:07:39.0358 1936 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
00:07:39.0361 1936 circlass - ok
00:07:39.0428 1936 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
00:07:39.0434 1936 CLFS - ok
00:07:39.0545 1936 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:07:39.0566 1936 clr_optimization_v2.0.50727_32 - ok
00:07:39.0690 1936 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:07:39.0710 1936 clr_optimization_v4.0.30319_32 - ok
00:07:39.0754 1936 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:07:39.0766 1936 cmdide - ok
00:07:39.0793 1936 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
00:07:39.0796 1936 Compbatt - ok
00:07:39.0802 1936 COMSysApp - ok
00:07:39.0836 1936 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
00:07:39.0838 1936 crcdisk - ok
00:07:39.0864 1936 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
00:07:39.0871 1936 Crusoe - ok
00:07:40.0047 1936 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:07:40.0050 1936 CryptSvc - ok
00:07:40.0144 1936 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:07:40.0174 1936 DcomLaunch - ok
00:07:40.0211 1936 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:07:40.0230 1936 DfsC - ok
00:07:40.0670 1936 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
00:07:40.0877 1936 DFSR - ok
00:07:40.0975 1936 [ F9F31A9F2A8C0DD0CEB6E380BF0985D4 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
00:07:40.0986 1936 dg_ssudbus - ok
00:07:41.0051 1936 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
00:07:41.0085 1936 Dhcp - ok
00:07:41.0170 1936 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
00:07:41.0186 1936 disk - ok
00:07:41.0261 1936 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:07:41.0312 1936 Dnscache - ok
00:07:41.0405 1936 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
00:07:41.0461 1936 dot3svc - ok
00:07:41.0486 1936 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
00:07:41.0506 1936 DPS - ok
00:07:41.0551 1936 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:07:41.0560 1936 drmkaud - ok
00:07:41.0644 1936 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:07:41.0783 1936 DXGKrnl - ok
00:07:41.0845 1936 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
00:07:41.0876 1936 e1express - ok
00:07:41.0930 1936 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
00:07:41.0956 1936 E1G60 - ok
00:07:41.0979 1936 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
00:07:41.0992 1936 EapHost - ok
00:07:42.0049 1936 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
00:07:42.0069 1936 Ecache - ok
00:07:42.0126 1936 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:07:42.0143 1936 ehRecvr - ok
00:07:42.0148 1936 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
00:07:42.0152 1936 ehSched - ok
00:07:42.0188 1936 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
00:07:42.0190 1936 ehstart - ok
00:07:42.0226 1936 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
00:07:42.0290 1936 elxstor - ok
00:07:42.0366 1936 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
00:07:42.0458 1936 EMDMgmt - ok
00:07:42.0510 1936 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:07:42.0512 1936 ErrDev - ok
00:07:42.0571 1936 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
00:07:42.0585 1936 EventSystem - ok
00:07:42.0624 1936 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
00:07:42.0643 1936 exfat - ok
00:07:42.0688 1936 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:07:42.0703 1936 fastfat - ok
00:07:42.0750 1936 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:07:42.0760 1936 fdc - ok
00:07:42.0779 1936 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
00:07:42.0792 1936 fdPHost - ok
00:07:42.0833 1936 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
00:07:42.0845 1936 FDResPub - ok
00:07:42.0893 1936 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:07:42.0895 1936 FileInfo - ok
00:07:42.0935 1936 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:07:42.0938 1936 Filetrace - ok
00:07:42.0953 1936 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:07:42.0955 1936 flpydisk - ok
00:07:42.0985 1936 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:07:43.0000 1936 FltMgr - ok
00:07:43.0156 1936 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
00:07:43.0382 1936 FontCache - ok
00:07:43.0483 1936 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:07:43.0521 1936 FontCache3.0.0.0 - ok
00:07:43.0544 1936 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:07:43.0553 1936 Fs_Rec - ok
00:07:43.0580 1936 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
00:07:43.0595 1936 gagp30kx - ok
00:07:43.0685 1936 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
00:07:43.0755 1936 gpsvc - ok
00:07:43.0780 1936 [ 696099DEE7610B726F61E26E4EC92AAF ] gttap1 C:\Windows\system32\DRIVERS\gttap1.sys
00:07:43.0793 1936 gttap1 - ok
00:07:43.0902 1936 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:07:43.0943 1936 HdAudAddService - ok
00:07:44.0032 1936 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
00:07:44.0241 1936 HDAudBus - ok
00:07:44.0285 1936 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
00:07:44.0302 1936 HidBth - ok
00:07:44.0361 1936 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
00:07:44.0395 1936 HidIr - ok
00:07:44.0436 1936 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
00:07:44.0460 1936 hidserv - ok
00:07:44.0526 1936 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:07:44.0536 1936 HidUsb - ok
00:07:44.0615 1936 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:07:44.0625 1936 hkmsvc - ok
00:07:44.0655 1936 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
00:07:44.0677 1936 HpCISSs - ok
00:07:44.0739 1936 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:07:44.0826 1936 HTTP - ok
00:07:44.0876 1936 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
00:07:44.0912 1936 i2omp - ok
00:07:44.0986 1936 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
00:07:45.0018 1936 i8042prt - ok
00:07:45.0082 1936 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
00:07:45.0108 1936 iaStorV - ok
00:07:45.0353 1936 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:07:45.0609 1936 idsvc - ok
00:07:45.0887 1936 [ 63C56DAC467EF814B60FF2AA2286C917 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
00:07:45.0972 1936 igfx - ok
00:07:46.0026 1936 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
00:07:46.0085 1936 iirsp - ok
00:07:46.0214 1936 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
00:07:46.0219 1936 IKEEXT - ok
00:07:46.0252 1936 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
00:07:46.0258 1936 intelide - ok
00:07:46.0322 1936 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:07:46.0325 1936 intelppm - ok
00:07:46.0361 1936 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:07:46.0368 1936 IPBusEnum - ok
00:07:46.0385 1936 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:07:46.0386 1936 IpFilterDriver - ok
00:07:46.0409 1936 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:07:46.0417 1936 iphlpsvc - ok
00:07:46.0422 1936 IpInIp - ok
00:07:46.0450 1936 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
00:07:46.0453 1936 IPMIDRV - ok
00:07:46.0469 1936 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
00:07:46.0473 1936 IPNAT - ok
00:07:46.0486 1936 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:07:46.0498 1936 IRENUM - ok
00:07:46.0530 1936 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:07:46.0533 1936 isapnp - ok
00:07:46.0568 1936 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
00:07:46.0573 1936 iScsiPrt - ok
00:07:46.0586 1936 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
00:07:46.0589 1936 iteatapi - ok
00:07:46.0631 1936 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
00:07:46.0633 1936 iteraid - ok
00:07:46.0648 1936 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:07:46.0651 1936 kbdclass - ok
00:07:46.0658 1936 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:07:46.0659 1936 kbdhid - ok
00:07:46.0699 1936 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
00:07:46.0704 1936 KeyIso - ok
00:07:46.0762 1936 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:07:46.0793 1936 KSecDD - ok
00:07:46.0825 1936 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
00:07:46.0834 1936 KtmRm - ok
00:07:46.0890 1936 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
00:07:46.0895 1936 LanmanServer - ok
00:07:46.0927 1936 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:07:46.0942 1936 LanmanWorkstation - ok
00:07:46.0971 1936 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:07:46.0972 1936 lltdio - ok
00:07:47.0006 1936 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:07:47.0009 1936 lltdsvc - ok
00:07:47.0031 1936 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:07:47.0043 1936 lmhosts - ok
00:07:47.0070 1936 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
00:07:47.0075 1936 LSI_FC - ok
00:07:47.0090 1936 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
00:07:47.0102 1936 LSI_SAS - ok
00:07:47.0122 1936 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
00:07:47.0127 1936 LSI_SCSI - ok
00:07:47.0142 1936 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
00:07:47.0158 1936 luafv - ok
00:07:47.0234 1936 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
00:07:47.0292 1936 MBAMProtector - ok
00:07:47.0419 1936 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
00:07:47.0434 1936 MBAMService - ok
00:07:47.0514 1936 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
00:07:47.0516 1936 MBAMSwissArmy - ok
00:07:47.0535 1936 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:07:47.0544 1936 Mcx2Svc - ok
00:07:47.0576 1936 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
00:07:47.0578 1936 megasas - ok
00:07:47.0638 1936 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
00:07:47.0659 1936 MegaSR - ok
00:07:47.0679 1936 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
00:07:47.0684 1936 MMCSS - ok
00:07:47.0724 1936 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
00:07:47.0735 1936 Modem - ok
00:07:47.0760 1936 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:07:47.0762 1936 monitor - ok
00:07:47.0788 1936 [ E07AFAF733D3004F5DC64AA3A47700B1 ] MOSUMAC C:\Windows\system32\DRIVERS\MOSUMAC.SYS
00:07:47.0791 1936 MOSUMAC - ok
00:07:47.0814 1936 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:07:47.0817 1936 mouclass - ok
00:07:47.0826 1936 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:07:47.0828 1936 mouhid - ok
00:07:47.0876 1936 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
00:07:47.0881 1936 MountMgr - ok
00:07:47.0935 1936 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:07:47.0949 1936 MozillaMaintenance - ok
00:07:47.0990 1936 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
00:07:48.0018 1936 mpio - ok
00:07:48.0037 1936 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:07:48.0039 1936 mpsdrv - ok
00:07:48.0076 1936 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
00:07:48.0106 1936 MpsSvc - ok
00:07:48.0120 1936 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
00:07:48.0122 1936 Mraid35x - ok
00:07:48.0135 1936 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:07:48.0138 1936 MRxDAV - ok
00:07:48.0152 1936 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:07:48.0153 1936 mrxsmb - ok
00:07:48.0184 1936 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:07:48.0186 1936 mrxsmb10 - ok
00:07:48.0193 1936 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:07:48.0194 1936 mrxsmb20 - ok
00:07:48.0217 1936 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
00:07:48.0220 1936 msahci - ok
00:07:48.0235 1936 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:07:48.0241 1936 msdsm - ok
00:07:48.0276 1936 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
00:07:48.0311 1936 MSDTC - ok
00:07:48.0350 1936 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:07:48.0352 1936 Msfs - ok
00:07:48.0388 1936 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:07:48.0408 1936 msisadrv - ok
00:07:48.0431 1936 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:07:48.0436 1936 MSiSCSI - ok
00:07:48.0481 1936 msiserver - ok
00:07:48.0510 1936 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:07:48.0522 1936 MSKSSRV - ok
00:07:48.0552 1936 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:07:48.0556 1936 MSPCLOCK - ok
00:07:48.0563 1936 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:07:48.0564 1936 MSPQM - ok
00:07:48.0597 1936 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:07:48.0598 1936 MsRPC - ok
00:07:48.0615 1936 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
00:07:48.0622 1936 mssmbios - ok
00:07:48.0703 1936 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:07:48.0716 1936 MSTEE - ok
00:07:48.0789 1936 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
00:07:48.0800 1936 Mup - ok
00:07:48.0874 1936 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
00:07:48.0892 1936 napagent - ok
00:07:48.0961 1936 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:07:48.0965 1936 NativeWifiP - ok
00:07:49.0112 1936 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:07:49.0222 1936 NDIS - ok
00:07:49.0258 1936 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:07:49.0259 1936 NdisTapi - ok
00:07:49.0343 1936 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:07:49.0345 1936 Ndisuio - ok
00:07:49.0377 1936 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:07:49.0379 1936 NdisWan - ok
00:07:49.0410 1936 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:07:49.0411 1936 NDProxy - ok
00:07:49.0450 1936 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:07:49.0465 1936 NetBIOS - ok
00:07:49.0531 1936 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
00:07:49.0565 1936 netbt - ok
00:07:49.0648 1936 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
00:07:49.0657 1936 Netlogon - ok
00:07:49.0710 1936 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
00:07:49.0758 1936 Netman - ok
00:07:49.0784 1936 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
00:07:49.0895 1936 netprofm - ok
00:07:50.0024 1936 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:07:50.0154 1936 NetTcpPortSharing - ok
00:07:50.0212 1936 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
00:07:50.0215 1936 nfrd960 - ok
00:07:50.0254 1936 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:07:50.0262 1936 NlaSvc - ok
00:07:50.0300 1936 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:07:50.0318 1936 Npfs - ok
00:07:50.0340 1936 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
00:07:50.0348 1936 nsi - ok
00:07:50.0371 1936 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:07:50.0373 1936 nsiproxy - ok
00:07:50.0422 1936 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:07:50.0431 1936 Ntfs - ok
00:07:50.0446 1936 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
00:07:50.0484 1936 ntrigdigi - ok
00:07:50.0495 1936 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
00:07:50.0496 1936 Null - ok
00:07:50.0519 1936 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:07:50.0530 1936 nvraid - ok
00:07:50.0548 1936 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:07:50.0550 1936 nvstor - ok
00:07:50.0573 1936 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:07:50.0576 1936 nv_agp - ok
00:07:50.0581 1936 NwlnkFlt - ok
00:07:50.0589 1936 NwlnkFwd - ok
00:07:50.0620 1936 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:07:50.0628 1936 ohci1394 - ok
00:07:50.0707 1936 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:07:50.0710 1936 ose - ok
00:07:50.0789 1936 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
00:07:50.0797 1936 p2pimsvc - ok
00:07:50.0814 1936 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
00:07:50.0824 1936 p2psvc - ok
00:07:50.0839 1936 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:07:50.0869 1936 Parport - ok
00:07:50.0925 1936 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:07:50.0926 1936 partmgr - ok
00:07:50.0962 1936 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
00:07:50.0964 1936 Parvdm - ok
00:07:51.0006 1936 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
00:07:51.0013 1936 PcaSvc - ok
00:07:51.0045 1936 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
00:07:51.0049 1936 pci - ok
00:07:51.0089 1936 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
00:07:51.0092 1936 pciide - ok
00:07:51.0217 1936 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
00:07:51.0338 1936 pcmcia - ok
00:07:51.0422 1936 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
00:07:51.0475 1936 pcouffin - ok
00:07:51.0537 1936 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:07:51.0544 1936 PEAUTH - ok
00:07:51.0632 1936 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
00:07:51.0647 1936 pla - ok
00:07:51.0678 1936 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:07:51.0721 1936 PlugPlay - ok
00:07:51.0748 1936 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
00:07:51.0756 1936 PNRPAutoReg - ok
00:07:51.0798 1936 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
00:07:51.0805 1936 PNRPsvc - ok
00:07:51.0846 1936 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:07:51.0854 1936 PolicyAgent - ok
00:07:51.0893 1936 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:07:51.0894 1936 PptpMiniport - ok
00:07:51.0921 1936 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
00:07:51.0923 1936 Processor - ok
00:07:51.0981 1936 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
00:07:51.0986 1936 ProfSvc - ok
00:07:52.0013 1936 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
00:07:52.0022 1936 ProtectedStorage - ok
00:07:52.0038 1936 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
00:07:52.0039 1936 PSched - ok
00:07:52.0108 1936 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
00:07:52.0110 1936 PSI - ok
00:07:52.0158 1936 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
00:07:52.0203 1936 ql2300 - ok
00:07:52.0219 1936 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
00:07:52.0225 1936 ql40xx - ok
00:07:52.0301 1936 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
00:07:52.0306 1936 QWAVE - ok
00:07:52.0370 1936 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:07:52.0372 1936 QWAVEdrv - ok
00:07:52.0382 1936 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:07:52.0383 1936 RasAcd - ok
00:07:52.0399 1936 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
00:07:52.0403 1936 RasAuto - ok
00:07:52.0449 1936 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:07:52.0450 1936 Rasl2tp - ok
00:07:52.0470 1936 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
00:07:52.0476 1936 RasMan - ok
00:07:52.0481 1936 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:07:52.0482 1936 RasPppoe - ok
00:07:52.0491 1936 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:07:52.0493 1936 RasSstp - ok
00:07:52.0515 1936 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:07:52.0518 1936 rdbss - ok
00:07:52.0531 1936 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:07:52.0541 1936 RDPCDD - ok
00:07:52.0599 1936 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
00:07:52.0608 1936 rdpdr - ok
00:07:52.0615 1936 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:07:52.0616 1936 RDPENCDD - ok
00:07:52.0700 1936 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:07:52.0715 1936 RDPWD - ok
00:07:52.0734 1936 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:07:52.0738 1936 RemoteAccess - ok
00:07:52.0745 1936 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:07:52.0750 1936 RemoteRegistry - ok
00:07:52.0785 1936 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
00:07:52.0787 1936 RpcLocator - ok
00:07:52.0808 1936 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\System32\rpcss.dll
00:07:52.0815 1936 RpcSs - ok
00:07:52.0837 1936 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:07:52.0840 1936 rspndr - ok
00:07:52.0869 1936 [ 283392AF1860ECDB5E0F8EBD7F3D72DF ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
00:07:52.0871 1936 RTL8169 - ok
00:07:52.0904 1936 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
00:07:52.0907 1936 SamSs - ok
00:07:52.0930 1936 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
00:07:52.0932 1936 SASDIFSV - ok
00:07:52.0958 1936 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
00:07:52.0962 1936 SASKUTIL - ok
00:07:52.0985 1936 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:07:52.0988 1936 sbp2port - ok
00:07:53.0019 1936 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:07:53.0025 1936 SCardSvr - ok
00:07:53.0057 1936 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
00:07:53.0107 1936 Schedule - ok
00:07:53.0118 1936 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
00:07:53.0119 1936 SCPolicySvc - ok
00:07:53.0128 1936 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:07:53.0133 1936 SDRSVC - ok
00:07:53.0153 1936 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:07:53.0156 1936 secdrv - ok
00:07:53.0189 1936 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
00:07:53.0193 1936 seclogon - ok
00:07:53.0429 1936 [ 9044795E9D1A912D5F1B8DF6211850FD ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
00:07:53.0461 1936 Secunia PSI Agent - ok
00:07:53.0605 1936 [ 8B1A72E4FB63A9C068B08E1F9B70482A ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
00:07:53.0615 1936 Secunia Update Agent - ok
00:07:53.0656 1936 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
00:07:53.0661 1936 SENS - ok
00:07:53.0682 1936 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:07:53.0685 1936 Serenum - ok
00:07:53.0713 1936 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:07:53.0725 1936 Serial - ok
00:07:53.0741 1936 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
00:07:53.0744 1936 sermouse - ok
00:07:53.0758 1936 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
00:07:53.0764 1936 SessionEnv - ok
00:07:53.0783 1936 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:07:53.0785 1936 sffdisk - ok
00:07:53.0797 1936 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:07:53.0800 1936 sffp_mmc - ok
00:07:53.0817 1936 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:07:53.0825 1936 sffp_sd - ok
00:07:53.0842 1936 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
00:07:53.0845 1936 sfloppy - ok
00:07:53.0860 1936 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:07:53.0863 1936 SharedAccess - ok
00:07:53.0886 1936 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:07:53.0893 1936 ShellHWDetection - ok
00:07:53.0904 1936 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
00:07:53.0912 1936 sisagp - ok
00:07:53.0932 1936 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
00:07:53.0935 1936 SiSRaid2 - ok
00:07:53.0951 1936 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
00:07:53.0955 1936 SiSRaid4 - ok
00:07:54.0035 1936 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
00:07:54.0062 1936 slsvc - ok
00:07:54.0084 1936 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
00:07:54.0089 1936 SLUINotify - ok
00:07:54.0114 1936 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:07:54.0117 1936 Smb - ok
00:07:54.0170 1936 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:07:54.0174 1936 SNMPTRAP - ok
00:07:54.0188 1936 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
00:07:54.0189 1936 spldr - ok
00:07:54.0208 1936 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
00:07:54.0213 1936 Spooler - ok
00:07:54.0257 1936 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:07:54.0260 1936 srv - ok
00:07:54.0314 1936 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:07:54.0315 1936 srv2 - ok
00:07:54.0323 1936 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:07:54.0325 1936 srvnet - ok
00:07:54.0343 1936 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:07:54.0353 1936 SSDPSRV - ok
00:07:54.0419 1936 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:07:54.0423 1936 SstpSvc - ok
00:07:54.0473 1936 [ 07318149E102FD9197AB444C27774372 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
00:07:54.0476 1936 ssudmdm - ok
00:07:54.0552 1936 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
00:07:54.0569 1936 stisvc - ok
00:07:54.0588 1936 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
00:07:54.0601 1936 swenum - ok
00:07:54.0621 1936 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
00:07:54.0641 1936 swprv - ok
00:07:54.0659 1936 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
00:07:54.0662 1936 Symc8xx - ok
00:07:54.0680 1936 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
00:07:54.0692 1936 Sym_hi - ok
00:07:54.0702 1936 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
00:07:54.0705 1936 Sym_u3 - ok
00:07:54.0768 1936 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
00:07:54.0777 1936 SysMain - ok
00:07:54.0783 1936 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:07:54.0790 1936 TabletInputService - ok
00:07:54.0799 1936 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:07:54.0809 1936 TapiSrv - ok
00:07:54.0822 1936 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
00:07:54.0836 1936 TBS - ok
00:07:54.0924 1936 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:07:54.0991 1936 Tcpip - ok
00:07:55.0041 1936 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
00:07:55.0047 1936 Tcpip6 - ok
00:07:55.0069 1936 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:07:55.0084 1936 tcpipreg - ok
00:07:55.0101 1936 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:07:55.0104 1936 TDPIPE - ok
00:07:55.0159 1936 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:07:55.0162 1936 TDTCP - ok
00:07:55.0211 1936 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:07:55.0214 1936 tdx - ok
00:07:55.0317 1936 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
00:07:55.0334 1936 TermDD - ok
00:07:55.0411 1936 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
00:07:55.0450 1936 TermService - ok
00:07:55.0496 1936 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
00:07:55.0501 1936 Themes - ok
00:07:55.0549 1936 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
00:07:55.0553 1936 THREADORDER - ok
00:07:55.0609 1936 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
00:07:55.0632 1936 TrkWks - ok
00:07:55.0740 1936 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:07:55.0752 1936 TrustedInstaller - ok
00:07:55.0781 1936 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:07:55.0803 1936 tssecsrv - ok
00:07:55.0871 1936 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
00:07:55.0875 1936 tunmp - ok
00:07:55.0935 1936 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:07:55.0948 1936 tunnel - ok
00:07:56.0006 1936 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
00:07:56.0051 1936 uagp35 - ok
00:07:56.0121 1936 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:07:56.0183 1936 udfs - ok
00:07:56.0212 1936 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:07:56.0217 1936 UI0Detect - ok
00:07:56.0233 1936 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:07:56.0267 1936 uliagpkx - ok
00:07:56.0285 1936 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
00:07:56.0293 1936 uliahci - ok
00:07:56.0329 1936 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
00:07:56.0331 1936 UlSata - ok
00:07:56.0361 1936 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
00:07:56.0367 1936 ulsata2 - ok
00:07:56.0402 1936 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:07:56.0405 1936 umbus - ok
00:07:56.0413 1936 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
00:07:56.0420 1936 upnphost - ok
00:07:56.0472 1936 [ 8BD3AE150D97BA4E633C6C5C51B41AE1 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
00:07:56.0478 1936 usbccgp - ok
00:07:56.0512 1936 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:07:56.0526 1936 usbcir - ok
00:07:56.0554 1936 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
00:07:56.0556 1936 usbehci - ok
00:07:56.0613 1936 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:07:56.0633 1936 usbhub - ok
00:07:56.0676 1936 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
00:07:56.0678 1936 usbohci - ok
00:07:56.0729 1936 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
00:07:56.0738 1936 usbprint - ok
00:07:56.0833 1936 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:07:56.0872 1936 USBSTOR - ok
00:07:56.0923 1936 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
00:07:56.0937 1936 usbuhci - ok
00:07:56.0955 1936 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
00:07:56.0970 1936 UxSms - ok
00:07:56.0997 1936 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
00:07:57.0015 1936 vds - ok
00:07:57.0032 1936 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:07:57.0034 1936 vga - ok
00:07:57.0074 1936 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
00:07:57.0075 1936 VgaSave - ok
00:07:57.0094 1936 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
00:07:57.0097 1936 viaagp - ok
00:07:57.0111 1936 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
00:07:57.0114 1936 ViaC7 - ok
00:07:57.0170 1936 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
00:07:57.0212 1936 viaide - ok
00:07:57.0240 1936 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:07:57.0247 1936 volmgr - ok
00:07:57.0304 1936 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:07:57.0368 1936 volmgrx - ok
00:07:57.0383 1936 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:07:57.0388 1936 volsnap - ok
00:07:57.0429 1936 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
00:07:57.0442 1936 vsmraid - ok
00:07:57.0551 1936 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
00:07:57.0603 1936 VSS - ok
00:07:57.0634 1936 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
00:07:57.0653 1936 W32Time - ok
00:07:57.0674 1936 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
00:07:57.0683 1936 WacomPen - ok
00:07:57.0701 1936 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
00:07:57.0702 1936 Wanarp - ok
00:07:57.0711 1936 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:07:57.0713 1936 Wanarpv6 - ok
00:07:57.0732 1936 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:07:57.0743 1936 wcncsvc - ok
00:07:57.0761 1936 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:07:57.0768 1936 WcsPlugInService - ok
00:07:57.0817 1936 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
00:07:57.0820 1936 Wd - ok
00:07:57.0880 1936 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:07:57.0889 1936 Wdf01000 - ok
00:07:57.0905 1936 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:07:57.0913 1936 WdiServiceHost - ok
00:07:57.0947 1936 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:07:57.0952 1936 WdiSystemHost - ok
00:07:57.0963 1936 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
00:07:57.0971 1936 WebClient - ok
00:07:57.0991 1936 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:07:58.0000 1936 Wecsvc - ok
00:07:58.0032 1936 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:07:58.0038 1936 wercplsupport - ok
00:07:58.0050 1936 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
00:07:58.0069 1936 WerSvc - ok
00:07:58.0143 1936 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
00:07:58.0155 1936 WinDefend - ok
00:07:58.0162 1936 WinHttpAutoProxySvc - ok
00:07:58.0226 1936 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:07:58.0232 1936 Winmgmt - ok
00:07:58.0352 1936 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
00:07:58.0433 1936 WinRM - ok
00:07:58.0462 1936 [ 676F4B665BDD8053EAA53AC1695B8074 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
00:07:58.0465 1936 WinUSB - ok
00:07:58.0516 1936 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:07:58.0568 1936 Wlansvc - ok
00:07:58.0692 1936 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:07:58.0731 1936 wlidsvc - ok
00:07:58.0780 1936 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:07:58.0782 1936 WmiAcpi - ok
00:07:58.0825 1936 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:07:58.0829 1936 wmiApSrv - ok
00:07:58.0959 1936 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
00:07:58.0998 1936 WMPNetworkSvc - ok
00:07:59.0027 1936 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:07:59.0033 1936 WPCSvc - ok
00:07:59.0041 1936 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:07:59.0083 1936 WPDBusEnum - ok
00:07:59.0123 1936 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
00:07:59.0126 1936 WpdUsb - ok
00:07:59.0238 1936 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:07:59.0331 1936 WPFFontCache_v0400 - ok
00:07:59.0368 1936 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:07:59.0370 1936 ws2ifsl - ok
00:07:59.0416 1936 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
00:07:59.0422 1936 wscsvc - ok
00:07:59.0428 1936 WSearch - ok
00:07:59.0616 1936 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
00:07:59.0850 1936 wuauserv - ok
00:07:59.0906 1936 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:07:59.0909 1936 WUDFRd - ok
00:07:59.0951 1936 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:07:59.0958 1936 wudfsvc - ok
00:07:59.0971 1936 ================ Scan global ===============================
00:07:59.0999 1936 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
00:08:00.0075 1936 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
00:08:00.0168 1936 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
00:08:00.0211 1936 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
00:08:00.0217 1936 [Global] - ok
00:08:00.0217 1936 ================ Scan MBR ==================================
00:08:00.0244 1936 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
00:08:00.0623 1936 \Device\Harddisk0\DR0 - ok
00:08:00.0623 1936 ================ Scan VBR ==================================
00:08:00.0656 1936 [ 3DFD8F055873D9238E5377622DA9FB66 ] \Device\Harddisk0\DR0\Partition1
00:08:00.0669 1936 \Device\Harddisk0\DR0\Partition1 - ok
00:08:00.0697 1936 [ C16041381DB22404C8FC65DDE425FB44 ] \Device\Harddisk0\DR0\Partition2
00:08:00.0699 1936 \Device\Harddisk0\DR0\Partition2 - ok
00:08:00.0701 1936 ============================================================
00:08:00.0701 1936 Scan finished
00:08:00.0701 1936 ============================================================
00:08:00.0711 6016 Detected object count: 0
00:08:00.0711 6016 Actual detected object count: 0

Attached Files

  • Attached File  MBR.zip   553bytes   0 downloads


#8 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:38 AM

Posted 24 August 2012 - 10:01 PM

You mean someone from Malwarebytes is telling you or the log?

Please read through these instructions to familiarize yourself with what to expect when this tool runs

Refer to the ComboFix User's Guide


Download ComboFix from one of these locations:

Link 1
Link 2



* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs


====================================================


Double click on combofix.exe & follow the prompts.


When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#9 Rtexas22

Rtexas22
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 25 August 2012 - 11:14 AM

Malwarebytes found it and its in quarantine do i delete the trojan dropper? or leave it in there

#10 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:38 AM

Posted 25 August 2012 - 11:15 AM

You can leave it there since it's already quarantined.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#11 Rtexas22

Rtexas22
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 25 August 2012 - 11:37 AM

ComboFix 12-08-25.04 - Chris 25/08/2012 17:19:53.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3060.958 [GMT 1:00]
Running from: c:\users\Chris\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Chris\AppData\Local\temp\d6ebea43-a7f6-428d-ab33-ddb1ea1983ec\CliSecureRT.dll
c:\windows\system32\muzapp.exe
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-07-25 to 2012-08-25 )))))))))))))))))))))))))))))))
.
.
2012-08-16 11:02 . 2012-08-16 11:02 -------- d-----w- c:\program files\Common Files\xing shared
2012-08-16 11:01 . 2012-08-16 11:01 -------- d-----w- c:\users\Chris\AppData\Roaming\vlc
2012-08-16 10:59 . 2012-08-16 10:59 -------- d-----w- c:\program files\Common Files\Java
2012-08-16 10:59 . 2012-08-16 10:58 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-08-15 11:50 . 2012-08-16 10:51 -------- d-----w- c:\users\Chris\AppData\Local\MigWiz
2012-08-15 06:16 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll
2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-24 15:15 . 2012-03-29 23:18 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-24 15:15 . 2011-12-26 22:05 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-21 09:13 . 2012-04-17 11:54 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-04-17 11:53 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-04-17 11:53 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-04-17 11:53 202928 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-08-21 09:13 . 2012-04-17 11:53 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-08-21 09:13 . 2012-04-17 11:53 18544 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-08-21 09:13 . 2012-04-17 11:53 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2012-04-17 11:54 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:13 . 2012-04-17 11:53 113776 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-08-21 09:12 . 2012-04-17 11:53 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2012-04-17 11:53 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-16 11:01 . 2008-10-23 12:05 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-08-16 11:01 . 2008-10-23 12:05 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-08-16 10:58 . 2011-12-26 22:04 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-08-16 10:58 . 2011-12-26 22:00 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-16 14:09 . 2012-07-16 14:09 711240 ----a-w- c:\windows\is-L5DGO.exe
2012-07-03 12:46 . 2011-12-26 22:11 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-25 15:04 . 2012-06-25 15:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-21 19:56 . 2012-06-21 19:49 262008 ----a-w- C:\MGlogs.zip
2012-06-05 16:47 . 2012-07-11 22:50 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 16:47 . 2012-07-11 22:50 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 15:26 . 2012-07-11 22:50 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 22:19 . 2012-06-21 00:06 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 00:06 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 00:05 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 00:05 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-21 00:06 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-21 00:06 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-21 00:05 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 14:19 . 2012-06-21 00:05 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 14:12 . 2012-06-21 00:05 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 00:04 . 2012-07-11 22:50 278528 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 00:03 . 2012-07-11 22:50 204288 ----a-w- c:\windows\system32\ncrypt.dll
2012-05-28 23:38 . 2012-05-28 23:38 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-07-18 20:09 . 2012-07-03 04:03 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-08-07 21432]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-10 2153472]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-07-27 4777856]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"GoTrusted"="c:\program files\GoTrusted.com\GoTrusted Secure Tunnel v2.3.1.5\GoTrusted Secure Tunnel.exe" [2011-08-23 193096]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2012-03-26 306688]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-08-07 960440]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-08-07 3524536]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-04-25 141848]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-04-25 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-04-25 170520]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-08-16 296096]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2012-7-25 572000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 0184651330180573mcinstcleanup;McAfee Application Installer Cleanup (0184651330180573);c:\windows\TEMP\018465~1.EXE [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Supplementary Scan -------
.
uStart Page =
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F}: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\sqjp7xl3.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-25 17:30
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\AVAST Software\Avast\afwServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Secunia\PSI\PSIA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2012-08-25 17:36:24 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-25 16:36
ComboFix2.txt 2012-07-29 19:09
.
Pre-Run: 199,877,779,456 bytes free
Post-Run: 200,129,626,112 bytes free
.
- - End Of File - - F3D003864F1EF1ECDEA802EC476270E4

#12 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:38 AM

Posted 25 August 2012 - 12:21 PM

Download the appropriate Norton Removal Tool to remove the remnants in your computer and run it.

Follow these steps to display hidden files and folders.

  • Open Folder Options by clicking the Start button Posted Image, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
  • Click the View tab.
  • Under Advanced settings, click Show hidden files and folders
  • Click OK. (Remember to Hide files and folders once done)

Please go to one of the below sites to scan the following files:
Virus Total (Recommended)
jotti.org
VirScan


click on Browse, and upload the following file for analysis:
c:\windows\is-L5DGO.exe

Then click Submit. Allow the file to be scanned, and then please copy and paste the results link here for me to see.
If it says already scanned -- click "reanalyze now"
Please post the results in your next reply.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#13 Rtexas22

Rtexas22
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 25 August 2012 - 01:41 PM

SHA256: ea8d2eb9f384834e15e0837a450b23f4a3d16d17e0c2ac64ab0d068074e64277
File name: is-L5DGO.exe
Detection ratio: 0 / 39
Analysis date: 2012-08-25 18:48:04 UTC ( 1 minute ago )
1
0
More details
Antivirus Result Update
AntiVir - 20120825
Antiy-AVL - 20120824
Avast - 20120825
AVG - 20120825
BitDefender - 20120825
ByteHero - 20120814
CAT-QuickHeal - 20120825
ClamAV - 20120825
Commtouch - 20120824
Comodo - 20120825
DrWeb - 20120825
Emsisoft - 20120825
eSafe - 20120823
ESET-NOD32 - 20120825
F-Prot - 20120824
F-Secure - 20120825
Fortinet - 20120825
GData - 20120825
Ikarus - 20120825
Jiangmin - 20120825
K7AntiVirus - 20120825
Kaspersky - 20120825
McAfee - 20120825
McAfee-GW-Edition - 20120825
Microsoft - 20120825
Norman - 20120825
Panda - 20120825
PCTools - 20120825
Rising - 20120824
Sophos - 20120825
SUPERAntiSpyware - 20120825
TheHacker - 20120824
TotalDefense - 20120824
TrendMicro - 20120825
TrendMicro-HouseCall - 20120825
VBA32 - 20120824
VIPRE - 20120825
ViRobot - 20120825
VirusBuster - 20120824

Comments
Votes
Additional information

No comments

Edited by Rtexas22, 25 August 2012 - 01:51 PM.


#14 Rtexas22

Rtexas22
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 25 August 2012 - 01:55 PM

that didnt say yes or no, this one said someone about a PUA win packer vip

[ArcaVir]
2012-08-03 Found nothing
[Frisk F-Prot Antivirus]
2012-08-02 Found nothing
[Avast! antivirus]
2012-08-02 Found nothing
[F-Secure Anti-Virus]
2012-08-02 Found nothing
[Grisoft AVG Anti-Virus]
2012-08-02 Found nothing
[G DATA]
2012-08-03 Found nothing
[Avira AntiVir]
2012-08-03 Found nothing
[Ikarus]
2012-08-03 Found nothing
[Softwin BitDefender]
2012-08-03 Found nothing
[Kaspersky Anti-Virus]
2012-08-03 Found nothing
[ClamAV]
2012-08-03 PUA.Win32.Packer.Vip
[Panda Antivirus]
2012-08-02 Found nothing
[CPsecure]
2012-07-30 Found nothing
[Quick Heal]
2012-08-02 Found nothing
[Dr.Web]
2012-08-03 Found nothing
[Sophos]
2012-08-03 Found nothing
[Emsisoft Anti-Malware]
2012-08-03 Found nothing
[VirusBlokAda VBA32]
2012-08-02 Found nothing
[ESET]
2012-08-02 Found nothing
[VirusBuster]
2012-08-02 Found nothing

#15 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:38 AM

Posted 25 August 2012 - 09:53 PM

Please run another DDS scan for review. Also tell me how is it running at the moment.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users