Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google blank page


  • Please log in to reply
10 replies to this topic

#1 pinkypod

pinkypod

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:24 AM

Posted 25 August 2012 - 02:39 PM

Hi,

A few days ago all browers starting returning a blank page when I do a search on google and the computer starting moving at a snails pace.

I have Norton 360 running which tells me everything is fine and dandy

I have run Malwarebytes which says I have zero problems but I get this pop up constantly:
Successfully blocked access to a potentially malicious website 206.61.121.126 Type: outgoing Port: 598.29 Process svchost.exe

I have tried to download dds and get this error: A device attached to this system is not functioning

I am using Windows Vista Home Premium with SP2 32bit

Thank you for any help that can be offered.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:24 AM

Posted 25 August 2012 - 02:43 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 pinkypod

pinkypod
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:24 AM

Posted 25 August 2012 - 07:22 PM

Thank you for your help. Here are two of the three logs. The aswMBR will not run, I keep getting this msg: a device attached to the system is not funtioning.

12:54:05.0079 6280 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
12:54:06.0489 6280 ============================================================
12:54:06.0490 6280 Current date / time: 2012/08/25 12:54:06.0489
12:54:06.0490 6280 SystemInfo:
12:54:06.0490 6280
12:54:06.0490 6280 OS Version: 6.0.6002 ServicePack: 2.0
12:54:06.0490 6280 Product type: Workstation
12:54:06.0490 6280 ComputerName: APIC
12:54:06.0494 6280 UserName: Matthew
12:54:06.0494 6280 Windows directory: C:\Windows
12:54:06.0494 6280 System windows directory: C:\Windows
12:54:06.0494 6280 Processor architecture: Intel x86
12:54:06.0494 6280 Number of processors: 2
12:54:06.0494 6280 Page size: 0x1000
12:54:06.0494 6280 Boot type: Normal boot
12:54:06.0494 6280 ============================================================
12:54:07.0131 6280 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:54:07.0135 6280 ============================================================
12:54:07.0135 6280 \Device\Harddisk0\DR0:
12:54:07.0136 6280 MBR partitions:
12:54:07.0136 6280 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xDCA5800
12:54:07.0136 6280 ============================================================
12:54:07.0182 6280 C: <-> \Device\Harddisk0\DR0\Partition1
12:54:07.0183 6280 ============================================================
12:54:07.0183 6280 Initialize success
12:54:07.0183 6280 ============================================================
12:54:34.0227 5912 ============================================================
12:54:34.0227 5912 Scan started
12:54:34.0227 5912 Mode: Manual; TDLFS;
12:54:34.0227 5912 ============================================================
12:54:36.0641 5912 ================ Scan system memory ========================
12:54:36.0641 5912 System memory - ok
12:54:36.0642 5912 ================ Scan services =============================
12:54:37.0131 5912 [ 2A8681AEA24003040CA7D677BE9F1702 ] 61654941 C:\Windows\system32\drivers\58741861.sys
12:54:37.0272 5912 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
12:54:37.0277 5912 ACPI - ok
12:54:37.0413 5912 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:54:37.0428 5912 AdobeARMservice - ok
12:54:37.0647 5912 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:54:37.0654 5912 adp94xx - ok
12:54:37.0801 5912 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:54:37.0807 5912 adpahci - ok
12:54:37.0856 5912 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
12:54:37.0858 5912 adpu160m - ok
12:54:37.0930 5912 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:54:37.0934 5912 adpu320 - ok
12:54:38.0042 5912 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:54:38.0043 5912 AeLookupSvc - ok
12:54:38.0167 5912 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
12:54:38.0172 5912 AFD - ok
12:54:38.0320 5912 [ 7D5180A92FB66D7C6E3A99ED4D253208 ] AffinegyService C:\Program Files\TWC\DigiDo\AffinegyService.exe
12:54:38.0331 5912 AffinegyService - ok
12:54:38.0400 5912 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:54:38.0402 5912 agp440 - ok
12:54:38.0429 5912 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:54:38.0431 5912 aic78xx - ok
12:54:38.0480 5912 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
12:54:38.0482 5912 ALG - ok
12:54:38.0514 5912 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
12:54:38.0516 5912 aliide - ok
12:54:38.0550 5912 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:54:38.0552 5912 amdagp - ok
12:54:38.0590 5912 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
12:54:38.0592 5912 amdide - ok
12:54:38.0657 5912 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
12:54:38.0658 5912 AmdK7 - ok
12:54:38.0697 5912 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:54:38.0699 5912 AmdK8 - ok
12:54:38.0772 5912 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
12:54:38.0774 5912 Appinfo - ok
12:54:38.0876 5912 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:54:38.0879 5912 Apple Mobile Device - ok
12:54:38.0925 5912 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
12:54:38.0928 5912 arc - ok
12:54:38.0980 5912 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:54:38.0982 5912 arcsas - ok
12:54:39.0070 5912 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:54:39.0071 5912 AsyncMac - ok
12:54:39.0129 5912 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
12:54:39.0131 5912 atapi - ok
12:54:39.0276 5912 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:54:39.0282 5912 AudioEndpointBuilder - ok
12:54:39.0316 5912 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:54:39.0323 5912 Audiosrv - ok
12:54:39.0389 5912 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
12:54:39.0390 5912 Beep - ok
12:54:39.0531 5912 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
12:54:39.0537 5912 BFE - ok
12:54:40.0094 5912 [ A9E111A358AC5F7EBA7AC61E43FC6725 ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20120803.001\BHDrvx86.sys
12:54:40.0108 5912 BHDrvx86 - ok
12:54:40.0304 5912 BITCOMET_HELPER_SERVICE - ok
12:54:40.0516 5912 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
12:54:40.0533 5912 BITS - ok
12:54:40.0552 5912 blbdrive - ok
12:54:40.0846 5912 [ E55DF0E45B80871199410AAE44233548 ] BoiHwsetup C:\Windows\system32\drivers\BoiHwSetup.sys
12:54:40.0848 5912 BoiHwsetup - ok
12:54:41.0012 5912 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:54:41.0019 5912 Bonjour Service - ok
12:54:41.0098 5912 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:54:41.0100 5912 bowser - ok
12:54:41.0160 5912 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
12:54:41.0164 5912 BrFiltLo - ok
12:54:41.0191 5912 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
12:54:41.0192 5912 BrFiltUp - ok
12:54:41.0249 5912 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
12:54:41.0254 5912 Browser - ok
12:54:41.0291 5912 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
12:54:41.0293 5912 Brserid - ok
12:54:41.0331 5912 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
12:54:41.0333 5912 BrSerWdm - ok
12:54:41.0372 5912 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
12:54:41.0373 5912 BrUsbMdm - ok
12:54:41.0406 5912 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
12:54:41.0408 5912 BrUsbSer - ok
12:54:41.0443 5912 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:54:41.0444 5912 BTHMODEM - ok
12:54:41.0590 5912 [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_N360 C:\Windows\system32\drivers\N360\0603000.00E\ccSetx86.sys
12:54:41.0593 5912 ccSet_N360 - ok
12:54:41.0642 5912 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:54:41.0645 5912 cdfs - ok
12:54:41.0706 5912 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:54:41.0708 5912 cdrom - ok
12:54:41.0781 5912 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
12:54:41.0806 5912 CertPropSvc - ok
12:54:42.0019 5912 [ C82162949BBA6CC5D006C7BD008F3CF1 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
12:54:42.0020 5912 CFSvcs - ok
12:54:42.0128 5912 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
12:54:42.0129 5912 circlass - ok
12:54:42.0213 5912 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
12:54:42.0218 5912 CLFS - ok
12:54:42.0428 5912 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:54:42.0431 5912 clr_optimization_v2.0.50727_32 - ok
12:54:42.0559 5912 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:54:42.0562 5912 clr_optimization_v4.0.30319_32 - ok
12:54:42.0663 5912 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:54:42.0665 5912 CmBatt - ok
12:54:42.0728 5912 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:54:42.0729 5912 cmdide - ok
12:54:42.0795 5912 [ B6E7991E3D6146C04C85CD31AF22A381 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
12:54:42.0799 5912 CnxtHdAudService - ok
12:54:42.0852 5912 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:54:42.0853 5912 Compbatt - ok
12:54:42.0868 5912 COMSysApp - ok
12:54:42.0926 5912 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:54:42.0927 5912 crcdisk - ok
12:54:42.0971 5912 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
12:54:42.0972 5912 Crusoe - ok
12:54:43.0038 5912 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:54:43.0042 5912 CryptSvc - ok
12:54:43.0262 5912 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:54:43.0298 5912 DcomLaunch - ok
12:54:43.0345 5912 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:54:43.0347 5912 DfsC - ok
12:54:43.0562 5912 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
12:54:43.0599 5912 DFSR - ok
12:54:43.0830 5912 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
12:54:43.0835 5912 Dhcp - ok
12:54:43.0917 5912 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
12:54:43.0919 5912 disk - ok
12:54:43.0979 5912 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:54:43.0983 5912 Dnscache - ok
12:54:44.0039 5912 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:54:44.0044 5912 dot3svc - ok
12:54:44.0125 5912 [ 4F59C172C094E1A1D46463A8DC061CBD ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
12:54:44.0131 5912 dot4 - ok
12:54:44.0197 5912 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:54:44.0199 5912 Dot4Print - ok
12:54:44.0247 5912 [ A84D8A9006B1AE515CC7B6B3586C295A ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys
12:54:44.0249 5912 Dot4Scan - ok
12:54:44.0280 5912 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
12:54:44.0282 5912 dot4usb - ok
12:54:44.0351 5912 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
12:54:44.0355 5912 DPS - ok
12:54:44.0433 5912 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:54:44.0434 5912 drmkaud - ok
12:54:44.0536 5912 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:54:44.0548 5912 DXGKrnl - ok
12:54:44.0621 5912 [ D00EEAE1CACD77A1A8396BBC19140BBA ] E100B C:\Windows\system32\DRIVERS\e100b325.sys
12:54:44.0624 5912 E100B - ok
12:54:44.0707 5912 [ 7505290504C8E2D172FA378CC0497BCC ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
12:54:44.0712 5912 e1express - ok
12:54:44.0772 5912 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
12:54:44.0775 5912 E1G60 - ok
12:54:44.0829 5912 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
12:54:44.0832 5912 EapHost - ok
12:54:44.0926 5912 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
12:54:44.0929 5912 Ecache - ok
12:54:45.0041 5912 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:54:45.0048 5912 eeCtrl - ok
12:54:45.0148 5912 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:54:45.0153 5912 ehRecvr - ok
12:54:45.0241 5912 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
12:54:45.0244 5912 ehSched - ok
12:54:45.0280 5912 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
12:54:45.0284 5912 ehstart - ok
12:54:45.0391 5912 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:54:45.0397 5912 elxstor - ok
12:54:45.0493 5912 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
12:54:45.0504 5912 EMDMgmt - ok
12:54:45.0565 5912 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:54:45.0567 5912 EraserUtilRebootDrv - ok
12:54:45.0655 5912 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
12:54:45.0661 5912 EventSystem - ok
12:54:45.0736 5912 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
12:54:45.0739 5912 exfat - ok
12:54:45.0823 5912 [ AF16679BD57EB4EDFEE7BB1055ECF967 ] f5ipfw C:\Windows\system32\drivers\urfltwlh.sys
12:54:45.0824 5912 f5ipfw - ok
12:54:45.0873 5912 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:54:45.0876 5912 fastfat - ok
12:54:45.0913 5912 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:54:45.0914 5912 fdc - ok
12:54:45.0952 5912 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
12:54:45.0954 5912 fdPHost - ok
12:54:46.0013 5912 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
12:54:46.0016 5912 FDResPub - ok
12:54:46.0102 5912 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:54:46.0104 5912 FileInfo - ok
12:54:46.0148 5912 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:54:46.0149 5912 Filetrace - ok
12:54:46.0249 5912 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:54:46.0264 5912 FLEXnet Licensing Service - ok
12:54:46.0286 5912 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:54:46.0288 5912 flpydisk - ok
12:54:46.0343 5912 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:54:46.0347 5912 FltMgr - ok
12:54:46.0455 5912 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
12:54:46.0470 5912 FontCache - ok
12:54:46.0600 5912 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:54:46.0602 5912 FontCache3.0.0.0 - ok
12:54:46.0679 5912 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:54:46.0680 5912 Fs_Rec - ok
12:54:46.0716 5912 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:54:46.0719 5912 gagp30kx - ok
12:54:46.0781 5912 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:54:46.0783 5912 GEARAspiWDM - ok
12:54:46.0867 5912 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
12:54:46.0869 5912 GoogleDesktopManager-051210-111108 - ok
12:54:47.0044 5912 [ 0B53F4306E17025E7685D18C3A77127E ] GoToMyPC C:\Program Files\Citrix\GoToMyPC\g2svc.exe
12:54:47.0058 5912 GoToMyPC - ok
12:54:47.0218 5912 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
12:54:47.0230 5912 gpsvc - ok
12:54:47.0349 5912 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:54:47.0352 5912 gupdate - ok
12:54:47.0424 5912 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:54:47.0427 5912 gupdatem - ok
12:54:47.0690 5912 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:54:47.0694 5912 gusvc - ok
12:54:47.0932 5912 [ DE4020F928A2F8A6327F5687F36D361B ] HdAudAddService C:\Windows\system32\drivers\CHDART.sys
12:54:47.0935 5912 HdAudAddService - ok
12:54:48.0061 5912 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:54:48.0071 5912 HDAudBus - ok
12:54:48.0153 5912 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:54:48.0154 5912 HidBth - ok
12:54:48.0216 5912 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
12:54:48.0218 5912 HidIr - ok
12:54:48.0510 5912 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
12:54:48.0513 5912 hidserv - ok
12:54:48.0741 5912 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:54:48.0743 5912 HidUsb - ok
12:54:48.0884 5912 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:54:48.0889 5912 hkmsvc - ok
12:54:49.0065 5912 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
12:54:49.0065 5912 HpCISSs - ok
12:54:49.0305 5912 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
12:54:49.0315 5912 HSFHWAZL - ok
12:54:49.0465 5912 [ DEFE798AEC5377CA64CCFA6EFA1CCF0E ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
12:54:49.0485 5912 HSF_DPV - ok
12:54:49.0535 5912 [ 885B21B2FC5B5685D44B713D90012B92 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
12:54:49.0545 5912 HSXHWAZL - ok
12:54:49.0615 5912 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:54:49.0615 5912 HTTP - ok
12:54:49.0675 5912 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
12:54:49.0675 5912 i2omp - ok
12:54:49.0745 5912 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:54:49.0745 5912 i8042prt - ok
12:54:50.0005 5912 [ 9378D57E2B96C0A185D844770AD49948 ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
12:54:50.0035 5912 ialm - ok
12:54:50.0115 5912 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
12:54:50.0125 5912 iaStorV - ok
12:54:50.0305 5912 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:54:50.0305 5912 IDriverT - ok
12:54:50.0534 5912 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:54:50.0554 5912 idsvc - ok
12:54:50.0824 5912 [ D0A4C9031B57295D6B1078E3CFA45DB4 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20120824.001\IDSvix86.sys
12:54:50.0834 5912 IDSVix86 - ok
12:54:51.0104 5912 [ 9378D57E2B96C0A185D844770AD49948 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
12:54:51.0134 5912 igfx - ok
12:54:51.0174 5912 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:54:51.0174 5912 iirsp - ok
12:54:51.0344 5912 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
12:54:51.0354 5912 IKEEXT - ok
12:54:51.0414 5912 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
12:54:51.0414 5912 intelide - ok
12:54:51.0464 5912 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:54:51.0464 5912 intelppm - ok
12:54:51.0524 5912 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:54:51.0534 5912 IPBusEnum - ok
12:54:51.0594 5912 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:54:51.0594 5912 IpFilterDriver - ok
12:54:51.0654 5912 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:54:51.0654 5912 iphlpsvc - ok
12:54:51.0674 5912 IpInIp - ok
12:54:51.0724 5912 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
12:54:51.0734 5912 IPMIDRV - ok
12:54:51.0794 5912 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
12:54:51.0794 5912 IPNAT - ok
12:54:51.0904 5912 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:54:51.0934 5912 iPod Service - ok
12:54:51.0984 5912 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:54:51.0994 5912 IRENUM - ok
12:54:52.0014 5912 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:54:52.0024 5912 isapnp - ok
12:54:52.0094 5912 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:54:52.0094 5912 iScsiPrt - ok
12:54:52.0144 5912 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
12:54:52.0144 5912 iteatapi - ok
12:54:52.0164 5912 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
12:54:52.0164 5912 iteraid - ok
12:54:52.0224 5912 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:54:52.0224 5912 kbdclass - ok
12:54:52.0274 5912 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:54:52.0274 5912 kbdhid - ok
12:54:52.0344 5912 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
12:54:52.0364 5912 KeyIso - ok
12:54:52.0424 5912 [ 1E0D65F7FFEB4E99B2EEC1CCB5754CC8 ] KR10I C:\Windows\system32\drivers\kr10i.sys
12:54:52.0424 5912 KR10I - ok
12:54:52.0454 5912 [ A1963360E74931222A67356C8AD48378 ] KR10N C:\Windows\system32\drivers\kr10n.sys
12:54:52.0464 5912 KR10N - ok
12:54:52.0514 5912 [ 485E005CD51FF502FB16483EB4B69C17 ] KR3NPXP C:\Windows\system32\drivers\kr3npxp.sys
12:54:52.0524 5912 KR3NPXP - ok
12:54:52.0604 5912 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:54:52.0614 5912 KSecDD - ok
12:54:52.0684 5912 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
12:54:52.0694 5912 KtmRm - ok
12:54:52.0774 5912 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
12:54:52.0774 5912 LanmanServer - ok
12:54:52.0844 5912 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:54:52.0864 5912 LanmanWorkstation - ok
12:54:52.0914 5912 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:54:52.0914 5912 lltdio - ok
12:54:52.0974 5912 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:54:52.0984 5912 lltdsvc - ok
12:54:53.0034 5912 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:54:53.0044 5912 lmhosts - ok
12:54:53.0094 5912 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:54:53.0094 5912 LSI_FC - ok
12:54:53.0114 5912 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:54:53.0114 5912 LSI_SAS - ok
12:54:53.0154 5912 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:54:53.0154 5912 LSI_SCSI - ok
12:54:53.0195 5912 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
12:54:53.0195 5912 luafv - ok
12:54:53.0239 5912 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:54:53.0246 5912 Mcx2Svc - ok
12:54:53.0270 5912 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
12:54:53.0277 5912 mdmxsdk - ok
12:54:53.0308 5912 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
12:54:53.0312 5912 megasas - ok
12:54:53.0357 5912 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
12:54:53.0361 5912 MMCSS - ok
12:54:53.0441 5912 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
12:54:53.0445 5912 Modem - ok
12:54:53.0537 5912 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:54:53.0539 5912 monitor - ok
12:54:53.0582 5912 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:54:53.0584 5912 mouclass - ok
12:54:53.0617 5912 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:54:53.0621 5912 mouhid - ok
12:54:53.0671 5912 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
12:54:53.0673 5912 MountMgr - ok
12:54:53.0740 5912 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:54:53.0746 5912 MozillaMaintenance - ok
12:54:53.0833 5912 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
12:54:53.0833 5912 mpio - ok
12:54:53.0895 5912 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:54:53.0895 5912 mpsdrv - ok
12:54:54.0036 5912 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
12:54:54.0192 5912 MpsSvc - ok
12:54:54.0239 5912 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
12:54:54.0239 5912 Mraid35x - ok
12:54:54.0301 5912 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:54:54.0301 5912 MRxDAV - ok
12:54:54.0379 5912 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:54:54.0395 5912 mrxsmb - ok
12:54:54.0457 5912 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:54:54.0473 5912 mrxsmb10 - ok
12:54:54.0519 5912 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:54:54.0519 5912 mrxsmb20 - ok
12:54:54.0566 5912 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
12:54:54.0566 5912 msahci - ok
12:54:54.0613 5912 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:54:54.0613 5912 msdsm - ok
12:54:54.0675 5912 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
12:54:54.0691 5912 MSDTC - ok
12:54:54.0800 5912 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:54:54.0800 5912 Msfs - ok
12:54:54.0878 5912 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:54:54.0878 5912 msisadrv - ok
12:54:54.0925 5912 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:54:54.0925 5912 MSiSCSI - ok
12:54:54.0941 5912 msiserver - ok
12:54:54.0987 5912 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:54:54.0987 5912 MSKSSRV - ok
12:54:55.0050 5912 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:54:55.0050 5912 MSPCLOCK - ok
12:54:55.0097 5912 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:54:55.0097 5912 MSPQM - ok
12:54:55.0159 5912 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:54:55.0159 5912 MsRPC - ok
12:54:55.0206 5912 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:54:55.0206 5912 mssmbios - ok
12:54:55.0237 5912 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:54:55.0237 5912 MSTEE - ok
12:54:55.0268 5912 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
12:54:55.0268 5912 Mup - ok
12:54:55.0471 5912 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files\Norton 360\Engine\6.3.0.14\ccSvcHst.exe
12:54:55.0611 5912 N360 - ok
12:54:55.0705 5912 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
12:54:55.0705 5912 napagent - ok
12:54:55.0767 5912 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:54:55.0767 5912 NativeWifiP - ok
12:54:55.0877 5912 [ FA0B7D801E71CE79B915BAE5A90DE224 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120824.034\NAVENG.SYS
12:54:55.0892 5912 NAVENG - ok
12:54:56.0001 5912 [ 80BB71A7D14CF14B54514A201BF5B985 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120824.034\NAVEX15.SYS
12:54:56.0079 5912 NAVEX15 - ok
12:54:56.0189 5912 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:54:56.0189 5912 NDIS - ok
12:54:56.0267 5912 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:54:56.0267 5912 NdisTapi - ok
12:54:56.0313 5912 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:54:56.0313 5912 Ndisuio - ok
12:54:56.0376 5912 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:54:56.0376 5912 NdisWan - ok
12:54:56.0423 5912 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:54:56.0423 5912 NDProxy - ok
12:54:56.0454 5912 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:54:56.0454 5912 NetBIOS - ok
12:54:56.0516 5912 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
12:54:56.0516 5912 netbt - ok
12:54:56.0563 5912 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
12:54:56.0563 5912 Netlogon - ok
12:54:56.0610 5912 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
12:54:56.0625 5912 Netman - ok
12:54:56.0688 5912 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
12:54:56.0703 5912 netprofm - ok
12:54:56.0781 5912 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:54:56.0781 5912 NetTcpPortSharing - ok
12:54:57.0000 5912 [ ACC6170D80C69E50145B370023B64ED3 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
12:54:57.0062 5912 NETw3v32 - ok
12:54:57.0296 5912 [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
12:54:57.0561 5912 NETw5v32 - ok
12:54:57.0608 5912 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:54:57.0608 5912 nfrd960 - ok
12:54:57.0655 5912 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:54:57.0671 5912 NlaSvc - ok
12:54:57.0717 5912 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:54:57.0717 5912 Npfs - ok
12:54:57.0749 5912 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
12:54:57.0749 5912 nsi - ok
12:54:57.0811 5912 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:54:57.0811 5912 nsiproxy - ok
12:54:57.0920 5912 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:54:57.0967 5912 Ntfs - ok
12:54:57.0998 5912 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
12:54:57.0998 5912 ntrigdigi - ok
12:54:58.0092 5912 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
12:54:58.0092 5912 Null - ok
12:54:58.0139 5912 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:54:58.0139 5912 nvraid - ok
12:54:58.0170 5912 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:54:58.0170 5912 nvstor - ok
12:54:58.0201 5912 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:54:58.0217 5912 nv_agp - ok
12:54:58.0279 5912 [ 0973C0C696780161F4526586D5EAC422 ] NWADI C:\Windows\system32\DRIVERS\NWADIenum.sys
12:54:58.0279 5912 NWADI - ok
12:54:58.0295 5912 NwlnkFlt - ok
12:54:58.0326 5912 NwlnkFwd - ok
12:54:58.0373 5912 [ 65B471BB7E57C416A1E685EC07D4ABFA ] NWUSBModem C:\Windows\system32\DRIVERS\nwusbmdm.sys
12:54:58.0388 5912 NWUSBModem - ok
12:54:58.0451 5912 [ 65B471BB7E57C416A1E685EC07D4ABFA ] NWUSBPort C:\Windows\system32\DRIVERS\nwusbser.sys
12:54:58.0451 5912 NWUSBPort - ok
12:54:58.0529 5912 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:54:58.0560 5912 odserv - ok
12:54:58.0638 5912 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
12:54:58.0638 5912 ohci1394 - ok
12:54:58.0685 5912 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:54:58.0700 5912 ose - ok
12:54:59.0106 5912 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:54:59.0870 5912 osppsvc - ok
12:55:00.0042 5912 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
12:55:00.0057 5912 p2pimsvc - ok
12:55:00.0089 5912 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
12:55:00.0104 5912 p2psvc - ok
12:55:00.0151 5912 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
12:55:00.0151 5912 Parport - ok
12:55:00.0245 5912 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:55:00.0260 5912 partmgr - ok
12:55:00.0291 5912 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
12:55:00.0291 5912 Parvdm - ok
12:55:00.0354 5912 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
12:55:00.0354 5912 PcaSvc - ok
12:55:00.0416 5912 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
12:55:00.0432 5912 pci - ok
12:55:00.0447 5912 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
12:55:00.0463 5912 pciide - ok
12:55:00.0510 5912 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:55:00.0510 5912 pcmcia - ok
12:55:00.0635 5912 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:55:00.0650 5912 PEAUTH - ok
12:55:00.0822 5912 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
12:55:00.0869 5912 pla - ok
12:55:00.0915 5912 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:55:00.0931 5912 PlugPlay - ok
12:55:00.0993 5912 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
12:55:01.0009 5912 PNRPAutoReg - ok
12:55:01.0071 5912 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
12:55:01.0087 5912 PNRPsvc - ok
12:55:01.0149 5912 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:55:01.0165 5912 PolicyAgent - ok
12:55:01.0259 5912 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:55:01.0259 5912 PptpMiniport - ok
12:55:01.0321 5912 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
12:55:01.0337 5912 Processor - ok
12:55:01.0368 5912 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
12:55:01.0383 5912 ProfSvc - ok
12:55:01.0415 5912 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:55:01.0430 5912 ProtectedStorage - ok
12:55:01.0493 5912 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
12:55:01.0493 5912 PSched - ok
12:55:01.0602 5912 [ 81088114178112618B1C414A65E50F7C ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
12:55:01.0602 5912 PxHelp20 - ok
12:55:01.0664 5912 [ 63591BF8B30BA8891EE69F53F03495F6 ] qkbfiltr C:\Windows\system32\DRIVERS\qkbfiltr.sys
12:55:01.0664 5912 qkbfiltr - ok
12:55:01.0773 5912 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:55:01.0789 5912 ql2300 - ok
12:55:01.0867 5912 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:55:01.0867 5912 ql40xx - ok
12:55:01.0945 5912 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
12:55:01.0945 5912 QWAVE - ok
12:55:02.0007 5912 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:55:02.0007 5912 QWAVEdrv - ok
12:55:02.0054 5912 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:55:02.0054 5912 RasAcd - ok
12:55:02.0117 5912 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
12:55:02.0132 5912 RasAuto - ok
12:55:02.0195 5912 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:55:02.0195 5912 Rasl2tp - ok
12:55:02.0273 5912 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
12:55:02.0273 5912 RasMan - ok
12:55:02.0351 5912 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:55:02.0351 5912 RasPppoe - ok
12:55:02.0429 5912 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:55:02.0429 5912 RasSstp - ok
12:55:02.0491 5912 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:55:02.0491 5912 rdbss - ok
12:55:02.0538 5912 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:55:02.0538 5912 RDPCDD - ok
12:55:02.0631 5912 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
12:55:02.0631 5912 rdpdr - ok
12:55:02.0694 5912 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:55:02.0694 5912 RDPENCDD - ok
12:55:02.0787 5912 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:55:02.0819 5912 RDPWD - ok
12:55:02.0897 5912 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:55:02.0912 5912 RemoteAccess - ok
12:55:02.0959 5912 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:55:02.0975 5912 RemoteRegistry - ok
12:55:03.0021 5912 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
12:55:03.0021 5912 RpcLocator - ok
12:55:03.0099 5912 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
12:55:03.0115 5912 RpcSs - ok
12:55:03.0193 5912 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:55:03.0193 5912 rspndr - ok
12:55:03.0253 5912 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
12:55:03.0259 5912 SamSs - ok
12:55:03.0369 5912 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:55:03.0371 5912 sbp2port - ok
12:55:03.0491 5912 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:55:03.0503 5912 SCardSvr - ok
12:55:03.0671 5912 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
12:55:03.0722 5912 Schedule - ok
12:55:03.0792 5912 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:55:03.0794 5912 SCPolicySvc - ok
12:55:03.0873 5912 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
12:55:03.0875 5912 sdbus - ok
12:55:03.0936 5912 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:55:03.0962 5912 SDRSVC - ok
12:55:04.0016 5912 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:55:04.0019 5912 secdrv - ok
12:55:04.0061 5912 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
12:55:04.0066 5912 seclogon - ok
12:55:04.0113 5912 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
12:55:04.0119 5912 SENS - ok
12:55:04.0144 5912 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:55:04.0145 5912 Serenum - ok
12:55:04.0176 5912 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
12:55:04.0179 5912 Serial - ok
12:55:04.0232 5912 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:55:04.0233 5912 sermouse - ok
12:55:04.0326 5912 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
12:55:04.0332 5912 SessionEnv - ok
12:55:04.0390 5912 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
12:55:04.0392 5912 sffdisk - ok
12:55:04.0428 5912 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:55:04.0430 5912 sffp_mmc - ok
12:55:04.0462 5912 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
12:55:04.0464 5912 sffp_sd - ok
12:55:04.0503 5912 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:55:04.0505 5912 sfloppy - ok
12:55:04.0638 5912 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:55:04.0691 5912 SharedAccess - ok
12:55:04.0750 5912 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:55:04.0758 5912 ShellHWDetection - ok
12:55:04.0797 5912 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:55:04.0799 5912 sisagp - ok
12:55:04.0824 5912 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
12:55:04.0830 5912 SiSRaid2 - ok
12:55:04.0887 5912 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:55:04.0890 5912 SiSRaid4 - ok
12:55:05.0185 5912 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
12:55:05.0295 5912 slsvc - ok
12:55:05.0361 5912 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
12:55:05.0369 5912 SLUINotify - ok
12:55:05.0437 5912 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:55:05.0439 5912 Smb - ok
12:55:05.0519 5912 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:55:05.0525 5912 SNMPTRAP - ok
12:55:05.0597 5912 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
12:55:05.0600 5912 spldr - ok
12:55:05.0664 5912 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
12:55:05.0675 5912 Spooler - ok
12:55:05.0901 5912 [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP C:\Windows\System32\Drivers\N360\0603000.00E\SRTSP.SYS
12:55:05.0935 5912 SRTSP - ok
12:55:05.0987 5912 [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX C:\Windows\system32\drivers\N360\0603000.00E\SRTSPX.SYS
12:55:05.0991 5912 SRTSPX - ok
12:55:06.0067 5912 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:55:06.0073 5912 srv - ok
12:55:06.0147 5912 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:55:06.0150 5912 srv2 - ok
12:55:06.0190 5912 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:55:06.0193 5912 srvnet - ok
12:55:06.0272 5912 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:55:06.0282 5912 SSDPSRV - ok
12:55:06.0361 5912 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:55:06.0370 5912 SstpSvc - ok
12:55:06.0456 5912 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
12:55:06.0458 5912 StillCam - ok
12:55:06.0558 5912 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
12:55:06.0580 5912 stisvc - ok
12:55:06.0647 5912 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:55:06.0649 5912 swenum - ok
12:55:06.0723 5912 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
12:55:06.0737 5912 swprv - ok
12:55:06.0827 5912 [ 7330D477B7496CB42BF11EFF2D374C6A ] Swupdtmr c:\Toshiba\IVP\swupdate\swupdtmr.exe
12:55:06.0830 5912 Swupdtmr - ok
12:55:06.0873 5912 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
12:55:06.0875 5912 Symc8xx - ok
12:55:06.0991 5912 [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS C:\Windows\system32\drivers\N360\0603000.00E\SYMDS.SYS
12:55:07.0035 5912 SymDS - ok
12:55:07.0137 5912 [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA C:\Windows\system32\drivers\N360\0603000.00E\SYMEFA.SYS
12:55:07.0167 5912 SymEFA - ok
12:55:07.0253 5912 [ 555FB450FE6908600310E990738B41D6 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
12:55:07.0256 5912 SymEvent - ok
12:55:07.0330 5912 [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON C:\Windows\system32\drivers\N360\0603000.00E\Ironx86.SYS
12:55:07.0339 5912 SymIRON - ok
12:55:07.0417 5912 [ 40C6E6417C8B7D7FCF82CFBE71525795 ] SYMTDIv C:\Windows\System32\Drivers\N360\0603000.00E\SYMTDIV.SYS
12:55:07.0430 5912 SYMTDIv - ok
12:55:07.0495 5912 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
12:55:07.0511 5912 Sym_hi - ok
12:55:07.0563 5912 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
12:55:07.0565 5912 Sym_u3 - ok
12:55:07.0639 5912 [ 2D2C815364A878C7E358D5F549711197 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:55:07.0643 5912 SynTP - ok
12:55:07.0760 5912 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
12:55:07.0808 5912 SysMain - ok
12:55:07.0873 5912 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:55:07.0888 5912 TabletInputService - ok
12:55:07.0957 5912 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:55:07.0972 5912 TapiSrv - ok
12:55:08.0026 5912 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
12:55:08.0034 5912 TBS - ok
12:55:08.0138 5912 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:55:08.0153 5912 Tcpip - ok
12:55:08.0216 5912 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
12:55:08.0231 5912 Tcpip6 - ok
12:55:08.0288 5912 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:55:08.0292 5912 tcpipreg - ok
12:55:08.0346 5912 [ 1825BCEB47BF41C5A9F0E44DE82FC27A ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
12:55:08.0347 5912 tdcmdpst - ok
12:55:08.0417 5912 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:55:08.0419 5912 TDPIPE - ok
12:55:08.0463 5912 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:55:08.0467 5912 TDTCP - ok
12:55:08.0549 5912 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:55:08.0557 5912 tdx - ok
12:55:08.0616 5912 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:55:08.0619 5912 TermDD - ok
12:55:08.0771 5912 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
12:55:08.0783 5912 TermService - ok
12:55:08.0849 5912 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
12:55:08.0859 5912 Themes - ok
12:55:08.0901 5912 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
12:55:08.0906 5912 THREADORDER - ok
12:55:08.0965 5912 [ F779BA4CD37963AB4600C9871B7752A3 ] tifm21 C:\Windows\system32\drivers\tifm21.sys
12:55:08.0969 5912 tifm21 - ok
12:55:09.0037 5912 [ D540858E65BFA6FDED41AD2495ECE344 ] TODDSrv C:\Windows\system32\TODDSrv.exe
12:55:09.0046 5912 TODDSrv - ok
12:55:09.0148 5912 [ 3EDF206DA2B97519B8448ADDFCC098FF ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
12:55:09.0161 5912 TosCoSrv - ok
12:55:09.0236 5912 [ 76148C3159718B701252F87B067904A6 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
12:55:09.0241 5912 TOSHIBA Bluetooth Service - ok
12:55:09.0294 5912 [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2 ] Tosrfcom C:\Windows\system32\drivers\Tosrfcom.sys
12:55:09.0299 5912 Tosrfcom - ok
12:55:09.0335 5912 [ 5C4103544612E5011EF46301B93D1AA6 ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys
12:55:09.0338 5912 tosrfec - ok
12:55:09.0434 5912 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
12:55:09.0442 5912 TrkWks - ok
12:55:09.0518 5912 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:55:09.0521 5912 TrustedInstaller - ok
12:55:09.0638 5912 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:55:09.0645 5912 tssecsrv - ok
12:55:09.0722 5912 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
12:55:09.0766 5912 tunmp - ok
12:55:09.0826 5912 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:55:09.0830 5912 tunnel - ok
12:55:09.0886 5912 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
12:55:09.0888 5912 TVALZ - ok
12:55:09.0941 5912 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:55:09.0943 5912 uagp35 - ok
12:55:10.0009 5912 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:55:10.0014 5912 udfs - ok
12:55:10.0112 5912 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:55:10.0145 5912 UI0Detect - ok
12:55:10.0273 5912 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
12:55:10.0276 5912 UleadBurningHelper - ok
12:55:10.0319 5912 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:55:10.0322 5912 uliagpkx - ok
12:55:10.0365 5912 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
12:55:10.0370 5912 uliahci - ok
12:55:10.0396 5912 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
12:55:10.0399 5912 UlSata - ok
12:55:10.0430 5912 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
12:55:10.0433 5912 ulsata2 - ok
12:55:10.0487 5912 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:55:10.0489 5912 umbus - ok
12:55:10.0552 5912 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
12:55:10.0568 5912 upnphost - ok
12:55:10.0639 5912 [ BA462202B86E5D7933B88C5AF5FCFFD8 ] urvpndrv C:\Windows\system32\DRIVERS\covpnwlh.sys
12:55:10.0644 5912 urvpndrv - ok
12:55:10.0723 5912 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
12:55:10.0726 5912 USBAAPL - ok
12:55:10.0813 5912 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:55:10.0816 5912 usbaudio - ok
12:55:10.0870 5912 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:55:10.0873 5912 usbccgp - ok
12:55:10.0917 5912 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:55:10.0920 5912 usbcir - ok
12:55:11.0009 5912 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:55:11.0015 5912 usbehci - ok
12:55:11.0075 5912 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:55:11.0079 5912 usbhub - ok
12:55:11.0125 5912 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:55:11.0127 5912 usbohci - ok
12:55:11.0185 5912 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:55:11.0189 5912 usbprint - ok
12:55:11.0292 5912 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:55:11.0295 5912 usbscan - ok
12:55:11.0326 5912 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:55:11.0332 5912 USBSTOR - ok
12:55:11.0392 5912 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:55:11.0393 5912 usbuhci - ok
12:55:11.0449 5912 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
12:55:11.0455 5912 UxSms - ok
12:55:11.0548 5912 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
12:55:11.0571 5912 vds - ok
12:55:11.0625 5912 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:55:11.0629 5912 vga - ok
12:55:11.0693 5912 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
12:55:11.0695 5912 VgaSave - ok
12:55:11.0742 5912 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:55:11.0745 5912 viaagp - ok
12:55:11.0779 5912 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
12:55:11.0784 5912 ViaC7 - ok
12:55:11.0836 5912 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
12:55:11.0839 5912 viaide - ok
12:55:11.0860 5912 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:55:11.0863 5912 volmgr - ok
12:55:11.0930 5912 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:55:11.0936 5912 volmgrx - ok
12:55:12.0034 5912 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:55:12.0039 5912 volsnap - ok
12:55:12.0111 5912 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:55:12.0114 5912 vsmraid - ok
12:55:12.0214 5912 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
12:55:12.0251 5912 VSS - ok
12:55:12.0319 5912 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
12:55:12.0333 5912 W32Time - ok
12:55:12.0394 5912 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:55:12.0396 5912 WacomPen - ok
12:55:12.0450 5912 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
12:55:12.0453 5912 Wanarp - ok
12:55:12.0469 5912 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:55:12.0472 5912 Wanarpv6 - ok
12:55:12.0547 5912 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\Windows\system32\DRIVERS\wanatw4.sys
12:55:12.0552 5912 wanatw - ok
12:55:12.0600 5912 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:55:12.0619 5912 wcncsvc - ok
12:55:12.0669 5912 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:55:12.0678 5912 WcsPlugInService - ok
12:55:12.0753 5912 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
12:55:12.0755 5912 Wd - ok
12:55:12.0852 5912 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:55:12.0862 5912 Wdf01000 - ok
12:55:12.0927 5912 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:55:12.0935 5912 WdiServiceHost - ok
12:55:12.0961 5912 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:55:12.0971 5912 WdiSystemHost - ok
12:55:13.0045 5912 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
12:55:13.0054 5912 WebClient - ok
12:55:13.0133 5912 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:55:13.0143 5912 Wecsvc - ok
12:55:13.0211 5912 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:55:13.0220 5912 wercplsupport - ok
12:55:13.0290 5912 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
12:55:13.0299 5912 WerSvc - ok
12:55:13.0384 5912 [ 8EDE2793441645906D1B8B7399C56140 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
12:55:13.0395 5912 winachsf - ok
12:55:13.0484 5912 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:55:13.0494 5912 WinDefend - ok
12:55:13.0539 5912 WinHttpAutoProxySvc - ok
12:55:13.0644 5912 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:55:13.0648 5912 Winmgmt - ok
12:55:13.0779 5912 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
12:55:13.0831 5912 WinRM - ok
12:55:13.0931 5912 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:55:13.0951 5912 Wlansvc - ok
12:55:14.0006 5912 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:55:14.0027 5912 WmiAcpi - ok
12:55:14.0121 5912 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:55:14.0129 5912 wmiApSrv - ok
12:55:14.0243 5912 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:55:14.0270 5912 WMPNetworkSvc - ok
12:55:14.0321 5912 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:55:14.0331 5912 WPCSvc - ok
12:55:14.0402 5912 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:55:14.0411 5912 WPDBusEnum - ok
12:55:14.0466 5912 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
12:55:14.0468 5912 WpdUsb - ok
12:55:14.0635 5912 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:55:14.0659 5912 WPFFontCache_v0400 - ok
12:55:14.0734 5912 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:55:14.0737 5912 ws2ifsl - ok
12:55:14.0794 5912 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
12:55:14.0803 5912 wscsvc - ok
12:55:14.0833 5912 WSearch - ok
12:55:14.0999 5912 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:55:15.0062 5912 wuauserv - ok
12:55:15.0138 5912 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:55:15.0141 5912 WUDFRd - ok
12:55:15.0199 5912 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:55:15.0316 5912 wudfsvc - ok
12:55:15.0418 5912 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
12:55:15.0423 5912 XAudio - ok
12:55:15.0475 5912 [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
12:55:15.0484 5912 XAudioService - ok
12:55:15.0550 5912 ================ Scan global ===============================
12:55:15.0579 5912 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
12:55:15.0648 5912 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:55:15.0691 5912 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:55:15.0771 5912 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
12:55:15.0785 5912 [Global] - ok
12:55:15.0797 5912 ================ Scan MBR ==================================
12:55:15.0815 5912 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
12:55:15.0817 5912 Suspicious mbr (Forged): \Device\Harddisk0\DR0
12:55:15.0868 5912 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
12:55:15.0868 5912 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
12:55:15.0926 5912 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:55:15.0926 5912 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:55:15.0935 5912 ================ Scan VBR ==================================
12:55:15.0947 5912 [ 608C8E72F9405CE6D01AA617F7230C79 ] \Device\Harddisk0\DR0\Partition1
12:55:15.0951 5912 \Device\Harddisk0\DR0\Partition1 - ok
12:55:15.0959 5912 ============================================================
12:55:15.0959 5912 Scan finished
12:55:15.0959 5912 ============================================================
12:55:16.0002 7112 Detected object count: 2
12:55:16.0003 7112 Actual detected object count: 2
12:55:53.0670 7112 \Device\Harddisk0\DR0\# - copied to quarantine
12:55:53.0677 7112 \Device\Harddisk0\DR0 - copied to quarantine
12:55:53.0718 7112 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
12:55:53.0733 7112 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
12:55:53.0742 7112 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
12:55:53.0751 7112 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
12:55:53.0761 7112 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
12:55:53.0781 7112 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
12:55:53.0802 7112 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
12:55:53.0809 7112 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
12:55:53.0815 7112 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
12:55:53.0821 7112 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
12:55:53.0828 7112 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
12:55:53.0837 7112 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
12:55:53.0845 7112 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
12:55:53.0851 7112 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
12:55:53.0893 7112 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
12:55:53.0896 7112 \Device\Harddisk0\DR0 - ok
12:55:53.0902 7112 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
12:55:53.0909 7112 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:55:53.0909 7112 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


Here is the other one:

C:\TDSSKiller_Quarantine\25.08.2012_12.51.48\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.08.2012_12.51.48\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.08.2012_12.51.48\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.08.2012_12.54.06\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.08.2012_12.54.06\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.08.2012_12.54.06\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Default\aabmplkdbfgjdomfpagmidpkcdapcaoc\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:24 AM

Posted 25 August 2012 - 07:44 PM

Run TDSSkiller and delete this

12:55:53.0909 7112 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Restart the PC and run ASWMBR


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 pinkypod

pinkypod
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:24 AM

Posted 26 August 2012 - 02:10 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Matthew (administrator) on 25-08-2012 at 23:56:04
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

========================= IP Configuration: ================================

Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Connected)
Intel® PRO/100 VE Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : APIC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : singledigits.sdus
Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection
Physical Address. . . . . . . . . : 00-16-36-C1-ED-5A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection
Physical Address. . . . . . . . . : 00-19-D2-16-FC-AF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b97c:1674:e2e:1ee0%8(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.12(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, August 25, 2012 6:06:26 PM
Lease Expires . . . . . . . . . . : Sunday, August 26, 2012 12:36:38 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 151001310
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0D-26-92-83-00-19-D2-16-FC-AF
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.singledigits.sdus
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{FCE00225-F6A3-42B7-9AFF-64CDC15BEB8E}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2001:4860:4007:801::1000
74.125.224.232
74.125.224.233
74.125.224.238
74.125.224.224
74.125.224.225
74.125.224.226
74.125.224.227
74.125.224.228
74.125.224.229
74.125.224.230
74.125.224.231



Pinging google.com [74.125.224.163] with 32 bytes of data:

Reply from 74.125.224.163: bytes=32 time=18ms TTL=55

Reply from 74.125.224.163: bytes=32 time=16ms TTL=55



Ping statistics for 74.125.224.163:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 16ms, Maximum = 18ms, Average = 17ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=47ms TTL=53

Reply from 72.30.38.140: bytes=32 time=25ms TTL=53



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 25ms, Maximum = 47ms, Average = 36ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
9 ...00 16 36 c1 ed 5a ...... Intel® PRO/100 VE Network Connection
8 ...00 19 d2 16 fc af ...... Intel® PRO/Wireless 3945ABG Network Connection
1 ........................... Software Loopback Interface 1
17 ...00 00 00 00 00 00 00 e0 isatap.singledigits.sdus
11 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
18 ...00 00 00 00 00 00 00 e0 isatap.{FCE00225-F6A3-42B7-9AFF-64CDC15BEB8E}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.12 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.12 281
192.168.0.12 255.255.255.255 On-link 192.168.0.12 281
192.168.0.255 255.255.255.255 On-link 192.168.0.12 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.12 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.12 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
8 281 fe80::/64 On-link
8 281 fe80::b97c:1674:e2e:1ee0/128
On-link
1 306 ff00::/8 On-link
8 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 07 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/25/2012 08:10:09 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.62.0.87, time stamp 0x4fc6d5ba, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x0006748f,
process id 0x11e0, application start time 0xmbam.exe0.

Error: (08/25/2012 05:37:12 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000096, fault offset 0x6465741a,
process id 0x4b4, application start time 0xsvchost.exe0.

Error: (08/25/2012 09:00:47 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27194422

Error: (08/25/2012 09:00:47 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27194422

Error: (08/25/2012 09:00:45 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2012 01:28:49 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 78110

Error: (08/25/2012 01:28:49 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 78110

Error: (08/25/2012 01:28:49 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2012 01:28:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62510

Error: (08/25/2012 01:28:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62510


System errors:
=============
Error: (08/25/2012 06:07:15 PM) (Source: Service Control Manager) (User: )
Description: Tosrfcom

Error: (08/25/2012 06:07:15 PM) (Source: Service Control Manager) (User: )
Description: GoToMyPC%%1053

Error: (08/25/2012 06:07:15 PM) (Source: Service Control Manager) (User: )
Description: 30000GoToMyPC

Error: (08/25/2012 06:07:15 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (08/25/2012 06:00:38 PM) (Source: Service Control Manager) (User: )
Description: 98433076
Tosrfcom

Error: (08/25/2012 06:00:38 PM) (Source: Service Control Manager) (User: )
Description: GoToMyPC%%1053

Error: (08/25/2012 06:00:38 PM) (Source: Service Control Manager) (User: )
Description: 30000GoToMyPC

Error: (08/25/2012 06:00:38 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (08/25/2012 05:59:54 PM) (Source: Print) (User: NT AUTHORITY)
Description: The print spooler failed to share printer Send To OneNote 2007 with shared resource name Send To OneNote 2007. Error 2114. The printer cannot be used by others on the network.

Error: (08/25/2012 05:59:20 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:57:27 PM on 8/25/2012 was unexpected.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe AIR (Version: 2.7.1.19610)
Adobe Community Help (Version: 3.4.980)
Adobe Download Assistant (Version: 1.0.6)
Adobe Dreamweaver CS5.5 (Version: 11.5)
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player (Version: 10.1.4.20)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
AVerMedia USB Hybrid Capture Device 1.3.0.46 (Version: 1.3.0.46)
Bing Bar (Version: 6.3.2291.0)
Bing Bar Platform (Version: 6.3.2291.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
BitComet 1.29 (Version: 1.29)
Bluetooth Stack for Windows by Toshiba (Version: v5.00.10(T))
Bonjour (Version: 3.0.0.10)
CD/DVD Drive Acoustic Silencer (Version: 2.00.02)
Conexant HD Audio (Version: 4.36.7.60)
Coupon Printer for Windows (Version: 5.0.0.1)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Desktop Dialer
DigiDo
Download Updater (AOL LLC)
DVD MovieFactory for TOSHIBA (Version: 5.3)
ESET Online Scanner v3
Google Chrome (Version: 21.0.1180.83)
Google Desktop (Version: 5.9.1005.12335)
Google Gmail Notifier
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3203.136)
Google Update Helper (Version: 1.3.21.115)
GoToMyPC (Version: 7.2.635)
HP Deskjet 3050A J611 series Basic Device Software (Version: 25.0.571.0)
HP Deskjet 3050A J611 series Help (Version: 140.0.2.2)
HPDiagnosticCoreDll (Version: 1.0.3.0)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Java™ SE Runtime Environment 6 (Version: 1.6.0.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 08.05.0818)
Microsoft XML Parser (Version: 8.20.8730.4)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mobile Broadband Generic Drivers (Version: 2.02.07.002.14)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Namo WebEditor 2006 Trial (Version: 7.00.000)
NetJet 1.3 (Version: 1.3)
Norton 360 (Version: 6.3.0.14)
Nvu 1.0PR (Version: 1.0PR)
QuickTime (Version: 7.72.80.56)
RTC Client API v1.2 (Version: 1.2.0000)
Safari (Version: 5.34.57.2)
Soft Data Fax Modem with SmartCP
Synaptics Pointing Device Driver (Version: 9.1.0.0)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 1.23.0000)
TIPCI (Version: 1.23.0000)
TOSHIBA Assist (Version: 2.00.00)
TOSHIBA ConfigFree (Version: 7.00.21)
TOSHIBA Disc Creator (Version: 2.0.0.0a)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.00.00)
TOSHIBA Hardware Setup (Version: 2.00.03.00)
Toshiba Registration (Version: 1.00.0000)
TOSHIBA SD Memory Utilities (Version: 1.6)
TOSHIBA Software Upgrades (Version: 4.0)
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 2.00.03.00)
TOSHIBA Value Added Package (Version: 1.0.3)
TOSHIBA Volume Indicator (Version: 2.00.03.00)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VideoLAN VLC media player 0.8.4a (Version: 0.8.4a)
Viewpoint Media Player
VZAccess Manager
WinDVD for TOSHIBA (Version: 8.0-B6.107)
Yahoo! Music Jukebox

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 3061.43 MB
Available physical RAM: 1456.89 MB
Total Pagefile: 6331.27 MB
Available Pagefile: 4615.2 MB
Total Virtual: 2047.88 MB
Available Virtual: 1941.55 MB

========================= Partitions: =====================================

1 Drive c: (SQ004239V06) (Fixed) (Total:110.32 GB) (Free:35.83 GB) NTFS

========================= Users: ========================================

User accounts for \\APIC

Administrator Backup Restore Disk Guest
Matthew


**** End of log ****

Farbar Service Scanner Version: 06-08-2012
Ran by Matthew (administrator) on 25-08-2012 at 23:57:47
Running from "C:\Users\Matthew\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2010-11-21 03:52] - [2008-01-19 00:34] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

# AdwCleaner v1.801 - Logfile created 08/25/2012 at 23:58:46
# Updated 14/08/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Matthew - APIC
# Boot Mode : Normal
# Running from : C:\Users\Matthew\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\Common Files\Software Update Utility

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\SOFTWARE\Viewpoint

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

Profile name : default
File : C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\thp567vq.default\prefs.js

C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\thp567vq.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",
Deleted : "path": "C:\\Program Files\\Viewpoint\\Viewpoint Experience Technology\\npViewpoint.dll",

*************************

AdwCleaner[S1].txt - [3760 octets] - [25/08/2012 23:58:46]

########## EOF - C:\AdwCleaner[S1].txt - [3888 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:24 AM

Posted 26 August 2012 - 07:18 AM

ASWMBR,MBAM logs?

#7 pinkypod

pinkypod
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:24 AM

Posted 26 August 2012 - 11:26 AM

Sorry, here they are:

swMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-25 18:11:05
-----------------------------
18:11:05.436 OS Version: Windows 6.0.6002 Service Pack 2
18:11:05.436 Number of processors: 2 586 0xE08
18:11:05.451 ComputerName: APIC UserName:
18:11:48.084 Initialize success
18:12:59.174 AVAST engine defs: 12082501
18:14:06.690 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:14:06.706 Disk 0 Vendor: TOSHIBA_MK1234GSX AH001M Size: 114473MB BusType: 3
18:14:06.768 Disk 0 MBR read successfully
18:14:06.768 Disk 0 MBR scan
18:14:06.784 Disk 0 Windows VISTA default MBR code
18:14:06.800 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
18:14:06.815 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 112971 MB offset 3074048
18:14:06.862 Disk 0 scanning sectors +234438656
18:14:07.018 Disk 0 scanning C:\Windows\system32\drivers
18:14:43.054 Service scanning
18:15:33.491 Modules scanning
18:16:00.432 Disk 0 trace - called modules:
18:16:00.448
18:16:01.321 AVAST engine scan C:\Windows
18:16:04.769 AVAST engine scan C:\Windows\system32
18:21:46.034 AVAST engine scan C:\Windows\system32\drivers
18:22:12.727 AVAST engine scan C:\Users\Matthew
18:36:20.506 Verifying
18:36:30.568 Disk 0 Windows 600 MBR fixed successfully
18:36:39.258 Verifying
18:36:49.304 Disk 0 Windows 600 MBR fixed successfully
18:37:32.862 Verifying
18:37:42.924 Disk 0 Windows 600 MBR fixed successfully
18:38:23.203 Verifying
18:38:33.265 Disk 0 Windows 600 MBR fixed successfully
18:41:05.867 Verifying
18:41:15.961 Disk 0 Windows 600 MBR fixed successfully
18:42:23.465 Disk 0 MBR has been saved successfully to "C:\Users\Matthew\Desktop\MBR.dat"
18:42:23.480 The log file has been saved successfully to "C:\Users\Matthew\Desktop\aswMBR.txt"


Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.25.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Matthew :: APIC [administrator]

Protection: Disabled

8/25/2012 8:16:15 PM
mbam-log-2012-08-25 (20-16-15).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 452124
Time elapsed: 2 hour(s), 41 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:24 AM

Posted 26 August 2012 - 11:40 AM

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

Any current issues?

#9 pinkypod

pinkypod
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:24 AM

Posted 26 August 2012 - 11:59 AM

OK, I'll run it now. No issues at all that I see. It seems to be working great. Thank you for all your help. I will post log from RKILL as soon as it finishes.

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

Any current issues?



#10 pinkypod

pinkypod
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:24 AM

Posted 26 August 2012 - 12:01 PM

Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/26/2012 10:00:11 AM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* C:\Windows\system32\TODDSrv.exe (PID: 2372) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic

* pcmcia => system32\DRIVERS\pcmcia.sys [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/26/2012 10:00:34 AM
Execution time: 0 hours(s), 0 minute(s), and 22 seconds(s)


OK, I'll run it now. No issues at all that I see. It seems to be working great. Thank you for all your help. I will post log from RKILL as soon as it finishes.


download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

Any current issues?



#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:24 AM

Posted 26 August 2012 - 12:03 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows-vista/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users