Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Small red security shield, wireless is down & google redirect when working


  • Please log in to reply
5 replies to this topic

#1 bobbysick

bobbysick

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 29 August 2012 - 12:25 AM

I was an idiot and clicked on a link that an ex friend of mine had sent me to an image file (httpxx://gehlhausenassoc.com/images/)
and voila, my laptop became infected.
SYMPTOMS INCLUDE:

1)Once infected, my google searches were redirected to google.cz
2)Afterwards, a day later, a small red security shield (like the normal one with the white X) popped up and had a bubble that said "Your computer is infected! Blah blah blah"
2)When I went to turn on my windows firewall (It had been turned off), it came up with an error message stating that something was stopping it from opening.
3)My WLAN Wireless card isnt accessible and I am not able to pick up a wireless signal. I havent tried hooking up to the landline yet, due to other computers being connected (this one I'm using in particular)to the internet.

HELP.

Edited by hamluis, 29 August 2012 - 05:58 AM.
Deactivated link, moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:29 PM

Posted 29 August 2012 - 08:22 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 bobbysick

bobbysick
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 29 August 2012 - 08:40 PM

TDSSkiller log:
TDSSKILLER LOG

aswMBR log:
ASWMBR LOG

ESET Online Scanner files found:
C:\TDSSKiller_Quarantine\29.08.2012_16.14.20\rtkt0000\svc0000\tsk0000.dta Win32/Simda.M.Gen trojan deleted - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:29 PM

Posted 29 August 2012 - 08:45 PM

Post the logs here

#5 bobbysick

bobbysick
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 29 August 2012 - 09:02 PM

tdsskiller log:
16:14:19.0328 2712 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
16:14:20.0203 2712 ============================================================
16:14:20.0203 2712 Current date / time: 2012/08/29 16:14:20.0203
16:14:20.0203 2712 SystemInfo:
16:14:20.0203 2712
16:14:20.0203 2712 OS Version: 5.1.2600 ServicePack: 3.0
16:14:20.0203 2712 Product type: Workstation
16:14:20.0203 2712 ComputerName: USER-6FBA7964A4
16:14:20.0203 2712 UserName: computer
16:14:20.0203 2712 Windows directory: C:\WINDOWS
16:14:20.0203 2712 System windows directory: C:\WINDOWS
16:14:20.0203 2712 Processor architecture: Intel x86
16:14:20.0203 2712 Number of processors: 2
16:14:20.0203 2712 Page size: 0x1000
16:14:20.0203 2712 Boot type: Normal boot
16:14:20.0203 2712 ============================================================
16:14:21.0781 2712 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:14:21.0781 2712 Drive \Device\Harddisk1\DR2 - Size: 0x1DD180000 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:14:21.0781 2712 ============================================================
16:14:21.0781 2712 \Device\Harddisk0\DR0:
16:14:21.0781 2712 MBR partitions:
16:14:21.0781 2712 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
16:14:21.0781 2712 \Device\Harddisk1\DR2:
16:14:21.0781 2712 MBR partitions:
16:14:21.0781 2712 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0xEE8BE0
16:14:21.0781 2712 ============================================================
16:14:21.0796 2712 C: <-> \Device\Harddisk0\DR0\Partition1
16:14:21.0796 2712 ============================================================
16:14:21.0796 2712 Initialize success
16:14:21.0796 2712 ============================================================
16:14:27.0562 3652 ============================================================
16:14:27.0562 3652 Scan started
16:14:27.0562 3652 Mode: Manual;
16:14:27.0578 3652 ============================================================
16:14:27.0890 3652 ================ Scan system memory ========================
16:14:27.0890 3652 System memory - ok
16:14:27.0890 3652 ================ Scan services =============================
16:14:27.0968 3652 3271 - ok
16:14:28.0078 3652 Abiosdsk - ok
16:14:28.0078 3652 abp480n5 - ok
16:14:28.0109 3652 [ EA38C961260F29295C6D03070FA9D0B5 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:14:28.0109 3652 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: EA38C961260F29295C6D03070FA9D0B5, Fake md5: 8FD99680A539792A30E97944FDAECF17
16:14:28.0109 3652 ACPI ( Virus.Win32.Rloader.a ) - infected
16:14:28.0109 3652 ACPI - detected Virus.Win32.Rloader.a (0)
16:14:28.0140 3652 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:14:28.0140 3652 ACPIEC - ok
16:14:28.0203 3652 [ 6C40D5ED8951AB7B90D08AF655224EE4 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:14:28.0203 3652 AdobeFlashPlayerUpdateSvc - ok
16:14:28.0218 3652 adpu160m - ok
16:14:28.0250 3652 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:14:28.0265 3652 aec - ok
16:14:28.0328 3652 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:14:28.0328 3652 AFD - ok
16:14:28.0437 3652 [ B29BC445561F1AC7B1DAF67AF954C36B ] AffinegyService C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
16:14:28.0453 3652 AffinegyService - ok
16:14:28.0453 3652 AFGMp50 - ok
16:14:28.0484 3652 [ 1961590AA191B6B7DCF18A6A693AF7B8 ] AFGSp50 C:\WINDOWS\system32\Drivers\AFGSp50.sys
16:14:28.0484 3652 AFGSp50 - ok
16:14:28.0484 3652 Aha154x - ok
16:14:28.0500 3652 aic78u2 - ok
16:14:28.0500 3652 aic78xx - ok
16:14:28.0578 3652 [ 3F9F42085AB5B6A55498A539C54575AB ] akshasp C:\WINDOWS\system32\DRIVERS\akshasp.sys
16:14:28.0593 3652 akshasp - ok
16:14:28.0671 3652 [ D2B95315CC47F9230006FDBCBA394D8D ] aksusb C:\WINDOWS\system32\DRIVERS\aksusb.sys
16:14:28.0671 3652 aksusb - ok
16:14:28.0703 3652 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:14:28.0703 3652 Alerter - ok
16:14:28.0718 3652 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
16:14:28.0718 3652 ALG - ok
16:14:28.0734 3652 AliIde - ok
16:14:28.0734 3652 amsint - ok
16:14:28.0781 3652 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:14:28.0796 3652 AppMgmt - ok
16:14:28.0796 3652 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
16:14:28.0796 3652 Arp1394 - ok
16:14:28.0796 3652 asc - ok
16:14:28.0812 3652 asc3350p - ok
16:14:28.0812 3652 asc3550 - ok
16:14:28.0953 3652 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:14:29.0000 3652 aspnet_state - ok
16:14:29.0031 3652 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:14:29.0046 3652 AsyncMac - ok
16:14:29.0078 3652 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:14:29.0078 3652 atapi - ok
16:14:29.0078 3652 Atdisk - ok
16:14:29.0125 3652 [ 3B11BE07AF444314794372AF5D7C9A5A ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
16:14:29.0140 3652 Ati HotKey Poller - ok
16:14:29.0234 3652 [ 2573C08729DD52B7B4F18DF1592E0B37 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
16:14:29.0250 3652 ati2mtag - ok
16:14:29.0281 3652 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:14:29.0281 3652 Atmarpc - ok
16:14:29.0312 3652 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:14:29.0328 3652 AudioSrv - ok
16:14:29.0359 3652 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:14:29.0359 3652 audstub - ok
16:14:29.0359 3652 Avgfwdx - ok
16:14:29.0375 3652 Avgfwfd - ok
16:14:29.0375 3652 avgfws - ok
16:14:29.0375 3652 AVGIDSAgent - ok
16:14:29.0390 3652 AVGIDSEH - ok
16:14:29.0390 3652 avgwd - ok
16:14:29.0453 3652 [ E9EA635B8432D68F0005B3F6CEBAB837 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
16:14:29.0484 3652 BCM43XX - ok
16:14:29.0515 3652 [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
16:14:29.0515 3652 bcm4sbxp - ok
16:14:29.0546 3652 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:14:29.0546 3652 Beep - ok
16:14:29.0593 3652 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
16:14:29.0656 3652 BITS - ok
16:14:29.0703 3652 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:14:29.0718 3652 Bonjour Service - ok
16:14:29.0750 3652 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
16:14:29.0750 3652 Browser - ok
16:14:29.0796 3652 [ 8893AE0B6B9B60E0521A60E8B2160216 ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
16:14:29.0812 3652 btaudio - ok
16:14:29.0843 3652 [ FDE318E3569F57264AF74B7E431F60AE ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
16:14:29.0843 3652 BTDriver - ok
16:14:29.0906 3652 [ 9C3C8B9E2EDA516EB44B51DAB81DBD68 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
16:14:29.0906 3652 BTKRNL - ok
16:14:29.0937 3652 [ 089F7526FF41C17B0A43896D0553D5A2 ] BTSERIAL C:\WINDOWS\system32\drivers\btserial.sys
16:14:29.0937 3652 BTSERIAL - ok
16:14:30.0000 3652 [ 3A462EBA453D84D036046772104CFBCB ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
16:14:30.0000 3652 btwdins - ok
16:14:30.0031 3652 [ 28531AB3183F498E58D93D585E6A6B70 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
16:14:30.0031 3652 BTWDNDIS - ok
16:14:30.0062 3652 [ C5C0E21C67089F053B964E0A8B8ADBAC ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
16:14:30.0078 3652 btwhid - ok
16:14:30.0093 3652 [ 7D295223C172AB4D61DC256721B2F09E ] btwmodem C:\WINDOWS\system32\DRIVERS\btwmodem.sys
16:14:30.0093 3652 btwmodem - ok
16:14:30.0093 3652 [ 56C701580F2891952761362BA7594B3D ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
16:14:30.0109 3652 BTWUSB - ok
16:14:30.0234 3652 catchme - ok
16:14:30.0250 3652 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:14:30.0250 3652 cbidf2k - ok
16:14:30.0328 3652 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:14:30.0328 3652 CCDECODE - ok
16:14:30.0343 3652 cd20xrnt - ok
16:14:30.0375 3652 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:14:30.0375 3652 Cdaudio - ok
16:14:30.0406 3652 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:14:30.0406 3652 Cdfs - ok
16:14:30.0437 3652 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:14:30.0437 3652 Cdrom - ok
16:14:30.0437 3652 cerc6 - ok
16:14:30.0453 3652 Changer - ok
16:14:30.0468 3652 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:14:30.0468 3652 CiSvc - ok
16:14:30.0500 3652 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:14:30.0500 3652 ClipSrv - ok
16:14:30.0546 3652 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:14:30.0562 3652 clr_optimization_v2.0.50727_32 - ok
16:14:30.0593 3652 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:14:30.0640 3652 clr_optimization_v4.0.30319_32 - ok
16:14:30.0687 3652 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
16:14:30.0687 3652 CmBatt - ok
16:14:30.0687 3652 CmdIde - ok
16:14:30.0703 3652 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
16:14:30.0703 3652 Compbatt - ok
16:14:30.0718 3652 COMSysApp - ok
16:14:30.0718 3652 Cpqarray - ok
16:14:30.0750 3652 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:14:30.0750 3652 CryptSvc - ok
16:14:30.0765 3652 dac2w2k - ok
16:14:30.0765 3652 dac960nt - ok
16:14:30.0812 3652 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:14:30.0812 3652 DcomLaunch - ok
16:14:30.0843 3652 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:14:30.0859 3652 Dhcp - ok
16:14:30.0859 3652 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:14:30.0859 3652 Disk - ok
16:14:30.0875 3652 dmadmin - ok
16:14:30.0937 3652 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:14:30.0953 3652 dmboot - ok
16:14:30.0984 3652 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:14:30.0984 3652 dmio - ok
16:14:31.0000 3652 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:14:31.0000 3652 dmload - ok
16:14:31.0015 3652 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:14:31.0015 3652 dmserver - ok
16:14:31.0046 3652 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:14:31.0046 3652 DMusic - ok
16:14:31.0078 3652 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:14:31.0078 3652 Dnscache - ok
16:14:31.0109 3652 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:14:31.0109 3652 Dot3svc - ok
16:14:31.0125 3652 dpti2o - ok
16:14:31.0140 3652 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:14:31.0140 3652 drmkaud - ok
16:14:31.0156 3652 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:14:31.0156 3652 EapHost - ok
16:14:31.0187 3652 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:14:31.0187 3652 ERSvc - ok
16:14:31.0218 3652 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
16:14:31.0234 3652 Eventlog - ok
16:14:31.0265 3652 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
16:14:31.0265 3652 EventSystem - ok
16:14:31.0281 3652 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:14:31.0281 3652 Fastfat - ok
16:14:31.0328 3652 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:14:31.0328 3652 FastUserSwitchingCompatibility - ok
16:14:31.0343 3652 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
16:14:31.0343 3652 Fdc - ok
16:14:31.0359 3652 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:14:31.0359 3652 Fips - ok
16:14:31.0437 3652 [ D60EF46DC0E757FE5EB579DB95B88954 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:14:31.0468 3652 FLEXnet Licensing Service - ok
16:14:31.0468 3652 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
16:14:31.0468 3652 Flpydisk - ok
16:14:31.0500 3652 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
16:14:31.0500 3652 FltMgr - ok
16:14:31.0562 3652 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:14:31.0562 3652 FontCache3.0.0.0 - ok
16:14:31.0578 3652 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:14:31.0578 3652 Fs_Rec - ok
16:14:31.0593 3652 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:14:31.0609 3652 Ftdisk - ok
16:14:31.0625 3652 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:14:31.0625 3652 Gpc - ok
16:14:31.0734 3652 [ D95554949082FD29A04D351B58396718 ] Hardlock C:\WINDOWS\system32\drivers\hardlock.sys
16:14:31.0750 3652 Hardlock - ok
16:14:31.0812 3652 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:14:31.0812 3652 HDAudBus - ok
16:14:31.0843 3652 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:14:31.0843 3652 helpsvc - ok
16:14:31.0859 3652 HidServ - ok
16:14:31.0890 3652 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:14:31.0890 3652 HidUsb - ok
16:14:31.0921 3652 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:14:31.0921 3652 hkmsvc - ok
16:14:31.0937 3652 hpn - ok
16:14:32.0000 3652 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
16:14:32.0000 3652 HPZid412 - ok
16:14:32.0046 3652 [ A3C43980EE1F1BEAC778B44EA65DBDD4 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
16:14:32.0046 3652 HPZipr12 - ok
16:14:32.0078 3652 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
16:14:32.0078 3652 HPZius12 - ok
16:14:32.0125 3652 [ 1C8CAA80E91FB71864E9426F9EED048D ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
16:14:32.0125 3652 HSFHWAZL - ok
16:14:32.0187 3652 [ 698204D9C2832E53633E53A30A53FC3D ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
16:14:32.0218 3652 HSF_DPV - ok
16:14:32.0250 3652 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:14:32.0250 3652 HTTP - ok
16:14:32.0281 3652 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:14:32.0296 3652 HTTPFilter - ok
16:14:32.0296 3652 i2omgmt - ok
16:14:32.0296 3652 i2omp - ok
16:14:32.0359 3652 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:14:32.0359 3652 i8042prt - ok
16:14:32.0484 3652 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:14:32.0500 3652 idsvc - ok
16:14:32.0515 3652 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:14:32.0515 3652 Imapi - ok
16:14:32.0562 3652 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
16:14:32.0578 3652 ImapiService - ok
16:14:32.0578 3652 ini910u - ok
16:14:32.0593 3652 IntelIde - ok
16:14:32.0609 3652 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:14:32.0609 3652 intelppm - ok
16:14:32.0656 3652 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
16:14:32.0656 3652 Ip6Fw - ok
16:14:32.0687 3652 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:14:32.0703 3652 IpFilterDriver - ok
16:14:32.0718 3652 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:14:32.0718 3652 IpInIp - ok
16:14:32.0750 3652 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:14:32.0750 3652 IpNat - ok
16:14:32.0765 3652 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:14:32.0765 3652 IPSec - ok
16:14:32.0796 3652 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:14:32.0796 3652 IRENUM - ok
16:14:32.0843 3652 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:14:32.0843 3652 isapnp - ok
16:14:32.0890 3652 [ C2C1660DDCC9BD67EB98D6D5F91C107F ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
16:14:32.0890 3652 JavaQuickStarterService - ok
16:14:32.0906 3652 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:14:32.0906 3652 Kbdclass - ok
16:14:32.0921 3652 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:14:32.0921 3652 kbdhid - ok
16:14:32.0953 3652 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:14:32.0953 3652 kmixer - ok
16:14:33.0000 3652 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:14:33.0000 3652 KSecDD - ok
16:14:33.0031 3652 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
16:14:33.0046 3652 LanmanServer - ok
16:14:33.0062 3652 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:14:33.0078 3652 lanmanworkstation - ok
16:14:33.0078 3652 lbrtfdc - ok
16:14:33.0125 3652 [ C12476DE1AFFB1BBA1A48A459CEB3D39 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
16:14:33.0125 3652 LightScribeService - ok
16:14:33.0140 3652 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:14:33.0140 3652 LmHosts - ok
16:14:33.0203 3652 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
16:14:33.0218 3652 MBAMProtector - ok
16:14:33.0359 3652 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:14:33.0375 3652 MBAMService - ok
16:14:33.0390 3652 [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
16:14:33.0406 3652 mdmxsdk - ok
16:14:33.0406 3652 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:14:33.0421 3652 Messenger - ok
16:14:33.0500 3652 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
16:14:33.0500 3652 Microsoft Office Groove Audit Service - ok
16:14:33.0531 3652 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:14:33.0531 3652 mnmdd - ok
16:14:33.0562 3652 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:14:33.0562 3652 mnmsrvc - ok
16:14:33.0578 3652 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:14:33.0593 3652 Modem - ok
16:14:33.0593 3652 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:14:33.0593 3652 Mouclass - ok
16:14:33.0625 3652 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:14:33.0625 3652 mouhid - ok
16:14:33.0640 3652 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:14:33.0640 3652 MountMgr - ok
16:14:33.0671 3652 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:14:33.0671 3652 MozillaMaintenance - ok
16:14:33.0687 3652 mraid35x - ok
16:14:33.0718 3652 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:14:33.0718 3652 MRxDAV - ok
16:14:33.0750 3652 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:14:33.0765 3652 MRxSmb - ok
16:14:33.0781 3652 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:14:33.0781 3652 MSDTC - ok
16:14:33.0796 3652 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:14:33.0796 3652 Msfs - ok
16:14:33.0796 3652 MSIServer - ok
16:14:33.0843 3652 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:14:33.0843 3652 MSKSSRV - ok
16:14:33.0859 3652 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:14:33.0859 3652 MSPCLOCK - ok
16:14:33.0890 3652 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:14:33.0890 3652 MSPQM - ok
16:14:33.0921 3652 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:14:33.0921 3652 mssmbios - ok
16:14:33.0984 3652 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
16:14:33.0984 3652 MSTEE - ok
16:14:34.0015 3652 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:14:34.0015 3652 Mup - ok
16:14:34.0046 3652 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:14:34.0046 3652 NABTSFEC - ok
16:14:34.0078 3652 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
16:14:34.0093 3652 napagent - ok
16:14:34.0125 3652 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:14:34.0125 3652 NDIS - ok
16:14:34.0171 3652 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:14:34.0171 3652 NdisIP - ok
16:14:34.0218 3652 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:14:34.0234 3652 NdisTapi - ok
16:14:34.0250 3652 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:14:34.0250 3652 Ndisuio - ok
16:14:34.0265 3652 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:14:34.0265 3652 NdisWan - ok
16:14:34.0296 3652 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:14:34.0296 3652 NDProxy - ok
16:14:34.0312 3652 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:14:34.0312 3652 NetBIOS - ok
16:14:34.0328 3652 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:14:34.0343 3652 NetBT - ok
16:14:34.0390 3652 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
16:14:34.0390 3652 NetDDE - ok
16:14:34.0406 3652 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:14:34.0406 3652 NetDDEdsdm - ok
16:14:34.0437 3652 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:14:34.0437 3652 Netlogon - ok
16:14:34.0468 3652 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
16:14:34.0468 3652 Netman - ok
16:14:34.0531 3652 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:14:34.0578 3652 NetTcpPortSharing - ok
16:14:34.0609 3652 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
16:14:34.0609 3652 NIC1394 - ok
16:14:34.0640 3652 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
16:14:34.0640 3652 Nla - ok
16:14:34.0640 3652 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:14:34.0656 3652 Npfs - ok
16:14:34.0687 3652 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:14:34.0703 3652 Ntfs - ok
16:14:34.0703 3652 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:14:34.0703 3652 NtLmSsp - ok
16:14:34.0734 3652 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:14:34.0750 3652 NtmsSvc - ok
16:14:34.0765 3652 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
16:14:34.0765 3652 Null - ok
16:14:34.0796 3652 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:14:34.0812 3652 NwlnkFlt - ok
16:14:34.0843 3652 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:14:34.0843 3652 NwlnkFwd - ok
16:14:34.0921 3652 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:14:34.0937 3652 odserv - ok
16:14:34.0937 3652 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
16:14:34.0937 3652 ohci1394 - ok
16:14:35.0000 3652 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:14:35.0000 3652 ose - ok
16:14:35.0031 3652 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
16:14:35.0031 3652 Parport - ok
16:14:35.0031 3652 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:14:35.0031 3652 PartMgr - ok
16:14:35.0062 3652 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:14:35.0062 3652 ParVdm - ok
16:14:35.0078 3652 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:14:35.0078 3652 PCI - ok
16:14:35.0093 3652 PCIDump - ok
16:14:35.0109 3652 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:14:35.0109 3652 PCIIde - ok
16:14:35.0125 3652 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:14:35.0125 3652 Pcmcia - ok
16:14:35.0140 3652 PDCOMP - ok
16:14:35.0140 3652 PDFRAME - ok
16:14:35.0156 3652 PDRELI - ok
16:14:35.0156 3652 PDRFRAME - ok
16:14:35.0171 3652 perc2 - ok
16:14:35.0171 3652 perc2hib - ok
16:14:35.0203 3652 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
16:14:35.0218 3652 PlugPlay - ok
16:14:35.0281 3652 [ 901C43516504CBE582E4C4193E00876A ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
16:14:35.0281 3652 Pml Driver HPZ12 - ok
16:14:35.0281 3652 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:14:35.0296 3652 PolicyAgent - ok
16:14:35.0312 3652 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:14:35.0312 3652 PptpMiniport - ok
16:14:35.0328 3652 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:14:35.0328 3652 ProtectedStorage - ok
16:14:35.0328 3652 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:14:35.0328 3652 PSched - ok
16:14:35.0343 3652 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:14:35.0343 3652 Ptilink - ok
16:14:35.0359 3652 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:14:35.0359 3652 PxHelp20 - ok
16:14:35.0375 3652 ql1080 - ok
16:14:35.0375 3652 Ql10wnt - ok
16:14:35.0375 3652 ql12160 - ok
16:14:35.0390 3652 ql1240 - ok
16:14:35.0390 3652 ql1280 - ok
16:14:35.0421 3652 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:14:35.0421 3652 RasAcd - ok
16:14:35.0453 3652 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:14:35.0453 3652 RasAuto - ok
16:14:35.0484 3652 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:14:35.0484 3652 Rasl2tp - ok
16:14:35.0500 3652 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:14:35.0515 3652 RasMan - ok
16:14:35.0515 3652 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:14:35.0515 3652 RasPppoe - ok
16:14:35.0531 3652 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:14:35.0531 3652 Raspti - ok
16:14:35.0546 3652 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:14:35.0546 3652 Rdbss - ok
16:14:35.0562 3652 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:14:35.0578 3652 RDPCDD - ok
16:14:35.0593 3652 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:14:35.0609 3652 rdpdr - ok
16:14:35.0640 3652 [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:14:35.0640 3652 RDPWD - ok
16:14:35.0687 3652 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:14:35.0687 3652 RDSessMgr - ok
16:14:35.0718 3652 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:14:35.0718 3652 redbook - ok
16:14:35.0750 3652 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:14:35.0750 3652 RemoteAccess - ok
16:14:35.0796 3652 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:14:35.0796 3652 RemoteRegistry - ok
16:14:35.0828 3652 [ D85E3FA9F5B1F29BB4ED185C450D1470 ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
16:14:35.0828 3652 rimmptsk - ok
16:14:35.0859 3652 [ DB8EB01C58C9FADA00C70B1775278AE0 ] rimsptsk C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
16:14:35.0859 3652 rimsptsk - ok
16:14:35.0875 3652 [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
16:14:35.0875 3652 rismxdp - ok
16:14:35.0890 3652 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
16:14:35.0890 3652 RpcLocator - ok
16:14:35.0921 3652 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
16:14:35.0921 3652 RpcSs - ok
16:14:35.0953 3652 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:14:35.0953 3652 RSVP - ok
16:14:35.0968 3652 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
16:14:35.0968 3652 SamSs - ok
16:14:36.0015 3652 [ 201C4CA2BEB6152B0238DEA13F9EE85D ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2009.SP3c\RpcAgentSrv.exe
16:14:36.0015 3652 SandraAgentSrv - ok
16:14:36.0031 3652 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:14:36.0031 3652 SCardSvr - ok
16:14:36.0062 3652 [ 20B2751CD4C8F3FD989739CA661B9F30 ] SCDEmu C:\WINDOWS\system32\drivers\SCDEmu.sys
16:14:36.0078 3652 SCDEmu - ok
16:14:36.0109 3652 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:14:36.0109 3652 Schedule - ok
16:14:36.0140 3652 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
16:14:36.0140 3652 sdbus - ok
16:14:36.0156 3652 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:14:36.0156 3652 Secdrv - ok
16:14:36.0171 3652 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
16:14:36.0171 3652 seclogon - ok
16:14:36.0171 3652 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
16:14:36.0187 3652 SENS - ok
16:14:36.0203 3652 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
16:14:36.0203 3652 Serial - ok
16:14:36.0250 3652 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
16:14:36.0265 3652 sffdisk - ok
16:14:36.0265 3652 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
16:14:36.0265 3652 sffp_sd - ok
16:14:36.0296 3652 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:14:36.0296 3652 Sfloppy - ok
16:14:36.0328 3652 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:14:36.0343 3652 SharedAccess - ok
16:14:36.0359 3652 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:14:36.0375 3652 ShellHWDetection - ok
16:14:36.0375 3652 Simbad - ok
16:14:36.0421 3652 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:14:36.0421 3652 SLIP - ok
16:14:36.0437 3652 Sparrow - ok
16:14:36.0500 3652 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:14:36.0500 3652 splitter - ok
16:14:36.0531 3652 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:14:36.0531 3652 Spooler - ok
16:14:36.0562 3652 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:14:36.0562 3652 sr - ok
16:14:36.0562 3652 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
16:14:36.0578 3652 srservice - ok
16:14:36.0609 3652 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:14:36.0625 3652 Srv - ok
16:14:36.0656 3652 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:14:36.0656 3652 SSDPSRV - ok
16:14:36.0750 3652 [ 951801DFB54D86F611F0AF47825476F9 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
16:14:36.0765 3652 STHDA - ok
16:14:36.0812 3652 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:14:36.0828 3652 stisvc - ok
16:14:36.0843 3652 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:14:36.0843 3652 streamip - ok
16:14:36.0859 3652 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:14:36.0859 3652 swenum - ok
16:14:36.0875 3652 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:14:36.0890 3652 swmidi - ok
16:14:36.0890 3652 SwPrv - ok
16:14:36.0906 3652 symc810 - ok
16:14:36.0906 3652 symc8xx - ok
16:14:36.0921 3652 sym_hi - ok
16:14:36.0921 3652 sym_u3 - ok
16:14:36.0968 3652 [ FA2DAA32BED908023272A0F77D625DAE ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
16:14:36.0968 3652 SynTP - ok
16:14:36.0984 3652 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:14:36.0984 3652 sysaudio - ok
16:14:37.0015 3652 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:14:37.0015 3652 SysmonLog - ok
16:14:37.0046 3652 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:14:37.0046 3652 TapiSrv - ok
16:14:37.0093 3652 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:14:37.0109 3652 Tcpip - ok
16:14:37.0140 3652 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:14:37.0140 3652 TDPIPE - ok
16:14:37.0156 3652 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:14:37.0156 3652 TDTCP - ok
16:14:37.0171 3652 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:14:37.0187 3652 TermDD - ok
16:14:37.0218 3652 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
16:14:37.0218 3652 TermService - ok
16:14:37.0250 3652 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
16:14:37.0250 3652 Themes - ok
16:14:37.0281 3652 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
16:14:37.0281 3652 TlntSvr - ok
16:14:37.0296 3652 TosIde - ok
16:14:37.0296 3652 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:14:37.0312 3652 TrkWks - ok
16:14:37.0343 3652 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:14:37.0359 3652 Udfs - ok
16:14:37.0359 3652 ultra - ok
16:14:37.0406 3652 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:14:37.0421 3652 Update - ok
16:14:37.0468 3652 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:14:37.0468 3652 upnphost - ok
16:14:37.0515 3652 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
16:14:37.0515 3652 UPS - ok
16:14:37.0578 3652 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
16:14:37.0578 3652 usbaudio - ok
16:14:37.0609 3652 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:14:37.0609 3652 usbccgp - ok
16:14:37.0656 3652 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:14:37.0656 3652 usbehci - ok
16:14:37.0703 3652 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:14:37.0703 3652 usbhub - ok
16:14:37.0765 3652 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:14:37.0765 3652 usbprint - ok
16:14:37.0812 3652 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:14:37.0812 3652 USBSTOR - ok
16:14:37.0843 3652 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:14:37.0843 3652 usbuhci - ok
16:14:37.0890 3652 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
16:14:37.0906 3652 usbvideo - ok
16:14:37.0906 3652 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:14:37.0906 3652 VgaSave - ok
16:14:37.0906 3652 ViaIde - ok
16:14:37.0953 3652 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:14:37.0953 3652 VolSnap - ok
16:14:37.0984 3652 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
16:14:37.0984 3652 VSS - ok
16:14:38.0015 3652 [ E40C43C2E46DD15219B217429E4838B9 ] vusbbus C:\WINDOWS\system32\DRIVERS\vusbbus.sys
16:14:38.0015 3652 vusbbus - ok
16:14:38.0078 3652 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
16:14:38.0093 3652 W32Time - ok
16:14:38.0109 3652 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:14:38.0125 3652 Wanarp - ok
16:14:38.0125 3652 WDICA - ok
16:14:38.0140 3652 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:14:38.0140 3652 wdmaud - ok
16:14:38.0171 3652 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:14:38.0171 3652 WebClient - ok
16:14:38.0218 3652 [ 74CF3F2E4E40C4A2E18D39D6300A5C24 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
16:14:38.0234 3652 winachsf - ok
16:14:38.0343 3652 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
16:14:38.0343 3652 WinDefend - ok
16:14:38.0406 3652 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:14:38.0406 3652 winmgmt - ok
16:14:38.0421 3652 wltrysvc - ok
16:14:38.0453 3652 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
16:14:38.0468 3652 WmdmPmSN - ok
16:14:38.0500 3652 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
16:14:38.0515 3652 Wmi - ok
16:14:38.0531 3652 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
16:14:38.0531 3652 WmiAcpi - ok
16:14:38.0562 3652 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:14:38.0562 3652 WmiApSrv - ok
16:14:38.0656 3652 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
16:14:38.0671 3652 WMPNetworkSvc - ok
16:14:38.0812 3652 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:14:38.0828 3652 WPFFontCache_v0400 - ok
16:14:38.0859 3652 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
16:14:38.0859 3652 WS2IFSL - ok
16:14:38.0890 3652 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
16:14:38.0890 3652 wscsvc - ok
16:14:38.0953 3652 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:14:38.0953 3652 WSTCODEC - ok
16:14:38.0984 3652 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
16:14:39.0000 3652 wuauserv - ok
16:14:39.0031 3652 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:14:39.0031 3652 WudfPf - ok
16:14:39.0062 3652 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:14:39.0062 3652 WudfRd - ok
16:14:39.0078 3652 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
16:14:39.0093 3652 WudfSvc - ok
16:14:39.0125 3652 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:14:39.0140 3652 WZCSVC - ok
16:14:39.0171 3652 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:14:39.0234 3652 xmlprov - ok
16:14:39.0250 3652 ================ Scan global ===============================
16:14:39.0281 3652 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
16:14:39.0343 3652 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:14:39.0359 3652 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:14:39.0406 3652 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
16:14:39.0406 3652 [Global] - ok
16:14:39.0406 3652 ================ Scan MBR ==================================
16:14:39.0421 3652 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
16:14:39.0703 3652 \Device\Harddisk0\DR0 - ok
16:14:39.0703 3652 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR2
16:14:39.0718 3652 \Device\Harddisk1\DR2 - ok
16:14:39.0718 3652 ================ Scan VBR ==================================
16:14:39.0718 3652 [ E4CA18D1A50ED5726E0111551300C4EF ] \Device\Harddisk0\DR0\Partition1
16:14:39.0718 3652 \Device\Harddisk0\DR0\Partition1 - ok
16:14:39.0718 3652 [ E318F8C536440BE671942887DB4CFA05 ] \Device\Harddisk1\DR2\Partition1
16:14:39.0734 3652 \Device\Harddisk1\DR2\Partition1 - ok
16:14:39.0734 3652 ============================================================
16:14:39.0734 3652 Scan finished
16:14:39.0734 3652 ============================================================
16:14:39.0750 3656 Detected object count: 1
16:14:39.0750 3656 Actual detected object count: 1
16:14:52.0046 3656 C:\WINDOWS\system32\DRIVERS\ACPI.sys - copied to quarantine
16:14:53.0609 3656 Backup copy found, using it..
16:14:53.0656 3656 C:\WINDOWS\system32\DRIVERS\ACPI.sys - will be cured on reboot
16:14:53.0656 3656 ACPI ( Virus.Win32.Rloader.a ) - User select action: Cure

aswmbr log:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-29 16:16:20
-----------------------------
16:16:20.468 OS Version: Windows 5.1.2600 Service Pack 3
16:16:20.468 Number of processors: 2 586 0xE08
16:16:20.468 ComputerName: USER-6FBA7964A4 UserName: computer
16:16:21.203 Initialize success
16:24:23.281 AVAST engine defs: 12082901
16:24:26.390 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
16:24:26.390 Disk 0 Vendor: SAMSUNG_HM080II YE100-15 Size: 76319MB BusType: 3
16:24:26.406 Disk 0 MBR read successfully
16:24:26.406 Disk 0 MBR scan
16:24:26.453 Disk 0 Windows XP default MBR code
16:24:26.453 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63
16:24:26.468 Disk 0 scanning sectors +156280320
16:24:26.546 Disk 0 scanning C:\WINDOWS\system32\drivers
16:24:37.046 Service scanning
16:24:37.781 Service ACPI C:\WINDOWS\system32\drivers\tsk2.tmp **LOCKED** 32
16:24:54.156 Modules scanning
16:24:58.812 Disk 0 trace - called modules:
16:24:58.828 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys >>UNKNOWN [0x8a920709]<<
16:24:58.828 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ab85ab8]
16:24:58.828 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\00000070[0x8aad3030]
16:24:58.828 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8ab87940]
16:24:59.406 AVAST engine scan C:\WINDOWS
16:25:06.140 AVAST engine scan C:\WINDOWS\system32
16:28:39.140 AVAST engine scan C:\WINDOWS\system32\drivers
16:28:55.906 AVAST engine scan C:\Documents and Settings\computer
16:44:22.531 AVAST engine scan C:\Documents and Settings\All Users
16:46:01.937 Scan finished successfully
16:46:54.687 Disk 0 MBR has been saved successfully to "F:\New Folder\MBR.dat"
16:46:54.703 The log file has been saved successfully to "F:\New Folder\aswMBR.txt"



eset log:
C:\TDSSKiller_Quarantine\29.08.2012_16.14.20\rtkt0000\svc0000\tsk0000.dta Win32/Simda.M.Gen trojan deleted - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:29 PM

Posted 29 August 2012 - 09:04 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users