Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Backdoor.Bot


  • Please log in to reply
9 replies to this topic

#1 Wolverine 7

Wolverine 7

  • Members
  • 746 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bournemouth,UK
  • Local time:06:36 PM

Posted 07 September 2012 - 12:30 PM

Hello,after 6 mths of trouble free computing malwarebytes
in safe mode just found
C:\WINDOWS\system32\DLL32.DLL (Backdoor.Bot)
prior to this vipre,hitman pro and tds killer had found nothing
Removed it wth mwb
system seems ok and i cant imagine how it got in
is it possible to check if ime clean,i understand
this virus can be anything from a false pos. to a bad
security threat

Running win xp sp3
Thanks

Edited by Wolverine 7, 07 September 2012 - 12:32 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:36 PM

Posted 07 September 2012 - 12:31 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Wolverine 7

Wolverine 7
  • Topic Starter

  • Members
  • 746 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bournemouth,UK
  • Local time:06:36 PM

Posted 08 September 2012 - 12:00 AM

Hi narenxp,
thanks for your time and assistance,very much appreciated
Here are logs as requested,eset found loads of stuff in my
external drive that is quite old?(v careful what i download these days)
will await your instructions

Eset log

I:\Application resource\Alcohol52_FE_2.0.2.3931.exe a variant of Win32/InstallCore.R application
I:\backup 2011-05-07 20-38\Documents and Settings\Administrator\My Documents\8890.exe multiple threats
I:\backup 2011-05-07 20-38\Documents and Settings\Administrator\My Documents\Downloads\gamebooster.exe a variant of Win32/Toolbar.Widgi application
I:\backup 2011-05-07 20-38\Documents and Settings\Administrator\My Documents\Downloads\speedingupmypc_setup.exe a variant of Win32/Adware.SpeedingUpMyPC application
I:\backup 2011-05-07 20-38\Documents and Settings\Administrator\My Documents\Downloads\xptcprep.exe Win32/Toolbar.Zugo application
I:\Downloads\SweetImSetup.exe a variant of Win32/SweetIM.B application
I:\Downloads\unlocker1.9.0.exe Win32/Adware.ADON application
I:\Downloads\xptcprep.exe Win32/Toolbar.Zugo application
I:\Downloads F\xptcprep.exe Win32/Toolbar.Zugo application

Avast mbr log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-08 05:30:36
-----------------------------
05:30:36.750 OS Version: Windows 5.1.2600 Service Pack 3
05:30:36.750 Number of processors: 1 586 0x2402
05:30:36.750 ComputerName: OWNER-A309EFCAC UserName: Owner
05:30:41.578 Initialize success
05:33:42.984 AVAST engine defs: 12090701
05:33:54.328 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
05:33:54.343 Disk 0 Vendor: ST950212A 3.05 Size: 47701MB BusType: 3
05:33:54.375 Disk 0 MBR read successfully
05:33:54.375 Disk 0 MBR scan
05:33:54.484 Disk 0 Windows XP default MBR code
05:33:54.500 Disk 0 Partition - 00 05 Extended 4094 MB offset 16065
05:33:54.515 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 43590 MB offset 8401995
05:33:54.546 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 4094 MB offset 16128
05:33:54.562 Disk 0 scanning sectors +97675200
05:33:54.750 Disk 0 scanning C:\WINDOWS\system32\drivers
05:34:26.937 Service scanning
05:35:00.343 Modules scanning
05:35:29.171 Disk 0 trace - called modules:
05:35:29.187 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys videX32.sys PCIIDEX.SYS
05:35:29.187 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84d9c030]
05:35:29.187 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\00000070[0x84da1f18]
05:35:29.203 5 ACPI.sys[f735e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x84da3398]
05:35:30.578 AVAST engine scan C:\WINDOWS
05:35:49.281 AVAST engine scan C:\WINDOWS\system32
05:42:10.828 AVAST engine scan C:\WINDOWS\system32\drivers
05:42:30.859 AVAST engine scan C:\Documents and Settings\Owner
05:46:22.484 AVAST engine scan C:\Documents and Settings\All Users
05:47:13.546 Scan finished successfully
05:48:18.078 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat"
05:48:18.093 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR.txt

TDS K Log

05:28:18.0218 0640 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
05:28:20.0250 0640 ============================================================
05:28:20.0250 0640 Current date / time: 2012/09/08 05:28:20.0250
05:28:20.0250 0640 SystemInfo:
05:28:20.0250 0640
05:28:20.0250 0640 OS Version: 5.1.2600 ServicePack: 3.0
05:28:20.0250 0640 Product type: Workstation
05:28:20.0250 0640 ComputerName: OWNER-A309EFCAC
05:28:20.0250 0640 UserName: Owner
05:28:20.0250 0640 Windows directory: C:\WINDOWS
05:28:20.0250 0640 System windows directory: C:\WINDOWS
05:28:20.0250 0640 Processor architecture: Intel x86
05:28:20.0250 0640 Number of processors: 1
05:28:20.0250 0640 Page size: 0x1000
05:28:20.0250 0640 Boot type: Normal boot
05:28:20.0250 0640 ============================================================
05:28:25.0421 0640 Drive \Device\Harddisk0\DR0 - Size: 0xBA5541C00 (46.58 Gb), SectorSize: 0x200, Cylinders: 0x17C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
05:28:25.0515 0640 Drive \Device\Harddisk1\DR3 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
05:28:25.0906 0640 Drive \Device\Harddisk2\DR4 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
05:28:26.0187 0640 ============================================================
05:28:26.0187 0640 \Device\Harddisk0\DR0:
05:28:26.0203 0640 MBR partitions:
05:28:26.0218 0640 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x7FF54B
05:28:26.0218 0640 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x80344B, BlocksNum 0x5523375
05:28:26.0218 0640 \Device\Harddisk1\DR3:
05:28:26.0218 0640 MBR partitions:
05:28:26.0218 0640 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A84000
05:28:26.0218 0640 \Device\Harddisk2\DR4:
05:28:26.0218 0640 MBR partitions:
05:28:26.0218 0640 \Device\Harddisk2\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93800
05:28:26.0218 0640 ============================================================
05:28:26.0265 0640 D: <-> \Device\Harddisk0\DR0\Partition1
05:28:26.0312 0640 C: <-> \Device\Harddisk0\DR0\Partition2
05:28:26.0656 0640 H: <-> \Device\Harddisk2\DR4\Partition1
05:28:26.0828 0640 I: <-> \Device\Harddisk1\DR3\Partition1
05:28:26.0828 0640 ============================================================
05:28:26.0828 0640 Initialize success
05:28:26.0828 0640 ============================================================
05:28:52.0296 1828 ============================================================
05:28:52.0296 1828 Scan started
05:28:52.0296 1828 Mode: Manual; TDLFS;
05:28:52.0296 1828 ============================================================
05:28:54.0796 1828 ================ Scan system memory ========================
05:28:54.0796 1828 System memory - ok
05:28:54.0796 1828 ================ Scan services =============================
05:28:55.0046 1828 Abiosdsk - ok
05:28:55.0062 1828 abp480n5 - ok
05:28:55.0109 1828 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
05:28:55.0140 1828 ACPI - ok
05:28:55.0156 1828 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
05:28:55.0187 1828 ACPIEC - ok
05:28:55.0281 1828 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
05:28:55.0312 1828 AdobeFlashPlayerUpdateSvc - ok
05:28:55.0328 1828 adpu160m - ok
05:28:55.0375 1828 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
05:28:55.0406 1828 aec - ok
05:28:55.0468 1828 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
05:28:55.0484 1828 AFD - ok
05:28:55.0500 1828 Aha154x - ok
05:28:55.0500 1828 aic78u2 - ok
05:28:55.0515 1828 aic78xx - ok
05:28:55.0828 1828 [ DD8520280304B6145A6BE31008748C7C ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
05:28:56.0187 1828 ALCXWDM - ok
05:28:56.0250 1828 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
05:28:56.0265 1828 Alerter - ok
05:28:56.0296 1828 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
05:28:56.0296 1828 ALG - ok
05:28:56.0296 1828 AliIde - ok
05:28:56.0343 1828 [ EFBB0956BAED786E137351B5CA272AEF ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
05:28:56.0359 1828 AmdK8 - ok
05:28:56.0375 1828 amsint - ok
05:28:56.0390 1828 AppMgmt - ok
05:28:56.0390 1828 asc - ok
05:28:56.0406 1828 asc3350p - ok
05:28:56.0437 1828 asc3550 - ok
05:28:56.0484 1828 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
05:28:56.0515 1828 AsyncMac - ok
05:28:56.0562 1828 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
05:28:56.0562 1828 atapi - ok
05:28:56.0578 1828 Atdisk - ok
05:28:56.0609 1828 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
05:28:56.0640 1828 Atmarpc - ok
05:28:56.0703 1828 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
05:28:56.0703 1828 AudioSrv - ok
05:28:56.0734 1828 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
05:28:56.0750 1828 audstub - ok
05:28:56.0796 1828 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
05:28:56.0812 1828 Beep - ok
05:28:56.0890 1828 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
05:28:56.0984 1828 BITS - ok
05:28:57.0046 1828 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
05:28:57.0046 1828 Browser - ok
05:28:57.0078 1828 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
05:28:57.0109 1828 cbidf2k - ok
05:28:57.0125 1828 cd20xrnt - ok
05:28:57.0171 1828 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
05:28:57.0187 1828 Cdaudio - ok
05:28:57.0250 1828 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
05:28:57.0265 1828 Cdfs - ok
05:28:57.0328 1828 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
05:28:57.0343 1828 Cdrom - ok
05:28:57.0390 1828 Changer - ok
05:28:57.0421 1828 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
05:28:57.0453 1828 CiSvc - ok
05:28:57.0500 1828 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
05:28:57.0546 1828 ClipSrv - ok
05:28:57.0609 1828 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
05:28:57.0625 1828 CmBatt - ok
05:28:57.0640 1828 CmdIde - ok
05:28:57.0656 1828 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
05:28:57.0687 1828 Compbatt - ok
05:28:57.0703 1828 COMSysApp - ok
05:28:57.0734 1828 Cpqarray - ok
05:28:57.0765 1828 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
05:28:57.0765 1828 CryptSvc - ok
05:28:57.0781 1828 dac2w2k - ok
05:28:57.0796 1828 dac960nt - ok
05:28:57.0843 1828 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
05:28:57.0859 1828 DcomLaunch - ok
05:28:57.0921 1828 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
05:28:57.0921 1828 Dhcp - ok
05:28:57.0968 1828 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
05:28:57.0984 1828 Disk - ok
05:28:58.0015 1828 dmadmin - ok
05:28:58.0171 1828 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
05:28:58.0281 1828 dmboot - ok
05:28:58.0328 1828 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
05:28:58.0390 1828 dmio - ok
05:28:58.0421 1828 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
05:28:58.0453 1828 dmload - ok
05:28:58.0546 1828 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
05:28:58.0546 1828 dmserver - ok
05:28:58.0593 1828 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
05:28:58.0625 1828 DMusic - ok
05:28:58.0703 1828 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
05:28:58.0718 1828 Dnscache - ok
05:28:58.0781 1828 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
05:28:58.0812 1828 Dot3svc - ok
05:28:58.0828 1828 dpti2o - ok
05:28:59.0203 1828 [ FE930D07EAE1D95C89B2916D1C1E8FA0 ] DragonUpdater C:\Program Files\Comodo\Dragon\dragon_updater.exe
05:28:59.0250 1828 DragonUpdater - ok
05:28:59.0281 1828 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
05:28:59.0281 1828 drmkaud - ok
05:28:59.0328 1828 [ 651554E483712B708EDE864D0CA1AA73 ] DrvAgent32 C:\WINDOWS\system32\Drivers\DrvAgent32.sys
05:28:59.0343 1828 DrvAgent32 - ok
05:28:59.0406 1828 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
05:28:59.0437 1828 EapHost - ok
05:28:59.0453 1828 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
05:28:59.0484 1828 ERSvc - ok
05:28:59.0531 1828 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
05:28:59.0531 1828 Eventlog - ok
05:28:59.0593 1828 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
05:28:59.0593 1828 EventSystem - ok
05:28:59.0593 1828 ewusbnet - ok
05:28:59.0609 1828 ew_hwusbdev - ok
05:28:59.0625 1828 ew_usbenumfilter - ok
05:28:59.0687 1828 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
05:28:59.0718 1828 Fastfat - ok
05:28:59.0765 1828 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
05:28:59.0781 1828 FastUserSwitchingCompatibility - ok
05:28:59.0796 1828 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
05:28:59.0828 1828 Fdc - ok
05:28:59.0859 1828 [ EF88FBDBB2C2AB084DCAE4388921C898 ] FET5X86V C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
05:28:59.0875 1828 FET5X86V - ok
05:28:59.0921 1828 [ E9648254056BCE81A85380C0C3647DC4 ] FETNDIS C:\WINDOWS\system32\DRIVERS\fetnd5.sys
05:28:59.0953 1828 FETNDIS - ok
05:28:59.0984 1828 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
05:29:00.0015 1828 Fips - ok
05:29:00.0062 1828 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
05:29:00.0093 1828 Flpydisk - ok
05:29:00.0125 1828 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
05:29:00.0156 1828 FltMgr - ok
05:29:00.0187 1828 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
05:29:00.0203 1828 Fs_Rec - ok
05:29:00.0234 1828 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
05:29:00.0281 1828 Ftdisk - ok
05:29:00.0312 1828 [ 3A74C423CF6BCCA6982715878F450A3B ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
05:29:00.0343 1828 gagp30kx - ok
05:29:00.0390 1828 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
05:29:00.0421 1828 Gpc - ok
05:29:00.0500 1828 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
05:29:00.0515 1828 helpsvc - ok
05:29:00.0531 1828 HidServ - ok
05:29:00.0562 1828 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
05:29:00.0578 1828 hkmsvc - ok
05:29:00.0609 1828 hpn - ok
05:29:00.0656 1828 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
05:29:00.0687 1828 HTTP - ok
05:29:00.0734 1828 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
05:29:00.0765 1828 HTTPFilter - ok
05:29:00.0796 1828 huawei_enumerator - ok
05:29:00.0828 1828 hwdatacard - ok
05:29:00.0859 1828 i2omgmt - ok
05:29:00.0875 1828 i2omp - ok
05:29:00.0890 1828 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
05:29:00.0921 1828 i8042prt - ok
05:29:00.0953 1828 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
05:29:00.0984 1828 Imapi - ok
05:29:01.0062 1828 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
05:29:01.0078 1828 ImapiService - ok
05:29:01.0093 1828 ini910u - ok
05:29:01.0109 1828 IntelIde - ok
05:29:01.0156 1828 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
05:29:01.0187 1828 Ip6Fw - ok
05:29:01.0218 1828 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
05:29:01.0250 1828 IpFilterDriver - ok
05:29:01.0250 1828 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
05:29:01.0265 1828 IpInIp - ok
05:29:01.0312 1828 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
05:29:01.0328 1828 IpNat - ok
05:29:01.0375 1828 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
05:29:01.0406 1828 IPSec - ok
05:29:01.0468 1828 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
05:29:01.0515 1828 IRENUM - ok
05:29:01.0546 1828 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
05:29:01.0562 1828 isapnp - ok
05:29:01.0640 1828 [ C2C1660DDCC9BD67EB98D6D5F91C107F ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
05:29:01.0640 1828 JavaQuickStarterService - ok
05:29:01.0687 1828 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
05:29:01.0703 1828 Kbdclass - ok
05:29:01.0750 1828 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
05:29:01.0765 1828 kmixer - ok
05:29:01.0812 1828 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
05:29:01.0843 1828 KSecDD - ok
05:29:01.0921 1828 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
05:29:01.0921 1828 LanmanServer - ok
05:29:01.0968 1828 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
05:29:01.0968 1828 lanmanworkstation - ok
05:29:01.0984 1828 lbrtfdc - ok
05:29:02.0062 1828 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
05:29:02.0093 1828 LmHosts - ok
05:29:02.0156 1828 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
05:29:02.0187 1828 MBAMProtector - ok
05:29:02.0312 1828 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
05:29:02.0328 1828 MBAMService - ok
05:29:02.0375 1828 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
05:29:02.0390 1828 Messenger - ok
05:29:02.0437 1828 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
05:29:02.0468 1828 mnmdd - ok
05:29:02.0531 1828 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
05:29:02.0562 1828 mnmsrvc - ok
05:29:02.0703 1828 [ 24CFF4697702785872313159EC2434A2 ] Mobile Broadband HL Service C:\Documents and Settings\All Users\Application Data\MobileBrServ\mbbservice.exe
05:29:02.0703 1828 Mobile Broadband HL Service - ok
05:29:02.0734 1828 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
05:29:02.0750 1828 Modem - ok
05:29:02.0781 1828 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
05:29:02.0796 1828 Mouclass - ok
05:29:02.0828 1828 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
05:29:02.0859 1828 MountMgr - ok
05:29:02.0875 1828 mraid35x - ok
05:29:02.0921 1828 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
05:29:02.0953 1828 MRxDAV - ok
05:29:03.0062 1828 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
05:29:03.0140 1828 MRxSmb - ok
05:29:03.0203 1828 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
05:29:03.0203 1828 MSDTC - ok
05:29:03.0250 1828 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
05:29:03.0265 1828 Msfs - ok
05:29:03.0281 1828 MSIServer - ok
05:29:03.0328 1828 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
05:29:03.0359 1828 MSKSSRV - ok
05:29:03.0390 1828 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
05:29:03.0406 1828 MSPCLOCK - ok
05:29:03.0437 1828 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
05:29:03.0468 1828 MSPQM - ok
05:29:03.0515 1828 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
05:29:03.0531 1828 mssmbios - ok
05:29:03.0609 1828 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
05:29:03.0625 1828 Mup - ok
05:29:03.0718 1828 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
05:29:03.0765 1828 napagent - ok
05:29:03.0796 1828 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
05:29:03.0828 1828 NDIS - ok
05:29:03.0875 1828 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
05:29:03.0906 1828 NdisTapi - ok
05:29:03.0937 1828 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
05:29:03.0968 1828 Ndisuio - ok
05:29:04.0031 1828 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
05:29:04.0078 1828 NdisWan - ok
05:29:04.0140 1828 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
05:29:04.0171 1828 NDProxy - ok
05:29:04.0203 1828 Nero BackItUp Scheduler 4.0 - ok
05:29:04.0234 1828 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
05:29:04.0265 1828 NetBIOS - ok
05:29:04.0296 1828 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
05:29:04.0328 1828 NetBT - ok
05:29:04.0375 1828 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
05:29:04.0406 1828 NetDDE - ok
05:29:04.0421 1828 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
05:29:04.0421 1828 NetDDEdsdm - ok
05:29:04.0468 1828 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
05:29:04.0468 1828 Netlogon - ok
05:29:04.0515 1828 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
05:29:04.0515 1828 Netman - ok
05:29:04.0593 1828 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
05:29:04.0593 1828 Nla - ok
05:29:04.0640 1828 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\WINDOWS\system32\drivers\npf.sys
05:29:04.0671 1828 NPF - ok
05:29:04.0718 1828 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
05:29:04.0750 1828 Npfs - ok
05:29:04.0828 1828 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
05:29:04.0906 1828 Ntfs - ok
05:29:04.0937 1828 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
05:29:04.0937 1828 NtLmSsp - ok
05:29:04.0984 1828 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
05:29:05.0078 1828 NtmsSvc - ok
05:29:05.0109 1828 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
05:29:05.0125 1828 Null - ok
05:29:05.0156 1828 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
05:29:05.0203 1828 NwlnkFlt - ok
05:29:05.0234 1828 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
05:29:05.0250 1828 NwlnkFwd - ok
05:29:05.0296 1828 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
05:29:05.0343 1828 Parport - ok
05:29:05.0375 1828 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
05:29:05.0406 1828 PartMgr - ok
05:29:05.0453 1828 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
05:29:05.0468 1828 ParVdm - ok
05:29:05.0515 1828 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
05:29:05.0531 1828 PCI - ok
05:29:05.0562 1828 PCIDump - ok
05:29:05.0578 1828 PCIIde - ok
05:29:05.0625 1828 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
05:29:05.0656 1828 Pcmcia - ok
05:29:05.0656 1828 PDCOMP - ok
05:29:05.0671 1828 PDFRAME - ok
05:29:05.0687 1828 PDRELI - ok
05:29:05.0703 1828 PDRFRAME - ok
05:29:05.0703 1828 perc2 - ok
05:29:05.0718 1828 perc2hib - ok
05:29:05.0781 1828 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
05:29:05.0796 1828 PlugPlay - ok
05:29:05.0796 1828 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
05:29:05.0796 1828 PolicyAgent - ok
05:29:05.0828 1828 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
05:29:05.0843 1828 PptpMiniport - ok
05:29:05.0890 1828 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
05:29:05.0906 1828 Processor - ok
05:29:05.0953 1828 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
05:29:05.0953 1828 ProtectedStorage - ok
05:29:05.0968 1828 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
05:29:06.0000 1828 PSched - ok
05:29:06.0078 1828 [ C8EB36910D3BD582891977E80925E21E ] PSSDK42 C:\WINDOWS\system32\Drivers\pssdk42.sys
05:29:06.0093 1828 PSSDK42 - ok
05:29:06.0125 1828 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
05:29:06.0140 1828 Ptilink - ok
05:29:06.0171 1828 ql1080 - ok
05:29:06.0187 1828 Ql10wnt - ok
05:29:06.0187 1828 ql12160 - ok
05:29:06.0203 1828 ql1240 - ok
05:29:06.0218 1828 ql1280 - ok
05:29:06.0234 1828 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
05:29:06.0265 1828 RasAcd - ok
05:29:06.0312 1828 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
05:29:06.0359 1828 RasAuto - ok
05:29:06.0375 1828 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
05:29:06.0406 1828 Rasl2tp - ok
05:29:06.0453 1828 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
05:29:06.0453 1828 RasMan - ok
05:29:06.0468 1828 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
05:29:06.0484 1828 RasPppoe - ok
05:29:06.0500 1828 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
05:29:06.0531 1828 Raspti - ok
05:29:06.0562 1828 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
05:29:06.0578 1828 Rdbss - ok
05:29:06.0593 1828 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
05:29:06.0625 1828 RDPCDD - ok
05:29:06.0671 1828 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
05:29:06.0703 1828 RDPWD - ok
05:29:06.0750 1828 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
05:29:06.0781 1828 RDSessMgr - ok
05:29:06.0812 1828 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
05:29:06.0843 1828 redbook - ok
05:29:06.0906 1828 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
05:29:06.0921 1828 RemoteAccess - ok
05:29:06.0968 1828 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
05:29:07.0015 1828 rpcapd - ok
05:29:07.0078 1828 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
05:29:07.0109 1828 RpcLocator - ok
05:29:07.0156 1828 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
05:29:07.0171 1828 RpcSs - ok
05:29:07.0203 1828 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
05:29:07.0234 1828 RSVP - ok
05:29:07.0265 1828 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
05:29:07.0265 1828 SamSs - ok
05:29:07.0562 1828 [ 18530D2F605F1EC48CA20A7B184CCBCC ] SBAMSvc C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
05:29:07.0625 1828 SBAMSvc - ok
05:29:07.0671 1828 [ 62BA65CC0B4A4BD1EAFF5FED6E2B5069 ] sbaphd C:\WINDOWS\system32\drivers\sbaphd.sys
05:29:07.0687 1828 sbaphd - ok
05:29:07.0734 1828 [ 3FFF8CDA4D2F29CA06F1557E85163C30 ] sbapifs C:\WINDOWS\system32\drivers\sbapifs.sys
05:29:07.0765 1828 sbapifs - ok
05:29:07.0781 1828 SBFWIMCLMP - ok
05:29:07.0843 1828 [ 1FBD21895B768CD40E83B86C18E6454F ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
05:29:07.0859 1828 SbieDrv - ok
05:29:07.0890 1828 [ D5D875D6662F30C7FBF5F6879452B12B ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
05:29:07.0890 1828 SbieSvc - ok
05:29:07.0937 1828 [ 2815772894855506E94008CC0E602738 ] SBPIMSvc C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
05:29:07.0937 1828 SBPIMSvc - ok
05:29:07.0968 1828 [ D03A8CCA8BFA82CBF12A87326EBFE258 ] SBRE C:\WINDOWS\system32\drivers\SBREdrv.sys
05:29:08.0000 1828 SBRE - ok
05:29:08.0078 1828 [ 451626248828CD323D2F47300EA77AF5 ] sbtis C:\WINDOWS\system32\drivers\sbtis.sys
05:29:08.0125 1828 sbtis - ok
05:29:08.0171 1828 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
05:29:08.0203 1828 SCardSvr - ok
05:29:08.0265 1828 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
05:29:08.0265 1828 Schedule - ok
05:29:08.0296 1828 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
05:29:08.0328 1828 Secdrv - ok
05:29:08.0375 1828 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
05:29:08.0375 1828 seclogon - ok
05:29:08.0406 1828 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
05:29:08.0406 1828 SENS - ok
05:29:08.0421 1828 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
05:29:08.0437 1828 Serial - ok
05:29:08.0468 1828 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
05:29:08.0500 1828 Sfloppy - ok
05:29:08.0562 1828 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
05:29:08.0562 1828 SharedAccess - ok
05:29:08.0687 1828 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
05:29:08.0687 1828 ShellHWDetection - ok
05:29:08.0687 1828 Simbad - ok
05:29:08.0718 1828 [ 14BB60A4F1C5291217A05D5728C403E6 ] SmartDefragDriver C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
05:29:08.0734 1828 SmartDefragDriver - ok
05:29:08.0750 1828 Sparrow - ok
05:29:08.0796 1828 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
05:29:08.0812 1828 splitter - ok
05:29:08.0875 1828 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
05:29:08.0875 1828 Spooler - ok
05:29:08.0921 1828 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
05:29:08.0937 1828 sr - ok
05:29:08.0984 1828 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
05:29:08.0984 1828 srservice - ok
05:29:09.0046 1828 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
05:29:09.0093 1828 Srv - ok
05:29:09.0156 1828 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
05:29:09.0187 1828 SSDPSRV - ok
05:29:09.0250 1828 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
05:29:09.0312 1828 stisvc - ok
05:29:09.0343 1828 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
05:29:09.0359 1828 swenum - ok
05:29:09.0421 1828 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
05:29:09.0453 1828 swmidi - ok
05:29:09.0484 1828 SwPrv - ok
05:29:09.0500 1828 symc810 - ok
05:29:09.0515 1828 symc8xx - ok
05:29:09.0531 1828 sym_hi - ok
05:29:09.0546 1828 sym_u3 - ok
05:29:09.0578 1828 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
05:29:09.0609 1828 sysaudio - ok
05:29:09.0656 1828 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
05:29:09.0687 1828 SysmonLog - ok
05:29:09.0765 1828 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
05:29:09.0765 1828 TapiSrv - ok
05:29:09.0796 1828 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
05:29:09.0843 1828 Tcpip - ok
05:29:09.0890 1828 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
05:29:09.0921 1828 TDPIPE - ok
05:29:09.0953 1828 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
05:29:09.0968 1828 TDTCP - ok
05:29:10.0015 1828 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
05:29:10.0062 1828 TermDD - ok
05:29:10.0109 1828 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
05:29:10.0125 1828 TermService - ok
05:29:10.0140 1828 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
05:29:10.0156 1828 Themes - ok
05:29:10.0156 1828 TosIde - ok
05:29:10.0187 1828 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
05:29:10.0203 1828 TrkWks - ok
05:29:10.0265 1828 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
05:29:10.0296 1828 Udfs - ok
05:29:10.0296 1828 ultra - ok
05:29:10.0359 1828 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
05:29:10.0406 1828 Update - ok
05:29:10.0468 1828 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
05:29:10.0515 1828 upnphost - ok
05:29:10.0562 1828 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
05:29:10.0578 1828 UPS - ok
05:29:10.0640 1828 [ C18D6C74953621346DF6B0A11F80C1CC ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
05:29:10.0671 1828 usbccgp - ok
05:29:10.0718 1828 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
05:29:10.0750 1828 usbehci - ok
05:29:10.0812 1828 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
05:29:10.0843 1828 usbhub - ok
05:29:10.0890 1828 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
05:29:10.0906 1828 USBSTOR - ok
05:29:10.0921 1828 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
05:29:10.0937 1828 usbuhci - ok
05:29:10.0984 1828 [ B6CC50279D6CD28E090A5D33244ADC9A ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
05:29:11.0000 1828 usb_rndisx - ok
05:29:11.0093 1828 [ 4EE5D94E3AEE7CD9584A46793613E114 ] VBoxNetAdp C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
05:29:11.0125 1828 VBoxNetAdp - ok
05:29:11.0140 1828 VBoxNetFlt - ok
05:29:11.0562 1828 [ BFA4AE30B3AC10E9223830BF103F5A3F ] vcdrom I:\Virtual cd rom cp\VCdRom.sys
05:29:11.0562 1828 vcdrom - ok
05:29:11.0593 1828 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
05:29:11.0625 1828 VgaSave - ok
05:29:11.0687 1828 [ 4B039BBD037B01F5DB5A144C837F283A ] viaagp1 C:\WINDOWS\system32\DRIVERS\viaagp1.sys
05:29:11.0687 1828 viaagp1 - ok
05:29:11.0734 1828 [ E09A01F781C2E7A779000745CE8A365C ] viafilter C:\WINDOWS\System32\Drivers\viausb1.sys
05:29:11.0781 1828 viafilter - ok
05:29:11.0828 1828 [ 87C1FFA6AA3CB8F9DE36A31C59E1ABE2 ] viagfx C:\WINDOWS\system32\DRIVERS\vtmini.sys
05:29:11.0859 1828 viagfx - ok
05:29:11.0875 1828 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
05:29:11.0906 1828 ViaIde - ok
05:29:11.0953 1828 [ C147AFA614B9925479D47CD173329789 ] videX32 C:\WINDOWS\system32\DRIVERS\videX32.sys
05:29:11.0968 1828 videX32 - ok
05:29:11.0968 1828 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
05:29:12.0000 1828 VolSnap - ok
05:29:12.0062 1828 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
05:29:12.0078 1828 VSS - ok
05:29:12.0125 1828 [ C0F55CC0903CFDC819F6D857402B697C ] vulfnths C:\WINDOWS\System32\Drivers\vulfnth.sys
05:29:12.0140 1828 vulfnths - ok
05:29:12.0171 1828 [ 545D98A7F61AF1C7C4AD38B8F333E0B7 ] vulfntrs C:\WINDOWS\System32\Drivers\vulfntr.sys
05:29:12.0203 1828 vulfntrs - ok
05:29:12.0265 1828 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\System32\w32time.dll
05:29:12.0281 1828 W32Time - ok
05:29:12.0296 1828 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
05:29:12.0312 1828 Wanarp - ok
05:29:12.0406 1828 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
05:29:12.0500 1828 Wdf01000 - ok
05:29:12.0531 1828 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
05:29:12.0546 1828 wdmaud - ok
05:29:12.0593 1828 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
05:29:12.0609 1828 WebClient - ok
05:29:12.0687 1828 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
05:29:12.0687 1828 winmgmt - ok
05:29:12.0781 1828 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\System32\mspmsnsv.dll
05:29:12.0812 1828 WmdmPmSN - ok
05:29:12.0859 1828 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
05:29:12.0890 1828 WmiApSrv - ok
05:29:13.0046 1828 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
05:29:13.0156 1828 WMPNetworkSvc - ok
05:29:13.0218 1828 WPFFontCache_v0400 - ok
05:29:13.0296 1828 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
05:29:13.0296 1828 wscsvc - ok
05:29:13.0328 1828 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
05:29:13.0343 1828 wuauserv - ok
05:29:13.0375 1828 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
05:29:13.0406 1828 WudfPf - ok
05:29:13.0437 1828 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
05:29:13.0468 1828 WudfRd - ok
05:29:13.0515 1828 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
05:29:13.0531 1828 WudfSvc - ok
05:29:13.0625 1828 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
05:29:13.0640 1828 WZCSVC - ok
05:29:13.0703 1828 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
05:29:13.0734 1828 xmlprov - ok
05:29:13.0765 1828 ================ Scan global ===============================
05:29:13.0812 1828 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
05:29:13.0937 1828 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
05:29:14.0078 1828 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
05:29:14.0093 1828 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
05:29:14.0109 1828 [Global] - ok
05:29:14.0109 1828 ================ Scan MBR ==================================
05:29:14.0125 1828 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
05:29:14.0687 1828 \Device\Harddisk0\DR0 - ok
05:29:15.0078 1828 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR3
05:29:16.0250 1828 \Device\Harddisk1\DR3 - ok
05:29:16.0531 1828 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR4
05:29:17.0812 1828 \Device\Harddisk2\DR4 - ok
05:29:17.0812 1828 ================ Scan VBR ==================================
05:29:17.0828 1828 [ 2E1CAEA1C0E52323C89586F0CBAB39BF ] \Device\Harddisk0\DR0\Partition1
05:29:17.0828 1828 \Device\Harddisk0\DR0\Partition1 - ok
05:29:17.0843 1828 [ 8AD9FB3DD84089DFE44B56F84BBAA03F ] \Device\Harddisk0\DR0\Partition2
05:29:17.0843 1828 \Device\Harddisk0\DR0\Partition2 - ok
05:29:17.0843 1828 [ 90F9E872FA0539D00A3BD01331E22F9D ] \Device\Harddisk1\DR3\Partition1
05:29:17.0859 1828 \Device\Harddisk1\DR3\Partition1 - ok
05:29:17.0890 1828 [ 11ED96CE26B3FB82E3986934EA8CB3D6 ] \Device\Harddisk2\DR4\Partition1
05:29:17.0890 1828 \Device\Harddisk2\DR4\Partition1 - ok
05:29:17.0890 1828 ============================================================
05:29:17.0890 1828 Scan finished
05:29:17.0890 1828 ============================================================
05:29:17.0906 3292 Detected object count: 0
05:29:17.0906 3292 Actual detected object count: 0
05:29:24.0046 3560 ============================================================
05:29:24.0046 3560 Scan started
05:29:24.0046 3560 Mode: Manual; TDLFS;
05:29:24.0046 3560 ============================================================
05:29:25.0203 3560 ================ Scan system memory ========================
05:29:25.0203 3560 System memory - ok
05:29:25.0203 3560 ================ Scan services =============================
05:29:25.0343 3560 Abiosdsk - ok
05:29:25.0359 3560 abp480n5 - ok
05:29:25.0406 3560 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
05:29:25.0421 3560 ACPI - ok
05:29:25.0453 3560 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
05:29:25.0453 3560 ACPIEC - ok
05:29:25.0531 3560 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
05:29:25.0546 3560 AdobeFlashPlayerUpdateSvc - ok
05:29:25.0562 3560 adpu160m - ok
05:29:25.0609 3560 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
05:29:25.0609 3560 aec - ok
05:29:25.0656 3560 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
05:29:25.0656 3560 AFD - ok
05:29:25.0671 3560 Aha154x - ok
05:29:25.0687 3560 aic78u2 - ok
05:29:25.0703 3560 aic78xx - ok
05:29:26.0000 3560 [ DD8520280304B6145A6BE31008748C7C ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
05:29:26.0046 3560 ALCXWDM - ok
05:29:26.0093 3560 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
05:29:26.0093 3560 Alerter - ok
05:29:26.0109 3560 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
05:29:26.0125 3560 ALG - ok
05:29:26.0125 3560 AliIde - ok
05:29:26.0187 3560 [ EFBB0956BAED786E137351B5CA272AEF ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
05:29:26.0187 3560 AmdK8 - ok
05:29:26.0187 3560 amsint - ok
05:29:26.0203 3560 AppMgmt - ok
05:29:26.0218 3560 asc - ok
05:29:26.0234 3560 asc3350p - ok
05:29:26.0234 3560 asc3550 - ok
05:29:26.0281 3560 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
05:29:26.0281 3560 AsyncMac - ok
05:29:26.0328 3560 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
05:29:26.0328 3560 atapi - ok
05:29:26.0343 3560 Atdisk - ok
05:29:26.0375 3560 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
05:29:26.0375 3560 Atmarpc - ok
05:29:26.0406 3560 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
05:29:26.0406 3560 AudioSrv - ok
05:29:26.0468 3560 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
05:29:26.0468 3560 audstub - ok
05:29:26.0515 3560 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
05:29:26.0515 3560 Beep - ok
05:29:26.0578 3560 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
05:29:26.0578 3560 BITS - ok
05:29:26.0625 3560 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
05:29:26.0625 3560 Browser - ok
05:29:26.0656 3560 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
05:29:26.0671 3560 cbidf2k - ok
05:29:26.0671 3560 cd20xrnt - ok
05:29:26.0718 3560 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
05:29:26.0718 3560 Cdaudio - ok
05:29:26.0750 3560 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
05:29:26.0750 3560 Cdfs - ok
05:29:26.0796 3560 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
05:29:26.0796 3560 Cdrom - ok
05:29:26.0812 3560 Changer - ok
05:29:26.0843 3560 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
05:29:26.0843 3560 CiSvc - ok
05:29:26.0875 3560 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
05:29:26.0875 3560 ClipSrv - ok
05:29:26.0906 3560 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
05:29:26.0906 3560 CmBatt - ok
05:29:26.0921 3560 CmdIde - ok
05:29:26.0937 3560 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
05:29:26.0937 3560 Compbatt - ok
05:29:26.0953 3560 COMSysApp - ok
05:29:26.0984 3560 Cpqarray - ok
05:29:27.0015 3560 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
05:29:27.0046 3560 CryptSvc - ok
05:29:27.0062 3560 dac2w2k - ok
05:29:27.0062 3560 dac960nt - ok
05:29:27.0125 3560 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
05:29:27.0125 3560 DcomLaunch - ok
05:29:27.0140 3560 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
05:29:27.0156 3560 Dhcp - ok
05:29:27.0171 3560 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
05:29:27.0171 3560 Disk - ok
05:29:27.0187 3560 dmadmin - ok
05:29:27.0296 3560 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
05:29:27.0312 3560 dmboot - ok
05:29:27.0343 3560 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
05:29:27.0343 3560 dmio - ok
05:29:27.0390 3560 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
05:29:27.0390 3560 dmload - ok
05:29:27.0421 3560 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
05:29:27.0421 3560 dmserver - ok
05:29:27.0468 3560 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
05:29:27.0468 3560 DMusic - ok
05:29:27.0515 3560 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
05:29:27.0515 3560 Dnscache - ok
05:29:27.0546 3560 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
05:29:27.0562 3560 Dot3svc - ok
05:29:27.0562 3560 dpti2o - ok
05:29:27.0937 3560 [ FE930D07EAE1D95C89B2916D1C1E8FA0 ] DragonUpdater C:\Program Files\Comodo\Dragon\dragon_updater.exe
05:29:27.0953 3560 DragonUpdater - ok
05:29:28.0000 3560 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
05:29:28.0000 3560 drmkaud - ok
05:29:28.0046 3560 [ 651554E483712B708EDE864D0CA1AA73 ] DrvAgent32 C:\WINDOWS\system32\Drivers\DrvAgent32.sys
05:29:28.0046 3560 DrvAgent32 - ok
05:29:28.0093 3560 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
05:29:28.0093 3560 EapHost - ok
05:29:28.0125 3560 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
05:29:28.0125 3560 ERSvc - ok
05:29:28.0171 3560 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
05:29:28.0171 3560 Eventlog - ok
05:29:28.0218 3560 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
05:29:28.0234 3560 EventSystem - ok
05:29:28.0250 3560 ewusbnet - ok
05:29:28.0265 3560 ew_hwusbdev - ok
05:29:28.0281 3560 ew_usbenumfilter - ok
05:29:28.0328 3560 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
05:29:28.0328 3560 Fastfat - ok
05:29:28.0390 3560 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
05:29:28.0390 3560 FastUserSwitchingCompatibility - ok
05:29:28.0437 3560 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
05:29:28.0437 3560 Fdc - ok
05:29:28.0484 3560 [ EF88FBDBB2C2AB084DCAE4388921C898 ] FET5X86V C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
05:29:28.0484 3560 FET5X86V - ok
05:29:28.0531 3560 [ E9648254056BCE81A85380C0C3647DC4 ] FETNDIS C:\WINDOWS\system32\DRIVERS\fetnd5.sys
05:29:28.0531 3560 FETNDIS - ok
05:29:28.0578 3560 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
05:29:28.0593 3560 Fips - ok
05:29:28.0609 3560 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
05:29:28.0609 3560 Flpydisk - ok
05:29:28.0656 3560 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
05:29:28.0656 3560 FltMgr - ok
05:29:28.0671 3560 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
05:29:28.0671 3560 Fs_Rec - ok
05:29:28.0703 3560 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
05:29:28.0703 3560 Ftdisk - ok
05:29:28.0718 3560 [ 3A74C423CF6BCCA6982715878F450A3B ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
05:29:28.0734 3560 gagp30kx - ok
05:29:28.0781 3560 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
05:29:28.0781 3560 Gpc - ok
05:29:28.0953 3560 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
05:29:28.0953 3560 helpsvc - ok
05:29:28.0968 3560 HidServ - ok
05:29:29.0000 3560 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
05:29:29.0000 3560 hkmsvc - ok
05:29:29.0015 3560 hpn - ok
05:29:29.0078 3560 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
05:29:29.0078 3560 HTTP - ok
05:29:29.0125 3560 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
05:29:29.0125 3560 HTTPFilter - ok
05:29:29.0125 3560 huawei_enumerator - ok
05:29:29.0156 3560 hwdatacard - ok
05:29:29.0187 3560 i2omgmt - ok
05:29:29.0187 3560 i2omp - ok
05:29:29.0218 3560 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
05:29:29.0218 3560 i8042prt - ok
05:29:29.0250 3560 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
05:29:29.0250 3560 Imapi - ok
05:29:29.0312 3560 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
05:29:29.0312 3560 ImapiService - ok
05:29:29.0328 3560 ini910u - ok
05:29:29.0343 3560 IntelIde - ok
05:29:29.0406 3560 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
05:29:29.0406 3560 Ip6Fw - ok
05:29:29.0437 3560 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
05:29:29.0437 3560 IpFilterDriver - ok
05:29:29.0453 3560 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
05:29:29.0453 3560 IpInIp - ok
05:29:29.0500 3560 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
05:29:29.0500 3560 IpNat - ok
05:29:29.0546 3560 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
05:29:29.0546 3560 IPSec - ok
05:29:29.0578 3560 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
05:29:29.0578 3560 IRENUM - ok
05:29:29.0625 3560 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
05:29:29.0625 3560 isapnp - ok
05:29:29.0703 3560 [ C2C1660DDCC9BD67EB98D6D5F91C107F ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
05:29:29.0703 3560 JavaQuickStarterService - ok
05:29:29.0750 3560 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
05:29:29.0750 3560 Kbdclass - ok
05:29:29.0765 3560 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
05:29:29.0781 3560 kmixer - ok
05:29:29.0812 3560 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
05:29:29.0812 3560 KSecDD - ok
05:29:29.0859 3560 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
05:29:29.0859 3560 LanmanServer - ok
05:29:29.0906 3560 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
05:29:29.0906 3560 lanmanworkstation - ok
05:29:29.0921 3560 lbrtfdc - ok
05:29:29.0984 3560 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
05:29:29.0984 3560 LmHosts - ok
05:29:30.0031 3560 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
05:29:30.0031 3560 MBAMProtector - ok
05:29:30.0140 3560 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
05:29:30.0156 3560 MBAMService - ok
05:29:30.0187 3560 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
05:29:30.0187 3560 Messenger - ok
05:29:30.0234 3560 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
05:29:30.0234 3560 mnmdd - ok
05:29:30.0281 3560 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
05:29:30.0281 3560 mnmsrvc - ok
05:29:30.0390 3560 [ 24CFF4697702785872313159EC2434A2 ] Mobile Broadband HL Service C:\Documents and Settings\All Users\Application Data\MobileBrServ\mbbservice.exe
05:29:30.0390 3560 Mobile Broadband HL Service - ok
05:29:30.0421 3560 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
05:29:30.0421 3560 Modem - ok
05:29:30.0453 3560 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
05:29:30.0453 3560 Mouclass - ok
05:29:30.0468 3560 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
05:29:30.0484 3560 MountMgr - ok
05:29:30.0500 3560 mraid35x - ok
05:29:30.0531 3560 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
05:29:30.0531 3560 MRxDAV - ok
05:29:30.0593 3560 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
05:29:30.0593 3560 MRxSmb - ok
05:29:30.0656 3560 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
05:29:30.0656 3560 MSDTC - ok
05:29:30.0703 3560 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
05:29:30.0703 3560 Msfs - ok
05:29:30.0718 3560 MSIServer - ok
05:29:30.0750 3560 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
05:29:30.0765 3560 MSKSSRV - ok
05:29:30.0781 3560 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
05:29:30.0781 3560 MSPCLOCK - ok
05:29:30.0796 3560 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
05:29:30.0796 3560 MSPQM - ok
05:29:30.0828 3560 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
05:29:30.0828 3560 mssmbios - ok
05:29:30.0875 3560 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
05:29:30.0875 3560 Mup - ok
05:29:30.0937 3560 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
05:29:30.0937 3560 napagent - ok
05:29:30.0984 3560 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
05:29:30.0984 3560 NDIS - ok
05:29:31.0015 3560 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
05:29:31.0046 3560 NdisTapi - ok
05:29:31.0078 3560 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
05:29:31.0078 3560 Ndisuio - ok
05:29:31.0125 3560 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
05:29:31.0125 3560 NdisWan - ok
05:29:31.0171 3560 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
05:29:31.0171 3560 NDProxy - ok
05:29:31.0203 3560 Nero BackItUp Scheduler 4.0 - ok
05:29:31.0218 3560 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
05:29:31.0218 3560 NetBIOS - ok
05:29:31.0250 3560 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
05:29:31.0250 3560 NetBT - ok
05:29:31.0296 3560 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
05:29:31.0296 3560 NetDDE - ok
05:29:31.0312 3560 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
05:29:31.0328 3560 NetDDEdsdm - ok
05:29:31.0359 3560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
05:29:31.0359 3560 Netlogon - ok
05:29:31.0390 3560 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
05:29:31.0390 3560 Netman - ok
05:29:31.0453 3560 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
05:29:31.0453 3560 Nla - ok
05:29:31.0500 3560 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\WINDOWS\system32\drivers\npf.sys
05:29:31.0500 3560 NPF - ok
05:29:31.0546 3560 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
05:29:31.0546 3560 Npfs - ok
05:29:31.0609 3560 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
05:29:31.0609 3560 Ntfs - ok
05:29:31.0625 3560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
05:29:31.0625 3560 NtLmSsp - ok
05:29:31.0687 3560 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
05:29:31.0687 3560 NtmsSvc - ok
05:29:31.0718 3560 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
05:29:31.0718 3560 Null - ok
05:29:31.0765 3560 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
05:29:31.0765 3560 NwlnkFlt - ok
05:29:31.0781 3560 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
05:29:31.0781 3560 NwlnkFwd - ok
05:29:31.0828 3560 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
05:29:31.0828 3560 Parport - ok
05:29:31.0859 3560 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
05:29:31.0859 3560 PartMgr - ok
05:29:31.0890 3560 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
05:29:31.0890 3560 ParVdm - ok
05:29:31.0906 3560 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
05:29:31.0906 3560 PCI - ok
05:29:31.0921 3560 PCIDump - ok
05:29:31.0937 3560 PCIIde - ok
05:29:31.0984 3560 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
05:29:31.0984 3560 Pcmcia - ok
05:29:32.0000 3560 PDCOMP - ok
05:29:32.0000 3560 PDFRAME - ok
05:29:32.0015 3560 PDRELI - ok
05:29:32.0046 3560 PDRFRAME - ok
05:29:32.0062 3560 perc2 - ok
05:29:32.0062 3560 perc2hib - ok
05:29:32.0125 3560 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
05:29:32.0125 3560 PlugPlay - ok
05:29:32.0140 3560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
05:29:32.0140 3560 PolicyAgent - ok
05:29:32.0171 3560 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
05:29:32.0171 3560 PptpMiniport - ok
05:29:32.0218 3560 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
05:29:32.0218 3560 Processor - ok
05:29:32.0250 3560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
05:29:32.0250 3560 ProtectedStorage - ok
05:29:32.0281 3560 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
05:29:32.0281 3560 PSched - ok
05:29:32.0328 3560 [ C8EB36910D3BD582891977E80925E21E ] PSSDK42 C:\WINDOWS\system32\Drivers\pssdk42.sys
05:29:32.0328 3560 PSSDK42 - ok
05:29:32.0359 3560 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
05:29:32.0359 3560 Ptilink - ok
05:29:32.0375 3560 ql1080 - ok
05:29:32.0375 3560 Ql10wnt - ok
05:29:32.0390 3560 ql12160 - ok
05:29:32.0406 3560 ql1240 - ok
05:29:32.0421 3560 ql1280 - ok
05:29:32.0437 3560 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
05:29:32.0437 3560 RasAcd - ok
05:29:32.0468 3560 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
05:29:32.0484 3560 RasAuto - ok
05:29:32.0500 3560 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
05:29:32.0500 3560 Rasl2tp - ok
05:29:32.0546 3560 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
05:29:32.0546 3560 RasMan - ok
05:29:32.0562 3560 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
05:29:32.0562 3560 RasPppoe - ok
05:29:32.0578 3560 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
05:29:32.0578 3560 Raspti - ok
05:29:32.0609 3560 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
05:29:32.0609 3560 Rdbss - ok
05:29:32.0640 3560 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
05:29:32.0640 3560 RDPCDD - ok
05:29:32.0687 3560 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
05:29:32.0687 3560 RDPWD - ok
05:29:32.0750 3560 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
05:29:32.0750 3560 RDSessMgr - ok
05:29:32.0781 3560 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
05:29:32.0781 3560 redbook - ok
05:29:32.0828 3560 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
05:29:32.0828 3560 RemoteAccess - ok
05:29:32.0859 3560 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
05:29:32.0875 3560 rpcapd - ok
05:29:32.0906 3560 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
05:29:32.0906 3560 RpcLocator - ok
05:29:32.0953 3560 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
05:29:32.0968 3560 RpcSs - ok
05:29:33.0000 3560 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
05:29:33.0015 3560 RSVP - ok
05:29:33.0046 3560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
05:29:33.0046 3560 SamSs - ok
05:29:33.0312 3560 [ 18530D2F605F1EC48CA20A7B184CCBCC ] SBAMSvc C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
05:29:33.0359 3560 SBAMSvc - ok
05:29:33.0406 3560 [ 62BA65CC0B4A4BD1EAFF5FED6E2B5069 ] sbaphd C:\WINDOWS\system32\drivers\sbaphd.sys
05:29:33.0406 3560 sbaphd - ok
05:29:33.0437 3560 [ 3FFF8CDA4D2F29CA06F1557E85163C30 ] sbapifs C:\WINDOWS\system32\drivers\sbapifs.sys
05:29:33.0437 3560 sbapifs - ok
05:29:33.0453 3560 SBFWIMCLMP - ok
05:29:33.0515 3560 [ 1FBD21895B768CD40E83B86C18E6454F ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
05:29:33.0515 3560 SbieDrv - ok
05:29:33.0531 3560 [ D5D875D6662F30C7FBF5F6879452B12B ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
05:29:33.0546 3560 SbieSvc - ok
05:29:33.0593 3560 [ 2815772894855506E94008CC0E602738 ] SBPIMSvc C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
05:29:33.0593 3560 SBPIMSvc - ok
05:29:33.0640 3560 [ D03A8CCA8BFA82CBF12A87326EBFE258 ] SBRE C:\WINDOWS\system32\drivers\SBREdrv.sys
05:29:33.0640 3560 SBRE - ok
05:29:33.0703 3560 [ 451626248828CD323D2F47300EA77AF5 ] sbtis C:\WINDOWS\system32\drivers\sbtis.sys
05:29:33.0703 3560 sbtis - ok
05:29:33.0750 3560 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
05:29:33.0750 3560 SCardSvr - ok
05:29:33.0796 3560 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
05:29:33.0796 3560 Schedule - ok
05:29:33.0828 3560 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
05:29:33.0843 3560 Secdrv - ok
05:29:33.0890 3560 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
05:29:33.0890 3560 seclogon - ok
05:29:33.0937 3560 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
05:29:33.0937 3560 SENS - ok
05:29:33.0968 3560 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
05:29:33.0968 3560 Serial - ok
05:29:34.0000 3560 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
05:29:34.0000 3560 Sfloppy - ok
05:29:34.0046 3560 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
05:29:34.0046 3560 SharedAccess - ok
05:29:34.0078 3560 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
05:29:34.0078 3560 ShellHWDetection - ok
05:29:34.0093 3560 Simbad - ok
05:29:34.0125 3560 [ 14BB60A4F1C5291217A05D5728C403E6 ] SmartDefragDriver C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
05:29:34.0125 3560 SmartDefragDriver - ok
05:29:34.0140 3560 Sparrow - ok
05:29:34.0187 3560 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
05:29:34.0187 3560 splitter - ok
05:29:34.0218 3560 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
05:29:34.0218 3560 Spooler - ok
05:29:34.0250 3560 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
05:29:34.0250 3560 sr - ok
05:29:34.0281 3560 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
05:29:34.0281 3560 srservice - ok
05:29:34.0343 3560 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
05:29:34.0343 3560 Srv - ok
05:29:34.0390 3560 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
05:29:34.0406 3560 SSDPSRV - ok
05:29:34.0453 3560 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
05:29:34.0453 3560 stisvc - ok
05:29:34.0484 3560 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
05:29:34.0484 3560 swenum - ok
05:29:34.0515 3560 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
05:29:34.0515 3560 swmidi - ok
05:29:34.0531 3560 SwPrv - ok
05:29:34.0546 3560 symc810 - ok
05:29:34.0562 3560 symc8xx - ok
05:29:34.0562 3560 sym_hi - ok
05:29:34.0578 3560 sym_u3 - ok
05:29:34.0609 3560 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
05:29:34.0609 3560 sysaudio - ok
05:29:34.0656 3560 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
05:29:34.0656 3560 SysmonLog - ok
05:29:34.0703 3560 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
05:29:34.0718 3560 TapiSrv - ok
05:29:34.0750 3560 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
05:29:34.0765 3560 Tcpip - ok
05:29:34.0796 3560 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
05:29:34.0796 3560 TDPIPE - ok
05:29:34.0812 3560 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
05:29:34.0812 3560 TDTCP - ok
05:29:34.0859 3560 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
05:29:34.0859 3560 TermDD - ok
05:29:34.0890 3560 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
05:29:34.0906 3560 TermService - ok
05:29:34.0937 3560 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
05:29:34.0937 3560 Themes - ok
05:29:34.0953 3560 TosIde - ok
05:29:34.0968 3560 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
05:29:34.0968 3560 TrkWks - ok
05:29:35.0046 3560 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
05:29:35.0046 3560 Udfs - ok
05:29:35.0062 3560 ultra - ok
05:29:35.0109 3560 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
05:29:35.0109 3560 Update - ok
05:29:35.0171 3560 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
05:29:35.0171 3560 upnphost - ok
05:29:35.0203 3560 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
05:29:35.0203 3560 UPS - ok
05:29:35.0250 3560 [ C18D6C74953621346DF6B0A11F80C1CC ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
05:29:35.0250 3560 usbccgp - ok
05:29:35.0296 3560 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
05:29:35.0296 3560 usbehci - ok
05:29:35.0328 3560 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
05:29:35.0328 3560 usbhub - ok
05:29:35.0375 3560 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
05:29:35.0375 3560 USBSTOR - ok
05:29:35.0406 3560 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
05:29:35.0406 3560 usbuhci - ok
05:29:35.0453 3560 [ B6CC50279D6CD28E090A5D33244ADC9A ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
05:29:35.0453 3560 usb_rndisx - ok
05:29:35.0484 3560 [ 4EE5D94E3AEE7CD9584A46793613E114 ] VBoxNetAdp C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
05:29:35.0500 3560 VBoxNetAdp - ok
05:29:35.0500 3560 VBoxNetFlt - ok
05:29:35.0937 3560 [ BFA4AE30B3AC10E9223830BF103F5A3F ] vcdrom I:\Virtual cd rom cp\VCdRom.sys
05:29:35.0937 3560 vcdrom - ok
05:29:35.0968 3560 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
05:29:35.0968 3560 VgaSave - ok
05:29:36.0015 3560 [ 4B039BBD037B01F5DB5A144C837F283A ] viaagp1 C:\WINDOWS\system32\DRIVERS\viaagp1.sys
05:29:36.0031 3560 viaagp1 - ok
05:29:36.0078 3560 [ E09A01F781C2E7A779000745CE8A365C ] viafilter C:\WINDOWS\System32\Drivers\viausb1.sys
05:29:36.0078 3560 viafilter - ok
05:29:36.0140 3560 [ 87C1FFA6AA3CB8F9DE36A31C59E1ABE2 ] viagfx C:\WINDOWS\system32\DRIVERS\vtmini.sys
05:29:36.0140 3560 viagfx - ok
05:29:36.0156 3560 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
05:29:36.0156 3560 ViaIde - ok
05:29:36.0187 3560 [ C147AFA614B9925479D47CD173329789 ] videX32 C:\WINDOWS\system32\DRIVERS\videX32.sys
05:29:36.0187 3560 videX32 - ok
05:29:36.0203 3560 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
05:29:36.0203 3560 VolSnap - ok
05:29:36.0281 3560 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
05:29:36.0296 3560 VSS - ok
05:29:36.0343 3560 [ C0F55CC0903CFDC819F6D857402B697C ] vulfnths C:\WINDOWS\System32\Drivers\vulfnth.sys
05:29:36.0343 3560 vulfnths - ok
05:29:36.0375 3560 [ 545D98A7F61AF1C7C4AD38B8F333E0B7 ] vulfntrs C:\WINDOWS\System32\Drivers\vulfntr.sys
05:29:36.0375 3560 vulfntrs - ok
05:29:36.0437 3560 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\System32\w32time.dll
05:29:36.0437 3560 W32Time - ok
05:29:36.0468 3560 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
05:29:36.0468 3560 Wanarp - ok
05:29:36.0578 3560 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
05:29:36.0578 3560 Wdf01000 - ok
05:29:36.0625 3560 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
05:29:36.0625 3560 wdmaud - ok
05:29:36.0656 3560 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
05:29:36.0671 3560 WebClient - ok
05:29:36.0734 3560 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
05:29:36.0750 3560 winmgmt - ok
05:29:36.0812 3560 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\System32\mspmsnsv.dll
05:29:36.0812 3560 WmdmPmSN - ok
05:29:36.0875 3560 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
05:29:36.0875 3560 WmiApSrv - ok
05:29:37.0046 3560 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
05:29:37.0062 3560 WMPNetworkSvc - ok
05:29:37.0125 3560 WPFFontCache_v0400 - ok
05:29:37.0187 3560 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
05:29:37.0187 3560 wscsvc - ok
05:29:37.0218 3560 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
05:29:37.0234 3560 wuauserv - ok
05:29:37.0265 3560 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
05:29:37.0281 3560 WudfPf - ok
05:29:37.0296 3560 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
05:29:37.0312 3560 WudfRd - ok
05:29:37.0359 3560 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
05:29:37.0359 3560 WudfSvc - ok
05:29:37.0453 3560 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
05:29:37.0453 3560 WZCSVC - ok
05:29:37.0500 3560 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
05:29:37.0500 3560 xmlprov - ok
05:29:37.0531 3560 ================ Scan global ===============================
05:29:37.0578 3560 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
05:29:37.0640 3560 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
05:29:37.0656 3560 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
05:29:37.0687 3560 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
05:29:37.0687 3560 [Global] - ok
05:29:37.0687 3560 ================ Scan MBR ==================================
05:29:37.0718 3560 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
05:29:38.0187 3560 \Device\Harddisk0\DR0 - ok
05:29:38.0937 3560 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR3
05:29:39.0984 3560 \Device\Harddisk1\DR3 - ok
05:29:40.0281 3560 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR4
05:29:41.0765 3560 \Device\Harddisk2\DR4 - ok
05:29:41.0765 3560 ================ Scan VBR ==================================
05:29:41.0781 3560 [ 2E1CAEA1C0E52323C89586F0CBAB39BF ] \Device\Harddisk0\DR0\Partition1
05:29:41.0781 3560 \Device\Harddisk0\DR0\Partition1 - ok
05:29:41.0812 3560 [ 8AD9FB3DD84089DFE44B56F84BBAA03F ] \Device\Harddisk0\DR0\Partition2
05:29:41.0812 3560 \Device\Harddisk0\DR0\Partition2 - ok
05:29:41.0812 3560 [ 90F9E872FA0539D00A3BD01331E22F9D ] \Device\Harddisk1\DR3\Partition1
05:29:41.0828 3560 \Device\Harddisk1\DR3\Partition1 - ok
05:29:41.0859 3560 [ 11ED96CE26B3FB82E3986934EA8CB3D6 ] \Device\Harddisk2\DR4\Partition1
05:29:41.0859 3560 \Device\Harddisk2\DR4\Partition1 - ok
05:29:41.0875 3560 ============================================================
05:29:41.0875 3560 Scan finished
05:29:41.0875 3560 ============================================================
05:29:41.0875 0664 Detected object count: 0
05:29:41.0875 0664 Actual detected object count: 0
05:29:46.0843 2584 Deinitialize success

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:36 PM

Posted 08 September 2012 - 08:19 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Wolverine 7

Wolverine 7
  • Topic Starter

  • Members
  • 746 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bournemouth,UK
  • Local time:06:36 PM

Posted 08 September 2012 - 05:13 PM

Hi again,thanks again for your help,here are further logs

Farbar Service Scanner Version: 06-08-2012
Ran by Owner (administrator) on 08-09-2012 at 22:25:37
Running from "C:\Documents and Settings\Owner\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) SBFWIMCLMP(10) sbtis(8) Tcpip(4) VBoxNetFlt(11)
0x0A000000050000000100000002000000030000000400000007000000080000000A0000000B00000006000000
IpSec Tag value is correct.

**** End of log ****

MiniToolBox by Farbar Version: 23-07-2012
Ran by Owner (administrator) on 08-09-2012 at 22:23:19
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================




127.0.0.1 localhost

========================= IP Configuration: ================================

Windows Mobile-based Internet Sharing Device = Local Area Connection 7 (Connected)
VIA Rhine II Fast Ethernet Adapter = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=static addr=8.26.56.26 register=PRIMARY
add dns name="Local Area Connection" addr=156.154.70.22 index=2
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection 7"

set address name="Local Area Connection 7" source=dhcp
set dns name="Local Area Connection 7" source=dhcp register=PRIMARY
set wins name="Local Area Connection 7" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : owner-a309efcac Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : NoEthernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : VIA Rhine II Fast Ethernet Adapter Physical Address. . . . . . . . . : 00-40-D0-74-7E-1EEthernet adapter Local Area Connection 7: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Windows Mobile-based Internet Sharing Device #4 Physical Address. . . . . . . . . : 58-2C-80-13-92-63 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.1.100 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 192.168.1.1 192.168.1.1 Lease Obtained. . . . . . . . . . : 08 September 2012 22:13:31 Lease Expires . . . . . . . . . . : 09 September 2012 22:13:31Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 173.194.41.163, 173.194.41.164, 173.194.41.165, 173.194.41.166
173.194.41.167, 173.194.41.168, 173.194.41.169, 173.194.41.174, 173.194.41.160
173.194.41.161, 173.194.41.162

Pinging google.com [173.194.41.163] with 32 bytes of data:Reply from 173.194.41.163: bytes=32 time=268ms TTL=55Reply from 173.194.41.163: bytes=32 time=267ms TTL=55Ping statistics for 173.194.41.163: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 267ms, Maximum = 268ms, Average = 267msServer: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109, 98.139.183.24, 72.30.38.140

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:Reply from 98.138.253.109: bytes=32 time=459ms TTL=45Reply from 98.138.253.109: bytes=32 time=509ms TTL=46Ping statistics for 98.138.253.109: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 459ms, Maximum = 509ms, Average = 484msServer: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:Reply from 208.43.87.2: Destination host unreachable.Reply from 208.43.87.2: Destination host unreachable.Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=64Reply from 127.0.0.1: bytes=32 time<1ms TTL=64Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 40 d0 74 7e 1e ...... VIA Compatable Fast Ethernet Adapter - Packet Scheduler Miniport
0x10004 ...58 2c 80 13 92 63 ...... Windows Mobile-based Internet Sharing Device #4 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.100 192.168.1.100 25
192.168.1.100 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.100 192.168.1.100 25
224.0.0.0 240.0.0.0 192.168.1.100 192.168.1.100 25
255.255.255.255 255.255.255.255 192.168.1.100 10003 1
255.255.255.255 255.255.255.255 192.168.1.100 192.168.1.100 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/08/2012 08:28:59 PM) (Source: COM+) (User: )
Description: The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (09/07/2012 02:50:06 PM) (Source: COM+) (User: )
Description: The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (09/06/2012 05:50:04 AM) (Source: COM+) (User: )
Description: The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (09/05/2012 08:09:51 PM) (Source: COM+) (User: )
Description: The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (09/04/2012 03:26:31 AM) (Source: COM+) (User: )
Description: The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (09/04/2012 01:00:49 AM) (Source: COM+) (User: )
Description: The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (09/03/2012 06:04:56 AM) (Source: COM+) (User: )
Description: The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (09/03/2012 05:33:44 AM) (Source: COM+) (User: )
Description: The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (09/02/2012 03:32:58 AM) (Source: COM+) (User: )
Description: The run-time environment was unable to initialize for transactions required to support transactional components. Make sure that MS-DTC is running. (DtcGetTransactionManagerEx(): hr = 0x8004d01b)

Error: (08/31/2012 04:44:14 PM) (Source: ESENT) (User: )
Description: wuauclt (1196) Unable to write a shadowed header for file C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb. Error -1032.


System errors:
=============
Error: (09/08/2012 10:13:32 PM) (Source: Service Control Manager) (User: )
Description: The Nero BackItUp Scheduler 4.0 service failed to start due to the following error:
%%2

Error: (09/08/2012 10:11:51 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/08/2012 08:44:11 PM) (Source: DCOM) (User: OWNER-A309EFCAC)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error: (09/08/2012 08:44:09 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
AmdK8
Fips
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
sbaphd
sbtis
Tcpip

Error: (09/08/2012 08:44:09 PM) (Source: Service Control Manager) (User: )
Description: The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
%%31

Error: (09/08/2012 08:44:09 PM) (Source: Service Control Manager) (User: )
Description: The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:
%%31

Error: (09/08/2012 08:44:09 PM) (Source: Service Control Manager) (User: )
Description: The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%31

Error: (09/08/2012 08:44:09 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:
%%31

Error: (09/08/2012 08:43:52 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/08/2012 08:29:25 PM) (Source: Service Control Manager) (User: )
Description: The MS Software Shadow Copy Provider service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (09/08/2012 08:28:59 PM) (Source: COM+)(User: )
Description: Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (09/07/2012 02:50:06 PM) (Source: COM+)(User: )
Description: Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (09/06/2012 05:50:04 AM) (Source: COM+)(User: )
Description: Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (09/05/2012 08:09:51 PM) (Source: COM+)(User: )
Description: Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (09/04/2012 03:26:31 AM) (Source: COM+)(User: )
Description: Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (09/04/2012 01:00:49 AM) (Source: COM+)(User: )
Description: Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (09/03/2012 06:04:56 AM) (Source: COM+)(User: )
Description: Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (09/03/2012 05:33:44 AM) (Source: COM+)(User: )
Description: Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector failed

Error: (09/02/2012 03:32:58 AM) (Source: COM+)(User: )
Description: (DtcGetTransactionManagerEx(): hr = 0x8004d01b)

Error: (08/31/2012 04:44:14 PM) (Source: ESENT)(User: )
Description: wuauclt1196C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb-1032


=========================== Installed Programs ============================

AC3Filter 2.5b (Version: 2.5b)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
AMD Processor Driver (Version: 1.3.2.0053)
Astro123 v1.62
AstroWin v3.67
AviSynth 2.5
CleanMem (Version: v2.4.2)
Comodo Dragon (Version: 21.2.1.0)
DirMS-S (Version: 3.0.0)
DIY DataRecovery.nl DiskTune 1.1.31
DP Animation Maker (Version: 2.1.3)
Driver Magician 3.68
Error Expert 1.5
ESET Online Scanner v3
Everything 1.2.1.371
Fhotoroom HDR 3.0.4 (Version: 3.0.4)
FileBox eXtender
FileBox eXtender (Version: 2.1.0)
Foxit Reader (Version: 5.3.1.606)
Free Download Manager 3.9
GreatNews 1.0 (Build 386)
GridMove V1.19.62
Horary Helper v6.01
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
JetBoost (Version: 1.1)
JetPaste version 1.1
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Midpoint v1.10
Mobile Broadband HL Service (Version: 22.001.16.00.03)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Next Generation Visualisations (Version: 1.0.0)
PDFMate Free PDF Merger 1.03 (Version: 1.03)
Platform (Version: 1.34)
Real Alternative 2.0.2 (Version: 2.0.2)
Realtek AC'97 Audio (Version: 5.36)
Sandboxie 3.72 (32-bit) (Version: 3.72)
Simple Adblock (Version: 1.1.2)
StartupMonitor (Version: 1.0.2.0)
System Scheduler 4.17
Time Stopper (Version: 3.12)
Transits v1.01
Tweak UI
Ubuntu (Version: 12.04-rev266)
Universal Extractor 1.6.1 (Version: 1.6.1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
VIA Platform Device Manager (Version: 1.34)
VIA Rhine-Family Fast-Ethernet Adapter
VIPRE Antivirus (Version: 5.2.5162)
WebFldrs XP (Version: 9.50.7523)
WinBootInfo (Version: 1.0.2)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
WinPcap 4.1.2 (Version: 4.1.0.2001)
XP TCP/IP Repair 2.1 (Version: 2.1)

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 447.48 MB
Available physical RAM: 213.12 MB
Total Pagefile: 1408.05 MB
Available Pagefile: 1098.64 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.55 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:42.57 GB) (Free:16.28 GB) NTFS
2 Drive d: () (Fixed) (Total:4 GB) (Free:3.45 GB) NTFS
3 Drive e: (GRTMHOEM_EN) (CDROM) (Total:0.55 GB) (Free:0 GB) CDFS
4 Drive h: () (Fixed) (Total:111.79 GB) (Free:77.44 GB) NTFS
5 Drive i: (New Volume) (Fixed) (Total:37.26 GB) (Free:1.33 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-A309EFCAC

Administrator ASPNET Guest
HelpAssistant Owner SUPPORT_388945a0


**** End of log ****
# AdwCleaner v2.000 - Logfile created 09/08/2012 at 22:53:41
# Updated 30/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - OWNER-A309EFCAC
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Owner\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer

***** [Registry] *****

Key Deleted : HKLM\Software\Tarma Installer

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v [Unable to get version]

Profile name : default
File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\mo1qeafy.default\prefs.js

C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\mo1qeafy.default\user.js ... Deleted !

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1258 octets] - [08/09/2012 22:53:41]

########## EOF - C:\AdwCleaner[S1].txt - [1318 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:36 PM

Posted 08 September 2012 - 05:21 PM

Malwarebytes log>?

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#7 Wolverine 7

Wolverine 7
  • Topic Starter

  • Members
  • 746 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bournemouth,UK
  • Local time:06:36 PM

Posted 08 September 2012 - 08:48 PM

oops sorry,didnt realize you wanted the log-ran mwb twice nothing found
logs follow,thanks

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.08.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: OWNER-A309EFCAC [administrator]

09/09/2012 00:44:52
mbam-log-2012-09-09 (00-44-52).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 49000
Time elapsed: 1 hour(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/09/2012 12:37:47 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* C:\WINDOWS\StartupMonitor.exe (PID: 536) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.
* No issues found.

Checking Windows Service Integrity:

* Background Intelligent Transfer Service (BITS) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/09/2012 12:39:30 AM
Execution time: 0 hours(s), 1 minute(s), and 43 seconds(s)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:36 PM

Posted 08 September 2012 - 08:51 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 Wolverine 7

Wolverine 7
  • Topic Starter

  • Members
  • 746 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bournemouth,UK
  • Local time:06:36 PM

Posted 09 September 2012 - 02:15 AM

Ok great,good to know im clean,:)
thanks so much for your assist
very much appreciated
ill update as you suggest
Thanks again
W7

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:36 PM

Posted 09 September 2012 - 06:31 AM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users