Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

hosts files auto restoring


  • Please log in to reply
5 replies to this topic

#1 stuped

stuped

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:45 AM

Posted 20 November 2012 - 05:20 AM

keep restoring even I use hostexpert and make it writable when I reboot.

C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost



216.239.32.20 www.google.ae # bck9

216.239.32.20 www.google.at # bck9

216.239.32.20 www.google.be # bck9

216.239.32.20 www.google.ca # bck9

216.239.32.20 www.google.ch # bck9

216.239.32.20 www.google.cl # bck9

216.239.32.20 www.google.co.il # bck9

216.239.32.20 www.google.co.in # bck9

216.239.32.20 www.google.co.jp # bck9

216.239.32.20 www.google.co.kr # bck9

216.239.32.20 www.google.co.nz # bck9

216.239.32.20 www.google.co.uk # bck9

216.239.32.20 www.google.co.ve # bck9

216.239.32.20 www.google.co.za # bck9

216.239.32.20 www.google.com # bck9

216.239.32.20 www.google.com.ar # bck9

216.239.32.20 www.google.com.au # bck9

216.239.32.20 www.google.com.br # bck9

Mod Edit: Deleted your duplicate post that lacked the attachment

Attached Files


Edited by hamluis, 20 November 2012 - 09:24 AM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:45 PM

Posted 20 November 2012 - 10:04 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 stuped

stuped
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:45 AM

Posted 21 November 2012 - 05:00 AM

but this is what I got
could anyone can help me please
to restore the normal hosts file


C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

216.239.32.20 www.google.ae # bck9
216.239.32.20 www.google.at # bck9
216.239.32.20 www.google.be # bck9
216.239.32.20 www.google.ca # bck9
216.239.32.20 www.google.ch # bck9
216.239.32.20 www.google.cl # bck9
216.239.32.20 www.google.co.il # bck9
216.239.32.20 www.google.co.in # bck9
216.239.32.20 www.google.co.jp # bck9
216.239.32.20 www.google.co.kr # bck9
216.239.32.20 www.google.co.nz # bck9
216.239.32.20 www.google.co.uk # bck9
216.239.32.20 www.google.co.ve # bck9
216.239.32.20 www.google.co.za # bck9
216.239.32.20 www.google.com # bck9
216.239.32.20 www.google.com.ar # bck9
216.239.32.20 www.google.com.au # bck9
216.239.32.20 www.google.com.br # bck9

#4 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:01:45 PM

Posted 21 November 2012 - 05:13 AM

Those entries appear to be added by "Blue Coat K9 Web Protection". You probably need to uninstall this software via Add/Remove Programs (XP) or Programs and Features (Vista/7/8).

Afterwards, run this FixIt from Microsoft: http://support.microsoft.com/kb/972034

Edited by thisisu, 21 November 2012 - 05:15 AM.


#5 stuped

stuped
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:45 AM

Posted 21 November 2012 - 06:31 AM

here is my TDSS rootkit report:

18:05:05.0218 3520 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:05:06.0750 3520 ============================================================
18:05:06.0750 3520 Current date / time: 2012/11/21 18:05:06.0750
18:05:06.0750 3520 SystemInfo:
18:05:06.0750 3520
18:05:06.0750 3520 OS Version: 5.1.2600 ServicePack: 3.0
18:05:06.0750 3520 Product type: Workstation
18:05:06.0750 3520 ComputerName: PRIVE-6422798B1
18:05:06.0750 3520 UserName: UserXP
18:05:06.0750 3520 Windows directory: C:\WINDOWS
18:05:06.0750 3520 System windows directory: C:\WINDOWS
18:05:06.0750 3520 Processor architecture: Intel x86
18:05:06.0750 3520 Number of processors: 1
18:05:06.0750 3520 Page size: 0x1000
18:05:06.0750 3520 Boot type: Normal boot
18:05:06.0750 3520 ============================================================
18:05:07.0187 3520 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
18:05:07.0203 3520 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
18:05:07.0203 3520 ============================================================
18:05:07.0203 3520 \Device\Harddisk0\DR0:
18:05:07.0203 3520 MBR partitions:
18:05:07.0203 3520 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
18:05:07.0218 3520 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x950A63F, BlocksNum 0x950A5C1
18:05:07.0218 3520 \Device\Harddisk1\DR1:
18:05:07.0218 3520 MBR partitions:
18:05:07.0218 3520 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
18:05:07.0250 3520 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1D1C06FF, BlocksNum 0x1D1C0681
18:05:07.0250 3520 ============================================================
18:05:07.0312 3520 D: <-> \Device\Harddisk1\DR1\Partition2
18:05:07.0390 3520 C: <-> \Device\Harddisk1\DR1\Partition1
18:05:07.0406 3520 F: <-> \Device\Harddisk0\DR0\Partition2
18:05:07.0453 3520 E: <-> \Device\Harddisk0\DR0\Partition1
18:05:07.0453 3520 ============================================================
18:05:07.0453 3520 Initialize success
18:05:07.0453 3520 ============================================================
18:05:09.0234 2368 ============================================================
18:05:09.0234 2368 Scan started
18:05:09.0234 2368 Mode: Manual;
18:05:09.0234 2368 ============================================================
18:05:09.0468 2368 ================ Scan system memory ========================
18:05:09.0468 2368 System memory - ok
18:05:09.0468 2368 ================ Scan services =============================
18:05:10.0406 2368 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
18:05:10.0406 2368 Aavmker4 - ok
18:05:10.0406 2368 Abiosdsk - ok
18:05:10.0406 2368 abp480n5 - ok
18:05:10.0453 2368 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:05:10.0453 2368 ACPI - ok
18:05:10.0500 2368 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:05:10.0500 2368 ACPIEC - ok
18:05:10.0546 2368 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:05:10.0562 2368 AdobeFlashPlayerUpdateSvc - ok
18:05:10.0562 2368 adpu160m - ok
18:05:10.0578 2368 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:05:10.0578 2368 aec - ok
18:05:10.0625 2368 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:05:10.0625 2368 AFD - ok
18:05:10.0640 2368 Aha154x - ok
18:05:10.0640 2368 aic78u2 - ok
18:05:10.0656 2368 aic78xx - ok
18:05:10.0671 2368 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:05:10.0687 2368 Alerter - ok
18:05:10.0718 2368 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
18:05:10.0718 2368 ALG - ok
18:05:10.0718 2368 AliIde - ok
18:05:10.0765 2368 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
18:05:10.0781 2368 Ambfilt - ok
18:05:10.0796 2368 amsint - ok
18:05:10.0828 2368 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:05:10.0828 2368 AppMgmt - ok
18:05:10.0828 2368 asc - ok
18:05:10.0843 2368 asc3350p - ok
18:05:10.0843 2368 asc3550 - ok
18:05:10.0875 2368 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
18:05:10.0875 2368 aswFsBlk - ok
18:05:10.0906 2368 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
18:05:10.0906 2368 aswMon2 - ok
18:05:10.0921 2368 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
18:05:10.0921 2368 AswRdr - ok
18:05:10.0953 2368 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
18:05:10.0968 2368 aswSnx - ok
18:05:10.0984 2368 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
18:05:11.0000 2368 aswSP - ok
18:05:11.0015 2368 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
18:05:11.0015 2368 aswTdi - ok
18:05:11.0046 2368 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:05:11.0046 2368 AsyncMac - ok
18:05:11.0062 2368 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:05:11.0062 2368 atapi - ok
18:05:11.0062 2368 Atdisk - ok
18:05:11.0093 2368 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:05:11.0093 2368 Atmarpc - ok
18:05:11.0109 2368 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:05:11.0125 2368 AudioSrv - ok
18:05:11.0156 2368 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:05:11.0156 2368 audstub - ok
18:05:11.0281 2368 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:05:11.0281 2368 avast! Antivirus - ok
18:05:11.0328 2368 [ 5E27B4D15C7DF6365C696DC9010187A4 ] bckd C:\WINDOWS\system32\drivers\bckd.sys
18:05:11.0328 2368 bckd - ok
18:05:11.0359 2368 [ 2A113172238EB26D09A91578A9443846 ] bckwfs C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
18:05:11.0390 2368 bckwfs - ok
18:05:11.0421 2368 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:05:11.0421 2368 Beep - ok
18:05:11.0468 2368 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
18:05:11.0468 2368 BITS - ok
18:05:11.0500 2368 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
18:05:11.0515 2368 Browser - ok
18:05:11.0671 2368 catchme - ok
18:05:11.0703 2368 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:05:11.0703 2368 cbidf2k - ok
18:05:11.0718 2368 cd20xrnt - ok
18:05:11.0718 2368 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:05:11.0718 2368 Cdaudio - ok
18:05:11.0765 2368 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:05:11.0765 2368 Cdfs - ok
18:05:11.0781 2368 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:05:11.0796 2368 Cdrom - ok
18:05:11.0796 2368 Changer - ok
18:05:11.0812 2368 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:05:11.0812 2368 CiSvc - ok
18:05:11.0843 2368 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:05:11.0843 2368 ClipSrv - ok
18:05:11.0843 2368 CmdIde - ok
18:05:11.0859 2368 COMSysApp - ok
18:05:11.0859 2368 Cpqarray - ok
18:05:11.0890 2368 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:05:11.0906 2368 CryptSvc - ok
18:05:11.0906 2368 dac2w2k - ok
18:05:11.0921 2368 dac960nt - ok
18:05:11.0953 2368 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:05:11.0968 2368 DcomLaunch - ok
18:05:12.0000 2368 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:05:12.0000 2368 Dhcp - ok
18:05:12.0015 2368 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:05:12.0015 2368 Disk - ok
18:05:12.0031 2368 dmadmin - ok
18:05:12.0062 2368 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:05:12.0078 2368 dmboot - ok
18:05:12.0109 2368 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:05:12.0109 2368 dmio - ok
18:05:12.0125 2368 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:05:12.0125 2368 dmload - ok
18:05:12.0140 2368 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:05:12.0140 2368 dmserver - ok
18:05:12.0171 2368 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:05:12.0171 2368 DMusic - ok
18:05:12.0218 2368 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:05:12.0218 2368 Dnscache - ok
18:05:12.0250 2368 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:05:12.0250 2368 Dot3svc - ok
18:05:12.0265 2368 dpti2o - ok
18:05:12.0265 2368 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:05:12.0265 2368 drmkaud - ok
18:05:12.0296 2368 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:05:12.0296 2368 EapHost - ok
18:05:12.0312 2368 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:05:12.0312 2368 ERSvc - ok
18:05:12.0343 2368 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
18:05:12.0359 2368 Eventlog - ok
18:05:12.0375 2368 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
18:05:12.0375 2368 EventSystem - ok
18:05:12.0421 2368 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:05:12.0421 2368 Fastfat - ok
18:05:12.0453 2368 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:05:12.0453 2368 FastUserSwitchingCompatibility - ok
18:05:12.0468 2368 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
18:05:12.0468 2368 Fdc - ok
18:05:12.0515 2368 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:05:12.0515 2368 Fips - ok
18:05:12.0531 2368 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
18:05:12.0546 2368 Flpydisk - ok
18:05:12.0562 2368 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
18:05:12.0578 2368 FltMgr - ok
18:05:12.0593 2368 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:05:12.0593 2368 Fs_Rec - ok
18:05:12.0625 2368 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:05:12.0625 2368 Ftdisk - ok
18:05:12.0703 2368 GGSAFERDriver - ok
18:05:12.0750 2368 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:05:12.0750 2368 Gpc - ok
18:05:12.0812 2368 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:05:12.0859 2368 HDAudBus - ok
18:05:12.0937 2368 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:05:12.0937 2368 helpsvc - ok
18:05:12.0953 2368 HidServ - ok
18:05:12.0984 2368 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:05:12.0984 2368 hkmsvc - ok
18:05:13.0000 2368 hpn - ok
18:05:13.0031 2368 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
18:05:13.0031 2368 HPZid412 - ok
18:05:13.0046 2368 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
18:05:13.0046 2368 HPZipr12 - ok
18:05:13.0062 2368 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
18:05:13.0062 2368 HPZius12 - ok
18:05:13.0093 2368 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:05:13.0093 2368 HTTP - ok
18:05:13.0140 2368 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:05:13.0140 2368 HTTPFilter - ok
18:05:13.0156 2368 i2omgmt - ok
18:05:13.0156 2368 i2omp - ok
18:05:13.0171 2368 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:05:13.0171 2368 i8042prt - ok
18:05:13.0203 2368 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:05:13.0203 2368 Imapi - ok
18:05:13.0218 2368 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:05:13.0218 2368 ImapiService - ok
18:05:13.0218 2368 ini910u - ok
18:05:13.0359 2368 [ 66300534F69ABCB5BB066A585AAD0299 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:05:13.0437 2368 IntcAzAudAddService - ok
18:05:13.0437 2368 IntelIde - ok
18:05:13.0484 2368 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
18:05:13.0484 2368 Ip6Fw - ok
18:05:13.0500 2368 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:05:13.0500 2368 IpFilterDriver - ok
18:05:13.0515 2368 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:05:13.0515 2368 IpInIp - ok
18:05:13.0531 2368 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:05:13.0546 2368 IpNat - ok
18:05:13.0562 2368 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:05:13.0562 2368 IPSec - ok
18:05:13.0578 2368 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:05:13.0578 2368 IRENUM - ok
18:05:13.0609 2368 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:05:13.0609 2368 isapnp - ok
18:05:13.0765 2368 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
18:05:13.0765 2368 JavaQuickStarterService - ok
18:05:13.0796 2368 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:05:13.0796 2368 Kbdclass - ok
18:05:13.0812 2368 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:05:13.0812 2368 kmixer - ok
18:05:13.0812 2368 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:05:13.0812 2368 KSecDD - ok
18:05:13.0859 2368 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
18:05:13.0875 2368 LanmanServer - ok
18:05:13.0906 2368 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:05:13.0921 2368 lanmanworkstation - ok
18:05:13.0921 2368 lbrtfdc - ok
18:05:13.0953 2368 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:05:13.0968 2368 LmHosts - ok
18:05:13.0984 2368 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
18:05:13.0984 2368 MBAMProtector - ok
18:05:14.0031 2368 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:05:14.0046 2368 MBAMService - ok
18:05:14.0093 2368 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:05:14.0093 2368 Messenger - ok
18:05:14.0125 2368 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:05:14.0125 2368 mnmdd - ok
18:05:14.0156 2368 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:05:14.0156 2368 mnmsrvc - ok
18:05:14.0187 2368 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:05:14.0187 2368 Modem - ok
18:05:14.0203 2368 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
18:05:14.0234 2368 Monfilt - ok
18:05:14.0250 2368 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:05:14.0250 2368 Mouclass - ok
18:05:14.0281 2368 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:05:14.0281 2368 MountMgr - ok
18:05:14.0343 2368 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:05:14.0343 2368 MozillaMaintenance - ok
18:05:14.0343 2368 mraid35x - ok
18:05:14.0359 2368 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:05:14.0375 2368 MRxDAV - ok
18:05:14.0390 2368 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:05:14.0390 2368 MRxSmb - ok
18:05:14.0421 2368 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:05:14.0421 2368 MSDTC - ok
18:05:14.0421 2368 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:05:14.0421 2368 Msfs - ok
18:05:14.0437 2368 MSIServer - ok
18:05:14.0437 2368 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:05:14.0437 2368 MSKSSRV - ok
18:05:14.0484 2368 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:05:14.0484 2368 MSPCLOCK - ok
18:05:14.0484 2368 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:05:14.0484 2368 MSPQM - ok
18:05:14.0531 2368 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:05:14.0531 2368 mssmbios - ok
18:05:14.0578 2368 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:05:14.0578 2368 Mup - ok
18:05:14.0609 2368 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:05:14.0609 2368 napagent - ok
18:05:14.0640 2368 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:05:14.0640 2368 NDIS - ok
18:05:14.0687 2368 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:05:14.0687 2368 NdisTapi - ok
18:05:14.0718 2368 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:05:14.0718 2368 Ndisuio - ok
18:05:14.0734 2368 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:05:14.0734 2368 NdisWan - ok
18:05:14.0765 2368 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:05:14.0765 2368 NDProxy - ok
18:05:14.0796 2368 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
18:05:14.0796 2368 Net Driver HPZ12 - ok
18:05:14.0843 2368 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:05:14.0843 2368 NetBIOS - ok
18:05:14.0859 2368 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:05:14.0859 2368 NetBT - ok
18:05:14.0890 2368 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
18:05:14.0890 2368 NetDDE - ok
18:05:14.0906 2368 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:05:14.0906 2368 NetDDEdsdm - ok
18:05:14.0937 2368 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:05:14.0937 2368 Netlogon - ok
18:05:14.0984 2368 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
18:05:14.0984 2368 Netman - ok
18:05:15.0031 2368 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
18:05:15.0031 2368 Nla - ok
18:05:15.0062 2368 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:05:15.0062 2368 Npfs - ok
18:05:15.0078 2368 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:05:15.0093 2368 Ntfs - ok
18:05:15.0093 2368 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:05:15.0093 2368 NtLmSsp - ok
18:05:15.0125 2368 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:05:15.0125 2368 NtmsSvc - ok
18:05:15.0140 2368 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
18:05:15.0140 2368 Null - ok
18:05:15.0375 2368 [ 7B5A17BD54BB9142843DBE99A1CAAED8 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:05:15.0546 2368 nv - ok
18:05:15.0578 2368 [ 70217A23470F4BB4C8FB4ABE06813081 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
18:05:15.0578 2368 NVENETFD - ok
18:05:15.0609 2368 [ EA98BFE4931BD13D747D647C1859796E ] nvgts C:\WINDOWS\system32\DRIVERS\nvgts.sys
18:05:15.0609 2368 nvgts - ok
18:05:15.0625 2368 [ BE8513730653384939A4D2D977C81027 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
18:05:15.0640 2368 nvnetbus - ok
18:05:15.0671 2368 [ 5150B108EA88831E1C599603D8B89621 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
18:05:15.0687 2368 NVSvc - ok
18:05:15.0718 2368 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:05:15.0718 2368 NwlnkFlt - ok
18:05:15.0718 2368 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:05:15.0718 2368 NwlnkFwd - ok
18:05:15.0843 2368 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:05:15.0859 2368 odserv - ok
18:05:15.0890 2368 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:05:15.0890 2368 ose - ok
18:05:15.0921 2368 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
18:05:15.0921 2368 Parport - ok
18:05:15.0968 2368 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:05:15.0968 2368 PartMgr - ok
18:05:16.0000 2368 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:05:16.0000 2368 ParVdm - ok
18:05:16.0015 2368 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:05:16.0015 2368 PCI - ok
18:05:16.0031 2368 PCIDump - ok
18:05:16.0062 2368 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:05:16.0062 2368 PCIIde - ok
18:05:16.0093 2368 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:05:16.0093 2368 Pcmcia - ok
18:05:16.0093 2368 PDCOMP - ok
18:05:16.0109 2368 PDFRAME - ok
18:05:16.0109 2368 PDRELI - ok
18:05:16.0109 2368 PDRFRAME - ok
18:05:16.0125 2368 perc2 - ok
18:05:16.0125 2368 perc2hib - ok
18:05:16.0156 2368 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
18:05:16.0171 2368 PlugPlay - ok
18:05:16.0171 2368 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
18:05:16.0171 2368 Pml Driver HPZ12 - ok
18:05:16.0187 2368 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:05:16.0187 2368 PolicyAgent - ok
18:05:16.0234 2368 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:05:16.0234 2368 PptpMiniport - ok
18:05:16.0265 2368 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
18:05:16.0281 2368 Processor - ok
18:05:16.0281 2368 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:05:16.0281 2368 ProtectedStorage - ok
18:05:16.0328 2368 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:05:16.0328 2368 PSched - ok
18:05:16.0343 2368 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:05:16.0343 2368 Ptilink - ok
18:05:16.0343 2368 ql1080 - ok
18:05:16.0343 2368 Ql10wnt - ok
18:05:16.0359 2368 ql12160 - ok
18:05:16.0359 2368 ql1240 - ok
18:05:16.0375 2368 ql1280 - ok
18:05:16.0406 2368 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:05:16.0406 2368 RasAcd - ok
18:05:16.0437 2368 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:05:16.0437 2368 RasAuto - ok
18:05:16.0453 2368 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:05:16.0453 2368 Rasl2tp - ok
18:05:16.0468 2368 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:05:16.0484 2368 RasMan - ok
18:05:16.0484 2368 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:05:16.0484 2368 RasPppoe - ok
18:05:16.0500 2368 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:05:16.0500 2368 Raspti - ok
18:05:16.0531 2368 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:05:16.0531 2368 Rdbss - ok
18:05:16.0562 2368 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:05:16.0562 2368 RDPCDD - ok
18:05:16.0593 2368 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:05:16.0593 2368 rdpdr - ok
18:05:16.0625 2368 [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:05:16.0640 2368 RDPWD - ok
18:05:16.0671 2368 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:05:16.0671 2368 RDSessMgr - ok
18:05:16.0703 2368 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:05:16.0703 2368 redbook - ok
18:05:16.0734 2368 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:05:16.0750 2368 RemoteAccess - ok
18:05:16.0765 2368 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:05:16.0781 2368 RemoteRegistry - ok
18:05:16.0812 2368 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
18:05:16.0812 2368 RpcLocator - ok
18:05:16.0843 2368 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
18:05:16.0843 2368 RpcSs - ok
18:05:16.0875 2368 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:05:16.0875 2368 RSVP - ok
18:05:16.0906 2368 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
18:05:16.0906 2368 SamSs - ok
18:05:16.0937 2368 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:05:16.0937 2368 SCardSvr - ok
18:05:16.0953 2368 [ C23DBD9BFBA8B1170706E0896B3CF7DA ] SCDEmu C:\WINDOWS\system32\drivers\SCDEmu.sys
18:05:16.0953 2368 SCDEmu - ok
18:05:16.0984 2368 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:05:17.0000 2368 Schedule - ok
18:05:17.0031 2368 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:05:17.0031 2368 Secdrv - ok
18:05:17.0046 2368 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:05:17.0062 2368 seclogon - ok
18:05:17.0078 2368 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
18:05:17.0078 2368 SENS - ok
18:05:17.0140 2368 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:05:17.0140 2368 serenum - ok
18:05:17.0156 2368 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:05:17.0156 2368 Serial - ok
18:05:17.0203 2368 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:05:17.0203 2368 Sfloppy - ok
18:05:17.0218 2368 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:05:17.0234 2368 SharedAccess - ok
18:05:17.0234 2368 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:05:17.0250 2368 ShellHWDetection - ok
18:05:17.0250 2368 Simbad - ok
18:05:17.0250 2368 Sparrow - ok
18:05:17.0296 2368 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:05:17.0296 2368 splitter - ok
18:05:17.0343 2368 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:05:17.0343 2368 Spooler - ok
18:05:17.0390 2368 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:05:17.0390 2368 sr - ok
18:05:17.0390 2368 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
18:05:17.0406 2368 srservice - ok
18:05:17.0468 2368 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:05:17.0468 2368 Srv - ok
18:05:17.0515 2368 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:05:17.0515 2368 SSDPSRV - ok
18:05:17.0593 2368 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:05:17.0593 2368 stisvc - ok
18:05:17.0625 2368 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:05:17.0625 2368 swenum - ok
18:05:17.0640 2368 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:05:17.0640 2368 swmidi - ok
18:05:17.0640 2368 SwPrv - ok
18:05:17.0656 2368 symc810 - ok
18:05:17.0656 2368 symc8xx - ok
18:05:17.0671 2368 sym_hi - ok
18:05:17.0671 2368 sym_u3 - ok
18:05:17.0671 2368 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:05:17.0687 2368 sysaudio - ok
18:05:17.0703 2368 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:05:17.0703 2368 SysmonLog - ok
18:05:17.0734 2368 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:05:17.0734 2368 TapiSrv - ok
18:05:17.0781 2368 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:05:17.0781 2368 Tcpip - ok
18:05:17.0812 2368 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:05:17.0812 2368 TDPIPE - ok
18:05:17.0828 2368 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:05:17.0828 2368 TDTCP - ok
18:05:17.0828 2368 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:05:17.0843 2368 TermDD - ok
18:05:17.0859 2368 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
18:05:17.0875 2368 TermService - ok
18:05:17.0890 2368 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
18:05:17.0890 2368 Themes - ok
18:05:17.0921 2368 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
18:05:17.0937 2368 TlntSvr - ok
18:05:17.0937 2368 TosIde - ok
18:05:17.0968 2368 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:05:17.0968 2368 TrkWks - ok
18:05:18.0015 2368 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:05:18.0015 2368 Udfs - ok
18:05:18.0015 2368 ultra - ok
18:05:18.0046 2368 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:05:18.0062 2368 Update - ok
18:05:18.0093 2368 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:05:18.0093 2368 upnphost - ok
18:05:18.0109 2368 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
18:05:18.0109 2368 UPS - ok
18:05:18.0140 2368 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:05:18.0140 2368 usbccgp - ok
18:05:18.0156 2368 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:05:18.0156 2368 usbehci - ok
18:05:18.0171 2368 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:05:18.0171 2368 usbhub - ok
18:05:18.0187 2368 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
18:05:18.0187 2368 usbohci - ok
18:05:18.0203 2368 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:05:18.0203 2368 usbprint - ok
18:05:18.0218 2368 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:05:18.0218 2368 usbstor - ok
18:05:18.0265 2368 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:05:18.0265 2368 VgaSave - ok
18:05:18.0265 2368 ViaIde - ok
18:05:18.0312 2368 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:05:18.0312 2368 VolSnap - ok
18:05:18.0343 2368 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
18:05:18.0343 2368 VSS - ok
18:05:18.0375 2368 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
18:05:18.0375 2368 W32Time - ok
18:05:18.0390 2368 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:05:18.0390 2368 Wanarp - ok
18:05:18.0390 2368 WDICA - ok
18:05:18.0406 2368 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:05:18.0421 2368 wdmaud - ok
18:05:18.0468 2368 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:05:18.0484 2368 WebClient - ok
18:05:18.0609 2368 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:05:18.0609 2368 winmgmt - ok
18:05:18.0640 2368 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
18:05:18.0656 2368 WmdmPmSN - ok
18:05:18.0687 2368 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
18:05:18.0687 2368 Wmi - ok
18:05:18.0750 2368 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:05:18.0750 2368 WmiApSrv - ok
18:05:18.0781 2368 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:05:18.0781 2368 WS2IFSL - ok
18:05:18.0812 2368 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:05:18.0828 2368 wscsvc - ok
18:05:18.0859 2368 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:05:18.0875 2368 wuauserv - ok
18:05:18.0906 2368 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:05:18.0921 2368 WZCSVC - ok
18:05:18.0953 2368 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:05:18.0968 2368 xmlprov - ok
18:05:18.0968 2368 ================ Scan global ===============================
18:05:19.0000 2368 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
18:05:19.0046 2368 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:05:19.0062 2368 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:05:19.0078 2368 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
18:05:19.0078 2368 [Global] - ok
18:05:19.0078 2368 ================ Scan MBR ==================================
18:05:19.0093 2368 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
18:05:19.0203 2368 \Device\Harddisk0\DR0 - ok
18:05:19.0218 2368 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
18:05:19.0593 2368 \Device\Harddisk1\DR1 - ok
18:05:19.0593 2368 ================ Scan VBR ==================================
18:05:19.0593 2368 [ 11F09DDC142D47AE76C65E87A913E490 ] \Device\Harddisk0\DR0\Partition1
18:05:19.0593 2368 \Device\Harddisk0\DR0\Partition1 - ok
18:05:19.0625 2368 [ 9912FEAE53970221D89C8448545A2F2B ] \Device\Harddisk0\DR0\Partition2
18:05:19.0625 2368 \Device\Harddisk0\DR0\Partition2 - ok
18:05:19.0640 2368 [ 0CC4D944555F6DA73631664222E044F0 ] \Device\Harddisk1\DR1\Partition1
18:05:19.0640 2368 \Device\Harddisk1\DR1\Partition1 - ok
18:05:19.0656 2368 [ D7CC6DCAAF10C1652F6FE69FB0FD2A72 ] \Device\Harddisk1\DR1\Partition2
18:05:19.0656 2368 \Device\Harddisk1\DR1\Partition2 - ok
18:05:19.0656 2368 ============================================================
18:05:19.0656 2368 Scan finished
18:05:19.0656 2368 ============================================================
18:05:19.0671 2576 Detected object count: 0
18:05:19.0671 2576 Actual detected object count: 0



aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-21 18:07:36
-----------------------------
18:07:36.531 OS Version: Windows 5.1.2600 Service Pack 3
18:07:36.531 Number of processors: 1 586 0x5F03
18:07:36.531 ComputerName: PRIVE-6422798B1 UserName: UserXP
18:07:37.656 Initialize success
18:07:37.765 AVAST engine defs: 12112000
18:07:51.093 Disk 0 \Device\Harddisk0\DR0 -> \Device\Scsi\nvgts1Port2Path0Target0Lun0
18:07:51.093 Disk 0 Vendor: ST316081 CC2H Size: 152627MB BusType: 3
18:07:51.093 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Scsi\nvgts1Port2Path1Target1Lun0
18:07:51.093 Disk 1 Vendor: ST500DM0 KC45 Size: 476940MB BusType: 3
18:07:51.125 Disk 1 MBR read successfully
18:07:51.125 Disk 1 MBR scan
18:07:51.125 Disk 1 Windows XP default MBR code
18:07:51.125 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238464 MB offset 63
18:07:51.125 Disk 1 Partition - 00 0F Extended LBA 238464 MB offset 488376000
18:07:51.156 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 238464 MB offset 488376063
18:07:51.156 Disk 1 scanning sectors +976752000
18:07:51.203 Disk 1 scanning C:\WINDOWS\system32\drivers
18:07:57.187 Service scanning
18:08:08.875 Modules scanning
18:08:15.046 Disk 1 trace - called modules:
18:08:15.062 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll SCSIPORT.SYS nvgts.sys
18:08:15.062 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x8a4b5230]
18:08:15.062 3 CLASSPNP.SYS[b80e8fd7] -> nt!IofCallDriver -> \Device\00000062[0x8a422920]
18:08:15.062 5 ACPI.sys[b7f7f620] -> nt!IofCallDriver -> \Device\Scsi\nvgts1Port2Path1Target1Lun0[0x8a422a38]
18:08:15.703 AVAST engine scan C:\WINDOWS
18:08:20.328 AVAST engine scan C:\WINDOWS\system32
18:09:37.234 AVAST engine scan C:\WINDOWS\system32\drivers
18:09:49.859 AVAST engine scan C:\Documents and Settings\UserXP
18:11:04.265 AVAST engine scan C:\Documents and Settings\All Users
18:11:36.968 Scan finished successfully
18:12:10.359 Disk 1 MBR has been saved successfully to "C:\Documents and Settings\UserXP\Desktop\MBR.dat"
18:12:10.359 The log file has been saved successfully to "C:\Documents and Settings\UserXP\Desktop\aswMBR.txt"

Eset Online Scanner
NO Treat Found

#6 Platypus

Platypus

  • Global Moderator
  • 15,478 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:05:45 AM

Posted 21 November 2012 - 08:41 AM

stuped, please don't keep starting duplicate topics on the same subject, it's confusing and you can get conflicting instructions from different helpers. So far I've had to delete or merge five threads...
Top 5 things that never get done:

1.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users