Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot access antivirus websites and sluggish computer


  • Please log in to reply
5 replies to this topic

#1 dazibit

dazibit

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 18 December 2012 - 05:08 PM

I am running Windows XP SP3. Recently i discovered a virus and during a routine scan with MBAM. My sound card would be disabled after about an hour of the computer being on. After the scan the sound card problem was fixed. Now the computer is very slow. Firefox takes about 2 minutes to open and I cannot access any antivirus sites. I have run MBAM full scan with no luck.

Thanks in advance for the help.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:21 AM

Posted 19 December 2012 - 12:56 PM

Hello dazibit

Lets see what these get.



Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.


Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode

>>>>

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.

>>>>

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

>>>>

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 dazibit

dazibit
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 19 December 2012 - 03:05 PM

Thanks for your help. Here are the following logs. I still cannot access antivirus websites and could not download the eset online scanner. The error says "Could not get update. Is proxy configured?"

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/19/2012 02:17:29 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic

* Automatic Updates (wuauserv) is not Running.
Startup Type set to: Automatic

* RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 12/19/2012 02:17:58 PM
Execution time: 0 hours(s), 0 minute(s), and 29 seconds(s)

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.19.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
dazibit :: DAZ [administrator]

12/19/2012 2:19:27 PM
mbam-log-2012-12-19 (14-19-27).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 235437
Time elapsed: 7 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


14:44:48.0109 3236 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:44:48.0125 3236 ============================================================
14:44:48.0125 3236 Current date / time: 2012/12/19 14:44:48.0125
14:44:48.0125 3236 SystemInfo:
14:44:48.0125 3236
14:44:48.0125 3236 OS Version: 5.1.2600 ServicePack: 3.0
14:44:48.0125 3236 Product type: Workstation
14:44:48.0125 3236 ComputerName: DAZ
14:44:48.0125 3236 UserName: dazibit
14:44:48.0125 3236 Windows directory: C:\WINDOWS
14:44:48.0125 3236 System windows directory: C:\WINDOWS
14:44:48.0125 3236 Processor architecture: Intel x86
14:44:48.0125 3236 Number of processors: 2
14:44:48.0125 3236 Page size: 0x1000
14:44:48.0125 3236 Boot type: Normal boot
14:44:48.0125 3236 ============================================================
14:44:49.0296 3236 Drive \Device\Harddisk0\DR0 - Size: 0x22EF13E000 (139.74 Gb), SectorSize: 0x200, Cylinders: 0x4741, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:44:49.0296 3236 ============================================================
14:44:49.0296 3236 \Device\Harddisk0\DR0:
14:44:49.0296 3236 MBR partitions:
14:44:49.0296 3236 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x11773701
14:44:49.0296 3236 ============================================================
14:44:49.0312 3236 C: <-> \Device\Harddisk0\DR0\Partition1
14:44:49.0312 3236 ============================================================
14:44:49.0312 3236 Initialize success
14:44:49.0312 3236 ============================================================
14:44:50.0281 3344 ============================================================
14:44:50.0281 3344 Scan started
14:44:50.0281 3344 Mode: Manual;
14:44:50.0281 3344 ============================================================
14:44:51.0109 3344 ================ Scan system memory ========================
14:44:51.0109 3344 System memory - ok
14:44:51.0109 3344 ================ Scan services =============================
14:44:51.0250 3344 13171783 - ok
14:44:51.0250 3344 Abiosdsk - ok
14:44:51.0250 3344 abp480n5 - ok
14:44:51.0343 3344 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:44:51.0406 3344 ACPI - ok
14:44:51.0421 3344 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:44:51.0437 3344 ACPIEC - ok
14:44:51.0531 3344 [ 651168B452DA256FA9E1AA172EF5BAC5 ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
14:44:51.0531 3344 ADIHdAudAddService - ok
14:44:51.0640 3344 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:44:51.0718 3344 AdobeFlashPlayerUpdateSvc - ok
14:44:51.0718 3344 adpu160m - ok
14:44:51.0765 3344 [ B4AFCC2F911939A1C16A26E7EBA7F36B ] AEAudio C:\WINDOWS\system32\drivers\AEAudio.sys
14:44:51.0781 3344 AEAudio - ok
14:44:51.0828 3344 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:44:51.0859 3344 aec - ok
14:44:51.0906 3344 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:44:51.0937 3344 AFD - ok
14:44:51.0937 3344 Aha154x - ok
14:44:51.0937 3344 aic78u2 - ok
14:44:51.0953 3344 aic78xx - ok
14:44:51.0953 3344 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:44:51.0953 3344 Alerter - ok
14:44:51.0984 3344 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
14:44:51.0984 3344 ALG - ok
14:44:51.0984 3344 AliIde - ok
14:44:51.0984 3344 amsint - ok
14:44:52.0031 3344 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:44:52.0046 3344 Apple Mobile Device - ok
14:44:52.0078 3344 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:44:52.0125 3344 AppMgmt - ok
14:44:52.0140 3344 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:44:52.0156 3344 Arp1394 - ok
14:44:52.0156 3344 asc - ok
14:44:52.0156 3344 asc3350p - ok
14:44:52.0171 3344 asc3550 - ok
14:44:52.0234 3344 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:44:52.0250 3344 aspnet_state - ok
14:44:52.0250 3344 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:44:52.0250 3344 AsyncMac - ok
14:44:52.0281 3344 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:44:52.0281 3344 atapi - ok
14:44:52.0281 3344 Atdisk - ok
14:44:52.0296 3344 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:44:52.0312 3344 Atmarpc - ok
14:44:52.0328 3344 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:44:52.0343 3344 AudioSrv - ok
14:44:52.0359 3344 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:44:52.0359 3344 audstub - ok
14:44:52.0390 3344 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:44:52.0390 3344 Beep - ok
14:44:52.0484 3344 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
14:44:52.0593 3344 BITS - ok
14:44:52.0703 3344 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:44:52.0796 3344 Bonjour Service - ok
14:44:52.0843 3344 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
14:44:52.0843 3344 Browser - ok
14:44:52.0843 3344 catchme - ok
14:44:52.0859 3344 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:44:52.0859 3344 cbidf2k - ok
14:44:52.0859 3344 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:44:52.0875 3344 CCDECODE - ok
14:44:52.0875 3344 cd20xrnt - ok
14:44:52.0875 3344 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:44:52.0875 3344 Cdaudio - ok
14:44:52.0906 3344 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:44:52.0921 3344 Cdfs - ok
14:44:52.0937 3344 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:44:52.0953 3344 Cdrom - ok
14:44:52.0953 3344 Changer - ok
14:44:52.0968 3344 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:44:52.0968 3344 CiSvc - ok
14:44:52.0984 3344 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:44:53.0000 3344 ClipSrv - ok
14:44:53.0015 3344 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:44:53.0046 3344 clr_optimization_v2.0.50727_32 - ok
14:44:53.0046 3344 CmdIde - ok
14:44:53.0046 3344 COMSysApp - ok
14:44:53.0046 3344 Cpqarray - ok
14:44:53.0078 3344 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:44:53.0093 3344 CryptSvc - ok
14:44:53.0093 3344 dac2w2k - ok
14:44:53.0093 3344 dac960nt - ok
14:44:53.0218 3344 [ 2589FE6015A316C0F5D5112B4DA7B509 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:44:53.0218 3344 DcomLaunch - ok
14:44:53.0250 3344 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:44:53.0281 3344 Dhcp - ok
14:44:53.0312 3344 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:44:53.0312 3344 Disk - ok
14:44:53.0328 3344 dmadmin - ok
14:44:53.0515 3344 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:44:53.0718 3344 dmboot - ok
14:44:53.0765 3344 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:44:53.0796 3344 dmio - ok
14:44:53.0812 3344 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:44:53.0812 3344 dmload - ok
14:44:53.0812 3344 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:44:53.0828 3344 dmserver - ok
14:44:53.0843 3344 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:44:53.0859 3344 DMusic - ok
14:44:53.0875 3344 [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:44:53.0875 3344 Dnscache - ok
14:44:53.0921 3344 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:44:53.0953 3344 Dot3svc - ok
14:44:53.0953 3344 dpti2o - ok
14:44:53.0968 3344 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:44:53.0968 3344 drmkaud - ok
14:44:53.0968 3344 EagleXNt - ok
14:44:53.0984 3344 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:44:54.0000 3344 EapHost - ok
14:44:54.0015 3344 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:44:54.0015 3344 ERSvc - ok
14:44:54.0062 3344 [ 0E776ED5F7CC9F94299E70461B7B8185 ] Eventlog C:\WINDOWS\system32\services.exe
14:44:54.0093 3344 Eventlog - ok
14:44:54.0171 3344 [ 19A799805B24990867B00C120D300C3A ] EventSystem C:\WINDOWS\system32\es.dll
14:44:54.0250 3344 EventSystem - ok
14:44:54.0359 3344 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:44:54.0437 3344 Fastfat - ok
14:44:54.0515 3344 [ 1926899BF9FFE2602B63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:44:54.0562 3344 FastUserSwitchingCompatibility - ok
14:44:54.0593 3344 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
14:44:54.0609 3344 Fdc - ok
14:44:54.0640 3344 [ B73EC688C29F81F9DA0FCF63682B3ECB ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
14:44:54.0640 3344 FilterService - ok
14:44:54.0671 3344 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:44:54.0671 3344 Fips - ok
14:44:54.0687 3344 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:44:54.0687 3344 Flpydisk - ok
14:44:54.0750 3344 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:44:54.0781 3344 FltMgr - ok
14:44:54.0843 3344 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:44:54.0859 3344 FontCache3.0.0.0 - ok
14:44:54.0875 3344 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:44:54.0875 3344 Fs_Rec - ok
14:44:54.0906 3344 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:44:54.0937 3344 Ftdisk - ok
14:44:54.0968 3344 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:44:54.0968 3344 Gpc - ok
14:44:55.0015 3344 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:44:55.0015 3344 HDAudBus - ok
14:44:55.0062 3344 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:44:55.0062 3344 helpsvc - ok
14:44:55.0062 3344 HidServ - ok
14:44:55.0093 3344 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:44:55.0093 3344 hidusb - ok
14:44:55.0109 3344 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:44:55.0125 3344 hkmsvc - ok
14:44:55.0125 3344 hpn - ok
14:44:55.0203 3344 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:44:55.0203 3344 HTTP - ok
14:44:55.0203 3344 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:44:55.0218 3344 HTTPFilter - ok
14:44:55.0218 3344 i2omgmt - ok
14:44:55.0218 3344 i2omp - ok
14:44:55.0234 3344 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:44:55.0250 3344 i8042prt - ok
14:44:55.0500 3344 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:44:55.0718 3344 idsvc - ok
14:44:55.0734 3344 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:44:55.0734 3344 Imapi - ok
14:44:55.0781 3344 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:44:55.0812 3344 ImapiService - ok
14:44:55.0812 3344 ini910u - ok
14:44:55.0812 3344 IntelIde - ok
14:44:55.0828 3344 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:44:55.0843 3344 intelppm - ok
14:44:55.0859 3344 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:44:55.0859 3344 Ip6Fw - ok
14:44:55.0875 3344 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:44:55.0890 3344 IpFilterDriver - ok
14:44:55.0890 3344 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:44:55.0906 3344 IpInIp - ok
14:44:55.0937 3344 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:44:55.0984 3344 IpNat - ok
14:44:56.0125 3344 [ EF1C51222117B37AFBFF8F4642EA8C62 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:44:56.0125 3344 iPod Service - ok
14:44:56.0156 3344 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:44:56.0171 3344 IPSec - ok
14:44:56.0171 3344 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:44:56.0187 3344 IRENUM - ok
14:44:56.0187 3344 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:44:56.0203 3344 isapnp - ok
14:44:56.0203 3344 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:44:56.0218 3344 Kbdclass - ok
14:44:56.0218 3344 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:44:56.0218 3344 kbdhid - ok
14:44:56.0281 3344 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:44:56.0281 3344 kmixer - ok
14:44:56.0312 3344 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:44:56.0328 3344 KSecDD - ok
14:44:56.0375 3344 [ F385F4B02C535BFFE1D70CAB80838123 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
14:44:56.0406 3344 LanmanServer - ok
14:44:56.0437 3344 [ 1B67B632786FEF1C1BBAEF46C2F3F2E6 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:44:56.0468 3344 lanmanworkstation - ok
14:44:56.0468 3344 lbrtfdc - ok
14:44:56.0484 3344 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:44:56.0484 3344 LmHosts - ok
14:44:56.0515 3344 [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
14:44:56.0515 3344 LVPr2Mon - ok
14:44:56.0562 3344 LVPrcSrv - ok
14:44:56.0625 3344 [ 37072EC9299E825F4335CC554B6FAC6A ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
14:44:56.0640 3344 LVRS - ok
14:44:58.0453 3344 [ A240E42A7402E927A71B6E8AA4629B13 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
14:44:58.0484 3344 LVUVC - ok
14:44:58.0515 3344 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
14:44:58.0515 3344 MBAMProtector - ok
14:44:58.0796 3344 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:44:58.0906 3344 MBAMScheduler - ok
14:44:59.0328 3344 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:44:59.0656 3344 MBAMService - ok
14:44:59.0812 3344 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:44:59.0859 3344 Messenger - ok
14:45:00.0390 3344 Microsoft SharePoint Workspace Audit Service - ok
14:45:00.0421 3344 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:45:00.0421 3344 mnmdd - ok
14:45:00.0453 3344 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:45:00.0468 3344 mnmsrvc - ok
14:45:00.0484 3344 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:45:00.0500 3344 Modem - ok
14:45:00.0515 3344 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:45:00.0515 3344 Mouclass - ok
14:45:00.0546 3344 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:45:00.0546 3344 mouhid - ok
14:45:00.0562 3344 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:45:00.0578 3344 MountMgr - ok
14:45:00.0625 3344 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:45:00.0656 3344 MozillaMaintenance - ok
14:45:00.0656 3344 mraid35x - ok
14:45:00.0703 3344 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:45:00.0750 3344 MRxDAV - ok
14:45:00.0890 3344 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:45:01.0156 3344 MRxSmb - ok
14:45:01.0234 3344 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:45:01.0234 3344 MSDTC - ok
14:45:01.0312 3344 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:45:01.0312 3344 Msfs - ok
14:45:01.0312 3344 MSIServer - ok
14:45:01.0328 3344 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:45:01.0343 3344 MSKSSRV - ok
14:45:01.0375 3344 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:45:01.0390 3344 MSPCLOCK - ok
14:45:01.0437 3344 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:45:01.0437 3344 MSPQM - ok
14:45:01.0484 3344 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:45:01.0515 3344 mssmbios - ok
14:45:01.0546 3344 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
14:45:01.0546 3344 MSTEE - ok
14:45:01.0593 3344 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:45:01.0640 3344 Mup - ok
14:45:01.0671 3344 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:45:01.0687 3344 NABTSFEC - ok
14:45:01.0781 3344 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
14:45:01.0843 3344 napagent - ok
14:45:01.0921 3344 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:45:01.0968 3344 NDIS - ok
14:45:01.0984 3344 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:45:02.0000 3344 NdisIP - ok
14:45:02.0015 3344 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:45:02.0015 3344 NdisTapi - ok
14:45:02.0031 3344 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:45:02.0031 3344 Ndisuio - ok
14:45:02.0062 3344 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:45:02.0078 3344 NdisWan - ok
14:45:02.0093 3344 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:45:02.0109 3344 NDProxy - ok
14:45:02.0109 3344 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:45:02.0125 3344 NetBIOS - ok
14:45:02.0171 3344 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:45:02.0203 3344 NetBT - ok
14:45:02.0250 3344 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
14:45:02.0281 3344 NetDDE - ok
14:45:02.0312 3344 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:45:02.0312 3344 NetDDEdsdm - ok
14:45:02.0328 3344 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:45:02.0328 3344 Netlogon - ok
14:45:02.0390 3344 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
14:45:02.0437 3344 Netman - ok
14:45:02.0500 3344 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:45:02.0531 3344 NetTcpPortSharing - ok
14:45:02.0562 3344 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:45:02.0578 3344 NIC1394 - ok
14:45:02.0656 3344 [ B4138E99236F0F57D4CF49BAE98A0746 ] Nla C:\WINDOWS\System32\mswsock.dll
14:45:02.0656 3344 Nla - ok
14:45:02.0671 3344 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:45:02.0671 3344 Npfs - ok
14:45:02.0671 3344 npggsvc - ok
14:45:02.0812 3344 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:45:02.0953 3344 Ntfs - ok
14:45:02.0953 3344 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:45:02.0968 3344 NtLmSsp - ok
14:45:03.0078 3344 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:45:03.0187 3344 NtmsSvc - ok
14:45:03.0203 3344 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
14:45:03.0203 3344 Null - ok
14:45:06.0375 3344 [ 774A0D43912F75DA99D32F2D9E6A674C ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:45:09.0500 3344 nv - ok
14:45:09.0578 3344 [ 6B665BDA473E2888A036D0BA5663B5A5 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
14:45:09.0609 3344 NVSvc - ok
14:45:09.0640 3344 nvUpdatusService - ok
14:45:09.0671 3344 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:45:09.0671 3344 NwlnkFlt - ok
14:45:09.0671 3344 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:45:09.0687 3344 NwlnkFwd - ok
14:45:09.0718 3344 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:45:09.0734 3344 ohci1394 - ok
14:45:09.0812 3344 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:45:09.0859 3344 ose - ok
14:45:11.0000 3344 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:45:12.0171 3344 osppsvc - ok
14:45:12.0218 3344 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
14:45:12.0234 3344 Parport - ok
14:45:12.0250 3344 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:45:12.0250 3344 PartMgr - ok
14:45:12.0265 3344 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:45:12.0265 3344 ParVdm - ok
14:45:12.0296 3344 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:45:12.0312 3344 PCI - ok
14:45:12.0312 3344 PCIDump - ok
14:45:12.0312 3344 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:45:12.0312 3344 PCIIde - ok
14:45:12.0359 3344 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:45:12.0390 3344 Pcmcia - ok
14:45:12.0390 3344 PDCOMP - ok
14:45:12.0390 3344 PDFRAME - ok
14:45:12.0390 3344 PDRELI - ok
14:45:12.0390 3344 PDRFRAME - ok
14:45:12.0390 3344 perc2 - ok
14:45:12.0390 3344 perc2hib - ok
14:45:12.0437 3344 [ 0E776ED5F7CC9F94299E70461B7B8185 ] PlugPlay C:\WINDOWS\system32\services.exe
14:45:12.0437 3344 PlugPlay - ok
14:45:12.0437 3344 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:45:12.0437 3344 PolicyAgent - ok
14:45:12.0468 3344 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:45:12.0484 3344 PptpMiniport - ok
14:45:12.0484 3344 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:45:12.0484 3344 ProtectedStorage - ok
14:45:12.0500 3344 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:45:12.0515 3344 PSched - ok
14:45:12.0531 3344 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:45:12.0531 3344 Ptilink - ok
14:45:12.0531 3344 ql1080 - ok
14:45:12.0531 3344 Ql10wnt - ok
14:45:12.0531 3344 ql12160 - ok
14:45:12.0531 3344 ql1240 - ok
14:45:12.0531 3344 ql1280 - ok
14:45:12.0546 3344 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:45:12.0546 3344 RasAcd - ok
14:45:12.0578 3344 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:45:12.0609 3344 RasAuto - ok
14:45:12.0625 3344 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:45:12.0640 3344 Rasl2tp - ok
14:45:12.0687 3344 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:45:12.0734 3344 RasMan - ok
14:45:12.0750 3344 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:45:12.0765 3344 RasPppoe - ok
14:45:12.0765 3344 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:45:12.0765 3344 Raspti - ok
14:45:12.0828 3344 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:45:12.0859 3344 Rdbss - ok
14:45:12.0875 3344 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:45:12.0875 3344 RDPCDD - ok
14:45:12.0937 3344 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:45:12.0984 3344 rdpdr - ok
14:45:13.0046 3344 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:45:13.0078 3344 RDPWD - ok
14:45:13.0140 3344 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:45:13.0171 3344 RDSessMgr - ok
14:45:13.0203 3344 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:45:13.0218 3344 redbook - ok
14:45:13.0250 3344 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:45:13.0265 3344 RemoteAccess - ok
14:45:13.0296 3344 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:45:13.0312 3344 RemoteRegistry - ok
14:45:13.0328 3344 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
14:45:13.0328 3344 RimUsb - ok
14:45:13.0359 3344 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
14:45:13.0390 3344 RpcLocator - ok
14:45:13.0484 3344 [ 2589FE6015A316C0F5D5112B4DA7B509 ] RpcSs C:\WINDOWS\System32\rpcss.dll
14:45:13.0484 3344 RpcSs - ok
14:45:13.0531 3344 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:45:13.0562 3344 RSVP - ok
14:45:13.0578 3344 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
14:45:13.0578 3344 SamSs - ok
14:45:13.0609 3344 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:45:13.0625 3344 SCardSvr - ok
14:45:13.0671 3344 [ BC7C602A9202429D37CCD07E7EBB6404 ] SCDEmu C:\WINDOWS\system32\drivers\SCDEmu.sys
14:45:13.0671 3344 SCDEmu - ok
14:45:13.0750 3344 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:45:13.0781 3344 Schedule - ok
14:45:13.0796 3344 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:45:13.0796 3344 Secdrv - ok
14:45:13.0812 3344 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:45:13.0812 3344 seclogon - ok
14:45:13.0906 3344 [ B6A6B409FDA9D9EBD3AADB838D3D7173 ] SenFiltService C:\WINDOWS\system32\drivers\Senfilt.sys
14:45:13.0984 3344 SenFiltService - ok
14:45:14.0000 3344 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
14:45:14.0000 3344 SENS - ok
14:45:14.0015 3344 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:45:14.0031 3344 serenum - ok
14:45:14.0062 3344 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:45:14.0078 3344 Serial - ok
14:45:14.0078 3344 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:45:14.0078 3344 Sfloppy - ok
14:45:14.0171 3344 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:45:14.0171 3344 SharedAccess - ok
14:45:14.0203 3344 [ 1926899BF9FFE2602B63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:45:14.0203 3344 ShellHWDetection - ok
14:45:14.0218 3344 Simbad - ok
14:45:14.0265 3344 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:45:14.0312 3344 SkypeUpdate - ok
14:45:14.0312 3344 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:45:14.0328 3344 SLIP - ok
14:45:14.0328 3344 Sparrow - ok
14:45:14.0343 3344 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:45:14.0343 3344 splitter - ok
14:45:14.0359 3344 [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:45:14.0375 3344 Spooler - ok
14:45:14.0406 3344 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:45:14.0421 3344 sr - ok
14:45:14.0468 3344 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
14:45:14.0515 3344 srservice - ok
14:45:14.0593 3344 [ 5252605079810904E31C332E241CD59B ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:45:14.0671 3344 Srv - ok
14:45:14.0703 3344 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:45:14.0703 3344 SSDPSRV - ok
14:45:14.0718 3344 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
14:45:14.0718 3344 StillCam - ok
14:45:14.0812 3344 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:45:14.0890 3344 stisvc - ok
14:45:14.0906 3344 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:45:14.0921 3344 streamip - ok
14:45:14.0937 3344 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:45:14.0953 3344 swenum - ok
14:45:14.0968 3344 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:45:14.0984 3344 swmidi - ok
14:45:14.0984 3344 SwPrv - ok
14:45:14.0984 3344 symc810 - ok
14:45:14.0984 3344 symc8xx - ok
14:45:14.0984 3344 sym_hi - ok
14:45:14.0984 3344 sym_u3 - ok
14:45:15.0000 3344 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:45:15.0015 3344 sysaudio - ok
14:45:15.0062 3344 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:45:15.0078 3344 SysmonLog - ok
14:45:15.0156 3344 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:45:15.0218 3344 TapiSrv - ok
14:45:15.0312 3344 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:45:15.0312 3344 Tcpip - ok
14:45:15.0328 3344 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:45:15.0328 3344 TDPIPE - ok
14:45:15.0359 3344 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:45:15.0359 3344 TDTCP - ok
14:45:15.0375 3344 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:45:15.0375 3344 TermDD - ok
14:45:15.0468 3344 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
14:45:15.0468 3344 TermService - ok
14:45:15.0500 3344 [ 1926899BF9FFE2602B63074971700412 ] Themes C:\WINDOWS\System32\shsvcs.dll
14:45:15.0500 3344 Themes - ok
14:45:15.0531 3344 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
14:45:15.0546 3344 TlntSvr - ok
14:45:15.0546 3344 TosIde - ok
14:45:15.0578 3344 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:45:15.0593 3344 TrkWks - ok
14:45:15.0625 3344 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:45:15.0640 3344 Udfs - ok
14:45:15.0640 3344 ultra - ok
14:45:15.0750 3344 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:45:15.0843 3344 Update - ok
14:45:15.0890 3344 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:45:15.0937 3344 upnphost - ok
14:45:15.0953 3344 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
14:45:15.0953 3344 UPS - ok
14:45:15.0984 3344 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
14:45:16.0000 3344 USBAAPL - ok
14:45:16.0046 3344 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
14:45:16.0062 3344 usbaudio - ok
14:45:16.0093 3344 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:45:16.0093 3344 usbccgp - ok
14:45:16.0109 3344 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:45:16.0125 3344 usbehci - ok
14:45:16.0140 3344 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:45:16.0156 3344 usbhub - ok
14:45:16.0187 3344 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:45:16.0187 3344 usbprint - ok
14:45:16.0203 3344 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:45:16.0203 3344 usbscan - ok
14:45:16.0218 3344 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:45:16.0218 3344 USBSTOR - ok
14:45:16.0250 3344 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:45:16.0250 3344 usbuhci - ok
14:45:16.0281 3344 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
14:45:16.0312 3344 usbvideo - ok
14:45:16.0328 3344 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:45:16.0328 3344 VgaSave - ok
14:45:16.0328 3344 Suspicious service (NoAccess): vgyyz
14:45:16.0375 3344 [ 4A270B9E3B708A55639A531DE71C7AF4 ] vgyyz C:\WINDOWS\system32\jceanady.dll
14:45:16.0375 3344 Suspicious file (NoAccess): C:\WINDOWS\system32\jceanady.dll. md5: 4A270B9E3B708A55639A531DE71C7AF4
14:45:17.0687 3344 vgyyz ( LockedService.Multi.Generic ) - warning
14:45:17.0687 3344 vgyyz - detected LockedService.Multi.Generic (1)
14:45:17.0687 3344 ViaIde - ok
14:45:17.0718 3344 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:45:17.0734 3344 VolSnap - ok
14:45:17.0812 3344 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
14:45:17.0875 3344 VSS - ok
14:45:17.0937 3344 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
14:45:17.0937 3344 W32Time - ok
14:45:17.0953 3344 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:45:17.0953 3344 Wanarp - ok
14:45:17.0968 3344 WDICA - ok
14:45:17.0984 3344 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:45:18.0000 3344 wdmaud - ok
14:45:18.0031 3344 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:45:18.0046 3344 WebClient - ok
14:45:18.0125 3344 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:45:18.0125 3344 winmgmt - ok
14:45:18.0156 3344 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
14:45:18.0171 3344 WmdmPmSN - ok
14:45:18.0343 3344 [ BAB489A5FE26F2D0C910CF7AF7E4CF92 ] Wmi C:\WINDOWS\System32\advapi32.dll
14:45:18.0343 3344 Wmi - ok
14:45:18.0390 3344 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:45:18.0421 3344 WmiApSrv - ok
14:45:18.0453 3344 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:45:18.0453 3344 WS2IFSL - ok
14:45:18.0468 3344 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:45:18.0484 3344 wscsvc - ok
14:45:18.0500 3344 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:45:18.0515 3344 WSTCODEC - ok
14:45:18.0531 3344 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:45:18.0531 3344 wuauserv - ok
14:45:18.0656 3344 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:45:18.0781 3344 WZCSVC - ok
14:45:18.0828 3344 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:45:18.0859 3344 xmlprov - ok
14:45:18.0859 3344 Suspicious service (NoAccess): yswcgu
14:45:18.0906 3344 [ 4A270B9E3B708A55639A531DE71C7AF4 ] yswcgu C:\WINDOWS\system32\jceanady.dll
14:45:18.0906 3344 Suspicious file (NoAccess): C:\WINDOWS\system32\jceanady.dll. md5: 4A270B9E3B708A55639A531DE71C7AF4
14:45:18.0906 3344 yswcgu ( LockedService.Multi.Generic ) - warning
14:45:18.0906 3344 yswcgu - detected LockedService.Multi.Generic (1)
14:45:19.0000 3344 [ 67331FD053F97A874A60374BE6B59523 ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
14:45:19.0062 3344 yukonwxp - ok
14:45:19.0062 3344 ================ Scan global ===============================
14:45:19.0078 3344 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:45:19.0156 3344 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
14:45:19.0296 3344 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
14:45:19.0328 3344 [ 0E776ED5F7CC9F94299E70461B7B8185 ] C:\WINDOWS\system32\services.exe
14:45:19.0343 3344 [Global] - ok
14:45:19.0343 3344 ================ Scan MBR ==================================
14:45:19.0359 3344 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14:45:19.0500 3344 \Device\Harddisk0\DR0 - ok
14:45:19.0500 3344 ================ Scan VBR ==================================
14:45:19.0500 3344 [ EDCEAD7F44BEAB1B54FBD0DB5EA67147 ] \Device\Harddisk0\DR0\Partition1
14:45:19.0515 3344 \Device\Harddisk0\DR0\Partition1 - ok
14:45:19.0515 3344 ============================================================
14:45:19.0515 3344 Scan finished
14:45:19.0515 3344 ============================================================
14:45:19.0515 3560 Detected object count: 2
14:45:19.0515 3560 Actual detected object count: 2
14:45:44.0562 3560 vgyyz ( LockedService.Multi.Generic ) - skipped by user
14:45:44.0562 3560 vgyyz ( LockedService.Multi.Generic ) - User select action: Skip
14:45:44.0562 3560 yswcgu ( LockedService.Multi.Generic ) - skipped by user
14:45:44.0562 3560 yswcgu ( LockedService.Multi.Generic ) - User select action: Skip
14:45:57.0453 2520 ============================================================
14:45:57.0453 2520 Scan started
14:45:57.0453 2520 Mode: Manual; TDLFS;
14:45:57.0453 2520 ============================================================
14:45:57.0625 2520 ================ Scan system memory ========================
14:45:57.0625 2520 System memory - ok
14:45:57.0625 2520 ================ Scan services =============================
14:45:57.0796 2520 13171783 - ok
14:45:57.0796 2520 Abiosdsk - ok
14:45:57.0796 2520 abp480n5 - ok
14:45:57.0875 2520 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:45:57.0875 2520 ACPI - ok
14:45:57.0906 2520 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:45:57.0906 2520 ACPIEC - ok
14:45:58.0000 2520 [ 651168B452DA256FA9E1AA172EF5BAC5 ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
14:45:58.0000 2520 ADIHdAudAddService - ok
14:45:58.0109 2520 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:45:58.0109 2520 AdobeFlashPlayerUpdateSvc - ok
14:45:58.0109 2520 adpu160m - ok
14:45:58.0140 2520 [ B4AFCC2F911939A1C16A26E7EBA7F36B ] AEAudio C:\WINDOWS\system32\drivers\AEAudio.sys
14:45:58.0140 2520 AEAudio - ok
14:45:58.0203 2520 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:45:58.0203 2520 aec - ok
14:45:58.0250 2520 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:45:58.0250 2520 AFD - ok
14:45:58.0250 2520 Aha154x - ok
14:45:58.0265 2520 aic78u2 - ok
14:45:58.0265 2520 aic78xx - ok
14:45:58.0265 2520 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:45:58.0265 2520 Alerter - ok
14:45:58.0281 2520 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
14:45:58.0281 2520 ALG - ok
14:45:58.0281 2520 AliIde - ok
14:45:58.0296 2520 amsint - ok
14:45:58.0359 2520 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:45:58.0359 2520 Apple Mobile Device - ok
14:45:58.0390 2520 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:45:58.0390 2520 AppMgmt - ok
14:45:58.0421 2520 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:45:58.0421 2520 Arp1394 - ok
14:45:58.0421 2520 asc - ok
14:45:58.0421 2520 asc3350p - ok
14:45:58.0421 2520 asc3550 - ok
14:45:58.0500 2520 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:45:58.0500 2520 aspnet_state - ok
14:45:58.0515 2520 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:45:58.0515 2520 AsyncMac - ok
14:45:58.0546 2520 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:45:58.0546 2520 atapi - ok
14:45:58.0546 2520 Atdisk - ok
14:45:58.0546 2520 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:45:58.0546 2520 Atmarpc - ok
14:45:58.0578 2520 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:45:58.0578 2520 AudioSrv - ok
14:45:58.0578 2520 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:45:58.0578 2520 audstub - ok
14:45:58.0609 2520 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:45:58.0609 2520 Beep - ok
14:45:58.0718 2520 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
14:45:58.0718 2520 BITS - ok
14:45:58.0828 2520 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:45:58.0828 2520 Bonjour Service - ok
14:45:58.0875 2520 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
14:45:58.0875 2520 Browser - ok
14:45:58.0875 2520 catchme - ok
14:45:58.0890 2520 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:45:58.0890 2520 cbidf2k - ok
14:45:58.0890 2520 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:45:58.0890 2520 CCDECODE - ok
14:45:58.0890 2520 cd20xrnt - ok
14:45:58.0906 2520 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:45:58.0906 2520 Cdaudio - ok
14:45:58.0921 2520 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:45:58.0921 2520 Cdfs - ok
14:45:58.0953 2520 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:45:58.0953 2520 Cdrom - ok
14:45:58.0953 2520 Changer - ok
14:45:58.0953 2520 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:45:58.0953 2520 CiSvc - ok
14:45:58.0968 2520 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:45:58.0968 2520 ClipSrv - ok
14:45:58.0984 2520 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:45:58.0984 2520 clr_optimization_v2.0.50727_32 - ok
14:45:58.0984 2520 CmdIde - ok
14:45:58.0984 2520 COMSysApp - ok
14:45:58.0984 2520 Cpqarray - ok
14:45:59.0031 2520 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:45:59.0031 2520 CryptSvc - ok
14:45:59.0031 2520 dac2w2k - ok
14:45:59.0031 2520 dac960nt - ok
14:45:59.0140 2520 [ 2589FE6015A316C0F5D5112B4DA7B509 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:45:59.0156 2520 DcomLaunch - ok
14:45:59.0187 2520 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:45:59.0187 2520 Dhcp - ok
14:45:59.0203 2520 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:45:59.0203 2520 Disk - ok
14:45:59.0203 2520 dmadmin - ok
14:45:59.0390 2520 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:45:59.0390 2520 dmboot - ok
14:45:59.0437 2520 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:45:59.0437 2520 dmio - ok
14:45:59.0484 2520 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:45:59.0484 2520 dmload - ok
14:45:59.0500 2520 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:45:59.0500 2520 dmserver - ok
14:45:59.0531 2520 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:45:59.0531 2520 DMusic - ok
14:45:59.0546 2520 [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:45:59.0546 2520 Dnscache - ok
14:45:59.0593 2520 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:45:59.0593 2520 Dot3svc - ok
14:45:59.0593 2520 dpti2o - ok
14:45:59.0593 2520 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:45:59.0593 2520 drmkaud - ok
14:45:59.0593 2520 EagleXNt - ok
14:45:59.0609 2520 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:45:59.0609 2520 EapHost - ok
14:45:59.0625 2520 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:45:59.0625 2520 ERSvc - ok
14:45:59.0687 2520 [ 0E776ED5F7CC9F94299E70461B7B8185 ] Eventlog C:\WINDOWS\system32\services.exe
14:45:59.0687 2520 Eventlog - ok
14:45:59.0765 2520 [ 19A799805B24990867B00C120D300C3A ] EventSystem C:\WINDOWS\system32\es.dll
14:45:59.0765 2520 EventSystem - ok
14:45:59.0828 2520 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:45:59.0828 2520 Fastfat - ok
14:45:59.0890 2520 [ 1926899BF9FFE2602B63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:45:59.0890 2520 FastUserSwitchingCompatibility - ok
14:45:59.0921 2520 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
14:45:59.0921 2520 Fdc - ok
14:45:59.0968 2520 [ B73EC688C29F81F9DA0FCF63682B3ECB ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
14:45:59.0968 2520 FilterService - ok
14:46:00.0015 2520 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:46:00.0015 2520 Fips - ok
14:46:00.0046 2520 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:46:00.0046 2520 Flpydisk - ok
14:46:00.0125 2520 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:46:00.0125 2520 FltMgr - ok
14:46:00.0234 2520 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:46:00.0234 2520 FontCache3.0.0.0 - ok
14:46:00.0250 2520 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:46:00.0250 2520 Fs_Rec - ok
14:46:00.0281 2520 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:46:00.0281 2520 Ftdisk - ok
14:46:00.0296 2520 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:46:00.0296 2520 Gpc - ok
14:46:00.0343 2520 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:46:00.0343 2520 HDAudBus - ok
14:46:00.0390 2520 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:46:00.0390 2520 helpsvc - ok
14:46:00.0390 2520 HidServ - ok
14:46:00.0406 2520 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:46:00.0406 2520 hidusb - ok
14:46:00.0421 2520 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:46:00.0421 2520 hkmsvc - ok
14:46:00.0437 2520 hpn - ok
14:46:00.0500 2520 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:46:00.0500 2520 HTTP - ok
14:46:00.0531 2520 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:46:00.0531 2520 HTTPFilter - ok
14:46:00.0531 2520 i2omgmt - ok
14:46:00.0531 2520 i2omp - ok
14:46:00.0546 2520 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:46:00.0546 2520 i8042prt - ok
14:46:00.0765 2520 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:46:00.0781 2520 idsvc - ok
14:46:00.0781 2520 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:46:00.0796 2520 Imapi - ok
14:46:00.0828 2520 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:46:00.0828 2520 ImapiService - ok
14:46:00.0828 2520 ini910u - ok
14:46:00.0828 2520 IntelIde - ok
14:46:00.0843 2520 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:46:00.0843 2520 intelppm - ok
14:46:00.0859 2520 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:46:00.0859 2520 Ip6Fw - ok
14:46:00.0875 2520 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:46:00.0875 2520 IpFilterDriver - ok
14:46:00.0890 2520 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:46:00.0890 2520 IpInIp - ok
14:46:00.0937 2520 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:46:00.0937 2520 IpNat - ok
14:46:01.0093 2520 [ EF1C51222117B37AFBFF8F4642EA8C62 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:46:01.0093 2520 iPod Service - ok
14:46:01.0109 2520 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:46:01.0109 2520 IPSec - ok
14:46:01.0125 2520 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:46:01.0125 2520 IRENUM - ok
14:46:01.0125 2520 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:46:01.0125 2520 isapnp - ok
14:46:01.0140 2520 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:46:01.0140 2520 Kbdclass - ok
14:46:01.0140 2520 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:46:01.0140 2520 kbdhid - ok
14:46:01.0187 2520 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:46:01.0187 2520 kmixer - ok
14:46:01.0218 2520 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:46:01.0218 2520 KSecDD - ok
14:46:01.0265 2520 [ F385F4B02C535BFFE1D70CAB80838123 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
14:46:01.0265 2520 LanmanServer - ok
14:46:01.0312 2520 [ 1B67B632786FEF1C1BBAEF46C2F3F2E6 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:46:01.0312 2520 lanmanworkstation - ok
14:46:01.0312 2520 lbrtfdc - ok
14:46:01.0328 2520 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:46:01.0328 2520 LmHosts - ok
14:46:01.0343 2520 [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
14:46:01.0343 2520 LVPr2Mon - ok
14:46:01.0390 2520 LVPrcSrv - ok
14:46:01.0468 2520 [ 37072EC9299E825F4335CC554B6FAC6A ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
14:46:01.0468 2520 LVRS - ok
14:46:03.0406 2520 [ A240E42A7402E927A71B6E8AA4629B13 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
14:46:03.0437 2520 LVUVC - ok
14:46:03.0453 2520 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
14:46:03.0453 2520 MBAMProtector - ok
14:46:03.0578 2520 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:46:03.0578 2520 MBAMScheduler - ok
14:46:03.0750 2520 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:46:03.0765 2520 MBAMService - ok
14:46:03.0796 2520 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:46:03.0796 2520 Messenger - ok
14:46:03.0812 2520 Microsoft SharePoint Workspace Audit Service - ok
14:46:03.0843 2520 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:46:03.0843 2520 mnmdd - ok
14:46:03.0859 2520 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:46:03.0859 2520 mnmsrvc - ok
14:46:03.0890 2520 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:46:03.0890 2520 Modem - ok
14:46:03.0906 2520 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:46:03.0906 2520 Mouclass - ok
14:46:03.0921 2520 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:46:03.0921 2520 mouhid - ok
14:46:03.0937 2520 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:46:03.0937 2520 MountMgr - ok
14:46:04.0000 2520 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:46:04.0000 2520 MozillaMaintenance - ok
14:46:04.0000 2520 mraid35x - ok
14:46:04.0046 2520 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:46:04.0046 2520 MRxDAV - ok
14:46:04.0171 2520 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:46:04.0171 2520 MRxSmb - ok
14:46:04.0187 2520 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:46:04.0187 2520 MSDTC - ok
14:46:04.0203 2520 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:46:04.0203 2520 Msfs - ok
14:46:04.0203 2520 MSIServer - ok
14:46:04.0203 2520 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:46:04.0203 2520 MSKSSRV - ok
14:46:04.0218 2520 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:46:04.0218 2520 MSPCLOCK - ok
14:46:04.0234 2520 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:46:04.0234 2520 MSPQM - ok
14:46:04.0234 2520 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:46:04.0234 2520 mssmbios - ok
14:46:04.0265 2520 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
14:46:04.0265 2520 MSTEE - ok
14:46:04.0281 2520 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:46:04.0281 2520 Mup - ok
14:46:04.0312 2520 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:46:04.0312 2520 NABTSFEC - ok
14:46:04.0390 2520 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
14:46:04.0406 2520 napagent - ok
14:46:04.0453 2520 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:46:04.0453 2520 NDIS - ok
14:46:04.0484 2520 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:46:04.0484 2520 NdisIP - ok
14:46:04.0500 2520 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:46:04.0500 2520 NdisTapi - ok
14:46:04.0500 2520 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:46:04.0500 2520 Ndisuio - ok
14:46:04.0531 2520 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:46:04.0531 2520 NdisWan - ok
14:46:04.0531 2520 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:46:04.0531 2520 NDProxy - ok
14:46:04.0546 2520 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:46:04.0546 2520 NetBIOS - ok
14:46:04.0593 2520 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:46:04.0593 2520 NetBT - ok
14:46:04.0625 2520 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
14:46:04.0625 2520 NetDDE - ok
14:46:04.0656 2520 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:46:04.0656 2520 NetDDEdsdm - ok
14:46:04.0687 2520 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:46:04.0687 2520 Netlogon - ok
14:46:04.0734 2520 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
14:46:04.0750 2520 Netman - ok
14:46:04.0812 2520 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:46:04.0812 2520 NetTcpPortSharing - ok
14:46:04.0843 2520 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:46:04.0843 2520 NIC1394 - ok
14:46:04.0921 2520 [ B4138E99236F0F57D4CF49BAE98A0746 ] Nla C:\WINDOWS\System32\mswsock.dll
14:46:04.0921 2520 Nla - ok
14:46:04.0953 2520 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:46:04.0953 2520 Npfs - ok
14:46:04.0953 2520 npggsvc - ok
14:46:05.0156 2520 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:46:05.0156 2520 Ntfs - ok
14:46:05.0171 2520 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:46:05.0171 2520 NtLmSsp - ok
14:46:05.0328 2520 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:46:05.0328 2520 NtmsSvc - ok
14:46:05.0359 2520 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
14:46:05.0359 2520 Null - ok
14:46:08.0828 2520 [ 774A0D43912F75DA99D32F2D9E6A674C ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:46:08.0906 2520 nv - ok
14:46:09.0000 2520 [ 6B665BDA473E2888A036D0BA5663B5A5 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
14:46:09.0000 2520 NVSvc - ok
14:46:09.0078 2520 nvUpdatusService - ok
14:46:09.0125 2520 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:46:09.0125 2520 NwlnkFlt - ok
14:46:09.0156 2520 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:46:09.0156 2520 NwlnkFwd - ok
14:46:09.0187 2520 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:46:09.0187 2520 ohci1394 - ok
14:46:09.0343 2520 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:46:09.0343 2520 ose - ok
14:46:10.0562 2520 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:46:10.0578 2520 osppsvc - ok
14:46:10.0625 2520 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
14:46:10.0625 2520 Parport - ok
14:46:10.0625 2520 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:46:10.0625 2520 PartMgr - ok
14:46:10.0640 2520 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:46:10.0640 2520 ParVdm - ok
14:46:10.0671 2520 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:46:10.0671 2520 PCI - ok
14:46:10.0671 2520 PCIDump - ok
14:46:10.0671 2520 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:46:10.0671 2520 PCIIde - ok
14:46:10.0703 2520 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:46:10.0703 2520 Pcmcia - ok
14:46:10.0703 2520 PDCOMP - ok
14:46:10.0703 2520 PDFRAME - ok
14:46:10.0718 2520 PDRELI - ok
14:46:10.0718 2520 PDRFRAME - ok
14:46:10.0718 2520 perc2 - ok
14:46:10.0718 2520 perc2hib - ok
14:46:10.0750 2520 [ 0E776ED5F7CC9F94299E70461B7B8185 ] PlugPlay C:\WINDOWS\system32\services.exe
14:46:10.0750 2520 PlugPlay - ok
14:46:10.0765 2520 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:46:10.0765 2520 PolicyAgent - ok
14:46:10.0781 2520 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:46:10.0781 2520 PptpMiniport - ok
14:46:10.0781 2520 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:46:10.0796 2520 ProtectedStorage - ok
14:46:10.0812 2520 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:46:10.0812 2520 PSched - ok
14:46:10.0812 2520 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:46:10.0812 2520 Ptilink - ok
14:46:10.0812 2520 ql1080 - ok
14:46:10.0812 2520 Ql10wnt - ok
14:46:10.0828 2520 ql12160 - ok
14:46:10.0828 2520 ql1240 - ok
14:46:10.0828 2520 ql1280 - ok
14:46:10.0843 2520 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:46:10.0843 2520 RasAcd - ok
14:46:10.0875 2520 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:46:10.0875 2520 RasAuto - ok
14:46:10.0906 2520 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:46:10.0906 2520 Rasl2tp - ok
14:46:10.0953 2520 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:46:10.0953 2520 RasMan - ok
14:46:10.0968 2520 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:46:10.0968 2520 RasPppoe - ok
14:46:10.0984 2520 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:46:10.0984 2520 Raspti - ok
14:46:11.0046 2520 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:46:11.0046 2520 Rdbss - ok
14:46:11.0046 2520 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:46:11.0046 2520 RDPCDD - ok
14:46:11.0109 2520 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:46:11.0109 2520 rdpdr - ok
14:46:11.0156 2520 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:46:11.0156 2520 RDPWD - ok
14:46:11.0203 2520 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:46:11.0203 2520 RDSessMgr - ok
14:46:11.0234 2520 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:46:11.0234 2520 redbook - ok
14:46:11.0265 2520 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:46:11.0265 2520 RemoteAccess - ok
14:46:11.0296 2520 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:46:11.0296 2520 RemoteRegistry - ok
14:46:11.0343 2520 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
14:46:11.0343 2520 RimUsb - ok
14:46:11.0359 2520 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
14:46:11.0359 2520 RpcLocator - ok
14:46:11.0468 2520 [ 2589FE6015A316C0F5D5112B4DA7B509 ] RpcSs C:\WINDOWS\System32\rpcss.dll
14:46:11.0484 2520 RpcSs - ok
14:46:11.0531 2520 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:46:11.0531 2520 RSVP - ok
14:46:11.0546 2520 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
14:46:11.0546 2520 SamSs - ok
14:46:11.0609 2520 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:46:11.0609 2520 SCardSvr - ok
14:46:11.0687 2520 [ BC7C602A9202429D37CCD07E7EBB6404 ] SCDEmu C:\WINDOWS\system32\drivers\SCDEmu.sys
14:46:11.0687 2520 SCDEmu - ok
14:46:11.0796 2520 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:46:11.0796 2520 Schedule - ok
14:46:11.0828 2520 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:46:11.0828 2520 Secdrv - ok
14:46:11.0843 2520 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:46:11.0843 2520 seclogon - ok
14:46:11.0984 2520 [ B6A6B409FDA9D9EBD3AADB838D3D7173 ] SenFiltService C:\WINDOWS\system32\drivers\Senfilt.sys
14:46:11.0984 2520 SenFiltService - ok
14:46:12.0015 2520 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
14:46:12.0015 2520 SENS - ok
14:46:12.0031 2520 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:46:12.0031 2520 serenum - ok
14:46:12.0046 2520 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:46:12.0046 2520 Serial - ok
14:46:12.0062 2520 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:46:12.0062 2520 Sfloppy - ok
14:46:12.0140 2520 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:46:12.0140 2520 SharedAccess - ok
14:46:12.0171 2520 [ 1926899BF9FFE2602B63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:46:12.0187 2520 ShellHWDetection - ok
14:46:12.0187 2520 Simbad - ok
14:46:12.0234 2520 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:46:12.0234 2520 SkypeUpdate - ok
14:46:12.0250 2520 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:46:12.0250 2520 SLIP - ok
14:46:12.0250 2520 Sparrow - ok
14:46:12.0265 2520 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:46:12.0265 2520 splitter - ok
14:46:12.0296 2520 [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:46:12.0296 2520 Spooler - ok
14:46:12.0328 2520 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:46:12.0328 2520 sr - ok
14:46:12.0375 2520 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
14:46:12.0375 2520 srservice - ok
14:46:12.0453 2520 [ 5252605079810904E31C332E241CD59B ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:46:12.0453 2520 Srv - ok
14:46:12.0484 2520 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:46:12.0484 2520 SSDPSRV - ok
14:46:12.0515 2520 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
14:46:12.0515 2520 StillCam - ok
14:46:12.0593 2520 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:46:12.0609 2520 stisvc - ok
14:46:12.0625 2520 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:46:12.0625 2520 streamip - ok
14:46:12.0640 2520 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:46:12.0640 2520 swenum - ok
14:46:12.0656 2520 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:46:12.0656 2520 swmidi - ok
14:46:12.0656 2520 SwPrv - ok
14:46:12.0656 2520 symc810 - ok
14:46:12.0656 2520 symc8xx - ok
14:46:12.0656 2520 sym_hi - ok
14:46:12.0656 2520 sym_u3 - ok
14:46:12.0703 2520 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:46:12.0703 2520 sysaudio - ok
14:46:12.0718 2520 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:46:12.0718 2520 SysmonLog - ok
14:46:12.0781 2520 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:46:12.0781 2520 TapiSrv - ok
14:46:12.0890 2520 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:46:12.0890 2520 Tcpip - ok
14:46:12.0906 2520 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:46:12.0906 2520 TDPIPE - ok
14:46:12.0921 2520 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:46:12.0921 2520 TDTCP - ok
14:46:12.0937 2520 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:46:12.0937 2520 TermDD - ok
14:46:13.0031 2520 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
14:46:13.0031 2520 TermService - ok
14:46:13.0062 2520 [ 1926899BF9FFE2602B63074971700412 ] Themes C:\WINDOWS\System32\shsvcs.dll
14:46:13.0062 2520 Themes - ok
14:46:13.0093 2520 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
14:46:13.0093 2520 TlntSvr - ok
14:46:13.0093 2520 TosIde - ok
14:46:13.0125 2520 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:46:13.0125 2520 TrkWks - ok
14:46:13.0140 2520 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:46:13.0140 2520 Udfs - ok
14:46:13.0140 2520 ultra - ok
14:46:13.0250 2520 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:46:13.0250 2520 Update - ok
14:46:13.0296 2520 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:46:13.0296 2520 upnphost - ok
14:46:13.0312 2520 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
14:46:13.0312 2520 UPS - ok
14:46:13.0343 2520 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
14:46:13.0343 2520 USBAAPL - ok
14:46:13.0375 2520 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
14:46:13.0375 2520 usbaudio - ok
14:46:13.0406 2520 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:46:13.0406 2520 usbccgp - ok
14:46:13.0421 2520 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:46:13.0421 2520 usbehci - ok
14:46:13.0437 2520 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:46:13.0437 2520 usbhub - ok
14:46:13.0484 2520 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:46:13.0484 2520 usbprint - ok
14:46:13.0500 2520 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:46:13.0500 2520 usbscan - ok
14:46:13.0515 2520 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:46:13.0515 2520 USBSTOR - ok
14:46:13.0531 2520 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:46:13.0531 2520 usbuhci - ok
14:46:13.0562 2520 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
14:46:13.0578 2520 usbvideo - ok
14:46:13.0578 2520 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:46:13.0578 2520 VgaSave - ok
14:46:13.0578 2520 Suspicious service (NoAccess): vgyyz
14:46:13.0640 2520 [ 4A270B9E3B708A55639A531DE71C7AF4 ] vgyyz C:\WINDOWS\system32\jceanady.dll
14:46:13.0640 2520 Suspicious file (NoAccess): C:\WINDOWS\system32\jceanady.dll. md5: 4A270B9E3B708A55639A531DE71C7AF4
14:46:13.0640 2520 vgyyz ( LockedService.Multi.Generic ) - warning
14:46:13.0640 2520 vgyyz - detected LockedService.Multi.Generic (1)
14:46:13.0640 2520 ViaIde - ok
14:46:13.0671 2520 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:46:13.0671 2520 VolSnap - ok
14:46:13.0750 2520 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
14:46:13.0750 2520 VSS - ok
14:46:13.0812 2520 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
14:46:13.0812 2520 W32Time - ok
14:46:13.0828 2520 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:46:13.0828 2520 Wanarp - ok
14:46:13.0828 2520 WDICA - ok
14:46:13.0859 2520 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:46:13.0859 2520 wdmaud - ok
14:46:13.0875 2520 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:46:13.0875 2520 WebClient - ok
14:46:13.0937 2520 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:46:13.0953 2520 winmgmt - ok
14:46:13.0968 2520 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
14:46:13.0968 2520 WmdmPmSN - ok
14:46:14.0187 2520 [ BAB489A5FE26F2D0C910CF7AF7E4CF92 ] Wmi C:\WINDOWS\System32\advapi32.dll
14:46:14.0187 2520 Wmi - ok
14:46:14.0265 2520 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:46:14.0265 2520 WmiApSrv - ok
14:46:14.0312 2520 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:46:14.0312 2520 WS2IFSL - ok
14:46:14.0359 2520 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:46:14.0359 2520 wscsvc - ok
14:46:14.0375 2520 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:46:14.0390 2520 WSTCODEC - ok
14:46:14.0437 2520 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:46:14.0453 2520 wuauserv - ok
14:46:14.0687 2520 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:46:14.0703 2520 WZCSVC - ok
14:46:14.0750 2520 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:46:14.0750 2520 xmlprov - ok
14:46:14.0750 2520 Suspicious service (NoAccess): yswcgu
14:46:14.0796 2520 [ 4A270B9E3B708A55639A531DE71C7AF4 ] yswcgu C:\WINDOWS\system32\jceanady.dll
14:46:14.0796 2520 Suspicious file (NoAccess): C:\WINDOWS\system32\jceanady.dll. md5: 4A270B9E3B708A55639A531DE71C7AF4
14:46:14.0796 2520 yswcgu ( LockedService.Multi.Generic ) - warning
14:46:14.0796 2520 yswcgu - detected LockedService.Multi.Generic (1)
14:46:14.0890 2520 [ 67331FD053F97A874A60374BE6B59523 ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
14:46:14.0890 2520 yukonwxp - ok
14:46:14.0890 2520 ================ Scan global ===============================
14:46:14.0921 2520 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:46:15.0000 2520 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
14:46:15.0062 2520 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
14:46:15.0093 2520 [ 0E776ED5F7CC9F94299E70461B7B8185 ] C:\WINDOWS\system32\services.exe
14:46:15.0093 2520 [Global] - ok
14:46:15.0093 2520 ================ Scan MBR ==================================
14:46:15.0125 2520 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14:46:15.0328 2520 \Device\Harddisk0\DR0 - ok
14:46:15.0328 2520 ================ Scan VBR ==================================
14:46:15.0328 2520 [ EDCEAD7F44BEAB1B54FBD0DB5EA67147 ] \Device\Harddisk0\DR0\Partition1
14:46:15.0343 2520 \Device\Harddisk0\DR0\Partition1 - ok
14:46:15.0343 2520 ============================================================
14:46:15.0343 2520 Scan finished
14:46:15.0343 2520 ============================================================
14:46:15.0343 3676 Detected object count: 2
14:46:15.0343 3676 Actual detected object count: 2
14:46:37.0562 3676 C:\WINDOWS\system32\jceanady.dll - copied to quarantine
14:46:37.0562 3676 HKLM\SYSTEM\ControlSet001\services\vgyyz - will be deleted on reboot
14:46:37.0562 3676 HKLM\SYSTEM\ControlSet002\services\vgyyz - will be deleted on reboot
14:46:37.0562 3676 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\svchost:netsvcs - will be cured on reboot
14:46:37.0562 3676 C:\WINDOWS\system32\jceanady.dll - will be deleted on reboot
14:46:37.0562 3676 vgyyz ( LockedService.Multi.Generic ) - User select action: Delete
14:46:37.0609 3676 C:\WINDOWS\system32\jceanady.dll - copied to quarantine
14:46:37.0609 3676 HKLM\SYSTEM\ControlSet001\services\yswcgu - will be deleted on reboot
14:46:37.0609 3676 HKLM\SYSTEM\ControlSet002\services\yswcgu - will be deleted on reboot
14:46:37.0609 3676 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\svchost:netsvcs - will be cured on reboot
14:46:37.0609 3676 C:\WINDOWS\system32\jceanady.dll - will be deleted on reboot
14:46:37.0609 3676 yswcgu ( LockedService.Multi.Generic ) - User select action: Delete
14:47:01.0015 2844 Deinitialize success

MiniToolBox by Farbar Version: 25-11-2012
Ran by dazibit (administrator) on 19-12-2012 at 14:52:11
Running from "C:\Documents and Settings\dazibit\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : daz

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : no-domain-set-bellcanada



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : no-domain-set-bellcanada

Description . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller

Physical Address. . . . . . . . . : 00-1D-60-63-28-25

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.2.14

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.2.1

DHCP Server . . . . . . . . . . . : 192.168.2.1

DNS Servers . . . . . . . . . . . : 192.168.2.1

Lease Obtained. . . . . . . . . . : Wednesday, December 19, 2012 2:49:19 PM

Lease Expires . . . . . . . . . . : Thursday, December 20, 2012 2:49:19 AM

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.2.1

DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 74.125.226.7, 74.125.226.4, 74.125.226.8, 74.125.226.1
74.125.226.6, 74.125.226.14, 74.125.226.9, 74.125.226.3, 74.125.226.0
74.125.226.2, 74.125.226.5



Pinging google.com [74.125.226.7] with 32 bytes of data:



Reply from 74.125.226.7: bytes=32 time=6ms TTL=56

Reply from 74.125.226.7: bytes=32 time=6ms TTL=56



Ping statistics for 74.125.226.7:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 6ms, Maximum = 6ms, Average = 6ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.2.1

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 98.138.253.109, 98.139.183.24, 72.30.38.140



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=44ms TTL=52

Reply from 98.138.253.109: bytes=32 time=35ms TTL=52



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 35ms, Maximum = 44ms, Average = 39ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1d 60 63 28 25 ...... Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.14 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.2.14 192.168.2.14 20
192.168.2.0 255.255.255.0 192.168.2.14 192.168.2.14 10
192.168.2.14 255.255.255.255 127.0.0.1 127.0.0.1 10
192.168.2.255 255.255.255.255 192.168.2.14 192.168.2.14 10
224.0.0.0 240.0.0.0 192.168.2.14 192.168.2.14 10
255.255.255.255 255.255.255.255 192.168.2.14 192.168.2.14 1
Default Gateway: 192.168.2.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/19/2012 02:17:27 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/6252DC40F71143A22FDE9EF7348E064251B18118.crt> with error: This network connection does not exist.

Error: (12/19/2012 02:17:27 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/6252DC40F71143A22FDE9EF7348E064251B18118.crt> with error: The server name or address could not be resolved

Error: (12/15/2012 04:51:03 AM) (Source: Application Error) (User: )
Description: Faulting application skype.exe, version 6.0.0.126, faulting module kernel32.dll, version 5.1.2600.5512, fault address 0x0000983e.
Processing media-specific event for [skype.exe!ws!]

Error: (12/15/2012 02:26:13 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (12/15/2012 02:26:13 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved

Error: (12/15/2012 02:25:28 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (12/15/2012 02:25:28 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved

Error: (12/15/2012 02:22:29 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (12/15/2012 02:22:29 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved

Error: (12/09/2012 08:05:23 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.


System errors:
=============
Error: (12/19/2012 02:42:53 PM) (Source: Service Control Manager) (User: )
Description: The Process Monitor service failed to start due to the following error:
%%2

Error: (12/19/2012 04:21:13 AM) (Source: DCOM) (User: DAZ)
Description: DCOM got error "%%1058" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (12/19/2012 04:21:12 AM) (Source: DCOM) (User: DAZ)
Description: DCOM got error "%%1058" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (12/16/2012 06:02:59 PM) (Source: Service Control Manager) (User: )
Description: The Support Image service terminated with the following error:
%%1114

Error: (12/16/2012 06:02:59 PM) (Source: Service Control Manager) (User: )
Description: The Helper Driver service terminated with the following error:
%%1114

Error: (12/16/2012 06:02:59 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%2

Error: (12/16/2012 06:02:59 PM) (Source: Service Control Manager) (User: )
Description: The Process Monitor service failed to start due to the following error:
%%2

Error: (12/16/2012 02:04:30 AM) (Source: Service Control Manager) (User: )
Description: The Support Image service terminated with the following error:
%%1114

Error: (12/16/2012 02:04:30 AM) (Source: Service Control Manager) (User: )
Description: The Helper Driver service terminated with the following error:
%%1114

Error: (12/16/2012 02:04:30 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (12/19/2012 02:17:27 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/6252DC40F71143A22FDE9EF7348E064251B18118.crtThis network connection does not exist.

Error: (12/19/2012 02:17:27 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/6252DC40F71143A22FDE9EF7348E064251B18118.crtThe server name or address could not be resolved

Error: (12/15/2012 04:51:03 AM) (Source: Application Error)(User: )
Description: skype.exe6.0.0.126kernel32.dll5.1.2600.55120000983e

Error: (12/15/2012 02:26:13 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (12/15/2012 02:26:13 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe server name or address could not be resolved

Error: (12/15/2012 02:25:28 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (12/15/2012 02:25:28 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe server name or address could not be resolved

Error: (12/15/2012 02:22:29 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (12/15/2012 02:22:29 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe server name or address could not be resolved

Error: (12/09/2012 08:05:23 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.


=========================== Installed Programs ============================

µTorrent (Version: 3.2.1.28086)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.135)
Adobe Flash Player 11 Plugin (Version: 11.5.502.135)
Adobe Reader XI (Version: 11.0.00)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
Canon MX860 series MP Drivers
Drift City
Google Talk Plugin (Version: 3.10.2.10212)
iTunes (Version: 11.0.0.163)
K-Lite Mega Codec Pack 9.3.0 (Version: 9.3.0)
Logitech Webcam Software (Version: 12.10.1113)
Logitech Webcam Software Driver Package (Version: 12.10.1110)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Marvell Miniport Driver (Version: 10.22.4.3)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Games for Windows - LIVE (Version: 3.3.24.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.2.3.0)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.4763.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Mozilla Firefox 17.0.1 (x86 en-US) (Version: 17.0.1)
Mozilla Maintenance Service (Version: 17.0.1)
MSVCRT (Version: 14.0.1468.721)
New Star Soccer 5 v1.12
Nexon Game Manager
NVIDIA Control Panel 306.23 (Version: 306.23)
NVIDIA Graphics Driver 306.23 (Version: 306.23)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA nView 136.28 (Version: 136.28)
NVIDIA PhysX (Version: 9.12.0604)
NVIDIA PhysX System Software 9.12.0604 (Version: 9.12.0604)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Pando Media Booster (Version: 2.6.0.8)
PowerISO (Version: 5.4)
Roller Coaster Tycoon 3 Platinum - CarlesNeo !
Segoe UI (Version: 14.0.4327.805)
Skype™ 6.0 (Version: 6.0.126)
SoundMAX (Version: 5.10.01.6310)
SteelSeries Kinzu Optical Mouse (Version: 1.0.10)
Ventrilo Client (Version: 3.0.8)
Viva Pinata (Version: 1.00.0000)
Warcraft III: All Products
Warkeys 1.20.0.0b (Version: 1.20.0.0b)
WebFldrs XP (Version: 9.50.7523)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
WinRAR 4.10 beta 2 (32-bit) (Version: 4.10.2)

========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 2047.04 MB
Available physical RAM: 1536.78 MB
Total Pagefile: 3939.88 MB
Available Pagefile: 3582.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1979.66 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:139.73 GB) (Free:78.21 GB) NTFS

========================= Users: ========================================

User accounts for \\DAZ

Administrator ASPNET dazibit
Guest HelpAssistant SUPPORT_388945a0
UpdatusUser


**** End of log ****

Thanks for your patience

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:21 AM

Posted 19 December 2012 - 03:30 PM

OK,I need to check..
Use a proxy..." is UNchecked now?

You needed a reboot of the system after TDSS scan,that was done?

I do not see any antivirus now...


Please do these next....

ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.



Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.



Please run the F-Secure Online Scanner
Follow the Instruction here for installation.
Accept the License Agreement.
Once the ActiveX installs,Click Full System Scan
Once the download completes, the scan will begin automatically.
The scan will take some time to finish, so please be patient.
When the scan completes, click the Automatic cleaning (recommended) button.
Click the Show Report button and Copy&Paste the entire report in your next reply.

Edited by boopme, 19 December 2012 - 03:34 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 dazibit

dazibit
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 20 December 2012 - 03:57 AM

Yes, the proxy was always unchecked. Yes, I rebooted after the scan.

jceanady.dll seems to be a recurring virus after the scans.

I can't access the online F-Secure scanner, or any other antivirus websites.

Here are the logs:

# AdwCleaner v2.101 - Logfile created 12/20/2012 at 00:01:40
# Updated 16/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : dazibit - DAZ
# Boot Mode : Normal
# Running from : C:\Documents and Settings\dazibit\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\Software\TENCENT

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\dazibit\Application Data\Mozilla\Firefox\Profiles\c8qqpfgb.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [850 octets] - [20/12/2012 00:01:40]

########## EOF - C:\AdwCleaner[S1].txt - [909 octets] ##########

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-20 03:16:20
-----------------------------
03:16:20.031 OS Version: Windows 5.1.2600 Service Pack 3
03:16:20.031 Number of processors: 2 586 0xF0B
03:16:20.031 ComputerName: DAZ UserName:
03:16:21.593 Initialize success
03:17:16.500 AVAST engine defs: 12121901
03:17:33.906 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP5T0L0-16
03:17:33.921 Disk 0 Vendor: WDC_WD1500ADFD-00NLR5 21.07QR5 Size: 143089MB BusType: 3
03:17:33.921 Disk 0 MBR read successfully
03:17:33.921 Disk 0 MBR scan
03:17:33.953 Disk 0 Windows XP default MBR code
03:17:33.953 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 143078 MB offset 63
03:17:33.968 Disk 0 scanning sectors +293025600
03:17:34.031 Disk 0 scanning C:\WINDOWS\system32\drivers
03:17:43.171 Service scanning
03:18:29.875 Modules scanning
03:18:47.937 Disk 0 trace - called modules:
03:18:47.953 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
03:18:47.953 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89decab8]
03:18:47.953 3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> \Device\0000006e[0x89de0640]
03:18:47.953 5 ACPI.sys[b7f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP5T0L0-16[0x89d52940]
03:18:49.562 AVAST engine scan C:\WINDOWS
03:18:54.546 AVAST engine scan C:\WINDOWS\system32
03:24:17.343 AVAST engine scan C:\WINDOWS\system32\drivers
03:24:30.171 AVAST engine scan C:\Documents and Settings\dazibit
03:30:51.421 AVAST engine scan C:\Documents and Settings\All Users
03:31:37.078 Scan finished successfully
03:50:07.187 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\dazibit\Desktop\MBR.dat"
03:50:07.187 The log file has been saved successfully to "C:\Documents and Settings\dazibit\Desktop\aswMBR.txt"

I got eset scanner to work. I scanned and here is the following log. After a reboot i could access antivirus sites for about one minute and then i couldn't after one minute.

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\APYJ0DE7\gdgnw[1].png Win32/Conficker.AE worm cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\20.12.2012_00.06.35\susp0000\svc0000\tsk0000.dta Win32/Conficker.AE worm cleaned by deleting - quarantined

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:21 AM

Posted 20 December 2012 - 03:40 PM

Well looks like confliker worm as an issue. We need a new topic,called "Malware will not let me run Antivirus tools"
To find what is blocking ,we need to get a deeper look. Please follow this Preparation Guide and post in a new topic.

Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users