Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Some file are automatically creating after deleting in flash drive


  • This topic is locked This topic is locked
12 replies to this topic

#1 krishna_das

krishna_das

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 AM

Posted 29 July 2013 - 01:43 AM

http://i1297.photobucket.com/albums/ag35/krishna_das1/untitled_zps32035fa9.png

 

I tried delete to these file by many anti virus like ,maleware byte , smart virus remover , avira , sword , autorun eater , it not working please please help me ...  

 

 

 

regards

krishna  

 

Mod Edit: Moved topic from XP to a more appropriate forum. ~bloopie


Edited by bloopie, 29 July 2013 - 09:09 AM.


BC AdBot (Login to Remove)

 


#2 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:59 AM

Posted 30 July 2013 - 03:31 AM

Attention: This action will remove all the files on the flash drive.

 

:step1: Reformat the flash-drive. Go to computer, right click on the flash drive and choose format. 

 

:step2: Use USB Immunizer ==> http://labs.bitdefender.com/projects/usb-immunizer/overview/

                                       ==> http://labs.bitdefender.com/wp-content/plugins/download-monitor/download.php?id=BDUSBImmunizerLauncher.exe


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#3 krishna_das

krishna_das
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 AM

Posted 02 August 2013 - 06:31 AM

sir it's not working .. i  already  ii​immunized it but it is not working .... but i am able   safety   remove by click ..... 

 plz help me out from these virus  .......



#4 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:59 AM

Posted 02 August 2013 - 06:50 AM

:welcome:

 

:step1: Install and run MBAM

:step2:  Running TDSSKiller to obtain log

 

Note: Don't cure or delete a threat, but choose skip for all instead.

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters

tds2.jpg

  • In the Additional options: Check Detect TDLFS file system
  • Click Start Scan and allow the scan process to run

tds4-1.jpg

  • Choose for all threats to Skip for all of them.
  • Click Continue
  • Please post the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)

===================================================

 

:step3: ESET Online Scanner

==================

Note: If your AV is blocking Eset online scanner, please temporarily disable your AV.

 

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and » UNCHECK "Remove found threats" <== Important
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. (If no malware was found you will not be presented with a log).
  • Click the Back button.
  • Click the Finish button.

===================================================

:step4: Please download and scan with the Kaspersky Virus Removal Tool from one of the following links and save it to your desktop.

Be sure to print out and read the instructions provided in:

  • Double-click the setup file (i.e. setup_11.0.0.1245x11_2012_18-23_13_03.exe) to install the utility.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • If you receive a UAC prompt asking if you would like to continue running the program, you should press the Continue button.
  • The required files will be exracted and installed...be patient as this will take a few minutes.
  • At the 'Welcome!' windows, check the box next to I accept the license agreement and click Start.
  • A new window will open with two tabs (Automatic Scan and Manual Disinfection) and two icons on the right.
  • For a more comprehensive (but longer) scan, click the icon which looks like a round gear, Click Scan Scope and place a check mark in the box next to Local Disk (C:).
    System memory, Hidden Startups and Disk boot sector boxes should already be checked by default.
  • Click on the 'Automatic Scan' tab, and click the green Start scanning button to begin.
  • The time to finish and percentage completed will show as the scan is in progress...Important! Do not use the computer during the scan.
  • If no threats are detected, exit the program.
  • If threats are detected, you will be prompted for action: Disinfect, Delete if disinfection failes.
  • Place a checkmark in the Apply to all box, and click Disinfect if the button is active.
  • After the scan finishes, if any threats are left unneutralized in the Scan window (Red exclamation point), click the Neutralize allbutton.
  • Place a checkmark in the Apply to all box, and click Disinfect if the button is active.
  • If advised that a special disinfection procedure is required which demands system reboot, click the Ok button to close the window.
  • When finished, click the rectanular notepad icon > select Detected threats > click on to highlight and click the Save icon to save the results as a text file...name it avptool.txt).
  • Copy and paste the report results of avptool.txt with any threats detected in your next reply.
  • When finished, follow these instructions on How to uninstall Kaspersky Virus Removal Tool.

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#5 krishna_das

krishna_das
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 AM

Posted 02 August 2013 - 01:31 PM

Thanks sir for your   valuable   suggestion   .... but i am bit confuse that  how i will use these tools ... shall i use these tools one by one or shall i try which is able to heal ???? by the way i already tried for maleware byte it is not working for these virus ..

 

thanks again 



#6 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:59 AM

Posted 02 August 2013 - 02:09 PM

Just do:  :step1: - :step2::step3:

 

You may skip  :step4: if it's to difficult. 


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#7 argus1

argus1

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:59 AM

Posted 02 August 2013 - 03:34 PM

Hi @krishna_das

 

 

 

> Check USB storage devices / removable drives


Download MCShield from one of the following links:

MyCity -  Official download link
Softpedija - Mirror download link
 

  • Double click MCShield-Setup to install the application.
  • Wait a few seconds to MCShield finish initial scan.
    Recommendation to under General and Scanner tab you click on Defaults button to choose recommended options.
  • Connect your USB storage devices to the computer one at a time. Scanning will be done automatically.

When all scanning is done, you need to attach a logreport that has made MCShield.

Start -> All Programs -> MCShield -> Logs

Attach here -> AllScans.txt

Explanation: USB storage devices are all the USB devices that get their own partition letter at connecting to the PC,
e.g. flash drives (thumb/pen drives, USB sticks), external HDDs, MP3/MP4 players, digital cameras,
memory cards (SD cards, Sony Memory Stick, MultiMedia Cards etc.), some mobile phones, some GPS navigation devices etc.


Edited by argus1, 02 August 2013 - 03:54 PM.


#8 krishna_das

krishna_das
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 AM

Posted 03 August 2013 - 10:17 AM

20:42:31.0734 2776  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:42:32.0828 2776  ============================================================
20:42:32.0828 2776  Current date / time: 2013/08/03 20:42:32.0828
20:42:32.0828 2776  SystemInfo:
20:42:32.0828 2776  
20:42:32.0828 2776  OS Version: 5.1.2600 ServicePack: 2.0
20:42:32.0828 2776  Product type: Workstation
20:42:32.0828 2776  ComputerName: HOME-EE459C77D3
20:42:32.0828 2776  UserName: KRISHNA
20:42:32.0828 2776  Windows directory: C:\windows
20:42:32.0828 2776  System windows directory: C:\windows
20:42:32.0828 2776  Processor architecture: Intel x86
20:42:32.0828 2776  Number of processors: 1
20:42:32.0828 2776  Page size: 0x1000
20:42:32.0828 2776  Boot type: Normal boot
20:42:32.0828 2776  ============================================================
20:42:34.0562 2776  Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:42:34.0578 2776  ============================================================
20:42:34.0578 2776  \Device\Harddisk0\DR0:
20:42:34.0578 2776  MBR partitions:
20:42:34.0578 2776  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1388AFC
20:42:34.0593 2776  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1388B7A, BlocksNum 0x1388AFC
20:42:34.0625 2776  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x27116B5, BlocksNum 0x1388AFC
20:42:34.0640 2776  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x3A9A1F0, BlocksNum 0xFEEFD1
20:42:34.0640 2776  ============================================================
20:42:34.0703 2776  C: <-> \Device\Harddisk0\DR0\Partition1
20:42:34.0828 2776  D: <-> \Device\Harddisk0\DR0\Partition2
20:42:34.0890 2776  E: <-> \Device\Harddisk0\DR0\Partition3
20:42:34.0953 2776  F: <-> \Device\Harddisk0\DR0\Partition4
20:42:34.0953 2776  ============================================================
20:42:34.0953 2776  Initialize success
20:42:34.0953 2776  ============================================================
20:42:52.0718 2812  ============================================================
20:42:52.0718 2812  Scan started
20:42:52.0718 2812  Mode: Manual; TDLFS; 
20:42:52.0718 2812  ============================================================
20:42:53.0312 2812  ================ Scan system memory ========================
20:42:53.0328 2812  System memory - ok
20:42:53.0328 2812  ================ Scan services =============================
20:42:53.0390 2812  Abiosdsk - ok
20:42:53.0406 2812  abp480n5 - ok
20:42:53.0468 2812  [ A10C7534F7223F4A73A948967D00E69B ] ACPI            C:\windows\system32\DRIVERS\ACPI.sys
20:42:53.0468 2812  ACPI - ok
20:42:53.0531 2812  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\windows\system32\drivers\ACPIEC.sys
20:42:53.0531 2812  ACPIEC - ok
20:42:53.0546 2812  adpu160m - ok
20:42:53.0609 2812  [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec             C:\windows\system32\drivers\aec.sys
20:42:53.0625 2812  aec - ok
20:42:53.0671 2812  [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD             C:\windows\System32\drivers\afd.sys
20:42:53.0687 2812  AFD - ok
20:42:53.0687 2812  Aha154x - ok
20:42:53.0703 2812  aic78u2 - ok
20:42:53.0718 2812  aic78xx - ok
20:42:53.0781 2812  [ FBBCB95F677CBAA924140B6EA2D9A97B ] ALCXSENS        C:\windows\system32\drivers\ALCXSENS.SYS
20:42:53.0796 2812  ALCXSENS - ok
20:42:53.0843 2812  [ BC5C55B49C4BD1FDFAAA128FE21F9FEA ] ALCXWDM         C:\windows\system32\drivers\ALCXWDM.SYS
20:42:53.0843 2812  ALCXWDM - ok
20:42:53.0890 2812  [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter         C:\windows\system32\alrsvc.dll
20:42:53.0890 2812  Alerter - ok
20:42:53.0906 2812  [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG             C:\windows\System32\alg.exe
20:42:53.0906 2812  ALG - ok
20:42:53.0921 2812  AliIde - ok
20:42:53.0937 2812  amsint - ok
20:42:53.0968 2812  [ 9C3C12975C97119412802B181FBEEFFE ] AppMgmt         C:\windows\System32\appmgmts.dll
20:42:53.0984 2812  AppMgmt - ok
20:42:54.0000 2812  asc - ok
20:42:54.0015 2812  asc3350p - ok
20:42:54.0031 2812  asc3550 - ok
20:42:54.0046 2812  [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
20:42:54.0046 2812  AsyncMac - ok
20:42:54.0093 2812  [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi           C:\windows\system32\DRIVERS\atapi.sys
20:42:54.0093 2812  atapi - ok
20:42:54.0109 2812  Atdisk - ok
20:42:54.0125 2812  [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc         C:\windows\system32\DRIVERS\atmarpc.sys
20:42:54.0140 2812  Atmarpc - ok
20:42:54.0171 2812  [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv        C:\windows\System32\audiosrv.dll
20:42:54.0171 2812  AudioSrv - ok
20:42:54.0218 2812  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\windows\system32\DRIVERS\audstub.sys
20:42:54.0218 2812  audstub - ok
20:42:54.0265 2812  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\windows\system32\drivers\Beep.sys
20:42:54.0265 2812  Beep - ok
20:42:54.0328 2812  [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS            C:\WINDOWS\system32\qmgr.dll
20:42:54.0375 2812  BITS - ok
20:42:54.0421 2812  [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser         C:\windows\System32\browser.dll
20:42:54.0421 2812  Browser - ok
20:42:54.0468 2812  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\windows\system32\drivers\cbidf2k.sys
20:42:54.0468 2812  cbidf2k - ok
20:42:54.0484 2812  cd20xrnt - ok
20:42:54.0515 2812  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\windows\system32\drivers\Cdaudio.sys
20:42:54.0515 2812  Cdaudio - ok
20:42:54.0562 2812  [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs            C:\windows\system32\drivers\Cdfs.sys
20:42:54.0562 2812  Cdfs - ok
20:42:54.0609 2812  [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom           C:\windows\system32\DRIVERS\cdrom.sys
20:42:54.0609 2812  Cdrom - ok
20:42:54.0625 2812  Changer - ok
20:42:54.0656 2812  [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc           C:\windows\system32\cisvc.exe
20:42:54.0671 2812  CiSvc - ok
20:42:54.0703 2812  [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv         C:\windows\system32\clipsrv.exe
20:42:54.0703 2812  ClipSrv - ok
20:42:54.0718 2812  CmdIde - ok
20:42:54.0734 2812  COMSysApp - ok
20:42:54.0750 2812  Cpqarray - ok
20:42:54.0796 2812  [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc        C:\windows\System32\cryptsvc.dll
20:42:54.0796 2812  CryptSvc - ok
20:42:54.0812 2812  dac2w2k - ok
20:42:54.0828 2812  dac960nt - ok
20:42:54.0890 2812  [ 5C83A4408604F737717AB96371201680 ] DcomLaunch      C:\windows\system32\rpcss.dll
20:42:54.0906 2812  DcomLaunch - ok
20:42:54.0937 2812  [ CB6CA3E5261D65F6F809EED23BF167AA ] Dhcp            C:\windows\System32\dhcpcsvc.dll
20:42:54.0937 2812  Dhcp - ok
20:42:54.0984 2812  [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk            C:\windows\system32\DRIVERS\disk.sys
20:42:54.0984 2812  Disk - ok
20:42:55.0000 2812  dmadmin - ok
20:42:55.0078 2812  [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot          C:\windows\system32\drivers\dmboot.sys
20:42:55.0109 2812  dmboot - ok
20:42:55.0125 2812  [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio            C:\windows\system32\drivers\dmio.sys
20:42:55.0140 2812  dmio - ok
20:42:55.0156 2812  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\windows\system32\drivers\dmload.sys
20:42:55.0156 2812  dmload - ok
20:42:55.0203 2812  [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver        C:\windows\System32\dmserver.dll
20:42:55.0218 2812  dmserver - ok
20:42:55.0250 2812  [ A6F881284AC1150E37D9AE47FF601267 ] DMusic          C:\windows\system32\drivers\DMusic.sys
20:42:55.0250 2812  DMusic - ok
20:42:55.0281 2812  [ 7379DE06FD196E396A00AA97B990C00D ] Dnscache        C:\windows\System32\dnsrslvr.dll
20:42:55.0281 2812  Dnscache - ok
20:42:55.0296 2812  dpti2o - ok
20:42:55.0312 2812  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
20:42:55.0312 2812  drmkaud - ok
20:42:55.0359 2812  [ 98B46B331404A951CABAD8B4877E1276 ] E100B           C:\windows\system32\DRIVERS\e100b325.sys
20:42:55.0375 2812  E100B - ok
20:42:55.0421 2812  [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc           C:\windows\System32\ersvc.dll
20:42:55.0421 2812  ERSvc - ok
20:42:55.0468 2812  [ C6CE6EEC82F187615D1002BB3BB50ED4 ] Eventlog        C:\windows\system32\services.exe
20:42:55.0484 2812  Eventlog - ok
20:42:55.0515 2812  [ ACD36A2DD7D1E9D8A060AA651DC07E63 ] EventSystem     C:\WINDOWS\system32\es.dll
20:42:55.0546 2812  EventSystem - ok
20:42:55.0578 2812  [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat         C:\windows\system32\drivers\Fastfat.sys
20:42:55.0578 2812  Fastfat - ok
20:42:55.0609 2812  [ E7518DC542D3EBDCB80EDD98462C7821 ] FastUserSwitchingCompatibility C:\windows\System32\shsvcs.dll
20:42:55.0625 2812  FastUserSwitchingCompatibility - ok
20:42:55.0656 2812  [ CED2E8396A8838E59D8FD529C680E02C ] Fdc             C:\windows\system32\DRIVERS\fdc.sys
20:42:55.0656 2812  Fdc - ok
20:42:55.0703 2812  [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips            C:\windows\system32\drivers\Fips.sys
20:42:55.0703 2812  Fips - ok
20:42:55.0734 2812  [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
20:42:55.0734 2812  Flpydisk - ok
20:42:55.0781 2812  [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr          C:\windows\system32\DRIVERS\fltMgr.sys
20:42:55.0781 2812  FltMgr - ok
20:42:55.0796 2812  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
20:42:55.0796 2812  Fs_Rec - ok
20:42:55.0828 2812  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\windows\system32\DRIVERS\ftdisk.sys
20:42:55.0828 2812  Ftdisk - ok
20:42:55.0859 2812  [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc             C:\windows\system32\DRIVERS\msgpc.sys
20:42:55.0859 2812  Gpc - ok
20:42:55.0984 2812  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:42:55.0984 2812  gupdate - ok
20:42:56.0000 2812  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:42:56.0000 2812  gupdatem - ok
20:42:56.0062 2812  [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc         C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:42:56.0078 2812  helpsvc - ok
20:42:56.0078 2812  HidServ - ok
20:42:56.0093 2812  hpn - ok
20:42:56.0140 2812  [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP            C:\windows\system32\Drivers\HTTP.sys
20:42:56.0156 2812  HTTP - ok
20:42:56.0203 2812  [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter      C:\windows\System32\w3ssl.dll
20:42:56.0203 2812  HTTPFilter - ok
20:42:56.0218 2812  i2omgmt - ok
20:42:56.0234 2812  i2omp - ok
20:42:56.0265 2812  [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
20:42:56.0265 2812  i8042prt - ok
20:42:56.0312 2812  [ 1406D6EF4436AEE970EFE13193123965 ] ialm            C:\windows\system32\DRIVERS\ialmnt5.sys
20:42:56.0343 2812  ialm - ok
20:42:56.0406 2812  [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi           C:\windows\system32\DRIVERS\imapi.sys
20:42:56.0421 2812  Imapi - ok
20:42:56.0453 2812  [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService    C:\WINDOWS\system32\imapi.exe
20:42:56.0468 2812  ImapiService - ok
20:42:56.0484 2812  ini910u - ok
20:42:56.0531 2812  [ 2D722B2B54AB55B2FA475EB58D7B2AAD ] IntelIde        C:\windows\system32\DRIVERS\intelide.sys
20:42:56.0531 2812  IntelIde - ok
20:42:56.0578 2812  [ 279FB78702454DFF2BB445F238C048D2 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
20:42:56.0578 2812  intelppm - ok
20:42:56.0625 2812  [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw           C:\windows\system32\DRIVERS\Ip6Fw.sys
20:42:56.0625 2812  Ip6Fw - ok
20:42:56.0656 2812  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
20:42:56.0656 2812  IpFilterDriver - ok
20:42:56.0671 2812  [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp          C:\windows\system32\DRIVERS\ipinip.sys
20:42:56.0671 2812  IpInIp - ok
20:42:56.0718 2812  [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat           C:\windows\system32\DRIVERS\ipnat.sys
20:42:56.0718 2812  IpNat - ok
20:42:56.0750 2812  [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec           C:\windows\system32\DRIVERS\ipsec.sys
20:42:56.0750 2812  IPSec - ok
20:42:56.0796 2812  [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM          C:\windows\system32\DRIVERS\irenum.sys
20:42:56.0796 2812  IRENUM - ok
20:42:56.0843 2812  [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp          C:\windows\system32\DRIVERS\isapnp.sys
20:42:56.0843 2812  isapnp - ok
20:42:56.0890 2812  [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
20:42:56.0890 2812  Kbdclass - ok
20:42:56.0937 2812  [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer          C:\windows\system32\drivers\kmixer.sys
20:42:56.0953 2812  kmixer - ok
20:42:57.0000 2812  [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD          C:\windows\system32\drivers\KSecDD.sys
20:42:57.0000 2812  KSecDD - ok
20:42:57.0046 2812  [ 93D32468D34E000CB3407947D1D6E22A ] lanmanserver    C:\windows\System32\srvsvc.dll
20:42:57.0046 2812  lanmanserver - ok
20:42:57.0078 2812  [ 2C0A7B2AE9C26F2C163627679B42783C ] lanmanworkstation C:\windows\System32\wkssvc.dll
20:42:57.0078 2812  lanmanworkstation - ok
20:42:57.0093 2812  lbrtfdc - ok
20:42:57.0125 2812  [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts         C:\windows\System32\lmhsvc.dll
20:42:57.0125 2812  LmHosts - ok
20:42:57.0156 2812  [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger       C:\windows\System32\msgsvc.dll
20:42:57.0156 2812  Messenger - ok
20:42:57.0203 2812  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\windows\system32\drivers\mnmdd.sys
20:42:57.0203 2812  mnmdd - ok
20:42:57.0250 2812  [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
20:42:57.0250 2812  mnmsrvc - ok
20:42:57.0296 2812  [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem           C:\windows\system32\drivers\Modem.sys
20:42:57.0296 2812  Modem - ok
20:42:57.0312 2812  [ 34E1F0031153E491910E12551400192C ] Mouclass        C:\windows\system32\DRIVERS\mouclass.sys
20:42:57.0312 2812  Mouclass - ok
20:42:57.0328 2812  [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr        C:\windows\system32\drivers\MountMgr.sys
20:42:57.0328 2812  MountMgr - ok
20:42:57.0343 2812  mraid35x - ok
20:42:57.0375 2812  [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV          C:\windows\system32\DRIVERS\mrxdav.sys
20:42:57.0375 2812  MRxDAV - ok
20:42:57.0406 2812  [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb          C:\windows\system32\DRIVERS\mrxsmb.sys
20:42:57.0437 2812  MRxSmb - ok
20:42:57.0468 2812  [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
20:42:57.0484 2812  MSDTC - ok
20:42:57.0500 2812  [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs            C:\windows\system32\drivers\Msfs.sys
20:42:57.0500 2812  Msfs - ok
20:42:57.0515 2812  MSIServer - ok
20:42:57.0546 2812  [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
20:42:57.0546 2812  MSKSSRV - ok
20:42:57.0578 2812  [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
20:42:57.0578 2812  MSPCLOCK - ok
20:42:57.0609 2812  [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
20:42:57.0609 2812  MSPQM - ok
20:42:57.0656 2812  [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
20:42:57.0656 2812  mssmbios - ok
20:42:57.0703 2812  [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup             C:\windows\system32\drivers\Mup.sys
20:42:57.0703 2812  Mup - ok
20:42:57.0734 2812  [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS            C:\windows\system32\drivers\NDIS.sys
20:42:57.0750 2812  NDIS - ok
20:42:57.0781 2812  [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
20:42:57.0781 2812  NdisTapi - ok
20:42:57.0843 2812  [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
20:42:57.0843 2812  Ndisuio - ok
20:42:57.0859 2812  [ 0B90E255A9490166AB368CD55A529893 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
20:42:57.0859 2812  NdisWan - ok
20:42:57.0890 2812  [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
20:42:57.0890 2812  NDProxy - ok
20:42:57.0890 2812  [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
20:42:57.0906 2812  NetBIOS - ok
20:42:57.0921 2812  [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
20:42:57.0937 2812  NetBT - ok
20:42:57.0984 2812  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE          C:\windows\system32\netdde.exe
20:42:57.0984 2812  NetDDE - ok
20:42:58.0000 2812  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm      C:\windows\system32\netdde.exe
20:42:58.0015 2812  NetDDEdsdm - ok
20:42:58.0031 2812  [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon        C:\windows\system32\lsass.exe
20:42:58.0031 2812  Netlogon - ok
20:42:58.0093 2812  [ DAB9E6C7105D2EF49876FE92C524F565 ] Netman          C:\windows\System32\netman.dll
20:42:58.0093 2812  Netman - ok
20:42:58.0125 2812  [ 4E74AF063C3271FBEA20DD940CFD1184 ] Nla             C:\windows\System32\mswsock.dll
20:42:58.0140 2812  Nla - ok
20:42:58.0171 2812  [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs            C:\windows\system32\drivers\Npfs.sys
20:42:58.0171 2812  Npfs - ok
20:42:58.0218 2812  [ B78BE402C3F63DD55521F73876951CDD ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
20:42:58.0250 2812  Ntfs - ok
20:42:58.0265 2812  [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp         C:\windows\system32\lsass.exe
20:42:58.0265 2812  NtLmSsp - ok
20:42:58.0328 2812  [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc         C:\windows\system32\ntmssvc.dll
20:42:58.0343 2812  NtmsSvc - ok
20:42:58.0375 2812  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\windows\system32\drivers\Null.sys
20:42:58.0375 2812  Null - ok
20:42:58.0406 2812  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\windows\system32\DRIVERS\nwlnkflt.sys
20:42:58.0406 2812  NwlnkFlt - ok
20:42:58.0421 2812  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\windows\system32\DRIVERS\nwlnkfwd.sys
20:42:58.0421 2812  NwlnkFwd - ok
20:42:58.0453 2812  [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport         C:\windows\system32\DRIVERS\parport.sys
20:42:58.0453 2812  Parport - ok
20:42:58.0484 2812  [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr         C:\windows\system32\drivers\PartMgr.sys
20:42:58.0484 2812  PartMgr - ok
20:42:58.0531 2812  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\windows\system32\drivers\ParVdm.sys
20:42:58.0531 2812  ParVdm - ok
20:42:58.0562 2812  [ 8086D9979234B603AD5BC2F5D890B234 ] PCI             C:\windows\system32\DRIVERS\pci.sys
20:42:58.0562 2812  PCI - ok
20:42:58.0578 2812  PCIDump - ok
20:42:58.0578 2812  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\windows\system32\DRIVERS\pciide.sys
20:42:58.0593 2812  PCIIde - ok
20:42:58.0625 2812  [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia          C:\windows\system32\drivers\Pcmcia.sys
20:42:58.0625 2812  Pcmcia - ok
20:42:58.0640 2812  PDCOMP - ok
20:42:58.0656 2812  PDFRAME - ok
20:42:58.0671 2812  PDRELI - ok
20:42:58.0687 2812  PDRFRAME - ok
20:42:58.0703 2812  perc2 - ok
20:42:58.0718 2812  perc2hib - ok
20:42:58.0781 2812  [ C6CE6EEC82F187615D1002BB3BB50ED4 ] PlugPlay        C:\windows\system32\services.exe
20:42:58.0781 2812  PlugPlay - ok
20:42:58.0796 2812  [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent     C:\windows\system32\lsass.exe
20:42:58.0796 2812  PolicyAgent - ok
20:42:58.0828 2812  [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
20:42:58.0828 2812  PptpMiniport - ok
20:42:58.0843 2812  [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\windows\system32\lsass.exe
20:42:58.0843 2812  ProtectedStorage - ok
20:42:58.0859 2812  [ 48671F327553DCF1D27F6197F622A668 ] PSched          C:\windows\system32\DRIVERS\psched.sys
20:42:58.0859 2812  PSched - ok
20:42:58.0890 2812  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\windows\system32\DRIVERS\ptilink.sys
20:42:58.0890 2812  Ptilink - ok
20:42:58.0890 2812  ql1080 - ok
20:42:58.0906 2812  Ql10wnt - ok
20:42:58.0921 2812  ql12160 - ok
20:42:58.0921 2812  ql1240 - ok
20:42:58.0937 2812  ql1280 - ok
20:42:58.0968 2812  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
20:42:58.0968 2812  RasAcd - ok
20:42:59.0015 2812  [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto         C:\windows\System32\rasauto.dll
20:42:59.0031 2812  RasAuto - ok
20:42:59.0062 2812  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
20:42:59.0062 2812  Rasl2tp - ok
20:42:59.0093 2812  [ 41A3C11E3517C962C9B44893BCEC3B34 ] RasMan          C:\windows\System32\rasmans.dll
20:42:59.0093 2812  RasMan - ok
20:42:59.0125 2812  [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
20:42:59.0125 2812  RasPppoe - ok
20:42:59.0140 2812  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\windows\system32\DRIVERS\raspti.sys
20:42:59.0140 2812  Raspti - ok
20:42:59.0171 2812  [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss           C:\windows\system32\DRIVERS\rdbss.sys
20:42:59.0187 2812  Rdbss - ok
20:42:59.0203 2812  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
20:42:59.0203 2812  RDPCDD - ok
20:42:59.0265 2812  [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr           C:\windows\system32\DRIVERS\rdpdr.sys
20:42:59.0281 2812  rdpdr - ok
20:42:59.0343 2812  [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
20:42:59.0343 2812  RDPWD - ok
20:42:59.0390 2812  [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
20:42:59.0390 2812  RDSessMgr - ok
20:42:59.0437 2812  [ B31B4588E4086D8D84ADBF9845C2402B ] redbook         C:\windows\system32\DRIVERS\redbook.sys
20:42:59.0437 2812  redbook - ok
20:42:59.0484 2812  [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess    C:\windows\System32\mprdim.dll
20:42:59.0484 2812  RemoteAccess - ok
20:42:59.0515 2812  [ 3151427DB7D87107D1C5BE58FAC53960 ] RemoteRegistry  C:\windows\system32\regsvc.dll
20:42:59.0515 2812  RemoteRegistry - ok
20:42:59.0562 2812  [ 8B5B8A11306190C6963D3473F052D3C8 ] Revoflt         C:\windows\system32\DRIVERS\revoflt.sys
20:42:59.0562 2812  Revoflt - ok
20:42:59.0609 2812  [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator      C:\windows\system32\locator.exe
20:42:59.0609 2812  RpcLocator - ok
20:42:59.0656 2812  [ 5C83A4408604F737717AB96371201680 ] RpcSs           C:\windows\system32\rpcss.dll
20:42:59.0656 2812  RpcSs - ok
20:42:59.0718 2812  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\windows\system32\rsvp.exe
20:42:59.0718 2812  RSVP - ok
20:42:59.0750 2812  [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs           C:\windows\system32\lsass.exe
20:42:59.0750 2812  SamSs - ok
20:42:59.0796 2812  [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr        C:\windows\System32\SCardSvr.exe
20:42:59.0796 2812  SCardSvr - ok
20:42:59.0859 2812  [ 92360854316611F6CC471612213C3D92 ] Schedule        C:\windows\system32\schedsvc.dll
20:42:59.0859 2812  Schedule - ok
20:42:59.0890 2812  [ D26E26EA516450AF9D072635C60387F4 ] Secdrv          C:\windows\system32\DRIVERS\secdrv.sys
20:42:59.0890 2812  Secdrv - ok
20:42:59.0921 2812  [ B1E0CE09895376871746F36DC5773B4F ] seclogon        C:\windows\System32\seclogon.dll
20:42:59.0921 2812  seclogon - ok
20:42:59.0937 2812  [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS            C:\windows\system32\sens.dll
20:42:59.0953 2812  SENS - ok
20:42:59.0968 2812  [ A2D868AEEFF612E70E213C451A70CAFB ] serenum         C:\windows\system32\DRIVERS\serenum.sys
20:42:59.0968 2812  serenum - ok
20:43:00.0000 2812  [ CD9404D115A00D249F70A371B46D5A26 ] Serial          C:\windows\system32\DRIVERS\serial.sys
20:43:00.0000 2812  Serial - ok
20:43:00.0031 2812  [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy         C:\windows\system32\drivers\Sfloppy.sys
20:43:00.0031 2812  Sfloppy - ok
20:43:00.0062 2812  [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess    C:\windows\System32\ipnathlp.dll
20:43:00.0078 2812  SharedAccess - ok
20:43:00.0093 2812  [ E7518DC542D3EBDCB80EDD98462C7821 ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:43:00.0093 2812  ShellHWDetection - ok
20:43:00.0109 2812  Simbad - ok
20:43:00.0156 2812  [ D72A21424CA66C7A745BD995ECA6A710 ] SMBios          C:\windows\system32\DRIVERS\SMBios.sys
20:43:00.0156 2812  SMBios - ok
20:43:00.0171 2812  Sparrow - ok
20:43:00.0234 2812  [ 8E186B8F23295D1E42C573B82B80D548 ] splitter        C:\windows\system32\drivers\splitter.sys
20:43:00.0234 2812  splitter - ok
20:43:00.0265 2812  [ 7435B108B935E42EA92CA94F59C8E717 ] Spooler         C:\windows\system32\spoolsv.exe
20:43:00.0265 2812  Spooler - ok
20:43:00.0312 2812  [ E41B6D037D6CD08461470AF04500DC24 ] sr              C:\windows\system32\DRIVERS\sr.sys
20:43:00.0312 2812  sr - ok
20:43:00.0328 2812  [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice       C:\WINDOWS\system32\srsvc.dll
20:43:00.0343 2812  srservice - ok
20:43:00.0406 2812  [ 20B7E396720353E4117D64D9DCB926CA ] Srv             C:\windows\system32\DRIVERS\srv.sys
20:43:00.0437 2812  Srv - ok
20:43:00.0500 2812  [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
20:43:00.0500 2812  SSDPSRV - ok
20:43:00.0546 2812  [ D9F6C4F6B1E188ADAFC42B561D9BC2E6 ] stisvc          C:\windows\system32\wiaservc.dll
20:43:00.0562 2812  stisvc - ok
20:43:00.0593 2812  [ 03C1BAE4766E2450219D20B993D6E046 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
20:43:00.0593 2812  swenum - ok
20:43:00.0625 2812  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi          C:\windows\system32\drivers\swmidi.sys
20:43:00.0625 2812  swmidi - ok
20:43:00.0640 2812  SwPrv - ok
20:43:00.0656 2812  symc810 - ok
20:43:00.0671 2812  symc8xx - ok
20:43:00.0687 2812  sym_hi - ok
20:43:00.0703 2812  sym_u3 - ok
20:43:00.0750 2812  [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio        C:\windows\system32\drivers\sysaudio.sys
20:43:00.0750 2812  sysaudio - ok
20:43:00.0796 2812  [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog       C:\windows\system32\smlogsvc.exe
20:43:00.0796 2812  SysmonLog - ok
20:43:00.0859 2812  [ EB4A4187D74A8EFDCBEA3EA2CB1BDFBD ] TapiSrv         C:\windows\System32\tapisrv.dll
20:43:00.0875 2812  TapiSrv - ok
20:43:00.0906 2812  [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip           C:\windows\system32\DRIVERS\tcpip.sys
20:43:00.0937 2812  Tcpip - ok
20:43:00.0953 2812  [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE          C:\windows\system32\drivers\TDPIPE.sys
20:43:00.0953 2812  TDPIPE - ok
20:43:00.0984 2812  [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP           C:\windows\system32\drivers\TDTCP.sys
20:43:00.0984 2812  TDTCP - ok
20:43:01.0015 2812  [ A540A99C281D933F3D69D55E48727F47 ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
20:43:01.0015 2812  TermDD - ok
20:43:01.0078 2812  [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService     C:\windows\System32\termsrv.dll
20:43:01.0093 2812  TermService - ok
20:43:01.0109 2812  [ E7518DC542D3EBDCB80EDD98462C7821 ] Themes          C:\windows\System32\shsvcs.dll
20:43:01.0109 2812  Themes - ok
20:43:01.0171 2812  [ 37DB0A7D097310E8B4DE803FC3119C78 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
20:43:01.0171 2812  TlntSvr - ok
20:43:01.0187 2812  TosIde - ok
20:43:01.0218 2812  [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks          C:\windows\system32\trkwks.dll
20:43:01.0218 2812  TrkWks - ok
20:43:01.0250 2812  [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs            C:\windows\system32\drivers\Udfs.sys
20:43:01.0250 2812  Udfs - ok
20:43:01.0265 2812  ultra - ok
20:43:01.0328 2812  [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update          C:\windows\system32\DRIVERS\update.sys
20:43:01.0328 2812  Update - ok
20:43:01.0359 2812  [ 0546477BDE979E33294FE97F6B3DE84A ] upnphost        C:\windows\System32\upnphost.dll
20:43:01.0375 2812  upnphost - ok
20:43:01.0406 2812  [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS             C:\windows\System32\ups.exe
20:43:01.0406 2812  UPS - ok
20:43:01.0453 2812  [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
20:43:01.0453 2812  usbehci - ok
20:43:01.0500 2812  [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
20:43:01.0500 2812  usbhub - ok
20:43:01.0546 2812  [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
20:43:01.0562 2812  USBSTOR - ok
20:43:01.0578 2812  [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci         C:\windows\system32\DRIVERS\usbuhci.sys
20:43:01.0578 2812  usbuhci - ok
20:43:01.0593 2812  [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave         C:\windows\System32\drivers\vga.sys
20:43:01.0593 2812  VgaSave - ok
20:43:01.0609 2812  ViaIde - ok
20:43:01.0640 2812  [ EE4660083DEBA849FF6C485D944B379B ] VolSnap         C:\windows\system32\drivers\VolSnap.sys
20:43:01.0640 2812  VolSnap - ok
20:43:01.0687 2812  [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS             C:\windows\System32\vssvc.exe
20:43:01.0703 2812  VSS - ok
20:43:01.0765 2812  [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time         C:\WINDOWS\system32\w32time.dll
20:43:01.0765 2812  W32Time - ok
20:43:01.0796 2812  [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
20:43:01.0796 2812  Wanarp - ok
20:43:01.0812 2812  WDICA - ok
20:43:01.0843 2812  [ 2797F33EBF50466020C430EE4F037933 ] wdmaud          C:\windows\system32\drivers\wdmaud.sys
20:43:01.0843 2812  wdmaud - ok
20:43:01.0859 2812  [ 5D0A442864BFBF3B19DCCA4CD29F6E99 ] WebClient       C:\windows\System32\webclnt.dll
20:43:01.0875 2812  WebClient - ok
20:43:02.0000 2812  [ F399242A80C4066FD155EFA4CF96658E ] winmgmt         C:\windows\system32\wbem\WMIsvc.dll
20:43:02.0015 2812  winmgmt - ok
20:43:02.0078 2812  [ C086483E3DBA8C1C0A687EC8D5B3D4C1 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
20:43:02.0078 2812  WmdmPmSN - ok
20:43:02.0140 2812  [ 1AFF244CA134956C54474F4E2433E4CE ] Wmi             C:\windows\System32\advapi32.dll
20:43:02.0171 2812  Wmi - ok
20:43:02.0218 2812  [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:43:02.0234 2812  WmiApSrv - ok
20:43:02.0281 2812  [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc          C:\windows\system32\wscsvc.dll
20:43:02.0296 2812  wscsvc - ok
20:43:02.0343 2812  [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
20:43:02.0343 2812  wuauserv - ok
20:43:02.0375 2812  [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC          C:\windows\System32\wzcsvc.dll
20:43:02.0406 2812  WZCSVC - ok
20:43:02.0421 2812  [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov         C:\windows\System32\xmlprov.dll
20:43:02.0437 2812  xmlprov - ok
20:43:02.0484 2812  [ FD1F4E9CF06C71C8D73A24ACF18D8296 ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\windows\system32\drivers\ialmsbw.sys
20:43:02.0484 2812  {6080A529-897E-4629-A488-ABA0C29B635E} - ok
20:43:02.0515 2812  [ D4D7331D33D1FA73E588E5CE0D90A4C1 ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\windows\system32\drivers\ialmkchw.sys
20:43:02.0515 2812  {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
20:43:02.0515 2812  ================ Scan global ===============================
20:43:02.0562 2812  [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\windows\system32\basesrv.dll
20:43:02.0593 2812  [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\windows\system32\winsrv.dll
20:43:02.0640 2812  [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\windows\system32\winsrv.dll
20:43:02.0656 2812  [ C6CE6EEC82F187615D1002BB3BB50ED4 ] C:\windows\system32\services.exe
20:43:02.0671 2812  [Global] - ok
20:43:02.0671 2812  ================ Scan MBR ==================================
20:43:02.0703 2812  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
20:43:03.0000 2812  \Device\Harddisk0\DR0 - ok
20:43:03.0015 2812  ================ Scan VBR ==================================
20:43:03.0015 2812  [ CDBB8917ADBD3116AE183E84062EFC58 ] \Device\Harddisk0\DR0\Partition1
20:43:03.0015 2812  \Device\Harddisk0\DR0\Partition1 - ok
20:43:03.0062 2812  [ 6476B5EB1E3865392E5BF784470B1CB3 ] \Device\Harddisk0\DR0\Partition2
20:43:03.0062 2812  \Device\Harddisk0\DR0\Partition2 - ok
20:43:03.0109 2812  [ BC8089BB8971B72D34438618BEB458FA ] \Device\Harddisk0\DR0\Partition3
20:43:03.0109 2812  \Device\Harddisk0\DR0\Partition3 - ok
20:43:03.0140 2812  [ 7B47B298257C79FB68C790129E2FCE4C ] \Device\Harddisk0\DR0\Partition4
20:43:03.0140 2812  \Device\Harddisk0\DR0\Partition4 - ok
20:43:03.0156 2812  ============================================================
20:43:03.0156 2812  Scan finished
20:43:03.0156 2812  ============================================================
20:43:03.0171 2804  Detected object count: 0
20:43:03.0171 2804  Actual detected object count: 0
 

 

20:42:31.0734 2776  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:42:32.0828 2776  ============================================================
20:42:32.0828 2776  Current date / time: 2013/08/03 20:42:32.0828
20:42:32.0828 2776  SystemInfo:
20:42:32.0828 2776  
20:42:32.0828 2776  OS Version: 5.1.2600 ServicePack: 2.0
20:42:32.0828 2776  Product type: Workstation
20:42:32.0828 2776  ComputerName: HOME-EE459C77D3
20:42:32.0828 2776  UserName: KRISHNA
20:42:32.0828 2776  Windows directory: C:\windows
20:42:32.0828 2776  System windows directory: C:\windows
20:42:32.0828 2776  Processor architecture: Intel x86
20:42:32.0828 2776  Number of processors: 1
20:42:32.0828 2776  Page size: 0x1000
20:42:32.0828 2776  Boot type: Normal boot
20:42:32.0828 2776  ============================================================
20:42:34.0562 2776  Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:42:34.0578 2776  ============================================================
20:42:34.0578 2776  \Device\Harddisk0\DR0:
20:42:34.0578 2776  MBR partitions:
20:42:34.0578 2776  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1388AFC
20:42:34.0593 2776  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1388B7A, BlocksNum 0x1388AFC
20:42:34.0625 2776  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x27116B5, BlocksNum 0x1388AFC
20:42:34.0640 2776  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x3A9A1F0, BlocksNum 0xFEEFD1
20:42:34.0640 2776  ============================================================
20:42:34.0703 2776  C: <-> \Device\Harddisk0\DR0\Partition1
20:42:34.0828 2776  D: <-> \Device\Harddisk0\DR0\Partition2
20:42:34.0890 2776  E: <-> \Device\Harddisk0\DR0\Partition3
20:42:34.0953 2776  F: <-> \Device\Harddisk0\DR0\Partition4
20:42:34.0953 2776  ============================================================
20:42:34.0953 2776  Initialize success
20:42:34.0953 2776  ============================================================
20:42:52.0718 2812  ============================================================
20:42:52.0718 2812  Scan started
20:42:52.0718 2812  Mode: Manual; TDLFS; 
20:42:52.0718 2812  ============================================================
20:42:53.0312 2812  ================ Scan system memory ========================
20:42:53.0328 2812  System memory - ok
20:42:53.0328 2812  ================ Scan services =============================
20:42:53.0390 2812  Abiosdsk - ok
20:42:53.0406 2812  abp480n5 - ok
20:42:53.0468 2812  [ A10C7534F7223F4A73A948967D00E69B ] ACPI            C:\windows\system32\DRIVERS\ACPI.sys
20:42:53.0468 2812  ACPI - ok
20:42:53.0531 2812  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\windows\system32\drivers\ACPIEC.sys
20:42:53.0531 2812  ACPIEC - ok
20:42:53.0546 2812  adpu160m - ok
20:42:53.0609 2812  [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec             C:\windows\system32\drivers\aec.sys
20:42:53.0625 2812  aec - ok
20:42:53.0671 2812  [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD             C:\windows\System32\drivers\afd.sys
20:42:53.0687 2812  AFD - ok
20:42:53.0687 2812  Aha154x - ok
20:42:53.0703 2812  aic78u2 - ok
20:42:53.0718 2812  aic78xx - ok
20:42:53.0781 2812  [ FBBCB95F677CBAA924140B6EA2D9A97B ] ALCXSENS        C:\windows\system32\drivers\ALCXSENS.SYS
20:42:53.0796 2812  ALCXSENS - ok
20:42:53.0843 2812  [ BC5C55B49C4BD1FDFAAA128FE21F9FEA ] ALCXWDM         C:\windows\system32\drivers\ALCXWDM.SYS
20:42:53.0843 2812  ALCXWDM - ok
20:42:53.0890 2812  [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter         C:\windows\system32\alrsvc.dll
20:42:53.0890 2812  Alerter - ok
20:42:53.0906 2812  [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG             C:\windows\System32\alg.exe
20:42:53.0906 2812  ALG - ok
20:42:53.0921 2812  AliIde - ok
20:42:53.0937 2812  amsint - ok
20:42:53.0968 2812  [ 9C3C12975C97119412802B181FBEEFFE ] AppMgmt         C:\windows\System32\appmgmts.dll
20:42:53.0984 2812  AppMgmt - ok
20:42:54.0000 2812  asc - ok
20:42:54.0015 2812  asc3350p - ok
20:42:54.0031 2812  asc3550 - ok
20:42:54.0046 2812  [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
20:42:54.0046 2812  AsyncMac - ok
20:42:54.0093 2812  [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi           C:\windows\system32\DRIVERS\atapi.sys
20:42:54.0093 2812  atapi - ok
20:42:54.0109 2812  Atdisk - ok
20:42:54.0125 2812  [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc         C:\windows\system32\DRIVERS\atmarpc.sys
20:42:54.0140 2812  Atmarpc - ok
20:42:54.0171 2812  [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv        C:\windows\System32\audiosrv.dll
20:42:54.0171 2812  AudioSrv - ok
20:42:54.0218 2812  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\windows\system32\DRIVERS\audstub.sys
20:42:54.0218 2812  audstub - ok
20:42:54.0265 2812  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\windows\system32\drivers\Beep.sys
20:42:54.0265 2812  Beep - ok
20:42:54.0328 2812  [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS            C:\WINDOWS\system32\qmgr.dll
20:42:54.0375 2812  BITS - ok
20:42:54.0421 2812  [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser         C:\windows\System32\browser.dll
20:42:54.0421 2812  Browser - ok
20:42:54.0468 2812  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\windows\system32\drivers\cbidf2k.sys
20:42:54.0468 2812  cbidf2k - ok
20:42:54.0484 2812  cd20xrnt - ok
20:42:54.0515 2812  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\windows\system32\drivers\Cdaudio.sys
20:42:54.0515 2812  Cdaudio - ok
20:42:54.0562 2812  [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs            C:\windows\system32\drivers\Cdfs.sys
20:42:54.0562 2812  Cdfs - ok
20:42:54.0609 2812  [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom           C:\windows\system32\DRIVERS\cdrom.sys
20:42:54.0609 2812  Cdrom - ok
20:42:54.0625 2812  Changer - ok
20:42:54.0656 2812  [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc           C:\windows\system32\cisvc.exe
20:42:54.0671 2812  CiSvc - ok
20:42:54.0703 2812  [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv         C:\windows\system32\clipsrv.exe
20:42:54.0703 2812  ClipSrv - ok
20:42:54.0718 2812  CmdIde - ok
20:42:54.0734 2812  COMSysApp - ok
20:42:54.0750 2812  Cpqarray - ok
20:42:54.0796 2812  [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc        C:\windows\System32\cryptsvc.dll
20:42:54.0796 2812  CryptSvc - ok
20:42:54.0812 2812  dac2w2k - ok
20:42:54.0828 2812  dac960nt - ok
20:42:54.0890 2812  [ 5C83A4408604F737717AB96371201680 ] DcomLaunch      C:\windows\system32\rpcss.dll
20:42:54.0906 2812  DcomLaunch - ok
20:42:54.0937 2812  [ CB6CA3E5261D65F6F809EED23BF167AA ] Dhcp            C:\windows\System32\dhcpcsvc.dll
20:42:54.0937 2812  Dhcp - ok
20:42:54.0984 2812  [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk            C:\windows\system32\DRIVERS\disk.sys
20:42:54.0984 2812  Disk - ok
20:42:55.0000 2812  dmadmin - ok
20:42:55.0078 2812  [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot          C:\windows\system32\drivers\dmboot.sys
20:42:55.0109 2812  dmboot - ok
20:42:55.0125 2812  [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio            C:\windows\system32\drivers\dmio.sys
20:42:55.0140 2812  dmio - ok
20:42:55.0156 2812  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\windows\system32\drivers\dmload.sys
20:42:55.0156 2812  dmload - ok
20:42:55.0203 2812  [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver        C:\windows\System32\dmserver.dll
20:42:55.0218 2812  dmserver - ok
20:42:55.0250 2812  [ A6F881284AC1150E37D9AE47FF601267 ] DMusic          C:\windows\system32\drivers\DMusic.sys
20:42:55.0250 2812  DMusic - ok
20:42:55.0281 2812  [ 7379DE06FD196E396A00AA97B990C00D ] Dnscache        C:\windows\System32\dnsrslvr.dll
20:42:55.0281 2812  Dnscache - ok
20:42:55.0296 2812  dpti2o - ok
20:42:55.0312 2812  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
20:42:55.0312 2812  drmkaud - ok
20:42:55.0359 2812  [ 98B46B331404A951CABAD8B4877E1276 ] E100B           C:\windows\system32\DRIVERS\e100b325.sys
20:42:55.0375 2812  E100B - ok
20:42:55.0421 2812  [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc           C:\windows\System32\ersvc.dll
20:42:55.0421 2812  ERSvc - ok
20:42:55.0468 2812  [ C6CE6EEC82F187615D1002BB3BB50ED4 ] Eventlog        C:\windows\system32\services.exe
20:42:55.0484 2812  Eventlog - ok
20:42:55.0515 2812  [ ACD36A2DD7D1E9D8A060AA651DC07E63 ] EventSystem     C:\WINDOWS\system32\es.dll
20:42:55.0546 2812  EventSystem - ok
20:42:55.0578 2812  [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat         C:\windows\system32\drivers\Fastfat.sys
20:42:55.0578 2812  Fastfat - ok
20:42:55.0609 2812  [ E7518DC542D3EBDCB80EDD98462C7821 ] FastUserSwitchingCompatibility C:\windows\System32\shsvcs.dll
20:42:55.0625 2812  FastUserSwitchingCompatibility - ok
20:42:55.0656 2812  [ CED2E8396A8838E59D8FD529C680E02C ] Fdc             C:\windows\system32\DRIVERS\fdc.sys
20:42:55.0656 2812  Fdc - ok
20:42:55.0703 2812  [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips            C:\windows\system32\drivers\Fips.sys
20:42:55.0703 2812  Fips - ok
20:42:55.0734 2812  [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
20:42:55.0734 2812  Flpydisk - ok
20:42:55.0781 2812  [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr          C:\windows\system32\DRIVERS\fltMgr.sys
20:42:55.0781 2812  FltMgr - ok
20:42:55.0796 2812  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
20:42:55.0796 2812  Fs_Rec - ok
20:42:55.0828 2812  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\windows\system32\DRIVERS\ftdisk.sys
20:42:55.0828 2812  Ftdisk - ok
20:42:55.0859 2812  [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc             C:\windows\system32\DRIVERS\msgpc.sys
20:42:55.0859 2812  Gpc - ok
20:42:55.0984 2812  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:42:55.0984 2812  gupdate - ok
20:42:56.0000 2812  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:42:56.0000 2812  gupdatem - ok
20:42:56.0062 2812  [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc         C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:42:56.0078 2812  helpsvc - ok
20:42:56.0078 2812  HidServ - ok
20:42:56.0093 2812  hpn - ok
20:42:56.0140 2812  [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP            C:\windows\system32\Drivers\HTTP.sys
20:42:56.0156 2812  HTTP - ok
20:42:56.0203 2812  [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter      C:\windows\System32\w3ssl.dll
20:42:56.0203 2812  HTTPFilter - ok
20:42:56.0218 2812  i2omgmt - ok
20:42:56.0234 2812  i2omp - ok
20:42:56.0265 2812  [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
20:42:56.0265 2812  i8042prt - ok
20:42:56.0312 2812  [ 1406D6EF4436AEE970EFE13193123965 ] ialm            C:\windows\system32\DRIVERS\ialmnt5.sys
20:42:56.0343 2812  ialm - ok
20:42:56.0406 2812  [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi           C:\windows\system32\DRIVERS\imapi.sys
20:42:56.0421 2812  Imapi - ok
20:42:56.0453 2812  [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService    C:\WINDOWS\system32\imapi.exe
20:42:56.0468 2812  ImapiService - ok
20:42:56.0484 2812  ini910u - ok
20:42:56.0531 2812  [ 2D722B2B54AB55B2FA475EB58D7B2AAD ] IntelIde        C:\windows\system32\DRIVERS\intelide.sys
20:42:56.0531 2812  IntelIde - ok
20:42:56.0578 2812  [ 279FB78702454DFF2BB445F238C048D2 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
20:42:56.0578 2812  intelppm - ok
20:42:56.0625 2812  [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw           C:\windows\system32\DRIVERS\Ip6Fw.sys
20:42:56.0625 2812  Ip6Fw - ok
20:42:56.0656 2812  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
20:42:56.0656 2812  IpFilterDriver - ok
20:42:56.0671 2812  [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp          C:\windows\system32\DRIVERS\ipinip.sys
20:42:56.0671 2812  IpInIp - ok
20:42:56.0718 2812  [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat           C:\windows\system32\DRIVERS\ipnat.sys
20:42:56.0718 2812  IpNat - ok
20:42:56.0750 2812  [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec           C:\windows\system32\DRIVERS\ipsec.sys
20:42:56.0750 2812  IPSec - ok
20:42:56.0796 2812  [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM          C:\windows\system32\DRIVERS\irenum.sys
20:42:56.0796 2812  IRENUM - ok
20:42:56.0843 2812  [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp          C:\windows\system32\DRIVERS\isapnp.sys
20:42:56.0843 2812  isapnp - ok
20:42:56.0890 2812  [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
20:42:56.0890 2812  Kbdclass - ok
20:42:56.0937 2812  [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer          C:\windows\system32\drivers\kmixer.sys
20:42:56.0953 2812  kmixer - ok
20:42:57.0000 2812  [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD          C:\windows\system32\drivers\KSecDD.sys
20:42:57.0000 2812  KSecDD - ok
20:42:57.0046 2812  [ 93D32468D34E000CB3407947D1D6E22A ] lanmanserver    C:\windows\System32\srvsvc.dll
20:42:57.0046 2812  lanmanserver - ok
20:42:57.0078 2812  [ 2C0A7B2AE9C26F2C163627679B42783C ] lanmanworkstation C:\windows\System32\wkssvc.dll
20:42:57.0078 2812  lanmanworkstation - ok
20:42:57.0093 2812  lbrtfdc - ok
20:42:57.0125 2812  [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts         C:\windows\System32\lmhsvc.dll
20:42:57.0125 2812  LmHosts - ok
20:42:57.0156 2812  [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger       C:\windows\System32\msgsvc.dll
20:42:57.0156 2812  Messenger - ok
20:42:57.0203 2812  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\windows\system32\drivers\mnmdd.sys
20:42:57.0203 2812  mnmdd - ok
20:42:57.0250 2812  [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
20:42:57.0250 2812  mnmsrvc - ok
20:42:57.0296 2812  [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem           C:\windows\system32\drivers\Modem.sys
20:42:57.0296 2812  Modem - ok
20:42:57.0312 2812  [ 34E1F0031153E491910E12551400192C ] Mouclass        C:\windows\system32\DRIVERS\mouclass.sys
20:42:57.0312 2812  Mouclass - ok
20:42:57.0328 2812  [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr        C:\windows\system32\drivers\MountMgr.sys
20:42:57.0328 2812  MountMgr - ok
20:42:57.0343 2812  mraid35x - ok
20:42:57.0375 2812  [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV          C:\windows\system32\DRIVERS\mrxdav.sys
20:42:57.0375 2812  MRxDAV - ok
20:42:57.0406 2812  [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb          C:\windows\system32\DRIVERS\mrxsmb.sys
20:42:57.0437 2812  MRxSmb - ok
20:42:57.0468 2812  [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
20:42:57.0484 2812  MSDTC - ok
20:42:57.0500 2812  [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs            C:\windows\system32\drivers\Msfs.sys
20:42:57.0500 2812  Msfs - ok
20:42:57.0515 2812  MSIServer - ok
20:42:57.0546 2812  [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
20:42:57.0546 2812  MSKSSRV - ok
20:42:57.0578 2812  [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
20:42:57.0578 2812  MSPCLOCK - ok
20:42:57.0609 2812  [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
20:42:57.0609 2812  MSPQM - ok
20:42:57.0656 2812  [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
20:42:57.0656 2812  mssmbios - ok
20:42:57.0703 2812  [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup             C:\windows\system32\drivers\Mup.sys
20:42:57.0703 2812  Mup - ok
20:42:57.0734 2812  [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS            C:\windows\system32\drivers\NDIS.sys
20:42:57.0750 2812  NDIS - ok
20:42:57.0781 2812  [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
20:42:57.0781 2812  NdisTapi - ok
20:42:57.0843 2812  [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
20:42:57.0843 2812  Ndisuio - ok
20:42:57.0859 2812  [ 0B90E255A9490166AB368CD55A529893 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
20:42:57.0859 2812  NdisWan - ok
20:42:57.0890 2812  [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
20:42:57.0890 2812  NDProxy - ok
20:42:57.0890 2812  [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
20:42:57.0906 2812  NetBIOS - ok
20:42:57.0921 2812  [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
20:42:57.0937 2812  NetBT - ok
20:42:57.0984 2812  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE          C:\windows\system32\netdde.exe
20:42:57.0984 2812  NetDDE - ok
20:42:58.0000 2812  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm      C:\windows\system32\netdde.exe
20:42:58.0015 2812  NetDDEdsdm - ok
20:42:58.0031 2812  [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon        C:\windows\system32\lsass.exe
20:42:58.0031 2812  Netlogon - ok
20:42:58.0093 2812  [ DAB9E6C7105D2EF49876FE92C524F565 ] Netman          C:\windows\System32\netman.dll
20:42:58.0093 2812  Netman - ok
20:42:58.0125 2812  [ 4E74AF063C3271FBEA20DD940CFD1184 ] Nla             C:\windows\System32\mswsock.dll
20:42:58.0140 2812  Nla - ok
20:42:58.0171 2812  [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs            C:\windows\system32\drivers\Npfs.sys
20:42:58.0171 2812  Npfs - ok
20:42:58.0218 2812  [ B78BE402C3F63DD55521F73876951CDD ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
20:42:58.0250 2812  Ntfs - ok
20:42:58.0265 2812  [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp         C:\windows\system32\lsass.exe
20:42:58.0265 2812  NtLmSsp - ok
20:42:58.0328 2812  [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc         C:\windows\system32\ntmssvc.dll
20:42:58.0343 2812  NtmsSvc - ok
20:42:58.0375 2812  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\windows\system32\drivers\Null.sys
20:42:58.0375 2812  Null - ok
20:42:58.0406 2812  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\windows\system32\DRIVERS\nwlnkflt.sys
20:42:58.0406 2812  NwlnkFlt - ok
20:42:58.0421 2812  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\windows\system32\DRIVERS\nwlnkfwd.sys
20:42:58.0421 2812  NwlnkFwd - ok
20:42:58.0453 2812  [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport         C:\windows\system32\DRIVERS\parport.sys
20:42:58.0453 2812  Parport - ok
20:42:58.0484 2812  [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr         C:\windows\system32\drivers\PartMgr.sys
20:42:58.0484 2812  PartMgr - ok
20:42:58.0531 2812  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\windows\system32\drivers\ParVdm.sys
20:42:58.0531 2812  ParVdm - ok
20:42:58.0562 2812  [ 8086D9979234B603AD5BC2F5D890B234 ] PCI             C:\windows\system32\DRIVERS\pci.sys
20:42:58.0562 2812  PCI - ok
20:42:58.0578 2812  PCIDump - ok
20:42:58.0578 2812  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\windows\system32\DRIVERS\pciide.sys
20:42:58.0593 2812  PCIIde - ok
20:42:58.0625 2812  [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia          C:\windows\system32\drivers\Pcmcia.sys
20:42:58.0625 2812  Pcmcia - ok
20:42:58.0640 2812  PDCOMP - ok
20:42:58.0656 2812  PDFRAME - ok
20:42:58.0671 2812  PDRELI - ok
20:42:58.0687 2812  PDRFRAME - ok
20:42:58.0703 2812  perc2 - ok
20:42:58.0718 2812  perc2hib - ok
20:42:58.0781 2812  [ C6CE6EEC82F187615D1002BB3BB50ED4 ] PlugPlay        C:\windows\system32\services.exe
20:42:58.0781 2812  PlugPlay - ok
20:42:58.0796 2812  [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent     C:\windows\system32\lsass.exe
20:42:58.0796 2812  PolicyAgent - ok
20:42:58.0828 2812  [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
20:42:58.0828 2812  PptpMiniport - ok
20:42:58.0843 2812  [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\windows\system32\lsass.exe
20:42:58.0843 2812  ProtectedStorage - ok
20:42:58.0859 2812  [ 48671F327553DCF1D27F6197F622A668 ] PSched          C:\windows\system32\DRIVERS\psched.sys
20:42:58.0859 2812  PSched - ok
20:42:58.0890 2812  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\windows\system32\DRIVERS\ptilink.sys
20:42:58.0890 2812  Ptilink - ok
20:42:58.0890 2812  ql1080 - ok
20:42:58.0906 2812  Ql10wnt - ok
20:42:58.0921 2812  ql12160 - ok
20:42:58.0921 2812  ql1240 - ok
20:42:58.0937 2812  ql1280 - ok
20:42:58.0968 2812  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
20:42:58.0968 2812  RasAcd - ok
20:42:59.0015 2812  [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto         C:\windows\System32\rasauto.dll
20:42:59.0031 2812  RasAuto - ok
20:42:59.0062 2812  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
20:42:59.0062 2812  Rasl2tp - ok
20:42:59.0093 2812  [ 41A3C11E3517C962C9B44893BCEC3B34 ] RasMan          C:\windows\System32\rasmans.dll
20:42:59.0093 2812  RasMan - ok
20:42:59.0125 2812  [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
20:42:59.0125 2812  RasPppoe - ok
20:42:59.0140 2812  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\windows\system32\DRIVERS\raspti.sys
20:42:59.0140 2812  Raspti - ok
20:42:59.0171 2812  [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss           C:\windows\system32\DRIVERS\rdbss.sys
20:42:59.0187 2812  Rdbss - ok
20:42:59.0203 2812  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
20:42:59.0203 2812  RDPCDD - ok
20:42:59.0265 2812  [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr           C:\windows\system32\DRIVERS\rdpdr.sys
20:42:59.0281 2812  rdpdr - ok
20:42:59.0343 2812  [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
20:42:59.0343 2812  RDPWD - ok
20:42:59.0390 2812  [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
20:42:59.0390 2812  RDSessMgr - ok
20:42:59.0437 2812  [ B31B4588E4086D8D84ADBF9845C2402B ] redbook         C:\windows\system32\DRIVERS\redbook.sys
20:42:59.0437 2812  redbook - ok
20:42:59.0484 2812  [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess    C:\windows\System32\mprdim.dll
20:42:59.0484 2812  RemoteAccess - ok
20:42:59.0515 2812  [ 3151427DB7D87107D1C5BE58FAC53960 ] RemoteRegistry  C:\windows\system32\regsvc.dll
20:42:59.0515 2812  RemoteRegistry - ok
20:42:59.0562 2812  [ 8B5B8A11306190C6963D3473F052D3C8 ] Revoflt         C:\windows\system32\DRIVERS\revoflt.sys
20:42:59.0562 2812  Revoflt - ok
20:42:59.0609 2812  [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator      C:\windows\system32\locator.exe
20:42:59.0609 2812  RpcLocator - ok
20:42:59.0656 2812  [ 5C83A4408604F737717AB96371201680 ] RpcSs           C:\windows\system32\rpcss.dll
20:42:59.0656 2812  RpcSs - ok
20:42:59.0718 2812  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\windows\system32\rsvp.exe
20:42:59.0718 2812  RSVP - ok
20:42:59.0750 2812  [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs           C:\windows\system32\lsass.exe
20:42:59.0750 2812  SamSs - ok
20:42:59.0796 2812  [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr        C:\windows\System32\SCardSvr.exe
20:42:59.0796 2812  SCardSvr - ok
20:42:59.0859 2812  [ 92360854316611F6CC471612213C3D92 ] Schedule        C:\windows\system32\schedsvc.dll
20:42:59.0859 2812  Schedule - ok
20:42:59.0890 2812  [ D26E26EA516450AF9D072635C60387F4 ] Secdrv          C:\windows\system32\DRIVERS\secdrv.sys
20:42:59.0890 2812  Secdrv - ok
20:42:59.0921 2812  [ B1E0CE09895376871746F36DC5773B4F ] seclogon        C:\windows\System32\seclogon.dll
20:42:59.0921 2812  seclogon - ok
20:42:59.0937 2812  [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS            C:\windows\system32\sens.dll
20:42:59.0953 2812  SENS - ok
20:42:59.0968 2812  [ A2D868AEEFF612E70E213C451A70CAFB ] serenum         C:\windows\system32\DRIVERS\serenum.sys
20:42:59.0968 2812  serenum - ok
20:43:00.0000 2812  [ CD9404D115A00D249F70A371B46D5A26 ] Serial          C:\windows\system32\DRIVERS\serial.sys
20:43:00.0000 2812  Serial - ok
20:43:00.0031 2812  [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy         C:\windows\system32\drivers\Sfloppy.sys
20:43:00.0031 2812  Sfloppy - ok
20:43:00.0062 2812  [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess    C:\windows\System32\ipnathlp.dll
20:43:00.0078 2812  SharedAccess - ok
20:43:00.0093 2812  [ E7518DC542D3EBDCB80EDD98462C7821 ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:43:00.0093 2812  ShellHWDetection - ok
20:43:00.0109 2812  Simbad - ok
20:43:00.0156 2812  [ D72A21424CA66C7A745BD995ECA6A710 ] SMBios          C:\windows\system32\DRIVERS\SMBios.sys
20:43:00.0156 2812  SMBios - ok
20:43:00.0171 2812  Sparrow - ok
20:43:00.0234 2812  [ 8E186B8F23295D1E42C573B82B80D548 ] splitter        C:\windows\system32\drivers\splitter.sys
20:43:00.0234 2812  splitter - ok
20:43:00.0265 2812  [ 7435B108B935E42EA92CA94F59C8E717 ] Spooler         C:\windows\system32\spoolsv.exe
20:43:00.0265 2812  Spooler - ok
20:43:00.0312 2812  [ E41B6D037D6CD08461470AF04500DC24 ] sr              C:\windows\system32\DRIVERS\sr.sys
20:43:00.0312 2812  sr - ok
20:43:00.0328 2812  [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice       C:\WINDOWS\system32\srsvc.dll
20:43:00.0343 2812  srservice - ok
20:43:00.0406 2812  [ 20B7E396720353E4117D64D9DCB926CA ] Srv             C:\windows\system32\DRIVERS\srv.sys
20:43:00.0437 2812  Srv - ok
20:43:00.0500 2812  [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
20:43:00.0500 2812  SSDPSRV - ok
20:43:00.0546 2812  [ D9F6C4F6B1E188ADAFC42B561D9BC2E6 ] stisvc          C:\windows\system32\wiaservc.dll
20:43:00.0562 2812  stisvc - ok
20:43:00.0593 2812  [ 03C1BAE4766E2450219D20B993D6E046 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
20:43:00.0593 2812  swenum - ok
20:43:00.0625 2812  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi          C:\windows\system32\drivers\swmidi.sys
20:43:00.0625 2812  swmidi - ok
20:43:00.0640 2812  SwPrv - ok
20:43:00.0656 2812  symc810 - ok
20:43:00.0671 2812  symc8xx - ok
20:43:00.0687 2812  sym_hi - ok
20:43:00.0703 2812  sym_u3 - ok
20:43:00.0750 2812  [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio        C:\windows\system32\drivers\sysaudio.sys
20:43:00.0750 2812  sysaudio - ok
20:43:00.0796 2812  [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog       C:\windows\system32\smlogsvc.exe
20:43:00.0796 2812  SysmonLog - ok
20:43:00.0859 2812  [ EB4A4187D74A8EFDCBEA3EA2CB1BDFBD ] TapiSrv         C:\windows\System32\tapisrv.dll
20:43:00.0875 2812  TapiSrv - ok
20:43:00.0906 2812  [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip           C:\windows\system32\DRIVERS\tcpip.sys
20:43:00.0937 2812  Tcpip - ok
20:43:00.0953 2812  [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE          C:\windows\system32\drivers\TDPIPE.sys
20:43:00.0953 2812  TDPIPE - ok
20:43:00.0984 2812  [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP           C:\windows\system32\drivers\TDTCP.sys
20:43:00.0984 2812  TDTCP - ok
20:43:01.0015 2812  [ A540A99C281D933F3D69D55E48727F47 ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
20:43:01.0015 2812  TermDD - ok
20:43:01.0078 2812  [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService     C:\windows\System32\termsrv.dll
20:43:01.0093 2812  TermService - ok
20:43:01.0109 2812  [ E7518DC542D3EBDCB80EDD98462C7821 ] Themes          C:\windows\System32\shsvcs.dll
20:43:01.0109 2812  Themes - ok
20:43:01.0171 2812  [ 37DB0A7D097310E8B4DE803FC3119C78 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
20:43:01.0171 2812  TlntSvr - ok
20:43:01.0187 2812  TosIde - ok
20:43:01.0218 2812  [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks          C:\windows\system32\trkwks.dll
20:43:01.0218 2812  TrkWks - ok
20:43:01.0250 2812  [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs            C:\windows\system32\drivers\Udfs.sys
20:43:01.0250 2812  Udfs - ok
20:43:01.0265 2812  ultra - ok
20:43:01.0328 2812  [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update          C:\windows\system32\DRIVERS\update.sys
20:43:01.0328 2812  Update - ok
20:43:01.0359 2812  [ 0546477BDE979E33294FE97F6B3DE84A ] upnphost        C:\windows\System32\upnphost.dll
20:43:01.0375 2812  upnphost - ok
20:43:01.0406 2812  [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS             C:\windows\System32\ups.exe
20:43:01.0406 2812  UPS - ok
20:43:01.0453 2812  [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
20:43:01.0453 2812  usbehci - ok
20:43:01.0500 2812  [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
20:43:01.0500 2812  usbhub - ok
20:43:01.0546 2812  [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
20:43:01.0562 2812  USBSTOR - ok
20:43:01.0578 2812  [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci         C:\windows\system32\DRIVERS\usbuhci.sys
20:43:01.0578 2812  usbuhci - ok
20:43:01.0593 2812  [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave         C:\windows\System32\drivers\vga.sys
20:43:01.0593 2812  VgaSave - ok
20:43:01.0609 2812  ViaIde - ok
20:43:01.0640 2812  [ EE4660083DEBA849FF6C485D944B379B ] VolSnap         C:\windows\system32\drivers\VolSnap.sys
20:43:01.0640 2812  VolSnap - ok
20:43:01.0687 2812  [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS             C:\windows\System32\vssvc.exe
20:43:01.0703 2812  VSS - ok
20:43:01.0765 2812  [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time         C:\WINDOWS\system32\w32time.dll
20:43:01.0765 2812  W32Time - ok
20:43:01.0796 2812  [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
20:43:01.0796 2812  Wanarp - ok
20:43:01.0812 2812  WDICA - ok
20:43:01.0843 2812  [ 2797F33EBF50466020C430EE4F037933 ] wdmaud          C:\windows\system32\drivers\wdmaud.sys
20:43:01.0843 2812  wdmaud - ok
20:43:01.0859 2812  [ 5D0A442864BFBF3B19DCCA4CD29F6E99 ] WebClient       C:\windows\System32\webclnt.dll
20:43:01.0875 2812  WebClient - ok
20:43:02.0000 2812  [ F399242A80C4066FD155EFA4CF96658E ] winmgmt         C:\windows\system32\wbem\WMIsvc.dll
20:43:02.0015 2812  winmgmt - ok
20:43:02.0078 2812  [ C086483E3DBA8C1C0A687EC8D5B3D4C1 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
20:43:02.0078 2812  WmdmPmSN - ok
20:43:02.0140 2812  [ 1AFF244CA134956C54474F4E2433E4CE ] Wmi             C:\windows\System32\advapi32.dll
20:43:02.0171 2812  Wmi - ok
20:43:02.0218 2812  [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:43:02.0234 2812  WmiApSrv - ok
20:43:02.0281 2812  [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc          C:\windows\system32\wscsvc.dll
20:43:02.0296 2812  wscsvc - ok
20:43:02.0343 2812  [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
20:43:02.0343 2812  wuauserv - ok
20:43:02.0375 2812  [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC          C:\windows\System32\wzcsvc.dll
20:43:02.0406 2812  WZCSVC - ok
20:43:02.0421 2812  [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov         C:\windows\System32\xmlprov.dll
20:43:02.0437 2812  xmlprov - ok
20:43:02.0484 2812  [ FD1F4E9CF06C71C8D73A24ACF18D8296 ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\windows\system32\drivers\ialmsbw.sys
20:43:02.0484 2812  {6080A529-897E-4629-A488-ABA0C29B635E} - ok
20:43:02.0515 2812  [ D4D7331D33D1FA73E588E5CE0D90A4C1 ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\windows\system32\drivers\ialmkchw.sys
20:43:02.0515 2812  {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
20:43:02.0515 2812  ================ Scan global ===============================
20:43:02.0562 2812  [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\windows\system32\basesrv.dll
20:43:02.0593 2812  [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\windows\system32\winsrv.dll
20:43:02.0640 2812  [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\windows\system32\winsrv.dll
20:43:02.0656 2812  [ C6CE6EEC82F187615D1002BB3BB50ED4 ] C:\windows\system32\services.exe
20:43:02.0671 2812  [Global] - ok
20:43:02.0671 2812  ================ Scan MBR ==================================
20:43:02.0703 2812  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
20:43:03.0000 2812  \Device\Harddisk0\DR0 - ok
20:43:03.0015 2812  ================ Scan VBR ==================================
20:43:03.0015 2812  [ CDBB8917ADBD3116AE183E84062EFC58 ] \Device\Harddisk0\DR0\Partition1
20:43:03.0015 2812  \Device\Harddisk0\DR0\Partition1 - ok
20:43:03.0062 2812  [ 6476B5EB1E3865392E5BF784470B1CB3 ] \Device\Harddisk0\DR0\Partition2
20:43:03.0062 2812  \Device\Harddisk0\DR0\Partition2 - ok
20:43:03.0109 2812  [ BC8089BB8971B72D34438618BEB458FA ] \Device\Harddisk0\DR0\Partition3
20:43:03.0109 2812  \Device\Harddisk0\DR0\Partition3 - ok
20:43:03.0140 2812  [ 7B47B298257C79FB68C790129E2FCE4C ] \Device\Harddisk0\DR0\Partition4
20:43:03.0140 2812  \Device\Harddisk0\DR0\Partition4 - ok
20:43:03.0156 2812  ============================================================
20:43:03.0156 2812  Scan finished
20:43:03.0156 2812  ============================================================
20:43:03.0171 2804  Detected object count: 0
20:43:03.0171 2804  Actual detected object count: 0
 

by tdss killer 



#9 argus1

argus1

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:59 AM

Posted 04 August 2013 - 02:59 AM

You have a worm on a stick and maybe in the system (windows shell exploit), not the TDL rootkit, you are on the wrong path.
 


Edited by argus1, 04 August 2013 - 03:02 AM.


#10 krishna_das

krishna_das
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 AM

Posted 04 August 2013 - 06:17 AM

sir then guide me how to heal worm .... i have  MCShield log file i am posting here 

 

 

>>> MCShield AllScans.txt <<<
 
 
 
MCShield ::Anti-Malware Tool:: http://www.mcshield.net/
 
>>> v 2.7.4.23 / DB: 2013.8.2.1 / Windows XP <<<
 
 
8/3/2013 3:21:17 PM > Drive C: - scan started (no label ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/3/2013 3:21:17 PM > Drive D: - scan started (New Volume ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/3/2013 3:21:18 PM > Drive E: - scan started (New Volume ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/3/2013 3:21:18 PM > Drive F: - scan started (New Volume ~8 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
 
 
 
MCShield ::Anti-Malware Tool:: http://www.mcshield.net/
 
>>> v 2.7.4.23 / DB: 2013.8.2.1 / Windows XP <<<
 
 
8/3/2013 3:22:30 PM > Drive H: - scan started (HP V220W ~7773 MB, FAT32 flash drive )...
 
>>> H:\autorun.inf > Suspicious > Renamed. (MD5: 947bf328f7b763377b5221b043685a66)
 
>>> H:\Copy of Shortcut to (1).lnk.vir - Malware > Deleted. (13.08.03. 15.22 Copy of Shortcut to (1).lnk.vir.361614; MD5: b16b586dd5f9deba0535f5c8c6ceeb6a)
 
>>> H:\Copy of Shortcut to (2).lnk.vir - Malware > Deleted. (13.08.03. 15.22 Copy of Shortcut to (2).lnk.vir.151191; MD5: 7a5c11a5c0b42be2c872f60330b03047)
 
>>> H:\Copy of Shortcut to (3).lnk.vir - Malware > Deleted. (13.08.03. 15.22 Copy of Shortcut to (3).lnk.vir.806295; MD5: 4a403b55e8c9888b5ae1990abffeb3ef)
 
>>> H:\Copy of Shortcut to (4).lnk.vir - Malware > Deleted. (13.08.03. 15.22 Copy of Shortcut to (4).lnk.vir.14553; MD5: 50dbfec732812ac77d1db9c58768caa9)
 
>>> H:\RECYCLER\S-5-4-04-7438235523-3287313737-663443140-2347\rmePvmhK.exe - Malware > Deleted. (13.08.03. 15.22 rmePvmhK.exe.766609; MD5: 7657fcb7d772448a6d8504e4b20168b8)
 
> H:\RECYCLER
> H:\RECYCLER\S-5-4-04-7438235523-3287313737-663443140-2347
> H:\RECYCLER\S-5-4-04-7438235523-3287313737-663443140-2347\jMGAHpwl.cpl (MD5: 527f009080f2d61d6ea267ea01f733f6)
 
>>> H:\Recycler - Malware (folder) > Deleted. (13.08.03. 15.22 Recycler.144064)
 
 
=> Malicious files   : 6/6 deleted.
=> Malicious folders : 2/2 deleted.
=> Suspicious files  : 1/1 renamed.
 
____________________________________________
 
::::: Scan duration: 4sec ::::::::::::::::::
____________________________________________
 
 
 
 
MCShield ::Anti-Malware Tool:: http://www.mcshield.net/
 
>>> v 2.7.4.23 / DB: 2013.8.2.1 / Windows XP <<<
 
 
8/3/2013 3:32:10 PM > Drive H: - scan started (HP V220W ~7773 MB, FAT32 flash drive )...
 
>>> H:\autorun.inf > Suspicious > Renamed. (MD5: c6c72a936822fb540cde69a97eed140e)
 
>>> H:\Copy of Shortcut to (1).lnk.vir - Malware > Deleted. (13.08.03. 15.32 Copy of Shortcut to (1).lnk.vir.636120; MD5: f80f9640ffd5cb9c0e4a5bc01233b770)
 
>>> H:\Copy of Shortcut to (2).lnk.vir - Malware > Deleted. (13.08.03. 15.32 Copy of Shortcut to (2).lnk.vir.301063; MD5: e259b76f80943c68dfebc5842a0c0462)
 
>>> H:\Copy of Shortcut to (3).lnk.vir - Malware > Deleted. (13.08.03. 15.32 Copy of Shortcut to (3).lnk.vir.956167; MD5: 29d05c2440556b5f8fda43241fa24279)
 
>>> H:\Copy of Shortcut to (4).lnk.vir - Malware > Deleted. (13.08.03. 15.32 Copy of Shortcut to (4).lnk.vir.226742; MD5: 282a03833a1ed3ea948572cd09c4a3c7)
 
>>> H:\RECYCLER\S-3-1-58-4058285171-4337638462-788146066-5215\VROftEUJ.exe - Malware > Deleted. (13.08.03. 15.32 VROftEUJ.exe.981727; MD5: 7657fcb7d772448a6d8504e4b20168b8)
 
> H:\RECYCLER
> H:\RECYCLER\S-3-1-58-4058285171-4337638462-788146066-5215
> H:\RECYCLER\S-3-1-58-4058285171-4337638462-788146066-5215\rcsFXSlE.cpl (MD5: 5a05a4954bb06cd5597cb0dbdde1482f)
> H:\RECYCLER\S-3-1-58-4058285171-4337638462-788146066-5215\qBmJgRkr.exe (MD5: 7657fcb7d772448a6d8504e4b20168b8)
> H:\RECYCLER\S-3-1-58-4058285171-4337638462-788146066-5215\hAbHbTtp.cpl (MD5: 0db47bd2526f7b2f5981fd6d1500a219)
 
>>> H:\Recycler - Malware (folder) > Deleted. (13.08.03. 15.32 Recycler.53457)
 
 
=> Malicious files   : 8/8 deleted.
=> Malicious folders : 2/2 deleted.
=> Suspicious files  : 1/1 renamed.
 
____________________________________________
 
::::: Scan duration: 6sec ::::::::::::::::::
____________________________________________
 
 
 
 
MCShield ::Anti-Malware Tool:: http://www.mcshield.net/
 
>>> v 2.7.4.23 / DB: 2013.8.2.1 / Windows XP <<<
 
 
8/3/2013 6:41:23 PM > Drive I: - scan started (no label ~3837 MB, NTFS flash drive )...
 
 
 
=> The drive is clean.
 
 
 
 
 
MCShield ::Anti-Malware Tool:: http://www.mcshield.net/
 
>>> v 2.7.4.23 / DB: 2013.8.2.1 / Windows XP <<<
 
 
8/3/2013 8:31:20 PM > Drive C: - scan started (no label ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/3/2013 8:31:21 PM > Drive D: - scan started (New Volume ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/3/2013 8:31:21 PM > Drive E: - scan started (New Volume ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/3/2013 8:31:21 PM > Drive F: - scan started (New Volume ~8 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
 
 
 
MCShield ::Anti-Malware Tool:: http://www.mcshield.net/
 
>>> v 2.7.4.23 / DB: 2013.8.2.1 / Windows XP <<<
 
 
8/3/2013 8:52:54 PM > Drive C: - scan started (no label ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/3/2013 8:52:54 PM > Drive D: - scan started (New Volume ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/3/2013 8:52:55 PM > Drive E: - scan started (New Volume ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/3/2013 8:52:55 PM > Drive F: - scan started (New Volume ~8 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
 
 
 
MCShield ::Anti-Malware Tool:: http://www.mcshield.net/
 
>>> v 2.7.4.23 / DB: 2013.8.2.1 / Windows XP <<<
 
 
8/3/2013 8:59:00 PM > Drive C: - scan started (no label ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/3/2013 8:59:00 PM > Drive D: - scan started (New Volume ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/3/2013 8:59:00 PM > Drive E: - scan started (New Volume ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/3/2013 8:59:01 PM > Drive F: - scan started (New Volume ~8 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
 
 
 
MCShield ::Anti-Malware Tool:: http://www.mcshield.net/
 
>>> v 2.7.4.23 / DB: 2013.8.2.1 / Windows XP <<<
 
 
8/4/2013 7:58:39 AM > Drive C: - scan started (no label ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/4/2013 7:58:39 AM > Drive D: - scan started (New Volume ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/4/2013 7:58:40 AM > Drive E: - scan started (New Volume ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/4/2013 7:58:40 AM > Drive F: - scan started (New Volume ~8 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
 
 
 
MCShield ::Anti-Malware Tool:: http://www.mcshield.net/
 
>>> v 2.7.4.23 / DB: 2013.8.2.1 / Windows XP <<<
 
 
8/4/2013 10:06:09 AM > Drive C: - scan started (no label ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/4/2013 10:06:09 AM > Drive D: - scan started (New Volume ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/4/2013 10:06:09 AM > Drive E: - scan started (New Volume ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/4/2013 10:06:10 AM > Drive F: - scan started (New Volume ~8 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
 
 
 
MCShield ::Anti-Malware Tool:: http://www.mcshield.net/
 
>>> v 2.7.4.23 / DB: 2013.8.2.1 / Windows XP <<<
 
 
8/4/2013 11:44:04 AM > Drive C: - scan started (no label ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/4/2013 11:44:04 AM > Drive D: - scan started (New Volume ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/4/2013 11:44:04 AM > Drive E: - scan started (New Volume ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/4/2013 11:44:05 AM > Drive F: - scan started (New Volume ~8 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
 
 
 
MCShield ::Anti-Malware Tool:: http://www.mcshield.net/
 
>>> v 2.7.4.23 / DB: 2013.8.2.1 / Windows XP <<<
 
 
8/4/2013 2:55:28 PM > Drive C: - scan started (no label ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/4/2013 2:55:28 PM > Drive D: - scan started (New Volume ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/4/2013 2:55:29 PM > Drive E: - scan started (New Volume ~10 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
8/4/2013 2:55:29 PM > Drive F: - scan started (New Volume ~8 GB, NTFS HDD )...
 
 
 
=> The drive is clean.
 
 
the problem is these folder are  regenerating  after delete by manually or by tools .....
 
 
 
but these folder are not occupying by other application bcz  i am able to safety remove .....
 
another thing is these are activating only on 32 bit  architecture   not in 64 bit ....
 
plz sir  let me out of these virus  ..... tell me how to hack  it's path from where they are  generating ....


#11 argus1

argus1

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:59 AM

Posted 04 August 2013 - 07:53 AM

another thing is these are activating only on 32 bit

 

 

 

Download DDS and save it to your Desktop from here:
http://download.bleepingcomputer.com/sUBs/dds.scr

Double click dds to run the tool.

    * When done, DDS will open two (2) logs:
        1. DDS.txt
        2. Attach.txt

Save both reports to your desktop. DDS.txt and Attach.txt attach back to topic.

 



#12 krishna_das

krishna_das
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 AM

Posted 04 August 2013 - 09:56 AM

attach.txt

 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/1/2002 6:11:13 AM
System Uptime: 1/1/2002 1:19:58 AM (0 hours ago)
.
Motherboard: Intel Corporation               |  | D865GVHZ                       
Processor:               Intel® Pentium® 4 CPU 2.60GHz | J2E1 | 2593/100mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 10 GiB total, 0.859 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 2.004 GiB free.
E: is FIXED (NTFS) - 10 GiB total, 3.976 GiB free.
F: is FIXED (NTFS) - 8 GiB total, 1.528 GiB free.
G: is CDROM ()
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe Reader 9.5.0
BitTorrent
ESET Online Scanner v3
FreeMind
Git version 1.8.3-preview20130601
Google Chrome
Google Update Helper
Intel® Extreme Graphics Driver
Intel® PRO Network Adapters and Drivers
Java™ SE Development Kit 6
Java™ SE Runtime Environment 6
jEdit 5.1.0
Maxthon Cloud Browser
MCShield ::Anti-Malware Tool::
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
NetBeans IDE 7.0
Notepad++
Realtek AC'97 Audio
Revo Uninstaller Pro 2.2.3
VLC media player 2.0.7
WebFldrs XP
WinRAR 5.00 beta 7 (32-bit)
XAMPP
XMLinst
.
==== Event Viewer Messages From Past Week ========
.
7/30/2013 10:00:13 PM, error: Service Control Manager [7034]  - The Application Layer Gateway Service service terminated unexpectedly.  It has done this 1 time(s).
7/29/2013 12:18:38 AM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  IntelIde
7/29/2013 11:07:39 AM, error: Service Control Manager [7034]  - The True Sword 5 Scheduler service terminated unexpectedly.  It has done this 1 time(s).
7/28/2013 6:21:39 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/28/2013 6:20:40 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
7/28/2013 6:20:40 PM, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.
7/28/2013 6:20:40 PM, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.
7/28/2013 6:20:40 PM, error: Service Control Manager [7001]  - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
7/28/2013 6:20:40 PM, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.
7/28/2013 6:19:37 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
1/1/2002 7:26:08 AM, error: Cdrom [11]  - The driver detected a controller error on \Device\CdRom0.
1/1/2002 11:19:10 AM, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC000007F' while processing the file 'alienattack.exe' on the volume 'HarddiskVolume4'.  It has stopped monitoring the volume.
1/1/2002 11:14:57 AM, error: W32Time [34]  - The time service has detected that the system time needs to be  changed by +365092777 seconds. The time service will not change the system  time by more than +54000 seconds. Verify that your time and time zone  are correct, and that the time source time.nist.gov (ntp.m|0x1|192.168.0.101:123->24.56.178.140:123) is working properly.
1/1/2002 11:14:41 AM, error: W32Time [34]  - The time service has detected that the system time needs to be  changed by +365092776 seconds. The time service will not change the system  time by more than +54000 seconds. Verify that your time and time zone  are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.0.101:123->64.4.10.33:123) is working properly.
.
==== End Of File ===========================

DDS.TXT

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 6.0.2900.2180
Run by KRISHNA at 1:29:49 on 2002-01-01
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1033.18.1263.764 [GMT 5.5:30]
.
.
============== Running Processes ================
.
C:\windows\Explorer.EXE
C:\windows\system32\spoolsv.exe
C:\windows\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\MCShield\mcshieldrtm.exe
C:\windows\system32\wscntfy.exe
C:\windows\System32\alg.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\Maxthon\Bin\Maxthon.exe
C:\Program Files\MCShield\mcshieldds.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Maxthon\Addons\Mobile\android\Adb.exe
C:\windows\System32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = c:\windows\system32\userinit.exe,,c:\program files\iuavidfb\qbrisdor.exe
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0\bin\ssv.dll
uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\documents and settings\krishna\start menu\programs\startup\qbrisdor.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{B5D487C3-065D-4D60-B0A4-8D631162B631} : DHCPNameServer = 192.168.0.1
Notify: igfxcui - igfxsrvc.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.95\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2013-7-29 27064]
.
=============== Created Last 30 ================
.
2013-08-03 10:07:40 -------- d-----w- c:\program files\ESET
2013-08-03 09:53:46 109056 ----a-w- c:\windows\Explorermgr.exe
2013-08-03 09:51:00 -------- d-----w- c:\program files\MCShield
2013-08-03 09:51:00 -------- d-----w- c:\documents and settings\all users\application data\MCShield
2013-08-02 09:51:18 -------- d-----w- c:\documents and settings\krishna\application data\DSite
2013-08-02 09:51:02 -------- d-----w- c:\documents and settings\krishna\application data\MetaCrawler
2013-08-02 09:50:02 -------- d-----w- c:\documents and settings\all users\application data\Tarma Installer
2013-08-01 19:34:50 -------- d-----w- c:\documents and settings\krishna\local settings\application data\Adobe
2013-08-01 19:13:06 -------- d-----w- c:\documents and settings\krishna\local settings\application data\Identities
2013-08-01 19:01:27 -------- d-----w- c:\documents and settings\krishna\.freemind
2013-08-01 19:01:15 -------- d-----w- c:\program files\FreeMind
2013-08-01 17:47:30 -------- d-----w- c:\documents and settings\all users\application data\regid.1986-12.com.adobe
2013-07-30 05:09:55 -------- d-----w- c:\program files\NetBeans 7.0
2013-07-30 04:57:28 -------- d-----w- c:\documents and settings\krishna\.netbeans
2013-07-30 04:57:24 -------- d-----w- c:\documents and settings\krishna\.netbeans-registration
2013-07-29 20:53:52 -------- d-----w- c:\documents and settings\krishna\.zend
2013-07-29 19:41:43 -------- d-----w- c:\documents and settings\krishna\application data\Composer
2013-07-29 16:09:25 -------- d-----w- c:\program files\Git
2013-07-29 13:41:57 -------- d-----w- c:\documents and settings\krishna\application data\NetBeans
2013-07-29 09:27:53 -------- d-----w- c:\documents and settings\krishna\application data\jEdit
2013-07-29 09:26:43 -------- d-----w- c:\program files\jEdit
2013-07-29 08:59:56 -------- d-----w- C:\xampp
2013-07-29 08:32:09 -------- d-----w- c:\documents and settings\krishna\application data\VS Revo Group
2013-07-29 08:28:09 -------- d-----w- c:\documents and settings\krishna\local settings\application data\VS Revo Group
2013-07-29 08:28:03 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2013-07-29 08:28:01 -------- d-----w- c:\program files\VS Revo Group
2013-07-29 05:43:28 -------- d-----w- c:\documents and settings\krishna\application data\BitTorrent
2013-07-29 04:50:19 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-07-28 19:09:43 -------- d-----w- c:\program files\Smart Virus Remover
2013-07-28 17:16:59 -------- d-----w- c:\documents and settings\krishna\application data\Malwarebytes
2013-07-28 15:52:25 32 ----a-w- c:\documents and settings\krishna\application data\svighost.dll
2013-07-28 15:51:28 -------- d-----w- c:\program files\AutorunRemover
2013-07-28 15:25:05 -------- d-----w- c:\windows\pss
2013-07-28 07:38:56 -------- d-----w- c:\documents and settings\krishna\workspace
2013-07-28 07:31:25 -------- d-----w- c:\windows\SxsCaPendDel
2013-07-28 06:47:57 69632 ----a-w- c:\windows\system32\javacpl.cpl
2013-07-28 06:42:45 -------- d-----w- c:\windows\system32\appmgmt
2012-01-03 02:52:02 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2008-07-29 06:38:06 669184 ----a-w- c:\program files\common files\microsoft shared\vc\msdia90.dll
2004-08-04 00:56:58 294912 ----a-w- c:\windows\system32\msh263.drv
2004-08-04 00:56:58 23552 -c--a-w- c:\windows\system32\dllcache\wdmaud.drv
2004-08-04 00:56:58 23552 ----a-w- c:\windows\system32\wdmaud.drv
2004-08-04 00:56:48 51712 ----a-w- c:\windows\system32\wzcsapi.dll
2004-08-04 00:56:48 359936 ----a-w- c:\windows\system32\wzcsvc.dll
2004-08-04 00:56:46 35328 ----a-w- c:\windows\system32\pid.dll
2004-08-04 00:56:46 17408 ----a-w- c:\windows\system32\msyuv.dll
2004-08-04 00:56:46 15360 ----a-w- c:\windows\system32\pjlmon.dll
2004-08-04 00:56:44 52224 ----a-w- c:\windows\system32\dmutil.dll
2004-08-04 00:56:44 47616 ----a-w- c:\windows\system32\iyuv_32.dll
2004-08-04 00:56:44 20992 ----a-w- c:\windows\system32\hid.dll
2004-08-04 00:56:42 47104 ----a-w- c:\windows\system32\cnbjmon.dll
2004-08-03 23:15:22 140928 -c--a-w- c:\windows\system32\dllcache\ks.sys
2004-08-03 23:15:22 140928 ----a-w- c:\windows\system32\drivers\ks.sys
2004-08-03 23:09:56 25472 ----a-w- c:\windows\system32\drivers\sonydcam.sys
2004-08-03 23:08:58 16000 ----a-w- c:\windows\system32\drivers\usbintel.sys
2004-08-03 23:08:06 30080 ----a-w- c:\windows\system32\drivers\modem.sys
2004-08-03 23:08:04 48640 -c--a-w- c:\windows\system32\dllcache\stream.sys
2004-08-03 23:08:04 48640 ----a-w- c:\windows\system32\drivers\stream.sys
2004-08-03 23:07:48 15488 ----a-w- c:\windows\system32\drivers\mssmbios.sys
2004-08-03 23:07:46 63744 ----a-w- c:\windows\system32\drivers\mf.sys
2004-08-03 23:03:18 12416 ----a-w- c:\windows\system32\drivers\tunmp.sys
2004-08-03 23:03:14 12928 ----a-w- c:\windows\system32\drivers\ndisuio.sys
2004-08-03 22:59:22 37376 ----a-w- c:\windows\system32\drivers\amdk7.sys
2004-08-03 22:59:22 36480 ----a-w- c:\windows\system32\drivers\crusoe.sys
2004-08-03 22:59:20 42496 ----a-w- c:\windows\system32\drivers\p3.sys
2004-08-03 22:59:20 36992 ----a-w- c:\windows\system32\drivers\amdk6.sys
2004-08-03 22:59:18 35328 ----a-w- c:\windows\system32\drivers\processr.sys
2004-08-03 22:59:08 80128 ----a-w- c:\windows\system32\drivers\parport.sys
2004-08-03 22:59:00 2056832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2004-08-03 22:58:42 4352 ----a-w- c:\windows\system32\drivers\swenum.sys
2004-08-03 22:58:34 23040 ----a-w- c:\windows\system32\drivers\mouclass.sys
2004-08-03 22:58:30 61824 ----a-w- c:\windows\system32\drivers\nic1394.sys
2004-08-03 22:58:30 60800 ----a-w- c:\windows\system32\drivers\arp1394.sys
2004-08-03 19:37:22 1788 ----a-w- c:\windows\system32\Dcache.bin
2004-08-03 19:32:46 329728 -c--a-w- c:\windows\system32\dllcache\netsetup.exe
2004-08-03 19:32:46 329728 ----a-w- c:\windows\system32\netsetup.exe
2004-08-03 19:31:08 92168 -c--a-w- c:\windows\system32\dllcache\rdpdd.dll
2004-08-03 19:31:08 92168 ----a-w- c:\windows\system32\rdpdd.dll
2004-08-03 19:31:08 12168 -c--a-w- c:\windows\system32\dllcache\tsddd.dll
2004-08-03 19:31:08 12168 ----a-w- c:\windows\system32\tsddd.dll
2004-08-03 19:27:04 2105344 -c--a-w- c:\windows\system32\dllcache\wmvcore.dll
2004-08-03 17:50:08 176512 -c--a-w- c:\windows\system32\dllcache\rdbss.sys
2004-08-03 17:50:08 176512 ----a-w- c:\windows\system32\drivers\rdbss.sys
2004-08-03 17:47:42 1835904 -c--a-w- c:\windows\system32\dllcache\win32k.sys
2004-08-03 17:47:42 1835904 ----a-w- c:\windows\system32\win32k.sys
2004-08-03 17:45:54 64896 ----a-w- c:\windows\system32\drivers\serial.sys
2004-08-03 17:45:22 107904 -c--a-w- c:\windows\system32\dllcache\mup.sys
2004-08-03 17:45:22 107904 ----a-w- c:\windows\system32\drivers\mup.sys
2004-08-03 17:45:18 451456 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2004-08-03 17:45:10 574592 -c--a-w- c:\windows\system32\dllcache\ntfs.sys
2004-08-03 17:45:10 574592 ----a-w- c:\windows\system32\drivers\ntfs.sys
2004-08-03 17:38:44 57600 -c--a-w- c:\windows\system32\dllcache\usbhub.sys
2004-08-03 17:38:44 57600 ----a-w- c:\windows\system32\drivers\usbhub.sys
2004-08-03 17:38:44 142976 -c--a-w- c:\windows\system32\dllcache\usbport.sys
2004-08-03 17:38:44 142976 ----a-w- c:\windows\system32\drivers\usbport.sys
2004-08-03 17:38:38 26624 ----a-w- c:\windows\system32\drivers\usbehci.sys
2004-08-03 17:38:38 20480 -c--a-w- c:\windows\system32\dllcache\usbuhci.sys
2004-08-03 17:38:38 20480 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2004-08-03 17:38:20 36224 ----a-w- c:\windows\system32\drivers\hidclass.sys
2004-08-03 17:38:18 24960 ----a-w- c:\windows\system32\drivers\hidparse.sys
2004-08-03 17:35:08 41472 -c--a-w- c:\windows\system32\dllcache\raspppoe.sys
2004-08-03 17:35:08 41472 ----a-w- c:\windows\system32\drivers\raspppoe.sys
2004-08-03 17:35:04 14336 -c--a-w- c:\windows\system32\dllcache\asyncmac.sys
2004-08-03 17:35:04 14336 ----a-w- c:\windows\system32\drivers\asyncmac.sys
2004-08-03 17:33:36 88448 -c--a-w- c:\windows\system32\dllcache\nwlnkipx.sys
2004-08-03 17:33:36 88448 ----a-w- c:\windows\system32\drivers\nwlnkipx.sys
2004-08-03 17:33:22 34560 -c--a-w- c:\windows\system32\dllcache\netbios.sys
2004-08-03 17:33:22 34560 ----a-w- c:\windows\system32\drivers\netbios.sys
2004-08-03 17:32:24 163584 -c--a-w- c:\windows\system32\dllcache\nwrdr.sys
2004-08-03 17:32:24 163584 ----a-w- c:\windows\system32\drivers\nwrdr.sys
2004-08-03 17:31:56 114688 ----a-w- c:\windows\system32\asctrls.ocx
2004-08-03 17:31:26 98304 ----a-w- c:\windows\system32\wshom.ocx
2004-08-03 17:31:18 102400 ----a-w- c:\windows\system32\msscript.ocx
2004-08-03 17:31:16 153088 ----a-w- c:\windows\system32\daxctle.ocx
2004-08-03 17:29:58 71552 -c--a-w- c:\windows\system32\dllcache\bridge.sys
2004-08-03 17:28:36 55936 -c--a-w- c:\windows\system32\dllcache\atmlane.sys
2004-08-03 17:28:36 55936 ----a-w- c:\windows\system32\drivers\atmlane.sys
2004-08-03 17:28:34 24576 ----a-w- c:\windows\system32\drivers\kbdclass.sys
2004-08-03 17:28:34 209408 -c--a-w- c:\windows\system32\dllcache\update.sys
2004-08-03 17:28:34 209408 ----a-w- c:\windows\system32\drivers\update.sys
2004-08-03 17:28:32 59904 -c--a-w- c:\windows\system32\dllcache\atmarpc.sys
2004-08-03 17:28:32 59904 ----a-w- c:\windows\system32\drivers\atmarpc.sys
2004-08-03 17:28:32 42240 -c--a-w- c:\windows\system32\dllcache\mountmgr.sys
2004-08-03 17:28:32 42240 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2004-08-03 17:28:26 61440 -c--a-w- c:\windows\system32\dllcache\msvcrt40.dll
2004-08-03 17:28:26 61440 ----a-w- c:\windows\system32\msvcrt40.dll
2004-08-03 17:28:22 72960 -c--a-w- c:\windows\system32\dllcache\mqac.sys
2004-08-03 17:28:22 72960 ----a-w- c:\windows\system32\drivers\mqac.sys
2004-08-03 17:21:22 53840 -c--a-w- c:\windows\system32\dllcache\dosx.exe
2004-08-03 17:21:22 53840 ----a-w- c:\windows\system32\dosx.exe
2004-08-03 17:21:20 5120 -c--a-w- c:\windows\system32\dllcache\winnls.dll
2004-08-03 17:21:20 5120 ----a-w- c:\windows\system32\winnls.dll
2004-08-03 17:21:12 68768 -c--a-w- c:\windows\system32\dllcache\mmsystem.dll
2004-08-03 17:21:12 68768 ----a-w- c:\windows\system32\mmsystem.dll
2004-08-03 17:21:04 844314 ----a-w- c:\windows\system32\msdxm.ocx
2004-08-03 17:19:34 92224 -c--a-w- c:\windows\system32\dllcache\krnl386.exe
2004-08-03 17:19:34 92224 ----a-w- c:\windows\system32\krnl386.exe
2004-08-03 17:18:46 3338 -c--a-w- c:\windows\system32\dllcache\redir.exe
2004-08-03 17:18:46 3338 ----a-w- c:\windows\system32\redir.exe
2004-08-03 17:16:56 42537 ----a-w- c:\windows\system32\keyboard.sys
2004-08-03 17:15:16 35424 ----a-w- c:\windows\system32\ntio412.sys
2004-08-03 17:15:16 34560 ----a-w- c:\windows\system32\ntio404.sys
2004-08-03 17:15:14 34560 ----a-w- c:\windows\system32\ntio804.sys
2004-08-03 17:15:12 35648 ----a-w- c:\windows\system32\ntio411.sys
2004-08-03 17:15:10 33840 ----a-w- c:\windows\system32\ntio.sys
2004-08-03 17:01:44 306176 -c--a-w- c:\windows\system32\dllcache\slbcsp.dll
2004-08-03 17:01:44 306176 ----a-w- c:\windows\system32\slbcsp.dll
2004-08-03 17:01:44 169984 -c--a-w- c:\windows\system32\dllcache\sccbase.dll
2004-08-03 17:01:44 169984 ----a-w- c:\windows\system32\sccbase.dll
2004-08-03 17:01:44 152576 -c--a-w- c:\windows\system32\dllcache\rsaenh.dll
2004-08-03 17:01:44 152576 ----a-w- c:\windows\system32\rsaenh.dll
2004-08-03 17:01:44 137216 -c--a-w- c:\windows\system32\dllcache\dssenh.dll
2004-08-03 17:01:44 137216 ----a-w- c:\windows\system32\dssenh.dll
2004-08-03 17:01:44 101888 -c--a-w- c:\windows\system32\dllcache\gpkcsp.dll
2004-08-03 17:01:44 101888 ----a-w- c:\windows\system32\gpkcsp.dll
2004-08-03 16:53:00 526848 ----a-w- c:\windows\system32\hhctrl.ocx
2004-08-03 16:51:52 24576 ----a-w- c:\windows\system32\cliconfg.rll
2004-08-03 16:51:48 90112 ----a-w- c:\windows\system32\sqlsrv32.rll
2004-08-03 16:50:16 16384 ----a-w- c:\windows\system32\simpdata.tlb
2004-08-03 16:50:06 12288 ----a-w- c:\windows\system32\msdatsrc.tlb
2004-08-03 16:49:56 1351168 ----a-w- c:\windows\system32\mshtml.tlb
2004-08-03 16:40:58 126976 -c--a-w- c:\windows\system32\dllcache\netfxocm.dll
2004-07-17 06:12:38 487 ----a-w- c:\windows\system32\login.cmd
2004-07-17 06:09:16 174200 -c--a-w- c:\windows\system32\dllcache\xenroll.dll
2004-07-17 06:09:16 174200 ----a-w- c:\windows\system32\xenroll.dll
2004-07-17 06:06:44 4656 -c--a-w- c:\windows\system32\dllcache\ds16gt.dll
2004-07-17 06:06:44 4656 ----a-w- c:\windows\system32\ds16gt.dLL
2004-07-17 06:06:44 26224 -c--a-w- c:\windows\system32\dllcache\odbc16gt.dll
2004-07-17 06:06:44 26224 ----a-w- c:\windows\system32\odbc16gt.dll
2004-07-17 06:06:38 27440 ----a-w- c:\windows\system32\drivers\secdrv.sys
2004-07-17 06:05:26 1326080 ----a-w- c:\windows\system32\webfldrs.msi
2004-07-17 06:04:48 358976 -c--a-w- c:\windows\system32\dllcache\msjetol1.dll
2004-07-17 06:04:48 358976 ----a-w- c:\windows\system32\msjetoledb40.dll
2003-04-18 11:16:22 1233920 ----a-w- c:\windows\system32\msxml4.dll
2003-04-18 10:59:26 82432 ----a-w- c:\windows\system32\msxml4r.dll
2002-05-24 06:52:16 647611 ----a-w- c:\program files\common files\system\ole db\MSDAIPP.DLL
2002-01-01 06:24:43 -------- d-----w- c:\documents and settings\krishna\local settings\application data\NetBeans
2002-01-01 06:11:23 -------- d-----w- c:\documents and settings\krishna\.nbi
2002-01-01 06:07:09 306688 ----a-w- c:\windows\IsUninst.exe
.
==================== Find3M  ====================
.
2004-08-04 00:56:46 74752 ----a-w- c:\windows\system32\storprop.dll
2004-08-03 22:59:42 5504 ----a-w- c:\windows\system32\drivers\intelide.sys
2004-08-03 22:59:38 57472 ----a-w- c:\windows\system32\drivers\redbook.sys
2004-08-03 19:31:10 87176 ----a-w- c:\windows\system32\rdpwsx.dll
2004-08-03 19:31:10 139400 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2004-08-03 19:31:08 40840 ----a-w- c:\windows\system32\drivers\termdd.sys
2004-08-03 19:31:08 21896 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2004-08-03 19:31:08 12040 ----a-w- c:\windows\system32\drivers\tdpipe.sys
2004-08-03 17:45:56 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys
2004-08-03 17:45:50 145792 ----a-w- c:\windows\system32\drivers\portcls.sys
2004-08-03 17:45:06 82944 ----a-w- c:\windows\system32\drivers\wdmaud.sys
2004-08-03 17:38:00 60288 ----a-w- c:\windows\system32\drivers\drmk.sys
2004-08-03 17:36:26 73472 ----a-w- c:\windows\system32\drivers\sr.sys
2004-08-03 17:34:58 34560 ----a-w- c:\windows\system32\drivers\wanarp.sys
2004-08-03 17:34:52 20480 ----a-w- c:\windows\system32\wmp.ocx
2004-08-03 17:34:52 134912 ----a-w- c:\windows\system32\drivers\ipnat.sys
2004-08-03 17:34:46 20992 ----a-w- c:\windows\system32\drivers\ipinip.sys
2004-08-03 17:34:34 12672 ----a-w- c:\windows\system32\drivers\usb8023.sys
2004-08-03 17:34:32 30080 ----a-w- c:\windows\system32\drivers\rndismp.sys
2004-08-03 17:34:20 69120 ----a-w- c:\windows\system32\drivers\psched.sys
2004-08-03 17:34:14 35072 ----a-w- c:\windows\system32\drivers\msgpc.sys
2004-08-03 17:31:20 124800 ----a-w- c:\windows\system32\drivers\fltMgr.sys
2004-08-03 17:31:16 196864 ----a-w- c:\windows\system32\drivers\rdpdr.sys
2004-08-03 17:29:58 71552 ----a-w- c:\windows\system32\drivers\bridge.sys
2004-08-03 17:28:42 7552 ----a-w- c:\windows\system32\drivers\MSKSSRV.sys
2004-08-03 17:28:42 4992 ----a-w- c:\windows\system32\drivers\MSPQM.sys
2004-08-03 17:28:40 5376 ----a-w- c:\windows\system32\drivers\MSPCLOCK.sys
2004-08-03 17:21:12 68768 ----a-w- c:\windows\system\MMSYSTEM.DLL
2004-08-03 17:09:38 142464 ----a-w- c:\windows\system32\drivers\aec.sys
2004-02-02 11:44:02 139264 ------w- c:\windows\alcrmv.exe
2004-02-02 11:37:02 208896 ------w- c:\windows\alcupd.exe
2004-01-09 16:17:02 601100 ----a-w- c:\windows\system32\drivers\ALCXWDM.SYS
2004-01-08 19:54:06 65536 ----a-w- c:\windows\SOUNDMAN.EXE
2004-01-08 19:53:58 14204416 ----a-w- c:\windows\system32\ALSNDMGR.CPL
2004-01-08 19:53:54 5672960 ----a-w- c:\windows\system32\RTLCPL.EXE
2003-12-17 19:05:50 155648 ----a-w- c:\windows\system32\RTLCPAPI.dll
2003-12-11 16:54:14 391424 ----a-w- c:\windows\system32\drivers\ALCXSENS.SYS
2003-10-14 05:10:00 36484 ----a-w- c:\windows\system32\drivers\SMBios.sys
2003-08-19 12:36:16 65536 ----a-w- c:\windows\system32\Audio3D.dll
2003-08-19 12:36:16 65536 ----a-w- c:\windows\system32\a3d.dll
2003-04-15 02:41:04 10807 ----a-w- c:\windows\system32\drivers\a314.sys
2003-04-15 02:41:00 37431 ----a-w- c:\windows\system32\drivers\a313.sys
2003-04-15 02:39:58 29239 ----a-w- c:\windows\system32\drivers\a303.sys
2003-04-15 02:39:54 11319 ----a-w- c:\windows\system32\drivers\a302.sys
2003-04-15 02:39:50 33335 ----a-w- c:\windows\system32\drivers\wa301b.sys
2003-04-15 02:39:50 33335 ----a-w- c:\windows\system32\drivers\wa301a.sys
2003-04-15 02:39:48 65536 ----a-w- c:\windows\system32\iAlmCoIn_v13_1.dll
2003-04-15 02:39:46 90907 ----a-w- c:\windows\system32\drivers\ialmnt5.sys
2003-04-15 02:39:44 115772 ----a-w- c:\windows\system32\ialmdnt5.dll
2003-04-15 02:39:36 187963 ----a-w- c:\windows\system32\ialmdev5.dll
2003-04-15 02:39:10 459330 ----a-w- c:\windows\system32\ialmdd5.dll
2003-04-15 02:20:48 188416 ----a-w- c:\windows\system32\ialmgdev.dll
2003-04-15 02:20:12 1859584 ----a-w- c:\windows\system32\ialmgicd.dll
2003-04-06 16:22:00 155648 ----a-w- c:\windows\system32\igfxrtrk.lrc
2003-04-06 16:20:56 163840 ----a-w- c:\windows\system32\igfxrell.lrc
2003-04-06 16:20:52 155648 ----a-w- c:\windows\system32\igfxrdeu.lrc
2003-04-06 16:20:48 155648 ----a-w- c:\windows\system32\igfxrdan.lrc
2003-04-06 16:20:46 155648 ----a-w- c:\windows\system32\igfxrcsy.lrc
2003-04-06 16:20:42 155648 ----a-w- c:\windows\system32\igfxrcht.lrc
2003-04-06 16:20:38 155648 ----a-w- c:\windows\system32\igfxrchs.lrc
2003-04-06 16:20:34 155648 ----a-w- c:\windows\system32\igfxrarb.lrc
2003-04-06 16:20:30 155648 ----a-w- c:\windows\system32\igfxrara.lrc
2003-04-06 16:20:14 32768 ----a-w- c:\windows\system32\igfxexps.dll
2003-04-06 16:20:10 90112 ----a-w- c:\windows\system32\igfxext.exe
2003-04-06 16:19:52 155648 ----a-w- c:\windows\system32\igfxtray.exe
2003-04-06 16:18:56 204800 ----a-w- c:\windows\system32\igfxpph.dll
2003-04-06 16:17:44 221184 ----a-w- c:\windows\system32\igfxeud.dll
2003-04-06 16:15:52 45056 ----a-w- c:\windows\system32\igfxdgps.dll
2003-04-06 16:15:50 151552 ----a-w- c:\windows\system32\igfxdiag.exe
2003-04-06 16:14:30 94208 ----a-w- c:\windows\system32\igfxcpl.cpl
2003-04-06 16:13:58 487424 ----a-w- c:\windows\system32\igfxcfg.exe
2003-04-06 16:07:38 114688 ----a-w- c:\windows\system32\hkcmd.exe
2003-04-06 16:07:12 118784 ----a-w- c:\windows\system32\igfxhk.dll
2003-04-06 16:06:48 315392 ----a-w- c:\windows\system32\igfxsrvc.dll
2003-04-06 16:05:42 503808 ----a-w- c:\windows\system32\igfxress.dll
2003-04-06 16:05:26 155648 ----a-w- c:\windows\system32\igfxres.dll
2003-04-06 16:05:26 155648 ----a-w- c:\windows\system32\igfxrenu.lrc
2003-04-06 16:05:16 118784 ----a-w- c:\windows\system32\hccutils.dll
2003-04-06 16:04:54 147456 ----a-w- c:\windows\system32\igfxdev.dll
2003-04-06 16:04:14 86016 ----a-w- c:\windows\system32\igfxdo.dll
2003-03-04 04:56:26 145408 ----a-r- c:\windows\system32\drivers\e100b325.sys
2003-03-03 08:26:52 118784 ----a-r- c:\windows\system32\Prounstl.exe
2003-02-02 22:26:18 12288 ----a-r- c:\windows\system32\e100bmsg.dll
2002-12-28 21:00:02 24064 ----a-r- c:\windows\system32\IntelNic.dll
2002-11-21 08:07:10 765952 ----a-w- c:\windows\system\crlds3d.dll
.
============= FINISH:  1:30:05.56 ===============


#13 argus1

argus1

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:59 AM

Posted 04 August 2013 - 10:31 AM

Hi,

Your system has an active infection. Disinfection of USB devices is impossible if host computer is infected because then it happens re-infection. DDS does shows clear traces of active infection.
 

mWinlogon: Userinit = c:\windows\system32\userinit.exe,,c:\program files\iuavidfb\qbrisdor.exe
StartupFolder: c:\documents and settings\krishna\start menu\programs\startup\qbrisdor.exe


My recommendation to you is to post your problem in this forum wait and authorized helper to remove this malware from your system. I am not authorized on this forum to do malware removal. When helper remove infection from your computer, MCShield I will do the rest ...

"Virus, Trojan, Spyware, and Malware Removal Logs"
http://www.bleepingcomputer.com/forums/f/22/virus-.....oval-logs/

 


Please keep MCShield on your system. It will prevent infection by computer via USB storage devices, mobile phone or any other memory card. And not only will prevent infection, but will immediately clean Memory card or external HDD.

Explanation: USB storage devices are all the USB devices that get their own partition letter at connecting to the PC,
e.g. flash drives (thumb/pen drives, USB sticks), external HDDs, MP3/MP4 players, digital cameras,
memory cards (SD cards, Sony Memory Stick, MultiMedia Cards etc.), some mobile phones, some GPS navigation devices etc.

 

 

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users