Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware warning, extreme slowness


  • Please log in to reply
7 replies to this topic

#1 mapletree

mapletree

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 14 August 2013 - 10:30 AM

Bleeping computer folks:

 

I received a message from Avast that it had found some malware - I believe win32 malware gen - and it wanted to isolate the malware. I believe I clicked the wrong option and the malware was not initially isolated.

 

The computer has been extremely slow and on at least one occasion would not shutdown.

 

I'm at a loss for what to do. Any help would be greatly appreciated.

 

Thanks.

mapletree



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:42 AM

Posted 14 August 2013 - 01:57 PM

Welcome mapletree
 
Lets run these and see how it is.
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
Do not change the default options on scan results.
 
Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.
 
Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 mapletree

mapletree
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 15 August 2013 - 10:06 AM

boopme (& all at bleepingcomputer):

 

All the results of the various actions follow: MiniToolBox, TDSSkiller,

AdwCleaner, & the ESET scan.

 

The ESET scan found no threats, hence no report.

 

Thanks once again for all your efforts.

 

best,

mapletree

 

------------------------------

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Administrator (administrator) on 15-08-2013 at 09:11:20
Running from "C:\Documents and Settings\Administrator\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Broadcom 802.11g Network Adapter = Wireless Network Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
Intel® 82562V 10/100 Network Connection = Local Area Connection (Media disconnected)
PlayLinc Adapter = PlayLinc Connection (Media disconnected)

# ----------------------------------
# Interface IP Configuration       
# ----------------------------------
pushd interface ip

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "PlayLinc Connection"

set address name="PlayLinc Connection" source=dhcp
set dns name="PlayLinc Connection" source=dhcp register=PRIMARY
set wins name="PlayLinc Connection" source=dhcp

popd
# End of interface IP configuration

 

Windows IP Configuration

        Host Name . . . . . . . . . . . . : laurie913

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : home

Ethernet adapter Wireless Network Connection:

        Connection-specific DNS Suffix  . : home

        Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter

        Physical Address. . . . . . . . . : 00-14-A5-C7-0A-A0

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.47

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 192.168.1.1

        Lease Obtained. . . . . . . . . . : Thursday, August 15, 2013 8:49:40 AM

        Lease Expires . . . . . . . . . . : Thursday, August 22, 2013 8:49:40 AM

Ethernet adapter Local Area Connection:

        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Intel® 82562V 10/100 Network Connection

        Physical Address. . . . . . . . . : 00-19-D1-06-2F-AC

Ethernet adapter PlayLinc Connection:

        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : PlayLinc Adapter

        Physical Address. . . . . . . . . : 7A-77-00-00-00-01

Server:  verizon.home
Address:  192.168.1.1

Name:    google.com
Addresses:  74.125.228.14, 74.125.228.1, 74.125.228.4, 74.125.228.9
   74.125.228.8, 74.125.228.2, 74.125.228.6, 74.125.228.5, 74.125.228.7
   74.125.228.0, 74.125.228.3

Pinging google.com [74.125.228.70] with 32 bytes of data:

Reply from 74.125.228.70: bytes=32 time=55ms TTL=57

Reply from 74.125.228.70: bytes=32 time=56ms TTL=57

Ping statistics for 74.125.228.70:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 55ms, Maximum = 56ms, Average = 55ms

Server:  verizon.home
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=136ms TTL=51

Reply from 206.190.36.45: bytes=32 time=181ms TTL=51

Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 136ms, Maximum = 181ms, Average = 158ms

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 14 a5 c7 0a a0 ...... Broadcom 802.11g Network Adapter - Packet Scheduler Miniport
0x3 ...00 19 d1 06 2f ac ...... Intel® 82562V 10/100 Network Connection - Packet Scheduler Miniport
0x4 ...7a 77 00 00 00 01 ...... PlayLinc Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.47   25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      192.168.1.0    255.255.255.0     192.168.1.47    192.168.1.47   25
     192.168.1.47  255.255.255.255        127.0.0.1       127.0.0.1   25
    192.168.1.255  255.255.255.255     192.168.1.47    192.168.1.47   25
        224.0.0.0        240.0.0.0     192.168.1.47    192.168.1.47   25
  255.255.255.255  255.255.255.255     192.168.1.47               3   1
  255.255.255.255  255.255.255.255     192.168.1.47    192.168.1.47   1
  255.255.255.255  255.255.255.255     192.168.1.47               4   1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Program Files\Netscape Internet Service\Netscape Web Accelerator\sliplsp.dll [81920] ()
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Program Files\Netscape Internet Service\Netscape Web Accelerator\sliplsp.dll [81920] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/07/2013 05:05:25 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (07/07/2013 04:57:20 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (07/07/2013 04:38:44 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (06/22/2013 05:23:57 PM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.

Error: (06/22/2013 05:23:51 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (06/07/2013 07:14:19 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/18/2013 04:34:04 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/11/2013 07:21:58 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/24/2013 04:24:29 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/05/2013 05:59:00 PM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.

System errors:
=============
Error: (08/15/2013 09:05:46 AM) (Source: Print) (User: LAURIE913)
Description: The document https://us-mg6.mail.yahoo.com/neo/launch?.rand=8ki3080h43esn owned by Administrator failed to print on printer HP LaserJet 1200 Series PCL. Data type: NT EMF 1.008. Size of the spool file in bytes: 589824. Number of bytes printed: 0. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\LAURIE913. Win32 error code returned by the print processor: https://us-mg6.mail.yahoo.com/neo/launch?.rand=8ki3080h43esn0. https://us-mg6.mail.yahoo.com/neo/launch?.rand=8ki3080h43esn1

Error: (08/15/2013 09:01:39 AM) (Source: Print) (User: LAURIE913)
Description: The document https://us-mg6.mail.yahoo.com/neo/launch?.rand=8ki3080h43esn owned by Administrator failed to print on printer HP LaserJet 1200 Series PCL. Data type: NT EMF 1.008. Size of the spool file in bytes: 154640. Number of bytes printed: 0. Total number of pages in the document: 2. Number of pages printed: 0. Client machine: \\LAURIE913. Win32 error code returned by the print processor: https://us-mg6.mail.yahoo.com/neo/launch?.rand=8ki3080h43esn0. https://us-mg6.mail.yahoo.com/neo/launch?.rand=8ki3080h43esn1

Error: (08/15/2013 09:00:06 AM) (Source: Print) (User: LAURIE913)
Description: The document https://us-mg6.mail.yahoo.com/neo/launch?.rand=8ki3080h43esn owned by Administrator failed to print on printer HP LaserJet 1200 Series PCL. Data type: NT EMF 1.008. Size of the spool file in bytes: 196608. Number of bytes printed: 0. Total number of pages in the document: 2. Number of pages printed: 0. Client machine: \\LAURIE913. Win32 error code returned by the print processor: https://us-mg6.mail.yahoo.com/neo/launch?.rand=8ki3080h43esn0. https://us-mg6.mail.yahoo.com/neo/launch?.rand=8ki3080h43esn1

Error: (08/15/2013 08:58:50 AM) (Source: Print) (User: LAURIE913)
Description: The document https://us-mg6.mail.yahoo.com/neo/launch?.rand=8ki3080h43esn owned by Administrator failed to print on printer HP LaserJet 1200 Series PCL. Data type: NT EMF 1.008. Size of the spool file in bytes: 155448. Number of bytes printed: 0. Total number of pages in the document: 2. Number of pages printed: 0. Client machine: \\LAURIE913. Win32 error code returned by the print processor: https://us-mg6.mail.yahoo.com/neo/launch?.rand=8ki3080h43esn0. https://us-mg6.mail.yahoo.com/neo/launch?.rand=8ki3080h43esn1

Error: (08/15/2013 08:50:27 AM) (Source: Service Control Manager) (User: )
Description: The Intel® Quick Resume technology service terminated with the following error:
%%203

Error: (08/14/2013 11:32:11 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/14/2013 11:14:22 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
Fips
intelppm

Error: (08/14/2013 11:13:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/14/2013 11:06:37 AM) (Source: PlugPlayManager) (User: )
Description: The device 'Standard floppy disk controller' (ACPI\PNP0700\4&12686f5b&0) disappeared from the system without first being prepared for removal.

Error: (08/13/2013 03:05:03 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Quick Resume technology service terminated with the following error:
%%203

Microsoft Office Sessions:
=========================
Error: (07/07/2013 05:05:25 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (07/07/2013 04:57:20 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (07/07/2013 04:38:44 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (06/22/2013 05:23:57 PM) (Source: Application Hang)(User: )
Description: 1180947459

Error: (06/22/2013 05:23:51 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (06/07/2013 07:14:19 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (04/18/2013 04:34:04 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (04/11/2013 07:21:58 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (03/24/2013 04:24:29 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (01/05/2013 05:59:00 PM) (Source: Application Hang)(User: )
Description: 1180947459

=========================== Installed Programs ============================

Adobe AIR (Version: 3.7.0.2090)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOL Spyware Protection (Version: 1.0.66)
AOL You've Got Pictures Screensaver
AudibleManager
avast! Free Antivirus (Version: 8.0.1489.0)
Browser Address Error Redirector
Canon Camera Access Library (Version: 8.5.0.2)
Canon DIGITAL CAMERA Solution Disk Software Guide (Version: 1.4.0.1)
CANON iMAGE GATEWAY MyCamera Download Plugin (Version: 3.1.1.2)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.9.0.9)
Canon MOV Decoder (Version: 1.8.0.7)
Canon MOV Encoder (Version: 1.6.0.1)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.7.0.4)
Canon PowerShot ELPH 300 HS_IXUS 220 HS Camera User Guide (Version: 1.0.0.1)
Canon Utilities CameraWindow DC 8 (Version: 8.4.0.3)
Canon Utilities CameraWindow Launcher (Version: 7.5.0.2)
Canon Utilities Movie Uploader for YouTube (Version: 1.2.0.7)
Canon Utilities MyCamera (Version: 7.4.0.2)
Canon Utilities PhotoStitch (Version: 3.1.22.46)
Canon Utilities ZoomBrowser EX (Version: 6.7.0.24)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.5.0.9)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Creative Mass Storage Drivers
Creative System Information
Creative Zen Nano Plus (Version: 1.0)
Critical Update for Windows Media Player 11 (KB959772)
del.icio.us Buttons for Internet Explorer (Version: 1.0.8)
Digital Media Reader (Version: 2.01.00.02)
DVD Solution
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.153)
gtw_logo
GWCares (Version: 1.10.0000)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
Intel Audio Studio 2.0 (Version: 2.00.00128)
Intel® Management Engine Interface
Intel® Matrix Storage Manager
Intel® PRO Network Connections Drivers
Intel® Quick Resume Technology Drivers
Intel® Viiv™ Software (Version: 1.5.2)
Java 2 Runtime Environment, SE v1.4.2 (Version: 1.4.2)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ 6 Update 3 (Version: 1.6.0.30)
Java™ 6 Update 5 (Version: 1.6.0.50)
Learn2 Player (Uninstall Only)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.0 Security Update (KB2833951)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Small Business Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox (3.6.24) (Version: 3.6.24 (en-US))
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Napster (Version: 3.0.3.7)
Napster Burn Engine (Version: 2.5.0000)
Netflix Movie Viewer (Version: 1.2.211)
Netscape Internet Service
Netscape Web Accelerator
NVIDIA Drivers
PlayLinc (Version: 2.0.8)
Power2Go 4.0
PowerDVD
Pure Networks Port Magic (Version: 1.2.1393.0)
QuickTime
RealPlayer Basic
Recovery Software Suite Gateway (Version: 1.00.0000)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.22.0)
SigmaTel Audio (Version: 5.10.4811.0)
Soft Data Fax Modem with SmartCP
Sonic Encoders (Version: 1.00)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Rollup 2 for Windows XP Media Center Edition 2005
Verizon Broadband Toolbar
Verizon Online Help and Support
Verizon Wireless Software Utility Application for Android - Samsung (Version: 2.13.0704)
Viewpoint Media Player
W Photo Studio (Version: 1.0.0.143)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0017.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 46%
Total physical RAM: 2029.64 MB
Available physical RAM: 1095.51 MB
Total Pagefile: 3920.24 MB
Available Pagefile: 3107.72 MB
Total Virtual: 2047.88 MB
Available Virtual: 1968.27 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:293.26 GB) (Free:264.08 GB) NTFS
2 Drive d: () (Fixed) (Total:4.82 GB) (Free:1.7 GB) FAT32

========================= Users: ========================================

User accounts for \\LAURIE913

Administrator            ASPNET                   Guest                  
HelpAssistant            IUSR_NMPR                SUPPORT_388945a0       

**** End of log ****

 

----------------------------------

----------------------------------

----------------------------------

 

TDSSkiller

 

09:20:30.0265 3236  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
09:20:30.0671 3236  ============================================================
09:20:30.0671 3236  Current date / time: 2013/08/15 09:20:30.0671
09:20:30.0671 3236  SystemInfo:
09:20:30.0671 3236
09:20:30.0671 3236  OS Version: 5.1.2600 ServicePack: 3.0
09:20:30.0671 3236  Product type: Workstation
09:20:30.0671 3236  ComputerName: LAURIE913
09:20:30.0671 3236  UserName: Administrator
09:20:30.0671 3236  Windows directory: C:\WINDOWS
09:20:30.0671 3236  System windows directory: C:\WINDOWS
09:20:30.0671 3236  Processor architecture: Intel x86
09:20:30.0671 3236  Number of processors: 2
09:20:30.0671 3236  Page size: 0x1000
09:20:30.0671 3236  Boot type: Normal boot
09:20:30.0671 3236  ============================================================
09:20:31.0000 3236  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:20:31.0187 3236  ============================================================
09:20:31.0187 3236  \Device\Harddisk0\DR0:
09:20:31.0187 3236  MBR partitions:
09:20:31.0187 3236  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x9A6EF6, BlocksNum 0x24A8290A
09:20:31.0187 3236  \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x9A6EB7
09:20:31.0187 3236  ============================================================
09:20:31.0218 3236  C: <-> \Device\Harddisk0\DR0\Partition1
09:20:31.0218 3236  D: <-> \Device\Harddisk0\DR0\Partition2
09:20:31.0218 3236  ============================================================
09:20:31.0218 3236  Initialize success
09:20:31.0218 3236  ============================================================
09:21:15.0375 2852  ============================================================
09:21:15.0375 2852  Scan started
09:21:15.0375 2852  Mode: Manual; TDLFS;
09:21:15.0375 2852  ============================================================
09:21:15.0515 2852  ================ Scan system memory ========================
09:21:15.0515 2852  System memory - ok
09:21:15.0515 2852  ================ Scan services =============================
09:21:15.0640 2852  Abiosdsk - ok
09:21:15.0640 2852  [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
09:21:15.0656 2852  abp480n5 - ok
09:21:15.0671 2852  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:21:15.0671 2852  ACPI - ok
09:21:15.0687 2852  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
09:21:15.0687 2852  ACPIEC - ok
09:21:15.0750 2852  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:21:15.0750 2852  AdobeFlashPlayerUpdateSvc - ok
09:21:15.0765 2852  [ 9A11864873DA202C996558B2106B0BBC ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
09:21:15.0781 2852  adpu160m - ok
09:21:15.0796 2852  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
09:21:15.0796 2852  aec - ok
09:21:15.0843 2852  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
09:21:15.0859 2852  AFD - ok
09:21:15.0859 2852  [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
09:21:15.0859 2852  agp440 - ok
09:21:15.0859 2852  [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
09:21:15.0859 2852  agpCPQ - ok
09:21:15.0875 2852  [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
09:21:15.0875 2852  Aha154x - ok
09:21:15.0875 2852  [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
09:21:15.0875 2852  aic78u2 - ok
09:21:15.0890 2852  [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
09:21:15.0890 2852  aic78xx - ok
09:21:15.0921 2852  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
09:21:15.0921 2852  Alerter - ok
09:21:16.0015 2852  [ 30029236E15551871930C44F98C84978 ] AlertService    C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
09:21:16.0015 2852  AlertService - ok
09:21:16.0031 2852  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
09:21:16.0031 2852  ALG - ok
09:21:16.0046 2852  [ 1140AB9938809700B46BB88E46D72A96 ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
09:21:16.0046 2852  AliIde - ok
09:21:16.0046 2852  [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
09:21:16.0046 2852  alim1541 - ok
09:21:16.0062 2852  [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
09:21:16.0062 2852  amdagp - ok
09:21:16.0062 2852  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
09:21:16.0062 2852  amsint - ok
09:21:16.0156 2852  [ 8FA646F0E639D9A8C8B98E217D471DC0 ] AOL ACS         C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
09:21:16.0156 2852  AOL ACS - ok
09:21:16.0203 2852  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
09:21:16.0203 2852  AppMgmt - ok
09:21:16.0281 2852  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:21:16.0281 2852  Arp1394 - ok
09:21:16.0296 2852  [ 62D318E9A0C8FC9B780008E724283707 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
09:21:16.0296 2852  asc - ok
09:21:16.0312 2852  [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
09:21:16.0312 2852  asc3350p - ok
09:21:16.0312 2852  [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
09:21:16.0312 2852  asc3550 - ok
09:21:16.0343 2852  [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM          C:\WINDOWS\system32\drivers\ASCTRM.sys
09:21:16.0343 2852  ASCTRM - ok
09:21:16.0468 2852  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:21:16.0484 2852  aspnet_state - ok
09:21:16.0500 2852  [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk        C:\WINDOWS\system32\drivers\aswFsBlk.sys
09:21:16.0500 2852  aswFsBlk - ok
09:21:16.0531 2852  [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
09:21:16.0531 2852  aswMonFlt - ok
09:21:16.0562 2852  [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr          C:\WINDOWS\system32\drivers\AswRdr.sys
09:21:16.0562 2852  AswRdr - ok
09:21:16.0562 2852  [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
09:21:16.0562 2852  aswRvrt - ok
09:21:16.0593 2852  [ CCD565A8A72AF7D45F9A242013870926 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
09:21:16.0625 2852  aswSnx - ok
09:21:16.0671 2852  [ 937300BC7C4CDF7576BCCE44E19BBB9D ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
09:21:16.0671 2852  aswSP - ok
09:21:16.0687 2852  [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
09:21:16.0687 2852  aswTdi - ok
09:21:16.0703 2852  [ 8CFAA2B965773A653F48F1207A9CB9C4 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
09:21:16.0703 2852  aswVmm - ok
09:21:16.0734 2852  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:21:16.0734 2852  AsyncMac - ok
09:21:16.0750 2852  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
09:21:16.0750 2852  atapi - ok
09:21:16.0765 2852  Atdisk - ok
09:21:16.0796 2852  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:21:16.0796 2852  Atmarpc - ok
09:21:16.0828 2852  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
09:21:16.0828 2852  AudioSrv - ok
09:21:16.0875 2852  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
09:21:16.0875 2852  audstub - ok
09:21:16.0937 2852  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:21:16.0937 2852  avast! Antivirus - ok
09:21:16.0968 2852  [ E7DEBB46B9EF1F28932E533BE4A3D1A9 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
09:21:16.0984 2852  BCM43XX - ok
09:21:17.0015 2852  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
09:21:17.0015 2852  Beep - ok
09:21:17.0078 2852  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
09:21:17.0109 2852  BITS - ok
09:21:17.0156 2852  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
09:21:17.0156 2852  Browser - ok
09:21:17.0171 2852  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
09:21:17.0171 2852  cbidf - ok
09:21:17.0171 2852  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
09:21:17.0171 2852  cbidf2k - ok
09:21:17.0203 2852  [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8         C:\Program Files\Canon\CAL\CALMAIN.exe
09:21:17.0203 2852  CCALib8 - ok
09:21:17.0218 2852  [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
09:21:17.0218 2852  cd20xrnt - ok
09:21:17.0234 2852  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
09:21:17.0234 2852  Cdaudio - ok
09:21:17.0281 2852  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
09:21:17.0281 2852  Cdfs - ok
09:21:17.0312 2852  [ 2552670E5FBCFDB540EEB426AF39704D ] Cdr4_xp         C:\WINDOWS\system32\drivers\Cdr4_xp.sys
09:21:17.0312 2852  Cdr4_xp - ok
09:21:17.0328 2852  [ B761B10D6A541BE69EA448A8429D30B0 ] Cdralw2k        C:\WINDOWS\system32\drivers\Cdralw2k.sys
09:21:17.0328 2852  Cdralw2k - ok
09:21:17.0328 2852  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:21:17.0328 2852  Cdrom - ok
09:21:17.0343 2852  Changer - ok
09:21:17.0375 2852  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
09:21:17.0375 2852  CiSvc - ok
09:21:17.0390 2852  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
09:21:17.0390 2852  ClipSrv - ok
09:21:17.0453 2852  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:21:17.0562 2852  clr_optimization_v2.0.50727_32 - ok
09:21:17.0578 2852  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
09:21:17.0593 2852  CmBatt - ok
09:21:17.0609 2852  [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
09:21:17.0625 2852  CmdIde - ok
09:21:17.0625 2852  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:21:17.0625 2852  Compbatt - ok
09:21:17.0625 2852  COMSysApp - ok
09:21:17.0640 2852  [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
09:21:17.0640 2852  Cpqarray - ok
09:21:17.0671 2852  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
09:21:17.0671 2852  CryptSvc - ok
09:21:17.0687 2852  [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
09:21:17.0687 2852  dac2w2k - ok
09:21:17.0687 2852  [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
09:21:17.0687 2852  dac960nt - ok
09:21:17.0718 2852  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
09:21:17.0750 2852  DcomLaunch - ok
09:21:17.0781 2852  [ 649705E3DAE598BC0F957BACBF9A2BD5 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
09:21:17.0796 2852  dg_ssudbus - ok
09:21:17.0812 2852  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
09:21:17.0812 2852  Dhcp - ok
09:21:17.0828 2852  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
09:21:17.0828 2852  Disk - ok
09:21:17.0828 2852  dmadmin - ok
09:21:17.0859 2852  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
09:21:17.0890 2852  dmboot - ok
09:21:17.0906 2852  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
09:21:17.0906 2852  dmio - ok
09:21:17.0906 2852  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
09:21:17.0906 2852  dmload - ok
09:21:17.0921 2852  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
09:21:17.0921 2852  dmserver - ok
09:21:17.0937 2852  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
09:21:17.0953 2852  DMusic - ok
09:21:17.0968 2852  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
09:21:17.0968 2852  Dnscache - ok
09:21:18.0000 2852  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
09:21:18.0000 2852  Dot3svc - ok
09:21:18.0015 2852  [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
09:21:18.0015 2852  dpti2o - ok
09:21:18.0031 2852  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
09:21:18.0031 2852  drmkaud - ok
09:21:18.0078 2852  [ 00192F0C612591D585594E9467E6CA8B ] e1express       C:\WINDOWS\system32\DRIVERS\e1e5132.sys
09:21:18.0078 2852  e1express - ok
09:21:18.0109 2852  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
09:21:18.0109 2852  EapHost - ok
09:21:18.0171 2852  [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr         C:\WINDOWS\eHome\ehRecvr.exe
09:21:18.0171 2852  ehRecvr - ok
09:21:18.0203 2852  [ A53243709439AC2A4C216B817F8D7411 ] ehSched         C:\WINDOWS\eHome\ehSched.exe
09:21:18.0203 2852  ehSched - ok
09:21:18.0250 2852  [ 1B8A7905EAF8291CACE5089EF7D1D122 ] ELacpi          C:\WINDOWS\system32\DRIVERS\ELacpi.sys
09:21:18.0250 2852  ELacpi - ok
09:21:18.0265 2852  [ C22E0FA4402FC4E2C8B24C494D7BDA0D ] ELhid           C:\WINDOWS\System32\Drivers\Elhid.sys
09:21:18.0265 2852  ELhid - ok
09:21:18.0265 2852  [ 1720514E8AEF9FF424E634F277C1FBFD ] ELmon           C:\WINDOWS\System32\Drivers\Elmon.sys
09:21:18.0265 2852  ELmon - ok
09:21:18.0265 2852  [ 8DB2B8F8C31665F7989FCB46FC465D1A ] ELmou           C:\WINDOWS\System32\Drivers\Elmou.sys
09:21:18.0265 2852  ELmou - ok
09:21:18.0328 2852  [ 82111D249C4229ED99ED03A37A222DFE ] ELService       C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe
09:21:18.0328 2852  ELService - ok
09:21:18.0359 2852  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
09:21:18.0359 2852  ERSvc - ok
09:21:18.0390 2852  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
09:21:18.0406 2852  Eventlog - ok
09:21:18.0437 2852  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
09:21:18.0453 2852  EventSystem - ok
09:21:18.0453 2852  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
09:21:18.0453 2852  Fastfat - ok
09:21:18.0484 2852  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:21:18.0500 2852  FastUserSwitchingCompatibility - ok
09:21:18.0531 2852  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
09:21:18.0531 2852  Fdc - ok
09:21:18.0562 2852  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
09:21:18.0562 2852  Fips - ok
09:21:18.0562 2852  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
09:21:18.0562 2852  Flpydisk - ok
09:21:18.0609 2852  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
09:21:18.0609 2852  FltMgr - ok
09:21:18.0687 2852  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:21:18.0687 2852  FontCache3.0.0.0 - ok
09:21:18.0718 2852  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:21:18.0718 2852  Fs_Rec - ok
09:21:18.0734 2852  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:21:18.0734 2852  Ftdisk - ok
09:21:18.0765 2852  [ 3800262165CE4A2B9D1ED09E2BCE3E9C ] GoProto         C:\WINDOWS\system32\DRIVERS\goprot51.sys
09:21:18.0765 2852  GoProto - ok
09:21:18.0796 2852  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:21:18.0796 2852  Gpc - ok
09:21:18.0875 2852  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
09:21:18.0875 2852  gupdate - ok
09:21:18.0875 2852  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
09:21:18.0875 2852  gupdatem - ok
09:21:18.0921 2852  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:21:18.0921 2852  gusvc - ok
09:21:18.0953 2852  [ C25C70FD4D49391091D9EB8C747F19E6 ] hamachi_oem     C:\WINDOWS\system32\DRIVERS\gan_adapter.sys
09:21:18.0953 2852  hamachi_oem - ok
09:21:19.0000 2852  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:21:19.0000 2852  HDAudBus - ok
09:21:19.0031 2852  [ 77FFC30AED2A09BC5DABDD9BC3F392D5 ] HECI            C:\WINDOWS\system32\DRIVERS\HECI.sys
09:21:19.0031 2852  HECI - ok
09:21:19.0109 2852  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:21:19.0125 2852  helpsvc - ok
09:21:19.0156 2852  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
09:21:19.0156 2852  HidServ - ok
09:21:19.0187 2852  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:21:19.0187 2852  HidUsb - ok
09:21:19.0218 2852  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
09:21:19.0234 2852  hkmsvc - ok
09:21:19.0234 2852  [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
09:21:19.0234 2852  hpn - ok
09:21:19.0281 2852  [ C02DC9D4358E43D088F2061C2B2BF30E ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
09:21:19.0281 2852  HSFHWBS2 - ok
09:21:19.0328 2852  [ CBF6831420A97E8FBB91E5F52B707EF7 ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
09:21:19.0375 2852  HSF_DPV - ok
09:21:19.0421 2852  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
09:21:19.0421 2852  HTTP - ok
09:21:19.0468 2852  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
09:21:19.0468 2852  HTTPFilter - ok
09:21:19.0484 2852  [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
09:21:19.0484 2852  i2omgmt - ok
09:21:19.0515 2852  [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
09:21:19.0515 2852  i2omp - ok
09:21:19.0562 2852  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:21:19.0562 2852  i8042prt - ok
09:21:19.0609 2852  [ B122BE74E283A2BC7FEBC180BFD2EFD5 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
09:21:19.0609 2852  IAANTMON - ok
09:21:19.0625 2852  [ 019CF5F31C67030841233C545A0E217A ] iaStor          C:\WINDOWS\system32\DRIVERS\IASTOR.SYS
09:21:19.0625 2852  iaStor - ok
09:21:19.0718 2852  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:21:19.0750 2852  idsvc - ok
09:21:19.0781 2852  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
09:21:19.0796 2852  Imapi - ok
09:21:19.0828 2852  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
09:21:19.0828 2852  ImapiService - ok
09:21:19.0859 2852  [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
09:21:19.0859 2852  ini910u - ok
09:21:19.0859 2852  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
09:21:19.0875 2852  IntelIde - ok
09:21:19.0890 2852  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:21:19.0890 2852  intelppm - ok
09:21:19.0921 2852  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
09:21:19.0921 2852  Ip6Fw - ok
09:21:19.0921 2852  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:21:19.0921 2852  IpFilterDriver - ok
09:21:19.0921 2852  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:21:19.0921 2852  IpInIp - ok
09:21:19.0968 2852  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:21:19.0984 2852  IpNat - ok
09:21:19.0984 2852  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:21:19.0984 2852  IPSec - ok
09:21:19.0984 2852  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
09:21:19.0984 2852  IRENUM - ok
09:21:20.0000 2852  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:21:20.0000 2852  isapnp - ok
09:21:20.0031 2852  [ 7E9335D8FFE00C0AF3FFBD736139376E ] ISSM            C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
09:21:20.0031 2852  ISSM - ok
09:21:20.0109 2852  [ 9DBA73C2F1E76EC4CB837E67C5743596 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
09:21:20.0109 2852  JavaQuickStarterService - ok
09:21:20.0109 2852  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:21:20.0125 2852  Kbdclass - ok
09:21:20.0140 2852  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:21:20.0140 2852  kbdhid - ok
09:21:20.0156 2852  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
09:21:20.0156 2852  kmixer - ok
09:21:20.0171 2852  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
09:21:20.0187 2852  KSecDD - ok
09:21:20.0203 2852  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
09:21:20.0218 2852  lanmanserver - ok
09:21:20.0250 2852  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:21:20.0265 2852  lanmanworkstation - ok
09:21:20.0265 2852  lbrtfdc - ok
09:21:20.0281 2852  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
09:21:20.0281 2852  LmHosts - ok
09:21:20.0312 2852  [ EF4864AD4D7137DB43C99DF26A483A20 ] M1 Server       C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
09:21:20.0312 2852  M1 Server - ok
09:21:20.0343 2852  [ 8EC6C20B2C1570F0410DE2FBFD58B934 ] MCLServiceATL   C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
09:21:20.0343 2852  MCLServiceATL - ok
09:21:20.0375 2852  [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc         C:\WINDOWS\ehome\mcrdsvc.exe
09:21:20.0375 2852  McrdSvc - ok
09:21:20.0421 2852  [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:21:20.0421 2852  mdmxsdk - ok
09:21:20.0453 2852  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
09:21:20.0453 2852  Messenger - ok
09:21:20.0484 2852  [ B7521F69C0A9B29D356157229376FB21 ] MHN             C:\WINDOWS\System32\mhn.dll
09:21:20.0484 2852  MHN - ok
09:21:20.0515 2852  [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV          C:\WINDOWS\system32\DRIVERS\mhndrv.sys
09:21:20.0515 2852  MHNDRV - ok
09:21:20.0531 2852  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
09:21:20.0531 2852  mnmdd - ok
09:21:20.0578 2852  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
09:21:20.0578 2852  mnmsrvc - ok
09:21:20.0625 2852  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
09:21:20.0625 2852  Modem - ok
09:21:20.0625 2852  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:21:20.0640 2852  Mouclass - ok
09:21:20.0656 2852  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:21:20.0656 2852  mouhid - ok
09:21:20.0687 2852  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
09:21:20.0687 2852  MountMgr - ok
09:21:20.0687 2852  [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
09:21:20.0687 2852  mraid35x - ok
09:21:20.0734 2852  [ 2BC9E43F55DE8C30FC817ED56D0EE907 ] MREMPR5         C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
09:21:20.0734 2852  MREMPR5 - ok
09:21:20.0750 2852  [ 594B9D8194E3F4ECBF0325BD10BBEB05 ] MRENDIS5        C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
09:21:20.0750 2852  MRENDIS5 - ok
09:21:20.0765 2852  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:21:20.0765 2852  MRxDAV - ok
09:21:20.0812 2852  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:21:20.0812 2852  MRxSmb - ok
09:21:20.0843 2852  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
09:21:20.0843 2852  MSDTC - ok
09:21:20.0843 2852  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
09:21:20.0843 2852  Msfs - ok
09:21:20.0859 2852  MSIServer - ok
09:21:20.0859 2852  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:21:20.0859 2852  MSKSSRV - ok
09:21:20.0859 2852  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:21:20.0859 2852  MSPCLOCK - ok
09:21:20.0890 2852  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
09:21:20.0890 2852  MSPQM - ok
09:21:20.0890 2852  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:21:20.0890 2852  mssmbios - ok
09:21:20.0937 2852  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
09:21:20.0937 2852  Mup - ok
09:21:20.0968 2852  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
09:21:20.0968 2852  napagent - ok
09:21:21.0015 2852  [ 6B2DE42F8E9AEF946F4DBF02375766F3 ] NCUpdateSvc     C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
09:21:21.0015 2852  NCUpdateSvc - ok
09:21:21.0031 2852  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
09:21:21.0031 2852  NDIS - ok
09:21:21.0046 2852  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:21:21.0046 2852  NdisTapi - ok
09:21:21.0062 2852  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:21:21.0062 2852  Ndisuio - ok
09:21:21.0109 2852  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:21:21.0109 2852  NdisWan - ok
09:21:21.0156 2852  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
09:21:21.0156 2852  NDProxy - ok
09:21:21.0156 2852  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
09:21:21.0156 2852  NetBIOS - ok
09:21:21.0171 2852  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
09:21:21.0171 2852  NetBT - ok
09:21:21.0218 2852  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
09:21:21.0218 2852  NetDDE - ok
09:21:21.0218 2852  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
09:21:21.0234 2852  NetDDEdsdm - ok
09:21:21.0265 2852  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
09:21:21.0265 2852  Netlogon - ok
09:21:21.0312 2852  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
09:21:21.0312 2852  Netman - ok
09:21:21.0343 2852  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:21:21.0343 2852  NetTcpPortSharing - ok
09:21:21.0375 2852  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:21:21.0375 2852  NIC1394 - ok
09:21:21.0421 2852  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
09:21:21.0437 2852  Nla - ok
09:21:21.0437 2852  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
09:21:21.0437 2852  Npfs - ok
09:21:21.0453 2852  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
09:21:21.0468 2852  Ntfs - ok
09:21:21.0484 2852  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
09:21:21.0484 2852  NtLmSsp - ok
09:21:21.0531 2852  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
09:21:21.0546 2852  NtmsSvc - ok
09:21:21.0593 2852  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
09:21:21.0593 2852  Null - ok
09:21:21.0734 2852  [ 552A448EC72A5D76C2867EB92004DF88 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:21:21.0875 2852  nv - ok
09:21:21.0890 2852  [ C36E55318AD857311E56BFA620FC6CAD ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
09:21:21.0890 2852  NVSvc - ok
09:21:21.0890 2852  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:21:21.0906 2852  NwlnkFlt - ok
09:21:21.0906 2852  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:21:21.0906 2852  NwlnkFwd - ok
09:21:21.0906 2852  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:21:21.0906 2852  ohci1394 - ok
09:21:21.0984 2852  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:21:21.0984 2852  ose - ok
09:21:22.0000 2852  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
09:21:22.0000 2852  Parport - ok
09:21:22.0015 2852  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
09:21:22.0015 2852  PartMgr - ok
09:21:22.0031 2852  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
09:21:22.0031 2852  ParVdm - ok
09:21:22.0031 2852  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
09:21:22.0031 2852  PCI - ok
09:21:22.0031 2852  PCIDump - ok
09:21:22.0046 2852  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
09:21:22.0046 2852  PCIIde - ok
09:21:22.0046 2852  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
09:21:22.0046 2852  Pcmcia - ok
09:21:22.0062 2852  PDCOMP - ok
09:21:22.0062 2852  PDFRAME - ok
09:21:22.0062 2852  PDRELI - ok
09:21:22.0062 2852  PDRFRAME - ok
09:21:22.0078 2852  [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
09:21:22.0078 2852  perc2 - ok
09:21:22.0078 2852  [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
09:21:22.0078 2852  perc2hib - ok
09:21:22.0109 2852  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
09:21:22.0125 2852  PlugPlay - ok
09:21:22.0125 2852  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
09:21:22.0125 2852  PolicyAgent - ok
09:21:22.0140 2852  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:21:22.0140 2852  PptpMiniport - ok
09:21:22.0171 2852  [ F3C8D6E59A36D4DD5729782015E685A8 ] PrismXL         C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
09:21:22.0187 2852  PrismXL - ok
09:21:22.0187 2852  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:21:22.0187 2852  ProtectedStorage - ok
09:21:22.0187 2852  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
09:21:22.0203 2852  PSched - ok
09:21:22.0218 2852  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:21:22.0218 2852  Ptilink - ok
09:21:22.0234 2852  [ 617ACCADA2E0A0F43EC6030BBAC49513 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:21:22.0234 2852  PxHelp20 - ok
09:21:22.0265 2852  [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
09:21:22.0265 2852  ql1080 - ok
09:21:22.0265 2852  [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
09:21:22.0265 2852  Ql10wnt - ok
09:21:22.0265 2852  [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
09:21:22.0281 2852  ql12160 - ok
09:21:22.0281 2852  [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
09:21:22.0281 2852  ql1240 - ok
09:21:22.0281 2852  [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
09:21:22.0281 2852  ql1280 - ok
09:21:22.0312 2852  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:21:22.0312 2852  RasAcd - ok
09:21:22.0343 2852  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
09:21:22.0343 2852  RasAuto - ok
09:21:22.0359 2852  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:21:22.0359 2852  Rasl2tp - ok
09:21:22.0390 2852  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
09:21:22.0406 2852  RasMan - ok
09:21:22.0406 2852  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:21:22.0406 2852  RasPppoe - ok
09:21:22.0406 2852  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
09:21:22.0406 2852  Raspti - ok
09:21:22.0437 2852  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:21:22.0437 2852  Rdbss - ok
09:21:22.0453 2852  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:21:22.0453 2852  RDPCDD - ok
09:21:22.0468 2852  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:21:22.0468 2852  rdpdr - ok
09:21:22.0515 2852  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
09:21:22.0515 2852  RDPWD - ok
09:21:22.0562 2852  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
09:21:22.0562 2852  RDSessMgr - ok
09:21:22.0609 2852  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
09:21:22.0609 2852  redbook - ok
09:21:22.0656 2852  [ 029BE8E287C6840F9B8483538CDB776B ] Remote UI Service C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
09:21:22.0656 2852  Remote UI Service - ok
09:21:22.0687 2852  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
09:21:22.0687 2852  RemoteAccess - ok
09:21:22.0718 2852  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
09:21:22.0718 2852  RemoteRegistry - ok
09:21:22.0750 2852  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
09:21:22.0750 2852  RpcLocator - ok
09:21:22.0765 2852  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
09:21:22.0781 2852  RpcSs - ok
09:21:22.0812 2852  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
09:21:22.0828 2852  RSVP - ok
09:21:22.0828 2852  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
09:21:22.0843 2852  SamSs - ok
09:21:22.0859 2852  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
09:21:22.0859 2852  SCardSvr - ok
09:21:22.0890 2852  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
09:21:22.0906 2852  Schedule - ok
09:21:22.0937 2852  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
09:21:22.0937 2852  sdbus - ok
09:21:22.0953 2852  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:21:22.0953 2852  Secdrv - ok
09:21:22.0968 2852  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
09:21:22.0984 2852  seclogon - ok
09:21:22.0984 2852  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
09:21:22.0984 2852  SENS - ok
09:21:23.0031 2852  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
09:21:23.0031 2852  Serenum - ok
09:21:23.0046 2852  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
09:21:23.0046 2852  Serial - ok
09:21:23.0046 2852  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
09:21:23.0062 2852  Sfloppy - ok
09:21:23.0109 2852  [ 5FE18FFF6FBCF218290042009EAB023D ] sfng32          C:\WINDOWS\system32\drivers\sfng32.sys
09:21:23.0109 2852  sfng32 - ok
09:21:23.0156 2852  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
09:21:23.0156 2852  SharedAccess - ok
09:21:23.0171 2852  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:21:23.0171 2852  ShellHWDetection - ok
09:21:23.0187 2852  Simbad - ok
09:21:23.0187 2852  [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
09:21:23.0187 2852  sisagp - ok
09:21:23.0218 2852  [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
09:21:23.0218 2852  Sparrow - ok
09:21:23.0250 2852  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
09:21:23.0250 2852  splitter - ok
09:21:23.0296 2852  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
09:21:23.0312 2852  Spooler - ok
09:21:23.0312 2852  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
09:21:23.0312 2852  sr - ok
09:21:23.0343 2852  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
09:21:23.0343 2852  srservice - ok
09:21:23.0375 2852  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
09:21:23.0375 2852  Srv - ok
09:21:23.0406 2852  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
09:21:23.0406 2852  SSDPSRV - ok
09:21:23.0453 2852  [ 6D82CB78DE57A073E95431F3486B1B27 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
09:21:23.0453 2852  ssudmdm - ok
09:21:23.0500 2852  [ 3B24ADA55D3BDFDC0E6679D15FA668D8 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
09:21:23.0546 2852  STHDA - ok
09:21:23.0578 2852  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
09:21:23.0609 2852  stisvc - ok
09:21:23.0625 2852  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
09:21:23.0625 2852  swenum - ok
09:21:23.0640 2852  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
09:21:23.0640 2852  swmidi - ok
09:21:23.0640 2852  SwPrv - ok
09:21:23.0671 2852  [ 1FF3217614018630D0A6758630FC698C ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
09:21:23.0671 2852  symc810 - ok
09:21:23.0671 2852  [ 070E001D95CF725186EF8B20335F933C ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
09:21:23.0671 2852  symc8xx - ok
09:21:23.0687 2852  [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
09:21:23.0687 2852  sym_hi - ok
09:21:23.0703 2852  [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
09:21:23.0703 2852  sym_u3 - ok
09:21:23.0718 2852  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
09:21:23.0734 2852  sysaudio - ok
09:21:23.0750 2852  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
09:21:23.0750 2852  SysmonLog - ok
09:21:23.0781 2852  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
09:21:23.0796 2852  TapiSrv - ok
09:21:23.0859 2852  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:21:23.0859 2852  Tcpip - ok
09:21:23.0890 2852  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
09:21:23.0906 2852  TDPIPE - ok
09:21:23.0906 2852  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
09:21:23.0906 2852  TDTCP - ok
09:21:23.0921 2852  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
09:21:23.0937 2852  TermDD - ok
09:21:23.0984 2852  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
09:21:23.0984 2852  TermService - ok
09:21:24.0015 2852  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
09:21:24.0031 2852  Themes - ok
09:21:24.0046 2852  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
09:21:24.0046 2852  TlntSvr - ok
09:21:24.0062 2852  [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
09:21:24.0062 2852  TosIde - ok
09:21:24.0078 2852  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
09:21:24.0093 2852  TrkWks - ok
09:21:24.0109 2852  [ 05D7A8529EDA7AEBBF13FC3CF998CA48 ] TSHWMDTCP       C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys
09:21:24.0125 2852  TSHWMDTCP - ok
09:21:24.0125 2852  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
09:21:24.0125 2852  Udfs - ok
09:21:24.0140 2852  [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
09:21:24.0140 2852  ultra - ok
09:21:24.0203 2852  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
09:21:24.0203 2852  Update - ok
09:21:24.0218 2852  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
09:21:24.0234 2852  upnphost - ok
09:21:24.0265 2852  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
09:21:24.0281 2852  UPS - ok
09:21:24.0296 2852  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:21:24.0296 2852  usbccgp - ok
09:21:24.0328 2852  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:21:24.0328 2852  usbehci - ok
09:21:24.0343 2852  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:21:24.0343 2852  usbhub - ok
09:21:24.0375 2852  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:21:24.0390 2852  usbprint - ok
09:21:24.0421 2852  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:21:24.0421 2852  usbscan - ok
09:21:24.0453 2852  [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:21:24.0453 2852  usbstor - ok
09:21:24.0468 2852  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:21:24.0468 2852  usbuhci - ok
09:21:24.0484 2852  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
09:21:24.0484 2852  VgaSave - ok
09:21:24.0484 2852  [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
09:21:24.0484 2852  viaagp - ok
09:21:24.0500 2852  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
09:21:24.0500 2852  ViaIde - ok
09:21:24.0515 2852  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
09:21:24.0531 2852  VolSnap - ok
09:21:24.0562 2852  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
09:21:24.0593 2852  VSS - ok
09:21:24.0609 2852  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
09:21:24.0625 2852  W32Time - ok
09:21:24.0640 2852  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:21:24.0640 2852  Wanarp - ok
09:21:24.0687 2852  [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw          C:\WINDOWS\system32\DRIVERS\wanatw4.sys
09:21:24.0687 2852  wanatw - ok
09:21:24.0687 2852  WDICA - ok
09:21:24.0703 2852  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
09:21:24.0703 2852  wdmaud - ok
09:21:24.0734 2852  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
09:21:24.0734 2852  WebClient - ok
09:21:24.0796 2852  [ 59D043485A6EDA2ED2685C81489AE5BD ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
09:21:24.0828 2852  winachsf - ok
09:21:24.0875 2852  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
09:21:24.0875 2852  winmgmt - ok
09:21:24.0906 2852  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
09:21:24.0906 2852  WmdmPmSN - ok
09:21:24.0937 2852  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
09:21:24.0968 2852  Wmi - ok
09:21:25.0000 2852  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:21:25.0000 2852  WmiApSrv - ok
09:21:25.0062 2852  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:21:25.0093 2852  WMPNetworkSvc - ok
09:21:25.0125 2852  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
09:21:25.0125 2852  WpdUsb - ok
09:21:25.0156 2852  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:21:25.0156 2852  WS2IFSL - ok
09:21:25.0203 2852  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
09:21:25.0218 2852  wscsvc - ok
09:21:25.0250 2852  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
09:21:25.0265 2852  wuauserv - ok
09:21:25.0296 2852  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:21:25.0296 2852  WudfPf - ok
09:21:25.0296 2852  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:21:25.0312 2852  WudfRd - ok
09:21:25.0328 2852  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
09:21:25.0343 2852  WudfSvc - ok
09:21:25.0390 2852  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
09:21:25.0406 2852  WZCSVC - ok
09:21:25.0453 2852  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
09:21:25.0453 2852  xmlprov - ok
09:21:25.0500 2852  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
09:21:25.0515 2852  YahooAUService - ok
09:21:25.0515 2852  ================ Scan global ===============================
09:21:25.0546 2852  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
09:21:25.0578 2852  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
09:21:25.0609 2852  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
09:21:25.0625 2852  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
09:21:25.0640 2852  [Global] - ok
09:21:25.0640 2852  ================ Scan MBR ==================================
09:21:25.0656 2852  [ B20939CD98B7710036274839082AE757 ] \Device\Harddisk0\DR0
09:21:25.0859 2852  \Device\Harddisk0\DR0 - ok
09:21:25.0859 2852  ================ Scan VBR ==================================
09:21:25.0859 2852  [ 293379803C2F02B0910F6912AB0FF1B0 ] \Device\Harddisk0\DR0\Partition1
09:21:25.0859 2852  \Device\Harddisk0\DR0\Partition1 - ok
09:21:25.0875 2852  [ 1AB633C2580F06FC56797A73C9389BC2 ] \Device\Harddisk0\DR0\Partition2
09:21:25.0875 2852  \Device\Harddisk0\DR0\Partition2 - ok
09:21:25.0875 2852  ============================================================
09:21:25.0875 2852  Scan finished
09:21:25.0875 2852  ============================================================
09:21:25.0875 5888  Detected object count: 0
09:21:25.0875 5888  Actual detected object count: 0

----------------------------------

----------------------------------

----------------------------------

 

# AdwCleaner v2.306 - Logfile created 08/15/2013 at 09:34:58
# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - LAURIE913
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\Desktop\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\.autoreg
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Program Files\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v3.6.24 (en-US)

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\db5mhnt0.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3475 octets] - [15/08/2013 09:34:58]

########## EOF - C:\AdwCleaner[S1].txt - [3535 octets] ##########

 

-----------------------------

-----------------------------

-----------------------------

 

ESET Scan:  No Threats Found

 

-----------------------------

-----------------------------

-----------------------------

 

 

 

 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:42 AM

Posted 15 August 2013 - 10:23 AM

Hello again, in Control Panel uninstall these and reboot
Java™ 6 Update 26 (Version: 6.0.260)
Java™ 6 Update 3 (Version: 1.6.0.30)
Java™ 6 Update 5 (Version: 1.6.0.50)

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions
  • for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 mapletree

mapletree
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 15 August 2013 - 12:59 PM

Hi, boopme ...

 

Removed the three Java Updates (26, 3, and 5). Ran the Junkware Removal Tool and

downloaded Malwarebytes Anti-Malware (had a previous version, which I removed) and

scanned.

 

Here is the JRT log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.4.6 (08.15.2013:1)
OS: Microsoft Windows XP x86
Ran by Administrator on Thu 08/15/2013 at 13:11:30.79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\bigfix"

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 08/15/2013 at 13:15:57.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

-----------------------------

-----------------------------

-----------------------------

 

Here is the Malwarebytes log:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.15.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: LAURIE913 [administrator]

8/15/2013 1:40:31 PM
mbam-log-2013-08-15 (13-40-31).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 243717
Time elapsed: 7 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

-------------------------

-------------------------

-------------------------

 

While uninstalling the older version of Malwarebytes and also while installing the new

version, I received the following message:

 

"W Photo Studio - The feature you are trying to use is on a network resource that is

unavailable. Click OK to try again or enter an alternate path to a folder containing the

installation package 'Walgreen's Digital Photo Manager.msi' in the box below."

 

I clicked OK a few times, each time this message appeared. I clicked cancel twice and

it finally went on to complet the installation (and previously, the removal) of Malwarebytes.

This may not be of any significance but, since it was unusual, I thought I'd include it with

these logs.

 

Thanks again so much for your time. I really appreicate it.

 

best,

mapletree



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:42 AM

Posted 15 August 2013 - 07:18 PM

Ok, this looks good.. I believe that was just a glitch as it went by.

If you want Java back.
Install Version 7 Update 25 go HERE and click on Windows Offline (32-bit)

After installing Java, you may need to reload or quit your browser in order to enable Java in your browser.

 

How is it now?

 

Oh and you are most welcome!


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 mapletree

mapletree
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 16 August 2013 - 07:49 AM

boopme:

 

Ok, indeed, everything seems to running well.

 

Thanks so much for your assistance. It really was great.

 

best,

mapletree



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:42 AM

Posted 16 August 2013 - 09:34 AM

Excellent then,
Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can re-infect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup
  • to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically. Vista and Windows 7 users can refer to these links:
  • Create a New Restore Point in Vista
  • Create a New Restore Point in Windows 7 (alternate method)
  • Disk Cleanup in Vista
  • Disk Cleanup in Windows 7
  • ◾Reboot and see how it is.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users