Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Old virus-Desktop Icons don't do anything


  • Please log in to reply
34 replies to this topic

#1 cds568

cds568

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:08:57 AM

Posted 13 September 2013 - 10:03 AM

I have a laptop that was infected probably over a year ago and has been sitting.

The desktop icons don't do anything.

The Programs folder is empty.

I can't run Malware bytes

It doesn't see wirless networks.

 

It has windows XP 5.1 SP2

If you can help, let me know,

Thx,

Carl

 

Mod Edit: Moved topic from Logs forum. No logs posted. ~bloopie


Edited by bloopie, 13 September 2013 - 12:22 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:57 AM

Posted 17 September 2013 - 11:50 AM

Hello try downloading these from another PC onto a Flash drive or CD and run of that.

Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.


Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues
.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 cds568

cds568
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:08:57 AM

Posted 19 September 2013 - 05:51 AM

Hi,

I can't seem to attach the logs as files.  I can paste them as text, but wasn't sure i should do that.

Also, Malwarebytes doesn't install.  It reaches the point where it creates a desktop icon, then an error window pops up saying it denies access and it says it is rolling back.

Thanks.



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:57 AM

Posted 19 September 2013 - 09:16 PM

Yes please paste the logs.
Try the Chameleon aspect of MBAM
 
-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 cds568

cds568
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:08:57 AM

Posted 19 September 2013 - 10:01 PM

Here are the logs:   I will work on the Malwarebytes in the meantime

Rkill:

Rkill 2.6.1 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 09/18/2013 12:35:53 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 2
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\.exe\shell found and deleted!
 
  * HKLM\Software\Classes\exefile\shell\open\command "@" was changed. It was reset to "%1" %*!
 
  * HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
  * HKCU\SOFTWARE\Classes\.exe has been deleted!
  * HKCU\SOFTWARE\Classes\exefile has been deleted!
 
 
Performing miscellaneous checks:
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
Checking Windows Service Integrity: 
 
 * System Restore Service (srservice) is not Running.
   Startup Type set to: Automatic
 
 * wuauserv [Missing Service]
 
Searching for Missing Digital Signatures: 
 
 * C:\WINDOWS\System32\drivers\volsnap.sys : 52,352 : 08/10/2004 07:00 AM : e33edbb864a22f7474d2b297e44ee0b6 [NoSig]
 +-> C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\volsnap.sys : 52,352 : 04/13/2008 02:41 PM : 4c8fcb5cc53aab716d810740fe59d025 [Pos Repl]
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 09/18/2013 12:40:01 PM
Execution time: 0 hours(s), 4 minute(s), and 7 seconds(s)
 

TDSS...before reboot:

12:37:30.0250 0x0b00  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
12:37:30.0890 0x0b00  ============================================================
12:37:30.0890 0x0b00  Current date / time: 2013/09/18 12:37:30.0890
12:37:30.0890 0x0b00  SystemInfo:
12:37:30.0890 0x0b00  
12:37:30.0890 0x0b00  OS Version: 5.1.2600 ServicePack: 2.0
12:37:30.0890 0x0b00  Product type: Workstation
12:37:30.0890 0x0b00  ComputerName: MANDA
12:37:30.0906 0x0b00  UserName: Amanda
12:37:30.0906 0x0b00  Windows directory: C:\WINDOWS
12:37:30.0906 0x0b00  System windows directory: C:\WINDOWS
12:37:30.0906 0x0b00  Processor architecture: Intel x86
12:37:30.0906 0x0b00  Number of processors: 1
12:37:30.0906 0x0b00  Page size: 0x1000
12:37:30.0906 0x0b00  Boot type: Normal boot
12:37:30.0906 0x0b00  ============================================================
12:37:38.0140 0x0b00  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:37:38.0187 0x0b00  Drive \Device\Harddisk1\DR6 - Size: 0xF1800000 (3.77 Gb), SectorSize: 0x200, Cylinders: 0x1EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:37:38.0187 0x0b00  ============================================================
12:37:38.0187 0x0b00  \Device\Harddisk0\DR0:
12:37:38.0234 0x0b00  MBR partitions:
12:37:38.0234 0x0b00  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F608, BlocksNum 0x8BA61DB
12:37:38.0234 0x0b00  \Device\Harddisk1\DR6:
12:37:38.0250 0x0b00  MBR partitions:
12:37:38.0250 0x0b00  \Device\Harddisk1\DR6\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x78BFC1
12:37:38.0250 0x0b00  ============================================================
12:37:39.0015 0x0b00  C: <-> \Device\Harddisk0\DR0\Partition1
12:37:39.0015 0x0b00  ============================================================
12:37:39.0015 0x0b00  Initialize success
12:37:39.0015 0x0b00  ============================================================
12:37:51.0906 0x04a4  ============================================================
12:37:51.0906 0x04a4  Scan started
12:37:51.0906 0x04a4  Mode: Manual; 
12:37:51.0906 0x04a4  ============================================================
12:37:56.0406 0x04a4  ================ Scan system memory ========================
12:38:03.0500 0x04a4  System memory - ok
12:38:03.0500 0x04a4  ================ Scan services =============================
12:38:04.0140 0x04a4  [ 7E9A589341629748B0430A02B8BCEB15 ] 6824E           C:\WINDOWS\system32\drivers\6824E.sys
12:38:05.0203 0x04a4  6824E - ok
12:38:05.0218 0x04a4  Abiosdsk - ok
12:38:05.0312 0x04a4  [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:38:05.0625 0x04a4  abp480n5 - ok
12:38:05.0812 0x04a4  [ A10C7534F7223F4A73A948967D00E69B ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:38:06.0156 0x04a4  ACPI - ok
12:38:06.0234 0x04a4  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
12:38:06.0484 0x04a4  ACPIEC - ok
12:38:06.0546 0x04a4  [ 9A11864873DA202C996558B2106B0BBC ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:38:06.0859 0x04a4  adpu160m - ok
12:38:07.0109 0x04a4  [ 1EE7B434BA961EF845DE136224C30FEC ] aec             C:\WINDOWS\system32\drivers\aec.sys
12:38:07.0375 0x04a4  aec - ok
12:38:07.0421 0x04a4  [ 076394A345EE5E9E3911FC0F058F4F38 ] AegisP          C:\WINDOWS\system32\DRIVERS\AegisP.sys
12:38:07.0937 0x04a4  AegisP - ok
12:38:08.0031 0x04a4  [ 55E6E1C51B6D30E54335750955453702 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
12:38:08.0218 0x04a4  AFD - ok
12:38:08.0281 0x04a4  [ 2C428FA0C3E3A01ED93C9B2A27D8D4BB ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
12:38:08.0515 0x04a4  agp440 - ok
12:38:08.0546 0x04a4  [ 67288B07D6ABA6C1267B626E67BC56FD ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:38:08.0718 0x04a4  agpCPQ - ok
12:38:08.0828 0x04a4  [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:38:09.0156 0x04a4  Aha154x - ok
12:38:09.0203 0x04a4  [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:38:09.0468 0x04a4  aic78u2 - ok
12:38:09.0515 0x04a4  [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:38:09.0687 0x04a4  aic78xx - ok
12:38:09.0781 0x04a4  [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
12:38:09.0984 0x04a4  Alerter - ok
12:38:10.0171 0x04a4  [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG             C:\WINDOWS\System32\alg.exe
12:38:10.0375 0x04a4  ALG - ok
12:38:10.0593 0x04a4  [ 1140AB9938809700B46BB88E46D72A96 ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
12:38:10.0765 0x04a4  AliIde - ok
12:38:10.0890 0x04a4  [ F312B7CEF21EFF52FA23056B9D815FAD ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:38:11.0156 0x04a4  alim1541 - ok
12:38:11.0468 0x04a4  [ 675C16A3C1F8482F85EE4A97FC0DDE3D ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:38:11.0984 0x04a4  amdagp - ok
12:38:12.0093 0x04a4  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
12:38:12.0468 0x04a4  amsint - ok
12:38:13.0015 0x04a4  [ AEB775A2BAE0F392BA6ADC0BB706233A ] ApfiltrService  C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
12:38:13.0281 0x04a4  ApfiltrService - ok
12:38:13.0500 0x04a4  [ EC94E05B76D033B74394E7B2175103CF ] APPDRV          C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
12:38:13.0968 0x04a4  APPDRV - ok
12:38:14.0796 0x04a4  [ 0B89911A8BCC54B300844ECB87CADA84 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
12:38:14.0875 0x04a4  Apple Mobile Device - ok
12:38:14.0984 0x04a4  [ CF46A776D2E44F180AF2773A9844D260 ] Application Updater C:\Program Files\Application Updater\ApplicationUpdater.exe
12:38:15.0078 0x04a4  Application Updater - ok
12:38:15.0140 0x04a4  [ 9C3C12975C97119412802B181FBEEFFE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
12:38:15.0140 0x04a4  AppMgmt - ok
12:38:15.0187 0x04a4  [ F0D692B0BFFB46E30EB3CEA168BBC49F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:38:15.0468 0x04a4  Arp1394 - ok
12:38:15.0500 0x04a4  [ 62D318E9A0C8FC9B780008E724283707 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
12:38:15.0687 0x04a4  asc - ok
12:38:15.0765 0x04a4  [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:38:16.0078 0x04a4  asc3350p - ok
12:38:16.0140 0x04a4  [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:38:16.0296 0x04a4  asc3550 - ok
12:38:16.0500 0x04a4  [ E1A1206A4FB19B675E947B29CCD25FBA ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
12:38:16.0843 0x04a4  aspnet_state - ok
12:38:16.0890 0x04a4  [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:38:17.0062 0x04a4  AsyncMac - ok
12:38:17.0125 0x04a4  [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
12:38:17.0125 0x04a4  atapi - ok
12:38:17.0140 0x04a4  Atdisk - ok
12:38:17.0203 0x04a4  [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:38:17.0468 0x04a4  Atmarpc - ok
12:38:17.0531 0x04a4  [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
12:38:17.0546 0x04a4  AudioSrv - ok
12:38:17.0734 0x04a4  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
12:38:17.0953 0x04a4  audstub - ok
12:38:18.0203 0x04a4  [ 22C5480B58F4A6322F844F18720ACD6B ] AVG Security Toolbar Service C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe
12:38:19.0296 0x04a4  AVG Security Toolbar Service - ok
12:38:19.0484 0x04a4  [ B9AE3C63A53396CD669EF8AE9C9CBD85 ] avg8emc         C:\PROGRA~1\AVG\AVG8\avgemc.exe
12:38:19.0625 0x04a4  avg8emc - ok
12:38:19.0687 0x04a4  [ DB338A6BD3976904EB0F8343F51E64EB ] avg8wd          C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
12:38:19.0765 0x04a4  avg8wd - ok
12:38:19.0828 0x04a4  [ BC12F2404BB6F2B6B2FF3C4C246CB752 ] AvgLdx86        C:\WINDOWS\System32\Drivers\avgldx86.sys
12:38:20.0093 0x04a4  AvgLdx86 - ok
12:38:20.0125 0x04a4  [ 5903D729D4F0C5BCA74123C96A1B29E0 ] AvgMfx86        C:\WINDOWS\System32\Drivers\avgmfx86.sys
12:38:20.0375 0x04a4  AvgMfx86 - ok
12:38:20.0453 0x04a4  [ 92D8E1E8502E649B60E70074EB29C380 ] AvgTdiX         C:\WINDOWS\System32\Drivers\avgtdix.sys
12:38:20.0671 0x04a4  AvgTdiX - ok
12:38:20.0734 0x04a4  [ 78123F44BE9E4768852A3A017E02D637 ] bcm4sbxp        C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
12:38:21.0218 0x04a4  bcm4sbxp - ok
12:38:21.0546 0x04a4  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
12:38:21.0765 0x04a4  Beep - ok
12:38:21.0828 0x04a4  [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS            C:\WINDOWS\system32\qmgr.dll
12:38:21.0953 0x04a4  BITS - ok
12:38:22.0046 0x04a4  [ CFD4C3352E29A8B729536648466E8DF5 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:38:22.0140 0x04a4  Bonjour Service - ok
12:38:22.0187 0x04a4  [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser         C:\WINDOWS\System32\browser.dll
12:38:22.0187 0x04a4  Browser - ok
12:38:22.0218 0x04a4  BVRPMPR5 - ok
12:38:22.0234 0x04a4  bvrp_pci - ok
12:38:22.0296 0x04a4  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:38:22.0562 0x04a4  cbidf - ok
12:38:22.0578 0x04a4  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
12:38:22.0578 0x04a4  cbidf2k - ok
12:38:22.0734 0x04a4  [ 5753532C476B83119D85AA43B1B10AB3 ] CCALib8         C:\Program Files\Canon\CAL\CALMAIN.exe
12:38:22.0812 0x04a4  CCALib8 - ok
12:38:22.0859 0x04a4  [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:38:23.0000 0x04a4  cd20xrnt - ok
12:38:23.0046 0x04a4  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
12:38:23.0343 0x04a4  Cdaudio - ok
12:38:23.0750 0x04a4  [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
12:38:23.0921 0x04a4  Cdfs - ok
12:38:24.0281 0x04a4  [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:38:24.0531 0x04a4  Cdrom - ok
12:38:24.0531 0x04a4  Changer - ok
12:38:24.0593 0x04a4  [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc           C:\WINDOWS\system32\cisvc.exe
12:38:24.0750 0x04a4  CiSvc - ok
12:38:24.0812 0x04a4  [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
12:38:24.0828 0x04a4  ClipSrv - ok
12:38:24.0890 0x04a4  [ 4266BE808F85826AEDF3C64C1E240203 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:38:25.0125 0x04a4  CmBatt - ok
12:38:25.0187 0x04a4  [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:38:25.0359 0x04a4  CmdIde - ok
12:38:25.0406 0x04a4  [ DF1B1A24BF52D0EBC01ED4ECE8979F50 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:38:25.0718 0x04a4  Compbatt - ok
12:38:25.0750 0x04a4  COMSysApp - ok
12:38:25.0828 0x04a4  [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:38:26.0156 0x04a4  Cpqarray - ok
12:38:26.0250 0x04a4  [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
12:38:26.0250 0x04a4  CryptSvc - ok
12:38:26.0312 0x04a4  [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:38:26.0546 0x04a4  dac2w2k - ok
12:38:26.0593 0x04a4  [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:38:26.0937 0x04a4  dac960nt - ok
12:38:27.0328 0x04a4  [ 24B5D53B9ACCC1E2EDCF0A878D6659D4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
12:38:27.0390 0x04a4  DcomLaunch - ok
12:38:27.0546 0x04a4  [ EF545E1A4B043DA4C84E230DD471C55F ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
12:38:27.0578 0x04a4  Dhcp - ok
12:38:27.0640 0x04a4  [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
12:38:27.0640 0x04a4  Disk - ok
12:38:27.0656 0x04a4  dmadmin - ok
12:38:27.0750 0x04a4  [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
12:38:28.0156 0x04a4  dmboot - ok
12:38:28.0187 0x04a4  [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
12:38:28.0359 0x04a4  dmio - ok
12:38:28.0468 0x04a4  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
12:38:28.0734 0x04a4  dmload - ok
12:38:29.0031 0x04a4  [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver        C:\WINDOWS\System32\dmserver.dll
12:38:29.0359 0x04a4  dmserver - ok
12:38:29.0484 0x04a4  [ A6F881284AC1150E37D9AE47FF601267 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
12:38:29.0687 0x04a4  DMusic - ok
12:38:29.0734 0x04a4  [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
12:38:29.0875 0x04a4  Dnscache - ok
12:38:29.0921 0x04a4  [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:38:30.0140 0x04a4  dpti2o - ok
12:38:30.0218 0x04a4  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
12:38:30.0453 0x04a4  drmkaud - ok
12:38:30.0718 0x04a4  [ E814854E6B246CCF498874839AB64D77 ] drvmcdb         C:\WINDOWS\system32\drivers\drvmcdb.sys
12:38:30.0984 0x04a4  drvmcdb - ok
12:38:31.0015 0x04a4  [ EE83A4EBAE70BC93CF14879D062F548B ] drvnddm         C:\WINDOWS\system32\drivers\drvnddm.sys
12:38:31.0484 0x04a4  drvnddm - ok
12:38:31.0609 0x04a4  [ FE80901578E7E3DA70299A5AEB2B7FBD ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
12:38:32.0546 0x04a4  DSBrokerService - ok
12:38:32.0781 0x04a4  [ 413F2D5F9D802688242C23B38F767ECB ] DSproct         C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
12:38:33.0250 0x04a4  DSproct - ok
12:38:33.0468 0x04a4  [ DFEABB7CFFFADEA4A912AB95BDC3177A ] dsunidrv        C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
12:38:34.0171 0x04a4  dsunidrv - ok
12:38:34.0390 0x04a4  [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
12:38:34.0718 0x04a4  E100B - ok
12:38:34.0984 0x04a4  [ 8301243BDE5B6CD316D79C0191D50D9A ] ehRecvr         C:\WINDOWS\eHome\ehRecvr.exe
12:38:35.0000 0x04a4  ehRecvr - ok
12:38:35.0046 0x04a4  [ A53243709439AC2A4C216B817F8D7411 ] ehSched         C:\WINDOWS\eHome\ehSched.exe
12:38:35.0046 0x04a4  ehSched - ok
12:38:35.0296 0x04a4  [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc           C:\WINDOWS\System32\ersvc.dll
12:38:35.0296 0x04a4  ERSvc - ok
12:38:35.0375 0x04a4  [ 4712531AB7A01B7EE059853CA17D39BD ] Eventlog        C:\WINDOWS\system32\services.exe
12:38:35.0375 0x04a4  Eventlog - ok
12:38:35.0468 0x04a4  [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem     C:\WINDOWS\system32\es.dll
12:38:35.0484 0x04a4  EventSystem - ok
12:38:35.0562 0x04a4  [ D335183519E6814DFAB4ED3DD806A943 ] EvtEng          C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
12:38:36.0062 0x04a4  EvtEng - ok
12:38:36.0171 0x04a4  [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
12:38:36.0234 0x04a4  Fastfat - ok
12:38:36.0296 0x04a4  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:38:36.0625 0x04a4  FastUserSwitchingCompatibility - ok
12:38:36.0734 0x04a4  [ FCBD571FA0EE8DC238944AE5FAB74461 ] Fax             C:\WINDOWS\system32\fxssvc.exe
12:38:36.0984 0x04a4  Fax - ok
12:38:37.0046 0x04a4  [ CED2E8396A8838E59D8FD529C680E02C ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
12:38:37.0187 0x04a4  Fdc - ok
12:38:37.0265 0x04a4  [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
12:38:37.0421 0x04a4  Fips - ok
12:38:37.0468 0x04a4  [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:38:37.0656 0x04a4  Flpydisk - ok
12:38:37.0937 0x04a4  [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
12:38:38.0156 0x04a4  FltMgr - ok
12:38:38.0187 0x04a4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:38:38.0437 0x04a4  Fs_Rec - ok
12:38:38.0609 0x04a4  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:38:38.0750 0x04a4  Ftdisk - ok
12:38:38.0843 0x04a4  [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:38:38.0984 0x04a4  Gpc - ok
12:38:39.0171 0x04a4  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
12:38:39.0562 0x04a4  gupdate - ok
12:38:39.0687 0x04a4  [ 5467F1FF0AF264566740F67E8B810735 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:38:40.0218 0x04a4  gusvc - ok
12:38:40.0312 0x04a4  [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:38:40.0328 0x04a4  helpsvc - ok
12:38:40.0343 0x04a4  HidServ - ok
12:38:40.0390 0x04a4  [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:38:40.0515 0x04a4  HidUsb - ok
12:38:40.0546 0x04a4  [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
12:38:40.0718 0x04a4  hpn - ok
12:38:40.0781 0x04a4  [ 863CC3A82C63C9F60ACF2E85D5310620 ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
12:38:40.0968 0x04a4  HPZid412 - ok
12:38:41.0046 0x04a4  [ 08CB72E95DD75B61F2966B311D0E4366 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
12:38:41.0468 0x04a4  HPZipr12 - ok
12:38:41.0578 0x04a4  [ CA990306ED4EF732AF9695BFF24FC96F ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
12:38:41.0828 0x04a4  HPZius12 - ok
12:38:41.0921 0x04a4  [ 140BA850417896B6B3322048DE280368 ] HSFHWICH        C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
12:38:42.0296 0x04a4  HSFHWICH - ok
12:38:42.0390 0x04a4  [ B2DFC168D6F7512FAEA085253C5A37AD ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
12:38:42.0781 0x04a4  HSF_DP - ok
12:38:42.0875 0x04a4  [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
12:38:43.0015 0x04a4  HTTP - ok
12:38:43.0078 0x04a4  [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
12:38:43.0484 0x04a4  HTTPFilter - ok
12:38:43.0796 0x04a4  [ 8F09F91B5C91363B77BCD15599570F2C ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
12:38:43.0953 0x04a4  i2omgmt - ok
12:38:43.0984 0x04a4  [ ED6BF9E441FDEA13292A6D30A64A24C3 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:38:44.0171 0x04a4  i2omp - ok
12:38:44.0218 0x04a4  [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:38:44.0437 0x04a4  i8042prt - ok
12:38:44.0578 0x04a4  [ 5A8E05F1D5C36ABD58CFFA111EB325EA ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
12:38:45.0109 0x04a4  ialm - ok
12:38:45.0171 0x04a4  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:38:45.0437 0x04a4  IDriverT - ok
12:38:45.0453 0x04a4  [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
12:38:45.0609 0x04a4  Imapi - ok
12:38:45.0687 0x04a4  [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService    C:\WINDOWS\system32\imapi.exe
12:38:45.0984 0x04a4  ImapiService - ok
12:38:46.0062 0x04a4  [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:38:46.0343 0x04a4  ini910u - ok
12:38:46.0390 0x04a4  [ 2D722B2B54AB55B2FA475EB58D7B2AAD ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
12:38:46.0531 0x04a4  IntelIde - ok
12:38:46.0593 0x04a4  [ 279FB78702454DFF2BB445F238C048D2 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:38:46.0718 0x04a4  intelppm - ok
12:38:46.0781 0x04a4  [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
12:38:46.0906 0x04a4  Ip6Fw - ok
12:38:46.0968 0x04a4  [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:38:47.0140 0x04a4  IpInIp - ok
12:38:47.0218 0x04a4  [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:38:47.0515 0x04a4  IpNat - ok
12:38:47.0593 0x04a4  [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:38:47.0921 0x04a4  IPSec - ok
12:38:47.0984 0x04a4  [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
12:38:48.0125 0x04a4  IRENUM - ok
12:38:48.0328 0x04a4  [ F5CF53D41F5A6B9D66B8C49C2DE43064 ] IS360service    C:\Program Files\IObit\IObit Security 360\IS360srv.exe
12:38:48.0453 0x04a4  IS360service - ok
12:38:48.0546 0x04a4  [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:38:48.0656 0x04a4  isapnp - ok
12:38:48.0687 0x04a4  itlperf - ok
12:38:48.0750 0x04a4  [ 872D090CA5C306F62D1982BCE6302376 ] IWCA            C:\WINDOWS\system32\DRIVERS\iwca.sys
12:38:49.0078 0x04a4  IWCA - ok
12:38:49.0218 0x04a4  [ 09417134F248DFCEEA15C72BCC87F592 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
12:38:49.0296 0x04a4  JavaQuickStarterService - ok
12:38:49.0359 0x04a4  [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:38:49.0500 0x04a4  Kbdclass - ok
12:38:49.0546 0x04a4  [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
12:38:49.0718 0x04a4  kmixer - ok
12:38:49.0765 0x04a4  [ 1BE7CC2535D760AE4D481576EB789F24 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
12:38:49.0984 0x04a4  KSecDD - ok
12:38:50.0125 0x04a4  [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
12:38:50.0125 0x04a4  lanmanserver - ok
12:38:50.0187 0x04a4  [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:38:50.0187 0x04a4  lanmanworkstation - ok
12:38:50.0203 0x04a4  lbrtfdc - ok
12:38:50.0281 0x04a4  [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
12:38:50.0281 0x04a4  LmHosts - ok
12:38:50.0453 0x04a4  [ CB3A8976DE2F65349322DA7627CEA223 ] mcmscsvc        C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
12:38:50.0500 0x04a4  mcmscsvc - ok
12:38:50.0750 0x04a4  [ C69E71E00B30B60556D3E096699BD423 ] McNASvc         c:\program files\common files\mcafee\mna\mcnasvc.exe
12:38:51.0187 0x04a4  McNASvc - ok
12:38:51.0406 0x04a4  [ 21456F3051CBEFD1F2D60D8B9AB9C6EE ] McODS           C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
12:38:52.0062 0x04a4  McODS - ok
12:38:52.0250 0x04a4  [ 8CF3DA0BE6094C34D7C4A85493E60547 ] McProxy         c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
12:38:52.0312 0x04a4  McProxy - ok
12:38:52.0390 0x04a4  [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc         C:\WINDOWS\ehome\mcrdsvc.exe
12:38:52.0390 0x04a4  McrdSvc - ok
12:38:52.0500 0x04a4  [ 33734ABFA52EC8D096A1254D645E9B4F ] McShield        C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
12:38:52.0593 0x04a4  McShield - ok
12:38:52.0750 0x04a4  [ FD47DF2BCC3544DF65B01AD6B6062430 ] McSysmon        C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
12:38:52.0781 0x04a4  McSysmon - ok
12:38:52.0812 0x04a4  [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:38:52.0968 0x04a4  mdmxsdk - ok
12:38:53.0031 0x04a4  [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
12:38:53.0031 0x04a4  Messenger - ok
12:38:53.0093 0x04a4  [ C97CBFD71C1C215150A3B3E55F77A7A3 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
12:38:53.0343 0x04a4  mfeavfk - ok
12:38:53.0406 0x04a4  [ 5447338B83A1A2354FB2FEA7604387FD ] mfebopk         C:\WINDOWS\system32\drivers\mfebopk.sys
12:38:53.0781 0x04a4  mfebopk - ok
12:38:54.0250 0x04a4  [ 6C9A6ED60B8FC3BAF72FE1B1D096445B ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
12:38:54.0500 0x04a4  mfehidk - ok
12:38:54.0578 0x04a4  [ A551154B51D6A93FCCF70FC4E8EAF4BD ] mferkdk         C:\WINDOWS\system32\drivers\mferkdk.sys
12:38:54.0843 0x04a4  mferkdk - ok
12:38:54.0984 0x04a4  [ 299A86B780C9627AAA24E74292363ED2 ] mfesmfk         C:\WINDOWS\system32\drivers\mfesmfk.sys
12:38:55.0234 0x04a4  mfesmfk - ok
12:38:55.0343 0x04a4  [ B7521F69C0A9B29D356157229376FB21 ] MHN             C:\WINDOWS\System32\mhn.dll
12:38:55.0546 0x04a4  MHN - ok
12:38:55.0593 0x04a4  [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV          C:\WINDOWS\system32\DRIVERS\mhndrv.sys
12:38:55.0765 0x04a4  MHNDRV - ok
12:38:55.0859 0x04a4  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
12:38:55.0984 0x04a4  mnmdd - ok
12:38:56.0093 0x04a4  [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
12:38:56.0328 0x04a4  mnmsrvc - ok
12:38:56.0359 0x04a4  [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
12:38:56.0703 0x04a4  Modem - ok
12:38:56.0734 0x04a4  [ 34E1F0031153E491910E12551400192C ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:38:56.0921 0x04a4  Mouclass - ok
12:38:57.0000 0x04a4  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:38:57.0156 0x04a4  mouhid - ok
12:38:57.0265 0x04a4  [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
12:38:57.0421 0x04a4  MountMgr - ok
12:38:57.0578 0x04a4  [ E454F42AE5524D695D76EAB5D363B8AC ] MPFP            C:\WINDOWS\system32\Drivers\Mpfp.sys
12:38:57.0875 0x04a4  MPFP - ok
12:38:58.0062 0x04a4  [ 346F30F1FF73553AA466F4AE7948DA00 ] MpfService      C:\Program Files\McAfee\MPF\MPFSrv.exe
12:38:58.0156 0x04a4  MpfService - ok
12:38:58.0187 0x04a4  [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:38:58.0359 0x04a4  mraid35x - ok
12:38:58.0406 0x04a4  [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:38:58.0703 0x04a4  MRxDAV - ok
12:38:59.0078 0x04a4  [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:38:59.0453 0x04a4  MRxSmb - ok
12:38:59.0562 0x04a4  [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
12:38:59.0765 0x04a4  MSDTC - ok
12:38:59.0875 0x04a4  [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
12:39:00.0062 0x04a4  Msfs - ok
12:39:00.0078 0x04a4  MSIServer - ok
12:39:00.0203 0x04a4  [ A05DE3535884270B8D292DCBDD6DED20 ] MSK80Service    C:\Program Files\McAfee\MSK\MskSrver.exe
12:39:00.0296 0x04a4  MSK80Service - ok
12:39:00.0359 0x04a4  [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:39:00.0593 0x04a4  MSKSSRV - ok
12:39:00.0640 0x04a4  [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:39:00.0796 0x04a4  MSPCLOCK - ok
12:39:00.0812 0x04a4  [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
12:39:00.0953 0x04a4  MSPQM - ok
12:39:00.0984 0x04a4  [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:39:01.0156 0x04a4  mssmbios - ok
12:39:01.0187 0x04a4  [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
12:39:01.0343 0x04a4  Mup - ok
12:39:01.0453 0x04a4  [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
12:39:01.0640 0x04a4  NDIS - ok
12:39:01.0703 0x04a4  [ 1A18F436E4855572260580F4D42C69E8 ] NDISRD          C:\WINDOWS\system32\drivers\NDISRD.sys
12:39:01.0921 0x04a4  NDISRD - ok
12:39:02.0000 0x04a4  [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:39:02.0125 0x04a4  NdisTapi - ok
12:39:02.0203 0x04a4  [ EEFA1CE63805D2145978621BE5C6D955 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:39:02.0359 0x04a4  Ndisuio - ok
12:39:02.0421 0x04a4  [ 0B90E255A9490166AB368CD55A529893 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:39:02.0562 0x04a4  NdisWan - ok
12:39:02.0593 0x04a4  [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
12:39:02.0968 0x04a4  NDProxy - ok
12:39:03.0015 0x04a4  [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
12:39:03.0140 0x04a4  NetBIOS - ok
12:39:03.0187 0x04a4  [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:39:03.0359 0x04a4  NetBT - ok
12:39:03.0500 0x04a4  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE          C:\WINDOWS\system32\netdde.exe
12:39:04.0109 0x04a4  NetDDE - ok
12:39:04.0140 0x04a4  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
12:39:04.0140 0x04a4  NetDDEdsdm - ok
12:39:04.0203 0x04a4  [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon        C:\WINDOWS\system32\lsass.exe
12:39:04.0203 0x04a4  Netlogon - ok
12:39:04.0281 0x04a4  [ 36739B39267914BA69AD0610A0299732 ] Netman          C:\WINDOWS\System32\netman.dll
12:39:04.0296 0x04a4  Netman - ok
12:39:04.0406 0x04a4  [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:39:04.0578 0x04a4  NIC1394 - ok
12:39:04.0703 0x04a4  [ 23EEB337BF684589D261F2359E19C72C ] NICCONFIGSVC    C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
12:39:04.0843 0x04a4  NICCONFIGSVC - ok
12:39:04.0937 0x04a4  [ 097722F235A1FB698BF9234E01B52637 ] Nla             C:\WINDOWS\System32\mswsock.dll
12:39:04.0937 0x04a4  Nla - ok
12:39:04.0984 0x04a4  [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
12:39:05.0125 0x04a4  Npfs - ok
12:39:05.0187 0x04a4  [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
12:39:05.0546 0x04a4  Ntfs - ok
12:39:05.0593 0x04a4  [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
12:39:05.0593 0x04a4  NtLmSsp - ok
12:39:05.0687 0x04a4  [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
12:39:05.0687 0x04a4  NtmsSvc - ok
12:39:05.0734 0x04a4  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
12:39:05.0937 0x04a4  Null - ok
12:39:06.0265 0x04a4  [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:39:07.0078 0x04a4  nv - ok
12:39:07.0140 0x04a4  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:39:07.0296 0x04a4  NwlnkFlt - ok
12:39:07.0312 0x04a4  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:39:07.0453 0x04a4  NwlnkFwd - ok
12:39:07.0500 0x04a4  [ 0951DB8E5823EA366B0E408D71E1BA2A ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:39:07.0609 0x04a4  ohci1394 - ok
12:39:07.0812 0x04a4  [ B17228142CEC9B3C222239FD935A37CA ] omci            C:\WINDOWS\system32\DRIVERS\omci.sys
12:39:08.0078 0x04a4  omci - ok
12:39:08.0156 0x04a4  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:39:08.0390 0x04a4  ose - ok
12:39:08.0437 0x04a4  [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
12:39:08.0671 0x04a4  Parport - ok
12:39:08.0703 0x04a4  [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
12:39:08.0843 0x04a4  PartMgr - ok
12:39:08.0875 0x04a4  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
12:39:08.0937 0x04a4  ParVdm - ok
12:39:08.0984 0x04a4  [ 8086D9979234B603AD5BC2F5D890B234 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
12:39:09.0312 0x04a4  PCI - ok
12:39:09.0328 0x04a4  PCIDump - ok
12:39:09.0343 0x04a4  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
12:39:09.0578 0x04a4  PCIIde - ok
12:39:09.0656 0x04a4  [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
12:39:09.0843 0x04a4  Pcmcia - ok
12:39:09.0859 0x04a4  PDCOMP - ok
12:39:09.0906 0x04a4  PDFRAME - ok
12:39:09.0921 0x04a4  PDRELI - ok
12:39:09.0937 0x04a4  PDRFRAME - ok
12:39:10.0015 0x04a4  [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
12:39:10.0250 0x04a4  perc2 - ok
12:39:10.0328 0x04a4  [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:39:10.0484 0x04a4  perc2hib - ok
12:39:10.0625 0x04a4  [ ED2E7F396B4098608C95BC3806BDF6FC ] pfc             C:\WINDOWS\system32\drivers\pfc.sys
12:39:10.0796 0x04a4  pfc - ok
12:39:10.0828 0x04a4  [ 4712531AB7A01B7EE059853CA17D39BD ] PlugPlay        C:\WINDOWS\system32\services.exe
12:39:10.0843 0x04a4  PlugPlay - ok
12:39:10.0968 0x04a4  [ FB03F341FF5380394BF2EE52F1979925 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
12:39:11.0406 0x04a4  Pml Driver HPZ12 - ok
12:39:11.0453 0x04a4  [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
12:39:11.0453 0x04a4  PolicyAgent - ok
12:39:11.0468 0x04a4  [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:39:11.0625 0x04a4  PptpMiniport - ok
12:39:11.0640 0x04a4  [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:39:11.0640 0x04a4  ProtectedStorage - ok
12:39:11.0656 0x04a4  [ 48671F327553DCF1D27F6197F622A668 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
12:39:11.0750 0x04a4  PSched - ok
12:39:11.0781 0x04a4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:39:12.0000 0x04a4  Ptilink - ok
12:39:12.0046 0x04a4  [ 86724469CD077901706854974CD13C3E ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:39:12.0187 0x04a4  PxHelp20 - ok
12:39:12.0250 0x04a4  [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:39:12.0531 0x04a4  ql1080 - ok
12:39:12.0578 0x04a4  [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:39:12.0671 0x04a4  Ql10wnt - ok
12:39:12.0718 0x04a4  [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:39:13.0125 0x04a4  ql12160 - ok
12:39:13.0171 0x04a4  [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:39:13.0609 0x04a4  ql1240 - ok
12:39:13.0812 0x04a4  [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:39:14.0156 0x04a4  ql1280 - ok
12:39:14.0234 0x04a4  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:39:14.0406 0x04a4  RasAcd - ok
12:39:14.0531 0x04a4  [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto         C:\WINDOWS\System32\rasauto.dll
12:39:14.0718 0x04a4  RasAuto - ok
12:39:14.0796 0x04a4  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:39:14.0937 0x04a4  Rasl2tp - ok
12:39:15.0078 0x04a4  [ D4BD2EEAB07FEF323F0A0CEECC954F51 ] RasMan          C:\WINDOWS\System32\rasmans.dll
12:39:15.0093 0x04a4  RasMan - ok
12:39:15.0125 0x04a4  [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:39:15.0281 0x04a4  RasPppoe - ok
12:39:15.0312 0x04a4  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
12:39:15.0406 0x04a4  Raspti - ok
12:39:15.0500 0x04a4  [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:39:15.0640 0x04a4  Rdbss - ok
12:39:15.0671 0x04a4  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:39:15.0812 0x04a4  RDPCDD - ok
12:39:15.0875 0x04a4  [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:39:16.0031 0x04a4  rdpdr - ok
12:39:16.0125 0x04a4  [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
12:39:16.0296 0x04a4  RDPWD - ok
12:39:16.0375 0x04a4  [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
12:39:16.0531 0x04a4  RDSessMgr - ok
12:39:16.0562 0x04a4  [ B31B4588E4086D8D84ADBF9845C2402B ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
12:39:16.0765 0x04a4  redbook - ok
12:39:16.0968 0x04a4  [ 15BA3BCEEB32C4279B27F5C3389E4847 ] RegSrvc         C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
12:39:17.0078 0x04a4  RegSrvc - ok
12:39:17.0187 0x04a4  [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
12:39:17.0312 0x04a4  RemoteAccess - ok
12:39:17.0343 0x04a4  [ 3151427DB7D87107D1C5BE58FAC53960 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
12:39:17.0343 0x04a4  RemoteRegistry - ok
12:39:17.0406 0x04a4  [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator      C:\WINDOWS\system32\locator.exe
12:39:17.0796 0x04a4  RpcLocator - ok
12:39:17.0843 0x04a4  [ 24B5D53B9ACCC1E2EDCF0A878D6659D4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
12:39:17.0843 0x04a4  RpcSs - ok
12:39:18.0078 0x04a4  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
12:39:18.0328 0x04a4  RSVP - ok
12:39:18.0375 0x04a4  [ 79A647519CA3E700E9738153F788FB7D ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
12:39:18.0703 0x04a4  S24EventMonitor - ok
12:39:18.0750 0x04a4  [ 81AA6F0D6A2BE1C550F814B036215888 ] s24trans        C:\WINDOWS\system32\DRIVERS\s24trans.sys
12:39:18.0968 0x04a4  s24trans - ok
12:39:19.0000 0x04a4  [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs           C:\WINDOWS\system32\lsass.exe
12:39:19.0000 0x04a4  SamSs - ok
12:39:19.0078 0x04a4  [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
12:39:19.0187 0x04a4  SCardSvr - ok
12:39:19.0281 0x04a4  [ 92360854316611F6CC471612213C3D92 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
12:39:19.0281 0x04a4  Schedule - ok
12:39:19.0375 0x04a4  [ 02FC71B020EC8700EE8A46C58BC6F276 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
12:39:19.0500 0x04a4  sdbus - ok
12:39:19.0562 0x04a4  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:39:19.0687 0x04a4  Secdrv - ok
12:39:19.0718 0x04a4  [ B1E0CE09895376871746F36DC5773B4F ] seclogon        C:\WINDOWS\System32\seclogon.dll
12:39:19.0734 0x04a4  seclogon - ok
12:39:19.0765 0x04a4  [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS            C:\WINDOWS\system32\sens.dll
12:39:19.0765 0x04a4  SENS - ok
12:39:19.0812 0x04a4  [ A2D868AEEFF612E70E213C451A70CAFB ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
12:39:19.0984 0x04a4  serenum - ok
12:39:20.0031 0x04a4  [ CD9404D115A00D249F70A371B46D5A26 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
12:39:20.0265 0x04a4  Serial - ok
12:39:20.0343 0x04a4  [ 1D9F1BEC651815741F088A8FB88E17EE ] sffdisk         C:\WINDOWS\system32\DRIVERS\sffdisk.sys
12:39:20.0500 0x04a4  sffdisk - ok
12:39:20.0593 0x04a4  [ 586499FD312FFD7F78553F408E71682E ] sffp_sd         C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
12:39:20.0687 0x04a4  sffp_sd - ok
12:39:20.0734 0x04a4  [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
12:39:20.0859 0x04a4  Sfloppy - ok
12:39:21.0000 0x04a4  [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
12:39:21.0218 0x04a4  SharedAccess - ok
12:39:21.0296 0x04a4  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:39:21.0296 0x04a4  ShellHWDetection - ok
12:39:21.0312 0x04a4  Simbad - ok
12:39:21.0343 0x04a4  [ 732D859B286DA692119F286B21A2A114 ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:39:21.0468 0x04a4  sisagp - ok
12:39:21.0515 0x04a4  [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:39:21.0640 0x04a4  Sparrow - ok
12:39:21.0656 0x04a4  [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
12:39:21.0828 0x04a4  splitter - ok
12:39:21.0890 0x04a4  [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
12:39:21.0890 0x04a4  Spooler - ok
12:39:21.0984 0x04a4  sprtsvc_dellsupportcenter - ok
12:39:22.0015 0x04a4  [ E41B6D037D6CD08461470AF04500DC24 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
12:39:22.0234 0x04a4  sr - ok
12:39:22.0328 0x04a4  [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice       C:\WINDOWS\system32\srsvc.dll
12:39:22.0328 0x04a4  srservice - ok
12:39:22.0437 0x04a4  [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
12:39:22.0578 0x04a4  Srv - ok
12:39:22.0609 0x04a4  [ D7968049BE0ADBB6A57CEE3960320911 ] sscdbhk5        C:\WINDOWS\system32\drivers\sscdbhk5.sys
12:39:22.0734 0x04a4  sscdbhk5 - ok
12:39:22.0765 0x04a4  [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
12:39:22.0765 0x04a4  SSDPSRV - ok
12:39:22.0781 0x04a4  [ C3FFD65ABFB6441E7606CF74F1155273 ] ssrtln          C:\WINDOWS\system32\drivers\ssrtln.sys
12:39:22.0968 0x04a4  ssrtln - ok
12:39:23.0062 0x04a4  [ 305CC42945A713347F978D78566113F3 ] STAC97          C:\WINDOWS\system32\drivers\STAC97.sys
12:39:23.0609 0x04a4  STAC97 - ok
12:39:24.0031 0x04a4  [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
12:39:24.0031 0x04a4  stisvc - ok
12:39:24.0078 0x04a4  [ 03C1BAE4766E2450219D20B993D6E046 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
12:39:24.0312 0x04a4  swenum - ok
12:39:24.0375 0x04a4  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
12:39:24.0546 0x04a4  swmidi - ok
12:39:24.0562 0x04a4  SwPrv - ok
12:39:24.0609 0x04a4  [ 1FF3217614018630D0A6758630FC698C ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
12:39:24.0781 0x04a4  symc810 - ok
12:39:24.0843 0x04a4  [ 070E001D95CF725186EF8B20335F933C ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:39:25.0000 0x04a4  symc8xx - ok
12:39:25.0046 0x04a4  [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:39:25.0187 0x04a4  sym_hi - ok
12:39:25.0234 0x04a4  [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:39:25.0375 0x04a4  sym_u3 - ok
12:39:25.0421 0x04a4  [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
12:39:25.0500 0x04a4  sysaudio - ok
12:39:25.0578 0x04a4  [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
12:39:25.0750 0x04a4  SysmonLog - ok
12:39:25.0875 0x04a4  [ FB78839B36025AA286A51289ED28B73E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
12:39:25.0890 0x04a4  TapiSrv - ok
12:39:25.0968 0x04a4  [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:39:26.0109 0x04a4  Tcpip - ok
12:39:26.0156 0x04a4  [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
12:39:26.0406 0x04a4  TDPIPE - ok
12:39:26.0500 0x04a4  [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
12:39:26.0625 0x04a4  TDTCP - ok
12:39:26.0687 0x04a4  [ A540A99C281D933F3D69D55E48727F47 ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
12:39:26.0765 0x04a4  TermDD - ok
12:39:26.0875 0x04a4  [ C29A5286E64D97385178452D5F307B98 ] TermService     C:\WINDOWS\System32\termsrv.dll
12:39:26.0875 0x04a4  TermService - ok
12:39:26.0953 0x04a4  [ 30698355067D07DA5F9EB81132C9FDD6 ] tfsnboio        C:\WINDOWS\system32\dla\tfsnboio.sys
12:39:27.0109 0x04a4  tfsnboio - ok
12:39:27.0156 0x04a4  [ FB9D825BB4A2ABDF24600F7505050E2B ] tfsncofs        C:\WINDOWS\system32\dla\tfsncofs.sys
12:39:27.0359 0x04a4  tfsncofs - ok
12:39:27.0421 0x04a4  [ CAFD8CCA11AA1E8B6D2EA1BA8F70EC33 ] tfsndrct        C:\WINDOWS\system32\dla\tfsndrct.sys
12:39:27.0546 0x04a4  tfsndrct - ok
12:39:27.0593 0x04a4  [ 8DB1E78FBF7C426D8EC3D8F1A33D6485 ] tfsndres        C:\WINDOWS\system32\dla\tfsndres.sys
12:39:27.0796 0x04a4  tfsndres - ok
12:39:27.0859 0x04a4  [ B92F67A71CC8176F331B8AA8D9F555AD ] tfsnifs         C:\WINDOWS\system32\dla\tfsnifs.sys
12:39:28.0015 0x04a4  tfsnifs - ok
12:39:28.0046 0x04a4  [ 85985FAA9A71E2358FCC2EDEFC2A3C5C ] tfsnopio        C:\WINDOWS\system32\dla\tfsnopio.sys
12:39:28.0250 0x04a4  tfsnopio - ok
12:39:28.0281 0x04a4  [ BBA22094F0F7C210567EFDAF11F64495 ] tfsnpool        C:\WINDOWS\system32\dla\tfsnpool.sys
12:39:28.0500 0x04a4  tfsnpool - ok
12:39:28.0531 0x04a4  [ 81340BEF80B9811E98CE64611E67E3FF ] tfsnudf         C:\WINDOWS\system32\dla\tfsnudf.sys
12:39:28.0765 0x04a4  tfsnudf - ok
12:39:28.0796 0x04a4  [ C035FD116224CCC8325F384776B6A8BB ] tfsnudfa        C:\WINDOWS\system32\dla\tfsnudfa.sys
12:39:29.0000 0x04a4  tfsnudfa - ok
12:39:29.0046 0x04a4  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] Themes          C:\WINDOWS\System32\shsvcs.dll
12:39:29.0062 0x04a4  Themes - ok
12:39:29.0140 0x04a4  [ A1124EBC672AA3AE1B327096C1DCC346 ] TIEHDUSB        C:\WINDOWS\system32\drivers\tiehdusb.sys
12:39:29.0359 0x04a4  TIEHDUSB - ok
12:39:29.0390 0x04a4  [ 37DB0A7D097310E8B4DE803FC3119C78 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
12:39:29.0546 0x04a4  TlntSvr - ok
12:39:29.0593 0x04a4  [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
12:39:29.0703 0x04a4  TosIde - ok
12:39:29.0750 0x04a4  [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
12:39:29.0765 0x04a4  TrkWks - ok
12:39:29.0890 0x04a4  [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
12:39:30.0046 0x04a4  Udfs - ok
12:39:30.0109 0x04a4  [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
12:39:30.0250 0x04a4  ultra - ok
12:39:30.0312 0x04a4  [ CED744117E91BDC0BEB810F7D8608183 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
12:39:30.0484 0x04a4  Update - ok
12:39:30.0546 0x04a4  [ ACA5D98663D879C6BAAFCEA7E2F1B710 ] upnphost        C:\WINDOWS\System32\upnphost.dll
12:39:30.0546 0x04a4  upnphost - ok
12:39:30.0609 0x04a4  [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS             C:\WINDOWS\System32\ups.exe
12:39:30.0703 0x04a4  UPS - ok
12:39:30.0781 0x04a4  [ DF38374E12E73C25B37B6F8A9B8622EF ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
12:39:31.0125 0x04a4  USBAAPL - ok
12:39:31.0187 0x04a4  [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:39:31.0359 0x04a4  usbccgp - ok
12:39:31.0406 0x04a4  [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:39:31.0515 0x04a4  usbehci - ok
12:39:31.0718 0x04a4  [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:39:31.0953 0x04a4  usbhub - ok
12:39:32.0156 0x04a4  [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:39:32.0343 0x04a4  usbprint - ok
12:39:32.0390 0x04a4  [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:39:32.0562 0x04a4  usbscan - ok
12:39:32.0625 0x04a4  [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:39:32.0781 0x04a4  USBSTOR - ok
12:39:32.0812 0x04a4  [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:39:32.0937 0x04a4  usbuhci - ok
12:39:33.0000 0x04a4  [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
12:39:33.0093 0x04a4  VgaSave - ok
12:39:33.0156 0x04a4  [ D92E7C8A30CFD14D8E15B5F7F032151B ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:39:33.0359 0x04a4  viaagp - ok
12:39:33.0828 0x04a4  [ 59CB1338AD3654417BEA49636457F65D ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
12:39:33.0968 0x04a4  ViaIde - ok
12:39:34.0078 0x04a4  [ D622530829E35D75526A814375EEBCFD ] Viewpoint Manager Service C:\Program Files\Viewpoint\Common\ViewpointService.exe
12:39:34.0140 0x04a4  Viewpoint Manager Service - ok
12:39:34.0171 0x04a4  [ E33EDBB864A22F7474D2B297E44EE0B6 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
12:39:34.0375 0x04a4  VolSnap ( Rootkit.Win32.TDSS.tdl3 ) - infected
12:39:34.0375 0x04a4  VolSnap - detected Rootkit.Win32.TDSS.tdl3 (0)
12:39:34.0593 0x04a4  [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS             C:\WINDOWS\System32\vssvc.exe
12:39:34.0906 0x04a4  VSS - ok
12:39:35.0156 0x04a4  [ F0F902220910C4FBE42A51964BD33599 ] w29n51          C:\WINDOWS\system32\DRIVERS\w29n51.sys
12:39:35.0906 0x04a4  w29n51 - ok
12:39:36.0000 0x04a4  [ 2B281958F5D0CF99ED626E3EF39D5C8D ] w32time         C:\WINDOWS\system32\w32time.dll
12:39:36.0015 0x04a4  w32time - ok
12:39:36.0250 0x04a4  [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:39:36.0390 0x04a4  Wanarp - ok
12:39:36.0406 0x04a4  wanatw - ok
12:39:36.0468 0x04a4  WDICA - ok
12:39:36.0562 0x04a4  [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
12:39:36.0750 0x04a4  wdmaud - ok
12:39:36.0781 0x04a4  [ 265F534EF76832435AFBF771EC97176D ] WebClient       C:\WINDOWS\System32\webclnt.dll
12:39:36.0812 0x04a4  WebClient - ok
12:39:36.0875 0x04a4  [ 2DC7C0B6175A0A8ED84A4F70199C93B5 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
12:39:37.0312 0x04a4  winachsf - ok
12:39:37.0437 0x04a4  [ F399242A80C4066FD155EFA4CF96658E ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
12:39:37.0546 0x04a4  winmgmt - ok
12:39:37.0843 0x04a4  [ 43ED73F10DE96E0A23244BD9CF04F5C2 ] WLANKEEPER      C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
12:39:38.0406 0x04a4  WLANKEEPER - ok
12:39:38.0484 0x04a4  [ 94A85E956A065E23E0010A6A7826243B ] WLSetupSvc      C:\Program Files\Windows Live\installer\WLSetupSvc.exe
12:39:38.0906 0x04a4  WLSetupSvc - ok
12:39:38.0984 0x04a4  [ 482069CDA24AA0E94B1351E30EB3D01F ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
12:39:39.0000 0x04a4  WmdmPmSN - ok
12:39:39.0062 0x04a4  [ E8E57B0F9EB03D1AABEC28D550C75116 ] Wmi             C:\WINDOWS\System32\advapi32.dll
12:39:39.0093 0x04a4  Wmi - ok
12:39:39.0171 0x04a4  [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:39:39.0406 0x04a4  WmiApSrv - ok
12:39:39.0546 0x04a4  [ 385D6044B793E18D8B502423370507B2 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
12:39:40.0031 0x04a4  WMPNetworkSvc - ok
12:39:40.0093 0x04a4  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:39:40.0156 0x04a4  WS2IFSL - ok
12:39:40.0343 0x04a4  [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
12:39:40.0359 0x04a4  wscsvc - ok
12:39:40.0421 0x04a4  [ 1903FFCF876720D9BC3432F0C64559E9 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:39:40.0828 0x04a4  WudfPf - ok
12:39:40.0875 0x04a4  [ 7FDA30836FA3A5E52D16A09C686F9C2B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:39:41.0140 0x04a4  WudfRd - ok
12:39:41.0218 0x04a4  [ 9F4C2B077A58C0F3F00EE40A193A6437 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
12:39:41.0656 0x04a4  WudfSvc - ok
12:39:41.0859 0x04a4  [ 247520EDED53A08AE89EA4FAE04F54D8 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
12:39:41.0890 0x04a4  WZCSVC - ok
12:39:41.0937 0x04a4  [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
12:39:41.0937 0x04a4  xmlprov - ok
12:39:41.0984 0x04a4  ================ Scan global ===============================
12:39:42.0031 0x04a4  [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
12:39:42.0218 0x04a4  [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
12:39:42.0250 0x04a4  [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
12:39:42.0296 0x04a4  [ 4712531AB7A01B7EE059853CA17D39BD ] C:\WINDOWS\system32\services.exe
12:39:42.0296 0x04a4  [Global] - ok
12:39:42.0296 0x04a4  ================ Scan MBR ==================================
12:39:42.0312 0x04a4  [ 0AEB3CC19DB8C859F2C9D90A01AA3F09 ] \Device\Harddisk0\DR0
12:39:42.0312 0x04a4  Suspicious mbr (Forged): \Device\Harddisk0\DR0
12:39:42.0359 0x04a4  \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected
12:39:42.0359 0x04a4  \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
12:39:42.0375 0x04a4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR6
12:39:46.0625 0x04a4  \Device\Harddisk1\DR6 - ok
12:39:46.0625 0x04a4  ================ Scan VBR ==================================
12:39:46.0656 0x04a4  [ A1982AE0FF83C860F0F6FB6BA77288D3 ] \Device\Harddisk0\DR0\Partition1
12:39:46.0656 0x04a4  \Device\Harddisk0\DR0\Partition1 - ok
12:39:46.0671 0x04a4  [ 4E123940FA1F36556F4649C96B47EE34 ] \Device\Harddisk1\DR6\Partition1
12:39:46.0671 0x04a4  \Device\Harddisk1\DR6\Partition1 - ok
12:39:46.0671 0x04a4  ============================================================
12:39:46.0671 0x04a4  Scan finished
12:39:46.0671 0x04a4  ============================================================
12:39:46.0718 0x0578  Detected object count: 2
12:39:46.0718 0x0578  Actual detected object count: 2
12:40:01.0437 0x0578  C:\WINDOWS\system32\drivers\VolSnap.sys - copied to quarantine
12:40:02.0515 0x0578  \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
12:40:02.0593 0x0578  \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
12:40:02.0625 0x0578  \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
12:40:02.0750 0x0578  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
12:40:03.0968 0x0578  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
12:40:04.0031 0x0578  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
12:40:04.0171 0x0578  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
12:40:04.0203 0x0578  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
12:40:04.0281 0x0578  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
12:40:04.0343 0x0578  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
12:40:04.0781 0x0578  \Device\Harddisk0\DR0\TDLFS\dkmks.tmp - copied to quarantine
12:40:04.0921 0x0578  Backup copy not found, trying to cure infected file..
12:40:04.0921 0x0578  Cure success, using it..
12:40:06.0062 0x0578  C:\WINDOWS\system32\drivers\VolSnap.sys - will be cured on reboot
12:40:06.0062 0x0578  VolSnap ( Rootkit.Win32.TDSS.tdl3 ) - User select action: Cure 
12:40:09.0140 0x0578  \Device\Harddisk0\DR0\# - copied to quarantine
12:40:09.0250 0x0578  \Device\Harddisk0\DR0 - copied to quarantine
12:40:09.0312 0x0578  \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
12:40:09.0312 0x0578  \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
12:40:09.0328 0x0578  \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
12:40:09.0390 0x0578  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
12:40:09.0515 0x0578  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
12:40:09.0531 0x0578  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
12:40:09.0609 0x0578  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
12:40:09.0656 0x0578  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
12:40:09.0671 0x0578  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
12:40:09.0718 0x0578  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
12:40:09.0781 0x0578  \Device\Harddisk0\DR0\TDLFS\dkmks.tmp - copied to quarantine
12:40:09.0828 0x0578  \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - will be cured on reboot
12:40:10.0218 0x0578  \Device\Harddisk0\DR0 - ok
12:40:10.0218 0x0578  \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Cure 
12:42:22.0718 0x0d3c  Deinitialize success
 
TDSS after reboot:
12:45:00.0375 0x02c0  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
12:45:02.0109 0x02c0  ============================================================
12:45:02.0109 0x02c0  Current date / time: 2013/09/18 12:45:02.0109
12:45:02.0109 0x02c0  SystemInfo:
12:45:02.0109 0x02c0  
12:45:02.0109 0x02c0  OS Version: 5.1.2600 ServicePack: 2.0
12:45:02.0109 0x02c0  Product type: Workstation
12:45:02.0109 0x02c0  ComputerName: MANDA
12:45:02.0203 0x02c0  UserName: Amanda
12:45:02.0203 0x02c0  Windows directory: C:\WINDOWS
12:45:02.0203 0x02c0  System windows directory: C:\WINDOWS
12:45:02.0203 0x02c0  Processor architecture: Intel x86
12:45:02.0203 0x02c0  Number of processors: 1
12:45:02.0203 0x02c0  Page size: 0x1000
12:45:02.0203 0x02c0  Boot type: Normal boot
12:45:02.0203 0x02c0  ============================================================
12:45:02.0203 0x02c0  BG loaded
12:45:05.0531 0x02c0  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:45:05.0765 0x02c0  Drive \Device\Harddisk1\DR4 - Size: 0xF1800000 (3.77 Gb), SectorSize: 0x200, Cylinders: 0x1EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:45:05.0765 0x02c0  ============================================================
12:45:05.0765 0x02c0  \Device\Harddisk0\DR0:
12:45:05.0828 0x02c0  MBR partitions:
12:45:05.0828 0x02c0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F608, BlocksNum 0x8BA61DB
12:45:05.0828 0x02c0  \Device\Harddisk1\DR4:
12:45:05.0828 0x02c0  MBR partitions:
12:45:05.0828 0x02c0  \Device\Harddisk1\DR4\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x78BFC1
12:45:05.0828 0x02c0  ============================================================
12:45:09.0687 0x02c0  C: <-> \Device\Harddisk0\DR0\Partition1
12:45:09.0687 0x02c0  ============================================================
12:45:09.0687 0x02c0  Initialize success
12:45:09.0687 0x02c0  ============================================================
 
Adwarecleaner:
# AdwCleaner v3.004 - Report created 18/09/2013 at 13:18:08
# Updated 15/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : Amanda - MANDA
# Running from : C:\Documents and Settings\Amanda\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : Application Updater
[#] Service Deleted : Viewpoint Manager Service
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\All Users\Application Data\iWin
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\Trymedia
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Program Files\Common Files\Viewpoint
Folder Deleted : C:\Documents and Settings\LocalService\Local Settings\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Amanda\Local Settings\Application Data\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\Amanda\Local Settings\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Amanda\Application Data\iWin
Folder Deleted : C:\Documents and Settings\Amanda\Application Data\Search Settings
Folder Deleted : C:\Documents and Settings\Amanda\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Amanda\Application Data\Mozilla\Firefox\Profiles\8ded28m7.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File Deleted : C:\Program Files\Mozilla Firefox\Extensions\wtxpcom@mybrowserbar.com
File Deleted : C:\Documents and Settings\Amanda\Application Data\Mozilla\Firefox\Profiles\8ded28m7.default\.autoreg
File Deleted : C:\Program Files\Mozilla Firefox\.autoreg
File Deleted : C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\7kngrgw5.default\user.js
File Deleted : C:\Documents and Settings\Amanda\Application Data\Mozilla\Firefox\Profiles\8ded28m7.default\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\VWPT
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\iMesh
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0E2C3126-DDED-4A58-800E-9AEDE84EA31E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7327C09-B521-4EDB-8509-7D2660C9EC98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E060D9D9-E979-4C2F-A840-BE5150F84AC5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7327C09-B521-4EDB-8509-7D2660C9EC98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7327C09-B521-4EDB-8509-7D2660C9EC98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8AD5AA5-D966-4667-9DAF-2561D68B2012}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F8AD5AA5-D966-4667-9DAF-2561D68B2012}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\Viewpoint
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Viewpoint Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Viewpoint Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v7.0.6000.17055
 
 
-\\ Mozilla Firefox v3.6.16 (en-US)
 
[ File : C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\7kngrgw5.default\prefs.js ]
 
 
[ File : C:\Documents and Settings\Amanda\Application Data\Mozilla\Firefox\Profiles\8ded28m7.default\prefs.js ]
 
Line Deleted : user_pref("aol_toolbar.buttons.layout", "web_mail_btn;aim_send_IM_btn;aim_this_page_btn;aim_go_away_default_btn;aim_share_feed_btn;video_btn;music_btn;mq_dir_btn;games_btn;tmz_btn;aol_bg_5r;");
Line Deleted : user_pref("aol_toolbar.firsttime.showwindow", false);
Line Deleted : user_pref("aol_toolbar.install.lastTbVersion", "5.5.10.1");
Line Deleted : user_pref("aol_toolbar.metrics.activestampdate", "22");
Line Deleted : user_pref("aol_toolbar.metrics.activestampmonth", "3");
Line Deleted : user_pref("aol_toolbar.metrics.activestampyear", "2011");
Line Deleted : user_pref("aol_toolbar.metrics.originalDate", "22");
Line Deleted : user_pref("aol_toolbar.metrics.originalHours", "22");
Line Deleted : user_pref("aol_toolbar.metrics.originalMinutes", "4");
Line Deleted : user_pref("aol_toolbar.metrics.originalMonth", "6");
Line Deleted : user_pref("aol_toolbar.metrics.originalSeconds", "37");
Line Deleted : user_pref("aol_toolbar.metrics.originalYear", "2008");
Line Deleted : user_pref("aol_toolbar.search.populateoncomplete", false);
Line Deleted : user_pref("aol_toolbar.search.searchtype", "web");
Line Deleted : user_pref("aol_toolbar.searchHook.keepSearchSettings", false);
Line Deleted : user_pref("aol_toolbar.strbundle.msg", "AOL Toolbar");
Line Deleted : user_pref("aol_toolbar.surf.date", "160");
Line Deleted : user_pref("aol_toolbar.surf.lastDate", "22");
Line Deleted : user_pref("aol_toolbar.surf.lastMonth", "3");
Line Deleted : user_pref("aol_toolbar.surf.lastYear", "2011");
Line Deleted : user_pref("aol_toolbar.surf.mURL", "");
Line Deleted : user_pref("aol_toolbar.surf.mURLh", "0");
Line Deleted : user_pref("aol_toolbar.surf.mURLw", "0");
Line Deleted : user_pref("aol_toolbar.surf.mURLx", "0");
Line Deleted : user_pref("aol_toolbar.surf.mURLy", "0");
Line Deleted : user_pref("aol_toolbar.surf.milestone", "-1");
Line Deleted : user_pref("aol_toolbar.surf.month", "791");
Line Deleted : user_pref("aol_toolbar.surf.prevMonth", "2262");
Line Deleted : user_pref("aol_toolbar.surf.show", true);
Line Deleted : user_pref("aol_toolbar.surf.total", "18575");
Line Deleted : user_pref("aol_toolbar.surf.week", "160");
Line Deleted : user_pref("aol_toolbar.surf.year", "3052");
Line Deleted : user_pref("aol_toolbar.upgrade.showwindow", false);
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.aol.com/aolcom/search?invocationType=tbff50ie7&query=");
 
*************************
 
AdwCleaner[R0].txt - [10816 octets] - [18/09/2013 13:15:40]
AdwCleaner[S0].txt - [11020 octets] - [18/09/2013 13:18:08]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11081 octets] ##########
 

 

 



#6 cds568

cds568
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:08:57 AM

Posted 19 September 2013 - 10:16 PM

Ther are no visible files in C:  at all except for the Adware just installed and TDSSkiller logs.

So I cannot run MBAM or Chameleon from C:.



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:57 AM

Posted 20 September 2013 - 10:51 AM

OK< lets run this than..

ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 cds568

cds568
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:08:57 AM

Posted 20 September 2013 - 01:46 PM

That PC isn't currently online.  I have been transferring files via USB drive.  It doesn't see any wireless networks at all.



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:57 AM

Posted 20 September 2013 - 09:04 PM

For the connection try these...

Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.
Now check if the internet is working again.

OR

Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.

Reboot your system to complete the process.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 cds568

cds568
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:08:57 AM

Posted 20 September 2013 - 09:46 PM

I tried both and I tried adding the new network we have and neither helped.  It still says there are no wireless networks in range.



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:57 AM

Posted 20 September 2013 - 09:52 PM

Try uninstalling the Network adapter and re-booting the computer.  When it restarts the found "new" hardware should show up. Accept that if asked. Things should work now.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 cds568

cds568
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:08:57 AM

Posted 22 September 2013 - 07:18 AM

I went into Control Panel>System>Device Manager>Network Adapters>and right clicked on the wireless adapter to Uninstall.  It was removed from the list.  But when I reboot or restart it automatically reinstalls and still doesn't recognize any wireless networks.  The driver test says it is functioning properly.  Am I doing this right?


Edited by cds568, 22 September 2013 - 07:19 AM.


#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:57 AM

Posted 23 September 2013 - 02:17 PM

Lets try this off the USB.

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 cds568

cds568
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Connecticut
  • Local time:08:57 AM

Posted 23 September 2013 - 10:39 PM

here is the log:

 

Farbar Service Scanner Version: 13-09-2013
Ran by Amanda (administrator) on 24-09-2013 at 00:03:08
Running from "C:\Documents and Settings\Amanda\Desktop"
Microsoft Windows XP Professional Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors
 
 
Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Disabled. The default start type is Auto.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.
 
 
Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
 
 
System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice: "C:\WINDOWS\system32\srsvc.dll".
 
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking LEGACY_wuauserv: ATTENTION!=====> Unable to open LEGACY_wuauserv\0000 registry key. The key does not exist.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Other Services:
==============
 
 
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2005-08-16 06:18] - [2006-05-19 08:59] - 0111616 ___AH (Microsoft Corporation) EF545E1A4B043DA4C84E230DD471C55F
 
C:\WINDOWS\system32\Drivers\afd.sys
[2005-08-16 06:18] - [2008-08-14 05:51] - 0138368 ___AH (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702
 
C:\WINDOWS\system32\Drivers\netbt.sys
[2005-08-16 06:18] - [2004-08-10 07:00] - 0162816 ___AH (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B
 
C:\WINDOWS\system32\Drivers\tcpip.sys
[2005-08-16 06:18] - [2008-06-20 06:45] - 0360320 ___AH (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9
 
C:\WINDOWS\system32\Drivers\ipsec.sys
[2005-08-16 06:18] - [2004-08-10 07:00] - 0074752 ___AH (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1
 
C:\WINDOWS\system32\dnsrslvr.dll
[2005-08-16 06:18] - [2008-02-20 01:32] - 0045568 ___AH (Microsoft Corporation) AAC8FFBFD61E784FA3BAC851D4A0BD5F
 
C:\WINDOWS\system32\ipnathlp.dll
[2005-08-16 06:18] - [2004-08-10 07:00] - 0331264 ___AH (Microsoft Corporation) 36CC8C01B5E50163037BEF56CB96DEFF
 
C:\WINDOWS\system32\netman.dll
[2005-08-16 06:18] - [2005-08-22 14:29] - 0197632 ___AH (Microsoft Corporation) 36739B39267914BA69AD0610A0299732
 
C:\WINDOWS\system32\wbem\WMIsvc.dll
[2005-08-16 06:37] - [2004-08-10 07:00] - 0144896 ___AH (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E
 
C:\WINDOWS\system32\srsvc.dll
[2005-08-16 06:40] - [2004-08-10 07:00] - 0170496 ___AH (Microsoft Corporation) 92BDF74F12D6CBEC43C94D4B7F804838
 
C:\WINDOWS\system32\Drivers\sr.sys
[2005-08-16 06:40] - [2004-08-10 07:00] - 0073472 ___AH (Microsoft Corporation) E41B6D037D6CD08461470AF04500DC24
 
C:\WINDOWS\system32\wscsvc.dll
[2005-08-16 06:18] - [2004-08-10 07:00] - 0081408 ___AH (Microsoft Corporation) 4D59DAA66C60858CDF4F67A900F42D4A
 
C:\WINDOWS\system32\wbem\WMIsvc.dll
[2005-08-16 06:37] - [2004-08-10 07:00] - 0144896 ___AH (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E
 
C:\WINDOWS\system32\wuauserv.dll
[2005-08-16 06:40] - [2004-08-10 07:00] - 0006656 ___AH (Microsoft Corporation) 13D72740963CBA12D9FF76A7F218BCD8
 
C:\WINDOWS\system32\qmgr.dll
[2005-08-16 06:40] - [2004-08-10 07:00] - 0382464 ___AH (Microsoft Corporation) 2C69EC7E5A311334D10DD95F338FCCEA
 
C:\WINDOWS\system32\es.dll
[2005-08-16 06:18] - [2008-07-07 16:32] - 0253952 ___AH (Microsoft Corporation) 60D1A6342238378BFB7545C81EE3606C
 
C:\WINDOWS\system32\cryptsvc.dll
[2005-08-16 06:18] - [2004-08-10 07:00] - 0060416 ___AH (Microsoft Corporation) 10654F9DDCEA9C46CFB77554231BE73B
 
C:\WINDOWS\system32\svchost.exe
[2005-08-16 06:18] - [2004-08-10 07:00] - 0014336 ___AH (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716
 
C:\WINDOWS\system32\rpcss.dll
[2005-08-16 06:18] - [2009-02-09 06:01] - 0401408 ___AH (Microsoft Corporation) 24B5D53B9ACCC1E2EDCF0A878D6659D4
 
C:\WINDOWS\system32\services.exe
[2005-08-16 06:18] - [2009-02-06 06:22] - 0110592 ___AH (Microsoft Corporation) 4712531AB7A01B7EE059853CA17D39BD
 
 
Extra List:
=======
AegisP(9) AvgTdiX(86) Gpc(6) IPSec(4) IWCA(10) MPFP(11) NetBT(5) PSched(7) s24trans(8) Tcpip(3) 
0x0C000000040000000100000002000000030000000B0000005600000005000000060000000700000008000000090000000A000000
IpSec Tag value is correct.
 
**** End of log ****


#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:57 AM

Posted 24 September 2013 - 10:04 AM

Let do this and see about the services.

Download


http://kb.eset.com/library/ESET/KB Team Only/Malware/ServicesRepair.exe

Run it,restart the PC

Post the new FSS log

Edited by boopme, 05 December 2013 - 11:38 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users