Jump to content


Photo

Help with Malware

Windows XP Trojan Adware

  • This topic is locked This topic is locked
14 replies to this topic

#1 greatserpent

greatserpent

    Advanced Member

  • Full Member
  • PipPipPip
  • 106 posts

Posted 14 May 2013 - 08:00 AM

Hi

Okay so basically i was away for a year and my sisters were using the computer, anyway i did a scan with comodo cleaning essentials and also drwebcureit! and it found a bunch of stuff...some trojans and adware. It removed it but then i scanned it again with Drwebcureit and theres still stuff in there and the browser had a different home page.

Basically malwareantibytes did not find anything. Norton internet security 2013 did not find anything. Hitmanpro found something but i got rid of that, Superantispyware found nothing, Emisoft emergency kit found some stuff and so did drwebcureit, tdss killer found some stuff too but i don't know if its malicious. anyway here are the logs.

-------------------------------------------------------------------------------------------------------------------------------------------------

DDS log

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.21.2
Run by Owner at 22:38:48 on 2013-05-14
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2046.1017 [GMT 10:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
C:\Nexon\Mabinogi\npkcmsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\Rar$EX01.125\TDSSKiller.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\System32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com.au/
mStart Page = hxxp://websearch.searchmainia.info/?unqvl=15
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton internet security\engine\20.3.1.22\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton internet security\engine\20.3.1.22\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SimpleAdblock Class: {FFCB3198-32F3-4E8B-9539-4324694ED664} - c:\program files\common files\simple adblock\SimpleAdblock.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\20.3.1.22\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\20.3.1.22\coieplg.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [WUAppSetup] c:\program files\common files\logishrd\WUApp32.exe -v 0x046d -p 0x0990 -f video -m logitech -d 13.30.1394.0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:383
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll/206
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} - hxxp://www.ipix.com/download/ipixx.cab
DPF: {15B782AF-55D8-11D1-B477-006097098764} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1201141713185
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1359791227984
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: NameServer = 198.142.0.51 211.29.132.12 198.142.235.14
TCP: Interfaces\{A4C5CEE8-9B41-422B-A833-0949F3E84FEB} : DHCPNameServer = 198.142.0.51 211.29.132.12 198.142.235.14
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: {4F07DA45-8170-4859-9B5F-037EF2970034} - <orphaned>
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages =  msv1_0 nwprovau
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\r9qoei9j.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.searchmainia.info/?unqvl=15&l=1&q=
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: keyword.URL - hxxp://websearch.searchmainia.info/?unqvl=15&l=1&q=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\r9qoei9j.default\extensions\{b042753d-f57e-4e8e-a01b-7379a6d4cefb}\components\IBitCometExtension.dll
FF - component: c:\program files\mozilla firefox\extensions\kavantibanner@kaspersky.ru\components\abhelperxpcom.dll
FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\r9qoei9j.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1202122.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_169.dll
FF - ExtSQL: 2013-04-13 00:49; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\owner\application data\mozilla\firefox\profiles\r9qoei9j.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2011-5-24 28552]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1403010.016\symds.sys [2013-4-18 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1403010.016\symefa.sys [2013-4-18 934488]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.1.22\definitions\bashdefs\20130502.001\BHDrvx86.sys [2013-5-8 1000024]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1403010.016\ccsetx86.sys [2013-4-18 134304]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-23 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-13 67664]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1403010.016\ironx86.sys [2013-4-18 175264]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-5-8 119024]
R2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\garmin\core update service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-3-27 185688]
R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\nero\nero8\incd\NBHRegInCDSrv.exe [2008-7-10 53032]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\20.3.1.22\ccsvchst.exe [2013-4-18 144520]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2012-11-27 659040]
R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2011-4-1 450848]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-12-29 106656]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.1.22\definitions\ipsdefs\20130511.001\IDSXpx86.sys [2013-5-14 373728]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.1.22\definitions\virusdefs\20130513.022\NAVENG.SYS [2013-5-14 93296]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.1.22\definitions\virusdefs\20130513.022\NAVEX15.SYS [2013-5-14 1603824]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-10-12 1691480]
S3 apf001;apf001;c:\game\softnyxgame\gunboundis\apf001.sys [2011-4-27 10872]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2011-10-4 77624]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2011-10-4 20032]
S3 PciCon;PciCon;\??\d:\pcicon.sys --> d:\PciCon.sys [?]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2012-11-27 1225312]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2011-10-4 181432]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
ShellExec: BitComet.exe: open="c:\program files\bitcomet\BitComet.exe"
ShellExec: mplayer2.exe: open="c:\program files\windows media player\mplayer2.exe"/prefetch:8 /Play "%L"
ShellExec: mplayer2.exe: play="c:\program files\windows media player\mplayer2.exe"/prefetch:8 /Play "%L"
.
=============== Created Last 30 ================
.
2013-05-13 18:47:13    30464    ----a-w-    c:\windows\system32\drivers\hitmanpro37.sys
2013-05-12 19:22:12    --------    d-----w-    c:\documents and settings\owner\Doctor Web
2013-05-12 19:04:33    --------    d-----w-    c:\program files\HitmanPro
2013-05-12 19:04:33    --------    d-----w-    c:\documents and settings\all users\application data\HitmanPro
2013-05-12 19:01:27    --------    d-----w-    c:\documents and settings\all users\application data\StarApp
2013-05-12 19:01:23    --------    d-----w-    c:\program files\SimpleSpeedy
2013-05-12 18:39:08    --------    d-----w-    C:\CCE_Quarantine
2013-04-27 15:24:00    --------    d-----w-    c:\documents and settings\owner\local settings\application data\Garmin
2013-04-27 15:22:38    --------    d-----w-    c:\documents and settings\all users\application data\Package Cache
2013-04-18 17:43:34    94112    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2013-04-17 23:22:39    394656    ----a-w-    c:\windows\system32\drivers\nis\1403010.016\symtdi.sys
2013-04-17 23:22:39    350368    ----a-w-    c:\windows\system32\drivers\nis\1403010.016\symtdiv.sys
2013-04-17 23:22:39    338592    ----a-w-    c:\windows\system32\drivers\nis\1403010.016\symnets.sys
2013-04-17 23:22:39    21400    ----a-r-    c:\windows\system32\drivers\nis\1403010.016\symelam.sys
2013-04-17 23:22:38    934488    ----a-w-    c:\windows\system32\drivers\nis\1403010.016\symefa.sys
2013-04-17 23:22:38    602712    ----a-w-    c:\windows\system32\drivers\nis\1403010.016\srtsp.sys
2013-04-17 23:22:38    367704    ----a-w-    c:\windows\system32\drivers\nis\1403010.016\symds.sys
2013-04-17 23:22:38    32344    ----a-w-    c:\windows\system32\drivers\nis\1403010.016\srtspx.sys
2013-04-17 23:22:38    175264    ----a-w-    c:\windows\system32\drivers\nis\1403010.016\ironx86.sys
2013-04-17 23:22:38    134304    ----a-w-    c:\windows\system32\drivers\nis\1403010.016\ccsetx86.sys
2013-04-17 23:22:12    14818    ----a-w-    c:\windows\system32\drivers\nis\1403010.016\symvtcer.dat
2013-04-17 23:22:12    --------    d-----w-    c:\windows\system32\drivers\nis\1403010.016
.
==================== Find3M  ====================
.
2013-04-10 20:14:55    348160    ----a-w-    c:\windows\system32\msvcr71.dll
2013-04-10 19:47:16    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-10 19:47:16    691592    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-04-04 04:50:32    22856    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-04-03 11:52:45    1072544    ----a-w-    c:\windows\system32\nvdrsdb0.bin
2013-04-03 11:52:45    1    ----a-w-    c:\windows\system32\nvdrssel.bin
2013-04-03 11:50:31    1072544    ----a-w-    c:\windows\system32\nvdrsdb1.bin
2013-03-22 14:22:30    7536640    ----a-w-    c:\windows\system32\nvcuda.dll
2013-03-22 14:22:30    1869600    ----a-w-    c:\windows\system32\nvcuvenc.dll
2013-03-22 14:22:28    19189760    ----a-w-    c:\windows\system32\nvoglnt.dll
2013-03-22 14:22:26    12653120    ----a-w-    c:\windows\system32\drivers\nv4_mini.sys
2013-03-22 14:22:24    5967872    ----a-w-    c:\windows\system32\nvopencl.dll
2013-03-22 14:22:22    17551360    ----a-w-    c:\windows\system32\nvcompiler.dll
2013-03-22 14:22:22    1010464    ----a-w-    c:\windows\system32\nvdispco3230790.dll
2013-03-22 14:22:20    4494720    ----a-w-    c:\windows\system32\nv4_disp.dll
2013-03-22 14:22:16    893728    ----a-w-    c:\windows\system32\nvdispgenco3230790.dll
2013-03-22 14:22:16    2392064    ----a-w-    c:\windows\system32\nvapi.dll
2013-03-22 14:22:14    2582816    ----a-w-    c:\windows\system32\nvcuvid.dll
2013-03-21 22:26:06    54272    ----a-w-    c:\windows\system32\nvwddi.dll
2013-03-21 22:26:00    156448    ----a-w-    c:\windows\system32\nvsvc32.exe
2013-03-21 22:26:00    15517984    ----a-w-    c:\windows\system32\nvcpl.dll
2013-03-21 22:26:00    108832    ----a-w-    c:\windows\system32\nvmctray.dll
2013-03-21 22:25:59    144160    ----a-w-    c:\windows\system32\nvcolor.exe
2013-03-16 06:30:42    4546560    ----a-w-    c:\windows\system32\GPhotos.scr
2013-03-08 08:36:22    293376    ----a-w-    c:\windows\system32\winsrv.dll
2013-03-08 02:33:27    861088    ----a-w-    c:\windows\system32\npdeployJava1.dll
2013-03-08 02:33:27    782240    ----a-w-    c:\windows\system32\deployJava1.dll
2013-03-07 01:32:25    2149888    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50:30    2028544    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2013-03-02 02:06:31    916480    ----a-w-    c:\windows\system32\wininet.dll
2013-03-02 02:06:30    43520    ------w-    c:\windows\system32\licmgr10.dll
2013-03-02 02:06:30    1469440    ------w-    c:\windows\system32\inetcpl.cpl
2013-03-02 01:25:02    1867264    ----a-w-    c:\windows\system32\win32k.sys
2013-03-02 01:08:47    385024    ------w-    c:\windows\system32\html.iec
2013-02-27 07:56:51    2067456    ----a-w-    c:\windows\system32\mstscax.dll
2013-02-17 22:22:18    884072    ----a-w-    c:\windows\system32\nvhdagenco3220103.dll
2013-02-17 22:22:18    28008    ----a-w-    c:\windows\system32\nvhdap32.dll
2013-02-17 22:22:18    124264    ----a-w-    c:\windows\system32\drivers\nvhda32.sys
2011-07-22 02:39:49    6925312    ----a-w-    c:\program files\etax2011_1.msi
2008-11-11 20:49:03    2400784    ----a-w-    c:\program files\WLinstaller.exe
2008-02-14 04:23:12    231944    ----a-w-    c:\program files\gwflash.exe
2007-09-21 09:42:42    19008    ----a-w-    c:\program files\markfun.a64
2007-08-21 09:49:28    17912    ----a-w-    c:\program files\markfun.w32
2007-03-01 18:48:50    240448    ----a-w-    c:\program files\gwf32.exe
2006-11-23 13:47:50    207680    ----a-w-    c:\program files\BIOS_Run.exe
2005-04-27 09:40:26    6800    ----a-w-    c:\program files\W95_HUA.vxd
.
============= FINISH: 22:40:16.42 ===============
 

Security Check

 

 Results of screen317's Security Check version 0.99.63  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled!  
AVG Anti-Virus Free Edition 2011   
Norton Internet Security           
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:`````````
 Out of date HijackThis  installed!
 SpywareBlaster 5.0    
 SUPERAntiSpyware     
 Secunia PSI (3.0.0.6001)   
 Malwarebytes Anti-Malware version 1.75.0.1300  
 HijackThis 2.0.2    
 CCleaner     
 Java 7 Update 21  
 Adobe Flash Player     11.7.700.169  
 Adobe Reader 8  
 Adobe Reader XI  
 Mozilla Firefox (20.0.1)
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 5%
````````````````````End of Log``````````````````````
 

also not sure why avg is showing up...i deleted that a long time ago. and besides norton disables anything that will interfere with it.

 

------------------------------------------------------------------------------------------------------------------------------------------

MalwareBytesAntiMalware

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.05.13.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: HOME-L1GY43MFQ0 [administrator]

13/05/2013 5:56:34 PM
mbam-log-2013-05-13 (17-56-34).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 431235
Time elapsed: 5 hour(s), 5 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

--------------------------------------------------------------------------------------------------------------------------------------------

TDSS log

 

22:28:39.0671 1000  TDSS rootkit removing tool 2.8.17.0 Apr 11 2013 11:56:34
22:28:41.0187 1000  ============================================================
22:28:41.0187 1000  Current date / time: 2013/05/14 22:28:41.0187
22:28:41.0187 1000  SystemInfo:
22:28:41.0187 1000  
22:28:41.0187 1000  OS Version: 5.1.2600 ServicePack: 3.0
22:28:41.0187 1000  Product type: Workstation
22:28:41.0187 1000  ComputerName: HOME-L1GY43MFQ0
22:28:41.0187 1000  UserName: Owner
22:28:41.0187 1000  Windows directory: C:\WINDOWS
22:28:41.0187 1000  System windows directory: C:\WINDOWS
22:28:41.0187 1000  Processor architecture: Intel x86
22:28:41.0187 1000  Number of processors: 2
22:28:41.0187 1000  Page size: 0x1000
22:28:41.0187 1000  Boot type: Normal boot
22:28:41.0187 1000  ============================================================
22:28:43.0406 1000  Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xEC93A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000054
22:28:43.0406 1000  ============================================================
22:28:43.0406 1000  \Device\Harddisk0\DR0:
22:28:43.0406 1000  MBR partitions:
22:28:43.0406 1000  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C41
22:28:43.0406 1000  ============================================================
22:28:43.0453 1000  C: <-> \Device\Harddisk0\DR0\Partition1
22:28:43.0453 1000  ============================================================
22:28:43.0453 1000  Initialize success
22:28:43.0453 1000  ============================================================
22:29:30.0078 1588  ============================================================
22:29:30.0078 1588  Scan started
22:29:30.0078 1588  Mode: Manual; SigCheck; TDLFS;
22:29:30.0078 1588  ============================================================
22:29:31.0250 1588  ================ Scan system memory ========================
22:29:31.0250 1588  System memory - ok
22:29:31.0250 1588  ================ Scan services =============================
22:29:31.0375 1588  [ 44C85670246E4183650EF0E664346DDC ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
22:29:31.0765 1588  !SASCORE - ok
22:29:31.0953 1588  Abiosdsk - ok
22:29:31.0968 1588  abp480n5 - ok
22:29:32.0000 1588  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:29:34.0890 1588  ACPI - ok
22:29:34.0937 1588  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
22:29:35.0140 1588  ACPIEC - ok
22:29:35.0218 1588  [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:29:35.0265 1588  AdobeFlashPlayerUpdateSvc - ok
22:29:35.0265 1588  adpu160m - ok
22:29:35.0312 1588  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
22:29:35.0437 1588  aec - ok
22:29:35.0500 1588  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
22:29:35.0625 1588  AFD - ok
22:29:35.0734 1588  [ 0EBB674888CBDEFD5773341C16DD6A07 ] AFS2K           C:\WINDOWS\system32\drivers\AFS2K.sys
22:29:35.0843 1588  AFS2K - ok
22:29:35.0859 1588  Aha154x - ok
22:29:35.0859 1588  aic78u2 - ok
22:29:35.0859 1588  aic78xx - ok
22:29:35.0953 1588  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
22:29:36.0078 1588  Alerter - ok
22:29:36.0171 1588  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
22:29:36.0328 1588  ALG - ok
22:29:36.0328 1588  AliIde - ok
22:29:36.0625 1588  [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys
22:29:36.0937 1588  Ambfilt - ok
22:29:36.0937 1588  amsint - ok
22:29:37.0093 1588  [ 0BF848F3CDD883843769A9070F55A023 ] apf001          C:\Game\SoftnyxGame\GunBoundIS\apf001.sys
22:29:37.0125 1588  apf001 - ok
22:29:37.0265 1588  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:29:37.0296 1588  Apple Mobile Device - ok
22:29:37.0328 1588  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
22:29:37.0437 1588  AppMgmt - ok
22:29:37.0437 1588  asc - ok
22:29:37.0437 1588  asc3350p - ok
22:29:37.0437 1588  asc3550 - ok
22:29:37.0500 1588  [ B979979AB8027F7F53FB16EC4229B7DB ] Aspi32          C:\WINDOWS\system32\drivers\Aspi32.sys
22:29:37.0500 1588  Aspi32 ( UnsignedFile.Multi.Generic ) - warning
22:29:37.0500 1588  Aspi32 - detected UnsignedFile.Multi.Generic (1)
22:29:37.0640 1588  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:29:37.0703 1588  aspnet_state - ok
22:29:37.0765 1588  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:29:37.0953 1588  AsyncMac - ok
22:29:37.0968 1588  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
22:29:38.0125 1588  atapi - ok
22:29:38.0140 1588  Atdisk - ok
22:29:38.0218 1588  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:29:38.0375 1588  Atmarpc - ok
22:29:38.0468 1588  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
22:29:38.0609 1588  AudioSrv - ok
22:29:38.0656 1588  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
22:29:38.0796 1588  audstub - ok
22:29:38.0875 1588  [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt         C:\WINDOWS\System32\Drivers\BANTExt.sys
22:29:38.0953 1588  BANTExt ( UnsignedFile.Multi.Generic ) - warning
22:29:38.0953 1588  BANTExt - detected UnsignedFile.Multi.Generic (1)
22:29:39.0015 1588  [ 1B9C81AB9A456EABD9F8335F04B5F495 ] basic2          C:\WINDOWS\system32\DRIVERS\HSF_BSC2.sys
22:29:39.0218 1588  basic2 - ok
22:29:39.0281 1588  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
22:29:39.0468 1588  Beep - ok
22:29:39.0890 1588  [ 89BF5550E4FC31E3FE728E68C558BF10 ] BHDrvx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\BASHDefs\20130502.001\BHDrvx86.sys
22:29:40.0015 1588  BHDrvx86 - ok
22:29:40.0203 1588  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
22:29:40.0437 1588  BITS - ok
22:29:40.0609 1588  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:29:40.0687 1588  Bonjour Service - ok
22:29:40.0734 1588  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
22:29:40.0968 1588  Browser - ok
22:29:41.0000 1588  [ 2FE6D5BE0629F706197B30C0AA05DE30 ] BrPar           C:\WINDOWS\System32\drivers\BrPar.sys
22:29:41.0062 1588  BrPar ( UnsignedFile.Multi.Generic ) - warning
22:29:41.0062 1588  BrPar - detected UnsignedFile.Multi.Generic (1)
22:29:49.0609 1588  catchme - ok
22:29:50.0187 1588  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
22:29:50.0296 1588  cbidf2k - ok
22:29:50.0453 1588  [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8         C:\Program Files\Canon\CAL\CALMAIN.exe
22:29:50.0515 1588  CCALib8 ( UnsignedFile.Multi.Generic ) - warning
22:29:50.0515 1588  CCALib8 - detected UnsignedFile.Multi.Generic (1)
22:29:50.0562 1588  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:29:50.0703 1588  CCDECODE - ok
22:29:50.0859 1588  [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_NIS       C:\WINDOWS\system32\drivers\NIS\1403010.016\ccSetx86.sys
22:29:50.0921 1588  ccSet_NIS - ok
22:29:50.0921 1588  cd20xrnt - ok
22:29:50.0968 1588  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
22:29:51.0203 1588  Cdaudio - ok
22:29:51.0250 1588  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
22:29:51.0421 1588  Cdfs - ok
22:29:51.0484 1588  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:29:51.0656 1588  Cdrom - ok
22:29:51.0656 1588  Changer - ok
22:29:51.0703 1588  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
22:29:51.0843 1588  CiSvc - ok
22:29:51.0890 1588  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
22:29:52.0062 1588  ClipSrv - ok
22:29:52.0281 1588  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:29:52.0390 1588  clr_optimization_v2.0.50727_32 - ok
22:29:52.0531 1588  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:29:52.0609 1588  clr_optimization_v4.0.30319_32 - ok
22:29:52.0609 1588  CmdIde - ok
22:29:52.0609 1588  COMSysApp - ok
22:29:52.0625 1588  Cpqarray - ok
22:29:52.0703 1588  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
22:29:52.0859 1588  CryptSvc - ok
22:29:52.0859 1588  dac2w2k - ok
22:29:52.0859 1588  dac960nt - ok
22:29:52.0968 1588  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
22:29:53.0140 1588  DcomLaunch - ok
22:29:53.0187 1588  [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv        C:\WINDOWS\system32\drivers\dgderdrv.sys
22:29:53.0218 1588  dgderdrv - ok
22:29:53.0265 1588  [ AEB179B855161EC9C88172ABC75AD0EF ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
22:29:53.0281 1588  dg_ssudbus - ok
22:29:53.0328 1588  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
22:29:53.0468 1588  Dhcp - ok
22:29:53.0578 1588  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
22:29:53.0781 1588  Disk - ok
22:29:53.0796 1588  dmadmin - ok
22:29:54.0046 1588  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
22:29:54.0296 1588  dmboot - ok
22:29:54.0328 1588  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
22:29:54.0468 1588  dmio - ok
22:29:54.0515 1588  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
22:29:54.0625 1588  dmload - ok
22:29:54.0703 1588  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
22:29:54.0921 1588  dmserver - ok
22:29:54.0953 1588  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
22:29:55.0093 1588  DMusic - ok
22:29:55.0140 1588  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
22:29:55.0312 1588  Dnscache - ok
22:29:55.0390 1588  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
22:29:55.0515 1588  Dot3svc - ok
22:29:55.0515 1588  dpti2o - ok
22:29:55.0593 1588  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
22:29:55.0765 1588  drmkaud - ok
22:29:55.0765 1588  EagleNT - ok
22:29:55.0859 1588  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
22:29:55.0984 1588  EapHost - ok
22:29:56.0187 1588  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
22:29:56.0312 1588  eeCtrl - ok
22:29:56.0390 1588  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
22:29:56.0406 1588  EraserUtilRebootDrv - ok
22:29:56.0453 1588  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
22:29:56.0609 1588  ERSvc - ok
22:29:56.0687 1588  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
22:29:56.0750 1588  Eventlog - ok
22:29:56.0796 1588  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\System32\es.dll
22:29:56.0984 1588  EventSystem - ok
22:29:57.0140 1588  [ C823DEBE2548656549F84A875D65237B ] Fallback        C:\WINDOWS\system32\DRIVERS\HSF_FALL.sys
22:29:57.0343 1588  Fallback - ok
22:29:57.0421 1588  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
22:29:57.0671 1588  Fastfat - ok
22:29:57.0703 1588  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:29:58.0000 1588  FastUserSwitchingCompatibility - ok
22:29:58.0046 1588  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
22:29:58.0187 1588  Fdc - ok
22:29:58.0234 1588  [ A75DDC492D2D1D6558AD8003A4ADB73A ] FilterService   C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
22:29:58.0265 1588  FilterService - ok
22:29:58.0343 1588  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
22:29:58.0421 1588  Fips - ok
22:29:58.0453 1588  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:29:58.0609 1588  Flpydisk - ok
22:29:58.0687 1588  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
22:29:58.0843 1588  FltMgr - ok
22:29:58.0984 1588  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:29:59.0031 1588  FontCache3.0.0.0 - ok
22:29:59.0062 1588  [ 6483414841D4CAB6C3B4DB2AC6EDD70B ] Fsks            C:\WINDOWS\system32\DRIVERS\HSF_FSKS.sys
22:29:59.0218 1588  Fsks - ok
22:29:59.0265 1588  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:29:59.0375 1588  Fs_Rec - ok
22:29:59.0390 1588  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:29:59.0531 1588  Ftdisk - ok
22:29:59.0734 1588  [ 2973B4EB7BE10A0D491B2037DCAAE88F ] Garmin Core Update Service C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
22:29:59.0750 1588  Garmin Core Update Service - ok
22:29:59.0859 1588  [ 54789F9BA0D59072CDD4E7C200E122C4 ] gdrv            C:\WINDOWS\gdrv.sys
22:29:59.0875 1588  gdrv - ok
22:29:59.0953 1588  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:29:59.0984 1588  GEARAspiWDM - ok
22:30:00.0078 1588  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:30:00.0375 1588  Gpc - ok
22:30:00.0500 1588  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:30:00.0515 1588  gusvc - ok
22:30:00.0609 1588  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:30:00.0734 1588  HDAudBus - ok
22:30:00.0875 1588  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:30:01.0046 1588  helpsvc - ok
22:30:01.0109 1588  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
22:30:01.0218 1588  HidServ - ok
22:30:01.0265 1588  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:30:01.0390 1588  HidUsb - ok
22:30:01.0437 1588  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
22:30:01.0578 1588  hkmsvc - ok
22:30:01.0578 1588  hpn - ok
22:30:01.0656 1588  [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:30:02.0000 1588  HPZid412 - ok
22:30:02.0015 1588  [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:30:02.0046 1588  HPZipr12 - ok
22:30:02.0140 1588  [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:30:02.0203 1588  HPZius12 - ok
22:30:02.0312 1588  [ 6312DC46356DF3974E88AA51B69360DC ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
22:30:02.0468 1588  HSFHWBS2 - ok
22:30:02.0671 1588  [ EBB354438A4C5A3327FB97306260714A ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
22:30:03.0437 1588  HSF_DP - ok
22:30:03.0625 1588  [ DAAB917EEC9849840A13353198D48CC5 ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
22:30:03.0765 1588  HSF_DPV - ok
22:30:03.0953 1588  [ 74E379857D4C0DFB56DE2D19B8F4C434 ] hsf_msft        C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys
22:30:04.0218 1588  hsf_msft - ok
22:30:04.0328 1588  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
22:30:04.0421 1588  HTTP - ok
22:30:04.0531 1588  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
22:30:04.0640 1588  HTTPFilter - ok
22:30:04.0656 1588  i2omgmt - ok
22:30:04.0656 1588  i2omp - ok
22:30:04.0734 1588  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:30:04.0859 1588  i8042prt - ok
22:30:04.0953 1588  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:30:04.0984 1588  IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:30:04.0984 1588  IDriverT - detected UnsignedFile.Multi.Generic (1)
22:30:05.0187 1588  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:30:05.0343 1588  idsvc - ok
22:30:05.0640 1588  [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\IPSDefs\20130511.001\IDSxpx86.sys
22:30:05.0703 1588  IDSxpx86 - ok
22:30:05.0750 1588  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
22:30:05.0890 1588  Imapi - ok
22:30:05.0953 1588  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
22:30:06.0046 1588  ImapiService - ok
22:30:06.0125 1588  [ 1DA147ACB525A4822228BE06154C7CBB ] InCDfs          C:\WINDOWS\system32\drivers\InCDFs.sys
22:30:06.0156 1588  InCDfs - ok
22:30:06.0234 1588  [ 2EC469A401AE6FE7A67D80EFFD3091B1 ] InCDPass        C:\WINDOWS\system32\drivers\InCDPass.sys
22:30:06.0281 1588  InCDPass - ok
22:30:06.0359 1588  [ 544498D06B8CA187A5960B4F3B4BD63E ] InCDRec         C:\WINDOWS\system32\drivers\InCDRec.sys
22:30:06.0406 1588  InCDRec - ok
22:30:06.0453 1588  [ 2863A00B0F64D937F0CD9561C53B5A37 ] incdrm          C:\WINDOWS\system32\drivers\InCDRm.sys
22:30:06.0468 1588  incdrm - ok
22:30:06.0781 1588  [ CA32EA0F5FC2A36CA44AD7238F18C248 ] InCDsrv         C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
22:30:06.0906 1588  InCDsrv - ok
22:30:06.0906 1588  ini910u - ok
22:30:07.0750 1588  [ 319A38A3F786153FFF2A84A48FEB09B1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:30:08.0062 1588  IntcAzAudAddService - ok
22:30:08.0062 1588  IntelIde - ok
22:30:08.0140 1588  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:30:08.0250 1588  intelppm - ok
22:30:08.0265 1588  [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys
22:30:08.0390 1588  ip6fw - ok
22:30:08.0421 1588  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:30:08.0562 1588  IpFilterDriver - ok
22:30:08.0578 1588  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:30:08.0718 1588  IpInIp - ok
22:30:08.0828 1588  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:30:08.0968 1588  IpNat - ok
22:30:09.0250 1588  [ 02682AE021F0FB92F5768B49776B8B5B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:30:09.0265 1588  iPod Service - ok
22:30:09.0359 1588  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:30:09.0437 1588  IPSec - ok
22:30:09.0453 1588  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
22:30:09.0515 1588  IRENUM - ok
22:30:09.0546 1588  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:30:09.0687 1588  isapnp - ok
22:30:09.0843 1588  [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
22:30:09.0875 1588  JavaQuickStarterService - ok
22:30:09.0953 1588  [ 9C5E3FDBFCC30CF71A49CA178B9AD442 ] K56             C:\WINDOWS\system32\DRIVERS\HSF_K56K.sys
22:30:10.0109 1588  K56 - ok
22:30:10.0140 1588  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:30:10.0296 1588  Kbdclass - ok
22:30:10.0328 1588  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:30:10.0453 1588  kbdhid - ok
22:30:10.0531 1588  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
22:30:10.0640 1588  kmixer - ok
22:30:10.0687 1588  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
22:30:10.0796 1588  KSecDD - ok
22:30:10.0843 1588  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
22:30:10.0968 1588  lanmanserver - ok
22:30:11.0046 1588  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:30:11.0109 1588  lanmanworkstation - ok
22:30:11.0109 1588  Lbd - ok
22:30:11.0109 1588  lbrtfdc - ok
22:30:11.0187 1588  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
22:30:11.0312 1588  LmHosts - ok
22:30:11.0484 1588  [ E1158B0CB852DB0573922C92E6E564DE ] lvpopflt        C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
22:30:12.0312 1588  lvpopflt - ok
22:30:12.0390 1588  [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon        C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
22:30:12.0421 1588  LVPr2Mon - ok
22:30:12.0562 1588  [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS            C:\WINDOWS\system32\DRIVERS\lvrs.sys
22:30:12.0640 1588  LVRS - ok
22:30:12.0687 1588  [ 5F987FC1AAD215EC2C60CF07719B1CCE ] LVUSBSta        C:\WINDOWS\system32\drivers\LVUSBSta.sys
22:30:12.0703 1588  LVUSBSta - ok
22:30:12.0843 1588  [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC           C:\WINDOWS\system32\DRIVERS\lvuvc.sys
22:30:13.0093 1588  LVUVC - ok
22:30:13.0203 1588  [ 290FB01F7F51EFF0960599404A09F8D6 ] mbmiodrvr       C:\WINDOWS\system32\mbmiodrvr.sys
22:30:13.0218 1588  mbmiodrvr ( UnsignedFile.Multi.Generic ) - warning
22:30:13.0218 1588  mbmiodrvr - detected UnsignedFile.Multi.Generic (1)
22:30:13.0281 1588  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:30:13.0312 1588  mdmxsdk - ok
22:30:13.0343 1588  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
22:30:13.0453 1588  Messenger - ok
22:30:13.0546 1588  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:30:13.0562 1588  Microsoft Office Groove Audit Service - ok
22:30:13.0609 1588  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
22:30:13.0734 1588  mnmdd - ok
22:30:13.0781 1588  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe
22:30:13.0859 1588  mnmsrvc - ok
22:30:13.0906 1588  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
22:30:14.0000 1588  Modem - ok
22:30:14.0046 1588  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
22:30:14.0156 1588  MODEMCSA - ok
22:30:14.0203 1588  [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys
22:30:14.0250 1588  Monfilt - ok
22:30:14.0281 1588  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:30:14.0406 1588  Mouclass - ok
22:30:14.0453 1588  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:30:14.0562 1588  mouhid - ok
22:30:14.0593 1588  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
22:30:14.0687 1588  MountMgr - ok
22:30:14.0734 1588  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:30:14.0765 1588  MozillaMaintenance - ok
22:30:14.0765 1588  mraid35x - ok
22:30:14.0796 1588  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:30:14.0937 1588  MRxDAV - ok
22:30:14.0984 1588  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:30:15.0093 1588  MRxSmb - ok
22:30:15.0156 1588  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
22:30:15.0281 1588  MSDTC - ok
22:30:15.0312 1588  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
22:30:15.0437 1588  Msfs - ok
22:30:15.0453 1588  MSIServer - ok
22:30:15.0468 1588  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\M

Edited by greatserpent, 14 May 2013 - 08:27 AM.


#2 greatserpent

greatserpent

    Advanced Member

  • Full Member
  • PipPipPip
  • 106 posts

Posted 14 May 2013 - 08:03 AM

Hi

So sorry just realised theres like 4 of the same threads, my internet wasn't loading the page so i thought it didn't post. Can someone please delete the other threads and leave just 1.

 

Done.


Edited by cnm, 14 May 2013 - 01:35 PM.


#3 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 13,496 posts

Posted 14 May 2013 - 08:00 PM

Hi greatserpent, and Welcome Back.

I suggest printing out each set of instructions and reading the entire post before proceeding. It will make following them easier. Please follow the directions in the order listed.
 

 

Please download Malwarebytes Anti-Rootkit here.
Unzip the contents to a folder on the Desktop.

  • Open the folder where the contents were unzipped and run mbar.exe ( right-click and select Run as administrator for Vista and Windows 7).
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Please post the two logs produced.

Please note: This tool is still in BETA mode, so please ensure you have backed up any important files.

 

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Follow the prompts to reboot the computer. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

Please scan your system with ESET Online Scanner

  • Click the "Run ESET Online Scanner" button.
    • For browsers other then Internet Explorer such as Firefox, Chrome, or Opera (Microsoft Internet Explorer users can skip this step) another page will open to download the ESET Smart Installer
    • Click on esetsmartinstaller_enu.exe
    • Save it to your desktop, and double-click to run it.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

Please post the two logs from Malwarebytes Anti-Rootkit, the log from AdwCleaner, the log from ESET's online scan, and note any errors encountered.


Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#4 greatserpent

greatserpent

    Advanced Member

  • Full Member
  • PipPipPip
  • 106 posts

Posted 15 May 2013 - 11:38 PM

Hi thanks :p

 

the only two logs i got was these two but it found nothing

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.666000 GHz
Memory total: 2145824768, free: 1078394880

------------ Kernel report ------------
     05/16/2013 01:00:12
------------ Loaded modules -----------
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\System32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
pciide.sys
\WINDOWS\System32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
pavboot.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\System32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
SYMDS.SYS
sr.sys
SYMEFA.SYS
PxHelp20.sys
KSecDD.sys
WudfPf.sys
Ntfs.sys
NDIS.sys
Mup.sys
\SystemRoot\System32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nv4_mini.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\HDAudBus.sys
\SystemRoot\System32\DRIVERS\Rtenicxp.sys
\SystemRoot\System32\DRIVERS\usbuhci.sys
\SystemRoot\System32\DRIVERS\USBPORT.SYS
\SystemRoot\System32\DRIVERS\usbehci.sys
\SystemRoot\System32\DRIVERS\serial.sys
\SystemRoot\System32\DRIVERS\serenum.sys
\SystemRoot\System32\DRIVERS\parport.sys
\SystemRoot\System32\DRIVERS\imapi.sys
\SystemRoot\system32\drivers\pfc.sys
\SystemRoot\System32\Drivers\AFS2K.SYS
\SystemRoot\System32\DRIVERS\cdrom.sys
\SystemRoot\System32\DRIVERS\redbook.sys
\SystemRoot\System32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\InCDPass.sys
\SystemRoot\system32\drivers\InCDRm.sys
\SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\System32\DRIVERS\audstub.sys
\SystemRoot\System32\DRIVERS\rasl2tp.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\DRIVERS\ndiswan.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\raspptp.sys
\SystemRoot\System32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\ptilink.sys
\SystemRoot\System32\DRIVERS\raspti.sys
\SystemRoot\System32\DRIVERS\rdpdr.sys
\SystemRoot\System32\DRIVERS\termdd.sys
\SystemRoot\System32\DRIVERS\kbdclass.sys
\SystemRoot\System32\DRIVERS\mouclass.sys
\SystemRoot\System32\DRIVERS\swenum.sys
\SystemRoot\System32\DRIVERS\update.sys
\SystemRoot\System32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda32.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\DRIVERS\usbhub.sys
\SystemRoot\System32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\RtkHDAud.sys
\SystemRoot\system32\drivers\NIS\1403010.016\ccSetx86.sys
\SystemRoot\System32\Drivers\NIS\1403010.016\SRTSP.SYS
\SystemRoot\system32\drivers\NIS\1403010.016\SRTSPX.SYS
\SystemRoot\system32\drivers\NIS\1403010.016\Ironx86.SYS
\??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
\??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\VirusDefs\20130513.022\NAVEX15.SYS
\??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\VirusDefs\20130513.022\NAVENG.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\InCDRec.sys
\SystemRoot\system32\drivers\InCDFs.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\System32\DRIVERS\ipsec.sys
\SystemRoot\System32\DRIVERS\msgpc.sys
\SystemRoot\System32\DRIVERS\tcpip.sys
\SystemRoot\System32\Drivers\NIS\1403010.016\SYMTDI.SYS
\SystemRoot\System32\DRIVERS\ipnat.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\IPSDefs\20130511.001\IDSxpx86.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbios.sys
\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
\SystemRoot\System32\DRIVERS\rdbss.sys
\SystemRoot\System32\DRIVERS\mrxsmb.sys
\??\C:\WINDOWS\system32\mbmiodrvr.sys
\SystemRoot\System32\Drivers\Fips.SYS
\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
\??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\BASHDefs\20130502.001\BHDrvx86.sys
\SystemRoot\System32\Drivers\BANTExt.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\nwlnkipx.sys
\SystemRoot\system32\DRIVERS\nwlnknb.sys
\SystemRoot\System32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\nwrdr.sys
\SystemRoot\System32\DRIVERS\mrxdav.sys
\SystemRoot\system32\DRIVERS\nwlnkspx.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\System32\drivers\BrPar.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\System32\Drivers\Aspi32.SYS
\SystemRoot\System32\DRIVERS\HSF_FALL.sys
\SystemRoot\System32\DRIVERS\HSF_FSKS.sys
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\HSF_K56K.sys
\SystemRoot\System32\DRIVERS\mdmxsdk.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\DRIVERS\HSF_FAXX.sys
\SystemRoot\System32\DRIVERS\HSF_TONE.sys
\SystemRoot\System32\DRIVERS\HSF_V124.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8ac83ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\
Lower Device Object: 0xffffffff8abc3d98
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Load Function returned 0x0
Downloaded database version: v2013.05.15.08
Downloaded database version: v2013.05.14.03
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8ac83ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8ac82e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8ac83ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8ac883b8, DeviceName: \Device\0000007a\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8abc3d98, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffea1e06c8, 0xffffffff8ac83ab8, 0xffffffff89043688
Lower DeviceData: 0xffffffffea6e9e08, 0xffffffff8abc3d98, 0xffffffff890ee040
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\WINDOWS\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
File kernel read failed: C:\WINDOWS\system32\drivers\afd.sys
File kernel read failed: C:\WINDOWS\system32\drivers\mrxsmb.sys
File kernel read failed: C:\WINDOWS\system32\drivers\serscan.sys
File kernel read failed: C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
File kernel read failed: C:\WINDOWS\system32\drivers\hitmanpro35.sys
File kernel read failed: C:\WINDOWS\system32\drivers\HPZid412.sys
File kernel read failed: C:\WINDOWS\system32\drivers\HPZipr12.sys
File kernel read failed: C:\WINDOWS\system32\drivers\HPZius12.sys
File kernel read failed: C:\WINDOWS\system32\drivers\pavboot.sys
File kernel read failed: C:\WINDOWS\system32\drivers\pccsmcfd.sys
File kernel read failed: C:\WINDOWS\system32\drivers\portcls.sys
File kernel read failed: C:\WINDOWS\system32\drivers\psi_mf.sys
File kernel read failed: C:\WINDOWS\system32\drivers\usb8023.sys
File kernel read failed: C:\WINDOWS\system32\drivers\usb8023x.sys
File kernel read failed: C:\WINDOWS\system32\drivers\ks.sys
File kernel read failed: C:\WINDOWS\system32\drivers\srv.sys
File kernel read failed: C:\WINDOWS\system32\drivers\ssudbus.sys
File kernel read failed: C:\WINDOWS\system32\drivers\ssudmdm.sys
File kernel read failed: C:\WINDOWS\system32\drivers\stream.sys
File kernel read failed: C:\WINDOWS\system32\drivers\dgderdrv.sys
File kernel read failed: C:\WINDOWS\system32\drivers\drmk.sys
File kernel read failed: C:\WINDOWS\system32\drivers\iKeyLFT2.dll
File kernel read failed: C:\WINDOWS\system32\drivers\ndistapi.sys
File kernel read failed: C:\WINDOWS\system32\drivers\nv4_mini.sys
File kernel read failed: C:\WINDOWS\system32\drivers\nvhda32.sys
File kernel read failed: C:\WINDOWS\system32\drivers\LVFaL100.cfg
File kernel read failed: C:\WINDOWS\system32\drivers\LVFeL100.cfg
File kernel read failed: C:\WINDOWS\system32\drivers\LVFeL101.cfg
File kernel read failed: C:\WINDOWS\system32\drivers\LVFeL102.cfg
File kernel read failed: C:\WINDOWS\system32\drivers\LVPr2Mon.sys
File kernel read failed: C:\WINDOWS\system32\drivers\mbam.sys
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: FBB65D35

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 976768065
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 500106780160 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-976751055-976771055)...
Done!
Performing system, memory and registry scan...
Read File: File "c:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\brndlog.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\hpzinstall.log" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\avg9\Cfg\updateall.cfg" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\avg9\scanlogs\srm.idx" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\DVD Shrink\Analysis Results.e5f0eb47" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Nero\Nero Container\f1.bin" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Nero\Nero Container\f2.bin" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Nero\Nero Container\f5.bin" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\dd.lic" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\ThirdPartyPay.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\PC Suite\Settings\PCCSConfig.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\PMB Files\pando.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\InterAction studios\CI3\CI3.pro.P24914a96" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\InterAction studios\CI3\CI3.pro.Pa7f9312e" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Lavasoft\MiniMessage\1" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft\FSX\SceneryStatus.BIN" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\{67B8BA57-0EA0-486A-A317-D058394D8DE3}\instance.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\{67B8BA57-0EA0-486A-A317-D058394D8DE3}\setup.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\Hx.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\Hx_3081_MValidator.Lck" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.EXCEL.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.EXCEL.12.1033_3081_MValidator.Lck" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.EXCEL.DEV.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.GRAPH.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.GROOVE.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.INFOPATH.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.INFOPATHEDITOR.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSACCESS.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSACCESS.12.1033_3081_MValidator.Lck" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSE.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSPUB.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSPUB.DEV.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSTORE.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.OIS.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.ONENOTE.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.OUTLOOK.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.OUTLOOK.DEV.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.POWERPNT.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.POWERPNT.12.1033_3081_MValidator.Lck" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.POWERPNT.DEV.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.RIBBON.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.SETLANG.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.WINWORD.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.WINWORD.12.1033_3081_MValidator.Lck" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.WINWORD.DEV.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSACCESS.DEV.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\brndlog.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Ahead\NeroVision\Direct3D.log" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Ahead\NeroVision\nve-am.bin" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Ahead\NeroVision\nve-mtmpl.bin" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Apple Computer\Preferences\iTunes.exe.plist" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\DivX\DivX Player\DownloadQueue.dlq" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\DNA\dna.lng" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\DNA\rss.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Elluminate\ExTRA.properties" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\EndNote\crcx3.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\EndNote\ENDBCookies.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\EndNote\ENDefaultFilter.enf" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\ICAClient\UISTATE.INI" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\ICAClient\wfcwin32.log" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Macromedia\Authorware Web Player\AWSHKWV.INI" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Media Player\00035C79.wpl" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\CLView\Toolbars.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Office\CLView12.pip" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Office\MSO1031.acl" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Office\MSO1032.acl" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Office\MSO2057.acl" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Office\OrgDB12.pip" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Office\VB12.pip" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\UProof\ExcludeDictionaryEN0809.lex" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Nokia\ContentCopier\Settings_CC4.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Nokia\GetConnectedWizard\Settings.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Nokia\Music Manager\Settings.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Nseries\GetConnectedWizard\Settings.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Real\RealMediaSDK\c0a80000.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Real\RealMediaSDK\c0a80100.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\RipIt4Me\DebugLog.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Uniblue\Registry Booster2\ignorelist.dat" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.txt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\pscript.sep" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\desktop.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\dsound.vxd" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\login.cmd" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\perfwci.h" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\View Channels.scf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\cmos.ram" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\prodspec.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\spupdwxp.log" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\BAOCH06A.DAT" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\pcl.sep" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\perfci.h" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\perffilt.h" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\BRLMW03A.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\nvModes.dat" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\l_except.nls" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\drivers\etc\networks" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\oobe\migip.dun" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\oobe\migrate.isp" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\oobe\msobe.isp" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\oobe\obeip.dun" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\oobe\oobeinfo.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\oobe\reg.isp" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\wbem\wmiclivalueformat.xsl" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\webct_upload_applet.properties" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\vb.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\webica.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\ipixActivex.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\explorer.scf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\vbaddin.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Downloaded Program Files\MsnPUpld.inf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Downloaded Program Files\NvidiaSmartScan.inf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Downloaded Program Files\swflash.inf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Downloaded Program Files\wuweb.inf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Downloaded Program Files\ImageUploader4.inf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\ciadmin.htm" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\conf.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\connect.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\winhlp32.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\mshearts.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\msnauth.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\nocontnt.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\ratings.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\update.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\windows.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\cons5cWebUpdate2dWin2k.ico0.ico" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\installutil.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\regsvcs.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\regsvcs.exe.rtm.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet.mof.uninstall" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\caspol.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cvtres.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ieexec.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\jsc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\l_except.nlp" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\XPThemes.manifest" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\regasm.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\regsvcs.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\SetupENU1.txt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\SetupENU2.txt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ASP.NETClientFiles\SmartNav.htm" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\_dataperfcounters_shared12_neutral.h" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_regsql.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\caspol.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet.mof.uninstall" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\_DataOracleClientPerfCounters_shared12_neutral.h" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ieexec.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regasm.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\XPThemes.manifest" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\webAdminNoNavBar.master" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Web\bullet.gif" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Administrator\Local Settings\History\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Administrator\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Local Settings\History\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\NetworkService\Local Settings\History\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Local Settings\Application Data\ApplicationHistory\MSIBD.tmp.71e56c5c.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe\Updater5\acrobatPI.log" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe\Updater5\AdobeUpdaterPrefs.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Portable Devices\wpdlog00.sqm" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Portable Devices\wpdlog01.sqm" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Portable Devices\wpdlog02.sqm" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Portable Devices\wpdlog03.sqm" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Portable Devices\wpdlog04.sqm" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Local Settings\Application Data\ApplicationHistory\MSIBD.tmp.71e56c5c.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows Live Mail\oeold.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows Live Mail\sqmnoopt00.sqm" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Local Settings\Application Data\Nokia\MPlatform\TranscodeQueue.sav" is compressed (flags = 1)
Read File: File "c:\WINDOWS\$NtUninstallKB968930$\about_globbing.help.txt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\$NtUninstallKB915865$\update.ver" is compressed (flags = 1)
Read File: File "c:\WINDOWS\$NtUninstallKB915865$\updatebr.inf" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\backups\backup-20091113-191213-244" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\backups\backup-20091113-191213-609" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\backups\backup-20091113-191213-995" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\backups\backup-20091113-194345-429" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\WORD documents\~$mester 1 timetable third year.docx" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\Old Desktop Stuff\9 molluscs notes 2007.url" is compressed (flags = 1)
Read File: File "c:\documents and settings\owner\desktop\desktop\word & excel & powerpoint & everythin else\old desktop stuff\relativeresourcemanager;jsessionid=hdnnshbqrstp87qdxnchlf2hzdny7194cffhpdhm7pgvmnttvrrg!-2126166584!zaurak-5.its.deakin.edu.au!80!-1!1914973217!zaurak-6.its.deakin.edu.pdf" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\Old Desktop Stuff\My Computer.lnk" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\Old Desktop Stuff\WaterDance3.asx" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\GooglePacman\Read Me.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\keygen\file_id.diz" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\SecurityCheck\starttime.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\SecurityCheck\endtime.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\Logs files\avg installation error.txt" is compressed (flags = 1)
Done!
Scan finished
=======================================

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.666000 GHz
Memory total: 2145824768, free: 1594880000

=======================================

 

 

 

 

 

 

Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.05.15.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: HOME-L1GY43MFQ0 [administrator]

16/05/2013 2:40:44 AM
mbar-log-2013-05-16 (02-40-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29917
Time elapsed: 1 hour(s), 39 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

 

 

 

 

 

 

 

 

# AdwCleaner v2.300 - Logfile created 05/16/2013 at 03:47:44
# Updated 28/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - HOME-L1GY43MFQ0
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\0IWP88YF\adwcleaner[1].exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\r9qoei9j.default\searchplugins\safesearch.xml
Folder Deleted : C:\Documents and Settings\All Users\Application Data\InstallMate
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Premium
Folder Deleted : C:\Documents and Settings\Owner\Application Data\OpenCandy
Folder Deleted : C:\Documents and Settings\Owner\Application Data\PriceGong
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\Ilivid Player
Folder Deleted : C:\Program Files\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3201318
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\TENCENT

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.searchmainia.info/?unqvl=15 --> hxxp://www.google.com

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\r9qoei9j.default\prefs.js

Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Deleted : user_pref("aol_toolbar.default.search.check", false);
Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.searchmainia.info/?unqvl=15&l=1&q=");
Deleted : user_pref("browser.search.order.1", "WebSearch");
Deleted : user_pref("browser.search.order.1,S", "WebSearch");
Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
Deleted : user_pref("extensions.508663b517f0a.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Deleted : user_pref("keyword.URL", "hxxp://websearch.searchmainia.info/?unqvl=15&l=1&q=");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

*************************

AdwCleaner[R1].txt - [6611 octets] - [16/05/2013 03:42:30]
AdwCleaner[S1].txt - [6001 octets] - [16/05/2013 03:47:44]

########## EOF - C:\AdwCleaner[S1].txt - [6061 octets] ##########

 

 

 

 

 

 

 

and eset found this one

 

C:\Documents and Settings\Owner\Desktop\Installation files\YouTubeDownloaderSetup33.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined



#5 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 13,496 posts

Posted 08 June 2013 - 09:17 AM

Sorry, I missed your reply

Go to STart > Control Panel > Add or Remove Programs, and if you see any entry for AVG, uninstall it.

If that doesn't work, download this manual uninstaller from AVG, save it to your Desktop, and double-click on it to run it:
http://download.avg...._Remover_en.exe
 

 

Please download Junkware Removal Tool to your Desktop.

  • Disconnect from the Internet (unplug your connection to your router or modem).
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Restart your security software and reconnect to the Internet.
  • Please post the contents of JRT.txt into your reply.

 

 

Download the Sophos Virus Removal Tool and save it to your desktop:

  • Be sure to view the 3 short How-to videos on that page.
  • Double-click Sophos Virus Removal Tool.exe. The installation files will extract and the installer will automatically run.
  • Follow the prompts to accept the license agreement, and accept the default location.
  • A message will appear "InstallShield Wizard Completed".
  • Click 'Finish' to start the program.
  • After it updates and a "Start Scanning" button appears in the lower right:
    • Disconnect from the Internet or physically unplug you Internet cable connection.
    • Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.
    • Temporarily disable your anti-virus and real-time anti-spyware protection.
  • Click the "Start Scanning" button in the lower right to start the scan.
  • After starting the scan, do not use the computer until the scan has completed.
  • When finished, if it detected anything there will be a "Start Clean-up" button, click it and allow it to finish.
  • When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.
  • A log will be in the following location:
  • Vista and above: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log
    --for 64-bit C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log
  • 2000/XP/Server 2003: C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log
  • Please post the log in your next reply.

 

Please re-run Security Check and post a new log.

 

Please post the logs from Junkware Removal Tool (JRT.txt), the Sophos Virus Removal Tool, the new log from Security Check, and note any errors encountered.

How is the system running now?


Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#6 greatserpent

greatserpent

    Advanced Member

  • Full Member
  • PipPipPip
  • 106 posts

Posted 11 June 2013 - 01:26 AM

hey its okay

 

heres the logs

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Microsoft Windows XP x86
Ran by Owner on Tue 11/06/2013 at 14:58:32.46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\wxdownload"
Successfully deleted: [Folder] "C:\Documents and Settings\Owner\Application Data\registry mechanic"
Successfully deleted: [Folder] "C:\Program Files\registry mechanic"
Successfully deleted: [Folder] "C:\Program Files\SimpleSpeedy"



~~~ FireFox

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\safesearch.xml"
Successfully deleted: [File] C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\r9qoei9j.default\searchplugins\safesearch.xml
Successfully deleted: [Folder] C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\r9qoei9j.default\extensions\508663b517e59@508663b517e92.com
Emptied folder: C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\r9qoei9j.default\minidumps [4 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 11/06/2013 at 15:02:18.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

 

 

2013-06-11 15:06:28    Sophos Virus Removal Tool version 2.3
2013-06-11 15:06:28    Copyright © 2009-2012 Sophos Limited. All rights reserved.

2013-06-11 15:06:28    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2013-06-11 15:06:28    Windows version 5.1 SP 3.0 Service Pack 3 build 2600 SM=0x100 PT=0x1 Win32
2013-06-11 15:06:28    Checking for updates...
2013-06-11 15:06:40    Option all = no
2013-06-11 15:06:40    Option recurse = yes
2013-06-11 15:06:40    Option archive = no
2013-06-11 15:06:40    Option service = yes
2013-06-11 15:06:40    Option confirm = yes
2013-06-11 15:06:40    Option sxl = yes
2013-06-11 15:06:40    Option max-data-age = 35
2013-06-11 15:06:40    Component SVRTcli.exe version 2.3
2013-06-11 15:06:40    Component control.dll version 2.3
2013-06-11 15:06:40    Component SVRTservice.exe version 2.3
2013-06-11 15:06:40    Component engine\osdp.dll version 1.44.0.2080
2013-06-11 15:06:40    Component engine\veex.dll version 3.43.0.2080
2013-06-11 15:06:40    Component engine\savi.dll version 7.5.11.2080
2013-06-11 15:06:40    Component rkdisk.dll version 1.5.30.0
2013-06-11 15:06:40    Version info:    Product version    2.3
2013-06-11 15:06:40    Version info:    Detection engine    3.43.0
2013-06-11 15:06:40    Version info:    Detection data    4.89
2013-06-11 15:06:40    Version info:    Build date    5/8/2013
2013-06-11 15:06:40    Version info:    Data files added    442
2013-06-11 15:06:40    Version info:    Last successful update    (not yet updated)
2013-06-11 15:06:57    Update progress: proxy server not available
2013-06-11 15:08:24    Downloading updates...
2013-06-11 15:08:24    Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0
2013-06-11 15:08:24    Update progress: [I49502] Found supplement SAVIW32 LATEST 4
2013-06-11 15:08:24    Update progress: [I49502] Found supplement IDE490 LATEST
2013-06-11 15:08:24    Update progress: [I49502] Found supplement IDE491 LATEST
2013-06-11 15:08:24    Update progress: [I49502] Found supplement IDE492 LATEST
2013-06-11 15:08:24    Update progress: [I49502] Found supplement IDE493 LATEST
2013-06-11 15:08:24    Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2013-06-11 15:08:24    Update progress: [I19463] Syncing product SAVIW32 27
2013-06-11 15:08:33    Update progress: [I19463] Syncing product IDE490 182
2013-06-11 15:08:35    Installing updates...
2013-06-11 15:08:36    Update progress: [I19463] Syncing product IDE491 181
2013-06-11 15:08:36    Update progress: [I19463] Syncing product IDE492 85
2013-06-11 15:08:36    Update progress: [I19463] Syncing product IDE493 1
2013-06-11 15:08:52    Update successful
2013-06-11 15:09:00    Option all = no
2013-06-11 15:09:00    Option recurse = yes
2013-06-11 15:09:00    Option archive = no
2013-06-11 15:09:00    Option service = yes
2013-06-11 15:09:00    Option confirm = yes
2013-06-11 15:09:00    Option sxl = yes
2013-06-11 15:09:00    Option max-data-age = 35
2013-06-11 15:09:00    Component SVRTcli.exe version 2.3
2013-06-11 15:09:00    Component control.dll version 2.3
2013-06-11 15:09:00    Component SVRTservice.exe version 2.3
2013-06-11 15:09:00    Component engine\osdp.dll version 1.44.0.2080
2013-06-11 15:09:00    Component engine\veex.dll version 3.43.0.2080
2013-06-11 15:09:00    Component engine\savi.dll version 7.5.11.2080
2013-06-11 15:09:00    Component rkdisk.dll version 1.5.30.0
2013-06-11 15:09:00    Version info:    Product version    2.3
2013-06-11 15:09:00    Version info:    Detection engine    3.43.0
2013-06-11 15:09:00    Version info:    Detection data    4.89G
2013-06-11 15:09:00    Version info:    Build date    5/8/2013
2013-06-11 15:09:00    Version info:    Data files added    442
2013-06-11 15:09:00    Version info:    Last successful update    6/11/2013 3:08:52 PM

2013-06-11 15:09:57    Couldn't apply option 'SXLLiveProtection' to the detection engine.
2013-06-11 15:23:24    Could not open C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\CmnClnt\_lck\_AVPAPP_{BB639333-810A-4bf8-85F5-C537857F55FC}0
2013-06-11 15:23:24    Could not open C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\CmnClnt\_lck\_ISDATAPR_{E8EFD4CD-DE52-4444-9511-EFF3B158724B}0
2013-06-11 15:23:24    Could not open C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\CmnClnt\_lck\_ISDATAPR_{FF9AC67A-E394-46ae-B150-B3365343F166}G
2013-06-11 15:23:24    Could not open C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\CmnClnt\_lck\_RDRPluginG
2013-06-11 15:23:24    Could not open C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\CmnClnt\_lck\_SNDPluginG
2013-06-11 15:23:24    Could not open C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\CmnClnt\_lck\_SvcMgr-A2B50D70-5EA1-45a0-A983-0DB9E7101676G
2013-06-11 15:23:24    Could not open C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\CmnClnt\_lck\_{4E9CB39A-5F78-4887-A3D6-2790DE9DDE11}0

2013-06-11 16:16:14    Scan completed.
2013-06-11 16:16:14    

------------------------------------------------------------
 

 

i can't run the securitycheck...it says

UNSUPPORTED OPERATING SYSTEM! ABORTED!

 

system seems to run okay now i mean if you can't spot anything then i think its okay


Edited by greatserpent, 11 June 2013 - 01:27 AM.


#7 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 13,496 posts

Posted 11 June 2013 - 11:29 PM

i can't run the securitycheck...it says

UNSUPPORTED OPERATING SYSTEM! ABORTED!

 

That shouldn't happen.

Please delete your current copy SecurityCheck.exe.

Download a new copy of Security Check by screen317 from here or here.
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#8 greatserpent

greatserpent

    Advanced Member

  • Full Member
  • PipPipPip
  • 106 posts

Posted 12 June 2013 - 05:16 AM

hey yep it worked

 

 Results of screen317's Security Check version 0.99.64 
 Windows XP Service Pack 3 x86  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled! 
Norton Internet Security  
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Out of date HijackThis  installed!
 SpywareBlaster 5.0   
 SUPERAntiSpyware    
 Secunia PSI (3.0.0.6001)  
 Malwarebytes Anti-Malware version 1.75.0.1300 
 HijackThis 2.0.2   
 CCleaner    
 Java 7 Update 21 
 Adobe Flash Player  11.7.700.224 
 Adobe Reader 8 
 Adobe Reader XI 
 Mozilla Firefox (21.0)
````````Process Check: objlist.exe by Laurent```````` 
 Norton ccSvcHst.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 6%
````````````````````End of Log``````````````````````



#9 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 13,496 posts

Posted 12 June 2013 - 06:18 AM

tdss killer found some stuff too but i don't know if its malicious.


Since you ran TDDS Killer, but didn't know how to interpret the log, let's go ahead and check that, but with a new copy.

Delete your current copy of tdsskiller.exe.

 

Please download tdsskiller.exe and save it to your Desktop. Go here for information.

  • Right-click on TDSSKiller.exe and select "Run as administrator".
  • Choose "Change Parameters"
    • Check "Detect TDLFS file system"
    • Hit OK
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
  • If a suspicious file is detected, the default action will be Skip, click on Continue
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.
  • Please post the log from TDSSkiller.log in your next reply. Please check to see if anything was cut off by the maximum post length, and if it was, look for where it was cut off and post the remainder. It may take multiple replies to post the entire log.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#10 greatserpent

greatserpent

    Advanced Member

  • Full Member
  • PipPipPip
  • 106 posts

Posted 13 June 2013 - 04:42 AM

-double post deleted-


Edited by greatserpent, 13 June 2013 - 04:51 AM.


#11 greatserpent

greatserpent

    Advanced Member

  • Full Member
  • PipPipPip
  • 106 posts

Posted 13 June 2013 - 04:42 AM

okay it found no threats but if i clicked verify file digital signatures it found a few unsigned files. "loaded modules" was not checked either btw.

 

18:53:47.0031 3860 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

18:53:48.0921 3860 ============================================================

18:53:48.0921 3860 Current date / time: 2013/06/13 18:53:48.0921

18:53:48.0921 3860 SystemInfo:

18:53:48.0921 3860

18:53:48.0921 3860 OS Version: 5.1.2600 ServicePack: 3.0

18:53:48.0921 3860 Product type: Workstation

18:53:48.0921 3860 ComputerName: HOME-L1GY43MFQ0

18:53:48.0921 3860 UserName: Owner

18:53:48.0921 3860 Windows directory: C:\WINDOWS

18:53:48.0921 3860 System windows directory: C:\WINDOWS

18:53:48.0921 3860 Processor architecture: Intel x86

18:53:48.0921 3860 Number of processors: 2

18:53:48.0921 3860 Page size: 0x1000

18:53:48.0921 3860 Boot type: Normal boot

18:53:48.0921 3860 ============================================================

18:53:51.0656 3860 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xEC93A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000054

18:53:51.0656 3860 ============================================================

18:53:51.0656 3860 \Device\Harddisk0\DR0:

18:53:51.0656 3860 MBR partitions:

18:53:51.0656 3860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C41

18:53:51.0656 3860 ============================================================

18:53:51.0703 3860 C: <-> \Device\Harddisk0\DR0\Partition1

18:53:51.0796 3860 ============================================================

18:53:51.0796 3860 Initialize success

18:53:51.0796 3860 ============================================================

18:54:19.0843 3560 ============================================================

18:54:19.0843 3560 Scan started

18:54:19.0843 3560 Mode: Manual; TDLFS;

18:54:19.0843 3560 ============================================================

18:54:20.0343 3560 ================ Scan system memory ========================

18:54:20.0343 3560 System memory - ok

18:54:20.0343 3560 ================ Scan services =============================

18:54:20.0468 3560 [ 44C85670246E4183650EF0E664346DDC ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

18:54:20.0484 3560 !SASCORE - ok

18:54:20.0609 3560 Abiosdsk - ok

18:54:20.0609 3560 abp480n5 - ok

18:54:20.0656 3560 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:54:20.0671 3560 ACPI - ok

18:54:20.0718 3560 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

18:54:20.0750 3560 ACPIEC - ok

18:54:20.0828 3560 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

18:54:20.0843 3560 AdobeFlashPlayerUpdateSvc - ok

18:54:20.0843 3560 adpu160m - ok

18:54:20.0875 3560 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

18:54:20.0875 3560 aec - ok

18:54:20.0921 3560 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

18:54:20.0937 3560 AFD - ok

18:54:20.0984 3560 [ 0EBB674888CBDEFD5773341C16DD6A07 ] AFS2K C:\WINDOWS\system32\drivers\AFS2K.sys

18:54:21.0000 3560 AFS2K - ok

18:54:21.0000 3560 Aha154x - ok

18:54:21.0015 3560 aic78u2 - ok

18:54:21.0015 3560 aic78xx - ok

18:54:21.0062 3560 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

18:54:21.0062 3560 Alerter - ok

18:54:21.0078 3560 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

18:54:21.0078 3560 ALG - ok

18:54:21.0093 3560 AliIde - ok

18:54:21.0156 3560 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys

18:54:21.0187 3560 Ambfilt - ok

18:54:21.0187 3560 amsint - ok

18:54:21.0296 3560 [ 0BF848F3CDD883843769A9070F55A023 ] apf001 C:\Game\SoftnyxGame\GunBoundIS\apf001.sys

18:54:21.0312 3560 apf001 - ok

18:54:21.0421 3560 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

18:54:21.0437 3560 Apple Mobile Device - ok

18:54:21.0500 3560 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll

18:54:21.0500 3560 AppMgmt - ok

18:54:21.0500 3560 asc - ok

18:54:21.0500 3560 asc3350p - ok

18:54:21.0500 3560 asc3550 - ok

18:54:21.0546 3560 [ B979979AB8027F7F53FB16EC4229B7DB ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys

18:54:21.0546 3560 Aspi32 - ok

18:54:21.0687 3560 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

18:54:21.0734 3560 aspnet_state - ok

18:54:21.0781 3560 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:54:21.0781 3560 AsyncMac - ok

18:54:21.0796 3560 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

18:54:21.0796 3560 atapi - ok

18:54:21.0812 3560 Atdisk - ok

18:54:21.0828 3560 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:54:21.0828 3560 Atmarpc - ok

18:54:21.0890 3560 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

18:54:21.0890 3560 AudioSrv - ok

18:54:21.0953 3560 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

18:54:21.0953 3560 audstub - ok

18:54:22.0015 3560 [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt C:\WINDOWS\System32\Drivers\BANTExt.sys

18:54:22.0015 3560 BANTExt - ok

18:54:22.0031 3560 [ 1B9C81AB9A456EABD9F8335F04B5F495 ] basic2 C:\WINDOWS\system32\DRIVERS\HSF_BSC2.sys

18:54:22.0031 3560 basic2 - ok

18:54:22.0078 3560 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

18:54:22.0078 3560 Beep - ok

18:54:22.0250 3560 [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\BASHDefs\20130531.001\BHDrvx86.sys

18:54:22.0250 3560 BHDrvx86 - ok

18:54:22.0312 3560 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

18:54:22.0578 3560 BITS - ok

18:54:22.0687 3560 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

18:54:22.0703 3560 Bonjour Service - ok

18:54:22.0750 3560 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll

18:54:22.0765 3560 Browser - ok

18:54:22.0828 3560 [ 2FE6D5BE0629F706197B30C0AA05DE30 ] BrPar C:\WINDOWS\System32\drivers\BrPar.sys

18:54:22.0828 3560 BrPar - ok

18:54:23.0171 3560 catchme - ok

18:54:23.0296 3560 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

18:54:23.0296 3560 cbidf2k - ok

18:54:23.0421 3560 [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe

18:54:23.0421 3560 CCALib8 - ok

18:54:23.0484 3560 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

18:54:23.0500 3560 CCDECODE - ok

18:54:23.0640 3560 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_NIS C:\WINDOWS\system32\drivers\NIS\1403010.016\ccSetx86.sys

18:54:23.0656 3560 ccSet_NIS - ok

18:54:23.0671 3560 cd20xrnt - ok

18:54:23.0718 3560 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

18:54:23.0718 3560 Cdaudio - ok

18:54:23.0765 3560 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

18:54:23.0781 3560 Cdfs - ok

18:54:23.0812 3560 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:54:23.0859 3560 Cdrom - ok

18:54:23.0859 3560 Changer - ok

18:54:23.0906 3560 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

18:54:23.0921 3560 CiSvc - ok

18:54:23.0953 3560 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

18:54:23.0968 3560 ClipSrv - ok

18:54:24.0109 3560 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:54:24.0187 3560 clr_optimization_v2.0.50727_32 - ok

18:54:24.0234 3560 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:54:24.0250 3560 clr_optimization_v4.0.30319_32 - ok

18:54:24.0250 3560 CmdIde - ok

18:54:24.0265 3560 COMSysApp - ok

18:54:24.0265 3560 Cpqarray - ok

18:54:24.0312 3560 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

18:54:24.0312 3560 CryptSvc - ok

18:54:24.0312 3560 dac2w2k - ok

18:54:24.0328 3560 dac960nt - ok

18:54:24.0375 3560 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

18:54:24.0375 3560 DcomLaunch - ok

18:54:24.0437 3560 [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys

18:54:24.0500 3560 dgderdrv - ok

18:54:24.0531 3560 [ AEB179B855161EC9C88172ABC75AD0EF ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys

18:54:24.0562 3560 dg_ssudbus - ok

18:54:24.0625 3560 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

18:54:24.0625 3560 Dhcp - ok

18:54:24.0640 3560 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

18:54:24.0656 3560 Disk - ok

18:54:24.0656 3560 dmadmin - ok

18:54:24.0687 3560 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

18:54:24.0687 3560 dmboot - ok

18:54:24.0718 3560 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

18:54:24.0718 3560 dmio - ok

18:54:24.0750 3560 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

18:54:24.0781 3560 dmload - ok

18:54:24.0828 3560 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

18:54:24.0828 3560 dmserver - ok

18:54:24.0875 3560 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

18:54:24.0875 3560 DMusic - ok

18:54:24.0921 3560 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

18:54:24.0921 3560 Dnscache - ok

18:54:24.0968 3560 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

18:54:25.0000 3560 Dot3svc - ok

18:54:25.0000 3560 dpti2o - ok

18:54:25.0046 3560 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

18:54:25.0046 3560 drmkaud - ok

18:54:25.0062 3560 EagleNT - ok

18:54:25.0078 3560 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

18:54:25.0078 3560 EapHost - ok

18:54:25.0250 3560 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

18:54:25.0265 3560 eeCtrl - ok

18:54:25.0281 3560 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

18:54:25.0281 3560 EraserUtilRebootDrv - ok

18:54:25.0312 3560 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

18:54:25.0312 3560 ERSvc - ok

18:54:25.0359 3560 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

18:54:25.0390 3560 Eventlog - ok

18:54:25.0406 3560 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll

18:54:25.0406 3560 EventSystem - ok

18:54:25.0437 3560 [ C823DEBE2548656549F84A875D65237B ] Fallback C:\WINDOWS\system32\DRIVERS\HSF_FALL.sys

18:54:25.0453 3560 Fallback - ok

18:54:25.0515 3560 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

18:54:25.0515 3560 Fastfat - ok

18:54:25.0562 3560 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

18:54:25.0578 3560 FastUserSwitchingCompatibility - ok

18:54:25.0578 3560 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys

18:54:25.0578 3560 Fdc - ok

18:54:25.0625 3560 [ A75DDC492D2D1D6558AD8003A4ADB73A ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys

18:54:25.0625 3560 FilterService - ok

18:54:25.0671 3560 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

18:54:25.0671 3560 Fips - ok

18:54:25.0718 3560 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys

18:54:25.0718 3560 Flpydisk - ok

18:54:25.0765 3560 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

18:54:25.0796 3560 FltMgr - ok

18:54:25.0890 3560 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

18:54:25.0906 3560 FontCache3.0.0.0 - ok

18:54:25.0906 3560 [ 6483414841D4CAB6C3B4DB2AC6EDD70B ] Fsks C:\WINDOWS\system32\DRIVERS\HSF_FSKS.sys

18:54:25.0906 3560 Fsks - ok

18:54:25.0937 3560 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:54:25.0953 3560 Fs_Rec - ok

18:54:26.0000 3560 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:54:26.0000 3560 Ftdisk - ok

18:54:26.0140 3560 [ 2973B4EB7BE10A0D491B2037DCAAE88F ] Garmin Core Update Service C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

18:54:26.0265 3560 Garmin Core Update Service - ok

18:54:26.0328 3560 [ 54789F9BA0D59072CDD4E7C200E122C4 ] gdrv C:\WINDOWS\gdrv.sys

18:54:26.0343 3560 gdrv - ok

18:54:26.0406 3560 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

18:54:26.0406 3560 GEARAspiWDM - ok

18:54:26.0468 3560 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:54:26.0531 3560 Gpc - ok

18:54:26.0734 3560 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

18:54:26.0843 3560 gusvc - ok

18:54:26.0890 3560 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

18:54:26.0890 3560 HDAudBus - ok

18:54:26.0968 3560 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

18:54:26.0968 3560 helpsvc - ok

18:54:27.0000 3560 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll

18:54:27.0000 3560 HidServ - ok

18:54:27.0062 3560 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys

18:54:27.0093 3560 HidUsb - ok

18:54:27.0156 3560 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

18:54:27.0171 3560 hkmsvc - ok

18:54:27.0171 3560 hpn - ok

18:54:27.0218 3560 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys

18:54:27.0218 3560 HPZid412 - ok

18:54:27.0250 3560 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

18:54:27.0250 3560 HPZipr12 - ok

18:54:27.0250 3560 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys

18:54:27.0250 3560 HPZius12 - ok

18:54:27.0281 3560 [ 6312DC46356DF3974E88AA51B69360DC ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys

18:54:27.0281 3560 HSFHWBS2 - ok

18:54:27.0359 3560 [ EBB354438A4C5A3327FB97306260714A ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys

18:54:27.0359 3560 HSF_DP - ok

18:54:27.0406 3560 [ DAAB917EEC9849840A13353198D48CC5 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys

18:54:27.0406 3560 HSF_DPV - ok

18:54:27.0437 3560 [ 74E379857D4C0DFB56DE2D19B8F4C434 ] hsf_msft C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys

18:54:27.0453 3560 hsf_msft - ok

18:54:27.0500 3560 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

18:54:27.0500 3560 HTTP - ok

18:54:27.0531 3560 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

18:54:27.0531 3560 HTTPFilter - ok

18:54:27.0546 3560 i2omgmt - ok

18:54:27.0546 3560 i2omp - ok

18:54:27.0593 3560 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

18:54:27.0593 3560 i8042prt - ok

18:54:27.0687 3560 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

18:54:27.0703 3560 IDriverT - ok

18:54:27.0781 3560 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

18:54:27.0796 3560 idsvc - ok

18:54:27.0984 3560 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\IPSDefs\20130612.001\IDSxpx86.sys

18:54:27.0984 3560 IDSxpx86 - ok

18:54:28.0031 3560 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

18:54:28.0031 3560 Imapi - ok

18:54:28.0078 3560 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe

18:54:28.0078 3560 ImapiService - ok

18:54:28.0125 3560 [ 1DA147ACB525A4822228BE06154C7CBB ] InCDfs C:\WINDOWS\system32\drivers\InCDFs.sys

18:54:28.0125 3560 InCDfs - ok

18:54:28.0125 3560 [ 2EC469A401AE6FE7A67D80EFFD3091B1 ] InCDPass C:\WINDOWS\system32\drivers\InCDPass.sys

18:54:28.0125 3560 InCDPass - ok

18:54:28.0140 3560 [ 544498D06B8CA187A5960B4F3B4BD63E ] InCDRec C:\WINDOWS\system32\drivers\InCDRec.sys

18:54:28.0140 3560 InCDRec - ok

18:54:28.0156 3560 [ 2863A00B0F64D937F0CD9561C53B5A37 ] incdrm C:\WINDOWS\system32\drivers\InCDRm.sys

18:54:28.0156 3560 incdrm - ok

18:54:28.0281 3560 [ CA32EA0F5FC2A36CA44AD7238F18C248 ] InCDsrv C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe

18:54:28.0281 3560 InCDsrv - ok

18:54:28.0296 3560 ini910u - ok

18:54:28.0437 3560 [ 319A38A3F786153FFF2A84A48FEB09B1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

18:54:28.0453 3560 IntcAzAudAddService - ok

18:54:28.0468 3560 IntelIde - ok

18:54:28.0515 3560 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

18:54:28.0515 3560 intelppm - ok

18:54:28.0546 3560 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys

18:54:28.0546 3560 ip6fw - ok

18:54:28.0562 3560 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:54:28.0562 3560 IpFilterDriver - ok

18:54:28.0578 3560 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:54:28.0578 3560 IpInIp - ok

18:54:28.0609 3560 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:54:28.0609 3560 IpNat - ok

18:54:28.0703 3560 [ FE56897B27ED266F9C4E7D90A0B5DA47 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

18:54:28.0703 3560 iPod Service - ok

18:54:28.0750 3560 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:54:28.0750 3560 IPSec - ok

18:54:28.0796 3560 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

18:54:28.0796 3560 IRENUM - ok

18:54:28.0828 3560 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:54:28.0828 3560 isapnp - ok

18:54:28.0953 3560 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe

18:54:28.0953 3560 JavaQuickStarterService - ok

18:54:28.0968 3560 [ 9C5E3FDBFCC30CF71A49CA178B9AD442 ] K56 C:\WINDOWS\system32\DRIVERS\HSF_K56K.sys

18:54:28.0968 3560 K56 - ok

18:54:28.0984 3560 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:54:28.0984 3560 Kbdclass - ok

18:54:29.0046 3560 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys

18:54:29.0046 3560 kbdhid - ok

18:54:29.0109 3560 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

18:54:29.0109 3560 kmixer - ok

18:54:29.0156 3560 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

18:54:29.0156 3560 KSecDD - ok

18:54:29.0187 3560 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

18:54:29.0187 3560 lanmanserver - ok

18:54:29.0234 3560 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

18:54:29.0250 3560 lanmanworkstation - ok

18:54:29.0265 3560 Lbd - ok

18:54:29.0265 3560 lbrtfdc - ok

18:54:29.0296 3560 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

18:54:29.0296 3560 LmHosts - ok

18:54:29.0375 3560 [ E1158B0CB852DB0573922C92E6E564DE ] lvpopflt C:\WINDOWS\system32\DRIVERS\lvpopflt.sys

18:54:29.0390 3560 lvpopflt - ok

18:54:29.0421 3560 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\WINDOWS\system32\Drivers\LVPr2Mon.sys

18:54:29.0421 3560 LVPr2Mon - ok

18:54:29.0484 3560 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys

18:54:29.0484 3560 LVRS - ok

18:54:29.0531 3560 [ 5F987FC1AAD215EC2C60CF07719B1CCE ] LVUSBSta C:\WINDOWS\system32\drivers\LVUSBSta.sys

18:54:29.0531 3560 LVUSBSta - ok

18:54:29.0625 3560 [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys

18:54:29.0687 3560 LVUVC - ok

18:54:29.0750 3560 [ 290FB01F7F51EFF0960599404A09F8D6 ] mbmiodrvr C:\WINDOWS\system32\mbmiodrvr.sys

18:54:29.0750 3560 mbmiodrvr - ok

18:54:29.0812 3560 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

18:54:29.0812 3560 mdmxsdk - ok

18:54:29.0875 3560 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll

18:54:29.0921 3560 Messenger - ok

18:54:30.0140 3560 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe

18:54:30.0140 3560 Microsoft Office Groove Audit Service - ok

18:54:30.0187 3560 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

18:54:30.0187 3560 mnmdd - ok

18:54:30.0234 3560 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe

18:54:30.0234 3560 mnmsrvc - ok

18:54:30.0265 3560 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys

18:54:30.0265 3560 Modem - ok

18:54:30.0296 3560 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys

18:54:30.0296 3560 MODEMCSA - ok

18:54:30.0359 3560 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys

18:54:30.0375 3560 Monfilt - ok

18:54:30.0390 3560 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:54:30.0390 3560 Mouclass - ok

18:54:30.0453 3560 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

18:54:30.0453 3560 mouhid - ok

18:54:30.0515 3560 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

18:54:30.0515 3560 MountMgr - ok

18:54:30.0578 3560 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

18:54:30.0578 3560 MozillaMaintenance - ok

18:54:30.0578 3560 mraid35x - ok

18:54:30.0578 3560 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:54:30.0593 3560 MRxDAV - ok

18:54:30.0640 3560 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:54:30.0640 3560 MRxSmb - ok

18:54:30.0687 3560 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe

18:54:30.0687 3560 MSDTC - ok

18:54:30.0703 3560 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

18:54:30.0703 3560 Msfs - ok

18:54:30.0703 3560 MSIServer - ok

18:54:30.0718 3560 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:54:30.0718 3560 MSKSSRV - ok

18:54:30.0750 3560 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:54:30.0750 3560 MSPCLOCK - ok

18:54:30.0750 3560 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

18:54:30.0750 3560 MSPQM - ok

18:54:30.0781 3560 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:54:30.0781 3560 mssmbios - ok

18:54:30.0828 3560 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys

18:54:30.0828 3560 MSTEE - ok

18:54:30.0843 3560 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

18:54:30.0843 3560 Mup - ok

18:54:30.0859 3560 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

18:54:30.0859 3560 NABTSFEC - ok

18:54:30.0921 3560 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll

18:54:30.0921 3560 napagent - ok

18:54:31.0031 3560 [ CE2156DF796D41614AB60E68D107D573 ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\VirusDefs\20130612.009\NAVENG.SYS

18:54:31.0046 3560 NAVENG - ok

18:54:31.0093 3560 [ 19CEB8F4EC8C800A53D0B67E658E0367 ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\VirusDefs\20130612.009\NAVEX15.SYS

18:54:31.0093 3560 NAVEX15 - ok

18:54:31.0156 3560 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

18:54:31.0156 3560 NDIS - ok

18:54:31.0171 3560 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys

18:54:31.0187 3560 NdisIP - ok

18:54:31.0218 3560 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:54:31.0218 3560 NdisTapi - ok

18:54:31.0234 3560 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:54:31.0234 3560 Ndisuio - ok

18:54:31.0234 3560 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:54:31.0234 3560 NdisWan - ok

18:54:31.0296 3560 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

18:54:31.0296 3560 NDProxy - ok

18:54:31.0343 3560 [ A8960FA773CCC3E38515F637E19A76C0 ] NeroRegInCDSrv C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe

18:54:31.0343 3560 NeroRegInCDSrv - ok

18:54:31.0359 3560 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

18:54:31.0359 3560 NetBIOS - ok

18:54:31.0406 3560 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

18:54:31.0406 3560 NetBT - ok

18:54:31.0453 3560 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe

18:54:31.0453 3560 NetDDE - ok

18:54:31.0453 3560 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

18:54:31.0468 3560 NetDDEdsdm - ok

18:54:31.0515 3560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe

18:54:31.0515 3560 Netlogon - ok

18:54:31.0531 3560 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll

18:54:31.0531 3560 Netman - ok

18:54:31.0578 3560 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

18:54:31.0593 3560 NetTcpPortSharing - ok

18:54:31.0687 3560 [ 241BD3019FB31E812A51B31B06906335 ] NIS C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe

18:54:31.0687 3560 NIS - ok

18:54:31.0703 3560 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll

18:54:31.0718 3560 Nla - ok

18:54:31.0843 3560 [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

18:54:31.0843 3560 NMIndexingService - ok

18:54:31.0875 3560 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

18:54:31.0875 3560 Npfs - ok

18:54:31.0968 3560 [ B28873F1A04DFFD29D03D6EB201F9E49 ] npkcmsvc C:\Nexon\Mabinogi\npkcmsvc.exe

18:54:31.0968 3560 npkcmsvc - ok

18:54:31.0968 3560 npkcrypt - ok

18:54:32.0000 3560 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

18:54:32.0000 3560 Ntfs - ok

18:54:32.0031 3560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe

18:54:32.0031 3560 NtLmSsp - ok

18:54:32.0078 3560 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

18:54:32.0093 3560 NtmsSvc - ok

18:54:32.0156 3560 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

18:54:32.0156 3560 Null - ok

18:54:32.0390 3560 [ 785500CE8693C06EAAF29FAA64DB17C5 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

18:54:32.0453 3560 nv - ok

18:54:32.0500 3560 [ A211AB524324E84C2C805B52DFCDD544 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys

18:54:32.0500 3560 NVHDA - ok

18:54:32.0562 3560 [ 3A990B8FA88E1B9F2D99C1B9B8D76F4B ] NVSvc C:\WINDOWS\system32\nvsvc32.exe

18:54:32.0562 3560 NVSvc - ok

18:54:32.0671 3560 [ 14314A33845ABD19CADA062A037CC2F6 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

18:54:32.0687 3560 nvUpdatusService - ok

18:54:32.0796 3560 [ 2C2FD0E6B0180F94C260DD26706AA5F4 ] NWCWorkstation C:\WINDOWS\System32\nwwks.dll

18:54:32.0812 3560 NWCWorkstation - ok

18:54:32.0859 3560 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:54:32.0859 3560 NwlnkFlt - ok

18:54:32.0859 3560 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:54:32.0859 3560 NwlnkFwd - ok

18:54:32.0890 3560 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys

18:54:32.0890 3560 NwlnkIpx - ok

18:54:32.0921 3560 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys

18:54:32.0921 3560 NwlnkNb - ok

18:54:32.0921 3560 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys

18:54:32.0921 3560 NwlnkSpx - ok

18:54:32.0968 3560 [ 36B9B950E3D2E100970A48D8BAD86740 ] NWRDR C:\WINDOWS\system32\DRIVERS\nwrdr.sys

18:54:32.0968 3560 NWRDR - ok

18:54:33.0031 3560 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

18:54:33.0031 3560 odserv - ok

18:54:33.0062 3560 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

18:54:33.0062 3560 ose - ok

18:54:33.0125 3560 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

18:54:33.0125 3560 Parport - ok

18:54:33.0125 3560 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

18:54:33.0125 3560 PartMgr - ok

18:54:33.0187 3560 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

18:54:33.0187 3560 ParVdm - ok

18:54:33.0218 3560 [ 3ADB8BD6154A3EF87496E8FCE9C22493 ] pavboot C:\WINDOWS\system32\drivers\pavboot.sys

18:54:33.0218 3560 pavboot - ok

18:54:33.0265 3560 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

18:54:33.0265 3560 pccsmcfd - ok

18:54:33.0265 3560 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

18:54:33.0265 3560 PCI - ok

18:54:33.0265 3560 PciCon - ok

18:54:33.0265 3560 PCIDump - ok

18:54:33.0281 3560 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

18:54:33.0281 3560 PCIIde - ok

18:54:33.0296 3560 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

18:54:33.0296 3560 Pcmcia - ok

18:54:33.0296 3560 PDCOMP - ok

18:54:33.0312 3560 PDFRAME - ok

18:54:33.0312 3560 PDRELI - ok

18:54:33.0312 3560 PDRFRAME - ok

18:54:33.0312 3560 perc2 - ok

18:54:33.0312 3560 perc2hib - ok

18:54:33.0359 3560 [ 5903FA75200807AD739286BBF40C4904 ] pfc C:\WINDOWS\system32\drivers\pfc.sys

18:54:33.0359 3560 pfc - ok

18:54:33.0375 3560 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe

18:54:33.0375 3560 PlugPlay - ok

18:54:33.0437 3560 [ FB03F341FF5380394BF2EE52F1979925 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe

18:54:33.0453 3560 Pml Driver HPZ12 - ok

18:54:33.0453 3560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

18:54:33.0453 3560 PolicyAgent - ok

18:54:33.0515 3560 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:54:33.0515 3560 PptpMiniport - ok

18:54:33.0562 3560 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys

18:54:33.0578 3560 Processor - ok

18:54:33.0578 3560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

18:54:33.0578 3560 ProtectedStorage - ok

18:54:33.0625 3560 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf.sys

18:54:33.0625 3560 PSI - ok

18:54:33.0671 3560 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:54:33.0671 3560 Ptilink - ok

18:54:33.0671 3560 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys

18:54:33.0687 3560 PxHelp20 - ok

18:54:33.0687 3560 ql1080 - ok

18:54:33.0687 3560 Ql10wnt - ok

18:54:33.0687 3560 ql12160 - ok

18:54:33.0687 3560 ql1240 - ok

18:54:33.0718 3560 ql1280 - ok

18:54:33.0750 3560 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:54:33.0750 3560 RasAcd - ok

18:54:33.0781 3560 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll

18:54:33.0781 3560 RasAuto - ok

18:54:33.0828 3560 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:54:33.0828 3560 Rasl2tp - ok

18:54:33.0890 3560 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll

18:54:33.0890 3560 RasMan - ok

18:54:33.0890 3560 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:54:33.0890 3560 RasPppoe - ok

18:54:33.0906 3560 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

18:54:33.0921 3560 Raspti - ok

18:54:33.0921 3560 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:54:33.0937 3560 Rdbss - ok

18:54:33.0937 3560 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:54:33.0937 3560 RDPCDD - ok

18:54:33.0937 3560 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys

18:54:33.0937 3560 rdpdr - ok

18:54:33.0984 3560 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

18:54:33.0984 3560 RDPWD - ok

18:54:34.0031 3560 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

18:54:34.0031 3560 RDSessMgr - ok

18:54:34.0093 3560 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

18:54:34.0093 3560 RealNetworks Downloader Resolver Service - ok

18:54:34.0140 3560 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

18:54:34.0140 3560 redbook - ok

18:54:34.0203 3560 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

18:54:34.0203 3560 RemoteAccess - ok

18:54:34.0250 3560 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll

18:54:34.0250 3560 RemoteRegistry - ok

18:54:34.0296 3560 [ BB7549BD94D1AAC3599C7606C50C48A0 ] Rksample C:\WINDOWS\system32\DRIVERS\HSF_SAMP.sys

18:54:34.0296 3560 Rksample - ok

18:54:34.0343 3560 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe

18:54:34.0343 3560 RpcLocator - ok

18:54:34.0390 3560 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll

18:54:34.0390 3560 RpcSs - ok

18:54:34.0421 3560 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe

18:54:34.0421 3560 RSVP - ok

18:54:34.0468 3560 [ C6D34A1874CD2B212DC3E788091C64B4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

18:54:34.0468 3560 RTLE8023xp - ok

18:54:34.0531 3560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe

18:54:34.0531 3560 SamSs - ok

18:54:34.0656 3560 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

18:54:34.0656 3560 SASDIFSV - ok

18:54:34.0687 3560 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

18:54:34.0687 3560 SASKUTIL - ok

18:54:34.0781 3560 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

18:54:34.0781 3560 SCardSvr - ok

18:54:34.0843 3560 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll

18:54:34.0843 3560 Schedule - ok

18:54:34.0875 3560 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:54:34.0875 3560 Secdrv - ok

18:54:34.0906 3560 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll

18:54:34.0906 3560 seclogon - ok

18:54:35.0046 3560 [ 306F9390976E41063D21AB9AB6D48122 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe

18:54:35.0062 3560 Secunia PSI Agent - ok

18:54:35.0140 3560 [ 29C852880E9634F8C6BD77A4E68B5B34 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe

18:54:35.0140 3560 Secunia Update Agent - ok

18:54:35.0187 3560 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll

18:54:35.0187 3560 SENS - ok

18:54:35.0234 3560 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

18:54:35.0234 3560 serenum - ok

18:54:35.0250 3560 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

18:54:35.0250 3560 Serial - ok

18:54:35.0343 3560 [ 2D841B7B7F6DEC32162EDFCC69D61F42 ] ServiceLayer C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe

18:54:35.0359 3560 ServiceLayer - ok

18:54:35.0390 3560 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

18:54:35.0390 3560 Sfloppy - ok

18:54:35.0453 3560 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

18:54:35.0453 3560 SharedAccess - ok

18:54:35.0515 3560 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

18:54:35.0515 3560 ShellHWDetection - ok

18:54:35.0531 3560 Simbad - ok

18:54:35.0640 3560 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe

18:54:35.0656 3560 SkypeUpdate - ok

18:54:35.0703 3560 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys

18:54:35.0750 3560 SLIP - ok

18:54:35.0781 3560 [ D9E8E0CE154A2F6430D9EFABDF730867 ] SoftFax C:\WINDOWS\system32\DRIVERS\HSF_FAXX.sys

18:54:35.0796 3560 SoftFax - ok

18:54:35.0796 3560 Sparrow - ok

18:54:35.0843 3560 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

18:54:35.0859 3560 splitter - ok

18:54:35.0921 3560 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

18:54:35.0921 3560 Spooler - ok

18:54:35.0937 3560 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

18:54:35.0953 3560 sr - ok

18:54:36.0000 3560 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\System32\srsvc.dll

18:54:36.0000 3560 srservice - ok

18:54:36.0140 3560 [ 0A8F71E1DB5432A5B9285111421E77EC ] SRTSP C:\WINDOWS\System32\Drivers\NIS\1403010.016\SRTSP.SYS

18:54:36.0140 3560 SRTSP - ok

18:54:36.0156 3560 [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX C:\WINDOWS\system32\drivers\NIS\1403010.016\SRTSPX.SYS

18:54:36.0156 3560 SRTSPX - ok

18:54:36.0203 3560 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

18:54:36.0203 3560 Srv - ok

18:54:36.0250 3560 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

18:54:36.0250 3560 SSDPSRV - ok

18:54:36.0296 3560 [ 6C0CC5868F99064516FB9F82563A02EA ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys

18:54:36.0296 3560 ssudmdm - ok

18:54:36.0375 3560 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys

18:54:36.0375 3560 StillCam - ok

18:54:36.0437 3560 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll

18:54:36.0437 3560 stisvc - ok

18:54:36.0468 3560 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys

18:54:36.0468 3560 streamip - ok

18:54:36.0515 3560 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

18:54:36.0515 3560 swenum - ok

18:54:36.0531 3560 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

18:54:36.0531 3560 swmidi - ok

18:54:36.0531 3560 SwPrv - ok

18:54:36.0625 3560 [ 267C914667C94E5F47D342311C1C577F ] Symantec RemoteAssist C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe

18:54:36.0625 3560 Symantec RemoteAssist - ok

18:54:36.0625 3560 symc810 - ok

18:54:36.0640 3560 symc8xx - ok

18:54:36.0687 3560 [ 6EA77FF0CE4E839EA8B1CEA5F5B28C00 ] SymDS C:\WINDOWS\system32\drivers\NIS\1403010.016\SYMDS.SYS

18:54:36.0703 3560 SymDS - ok

18:54:36.0703 3560 [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA C:\WINDOWS\system32\drivers\NIS\1403010.016\SYMEFA.SYS

18:54:36.0718 3560 SymEFA - ok

18:54:36.0781 3560 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

18:54:36.0781 3560 SymEvent - ok

18:54:36.0859 3560 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\WINDOWS\system32\drivers\NIS\1403010.016\Ironx86.SYS

18:54:36.0859 3560 SymIRON - ok

18:54:36.0921 3560 [ EC979002EBA25C9D109B2FE0E03457DA ] SYMTDI C:\WINDOWS\System32\Drivers\NIS\1403010.016\SYMTDI.SYS

18:54:36.0921 3560 SYMTDI - ok

18:54:36.0921 3560 sym_hi - ok

18:54:36.0921 3560 sym_u3 - ok

18:54:36.0937 3560 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

18:54:36.0937 3560 sysaudio - ok

18:54:36.0984 3560 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

18:54:36.0984 3560 SysmonLog - ok

18:54:37.0046 3560 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

18:54:37.0046 3560 TapiSrv - ok

18:54:37.0109 3560 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:54:37.0109 3560 Tcpip - ok

18:54:37.0156 3560 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

18:54:37.0156 3560 TDPIPE - ok

18:54:37.0187 3560 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

18:54:37.0187 3560 TDTCP - ok

18:54:37.0203 3560 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

18:54:37.0203 3560 TermDD - ok

18:54:37.0250 3560 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll

18:54:37.0265 3560 TermService - ok

18:54:37.0281 3560 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll

18:54:37.0281 3560 Themes - ok

18:54:37.0328 3560 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe

18:54:37.0328 3560 TlntSvr - ok

18:54:37.0359 3560 [ 8021A499DB46B2961C285168671CB9AF ] Tones C:\WINDOWS\system32\DRIVERS\HSF_TONE.sys

18:54:37.0359 3560 Tones - ok

18:54:37.0375 3560 TosIde - ok

18:54:37.0375 3560 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll

18:54:37.0375 3560 TrkWks - ok

18:54:37.0390 3560 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

18:54:37.0390 3560 Udfs - ok

18:54:37.0390 3560 ultra - ok

18:54:37.0562 3560 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

18:54:37.0562 3560 UMVPFSrv - ok

18:54:37.0640 3560 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

18:54:37.0640 3560 Update - ok

18:54:37.0703 3560 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll

18:54:37.0703 3560 upnphost - ok

18:54:37.0734 3560 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe

18:54:37.0734 3560 UPS - ok

18:54:37.0812 3560 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys

18:54:37.0812 3560 usbaudio - ok

18:54:37.0859 3560 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

18:54:37.0859 3560 usbccgp - ok

18:54:37.0906 3560 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:54:37.0906 3560 usbehci - ok

18:54:37.0953 3560 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:54:37.0953 3560 usbhub - ok

18:54:37.0968 3560 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:54:37.0968 3560 usbprint - ok

18:54:37.0968 3560 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

18:54:37.0968 3560 usbscan - ok

18:54:37.0968 3560 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:54:37.0984 3560 USBSTOR - ok

18:54:37.0984 3560 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys

18:54:38.0000 3560 usbuhci - ok

18:54:38.0046 3560 [ 269C0ADE94B90029B12497747BE408CB ] V124 C:\WINDOWS\system32\DRIVERS\HSF_V124.sys

18:54:38.0062 3560 V124 - ok

18:54:38.0062 3560 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

18:54:38.0062 3560 VgaSave - ok

18:54:38.0078 3560 ViaIde - ok

18:54:38.0109 3560 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

18:54:38.0109 3560 VolSnap - ok

18:54:38.0156 3560 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe

18:54:38.0171 3560 VSS - ok

18:54:38.0171 3560 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll

18:54:38.0171 3560 W32Time - ok

18:54:38.0187 3560 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:54:38.0187 3560 Wanarp - ok

18:54:38.0234 3560 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

18:54:38.0234 3560 Wdf01000 - ok

18:54:38.0234 3560 WDICA - ok

18:54:38.0265 3560 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

18:54:38.0265 3560 wdmaud - ok

18:54:38.0281 3560 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll

18:54:38.0281 3560 WebClient - ok

18:54:38.0343 3560 [ BE3A842C2F2E87E7C840D36BCF13E8E0 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

18:54:38.0343 3560 winachsf - ok

18:54:38.0453 3560 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

18:54:38.0453 3560 winmgmt - ok

18:54:38.0640 3560 [ D9250B31B353EE3322C1CAD411997E38 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

18:54:38.0656 3560 wlidsvc - ok

18:54:38.0718 3560 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

18:54:38.0718 3560 WmdmPmSN - ok

18:54:38.0734 3560 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll

18:54:38.0734 3560 Wmi - ok

18:54:38.0812 3560 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe

18:54:38.0812 3560 WmiApSrv - ok

18:54:38.0890 3560 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

18:54:38.0890 3560 WMPNetworkSvc - ok

18:54:38.0921 3560 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys

18:54:38.0921 3560 WpdUsb - ok

18:54:39.0062 3560 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

18:54:39.0062 3560 WPFFontCache_v0400 - ok

18:54:39.0109 3560 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll

18:54:39.0125 3560 wscsvc - ok

18:54:39.0156 3560 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

18:54:39.0156 3560 WSTCODEC - ok

18:54:39.0187 3560 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

18:54:39.0218 3560 wuauserv - ok

18:54:39.0250 3560 [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

18:54:39.0250 3560 WudfPf - ok

18:54:39.0281 3560 [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

18:54:39.0281 3560 WudfRd - ok

18:54:39.0312 3560 [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

18:54:39.0312 3560 WudfSvc - ok

18:54:39.0375 3560 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

18:54:39.0437 3560 WZCSVC - ok

18:54:39.0484 3560 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

18:54:39.0484 3560 xmlprov - ok

18:54:39.0484 3560 ================ Scan global ===============================

18:54:39.0578 3560 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

18:54:39.0640 3560 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll

18:54:39.0640 3560 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll

18:54:39.0671 3560 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

18:54:39.0687 3560 [Global] - ok

18:54:39.0687 3560 ================ Scan MBR ==================================

18:54:39.0718 3560 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

18:54:40.0078 3560 \Device\Harddisk0\DR0 - ok

18:54:40.0078 3560 ================ Scan VBR ==================================

18:54:40.0078 3560 [ 52FE3258CB2E7641EC69AE01FA3066C4 ] \Device\Harddisk0\DR0\Partition1

18:54:40.0078 3560 \Device\Harddisk0\DR0\Partition1 - ok

18:54:40.0078 3560 ============================================================

18:54:40.0078 3560 Scan finished

18:54:40.0078 3560 ============================================================

18:54:40.0093 3548 Detected object count: 0

18:54:40.0093 3548 Actual detected object count: 0

19:31:10.0984 3192 ============================================================

19:31:11.0000 3192 Scan started

19:31:11.0000 3192 Mode: Manual; SigCheck; TDLFS;

19:31:11.0000 3192 ============================================================

19:31:11.0171 3192 ================ Scan system memory ========================

19:31:11.0171 3192 System memory - ok

19:31:11.0171 3192 ================ Scan services =============================

19:31:11.0296 3192 [ 44C85670246E4183650EF0E664346DDC ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

19:31:11.0843 3192 !SASCORE - ok

19:31:12.0000 3192 Abiosdsk - ok

19:31:12.0000 3192 abp480n5 - ok

19:31:12.0046 3192 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:31:14.0375 3192 ACPI - ok

19:31:14.0437 3192 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

19:31:14.0609 3192 ACPIEC - ok

19:31:14.0687 3192 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

19:31:14.0703 3192 AdobeFlashPlayerUpdateSvc - ok

19:31:14.0718 3192 adpu160m - ok

19:31:14.0750 3192 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

19:31:14.0890 3192 aec - ok

19:31:14.0937 3192 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

19:31:15.0046 3192 AFD - ok

19:31:15.0125 3192 [ 0EBB674888CBDEFD5773341C16DD6A07 ] AFS2K C:\WINDOWS\system32\drivers\AFS2K.sys

19:31:15.0218 3192 AFS2K - ok

19:31:15.0218 3192 Aha154x - ok

19:31:15.0218 3192 aic78u2 - ok

19:31:15.0218 3192 aic78xx - ok

19:31:15.0281 3192 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

19:31:15.0390 3192 Alerter - ok

19:31:15.0421 3192 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

19:31:15.0515 3192 ALG - ok

19:31:15.0515 3192 AliIde - ok

19:31:15.0578 3192 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys

19:31:30.0859 3192 Ambfilt - ok

19:31:30.0859 3192 amsint - ok

19:31:31.0046 3192 [ 0BF848F3CDD883843769A9070F55A023 ] apf001 C:\Game\SoftnyxGame\GunBoundIS\apf001.sys

19:31:31.0078 3192 apf001 - ok

19:31:31.0312 3192 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:31:31.0328 3192 Apple Mobile Device - ok

19:31:31.0406 3192 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll

19:31:31.0609 3192 AppMgmt - ok

19:31:31.0609 3192 asc - ok

19:31:31.0625 3192 asc3350p - ok

19:31:31.0625 3192 asc3550 - ok

19:31:31.0765 3192 [ B979979AB8027F7F53FB16EC4229B7DB ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys

19:31:31.0781 3192 Aspi32 ( UnsignedFile.Multi.Generic ) - warning

19:31:31.0812 3192 Aspi32 - detected UnsignedFile.Multi.Generic (1)

19:31:32.0343 3192 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

19:31:32.0500 3192 aspnet_state - ok

19:31:32.0593 3192 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:31:32.0765 3192 AsyncMac - ok

19:31:32.0796 3192 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

19:31:32.0984 3192 atapi - ok

19:31:32.0984 3192 Atdisk - ok

19:31:33.0093 3192 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:31:33.0203 3192 Atmarpc - ok

19:31:33.0265 3192 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

19:31:33.0375 3192 AudioSrv - ok

19:31:33.0546 3192 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

19:31:33.0734 3192 audstub - ok

19:31:33.0828 3192 [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt C:\WINDOWS\System32\Drivers\BANTExt.sys

19:31:33.0875 3192 BANTExt ( UnsignedFile.Multi.Generic ) - warning

19:31:33.0875 3192 BANTExt - detected UnsignedFile.Multi.Generic (1)

19:31:33.0921 3192 [ 1B9C81AB9A456EABD9F8335F04B5F495 ] basic2 C:\WINDOWS\system32\DRIVERS\HSF_BSC2.sys

19:31:34.0046 3192 basic2 - ok

19:31:34.0156 3192 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

19:31:34.0296 3192 Beep - ok

19:31:34.0640 3192 [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\BASHDefs\20130531.001\BHDrvx86.sys

19:31:43.0953 3192 BHDrvx86 - ok

19:31:44.0078 3192 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

19:31:44.0671 3192 BITS - ok

19:31:45.0078 3192 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

19:31:45.0234 3192 Bonjour Service - ok

19:31:45.0328 3192 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll

19:31:45.0500 3192 Browser - ok

19:31:45.0562 3192 [ 2FE6D5BE0629F706197B30C0AA05DE30 ] BrPar C:\WINDOWS\System32\drivers\BrPar.sys

19:31:45.0593 3192 BrPar ( UnsignedFile.Multi.Generic ) - warning

19:31:45.0593 3192 BrPar - detected UnsignedFile.Multi.Generic (1)

19:31:46.0000 3192 catchme - ok

19:31:46.0234 3192 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

19:31:46.0343 3192 cbidf2k - ok

19:31:46.0531 3192 [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe

19:31:46.0562 3192 CCALib8 ( UnsignedFile.Multi.Generic ) - warning

19:31:46.0562 3192 CCALib8 - detected UnsignedFile.Multi.Generic (1)

19:31:46.0609 3192 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

19:31:46.0703 3192 CCDECODE - ok

19:31:46.0812 3192 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_NIS C:\WINDOWS\system32\drivers\NIS\1403010.016\ccSetx86.sys

19:31:46.0828 3192 ccSet_NIS - ok

19:31:46.0843 3192 cd20xrnt - ok

19:31:46.0890 3192 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

19:31:46.0984 3192 Cdaudio - ok

19:31:47.0031 3192 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

19:31:47.0140 3192 Cdfs - ok

19:31:47.0171 3192 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:31:47.0281 3192 Cdrom - ok

19:31:47.0281 3192 Changer - ok

19:31:47.0328 3192 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

19:31:47.0421 3192 CiSvc - ok

19:31:47.0453 3192 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

19:31:47.0578 3192 ClipSrv - ok

19:31:47.0718 3192 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:31:47.0796 3192 clr_optimization_v2.0.50727_32 - ok

19:31:47.0828 3192 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:31:47.0843 3192 clr_optimization_v4.0.30319_32 - ok

19:31:47.0859 3192 CmdIde - ok

19:31:47.0859 3192 COMSysApp - ok

19:31:47.0859 3192 Cpqarray - ok

19:31:47.0937 3192 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

19:31:48.0078 3192 CryptSvc - ok

19:31:48.0078 3192 dac2w2k - ok

19:31:48.0078 3192 dac960nt - ok

19:31:48.0125 3192 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

19:31:48.0218 3192 DcomLaunch - ok

19:31:48.0296 3192 [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys

19:31:48.0296 3192 dgderdrv - ok

19:31:48.0359 3192 [ AEB179B855161EC9C88172ABC75AD0EF ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys

19:31:48.0375 3192 dg_ssudbus - ok

19:31:48.0421 3192 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

19:31:48.0515 3192 Dhcp - ok

19:31:48.0625 3192 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

19:31:48.0734 3192 Disk - ok

19:31:48.0734 3192 dmadmin - ok

19:31:48.0875 3192 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

19:31:49.0234 3192 dmboot - ok

19:31:49.0343 3192 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

19:31:49.0468 3192 dmio - ok

19:31:49.0500 3192 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

19:31:49.0625 3192 dmload - ok

19:31:49.0843 3192 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

19:31:50.0031 3192 dmserver - ok

19:31:50.0109 3192 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

19:31:50.0265 3192 DMusic - ok

19:31:50.0390 3192 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

19:31:50.0640 3192 Dnscache - ok

19:31:50.0859 3192 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

19:31:50.0984 3192 Dot3svc - ok

19:31:51.0000 3192 dpti2o - ok

19:31:51.0062 3192 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

19:31:51.0187 3192 drmkaud - ok

19:31:51.0203 3192 EagleNT - ok

19:31:51.0250 3192 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

19:31:51.0406 3192 EapHost - ok

19:31:51.0625 3192 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

19:31:51.0671 3192 eeCtrl - ok

19:31:51.0687 3192 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

19:31:51.0718 3192 EraserUtilRebootDrv - ok

19:31:51.0750 3192 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

19:31:51.0859 3192 ERSvc - ok

19:31:51.0921 3192 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

19:31:51.0953 3192 Eventlog - ok

19:31:52.0000 3192 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll

19:31:52.0031 3192 EventSystem - ok

19:31:52.0093 31


#12 greatserpent

greatserpent

    Advanced Member

  • Full Member
  • PipPipPip
  • 106 posts

Posted 13 June 2013 - 04:48 AM

19:31:52.0093 3192  [ C823DEBE2548656549F84A875D65237B ] Fallback        C:\WINDOWS\system32\DRIVERS\HSF_FALL.sys
19:31:52.0203 3192  Fallback - ok
19:31:52.0265 3192  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
19:31:52.0421 3192  Fastfat - ok
19:31:52.0500 3192  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:31:52.0718 3192  FastUserSwitchingCompatibility - ok
19:31:52.0750 3192  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
19:31:52.0953 3192  Fdc - ok
19:31:52.0984 3192  [ A75DDC492D2D1D6558AD8003A4ADB73A ] FilterService   C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
19:31:53.0000 3192  FilterService - ok
19:31:53.0062 3192  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
19:31:53.0140 3192  Fips - ok
19:31:53.0156 3192  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:31:53.0250 3192  Flpydisk - ok
19:31:53.0296 3192  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
19:31:53.0375 3192  FltMgr - ok
19:31:53.0500 3192  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:31:53.0515 3192  FontCache3.0.0.0 - ok
19:31:53.0578 3192  [ 6483414841D4CAB6C3B4DB2AC6EDD70B ] Fsks            C:\WINDOWS\system32\DRIVERS\HSF_FSKS.sys
19:31:53.0671 3192  Fsks - ok
19:31:53.0687 3192  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:31:53.0796 3192  Fs_Rec - ok
19:31:53.0812 3192  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:31:53.0921 3192  Ftdisk - ok
19:31:54.0109 3192  [ 2973B4EB7BE10A0D491B2037DCAAE88F ] Garmin Core Update Service C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
19:31:54.0125 3192  Garmin Core Update Service - ok
19:31:54.0156 3192  [ 54789F9BA0D59072CDD4E7C200E122C4 ] gdrv            C:\WINDOWS\gdrv.sys
19:31:55.0296 3192  gdrv - ok
19:31:55.0359 3192  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:31:55.0390 3192  GEARAspiWDM - ok
19:31:55.0453 3192  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:31:55.0546 3192  Gpc - ok
19:31:55.0625 3192  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:31:55.0640 3192  gusvc - ok
19:31:55.0687 3192  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:31:55.0781 3192  HDAudBus - ok
19:31:55.0859 3192  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:31:55.0937 3192  helpsvc - ok
19:31:56.0015 3192  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
19:31:56.0109 3192  HidServ - ok
19:31:56.0156 3192  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:31:56.0234 3192  HidUsb - ok
19:31:56.0281 3192  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
19:31:56.0390 3192  hkmsvc - ok
19:31:56.0390 3192  hpn - ok
19:31:56.0421 3192  [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:31:56.0640 3192  HPZid412 - ok
19:31:56.0640 3192  [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:31:56.0671 3192  HPZipr12 - ok
19:31:56.0734 3192  [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:31:56.0765 3192  HPZius12 - ok
19:31:56.0812 3192  [ 6312DC46356DF3974E88AA51B69360DC ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
19:31:56.0890 3192  HSFHWBS2 - ok
19:31:56.0968 3192  [ EBB354438A4C5A3327FB97306260714A ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
19:31:57.0109 3192  HSF_DP - ok
19:31:57.0156 3192  [ DAAB917EEC9849840A13353198D48CC5 ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
19:31:57.0218 3192  HSF_DPV - ok
19:31:57.0234 3192  [ 74E379857D4C0DFB56DE2D19B8F4C434 ] hsf_msft        C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys
19:31:57.0343 3192  hsf_msft - ok
19:31:57.0375 3192  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
19:31:57.0468 3192  HTTP - ok
19:31:57.0515 3192  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
19:31:57.0640 3192  HTTPFilter - ok
19:31:57.0640 3192  i2omgmt - ok
19:31:57.0656 3192  i2omp - ok
19:31:57.0703 3192  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:31:57.0781 3192  i8042prt - ok
19:31:57.0906 3192  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:31:57.0984 3192  IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:31:57.0984 3192  IDriverT - detected UnsignedFile.Multi.Generic (1)
19:31:58.0281 3192  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:32:00.0218 3192  idsvc - ok
19:32:00.0390 3192  [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\IPSDefs\20130612.001\IDSxpx86.sys
19:32:00.0421 3192  IDSxpx86 - ok
19:32:00.0500 3192  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
19:32:00.0625 3192  Imapi - ok
19:32:00.0687 3192  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
19:32:00.0796 3192  ImapiService - ok
19:32:00.0843 3192  [ 1DA147ACB525A4822228BE06154C7CBB ] InCDfs          C:\WINDOWS\system32\drivers\InCDFs.sys
19:32:00.0890 3192  InCDfs - ok
19:32:00.0953 3192  [ 2EC469A401AE6FE7A67D80EFFD3091B1 ] InCDPass        C:\WINDOWS\system32\drivers\InCDPass.sys
19:32:00.0984 3192  InCDPass - ok
19:32:01.0046 3192  [ 544498D06B8CA187A5960B4F3B4BD63E ] InCDRec         C:\WINDOWS\system32\drivers\InCDRec.sys
19:32:01.0062 3192  InCDRec - ok
19:32:01.0109 3192  [ 2863A00B0F64D937F0CD9561C53B5A37 ] incdrm          C:\WINDOWS\system32\drivers\InCDRm.sys
19:32:01.0125 3192  incdrm - ok
19:32:01.0296 3192  [ CA32EA0F5FC2A36CA44AD7238F18C248 ] InCDsrv         C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
19:32:01.0343 3192  InCDsrv - ok
19:32:01.0343 3192  ini910u - ok
19:32:01.0500 3192  [ 319A38A3F786153FFF2A84A48FEB09B1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:32:01.0671 3192  IntcAzAudAddService - ok
19:32:01.0687 3192  IntelIde - ok
19:32:01.0734 3192  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:32:01.0812 3192  intelppm - ok
19:32:01.0843 3192  [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys
19:32:01.0968 3192  ip6fw - ok
19:32:02.0000 3192  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:32:02.0109 3192  IpFilterDriver - ok
19:32:02.0125 3192  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:32:02.0218 3192  IpInIp - ok
19:32:02.0250 3192  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:32:02.0343 3192  IpNat - ok
19:32:02.0437 3192  [ FE56897B27ED266F9C4E7D90A0B5DA47 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:32:02.0484 3192  iPod Service - ok
19:32:02.0515 3192  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:32:02.0593 3192  IPSec - ok
19:32:02.0625 3192  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
19:32:02.0687 3192  IRENUM - ok
19:32:02.0703 3192  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:32:02.0781 3192  isapnp - ok
19:32:02.0937 3192  [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
19:32:02.0953 3192  JavaQuickStarterService - ok
19:32:02.0968 3192  [ 9C5E3FDBFCC30CF71A49CA178B9AD442 ] K56             C:\WINDOWS\system32\DRIVERS\HSF_K56K.sys
19:32:03.0078 3192  K56 - ok
19:32:03.0109 3192  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:32:03.0203 3192  Kbdclass - ok
19:32:03.0250 3192  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:32:03.0343 3192  kbdhid - ok
19:32:03.0406 3192  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
19:32:03.0515 3192  kmixer - ok
19:32:03.0562 3192  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
19:32:03.0687 3192  KSecDD - ok
19:32:03.0734 3192  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
19:32:03.0828 3192  lanmanserver - ok
19:32:03.0875 3192  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:32:03.0968 3192  lanmanworkstation - ok
19:32:03.0968 3192  Lbd - ok
19:32:03.0984 3192  lbrtfdc - ok
19:32:04.0031 3192  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
19:32:04.0125 3192  LmHosts - ok
19:32:04.0203 3192  [ E1158B0CB852DB0573922C92E6E564DE ] lvpopflt        C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
19:32:04.0250 3192  lvpopflt - ok
19:32:04.0296 3192  [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon        C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
19:32:04.0296 3192  LVPr2Mon - ok
19:32:04.0343 3192  [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS            C:\WINDOWS\system32\DRIVERS\lvrs.sys
19:32:04.0375 3192  LVRS - ok
19:32:04.0421 3192  [ 5F987FC1AAD215EC2C60CF07719B1CCE ] LVUSBSta        C:\WINDOWS\system32\drivers\LVUSBSta.sys
19:32:04.0437 3192  LVUSBSta - ok
19:32:04.0515 3192  [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC           C:\WINDOWS\system32\DRIVERS\lvuvc.sys
19:32:04.0656 3192  LVUVC - ok
19:32:04.0703 3192  [ 290FB01F7F51EFF0960599404A09F8D6 ] mbmiodrvr       C:\WINDOWS\system32\mbmiodrvr.sys
19:32:04.0718 3192  mbmiodrvr ( UnsignedFile.Multi.Generic ) - warning
19:32:04.0718 3192  mbmiodrvr - detected UnsignedFile.Multi.Generic (1)
19:32:04.0765 3192  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:32:04.0796 3192  mdmxsdk - ok
19:32:04.0828 3192  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
19:32:04.0937 3192  Messenger - ok
19:32:05.0015 3192  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:32:05.0031 3192  Microsoft Office Groove Audit Service - ok
19:32:05.0078 3192  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
19:32:05.0171 3192  mnmdd - ok
19:32:05.0203 3192  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe
19:32:05.0281 3192  mnmsrvc - ok
19:32:05.0328 3192  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
19:32:05.0406 3192  Modem - ok
19:32:05.0437 3192  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
19:32:05.0500 3192  MODEMCSA - ok
19:32:05.0546 3192  [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys
19:32:05.0593 3192  Monfilt - ok
19:32:05.0609 3192  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:32:05.0703 3192  Mouclass - ok
19:32:05.0750 3192  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:32:05.0828 3192  mouhid - ok
19:32:05.0875 3192  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
19:32:05.0953 3192  MountMgr - ok
19:32:06.0000 3192  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:32:06.0046 3192  MozillaMaintenance - ok
19:32:06.0046 3192  mraid35x - ok
19:32:06.0046 3192  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:32:06.0156 3192  MRxDAV - ok
19:32:06.0203 3192  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:32:06.0328 3192  MRxSmb - ok
19:32:06.0375 3192  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
19:32:06.0500 3192  MSDTC - ok
19:32:06.0515 3192  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:32:06.0609 3192  Msfs - ok
19:32:06.0609 3192  MSIServer - ok
19:32:06.0625 3192  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:32:06.0703 3192  MSKSSRV - ok
19:32:06.0718 3192  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:32:06.0812 3192  MSPCLOCK - ok
19:32:06.0812 3192  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
19:32:06.0890 3192  MSPQM - ok
19:32:06.0921 3192  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:32:06.0984 3192  mssmbios - ok
19:32:07.0031 3192  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
19:32:07.0109 3192  MSTEE - ok
19:32:07.0140 3192  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
19:32:07.0187 3192  Mup - ok
19:32:07.0203 3192  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:32:07.0312 3192  NABTSFEC - ok
19:32:07.0343 3192  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
19:32:07.0453 3192  napagent - ok
19:32:07.0546 3192  [ CE2156DF796D41614AB60E68D107D573 ] NAVENG          C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\VirusDefs\20130612.021\NAVENG.SYS
19:32:07.0562 3192  NAVENG - ok
19:32:07.0593 3192  [ 19CEB8F4EC8C800A53D0B67E658E0367 ] NAVEX15         C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\VirusDefs\20130612.021\NAVEX15.SYS
19:32:07.0640 3192  NAVEX15 - ok
19:32:07.0687 3192  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
19:32:07.0765 3192  NDIS - ok
19:32:07.0796 3192  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:32:07.0875 3192  NdisIP - ok
19:32:07.0921 3192  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:32:07.0968 3192  NdisTapi - ok
19:32:08.0031 3192  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:32:08.0109 3192  Ndisuio - ok
19:32:08.0109 3192  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:32:08.0234 3192  NdisWan - ok
19:32:08.0281 3192  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
19:32:08.0328 3192  NDProxy - ok
19:32:08.0390 3192  [ A8960FA773CCC3E38515F637E19A76C0 ] NeroRegInCDSrv  C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
19:32:08.0390 3192  NeroRegInCDSrv - ok
19:32:08.0453 3192  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
19:32:08.0531 3192  NetBIOS - ok
19:32:08.0562 3192  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:32:08.0671 3192  NetBT - ok
19:32:08.0703 3192  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
19:32:08.0781 3192  NetDDE - ok
19:32:08.0781 3192  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
19:32:08.0875 3192  NetDDEdsdm - ok
19:32:08.0906 3192  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:32:09.0000 3192  Netlogon - ok
19:32:09.0015 3192  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
19:32:09.0093 3192  Netman - ok
19:32:09.0140 3192  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:32:09.0156 3192  NetTcpPortSharing - ok
19:32:09.0265 3192  [ 241BD3019FB31E812A51B31B06906335 ] NIS             C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
19:32:09.0296 3192  NIS - ok
19:32:09.0328 3192  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
19:32:09.0390 3192  Nla - ok
19:32:09.0562 3192  [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
19:32:09.0593 3192  NMIndexingService - ok
19:32:09.0625 3192  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:32:09.0718 3192  Npfs - ok
19:32:09.0812 3192  [ B28873F1A04DFFD29D03D6EB201F9E49 ] npkcmsvc        C:\Nexon\Mabinogi\npkcmsvc.exe
19:32:09.0828 3192  npkcmsvc - ok
19:32:09.0828 3192  npkcrypt - ok
19:32:09.0859 3192  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
19:32:09.0984 3192  Ntfs - ok
19:32:10.0031 3192  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\System32\lsass.exe
19:32:10.0093 3192  NtLmSsp - ok
19:32:10.0156 3192  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
19:32:10.0234 3192  NtmsSvc - ok
19:32:10.0281 3192  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:32:10.0375 3192  Null - ok
19:32:10.0671 3192  [ 785500CE8693C06EAAF29FAA64DB17C5 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:32:11.0156 3192  nv - ok
19:32:11.0203 3192  [ A211AB524324E84C2C805B52DFCDD544 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda32.sys
19:32:11.0218 3192  NVHDA - ok
19:32:11.0265 3192  [ 3A990B8FA88E1B9F2D99C1B9B8D76F4B ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
19:32:11.0281 3192  NVSvc - ok
19:32:11.0390 3192  [ 14314A33845ABD19CADA062A037CC2F6 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:32:11.0437 3192  nvUpdatusService - ok
19:32:11.0515 3192  [ 2C2FD0E6B0180F94C260DD26706AA5F4 ] NWCWorkstation  C:\WINDOWS\System32\nwwks.dll
19:32:11.0609 3192  NWCWorkstation - ok
19:32:11.0687 3192  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:32:11.0812 3192  NwlnkFlt - ok
19:32:11.0828 3192  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:32:12.0000 3192  NwlnkFwd - ok
19:32:12.0062 3192  [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx        C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
19:32:12.0218 3192  NwlnkIpx - ok
19:32:12.0250 3192  [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb         C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
19:32:12.0375 3192  NwlnkNb - ok
19:32:12.0406 3192  [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx        C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
19:32:12.0515 3192  NwlnkSpx - ok
19:32:12.0562 3192  [ 36B9B950E3D2E100970A48D8BAD86740 ] NWRDR           C:\WINDOWS\system32\DRIVERS\nwrdr.sys
19:32:12.0656 3192  NWRDR - ok
19:32:12.0718 3192  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:32:12.0750 3192  odserv - ok
19:32:12.0796 3192  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:32:12.0828 3192  ose - ok
19:32:12.0859 3192  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
19:32:12.0984 3192  Parport - ok
19:32:13.0015 3192  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
19:32:13.0140 3192  PartMgr - ok
19:32:13.0187 3192  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
19:32:13.0265 3192  ParVdm - ok
19:32:13.0281 3192  [ 3ADB8BD6154A3EF87496E8FCE9C22493 ] pavboot         C:\WINDOWS\system32\drivers\pavboot.sys
19:32:13.0296 3192  pavboot - ok
19:32:13.0328 3192  [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd        C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
19:32:13.0375 3192  pccsmcfd - ok
19:32:13.0453 3192  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
19:32:13.0562 3192  PCI - ok
19:32:13.0562 3192  PciCon - ok
19:32:13.0578 3192  PCIDump - ok
19:32:13.0593 3192  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
19:32:13.0687 3192  PCIIde - ok
19:32:13.0703 3192  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
19:32:13.0812 3192  Pcmcia - ok
19:32:13.0812 3192  PDCOMP - ok
19:32:13.0812 3192  PDFRAME - ok
19:32:13.0812 3192  PDRELI - ok
19:32:13.0828 3192  PDRFRAME - ok
19:32:13.0828 3192  perc2 - ok
19:32:13.0828 3192  perc2hib - ok
19:32:13.0890 3192  [ 5903FA75200807AD739286BBF40C4904 ] pfc             C:\WINDOWS\system32\drivers\pfc.sys
19:32:13.0921 3192  pfc ( UnsignedFile.Multi.Generic ) - warning
19:32:13.0921 3192  pfc - detected UnsignedFile.Multi.Generic (1)
19:32:13.0937 3192  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
19:32:13.0953 3192  PlugPlay - ok
19:32:14.0046 3192  [ FB03F341FF5380394BF2EE52F1979925 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
19:32:14.0078 3192  Pml Driver HPZ12 - ok
19:32:14.0078 3192  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
19:32:14.0156 3192  PolicyAgent - ok
19:32:14.0218 3192  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:32:14.0281 3192  PptpMiniport - ok
19:32:14.0343 3192  [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
19:32:14.0421 3192  Processor - ok
19:32:14.0421 3192  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:32:14.0500 3192  ProtectedStorage - ok
19:32:14.0531 3192  [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI             C:\WINDOWS\system32\DRIVERS\psi_mf.sys
19:32:14.0546 3192  PSI - ok
19:32:14.0578 3192  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:32:14.0656 3192  Ptilink - ok
19:32:14.0671 3192  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:32:14.0671 3192  PxHelp20 - ok
19:32:14.0687 3192  ql1080 - ok
19:32:14.0687 3192  Ql10wnt - ok
19:32:14.0687 3192  ql12160 - ok
19:32:14.0687 3192  ql1240 - ok
19:32:14.0703 3192  ql1280 - ok
19:32:14.0734 3192  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:32:14.0796 3192  RasAcd - ok
19:32:14.0843 3192  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:32:14.0937 3192  RasAuto - ok
19:32:14.0953 3192  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:32:15.0062 3192  Rasl2tp - ok
19:32:15.0109 3192  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:32:15.0218 3192  RasMan - ok
19:32:15.0218 3192  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:32:15.0328 3192  RasPppoe - ok
19:32:15.0328 3192  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
19:32:15.0421 3192  Raspti - ok
19:32:15.0453 3192  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:32:15.0546 3192  Rdbss - ok
19:32:15.0562 3192  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:32:15.0656 3192  RDPCDD - ok
19:32:15.0671 3192  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:32:15.0781 3192  rdpdr - ok
19:32:15.0812 3192  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
19:32:15.0859 3192  RDPWD - ok
19:32:15.0906 3192  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
19:32:16.0031 3192  RDSessMgr - ok
19:32:16.0078 3192  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
19:32:16.0093 3192  RealNetworks Downloader Resolver Service - ok
19:32:16.0140 3192  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
19:32:16.0218 3192  redbook - ok
19:32:16.0265 3192  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:32:16.0375 3192  RemoteAccess - ok
19:32:16.0437 3192  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
19:32:16.0546 3192  RemoteRegistry - ok
19:32:16.0578 3192  [ BB7549BD94D1AAC3599C7606C50C48A0 ] Rksample        C:\WINDOWS\system32\DRIVERS\HSF_SAMP.sys
19:32:16.0671 3192  Rksample - ok
19:32:16.0718 3192  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\System32\locator.exe
19:32:16.0828 3192  RpcLocator - ok
19:32:16.0875 3192  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
19:32:16.0953 3192  RpcSs - ok
19:32:16.0968 3192  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\System32\rsvp.exe
19:32:17.0062 3192  RSVP - ok
19:32:17.0109 3192  [ C6D34A1874CD2B212DC3E788091C64B4 ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
19:32:17.0125 3192  RTLE8023xp - ok
19:32:17.0140 3192  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
19:32:17.0218 3192  SamSs - ok
19:32:17.0312 3192  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:32:17.0328 3192  SASDIFSV - ok
19:32:17.0328 3192  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
19:32:17.0343 3192  SASKUTIL - ok
19:32:17.0406 3192  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
19:32:17.0531 3192  SCardSvr - ok
19:32:17.0578 3192  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:32:17.0671 3192  Schedule - ok
19:32:17.0703 3192  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:32:17.0750 3192  Secdrv - ok
19:32:17.0781 3192  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
19:32:17.0859 3192  seclogon - ok
19:32:18.0000 3192  [ 306F9390976E41063D21AB9AB6D48122 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
19:32:18.0062 3192  Secunia PSI Agent - ok
19:32:18.0156 3192  [ 29C852880E9634F8C6BD77A4E68B5B34 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
19:32:18.0218 3192  Secunia Update Agent - ok
19:32:18.0250 3192  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
19:32:18.0343 3192  SENS - ok
19:32:18.0406 3192  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
19:32:18.0515 3192  serenum - ok
19:32:18.0515 3192  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
19:32:18.0593 3192  Serial - ok
19:32:18.0671 3192  [ 2D841B7B7F6DEC32162EDFCC69D61F42 ] ServiceLayer    C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
19:32:18.0734 3192  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
19:32:18.0734 3192  ServiceLayer - detected UnsignedFile.Multi.Generic (1)
19:32:18.0765 3192  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
19:32:18.0859 3192  Sfloppy - ok
19:32:18.0906 3192  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:32:19.0015 3192  SharedAccess - ok
19:32:19.0046 3192  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:32:19.0671 3192  ShellHWDetection - ok
19:32:19.0671 3192  Simbad - ok
19:32:19.0765 3192  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
19:32:19.0812 3192  SkypeUpdate - ok
19:32:19.0843 3192  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:32:19.0937 3192  SLIP - ok
19:32:20.0000 3192  [ D9E8E0CE154A2F6430D9EFABDF730867 ] SoftFax         C:\WINDOWS\system32\DRIVERS\HSF_FAXX.sys
19:32:20.0093 3192  SoftFax - ok
19:32:20.0093 3192  Sparrow - ok
19:32:20.0140 3192  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
19:32:20.0218 3192  splitter - ok
19:32:20.0265 3192  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
19:32:20.0343 3192  Spooler - ok
19:32:20.0375 3192  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
19:32:20.0453 3192  sr - ok
19:32:20.0500 3192  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\System32\srsvc.dll
19:32:20.0546 3192  srservice - ok
19:32:20.0671 3192  [ 0A8F71E1DB5432A5B9285111421E77EC ] SRTSP           C:\WINDOWS\System32\Drivers\NIS\1403010.016\SRTSP.SYS
19:32:20.0718 3192  SRTSP - ok
19:32:20.0750 3192  [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX          C:\WINDOWS\system32\drivers\NIS\1403010.016\SRTSPX.SYS
19:32:20.0765 3192  SRTSPX - ok
19:32:20.0812 3192  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
19:32:20.0921 3192  Srv - ok
19:32:20.0968 3192  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:32:21.0062 3192  SSDPSRV - ok
19:32:21.0093 3192  [ 6C0CC5868F99064516FB9F82563A02EA ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
19:32:21.0125 3192  ssudmdm - ok
19:32:21.0156 3192  [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
19:32:21.0281 3192  StillCam - ok
19:32:21.0343 3192  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
19:32:21.0468 3192  stisvc - ok
19:32:21.0515 3192  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:32:21.0593 3192  streamip - ok
19:32:21.0640 3192  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
19:32:21.0734 3192  swenum - ok
19:32:21.0750 3192  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
19:32:21.0828 3192  swmidi - ok
19:32:21.0828 3192  SwPrv - ok
19:32:21.0937 3192  [ 267C914667C94E5F47D342311C1C577F ] Symantec RemoteAssist C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
19:32:21.0968 3192  Symantec RemoteAssist - ok
19:32:21.0968 3192  symc810 - ok
19:32:21.0984 3192  symc8xx - ok
19:32:22.0015 3192  [ 6EA77FF0CE4E839EA8B1CEA5F5B28C00 ] SymDS           C:\WINDOWS\system32\drivers\NIS\1403010.016\SYMDS.SYS
19:32:22.0031 3192  SymDS - ok
19:32:22.0062 3192  [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA          C:\WINDOWS\system32\drivers\NIS\1403010.016\SYMEFA.SYS
19:32:22.0109 3192  SymEFA - ok
19:32:22.0156 3192  [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
19:32:22.0171 3192  SymEvent - ok
19:32:22.0218 3192  [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON         C:\WINDOWS\system32\drivers\NIS\1403010.016\Ironx86.SYS
19:32:22.0250 3192  SymIRON - ok
19:32:22.0296 3192  [ EC979002EBA25C9D109B2FE0E03457DA ] SYMTDI          C:\WINDOWS\System32\Drivers\NIS\1403010.016\SYMTDI.SYS
19:32:22.0312 3192  SYMTDI - ok
19:32:22.0328 3192  sym_hi - ok
19:32:22.0328 3192  sym_u3 - ok
19:32:22.0359 3192  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
19:32:22.0468 3192  sysaudio - ok
19:32:22.0515 3192  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
19:32:22.0609 3192  SysmonLog - ok
19:32:22.0656 3192  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:32:22.0765 3192  TapiSrv - ok
19:32:22.0828 3192  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:32:22.0843 3192  Tcpip - ok
19:32:22.0890 3192  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
19:32:22.0953 3192  TDPIPE - ok
19:32:22.0984 3192  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
19:32:23.0062 3192  TDTCP - ok
19:32:23.0078 3192  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
19:32:23.0187 3192  TermDD - ok
19:32:23.0218 3192  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
19:32:23.0296 3192  TermService - ok
19:32:23.0328 3192  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
19:32:23.0359 3192  Themes - ok
19:32:23.0390 3192  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\System32\tlntsvr.exe
19:32:23.0468 3192  TlntSvr - ok
19:32:23.0500 3192  [ 8021A499DB46B2961C285168671CB9AF ] Tones           C:\WINDOWS\system32\DRIVERS\HSF_TONE.sys
19:32:23.0578 3192  Tones - ok
19:32:23.0578 3192  TosIde - ok
19:32:23.0578 3192  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
19:32:23.0656 3192  TrkWks - ok
19:32:23.0671 3192  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
19:32:23.0765 3192  Udfs - ok
19:32:23.0765 3192  ultra - ok
19:32:23.0921 3192  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
19:32:23.0968 3192  UMVPFSrv - ok
19:32:24.0031 3192  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
19:32:24.0171 3192  Update - ok
19:32:24.0218 3192  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:32:24.0281 3192  upnphost - ok
19:32:24.0296 3192  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
19:32:24.0390 3192  UPS - ok
19:32:24.0437 3192  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
19:32:24.0515 3192  usbaudio - ok
19:32:24.0562 3192  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:32:24.0640 3192  usbccgp - ok
19:32:24.0640 3192  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:32:24.0718 3192  usbehci - ok
19:32:24.0781 3192  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:32:24.0875 3192  usbhub - ok
19:32:24.0875 3192  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:32:24.0953 3192  usbprint - ok
19:32:24.0953 3192  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:32:25.0031 3192  usbscan - ok
19:32:25.0046 3192  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:32:25.0125 3192  USBSTOR - ok
19:32:25.0140 3192  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:32:25.0234 3192  usbuhci - ok
19:32:25.0281 3192  [ 269C0ADE94B90029B12497747BE408CB ] V124            C:\WINDOWS\system32\DRIVERS\HSF_V124.sys
19:32:25.0390 3192  V124 - ok
19:32:25.0421 3192  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
19:32:25.0500 3192  VgaSave - ok
19:32:25.0500 3192  ViaIde - ok
19:32:25.0531 3192  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
19:32:25.0609 3192  VolSnap - ok
19:32:25.0656 3192  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
19:32:25.0718 3192  VSS - ok
19:32:25.0718 3192  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
19:32:25.0796 3192  W32Time - ok
19:32:25.0796 3192  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:32:25.0921 3192  Wanarp - ok
19:32:25.0953 3192  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
19:32:25.0984 3192  Wdf01000 - ok
19:32:26.0000 3192  WDICA - ok
19:32:26.0062 3192  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
19:32:26.0156 3192  wdmaud - ok
19:32:26.0203 3192  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:32:26.0296 3192  WebClient - ok
19:32:26.0359 3192  [ BE3A842C2F2E87E7C840D36BCF13E8E0 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
19:32:26.0406 3192  winachsf - ok
19:32:26.0515 3192  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:32:26.0640 3192  winmgmt - ok
19:32:26.0781 3192  [ D9250B31B353EE3322C1CAD411997E38 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:32:26.0843 3192  wlidsvc - ok
19:32:26.0890 3192  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
19:32:26.0968 3192  WmdmPmSN - ok
19:32:27.0000 3192  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
19:32:27.0062 3192  Wmi - ok
19:32:27.0125 3192  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe
19:32:27.0234 3192  WmiApSrv - ok
19:32:27.0343 3192  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
19:32:27.0406 3192  WMPNetworkSvc - ok
19:32:27.0468 3192  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:32:27.0468 3192  WpdUsb - ok
19:32:27.0609 3192  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:32:27.0656 3192  WPFFontCache_v0400 - ok
19:32:27.0703 3192  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
19:32:27.0796 3192  wscsvc - ok
19:32:27.0828 3192  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:32:27.0906 3192  WSTCODEC - ok
19:32:27.0937 3192  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
19:32:28.0062 3192  wuauserv - ok
19:32:28.0109 3192  [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:32:28.0171 3192  WudfPf - ok
19:32:28.0187 3192  [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:32:28.0218 3192  WudfRd - ok
19:32:28.0250 3192  [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
19:32:28.0265 3192  WudfSvc - ok
19:32:28.0312 3192  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
19:32:28.0468 3192  WZCSVC - ok
19:32:28.0500 3192  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
19:32:28.0578 3192  xmlprov - ok
19:32:28.0578 3192  ================ Scan global ===============================
19:32:28.0625 3192  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
19:32:28.0687 3192  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
19:32:28.0687 3192  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
19:32:28.0718 3192  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
19:32:28.0718 3192  [Global] - ok
19:32:28.0718 3192  ================ Scan MBR ==================================
19:32:28.0750 3192  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:32:29.0062 3192  \Device\Harddisk0\DR0 - ok
19:32:29.0062 3192  ================ Scan VBR ==================================
19:32:29.0062 3192  [ 52FE3258CB2E7641EC69AE01FA3066C4 ] \Device\Harddisk0\DR0\Partition1
19:32:29.0062 3192  \Device\Harddisk0\DR0\Partition1 - ok
19:32:29.0062 3192  ============================================================
19:32:29.0062 3192  Scan finished
19:32:29.0062 3192  ============================================================
19:32:29.0171 2372  Detected object count: 8
19:32:29.0171 2372  Actual detected object count: 8
19:32:51.0875 2372  Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:51.0875 2372  Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:32:51.0875 2372  BANTExt ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:51.0875 2372  BANTExt ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:32:51.0875 2372  BrPar ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:51.0875 2372  BrPar ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:32:51.0875 2372  CCALib8 ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:51.0875 2372  CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:32:51.0875 2372  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:51.0875 2372  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:32:51.0875 2372  mbmiodrvr ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:51.0875 2372  mbmiodrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:32:51.0890 2372  pfc ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:51.0890 2372  pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:32:51.0890 2372  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:51.0890 2372  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip



#13 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 13,496 posts

Posted 13 June 2013 - 08:04 PM

okay it found no threats but if i clicked verify file digital signatures it found a few unsigned files. "loaded modules" was not checked either btw.


I don't see anything there that's a problem, so let's do some cleanup.

You can now delete the following programs you downloaded, and any logs they produced:
DDS
Security Check
Malwarebytes Anti-Rootkit
TDSSKiller
AdwCleaner
Junkware Removal Tool

Sophos Virus Removal Tool can be uninstalled from Start > Control Panel > Add or Remove Programs.

According to Security Check, you have both Adobe Reader 8 and Adobe Reader XI installed. I would uninstall the older Adobe Reader 8, but since that might also cause problems with Adobe Reader XI, I recommend you uninstall both and then reinstall version XI. If you no longer have the installer, you can download it from http://get.adobe.com/reader/

Create a Restore Point

  • Go to Start > Programs > Accessories > System Tools > System Restore
  • Select Create a Restore Point and then Next.
  • In the box for "Restore point description", enter a descriptive name and press Create
  • When the "Restore Point Created" window appears, click Close

Run Disk Cleanup

  • Go to Start > Run and type the below line:
    cleanmgr
  • Click OK
    • If you have more than one drive, select the drive Windows is installed on
    • Click OK
  • When Disk Cleanup opens, select the More Options tab
  • In the System Restore section (bottom of window), click Cleanup
    • In the confirmation window that opens, click Yes
  • Now click on the Disk Cleanup tab and select the following items:
    • Downloaded Program Files
    • Temporary Internet Files
    • Recycle Bin
    • Temporary Files
  • Click OK
  • in the confirmation window, select Yes (Disk Cleanup will close).

To help keep malware off your system:

  • Keep Windows updated at Windows Update or Microsoft Update.
  • Keep your other applications updated, there are vulnerabilities that rely on exploits through other programs like Java, Microsoft Office, Adobe Reader, Flash, and others.
  • Run a program like Secunia Online Software Inspector or FileHippo Update Checker to see what programs need to be updated.
  • Be careful with flash drives, as they can spread infections. See this post on USB/flash drive safety.
  • Stay away from P2P software; even with a clean P2P program, their networks are often riddled with malware.
  • Don't click on attachments or links in e-mail, and read your e-mail in text-only mode for the highest safety.
  • Don't click on links received in instant message programs.
  • In place of Internet Explorer, browse with Firefox with the NoScript and AdBlock Plus add-ons.
  • A HOSTS file will prevent Internet Explorer from communicating with sites known to be associated with adware or spyware. A good regularly updated HOST file is MVPS HOSTS File, available at http://www.mvps.org/...p2002/hosts.htm
  • A free non-resident utility to prevent the installation of ActiveX-based malware is JavaCool's SpywareBlaster. For real-time protection, there is SpywareGuard. Both are available at http://www.javacools...m/products.html
  • I recommend reading Tony Klein's article So How did I get Infected in the First Place? at http://www.spywarein...showtopic=60955

Does your problem appear resolved?


Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#14 greatserpent

greatserpent

    Advanced Member

  • Full Member
  • PipPipPip
  • 106 posts

Posted 14 June 2013 - 07:25 AM

hey joker

 

"According to Security Check, you have both Adobe Reader 8 and Adobe Reader XI installed. I would uninstall the older Adobe Reader 8, but since that might also cause problems with Adobe Reader XI, I recommend you uninstall both and then reinstall version XI. If you no longer have the installer, you can download it from http://get.adobe.com/reader/"

 

i checked add and remove programs and there only appears Adobe Reader XI.

 

Yes the problem seems to be fixed!

 

Thanks so much for your help :)

 


Edited by greatserpent, 14 June 2013 - 07:27 AM.


#15 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 13,496 posts

Posted 06 August 2013 - 07:24 PM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button