• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
greatserpent

Help with Malware

15 posts in this topic

Hi

Okay so basically i was away for a year and my sisters were using the computer, anyway i did a scan with comodo cleaning essentials and also drwebcureit! and it found a bunch of stuff...some trojans and adware. It removed it but then i scanned it again with Drwebcureit and theres still stuff in there and the browser had a different home page.

Basically malwareantibytes did not find anything. Norton internet security 2013 did not find anything. Hitmanpro found something but i got rid of that, Superantispyware found nothing, Emisoft emergency kit found some stuff and so did drwebcureit, tdss killer found some stuff too but i don't know if its malicious. anyway here are the logs.

-------------------------------------------------------------------------------------------------------------------------------------------------

DDS log

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2
Run by Owner at 22:38:48 on 2013-05-14
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1017 [GMT 10:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
C:\Nexon\Mabinogi\npkcmsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\Rar$EX01.125\TDSSKiller.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\System32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com.au/
mStart Page = hxxp://websearch.searchmainia.info/?unqvl=15
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton internet security\engine\20.3.1.22\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton internet security\engine\20.3.1.22\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SimpleAdblock Class: {FFCB3198-32F3-4E8B-9539-4324694ED664} - c:\program files\common files\simple adblock\SimpleAdblock.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\20.3.1.22\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\20.3.1.22\coieplg.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [WUAppSetup] c:\program files\common files\logishrd\WUApp32.exe -v 0x046d -p 0x0990 -f video -m logitech -d 13.30.1394.0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:383
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - c:\program files\bitcomet\tools\BitCometBHO_1.4.12.6.dll/206
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} - hxxp://www.ipix.com/download/ipixx.cab
DPF: {15B782AF-55D8-11D1-B477-006097098764} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1201141713185
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1359791227984
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: NameServer = 198.142.0.51 211.29.132.12 198.142.235.14
TCP: Interfaces\{A4C5CEE8-9B41-422B-A833-0949F3E84FEB} : DHCPNameServer = 198.142.0.51 211.29.132.12 198.142.235.14
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: {4F07DA45-8170-4859-9B5F-037EF2970034} - <orphaned>
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages = msv1_0 nwprovau
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\r9qoei9j.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.searchmainia.info/?unqvl=15&l=1&q=
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: keyword.URL - hxxp://websearch.searchmainia.info/?unqvl=15&l=1&q=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\r9qoei9j.default\extensions\{b042753d-f57e-4e8e-a01b-7379a6d4cefb}\components\IBitCometExtension.dll
FF - component: c:\program files\mozilla firefox\extensions\kavantibanner@kaspersky.ru\components\abhelperxpcom.dll
FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\r9qoei9j.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1202122.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_169.dll
FF - ExtSQL: 2013-04-13 00:49; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\owner\application data\mozilla\firefox\profiles\r9qoei9j.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2011-5-24 28552]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1403010.016\symds.sys [2013-4-18 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1403010.016\symefa.sys [2013-4-18 934488]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.1.22\definitions\bashdefs\20130502.001\BHDrvx86.sys [2013-5-8 1000024]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1403010.016\ccsetx86.sys [2013-4-18 134304]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-23 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-13 67664]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1403010.016\ironx86.sys [2013-4-18 175264]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-5-8 119024]
R2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\garmin\core update service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-3-27 185688]
R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\nero\nero8\incd\NBHRegInCDSrv.exe [2008-7-10 53032]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\20.3.1.22\ccsvchst.exe [2013-4-18 144520]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2012-11-27 659040]
R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2011-4-1 450848]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-12-29 106656]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.1.22\definitions\ipsdefs\20130511.001\IDSXpx86.sys [2013-5-14 373728]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.1.22\definitions\virusdefs\20130513.022\NAVENG.SYS [2013-5-14 93296]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.1.22\definitions\virusdefs\20130513.022\NAVEX15.SYS [2013-5-14 1603824]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-10-12 1691480]
S3 apf001;apf001;c:\game\softnyxgame\gunboundis\apf001.sys [2011-4-27 10872]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2011-10-4 77624]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2011-10-4 20032]
S3 PciCon;PciCon;\??\d:\pcicon.sys --> d:\PciCon.sys [?]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2012-11-27 1225312]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2011-10-4 181432]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
ShellExec: BitComet.exe: open="c:\program files\bitcomet\BitComet.exe"
ShellExec: mplayer2.exe: open="c:\program files\windows media player\mplayer2.exe"/prefetch:8 /Play "%L"
ShellExec: mplayer2.exe: play="c:\program files\windows media player\mplayer2.exe"/prefetch:8 /Play "%L"
.
=============== Created Last 30 ================
.
2013-05-13 18:47:13 30464 ----a-w- c:\windows\system32\drivers\hitmanpro37.sys
2013-05-12 19:22:12 -------- d-----w- c:\documents and settings\owner\Doctor Web
2013-05-12 19:04:33 -------- d-----w- c:\program files\HitmanPro
2013-05-12 19:04:33 -------- d-----w- c:\documents and settings\all users\application data\HitmanPro
2013-05-12 19:01:27 -------- d-----w- c:\documents and settings\all users\application data\StarApp
2013-05-12 19:01:23 -------- d-----w- c:\program files\SimpleSpeedy
2013-05-12 18:39:08 -------- d-----w- C:\CCE_Quarantine
2013-04-27 15:24:00 -------- d-----w- c:\documents and settings\owner\local settings\application data\Garmin
2013-04-27 15:22:38 -------- d-----w- c:\documents and settings\all users\application data\Package Cache
2013-04-18 17:43:34 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-17 23:22:39 394656 ----a-w- c:\windows\system32\drivers\nis\1403010.016\symtdi.sys
2013-04-17 23:22:39 350368 ----a-w- c:\windows\system32\drivers\nis\1403010.016\symtdiv.sys
2013-04-17 23:22:39 338592 ----a-w- c:\windows\system32\drivers\nis\1403010.016\symnets.sys
2013-04-17 23:22:39 21400 ----a-r- c:\windows\system32\drivers\nis\1403010.016\symelam.sys
2013-04-17 23:22:38 934488 ----a-w- c:\windows\system32\drivers\nis\1403010.016\symefa.sys
2013-04-17 23:22:38 602712 ----a-w- c:\windows\system32\drivers\nis\1403010.016\srtsp.sys
2013-04-17 23:22:38 367704 ----a-w- c:\windows\system32\drivers\nis\1403010.016\symds.sys
2013-04-17 23:22:38 32344 ----a-w- c:\windows\system32\drivers\nis\1403010.016\srtspx.sys
2013-04-17 23:22:38 175264 ----a-w- c:\windows\system32\drivers\nis\1403010.016\ironx86.sys
2013-04-17 23:22:38 134304 ----a-w- c:\windows\system32\drivers\nis\1403010.016\ccsetx86.sys
2013-04-17 23:22:12 14818 ----a-w- c:\windows\system32\drivers\nis\1403010.016\symvtcer.dat
2013-04-17 23:22:12 -------- d-----w- c:\windows\system32\drivers\nis\1403010.016
.
==================== Find3M ====================
.
2013-04-10 20:14:55 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-04-10 19:47:16 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-10 19:47:16 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-04 04:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-03 11:52:45 1072544 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-04-03 11:52:45 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-04-03 11:50:31 1072544 ----a-w- c:\windows\system32\nvdrsdb1.bin
2013-03-22 14:22:30 7536640 ----a-w- c:\windows\system32\nvcuda.dll
2013-03-22 14:22:30 1869600 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-03-22 14:22:28 19189760 ----a-w- c:\windows\system32\nvoglnt.dll
2013-03-22 14:22:26 12653120 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-03-22 14:22:24 5967872 ----a-w- c:\windows\system32\nvopencl.dll
2013-03-22 14:22:22 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-03-22 14:22:22 1010464 ----a-w- c:\windows\system32\nvdispco3230790.dll
2013-03-22 14:22:20 4494720 ----a-w- c:\windows\system32\nv4_disp.dll
2013-03-22 14:22:16 893728 ----a-w- c:\windows\system32\nvdispgenco3230790.dll
2013-03-22 14:22:16 2392064 ----a-w- c:\windows\system32\nvapi.dll
2013-03-22 14:22:14 2582816 ----a-w- c:\windows\system32\nvcuvid.dll
2013-03-21 22:26:06 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-03-21 22:26:00 156448 ----a-w- c:\windows\system32\nvsvc32.exe
2013-03-21 22:26:00 15517984 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-21 22:26:00 108832 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-21 22:25:59 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-03-16 06:30:42 4546560 ----a-w- c:\windows\system32\GPhotos.scr
2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-08 02:33:27 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-08 02:33:27 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-07 01:32:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-02 02:06:31 916480 ----a-w- c:\windows\system32\wininet.dll
2013-03-02 02:06:30 43520 ------w- c:\windows\system32\licmgr10.dll
2013-03-02 02:06:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-03-02 01:25:02 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-03-02 01:08:47 385024 ------w- c:\windows\system32\html.iec
2013-02-27 07:56:51 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-02-17 22:22:18 884072 ----a-w- c:\windows\system32\nvhdagenco3220103.dll
2013-02-17 22:22:18 28008 ----a-w- c:\windows\system32\nvhdap32.dll
2013-02-17 22:22:18 124264 ----a-w- c:\windows\system32\drivers\nvhda32.sys
2011-07-22 02:39:49 6925312 ----a-w- c:\program files\etax2011_1.msi
2008-11-11 20:49:03 2400784 ----a-w- c:\program files\WLinstaller.exe
2008-02-14 04:23:12 231944 ----a-w- c:\program files\gwflash.exe
2007-09-21 09:42:42 19008 ----a-w- c:\program files\markfun.a64
2007-08-21 09:49:28 17912 ----a-w- c:\program files\markfun.w32
2007-03-01 18:48:50 240448 ----a-w- c:\program files\gwf32.exe
2006-11-23 13:47:50 207680 ----a-w- c:\program files\BIOS_Run.exe
2005-04-27 09:40:26 6800 ----a-w- c:\program files\W95_HUA.vxd
.
============= FINISH: 22:40:16.42 ===============

Security Check

 

Results of screen317's Security Check version 0.99.63
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
AVG Anti-Virus Free Edition 2011
Norton Internet Security
Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
Out of date HijackThis installed!
SpywareBlaster 5.0
SUPERAntiSpyware
Secunia PSI (3.0.0.6001)
Malwarebytes Anti-Malware version 1.75.0.1300
HijackThis 2.0.2
CCleaner
Java 7 Update 21
Adobe Flash Player 11.7.700.169
Adobe Reader 8
Adobe Reader XI
Mozilla Firefox (20.0.1)
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 5%
````````````````````End of Log``````````````````````

also not sure why avg is showing up...i deleted that a long time ago. and besides norton disables anything that will interfere with it.

 

------------------------------------------------------------------------------------------------------------------------------------------

MalwareBytesAntiMalware

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.05.13.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: HOME-L1GY43MFQ0 [administrator]

13/05/2013 5:56:34 PM
mbam-log-2013-05-13 (17-56-34).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 431235
Time elapsed: 5 hour(s), 5 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

--------------------------------------------------------------------------------------------------------------------------------------------

TDSS log

 

22:28:39.0671 1000 TDSS rootkit removing tool 2.8.17.0 Apr 11 2013 11:56:34
22:28:41.0187 1000 ============================================================
22:28:41.0187 1000 Current date / time: 2013/05/14 22:28:41.0187
22:28:41.0187 1000 SystemInfo:
22:28:41.0187 1000
22:28:41.0187 1000 OS Version: 5.1.2600 ServicePack: 3.0
22:28:41.0187 1000 Product type: Workstation
22:28:41.0187 1000 ComputerName: HOME-L1GY43MFQ0
22:28:41.0187 1000 UserName: Owner
22:28:41.0187 1000 Windows directory: C:\WINDOWS
22:28:41.0187 1000 System windows directory: C:\WINDOWS
22:28:41.0187 1000 Processor architecture: Intel x86
22:28:41.0187 1000 Number of processors: 2
22:28:41.0187 1000 Page size: 0x1000
22:28:41.0187 1000 Boot type: Normal boot
22:28:41.0187 1000 ============================================================
22:28:43.0406 1000 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xEC93A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000054
22:28:43.0406 1000 ============================================================
22:28:43.0406 1000 \Device\Harddisk0\DR0:
22:28:43.0406 1000 MBR partitions:
22:28:43.0406 1000 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C41
22:28:43.0406 1000 ============================================================
22:28:43.0453 1000 C: <-> \Device\Harddisk0\DR0\Partition1
22:28:43.0453 1000 ============================================================
22:28:43.0453 1000 Initialize success
22:28:43.0453 1000 ============================================================
22:29:30.0078 1588 ============================================================
22:29:30.0078 1588 Scan started
22:29:30.0078 1588 Mode: Manual; SigCheck; TDLFS;
22:29:30.0078 1588 ============================================================
22:29:31.0250 1588 ================ Scan system memory ========================
22:29:31.0250 1588 System memory - ok
22:29:31.0250 1588 ================ Scan services =============================
22:29:31.0375 1588 [ 44C85670246E4183650EF0E664346DDC ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
22:29:31.0765 1588 !SASCORE - ok
22:29:31.0953 1588 Abiosdsk - ok
22:29:31.0968 1588 abp480n5 - ok
22:29:32.0000 1588 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:29:34.0890 1588 ACPI - ok
22:29:34.0937 1588 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
22:29:35.0140 1588 ACPIEC - ok
22:29:35.0218 1588 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:29:35.0265 1588 AdobeFlashPlayerUpdateSvc - ok
22:29:35.0265 1588 adpu160m - ok
22:29:35.0312 1588 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
22:29:35.0437 1588 aec - ok
22:29:35.0500 1588 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
22:29:35.0625 1588 AFD - ok
22:29:35.0734 1588 [ 0EBB674888CBDEFD5773341C16DD6A07 ] AFS2K C:\WINDOWS\system32\drivers\AFS2K.sys
22:29:35.0843 1588 AFS2K - ok
22:29:35.0859 1588 Aha154x - ok
22:29:35.0859 1588 aic78u2 - ok
22:29:35.0859 1588 aic78xx - ok
22:29:35.0953 1588 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
22:29:36.0078 1588 Alerter - ok
22:29:36.0171 1588 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
22:29:36.0328 1588 ALG - ok
22:29:36.0328 1588 AliIde - ok
22:29:36.0625 1588 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
22:29:36.0937 1588 Ambfilt - ok
22:29:36.0937 1588 amsint - ok
22:29:37.0093 1588 [ 0BF848F3CDD883843769A9070F55A023 ] apf001 C:\Game\SoftnyxGame\GunBoundIS\apf001.sys
22:29:37.0125 1588 apf001 - ok
22:29:37.0265 1588 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:29:37.0296 1588 Apple Mobile Device - ok
22:29:37.0328 1588 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
22:29:37.0437 1588 AppMgmt - ok
22:29:37.0437 1588 asc - ok
22:29:37.0437 1588 asc3350p - ok
22:29:37.0437 1588 asc3550 - ok
22:29:37.0500 1588 [ B979979AB8027F7F53FB16EC4229B7DB ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys
22:29:37.0500 1588 Aspi32 ( UnsignedFile.Multi.Generic ) - warning
22:29:37.0500 1588 Aspi32 - detected UnsignedFile.Multi.Generic (1)
22:29:37.0640 1588 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:29:37.0703 1588 aspnet_state - ok
22:29:37.0765 1588 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:29:37.0953 1588 AsyncMac - ok
22:29:37.0968 1588 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
22:29:38.0125 1588 atapi - ok
22:29:38.0140 1588 Atdisk - ok
22:29:38.0218 1588 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:29:38.0375 1588 Atmarpc - ok
22:29:38.0468 1588 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
22:29:38.0609 1588 AudioSrv - ok
22:29:38.0656 1588 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
22:29:38.0796 1588 audstub - ok
22:29:38.0875 1588 [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt C:\WINDOWS\System32\Drivers\BANTExt.sys
22:29:38.0953 1588 BANTExt ( UnsignedFile.Multi.Generic ) - warning
22:29:38.0953 1588 BANTExt - detected UnsignedFile.Multi.Generic (1)
22:29:39.0015 1588 [ 1B9C81AB9A456EABD9F8335F04B5F495 ] basic2 C:\WINDOWS\system32\DRIVERS\HSF_BSC2.sys
22:29:39.0218 1588 basic2 - ok
22:29:39.0281 1588 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:29:39.0468 1588 Beep - ok
22:29:39.0890 1588 [ 89BF5550E4FC31E3FE728E68C558BF10 ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\BASHDefs\20130502.001\BHDrvx86.sys
22:29:40.0015 1588 BHDrvx86 - ok
22:29:40.0203 1588 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
22:29:40.0437 1588 BITS - ok
22:29:40.0609 1588 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:29:40.0687 1588 Bonjour Service - ok
22:29:40.0734 1588 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
22:29:40.0968 1588 Browser - ok
22:29:41.0000 1588 [ 2FE6D5BE0629F706197B30C0AA05DE30 ] BrPar C:\WINDOWS\System32\drivers\BrPar.sys
22:29:41.0062 1588 BrPar ( UnsignedFile.Multi.Generic ) - warning
22:29:41.0062 1588 BrPar - detected UnsignedFile.Multi.Generic (1)
22:29:49.0609 1588 catchme - ok
22:29:50.0187 1588 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
22:29:50.0296 1588 cbidf2k - ok
22:29:50.0453 1588 [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe
22:29:50.0515 1588 CCALib8 ( UnsignedFile.Multi.Generic ) - warning
22:29:50.0515 1588 CCALib8 - detected UnsignedFile.Multi.Generic (1)
22:29:50.0562 1588 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:29:50.0703 1588 CCDECODE - ok
22:29:50.0859 1588 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_NIS C:\WINDOWS\system32\drivers\NIS\1403010.016\ccSetx86.sys
22:29:50.0921 1588 ccSet_NIS - ok
22:29:50.0921 1588 cd20xrnt - ok
22:29:50.0968 1588 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
22:29:51.0203 1588 Cdaudio - ok
22:29:51.0250 1588 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
22:29:51.0421 1588 Cdfs - ok
22:29:51.0484 1588 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:29:51.0656 1588 Cdrom - ok
22:29:51.0656 1588 Changer - ok
22:29:51.0703 1588 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
22:29:51.0843 1588 CiSvc - ok
22:29:51.0890 1588 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
22:29:52.0062 1588 ClipSrv - ok
22:29:52.0281 1588 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:29:52.0390 1588 clr_optimization_v2.0.50727_32 - ok
22:29:52.0531 1588 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:29:52.0609 1588 clr_optimization_v4.0.30319_32 - ok
22:29:52.0609 1588 CmdIde - ok
22:29:52.0609 1588 COMSysApp - ok
22:29:52.0625 1588 Cpqarray - ok
22:29:52.0703 1588 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
22:29:52.0859 1588 CryptSvc - ok
22:29:52.0859 1588 dac2w2k - ok
22:29:52.0859 1588 dac960nt - ok
22:29:52.0968 1588 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:29:53.0140 1588 DcomLaunch - ok
22:29:53.0187 1588 [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys
22:29:53.0218 1588 dgderdrv - ok
22:29:53.0265 1588 [ AEB179B855161EC9C88172ABC75AD0EF ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
22:29:53.0281 1588 dg_ssudbus - ok
22:29:53.0328 1588 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
22:29:53.0468 1588 Dhcp - ok
22:29:53.0578 1588 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
22:29:53.0781 1588 Disk - ok
22:29:53.0796 1588 dmadmin - ok
22:29:54.0046 1588 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
22:29:54.0296 1588 dmboot - ok
22:29:54.0328 1588 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
22:29:54.0468 1588 dmio - ok
22:29:54.0515 1588 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
22:29:54.0625 1588 dmload - ok
22:29:54.0703 1588 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
22:29:54.0921 1588 dmserver - ok
22:29:54.0953 1588 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
22:29:55.0093 1588 DMusic - ok
22:29:55.0140 1588 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:29:55.0312 1588 Dnscache - ok
22:29:55.0390 1588 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
22:29:55.0515 1588 Dot3svc - ok
22:29:55.0515 1588 dpti2o - ok
22:29:55.0593 1588 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:29:55.0765 1588 drmkaud - ok
22:29:55.0765 1588 EagleNT - ok
22:29:55.0859 1588 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:29:55.0984 1588 EapHost - ok
22:29:56.0187 1588 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
22:29:56.0312 1588 eeCtrl - ok
22:29:56.0390 1588 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
22:29:56.0406 1588 EraserUtilRebootDrv - ok
22:29:56.0453 1588 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
22:29:56.0609 1588 ERSvc - ok
22:29:56.0687 1588 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
22:29:56.0750 1588 Eventlog - ok
22:29:56.0796 1588 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
22:29:56.0984 1588 EventSystem - ok
22:29:57.0140 1588 [ C823DEBE2548656549F84A875D65237B ] Fallback C:\WINDOWS\system32\DRIVERS\HSF_FALL.sys
22:29:57.0343 1588 Fallback - ok
22:29:57.0421 1588 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
22:29:57.0671 1588 Fastfat - ok
22:29:57.0703 1588 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:29:58.0000 1588 FastUserSwitchingCompatibility - ok
22:29:58.0046 1588 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
22:29:58.0187 1588 Fdc - ok
22:29:58.0234 1588 [ A75DDC492D2D1D6558AD8003A4ADB73A ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
22:29:58.0265 1588 FilterService - ok
22:29:58.0343 1588 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
22:29:58.0421 1588 Fips - ok
22:29:58.0453 1588 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:29:58.0609 1588 Flpydisk - ok
22:29:58.0687 1588 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:29:58.0843 1588 FltMgr - ok
22:29:58.0984 1588 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:29:59.0031 1588 FontCache3.0.0.0 - ok
22:29:59.0062 1588 [ 6483414841D4CAB6C3B4DB2AC6EDD70B ] Fsks C:\WINDOWS\system32\DRIVERS\HSF_FSKS.sys
22:29:59.0218 1588 Fsks - ok
22:29:59.0265 1588 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:29:59.0375 1588 Fs_Rec - ok
22:29:59.0390 1588 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:29:59.0531 1588 Ftdisk - ok
22:29:59.0734 1588 [ 2973B4EB7BE10A0D491B2037DCAAE88F ] Garmin Core Update Service C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
22:29:59.0750 1588 Garmin Core Update Service - ok
22:29:59.0859 1588 [ 54789F9BA0D59072CDD4E7C200E122C4 ] gdrv C:\WINDOWS\gdrv.sys
22:29:59.0875 1588 gdrv - ok
22:29:59.0953 1588 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:29:59.0984 1588 GEARAspiWDM - ok
22:30:00.0078 1588 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:30:00.0375 1588 Gpc - ok
22:30:00.0500 1588 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:30:00.0515 1588 gusvc - ok
22:30:00.0609 1588 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:30:00.0734 1588 HDAudBus - ok
22:30:00.0875 1588 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:30:01.0046 1588 helpsvc - ok
22:30:01.0109 1588 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
22:30:01.0218 1588 HidServ - ok
22:30:01.0265 1588 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:30:01.0390 1588 HidUsb - ok
22:30:01.0437 1588 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
22:30:01.0578 1588 hkmsvc - ok
22:30:01.0578 1588 hpn - ok
22:30:01.0656 1588 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:30:02.0000 1588 HPZid412 - ok
22:30:02.0015 1588 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:30:02.0046 1588 HPZipr12 - ok
22:30:02.0140 1588 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:30:02.0203 1588 HPZius12 - ok
22:30:02.0312 1588 [ 6312DC46356DF3974E88AA51B69360DC ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
22:30:02.0468 1588 HSFHWBS2 - ok
22:30:02.0671 1588 [ EBB354438A4C5A3327FB97306260714A ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
22:30:03.0437 1588 HSF_DP - ok
22:30:03.0625 1588 [ DAAB917EEC9849840A13353198D48CC5 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
22:30:03.0765 1588 HSF_DPV - ok
22:30:03.0953 1588 [ 74E379857D4C0DFB56DE2D19B8F4C434 ] hsf_msft C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys
22:30:04.0218 1588 hsf_msft - ok
22:30:04.0328 1588 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
22:30:04.0421 1588 HTTP - ok
22:30:04.0531 1588 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
22:30:04.0640 1588 HTTPFilter - ok
22:30:04.0656 1588 i2omgmt - ok
22:30:04.0656 1588 i2omp - ok
22:30:04.0734 1588 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:30:04.0859 1588 i8042prt - ok
22:30:04.0953 1588 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:30:04.0984 1588 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:30:04.0984 1588 IDriverT - detected UnsignedFile.Multi.Generic (1)
22:30:05.0187 1588 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:30:05.0343 1588 idsvc - ok
22:30:05.0640 1588 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\IPSDefs\20130511.001\IDSxpx86.sys
22:30:05.0703 1588 IDSxpx86 - ok
22:30:05.0750 1588 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
22:30:05.0890 1588 Imapi - ok
22:30:05.0953 1588 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
22:30:06.0046 1588 ImapiService - ok
22:30:06.0125 1588 [ 1DA147ACB525A4822228BE06154C7CBB ] InCDfs C:\WINDOWS\system32\drivers\InCDFs.sys
22:30:06.0156 1588 InCDfs - ok
22:30:06.0234 1588 [ 2EC469A401AE6FE7A67D80EFFD3091B1 ] InCDPass C:\WINDOWS\system32\drivers\InCDPass.sys
22:30:06.0281 1588 InCDPass - ok
22:30:06.0359 1588 [ 544498D06B8CA187A5960B4F3B4BD63E ] InCDRec C:\WINDOWS\system32\drivers\InCDRec.sys
22:30:06.0406 1588 InCDRec - ok
22:30:06.0453 1588 [ 2863A00B0F64D937F0CD9561C53B5A37 ] incdrm C:\WINDOWS\system32\drivers\InCDRm.sys
22:30:06.0468 1588 incdrm - ok
22:30:06.0781 1588 [ CA32EA0F5FC2A36CA44AD7238F18C248 ] InCDsrv C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
22:30:06.0906 1588 InCDsrv - ok
22:30:06.0906 1588 ini910u - ok
22:30:07.0750 1588 [ 319A38A3F786153FFF2A84A48FEB09B1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:30:08.0062 1588 IntcAzAudAddService - ok
22:30:08.0062 1588 IntelIde - ok
22:30:08.0140 1588 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:30:08.0250 1588 intelppm - ok
22:30:08.0265 1588 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
22:30:08.0390 1588 ip6fw - ok
22:30:08.0421 1588 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:30:08.0562 1588 IpFilterDriver - ok
22:30:08.0578 1588 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:30:08.0718 1588 IpInIp - ok
22:30:08.0828 1588 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:30:08.0968 1588 IpNat - ok
22:30:09.0250 1588 [ 02682AE021F0FB92F5768B49776B8B5B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:30:09.0265 1588 iPod Service - ok
22:30:09.0359 1588 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:30:09.0437 1588 IPSec - ok
22:30:09.0453 1588 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
22:30:09.0515 1588 IRENUM - ok
22:30:09.0546 1588 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:30:09.0687 1588 isapnp - ok
22:30:09.0843 1588 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
22:30:09.0875 1588 JavaQuickStarterService - ok
22:30:09.0953 1588 [ 9C5E3FDBFCC30CF71A49CA178B9AD442 ] K56 C:\WINDOWS\system32\DRIVERS\HSF_K56K.sys
22:30:10.0109 1588 K56 - ok
22:30:10.0140 1588 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:30:10.0296 1588 Kbdclass - ok
22:30:10.0328 1588 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:30:10.0453 1588 kbdhid - ok
22:30:10.0531 1588 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
22:30:10.0640 1588 kmixer - ok
22:30:10.0687 1588 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
22:30:10.0796 1588 KSecDD - ok
22:30:10.0843 1588 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
22:30:10.0968 1588 lanmanserver - ok
22:30:11.0046 1588 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:30:11.0109 1588 lanmanworkstation - ok
22:30:11.0109 1588 Lbd - ok
22:30:11.0109 1588 lbrtfdc - ok
22:30:11.0187 1588 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
22:30:11.0312 1588 LmHosts - ok
22:30:11.0484 1588 [ E1158B0CB852DB0573922C92E6E564DE ] lvpopflt C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
22:30:12.0312 1588 lvpopflt - ok
22:30:12.0390 1588 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
22:30:12.0421 1588 LVPr2Mon - ok
22:30:12.0562 1588 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
22:30:12.0640 1588 LVRS - ok
22:30:12.0687 1588 [ 5F987FC1AAD215EC2C60CF07719B1CCE ] LVUSBSta C:\WINDOWS\system32\drivers\LVUSBSta.sys
22:30:12.0703 1588 LVUSBSta - ok
22:30:12.0843 1588 [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
22:30:13.0093 1588 LVUVC - ok
22:30:13.0203 1588 [ 290FB01F7F51EFF0960599404A09F8D6 ] mbmiodrvr C:\WINDOWS\system32\mbmiodrvr.sys
22:30:13.0218 1588 mbmiodrvr ( UnsignedFile.Multi.Generic ) - warning
22:30:13.0218 1588 mbmiodrvr - detected UnsignedFile.Multi.Generic (1)
22:30:13.0281 1588 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:30:13.0312 1588 mdmxsdk - ok
22:30:13.0343 1588 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
22:30:13.0453 1588 Messenger - ok
22:30:13.0546 1588 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:30:13.0562 1588 Microsoft Office Groove Audit Service - ok
22:30:13.0609 1588 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
22:30:13.0734 1588 mnmdd - ok
22:30:13.0781 1588 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
22:30:13.0859 1588 mnmsrvc - ok
22:30:13.0906 1588 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
22:30:14.0000 1588 Modem - ok
22:30:14.0046 1588 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
22:30:14.0156 1588 MODEMCSA - ok
22:30:14.0203 1588 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
22:30:14.0250 1588 Monfilt - ok
22:30:14.0281 1588 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:30:14.0406 1588 Mouclass - ok
22:30:14.0453 1588 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:30:14.0562 1588 mouhid - ok
22:30:14.0593 1588 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
22:30:14.0687 1588 MountMgr - ok
22:30:14.0734 1588 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:30:14.0765 1588 MozillaMaintenance - ok
22:30:14.0765 1588 mraid35x - ok
22:30:14.0796 1588 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:30:14.0937 1588 MRxDAV - ok
22:30:14.0984 1588 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:30:15.0093 1588 MRxSmb - ok
22:30:15.0156 1588 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
22:30:15.0281 1588 MSDTC - ok
22:30:15.0312 1588 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:30:15.0437 1588 Msfs - ok
22:30:15.0453 1588 MSIServer - ok
22:30:15.0468 1588 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\M

Edited by greatserpent

Share this post


Link to post
Share on other sites

Hi

So sorry just realised theres like 4 of the same threads, my internet wasn't loading the page so i thought it didn't post. Can someone please delete the other threads and leave just 1.

 

Done.

Edited by cnm

Share this post


Link to post
Share on other sites

Hi greatserpent, and Welcome Back.

I suggest printing out each set of instructions and reading the entire post before proceeding. It will make following them easier. Please follow the directions in the order listed.

 

Please download Malwarebytes Anti-Rootkit here.
Unzip the contents to a folder on the Desktop.

  • Open the folder where the contents were unzipped and run mbar.exe ( right-click and select Run as administrator for Vista and Windows 7).
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Please post the two logs produced.

Please note: This tool is still in BETA mode, so please ensure you have backed up any important files.

 

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Follow the prompts to reboot the computer. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.

 

Please scan your system with ESET Online Scanner

  • Click the "Run ESET Online Scanner" button.
    • For browsers other then Internet Explorer such as Firefox, Chrome, or Opera (Microsoft Internet Explorer users can skip this step) another page will open to download the ESET Smart Installer
    • Click on esetsmartinstaller_enu.exe
    • Save it to your desktop, and double-click to run it.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

Please post the two logs from Malwarebytes Anti-Rootkit, the log from AdwCleaner, the log from ESET's online scan, and note any errors encountered.

Share this post


Link to post
Share on other sites

Hi thanks :p

 

the only two logs i got was these two but it found nothing

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.666000 GHz
Memory total: 2145824768, free: 1078394880

------------ Kernel report ------------
05/16/2013 01:00:12
------------ Loaded modules -----------
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\System32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
pciide.sys
\WINDOWS\System32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
pavboot.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\System32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
SYMDS.SYS
sr.sys
SYMEFA.SYS
PxHelp20.sys
KSecDD.sys
WudfPf.sys
Ntfs.sys
NDIS.sys
Mup.sys
\SystemRoot\System32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nv4_mini.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\HDAudBus.sys
\SystemRoot\System32\DRIVERS\Rtenicxp.sys
\SystemRoot\System32\DRIVERS\usbuhci.sys
\SystemRoot\System32\DRIVERS\USBPORT.SYS
\SystemRoot\System32\DRIVERS\usbehci.sys
\SystemRoot\System32\DRIVERS\serial.sys
\SystemRoot\System32\DRIVERS\serenum.sys
\SystemRoot\System32\DRIVERS\parport.sys
\SystemRoot\System32\DRIVERS\imapi.sys
\SystemRoot\system32\drivers\pfc.sys
\SystemRoot\System32\Drivers\AFS2K.SYS
\SystemRoot\System32\DRIVERS\cdrom.sys
\SystemRoot\System32\DRIVERS\redbook.sys
\SystemRoot\System32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\InCDPass.sys
\SystemRoot\system32\drivers\InCDRm.sys
\SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\System32\DRIVERS\audstub.sys
\SystemRoot\System32\DRIVERS\rasl2tp.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\DRIVERS\ndiswan.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\raspptp.sys
\SystemRoot\System32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\ptilink.sys
\SystemRoot\System32\DRIVERS\raspti.sys
\SystemRoot\System32\DRIVERS\rdpdr.sys
\SystemRoot\System32\DRIVERS\termdd.sys
\SystemRoot\System32\DRIVERS\kbdclass.sys
\SystemRoot\System32\DRIVERS\mouclass.sys
\SystemRoot\System32\DRIVERS\swenum.sys
\SystemRoot\System32\DRIVERS\update.sys
\SystemRoot\System32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda32.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\DRIVERS\usbhub.sys
\SystemRoot\System32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\RtkHDAud.sys
\SystemRoot\system32\drivers\NIS\1403010.016\ccSetx86.sys
\SystemRoot\System32\Drivers\NIS\1403010.016\SRTSP.SYS
\SystemRoot\system32\drivers\NIS\1403010.016\SRTSPX.SYS
\SystemRoot\system32\drivers\NIS\1403010.016\Ironx86.SYS
\??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
\??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\VirusDefs\20130513.022\NAVEX15.SYS
\??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\VirusDefs\20130513.022\NAVENG.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\InCDRec.sys
\SystemRoot\system32\drivers\InCDFs.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\System32\DRIVERS\ipsec.sys
\SystemRoot\System32\DRIVERS\msgpc.sys
\SystemRoot\System32\DRIVERS\tcpip.sys
\SystemRoot\System32\Drivers\NIS\1403010.016\SYMTDI.SYS
\SystemRoot\System32\DRIVERS\ipnat.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\IPSDefs\20130511.001\IDSxpx86.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbios.sys
\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
\SystemRoot\System32\DRIVERS\rdbss.sys
\SystemRoot\System32\DRIVERS\mrxsmb.sys
\??\C:\WINDOWS\system32\mbmiodrvr.sys
\SystemRoot\System32\Drivers\Fips.SYS
\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
\??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\BASHDefs\20130502.001\BHDrvx86.sys
\SystemRoot\System32\Drivers\BANTExt.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\nwlnkipx.sys
\SystemRoot\system32\DRIVERS\nwlnknb.sys
\SystemRoot\System32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\nwrdr.sys
\SystemRoot\System32\DRIVERS\mrxdav.sys
\SystemRoot\system32\DRIVERS\nwlnkspx.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\System32\drivers\BrPar.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\System32\Drivers\Aspi32.SYS
\SystemRoot\System32\DRIVERS\HSF_FALL.sys
\SystemRoot\System32\DRIVERS\HSF_FSKS.sys
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\HSF_K56K.sys
\SystemRoot\System32\DRIVERS\mdmxsdk.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\DRIVERS\HSF_FAXX.sys
\SystemRoot\System32\DRIVERS\HSF_TONE.sys
\SystemRoot\System32\DRIVERS\HSF_V124.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8ac83ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\
Lower Device Object: 0xffffffff8abc3d98
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Load Function returned 0x0
Downloaded database version: v2013.05.15.08
Downloaded database version: v2013.05.14.03
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8ac83ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8ac82e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8ac83ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8ac883b8, DeviceName: \Device\0000007a\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8abc3d98, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffea1e06c8, 0xffffffff8ac83ab8, 0xffffffff89043688
Lower DeviceData: 0xffffffffea6e9e08, 0xffffffff8abc3d98, 0xffffffff890ee040
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\WINDOWS\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
File kernel read failed: C:\WINDOWS\system32\drivers\afd.sys
File kernel read failed: C:\WINDOWS\system32\drivers\mrxsmb.sys
File kernel read failed: C:\WINDOWS\system32\drivers\serscan.sys
File kernel read failed: C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
File kernel read failed: C:\WINDOWS\system32\drivers\hitmanpro35.sys
File kernel read failed: C:\WINDOWS\system32\drivers\HPZid412.sys
File kernel read failed: C:\WINDOWS\system32\drivers\HPZipr12.sys
File kernel read failed: C:\WINDOWS\system32\drivers\HPZius12.sys
File kernel read failed: C:\WINDOWS\system32\drivers\pavboot.sys
File kernel read failed: C:\WINDOWS\system32\drivers\pccsmcfd.sys
File kernel read failed: C:\WINDOWS\system32\drivers\portcls.sys
File kernel read failed: C:\WINDOWS\system32\drivers\psi_mf.sys
File kernel read failed: C:\WINDOWS\system32\drivers\usb8023.sys
File kernel read failed: C:\WINDOWS\system32\drivers\usb8023x.sys
File kernel read failed: C:\WINDOWS\system32\drivers\ks.sys
File kernel read failed: C:\WINDOWS\system32\drivers\srv.sys
File kernel read failed: C:\WINDOWS\system32\drivers\ssudbus.sys
File kernel read failed: C:\WINDOWS\system32\drivers\ssudmdm.sys
File kernel read failed: C:\WINDOWS\system32\drivers\stream.sys
File kernel read failed: C:\WINDOWS\system32\drivers\dgderdrv.sys
File kernel read failed: C:\WINDOWS\system32\drivers\drmk.sys
File kernel read failed: C:\WINDOWS\system32\drivers\iKeyLFT2.dll
File kernel read failed: C:\WINDOWS\system32\drivers\ndistapi.sys
File kernel read failed: C:\WINDOWS\system32\drivers\nv4_mini.sys
File kernel read failed: C:\WINDOWS\system32\drivers\nvhda32.sys
File kernel read failed: C:\WINDOWS\system32\drivers\LVFaL100.cfg
File kernel read failed: C:\WINDOWS\system32\drivers\LVFeL100.cfg
File kernel read failed: C:\WINDOWS\system32\drivers\LVFeL101.cfg
File kernel read failed: C:\WINDOWS\system32\drivers\LVFeL102.cfg
File kernel read failed: C:\WINDOWS\system32\drivers\LVPr2Mon.sys
File kernel read failed: C:\WINDOWS\system32\drivers\mbam.sys
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: FBB65D35

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 976768065
Partition file system is NTFS
Partition is bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500106780160 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-976751055-976771055)...
Done!
Performing system, memory and registry scan...
Read File: File "c:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\brndlog.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\hpzinstall.log" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\avg9\Cfg\updateall.cfg" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\avg9\scanlogs\srm.idx" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\DVD Shrink\Analysis Results.e5f0eb47" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Nero\Nero Container\f1.bin" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Nero\Nero Container\f2.bin" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Nero\Nero Container\f5.bin" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\dd.lic" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\ThirdPartyPay.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\PC Suite\Settings\PCCSConfig.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\PMB Files\pando.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\InterAction studios\CI3\CI3.pro.P24914a96" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\InterAction studios\CI3\CI3.pro.Pa7f9312e" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Lavasoft\MiniMessage\1" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft\FSX\SceneryStatus.BIN" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\{67B8BA57-0EA0-486A-A317-D058394D8DE3}\instance.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\{67B8BA57-0EA0-486A-A317-D058394D8DE3}\setup.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\Hx.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\Hx_3081_MValidator.Lck" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.EXCEL.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.EXCEL.12.1033_3081_MValidator.Lck" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.EXCEL.DEV.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.GRAPH.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.GROOVE.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.INFOPATH.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.INFOPATHEDITOR.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSACCESS.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSACCESS.12.1033_3081_MValidator.Lck" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSE.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSPUB.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSPUB.DEV.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSTORE.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.OIS.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.ONENOTE.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.OUTLOOK.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.OUTLOOK.DEV.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.POWERPNT.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.POWERPNT.12.1033_3081_MValidator.Lck" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.POWERPNT.DEV.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.RIBBON.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.SETLANG.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.WINWORD.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.WINWORD.12.1033_3081_MValidator.Lck" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.WINWORD.DEV.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft Help\MS.MSACCESS.DEV.12.1033.hxn" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\brndlog.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Ahead\NeroVision\Direct3D.log" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Ahead\NeroVision\nve-am.bin" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Ahead\NeroVision\nve-mtmpl.bin" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Apple Computer\Preferences\iTunes.exe.plist" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\DivX\DivX Player\DownloadQueue.dlq" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\DNA\dna.lng" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\DNA\rss.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Elluminate\ExTRA.properties" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\EndNote\crcx3.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\EndNote\ENDBCookies.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\EndNote\ENDefaultFilter.enf" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\ICAClient\UISTATE.INI" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\ICAClient\wfcwin32.log" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Macromedia\Authorware Web Player\AWSHKWV.INI" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Media Player\00035C79.wpl" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\CLView\Toolbars.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Office\CLView12.pip" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Office\MSO1031.acl" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Office\MSO1032.acl" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Office\MSO2057.acl" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Office\OrgDB12.pip" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Office\VB12.pip" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Microsoft\UProof\ExcludeDictionaryEN0809.lex" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Nokia\ContentCopier\Settings_CC4.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Nokia\GetConnectedWizard\Settings.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Nokia\Music Manager\Settings.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Nseries\GetConnectedWizard\Settings.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Real\RealMediaSDK\c0a80000.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Real\RealMediaSDK\c0a80100.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\RipIt4Me\DebugLog.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Application Data\Uniblue\Registry Booster2\ignorelist.dat" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.txt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\pscript.sep" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\desktop.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\dsound.vxd" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\login.cmd" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\perfwci.h" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\View Channels.scf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\cmos.ram" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\prodspec.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\spupdwxp.log" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\BAOCH06A.DAT" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\pcl.sep" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\perfci.h" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\perffilt.h" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\BRLMW03A.INI" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\nvModes.dat" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\l_except.nls" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\drivers\etc\networks" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\oobe\migip.dun" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\oobe\migrate.isp" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\oobe\msobe.isp" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\oobe\obeip.dun" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\oobe\oobeinfo.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\oobe\reg.isp" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\wbem\wmiclivalueformat.xsl" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\webct_upload_applet.properties" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\vb.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\webica.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\ipixActivex.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\explorer.scf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\vbaddin.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Downloaded Program Files\MsnPUpld.inf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Downloaded Program Files\NvidiaSmartScan.inf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Downloaded Program Files\swflash.inf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Downloaded Program Files\wuweb.inf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Downloaded Program Files\ImageUploader4.inf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\ciadmin.htm" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\conf.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\connect.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\winhlp32.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\mshearts.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\msnauth.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\nocontnt.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\ratings.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\update.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Help\windows.cnt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\cons5cWebUpdate2dWin2k.ico0.ico" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\installutil.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\regsvcs.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\regsvcs.exe.rtm.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet.mof.uninstall" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\caspol.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cvtres.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ieexec.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\jsc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\l_except.nlp" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\XPThemes.manifest" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\regasm.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\regsvcs.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\SetupENU1.txt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\SetupENU2.txt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ASP.NETClientFiles\SmartNav.htm" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\_dataperfcounters_shared12_neutral.h" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_regsql.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\caspol.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet.mof.uninstall" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\_DataOracleClientPerfCounters_shared12_neutral.h" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ieexec.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regasm.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe.config" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\XPThemes.manifest" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\webAdminNoNavBar.master" is compressed (flags = 1)
Read File: File "c:\WINDOWS\Web\bullet.gif" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Administrator\Local Settings\History\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Administrator\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Local Settings\History\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Default User\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\NetworkService\Local Settings\History\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Local Settings\Application Data\ApplicationHistory\MSIBD.tmp.71e56c5c.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini" is compressed (flags = 1)
Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe\Updater5\acrobatPI.log" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe\Updater5\AdobeUpdaterPrefs.dat" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Portable Devices\wpdlog00.sqm" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Portable Devices\wpdlog01.sqm" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Portable Devices\wpdlog02.sqm" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Portable Devices\wpdlog03.sqm" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Portable Devices\wpdlog04.sqm" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Local Settings\Application Data\ApplicationHistory\MSIBD.tmp.71e56c5c.ini" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows Live Mail\oeold.xml" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows Live Mail\sqmnoopt00.sqm" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Local Settings\Application Data\Nokia\MPlatform\TranscodeQueue.sav" is compressed (flags = 1)
Read File: File "c:\WINDOWS\$NtUninstallKB968930$\about_globbing.help.txt" is compressed (flags = 1)
Read File: File "c:\WINDOWS\$NtUninstallKB915865$\update.ver" is compressed (flags = 1)
Read File: File "c:\WINDOWS\$NtUninstallKB915865$\updatebr.inf" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\backups\backup-20091113-191213-244" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\backups\backup-20091113-191213-609" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\backups\backup-20091113-191213-995" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\backups\backup-20091113-194345-429" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\WORD documents\~$mester 1 timetable third year.docx" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\Old Desktop Stuff\9 molluscs notes 2007.url" is compressed (flags = 1)
Read File: File "c:\documents and settings\owner\desktop\desktop\word & excel & powerpoint & everythin else\old desktop stuff\relativeresourcemanager;jsessionid=hdnnshbqrstp87qdxnchlf2hzdny7194cffhpdhm7pgvmnttvrrg!-2126166584!zaurak-5.its.deakin.edu.au!80!-1!1914973217!zaurak-6.its.deakin.edu.pdf" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\Old Desktop Stuff\My Computer.lnk" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\Old Desktop Stuff\WaterDance3.asx" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\GooglePacman\Read Me.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\keygen\file_id.diz" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\SecurityCheck\starttime.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\SecurityCheck\endtime.txt" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\Owner\Desktop\DeskTop\word & excel & powerpoint & everythin else\Logs files\avg installation error.txt" is compressed (flags = 1)
Done!
Scan finished
=======================================

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.666000 GHz
Memory total: 2145824768, free: 1594880000

=======================================

 

 

 

 

 

 

Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.05.15.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: HOME-L1GY43MFQ0 [administrator]

16/05/2013 2:40:44 AM
mbar-log-2013-05-16 (02-40-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29917
Time elapsed: 1 hour(s), 39 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

 

 

 

 

 

 

 

 

# AdwCleaner v2.300 - Logfile created 05/16/2013 at 03:47:44
# Updated 28/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - HOME-L1GY43MFQ0
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\0IWP88YF\adwcleaner[1].exe
# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\r9qoei9j.default\searchplugins\safesearch.xml
Folder Deleted : C:\Documents and Settings\All Users\Application Data\InstallMate
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Premium
Folder Deleted : C:\Documents and Settings\Owner\Application Data\OpenCandy
Folder Deleted : C:\Documents and Settings\Owner\Application Data\PriceGong
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\Ilivid Player
Folder Deleted : C:\Program Files\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3201318
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\TENCENT

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.searchmainia.info/?unqvl=15 --> hxxp://www.google.com

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\r9qoei9j.default\prefs.js

Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Deleted : user_pref("aol_toolbar.default.search.check", false);
Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.searchmainia.info/?unqvl=15&l=1&q=");
Deleted : user_pref("browser.search.order.1", "WebSearch");
Deleted : user_pref("browser.search.order.1,S", "WebSearch");
Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
Deleted : user_pref("extensions.508663b517f0a.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Deleted : user_pref("keyword.URL", "hxxp://websearch.searchmainia.info/?unqvl=15&l=1&q=");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

*************************

AdwCleaner[R1].txt - [6611 octets] - [16/05/2013 03:42:30]
AdwCleaner[s1].txt - [6001 octets] - [16/05/2013 03:47:44]

########## EOF - C:\AdwCleaner[s1].txt - [6061 octets] ##########

 

 

 

 

 

 

 

and eset found this one

 

C:\Documents and Settings\Owner\Desktop\Installation files\YouTubeDownloaderSetup33.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined

Share this post


Link to post
Share on other sites

Sorry, I missed your reply

Go to STart > Control Panel > Add or Remove Programs, and if you see any entry for AVG, uninstall it.

If that doesn't work, download this manual uninstaller from AVG, save it to your Desktop, and double-click on it to run it:
http://download.avg.com/filedir/util/AVG_Remover_en.exe

 

Please download Junkware Removal Tool to your Desktop.

  • Disconnect from the Internet (unplug your connection to your router or modem).
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Restart your security software and reconnect to the Internet.
  • Please post the contents of JRT.txt into your reply.

 

 

Download the Sophos Virus Removal Tool and save it to your desktop:

  • Be sure to view the 3 short How-to videos on that page.
  • Double-click Sophos Virus Removal Tool.exe. The installation files will extract and the installer will automatically run.
  • Follow the prompts to accept the license agreement, and accept the default location.
  • A message will appear "InstallShield Wizard Completed".
  • Click 'Finish' to start the program.
  • After it updates and a "Start Scanning" button appears in the lower right:
    • Disconnect from the Internet or physically unplug you Internet cable connection.
    • Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.
    • Temporarily disable your anti-virus and real-time anti-spyware protection.
  • Click the "Start Scanning" button in the lower right to start the scan.
  • After starting the scan, do not use the computer until the scan has completed.
  • When finished, if it detected anything there will be a "Start Clean-up" button, click it and allow it to finish.
  • When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.
  • A log will be in the following location:
  • Vista and above: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log
    --for 64-bit C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log
  • 2000/XP/Server 2003: C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log
  • Please post the log in your next reply.

 

Please re-run Security Check and post a new log.

 

Please post the logs from Junkware Removal Tool (JRT.txt), the Sophos Virus Removal Tool, the new log from Security Check, and note any errors encountered.

How is the system running now?

Share this post


Link to post
Share on other sites

hey its okay

 

heres the logs

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Microsoft Windows XP x86
Ran by Owner on Tue 11/06/2013 at 14:58:32.46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\wxdownload"
Successfully deleted: [Folder] "C:\Documents and Settings\Owner\Application Data\registry mechanic"
Successfully deleted: [Folder] "C:\Program Files\registry mechanic"
Successfully deleted: [Folder] "C:\Program Files\SimpleSpeedy"



~~~ FireFox

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\safesearch.xml"
Successfully deleted: [File] C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\r9qoei9j.default\searchplugins\safesearch.xml
Successfully deleted: [Folder] C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\r9qoei9j.default\extensions\508663b517e59@508663b517e92.com
Emptied folder: C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\r9qoei9j.default\minidumps [4 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 11/06/2013 at 15:02:18.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

 

 

2013-06-11 15:06:28 Sophos Virus Removal Tool version 2.3
2013-06-11 15:06:28 Copyright © 2009-2012 Sophos Limited. All rights reserved.

2013-06-11 15:06:28 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2013-06-11 15:06:28 Windows version 5.1 SP 3.0 Service Pack 3 build 2600 SM=0x100 PT=0x1 Win32
2013-06-11 15:06:28 Checking for updates...
2013-06-11 15:06:40 Option all = no
2013-06-11 15:06:40 Option recurse = yes
2013-06-11 15:06:40 Option archive = no
2013-06-11 15:06:40 Option service = yes
2013-06-11 15:06:40 Option confirm = yes
2013-06-11 15:06:40 Option sxl = yes
2013-06-11 15:06:40 Option max-data-age = 35
2013-06-11 15:06:40 Component SVRTcli.exe version 2.3
2013-06-11 15:06:40 Component control.dll version 2.3
2013-06-11 15:06:40 Component SVRTservice.exe version 2.3
2013-06-11 15:06:40 Component engine\osdp.dll version 1.44.0.2080
2013-06-11 15:06:40 Component engine\veex.dll version 3.43.0.2080
2013-06-11 15:06:40 Component engine\savi.dll version 7.5.11.2080
2013-06-11 15:06:40 Component rkdisk.dll version 1.5.30.0
2013-06-11 15:06:40 Version info: Product version 2.3
2013-06-11 15:06:40 Version info: Detection engine 3.43.0
2013-06-11 15:06:40 Version info: Detection data 4.89
2013-06-11 15:06:40 Version info: Build date 5/8/2013
2013-06-11 15:06:40 Version info: Data files added 442
2013-06-11 15:06:40 Version info: Last successful update (not yet updated)
2013-06-11 15:06:57 Update progress: proxy server not available
2013-06-11 15:08:24 Downloading updates...
2013-06-11 15:08:24 Update progress: [i96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0
2013-06-11 15:08:24 Update progress: [i49502] Found supplement SAVIW32 LATEST 4
2013-06-11 15:08:24 Update progress: [i49502] Found supplement IDE490 LATEST
2013-06-11 15:08:24 Update progress: [i49502] Found supplement IDE491 LATEST
2013-06-11 15:08:24 Update progress: [i49502] Found supplement IDE492 LATEST
2013-06-11 15:08:24 Update progress: [i49502] Found supplement IDE493 LATEST
2013-06-11 15:08:24 Update progress: [i19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2013-06-11 15:08:24 Update progress: [i19463] Syncing product SAVIW32 27
2013-06-11 15:08:33 Update progress: [i19463] Syncing product IDE490 182
2013-06-11 15:08:35 Installing updates...
2013-06-11 15:08:36 Update progress: [i19463] Syncing product IDE491 181
2013-06-11 15:08:36 Update progress: [i19463] Syncing product IDE492 85
2013-06-11 15:08:36 Update progress: [i19463] Syncing product IDE493 1
2013-06-11 15:08:52 Update successful
2013-06-11 15:09:00 Option all = no
2013-06-11 15:09:00 Option recurse = yes
2013-06-11 15:09:00 Option archive = no
2013-06-11 15:09:00 Option service = yes
2013-06-11 15:09:00 Option confirm = yes
2013-06-11 15:09:00 Option sxl = yes
2013-06-11 15:09:00 Option max-data-age = 35
2013-06-11 15:09:00 Component SVRTcli.exe version 2.3
2013-06-11 15:09:00 Component control.dll version 2.3
2013-06-11 15:09:00 Component SVRTservice.exe version 2.3
2013-06-11 15:09:00 Component engine\osdp.dll version 1.44.0.2080
2013-06-11 15:09:00 Component engine\veex.dll version 3.43.0.2080
2013-06-11 15:09:00 Component engine\savi.dll version 7.5.11.2080
2013-06-11 15:09:00 Component rkdisk.dll version 1.5.30.0
2013-06-11 15:09:00 Version info: Product version 2.3
2013-06-11 15:09:00 Version info: Detection engine 3.43.0
2013-06-11 15:09:00 Version info: Detection data 4.89G
2013-06-11 15:09:00 Version info: Build date 5/8/2013
2013-06-11 15:09:00 Version info: Data files added 442
2013-06-11 15:09:00 Version info: Last successful update 6/11/2013 3:08:52 PM

2013-06-11 15:09:57 Couldn't apply option 'SXLLiveProtection' to the detection engine.
2013-06-11 15:23:24 Could not open C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\CmnClnt\_lck\_AVPAPP_{BB639333-810A-4bf8-85F5-C537857F55FC}0
2013-06-11 15:23:24 Could not open C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\CmnClnt\_lck\_ISDATAPR_{E8EFD4CD-DE52-4444-9511-EFF3B158724B}0
2013-06-11 15:23:24 Could not open C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\CmnClnt\_lck\_ISDATAPR_{FF9AC67A-E394-46ae-B150-B3365343F166}G
2013-06-11 15:23:24 Could not open C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\CmnClnt\_lck\_RDRPluginG
2013-06-11 15:23:24 Could not open C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\CmnClnt\_lck\_SNDPluginG
2013-06-11 15:23:24 Could not open C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\CmnClnt\_lck\_SvcMgr-A2B50D70-5EA1-45a0-A983-0DB9E7101676G
2013-06-11 15:23:24 Could not open C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\CmnClnt\_lck\_{4E9CB39A-5F78-4887-A3D6-2790DE9DDE11}0

2013-06-11 16:16:14 Scan completed.
2013-06-11 16:16:14

------------------------------------------------------------

 

i can't run the securitycheck...it says

UNSUPPORTED OPERATING SYSTEM! ABORTED!

 

system seems to run okay now i mean if you can't spot anything then i think its okay

Edited by greatserpent

Share this post


Link to post
Share on other sites

i can't run the securitycheck...it says

UNSUPPORTED OPERATING SYSTEM! ABORTED!

 

That shouldn't happen.

Please delete your current copy SecurityCheck.exe.

Download a new copy of Security Check by screen317 from here or here.

Save it to your Desktop.

Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Share this post


Link to post
Share on other sites

hey yep it worked

 

Results of screen317's Security Check version 0.99.64
Windows XP Service Pack 3 x86
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Norton Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Out of date HijackThis installed!
SpywareBlaster 5.0
SUPERAntiSpyware
Secunia PSI (3.0.0.6001)
Malwarebytes Anti-Malware version 1.75.0.1300
HijackThis 2.0.2
CCleaner
Java 7 Update 21
Adobe Flash Player 11.7.700.224
Adobe Reader 8
Adobe Reader XI
Mozilla Firefox (21.0)
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 6%
````````````````````End of Log``````````````````````

Share this post


Link to post
Share on other sites

tdss killer found some stuff too but i don't know if its malicious.

Since you ran TDDS Killer, but didn't know how to interpret the log, let's go ahead and check that, but with a new copy.

 

Delete your current copy of tdsskiller.exe.

 

Please download tdsskiller.exe and save it to your Desktop. Go here for information.

  • Right-click on TDSSKiller.exe and select "Run as administrator".
  • Choose "Change Parameters"
    • Check "Detect TDLFS file system"
    • Hit OK
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
  • If a suspicious file is detected, the default action will be Skip, click on Continue
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.
  • Please post the log from TDSSkiller.log in your next reply. Please check to see if anything was cut off by the maximum post length, and if it was, look for where it was cut off and post the remainder. It may take multiple replies to post the entire log.

Share this post


Link to post
Share on other sites

okay it found no threats but if i clicked verify file digital signatures it found a few unsigned files. "loaded modules" was not checked either btw.

 

18:53:47.0031 3860 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

18:53:48.0921 3860 ============================================================

18:53:48.0921 3860 Current date / time: 2013/06/13 18:53:48.0921

18:53:48.0921 3860 SystemInfo:

18:53:48.0921 3860

18:53:48.0921 3860 OS Version: 5.1.2600 ServicePack: 3.0

18:53:48.0921 3860 Product type: Workstation

18:53:48.0921 3860 ComputerName: HOME-L1GY43MFQ0

18:53:48.0921 3860 UserName: Owner

18:53:48.0921 3860 Windows directory: C:\WINDOWS

18:53:48.0921 3860 System windows directory: C:\WINDOWS

18:53:48.0921 3860 Processor architecture: Intel x86

18:53:48.0921 3860 Number of processors: 2

18:53:48.0921 3860 Page size: 0x1000

18:53:48.0921 3860 Boot type: Normal boot

18:53:48.0921 3860 ============================================================

18:53:51.0656 3860 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xEC93A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000054

18:53:51.0656 3860 ============================================================

18:53:51.0656 3860 \Device\Harddisk0\DR0:

18:53:51.0656 3860 MBR partitions:

18:53:51.0656 3860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C41

18:53:51.0656 3860 ============================================================

18:53:51.0703 3860 C: <-> \Device\Harddisk0\DR0\Partition1

18:53:51.0796 3860 ============================================================

18:53:51.0796 3860 Initialize success

18:53:51.0796 3860 ============================================================

18:54:19.0843 3560 ============================================================

18:54:19.0843 3560 Scan started

18:54:19.0843 3560 Mode: Manual; TDLFS;

18:54:19.0843 3560 ============================================================

18:54:20.0343 3560 ================ Scan system memory ========================

18:54:20.0343 3560 System memory - ok

18:54:20.0343 3560 ================ Scan services =============================

18:54:20.0468 3560 [ 44C85670246E4183650EF0E664346DDC ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

18:54:20.0484 3560 !SASCORE - ok

18:54:20.0609 3560 Abiosdsk - ok

18:54:20.0609 3560 abp480n5 - ok

18:54:20.0656 3560 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:54:20.0671 3560 ACPI - ok

18:54:20.0718 3560 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

18:54:20.0750 3560 ACPIEC - ok

18:54:20.0828 3560 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

18:54:20.0843 3560 AdobeFlashPlayerUpdateSvc - ok

18:54:20.0843 3560 adpu160m - ok

18:54:20.0875 3560 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

18:54:20.0875 3560 aec - ok

18:54:20.0921 3560 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

18:54:20.0937 3560 AFD - ok

18:54:20.0984 3560 [ 0EBB674888CBDEFD5773341C16DD6A07 ] AFS2K C:\WINDOWS\system32\drivers\AFS2K.sys

18:54:21.0000 3560 AFS2K - ok

18:54:21.0000 3560 Aha154x - ok

18:54:21.0015 3560 aic78u2 - ok

18:54:21.0015 3560 aic78xx - ok

18:54:21.0062 3560 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

18:54:21.0062 3560 Alerter - ok

18:54:21.0078 3560 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

18:54:21.0078 3560 ALG - ok

18:54:21.0093 3560 AliIde - ok

18:54:21.0156 3560 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys

18:54:21.0187 3560 Ambfilt - ok

18:54:21.0187 3560 amsint - ok

18:54:21.0296 3560 [ 0BF848F3CDD883843769A9070F55A023 ] apf001 C:\Game\SoftnyxGame\GunBoundIS\apf001.sys

18:54:21.0312 3560 apf001 - ok

18:54:21.0421 3560 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

18:54:21.0437 3560 Apple Mobile Device - ok

18:54:21.0500 3560 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll

18:54:21.0500 3560 AppMgmt - ok

18:54:21.0500 3560 asc - ok

18:54:21.0500 3560 asc3350p - ok

18:54:21.0500 3560 asc3550 - ok

18:54:21.0546 3560 [ B979979AB8027F7F53FB16EC4229B7DB ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys

18:54:21.0546 3560 Aspi32 - ok

18:54:21.0687 3560 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

18:54:21.0734 3560 aspnet_state - ok

18:54:21.0781 3560 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:54:21.0781 3560 AsyncMac - ok

18:54:21.0796 3560 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

18:54:21.0796 3560 atapi - ok

18:54:21.0812 3560 Atdisk - ok

18:54:21.0828 3560 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:54:21.0828 3560 Atmarpc - ok

18:54:21.0890 3560 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

18:54:21.0890 3560 AudioSrv - ok

18:54:21.0953 3560 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

18:54:21.0953 3560 audstub - ok

18:54:22.0015 3560 [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt C:\WINDOWS\System32\Drivers\BANTExt.sys

18:54:22.0015 3560 BANTExt - ok

18:54:22.0031 3560 [ 1B9C81AB9A456EABD9F8335F04B5F495 ] basic2 C:\WINDOWS\system32\DRIVERS\HSF_BSC2.sys

18:54:22.0031 3560 basic2 - ok

18:54:22.0078 3560 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

18:54:22.0078 3560 Beep - ok

18:54:22.0250 3560 [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\BASHDefs\20130531.001\BHDrvx86.sys

18:54:22.0250 3560 BHDrvx86 - ok

18:54:22.0312 3560 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

18:54:22.0578 3560 BITS - ok

18:54:22.0687 3560 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

18:54:22.0703 3560 Bonjour Service - ok

18:54:22.0750 3560 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll

18:54:22.0765 3560 Browser - ok

18:54:22.0828 3560 [ 2FE6D5BE0629F706197B30C0AA05DE30 ] BrPar C:\WINDOWS\System32\drivers\BrPar.sys

18:54:22.0828 3560 BrPar - ok

18:54:23.0171 3560 catchme - ok

18:54:23.0296 3560 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

18:54:23.0296 3560 cbidf2k - ok

18:54:23.0421 3560 [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe

18:54:23.0421 3560 CCALib8 - ok

18:54:23.0484 3560 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

18:54:23.0500 3560 CCDECODE - ok

18:54:23.0640 3560 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_NIS C:\WINDOWS\system32\drivers\NIS\1403010.016\ccSetx86.sys

18:54:23.0656 3560 ccSet_NIS - ok

18:54:23.0671 3560 cd20xrnt - ok

18:54:23.0718 3560 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

18:54:23.0718 3560 Cdaudio - ok

18:54:23.0765 3560 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

18:54:23.0781 3560 Cdfs - ok

18:54:23.0812 3560 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:54:23.0859 3560 Cdrom - ok

18:54:23.0859 3560 Changer - ok

18:54:23.0906 3560 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

18:54:23.0921 3560 CiSvc - ok

18:54:23.0953 3560 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

18:54:23.0968 3560 ClipSrv - ok

18:54:24.0109 3560 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:54:24.0187 3560 clr_optimization_v2.0.50727_32 - ok

18:54:24.0234 3560 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:54:24.0250 3560 clr_optimization_v4.0.30319_32 - ok

18:54:24.0250 3560 CmdIde - ok

18:54:24.0265 3560 COMSysApp - ok

18:54:24.0265 3560 Cpqarray - ok

18:54:24.0312 3560 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

18:54:24.0312 3560 CryptSvc - ok

18:54:24.0312 3560 dac2w2k - ok

18:54:24.0328 3560 dac960nt - ok

18:54:24.0375 3560 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

18:54:24.0375 3560 DcomLaunch - ok

18:54:24.0437 3560 [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys

18:54:24.0500 3560 dgderdrv - ok

18:54:24.0531 3560 [ AEB179B855161EC9C88172ABC75AD0EF ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys

18:54:24.0562 3560 dg_ssudbus - ok

18:54:24.0625 3560 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

18:54:24.0625 3560 Dhcp - ok

18:54:24.0640 3560 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

18:54:24.0656 3560 Disk - ok

18:54:24.0656 3560 dmadmin - ok

18:54:24.0687 3560 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

18:54:24.0687 3560 dmboot - ok

18:54:24.0718 3560 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

18:54:24.0718 3560 dmio - ok

18:54:24.0750 3560 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

18:54:24.0781 3560 dmload - ok

18:54:24.0828 3560 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

18:54:24.0828 3560 dmserver - ok

18:54:24.0875 3560 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

18:54:24.0875 3560 DMusic - ok

18:54:24.0921 3560 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

18:54:24.0921 3560 Dnscache - ok

18:54:24.0968 3560 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

18:54:25.0000 3560 Dot3svc - ok

18:54:25.0000 3560 dpti2o - ok

18:54:25.0046 3560 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

18:54:25.0046 3560 drmkaud - ok

18:54:25.0062 3560 EagleNT - ok

18:54:25.0078 3560 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

18:54:25.0078 3560 EapHost - ok

18:54:25.0250 3560 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

18:54:25.0265 3560 eeCtrl - ok

18:54:25.0281 3560 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

18:54:25.0281 3560 EraserUtilRebootDrv - ok

18:54:25.0312 3560 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

18:54:25.0312 3560 ERSvc - ok

18:54:25.0359 3560 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

18:54:25.0390 3560 Eventlog - ok

18:54:25.0406 3560 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll

18:54:25.0406 3560 EventSystem - ok

18:54:25.0437 3560 [ C823DEBE2548656549F84A875D65237B ] Fallback C:\WINDOWS\system32\DRIVERS\HSF_FALL.sys

18:54:25.0453 3560 Fallback - ok

18:54:25.0515 3560 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

18:54:25.0515 3560 Fastfat - ok

18:54:25.0562 3560 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

18:54:25.0578 3560 FastUserSwitchingCompatibility - ok

18:54:25.0578 3560 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys

18:54:25.0578 3560 Fdc - ok

18:54:25.0625 3560 [ A75DDC492D2D1D6558AD8003A4ADB73A ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys

18:54:25.0625 3560 FilterService - ok

18:54:25.0671 3560 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

18:54:25.0671 3560 Fips - ok

18:54:25.0718 3560 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys

18:54:25.0718 3560 Flpydisk - ok

18:54:25.0765 3560 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

18:54:25.0796 3560 FltMgr - ok

18:54:25.0890 3560 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

18:54:25.0906 3560 FontCache3.0.0.0 - ok

18:54:25.0906 3560 [ 6483414841D4CAB6C3B4DB2AC6EDD70B ] Fsks C:\WINDOWS\system32\DRIVERS\HSF_FSKS.sys

18:54:25.0906 3560 Fsks - ok

18:54:25.0937 3560 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:54:25.0953 3560 Fs_Rec - ok

18:54:26.0000 3560 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:54:26.0000 3560 Ftdisk - ok

18:54:26.0140 3560 [ 2973B4EB7BE10A0D491B2037DCAAE88F ] Garmin Core Update Service C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

18:54:26.0265 3560 Garmin Core Update Service - ok

18:54:26.0328 3560 [ 54789F9BA0D59072CDD4E7C200E122C4 ] gdrv C:\WINDOWS\gdrv.sys

18:54:26.0343 3560 gdrv - ok

18:54:26.0406 3560 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

18:54:26.0406 3560 GEARAspiWDM - ok

18:54:26.0468 3560 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:54:26.0531 3560 Gpc - ok

18:54:26.0734 3560 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

18:54:26.0843 3560 gusvc - ok

18:54:26.0890 3560 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

18:54:26.0890 3560 HDAudBus - ok

18:54:26.0968 3560 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

18:54:26.0968 3560 helpsvc - ok

18:54:27.0000 3560 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll

18:54:27.0000 3560 HidServ - ok

18:54:27.0062 3560 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys

18:54:27.0093 3560 HidUsb - ok

18:54:27.0156 3560 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

18:54:27.0171 3560 hkmsvc - ok

18:54:27.0171 3560 hpn - ok

18:54:27.0218 3560 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys

18:54:27.0218 3560 HPZid412 - ok

18:54:27.0250 3560 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

18:54:27.0250 3560 HPZipr12 - ok

18:54:27.0250 3560 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys

18:54:27.0250 3560 HPZius12 - ok

18:54:27.0281 3560 [ 6312DC46356DF3974E88AA51B69360DC ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys

18:54:27.0281 3560 HSFHWBS2 - ok

18:54:27.0359 3560 [ EBB354438A4C5A3327FB97306260714A ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys

18:54:27.0359 3560 HSF_DP - ok

18:54:27.0406 3560 [ DAAB917EEC9849840A13353198D48CC5 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys

18:54:27.0406 3560 HSF_DPV - ok

18:54:27.0437 3560 [ 74E379857D4C0DFB56DE2D19B8F4C434 ] hsf_msft C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys

18:54:27.0453 3560 hsf_msft - ok

18:54:27.0500 3560 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

18:54:27.0500 3560 HTTP - ok

18:54:27.0531 3560 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

18:54:27.0531 3560 HTTPFilter - ok

18:54:27.0546 3560 i2omgmt - ok

18:54:27.0546 3560 i2omp - ok

18:54:27.0593 3560 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

18:54:27.0593 3560 i8042prt - ok

18:54:27.0687 3560 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

18:54:27.0703 3560 IDriverT - ok

18:54:27.0781 3560 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

18:54:27.0796 3560 idsvc - ok

18:54:27.0984 3560 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\IPSDefs\20130612.001\IDSxpx86.sys

18:54:27.0984 3560 IDSxpx86 - ok

18:54:28.0031 3560 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

18:54:28.0031 3560 Imapi - ok

18:54:28.0078 3560 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe

18:54:28.0078 3560 ImapiService - ok

18:54:28.0125 3560 [ 1DA147ACB525A4822228BE06154C7CBB ] InCDfs C:\WINDOWS\system32\drivers\InCDFs.sys

18:54:28.0125 3560 InCDfs - ok

18:54:28.0125 3560 [ 2EC469A401AE6FE7A67D80EFFD3091B1 ] InCDPass C:\WINDOWS\system32\drivers\InCDPass.sys

18:54:28.0125 3560 InCDPass - ok

18:54:28.0140 3560 [ 544498D06B8CA187A5960B4F3B4BD63E ] InCDRec C:\WINDOWS\system32\drivers\InCDRec.sys

18:54:28.0140 3560 InCDRec - ok

18:54:28.0156 3560 [ 2863A00B0F64D937F0CD9561C53B5A37 ] incdrm C:\WINDOWS\system32\drivers\InCDRm.sys

18:54:28.0156 3560 incdrm - ok

18:54:28.0281 3560 [ CA32EA0F5FC2A36CA44AD7238F18C248 ] InCDsrv C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe

18:54:28.0281 3560 InCDsrv - ok

18:54:28.0296 3560 ini910u - ok

18:54:28.0437 3560 [ 319A38A3F786153FFF2A84A48FEB09B1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

18:54:28.0453 3560 IntcAzAudAddService - ok

18:54:28.0468 3560 IntelIde - ok

18:54:28.0515 3560 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

18:54:28.0515 3560 intelppm - ok

18:54:28.0546 3560 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys

18:54:28.0546 3560 ip6fw - ok

18:54:28.0562 3560 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:54:28.0562 3560 IpFilterDriver - ok

18:54:28.0578 3560 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:54:28.0578 3560 IpInIp - ok

18:54:28.0609 3560 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:54:28.0609 3560 IpNat - ok

18:54:28.0703 3560 [ FE56897B27ED266F9C4E7D90A0B5DA47 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

18:54:28.0703 3560 iPod Service - ok

18:54:28.0750 3560 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:54:28.0750 3560 IPSec - ok

18:54:28.0796 3560 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

18:54:28.0796 3560 IRENUM - ok

18:54:28.0828 3560 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:54:28.0828 3560 isapnp - ok

18:54:28.0953 3560 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe

18:54:28.0953 3560 JavaQuickStarterService - ok

18:54:28.0968 3560 [ 9C5E3FDBFCC30CF71A49CA178B9AD442 ] K56 C:\WINDOWS\system32\DRIVERS\HSF_K56K.sys

18:54:28.0968 3560 K56 - ok

18:54:28.0984 3560 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:54:28.0984 3560 Kbdclass - ok

18:54:29.0046 3560 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys

18:54:29.0046 3560 kbdhid - ok

18:54:29.0109 3560 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

18:54:29.0109 3560 kmixer - ok

18:54:29.0156 3560 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

18:54:29.0156 3560 KSecDD - ok

18:54:29.0187 3560 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

18:54:29.0187 3560 lanmanserver - ok

18:54:29.0234 3560 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

18:54:29.0250 3560 lanmanworkstation - ok

18:54:29.0265 3560 Lbd - ok

18:54:29.0265 3560 lbrtfdc - ok

18:54:29.0296 3560 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

18:54:29.0296 3560 LmHosts - ok

18:54:29.0375 3560 [ E1158B0CB852DB0573922C92E6E564DE ] lvpopflt C:\WINDOWS\system32\DRIVERS\lvpopflt.sys

18:54:29.0390 3560 lvpopflt - ok

18:54:29.0421 3560 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\WINDOWS\system32\Drivers\LVPr2Mon.sys

18:54:29.0421 3560 LVPr2Mon - ok

18:54:29.0484 3560 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys

18:54:29.0484 3560 LVRS - ok

18:54:29.0531 3560 [ 5F987FC1AAD215EC2C60CF07719B1CCE ] LVUSBSta C:\WINDOWS\system32\drivers\LVUSBSta.sys

18:54:29.0531 3560 LVUSBSta - ok

18:54:29.0625 3560 [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys

18:54:29.0687 3560 LVUVC - ok

18:54:29.0750 3560 [ 290FB01F7F51EFF0960599404A09F8D6 ] mbmiodrvr C:\WINDOWS\system32\mbmiodrvr.sys

18:54:29.0750 3560 mbmiodrvr - ok

18:54:29.0812 3560 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

18:54:29.0812 3560 mdmxsdk - ok

18:54:29.0875 3560 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll

18:54:29.0921 3560 Messenger - ok

18:54:30.0140 3560 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe

18:54:30.0140 3560 Microsoft Office Groove Audit Service - ok

18:54:30.0187 3560 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

18:54:30.0187 3560 mnmdd - ok

18:54:30.0234 3560 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe

18:54:30.0234 3560 mnmsrvc - ok

18:54:30.0265 3560 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys

18:54:30.0265 3560 Modem - ok

18:54:30.0296 3560 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys

18:54:30.0296 3560 MODEMCSA - ok

18:54:30.0359 3560 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys

18:54:30.0375 3560 Monfilt - ok

18:54:30.0390 3560 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:54:30.0390 3560 Mouclass - ok

18:54:30.0453 3560 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

18:54:30.0453 3560 mouhid - ok

18:54:30.0515 3560 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

18:54:30.0515 3560 MountMgr - ok

18:54:30.0578 3560 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

18:54:30.0578 3560 MozillaMaintenance - ok

18:54:30.0578 3560 mraid35x - ok

18:54:30.0578 3560 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:54:30.0593 3560 MRxDAV - ok

18:54:30.0640 3560 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:54:30.0640 3560 MRxSmb - ok

18:54:30.0687 3560 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe

18:54:30.0687 3560 MSDTC - ok

18:54:30.0703 3560 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

18:54:30.0703 3560 Msfs - ok

18:54:30.0703 3560 MSIServer - ok

18:54:30.0718 3560 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:54:30.0718 3560 MSKSSRV - ok

18:54:30.0750 3560 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:54:30.0750 3560 MSPCLOCK - ok

18:54:30.0750 3560 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

18:54:30.0750 3560 MSPQM - ok

18:54:30.0781 3560 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:54:30.0781 3560 mssmbios - ok

18:54:30.0828 3560 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys

18:54:30.0828 3560 MSTEE - ok

18:54:30.0843 3560 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

18:54:30.0843 3560 Mup - ok

18:54:30.0859 3560 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

18:54:30.0859 3560 NABTSFEC - ok

18:54:30.0921 3560 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll

18:54:30.0921 3560 napagent - ok

18:54:31.0031 3560 [ CE2156DF796D41614AB60E68D107D573 ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\VirusDefs\20130612.009\NAVENG.SYS

18:54:31.0046 3560 NAVENG - ok

18:54:31.0093 3560 [ 19CEB8F4EC8C800A53D0B67E658E0367 ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\VirusDefs\20130612.009\NAVEX15.SYS

18:54:31.0093 3560 NAVEX15 - ok

18:54:31.0156 3560 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

18:54:31.0156 3560 NDIS - ok

18:54:31.0171 3560 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys

18:54:31.0187 3560 NdisIP - ok

18:54:31.0218 3560 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:54:31.0218 3560 NdisTapi - ok

18:54:31.0234 3560 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:54:31.0234 3560 Ndisuio - ok

18:54:31.0234 3560 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:54:31.0234 3560 NdisWan - ok

18:54:31.0296 3560 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

18:54:31.0296 3560 NDProxy - ok

18:54:31.0343 3560 [ A8960FA773CCC3E38515F637E19A76C0 ] NeroRegInCDSrv C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe

18:54:31.0343 3560 NeroRegInCDSrv - ok

18:54:31.0359 3560 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

18:54:31.0359 3560 NetBIOS - ok

18:54:31.0406 3560 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

18:54:31.0406 3560 NetBT - ok

18:54:31.0453 3560 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe

18:54:31.0453 3560 NetDDE - ok

18:54:31.0453 3560 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

18:54:31.0468 3560 NetDDEdsdm - ok

18:54:31.0515 3560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe

18:54:31.0515 3560 Netlogon - ok

18:54:31.0531 3560 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll

18:54:31.0531 3560 Netman - ok

18:54:31.0578 3560 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

18:54:31.0593 3560 NetTcpPortSharing - ok

18:54:31.0687 3560 [ 241BD3019FB31E812A51B31B06906335 ] NIS C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe

18:54:31.0687 3560 NIS - ok

18:54:31.0703 3560 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll

18:54:31.0718 3560 Nla - ok

18:54:31.0843 3560 [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

18:54:31.0843 3560 NMIndexingService - ok

18:54:31.0875 3560 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

18:54:31.0875 3560 Npfs - ok

18:54:31.0968 3560 [ B28873F1A04DFFD29D03D6EB201F9E49 ] npkcmsvc C:\Nexon\Mabinogi\npkcmsvc.exe

18:54:31.0968 3560 npkcmsvc - ok

18:54:31.0968 3560 npkcrypt - ok

18:54:32.0000 3560 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

18:54:32.0000 3560 Ntfs - ok

18:54:32.0031 3560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe

18:54:32.0031 3560 NtLmSsp - ok

18:54:32.0078 3560 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

18:54:32.0093 3560 NtmsSvc - ok

18:54:32.0156 3560 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

18:54:32.0156 3560 Null - ok

18:54:32.0390 3560 [ 785500CE8693C06EAAF29FAA64DB17C5 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

18:54:32.0453 3560 nv - ok

18:54:32.0500 3560 [ A211AB524324E84C2C805B52DFCDD544 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys

18:54:32.0500 3560 NVHDA - ok

18:54:32.0562 3560 [ 3A990B8FA88E1B9F2D99C1B9B8D76F4B ] NVSvc C:\WINDOWS\system32\nvsvc32.exe

18:54:32.0562 3560 NVSvc - ok

18:54:32.0671 3560 [ 14314A33845ABD19CADA062A037CC2F6 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

18:54:32.0687 3560 nvUpdatusService - ok

18:54:32.0796 3560 [ 2C2FD0E6B0180F94C260DD26706AA5F4 ] NWCWorkstation C:\WINDOWS\System32\nwwks.dll

18:54:32.0812 3560 NWCWorkstation - ok

18:54:32.0859 3560 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:54:32.0859 3560 NwlnkFlt - ok

18:54:32.0859 3560 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:54:32.0859 3560 NwlnkFwd - ok

18:54:32.0890 3560 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys

18:54:32.0890 3560 NwlnkIpx - ok

18:54:32.0921 3560 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys

18:54:32.0921 3560 NwlnkNb - ok

18:54:32.0921 3560 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys

18:54:32.0921 3560 NwlnkSpx - ok

18:54:32.0968 3560 [ 36B9B950E3D2E100970A48D8BAD86740 ] NWRDR C:\WINDOWS\system32\DRIVERS\nwrdr.sys

18:54:32.0968 3560 NWRDR - ok

18:54:33.0031 3560 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

18:54:33.0031 3560 odserv - ok

18:54:33.0062 3560 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

18:54:33.0062 3560 ose - ok

18:54:33.0125 3560 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

18:54:33.0125 3560 Parport - ok

18:54:33.0125 3560 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

18:54:33.0125 3560 PartMgr - ok

18:54:33.0187 3560 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

18:54:33.0187 3560 ParVdm - ok

18:54:33.0218 3560 [ 3ADB8BD6154A3EF87496E8FCE9C22493 ] pavboot C:\WINDOWS\system32\drivers\pavboot.sys

18:54:33.0218 3560 pavboot - ok

18:54:33.0265 3560 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

18:54:33.0265 3560 pccsmcfd - ok

18:54:33.0265 3560 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

18:54:33.0265 3560 PCI - ok

18:54:33.0265 3560 PciCon - ok

18:54:33.0265 3560 PCIDump - ok

18:54:33.0281 3560 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

18:54:33.0281 3560 PCIIde - ok

18:54:33.0296 3560 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

18:54:33.0296 3560 Pcmcia - ok

18:54:33.0296 3560 PDCOMP - ok

18:54:33.0312 3560 PDFRAME - ok

18:54:33.0312 3560 PDRELI - ok

18:54:33.0312 3560 PDRFRAME - ok

18:54:33.0312 3560 perc2 - ok

18:54:33.0312 3560 perc2hib - ok

18:54:33.0359 3560 [ 5903FA75200807AD739286BBF40C4904 ] pfc C:\WINDOWS\system32\drivers\pfc.sys

18:54:33.0359 3560 pfc - ok

18:54:33.0375 3560 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe

18:54:33.0375 3560 PlugPlay - ok

18:54:33.0437 3560 [ FB03F341FF5380394BF2EE52F1979925 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe

18:54:33.0453 3560 Pml Driver HPZ12 - ok

18:54:33.0453 3560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

18:54:33.0453 3560 PolicyAgent - ok

18:54:33.0515 3560 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:54:33.0515 3560 PptpMiniport - ok

18:54:33.0562 3560 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys

18:54:33.0578 3560 Processor - ok

18:54:33.0578 3560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

18:54:33.0578 3560 ProtectedStorage - ok

18:54:33.0625 3560 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf.sys

18:54:33.0625 3560 PSI - ok

18:54:33.0671 3560 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:54:33.0671 3560 Ptilink - ok

18:54:33.0671 3560 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys

18:54:33.0687 3560 PxHelp20 - ok

18:54:33.0687 3560 ql1080 - ok

18:54:33.0687 3560 Ql10wnt - ok

18:54:33.0687 3560 ql12160 - ok

18:54:33.0687 3560 ql1240 - ok

18:54:33.0718 3560 ql1280 - ok

18:54:33.0750 3560 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:54:33.0750 3560 RasAcd - ok

18:54:33.0781 3560 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll

18:54:33.0781 3560 RasAuto - ok

18:54:33.0828 3560 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:54:33.0828 3560 Rasl2tp - ok

18:54:33.0890 3560 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll

18:54:33.0890 3560 RasMan - ok

18:54:33.0890 3560 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:54:33.0890 3560 RasPppoe - ok

18:54:33.0906 3560 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

18:54:33.0921 3560 Raspti - ok

18:54:33.0921 3560 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:54:33.0937 3560 Rdbss - ok

18:54:33.0937 3560 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:54:33.0937 3560 RDPCDD - ok

18:54:33.0937 3560 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys

18:54:33.0937 3560 rdpdr - ok

18:54:33.0984 3560 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

18:54:33.0984 3560 RDPWD - ok

18:54:34.0031 3560 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

18:54:34.0031 3560 RDSessMgr - ok

18:54:34.0093 3560 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

18:54:34.0093 3560 RealNetworks Downloader Resolver Service - ok

18:54:34.0140 3560 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

18:54:34.0140 3560 redbook - ok

18:54:34.0203 3560 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

18:54:34.0203 3560 RemoteAccess - ok

18:54:34.0250 3560 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll

18:54:34.0250 3560 RemoteRegistry - ok

18:54:34.0296 3560 [ BB7549BD94D1AAC3599C7606C50C48A0 ] Rksample C:\WINDOWS\system32\DRIVERS\HSF_SAMP.sys

18:54:34.0296 3560 Rksample - ok

18:54:34.0343 3560 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe

18:54:34.0343 3560 RpcLocator - ok

18:54:34.0390 3560 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll

18:54:34.0390 3560 RpcSs - ok

18:54:34.0421 3560 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe

18:54:34.0421 3560 RSVP - ok

18:54:34.0468 3560 [ C6D34A1874CD2B212DC3E788091C64B4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

18:54:34.0468 3560 RTLE8023xp - ok

18:54:34.0531 3560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe

18:54:34.0531 3560 SamSs - ok

18:54:34.0656 3560 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

18:54:34.0656 3560 SASDIFSV - ok

18:54:34.0687 3560 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

18:54:34.0687 3560 SASKUTIL - ok

18:54:34.0781 3560 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

18:54:34.0781 3560 SCardSvr - ok

18:54:34.0843 3560 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll

18:54:34.0843 3560 Schedule - ok

18:54:34.0875 3560 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:54:34.0875 3560 Secdrv - ok

18:54:34.0906 3560 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll

18:54:34.0906 3560 seclogon - ok

18:54:35.0046 3560 [ 306F9390976E41063D21AB9AB6D48122 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe

18:54:35.0062 3560 Secunia PSI Agent - ok

18:54:35.0140 3560 [ 29C852880E9634F8C6BD77A4E68B5B34 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe

18:54:35.0140 3560 Secunia Update Agent - ok

18:54:35.0187 3560 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll

18:54:35.0187 3560 SENS - ok

18:54:35.0234 3560 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

18:54:35.0234 3560 serenum - ok

18:54:35.0250 3560 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

18:54:35.0250 3560 Serial - ok

18:54:35.0343 3560 [ 2D841B7B7F6DEC32162EDFCC69D61F42 ] ServiceLayer C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe

18:54:35.0359 3560 ServiceLayer - ok

18:54:35.0390 3560 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

18:54:35.0390 3560 Sfloppy - ok

18:54:35.0453 3560 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

18:54:35.0453 3560 SharedAccess - ok

18:54:35.0515 3560 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

18:54:35.0515 3560 ShellHWDetection - ok

18:54:35.0531 3560 Simbad - ok

18:54:35.0640 3560 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe

18:54:35.0656 3560 SkypeUpdate - ok

18:54:35.0703 3560 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys

18:54:35.0750 3560 SLIP - ok

18:54:35.0781 3560 [ D9E8E0CE154A2F6430D9EFABDF730867 ] SoftFax C:\WINDOWS\system32\DRIVERS\HSF_FAXX.sys

18:54:35.0796 3560 SoftFax - ok

18:54:35.0796 3560 Sparrow - ok

18:54:35.0843 3560 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

18:54:35.0859 3560 splitter - ok

18:54:35.0921 3560 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

18:54:35.0921 3560 Spooler - ok

18:54:35.0937 3560 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

18:54:35.0953 3560 sr - ok

18:54:36.0000 3560 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\System32\srsvc.dll

18:54:36.0000 3560 srservice - ok

18:54:36.0140 3560 [ 0A8F71E1DB5432A5B9285111421E77EC ] SRTSP C:\WINDOWS\System32\Drivers\NIS\1403010.016\SRTSP.SYS

18:54:36.0140 3560 SRTSP - ok

18:54:36.0156 3560 [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX C:\WINDOWS\system32\drivers\NIS\1403010.016\SRTSPX.SYS

18:54:36.0156 3560 SRTSPX - ok

18:54:36.0203 3560 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

18:54:36.0203 3560 Srv - ok

18:54:36.0250 3560 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

18:54:36.0250 3560 SSDPSRV - ok

18:54:36.0296 3560 [ 6C0CC5868F99064516FB9F82563A02EA ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys

18:54:36.0296 3560 ssudmdm - ok

18:54:36.0375 3560 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys

18:54:36.0375 3560 StillCam - ok

18:54:36.0437 3560 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll

18:54:36.0437 3560 stisvc - ok

18:54:36.0468 3560 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys

18:54:36.0468 3560 streamip - ok

18:54:36.0515 3560 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

18:54:36.0515 3560 swenum - ok

18:54:36.0531 3560 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

18:54:36.0531 3560 swmidi - ok

18:54:36.0531 3560 SwPrv - ok

18:54:36.0625 3560 [ 267C914667C94E5F47D342311C1C577F ] Symantec RemoteAssist C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe

18:54:36.0625 3560 Symantec RemoteAssist - ok

18:54:36.0625 3560 symc810 - ok

18:54:36.0640 3560 symc8xx - ok

18:54:36.0687 3560 [ 6EA77FF0CE4E839EA8B1CEA5F5B28C00 ] SymDS C:\WINDOWS\system32\drivers\NIS\1403010.016\SYMDS.SYS

18:54:36.0703 3560 SymDS - ok

18:54:36.0703 3560 [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA C:\WINDOWS\system32\drivers\NIS\1403010.016\SYMEFA.SYS

18:54:36.0718 3560 SymEFA - ok

18:54:36.0781 3560 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

18:54:36.0781 3560 SymEvent - ok

18:54:36.0859 3560 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\WINDOWS\system32\drivers\NIS\1403010.016\Ironx86.SYS

18:54:36.0859 3560 SymIRON - ok

18:54:36.0921 3560 [ EC979002EBA25C9D109B2FE0E03457DA ] SYMTDI C:\WINDOWS\System32\Drivers\NIS\1403010.016\SYMTDI.SYS

18:54:36.0921 3560 SYMTDI - ok

18:54:36.0921 3560 sym_hi - ok

18:54:36.0921 3560 sym_u3 - ok

18:54:36.0937 3560 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

18:54:36.0937 3560 sysaudio - ok

18:54:36.0984 3560 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

18:54:36.0984 3560 SysmonLog - ok

18:54:37.0046 3560 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

18:54:37.0046 3560 TapiSrv - ok

18:54:37.0109 3560 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:54:37.0109 3560 Tcpip - ok

18:54:37.0156 3560 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

18:54:37.0156 3560 TDPIPE - ok

18:54:37.0187 3560 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

18:54:37.0187 3560 TDTCP - ok

18:54:37.0203 3560 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

18:54:37.0203 3560 TermDD - ok

18:54:37.0250 3560 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll

18:54:37.0265 3560 TermService - ok

18:54:37.0281 3560 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll

18:54:37.0281 3560 Themes - ok

18:54:37.0328 3560 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe

18:54:37.0328 3560 TlntSvr - ok

18:54:37.0359 3560 [ 8021A499DB46B2961C285168671CB9AF ] Tones C:\WINDOWS\system32\DRIVERS\HSF_TONE.sys

18:54:37.0359 3560 Tones - ok

18:54:37.0375 3560 TosIde - ok

18:54:37.0375 3560 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll

18:54:37.0375 3560 TrkWks - ok

18:54:37.0390 3560 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

18:54:37.0390 3560 Udfs - ok

18:54:37.0390 3560 ultra - ok

18:54:37.0562 3560 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

18:54:37.0562 3560 UMVPFSrv - ok

18:54:37.0640 3560 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

18:54:37.0640 3560 Update - ok

18:54:37.0703 3560 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll

18:54:37.0703 3560 upnphost - ok

18:54:37.0734 3560 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe

18:54:37.0734 3560 UPS - ok

18:54:37.0812 3560 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys

18:54:37.0812 3560 usbaudio - ok

18:54:37.0859 3560 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

18:54:37.0859 3560 usbccgp - ok

18:54:37.0906 3560 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:54:37.0906 3560 usbehci - ok

18:54:37.0953 3560 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:54:37.0953 3560 usbhub - ok

18:54:37.0968 3560 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:54:37.0968 3560 usbprint - ok

18:54:37.0968 3560 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

18:54:37.0968 3560 usbscan - ok

18:54:37.0968 3560 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:54:37.0984 3560 USBSTOR - ok

18:54:37.0984 3560 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys

18:54:38.0000 3560 usbuhci - ok

18:54:38.0046 3560 [ 269C0ADE94B90029B12497747BE408CB ] V124 C:\WINDOWS\system32\DRIVERS\HSF_V124.sys

18:54:38.0062 3560 V124 - ok

18:54:38.0062 3560 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

18:54:38.0062 3560 VgaSave - ok

18:54:38.0078 3560 ViaIde - ok

18:54:38.0109 3560 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

18:54:38.0109 3560 VolSnap - ok

18:54:38.0156 3560 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe

18:54:38.0171 3560 VSS - ok

18:54:38.0171 3560 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll

18:54:38.0171 3560 W32Time - ok

18:54:38.0187 3560 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:54:38.0187 3560 Wanarp - ok

18:54:38.0234 3560 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

18:54:38.0234 3560 Wdf01000 - ok

18:54:38.0234 3560 WDICA - ok

18:54:38.0265 3560 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

18:54:38.0265 3560 wdmaud - ok

18:54:38.0281 3560 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll

18:54:38.0281 3560 WebClient - ok

18:54:38.0343 3560 [ BE3A842C2F2E87E7C840D36BCF13E8E0 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

18:54:38.0343 3560 winachsf - ok

18:54:38.0453 3560 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

18:54:38.0453 3560 winmgmt - ok

18:54:38.0640 3560 [ D9250B31B353EE3322C1CAD411997E38 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

18:54:38.0656 3560 wlidsvc - ok

18:54:38.0718 3560 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

18:54:38.0718 3560 WmdmPmSN - ok

18:54:38.0734 3560 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll

18:54:38.0734 3560 Wmi - ok

18:54:38.0812 3560 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe

18:54:38.0812 3560 WmiApSrv - ok

18:54:38.0890 3560 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

18:54:38.0890 3560 WMPNetworkSvc - ok

18:54:38.0921 3560 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys

18:54:38.0921 3560 WpdUsb - ok

18:54:39.0062 3560 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

18:54:39.0062 3560 WPFFontCache_v0400 - ok

18:54:39.0109 3560 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll

18:54:39.0125 3560 wscsvc - ok

18:54:39.0156 3560 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

18:54:39.0156 3560 WSTCODEC - ok

18:54:39.0187 3560 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

18:54:39.0218 3560 wuauserv - ok

18:54:39.0250 3560 [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

18:54:39.0250 3560 WudfPf - ok

18:54:39.0281 3560 [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

18:54:39.0281 3560 WudfRd - ok

18:54:39.0312 3560 [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

18:54:39.0312 3560 WudfSvc - ok

18:54:39.0375 3560 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

18:54:39.0437 3560 WZCSVC - ok

18:54:39.0484 3560 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

18:54:39.0484 3560 xmlprov - ok

18:54:39.0484 3560 ================ Scan global ===============================

18:54:39.0578 3560 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

18:54:39.0640 3560 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll

18:54:39.0640 3560 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll

18:54:39.0671 3560 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

18:54:39.0687 3560 [Global] - ok

18:54:39.0687 3560 ================ Scan MBR ==================================

18:54:39.0718 3560 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

18:54:40.0078 3560 \Device\Harddisk0\DR0 - ok

18:54:40.0078 3560 ================ Scan VBR ==================================

18:54:40.0078 3560 [ 52FE3258CB2E7641EC69AE01FA3066C4 ] \Device\Harddisk0\DR0\Partition1

18:54:40.0078 3560 \Device\Harddisk0\DR0\Partition1 - ok

18:54:40.0078 3560 ============================================================

18:54:40.0078 3560 Scan finished

18:54:40.0078 3560 ============================================================

18:54:40.0093 3548 Detected object count: 0

18:54:40.0093 3548 Actual detected object count: 0

19:31:10.0984 3192 ============================================================

19:31:11.0000 3192 Scan started

19:31:11.0000 3192 Mode: Manual; SigCheck; TDLFS;

19:31:11.0000 3192 ============================================================

19:31:11.0171 3192 ================ Scan system memory ========================

19:31:11.0171 3192 System memory - ok

19:31:11.0171 3192 ================ Scan services =============================

19:31:11.0296 3192 [ 44C85670246E4183650EF0E664346DDC ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

19:31:11.0843 3192 !SASCORE - ok

19:31:12.0000 3192 Abiosdsk - ok

19:31:12.0000 3192 abp480n5 - ok

19:31:12.0046 3192 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:31:14.0375 3192 ACPI - ok

19:31:14.0437 3192 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

19:31:14.0609 3192 ACPIEC - ok

19:31:14.0687 3192 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

19:31:14.0703 3192 AdobeFlashPlayerUpdateSvc - ok

19:31:14.0718 3192 adpu160m - ok

19:31:14.0750 3192 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

19:31:14.0890 3192 aec - ok

19:31:14.0937 3192 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

19:31:15.0046 3192 AFD - ok

19:31:15.0125 3192 [ 0EBB674888CBDEFD5773341C16DD6A07 ] AFS2K C:\WINDOWS\system32\drivers\AFS2K.sys

19:31:15.0218 3192 AFS2K - ok

19:31:15.0218 3192 Aha154x - ok

19:31:15.0218 3192 aic78u2 - ok

19:31:15.0218 3192 aic78xx - ok

19:31:15.0281 3192 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

19:31:15.0390 3192 Alerter - ok

19:31:15.0421 3192 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

19:31:15.0515 3192 ALG - ok

19:31:15.0515 3192 AliIde - ok

19:31:15.0578 3192 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys

19:31:30.0859 3192 Ambfilt - ok

19:31:30.0859 3192 amsint - ok

19:31:31.0046 3192 [ 0BF848F3CDD883843769A9070F55A023 ] apf001 C:\Game\SoftnyxGame\GunBoundIS\apf001.sys

19:31:31.0078 3192 apf001 - ok

19:31:31.0312 3192 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:31:31.0328 3192 Apple Mobile Device - ok

19:31:31.0406 3192 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll

19:31:31.0609 3192 AppMgmt - ok

19:31:31.0609 3192 asc - ok

19:31:31.0625 3192 asc3350p - ok

19:31:31.0625 3192 asc3550 - ok

19:31:31.0765 3192 [ B979979AB8027F7F53FB16EC4229B7DB ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys

19:31:31.0781 3192 Aspi32 ( UnsignedFile.Multi.Generic ) - warning

19:31:31.0812 3192 Aspi32 - detected UnsignedFile.Multi.Generic (1)

19:31:32.0343 3192 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

19:31:32.0500 3192 aspnet_state - ok

19:31:32.0593 3192 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:31:32.0765 3192 AsyncMac - ok

19:31:32.0796 3192 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

19:31:32.0984 3192 atapi - ok

19:31:32.0984 3192 Atdisk - ok

19:31:33.0093 3192 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:31:33.0203 3192 Atmarpc - ok

19:31:33.0265 3192 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

19:31:33.0375 3192 AudioSrv - ok

19:31:33.0546 3192 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

19:31:33.0734 3192 audstub - ok

19:31:33.0828 3192 [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt C:\WINDOWS\System32\Drivers\BANTExt.sys

19:31:33.0875 3192 BANTExt ( UnsignedFile.Multi.Generic ) - warning

19:31:33.0875 3192 BANTExt - detected UnsignedFile.Multi.Generic (1)

19:31:33.0921 3192 [ 1B9C81AB9A456EABD9F8335F04B5F495 ] basic2 C:\WINDOWS\system32\DRIVERS\HSF_BSC2.sys

19:31:34.0046 3192 basic2 - ok

19:31:34.0156 3192 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

19:31:34.0296 3192 Beep - ok

19:31:34.0640 3192 [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\BASHDefs\20130531.001\BHDrvx86.sys

19:31:43.0953 3192 BHDrvx86 - ok

19:31:44.0078 3192 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

19:31:44.0671 3192 BITS - ok

19:31:45.0078 3192 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

19:31:45.0234 3192 Bonjour Service - ok

19:31:45.0328 3192 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll

19:31:45.0500 3192 Browser - ok

19:31:45.0562 3192 [ 2FE6D5BE0629F706197B30C0AA05DE30 ] BrPar C:\WINDOWS\System32\drivers\BrPar.sys

19:31:45.0593 3192 BrPar ( UnsignedFile.Multi.Generic ) - warning

19:31:45.0593 3192 BrPar - detected UnsignedFile.Multi.Generic (1)

19:31:46.0000 3192 catchme - ok

19:31:46.0234 3192 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

19:31:46.0343 3192 cbidf2k - ok

19:31:46.0531 3192 [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe

19:31:46.0562 3192 CCALib8 ( UnsignedFile.Multi.Generic ) - warning

19:31:46.0562 3192 CCALib8 - detected UnsignedFile.Multi.Generic (1)

19:31:46.0609 3192 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

19:31:46.0703 3192 CCDECODE - ok

19:31:46.0812 3192 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_NIS C:\WINDOWS\system32\drivers\NIS\1403010.016\ccSetx86.sys

19:31:46.0828 3192 ccSet_NIS - ok

19:31:46.0843 3192 cd20xrnt - ok

19:31:46.0890 3192 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

19:31:46.0984 3192 Cdaudio - ok

19:31:47.0031 3192 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

19:31:47.0140 3192 Cdfs - ok

19:31:47.0171 3192 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:31:47.0281 3192 Cdrom - ok

19:31:47.0281 3192 Changer - ok

19:31:47.0328 3192 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

19:31:47.0421 3192 CiSvc - ok

19:31:47.0453 3192 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

19:31:47.0578 3192 ClipSrv - ok

19:31:47.0718 3192 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:31:47.0796 3192 clr_optimization_v2.0.50727_32 - ok

19:31:47.0828 3192 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:31:47.0843 3192 clr_optimization_v4.0.30319_32 - ok

19:31:47.0859 3192 CmdIde - ok

19:31:47.0859 3192 COMSysApp - ok

19:31:47.0859 3192 Cpqarray - ok

19:31:47.0937 3192 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

19:31:48.0078 3192 CryptSvc - ok

19:31:48.0078 3192 dac2w2k - ok

19:31:48.0078 3192 dac960nt - ok

19:31:48.0125 3192 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

19:31:48.0218 3192 DcomLaunch - ok

19:31:48.0296 3192 [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys

19:31:48.0296 3192 dgderdrv - ok

19:31:48.0359 3192 [ AEB179B855161EC9C88172ABC75AD0EF ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys

19:31:48.0375 3192 dg_ssudbus - ok

19:31:48.0421 3192 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

19:31:48.0515 3192 Dhcp - ok

19:31:48.0625 3192 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

19:31:48.0734 3192 Disk - ok

19:31:48.0734 3192 dmadmin - ok

19:31:48.0875 3192 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

19:31:49.0234 3192 dmboot - ok

19:31:49.0343 3192 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

19:31:49.0468 3192 dmio - ok

19:31:49.0500 3192 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

19:31:49.0625 3192 dmload - ok

19:31:49.0843 3192 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

19:31:50.0031 3192 dmserver - ok

19:31:50.0109 3192 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

19:31:50.0265 3192 DMusic - ok

19:31:50.0390 3192 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

19:31:50.0640 3192 Dnscache - ok

19:31:50.0859 3192 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

19:31:50.0984 3192 Dot3svc - ok

19:31:51.0000 3192 dpti2o - ok

19:31:51.0062 3192 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

19:31:51.0187 3192 drmkaud - ok

19:31:51.0203 3192 EagleNT - ok

19:31:51.0250 3192 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

19:31:51.0406 3192 EapHost - ok

19:31:51.0625 3192 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

19:31:51.0671 3192 eeCtrl - ok

19:31:51.0687 3192 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

19:31:51.0718 3192 EraserUtilRebootDrv - ok

19:31:51.0750 3192 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

19:31:51.0859 3192 ERSvc - ok

19:31:51.0921 3192 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

19:31:51.0953 3192 Eventlog - ok

19:31:52.0000 3192 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll

19:31:52.0031 3192 EventSystem - ok

19:31:52.0093 31

Share this post


Link to post
Share on other sites

19:31:52.0093 3192 [ C823DEBE2548656549F84A875D65237B ] Fallback C:\WINDOWS\system32\DRIVERS\HSF_FALL.sys
19:31:52.0203 3192 Fallback - ok
19:31:52.0265 3192 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:31:52.0421 3192 Fastfat - ok
19:31:52.0500 3192 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:31:52.0718 3192 FastUserSwitchingCompatibility - ok
19:31:52.0750 3192 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:31:52.0953 3192 Fdc - ok
19:31:52.0984 3192 [ A75DDC492D2D1D6558AD8003A4ADB73A ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
19:31:53.0000 3192 FilterService - ok
19:31:53.0062 3192 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:31:53.0140 3192 Fips - ok
19:31:53.0156 3192 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:31:53.0250 3192 Flpydisk - ok
19:31:53.0296 3192 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:31:53.0375 3192 FltMgr - ok
19:31:53.0500 3192 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:31:53.0515 3192 FontCache3.0.0.0 - ok
19:31:53.0578 3192 [ 6483414841D4CAB6C3B4DB2AC6EDD70B ] Fsks C:\WINDOWS\system32\DRIVERS\HSF_FSKS.sys
19:31:53.0671 3192 Fsks - ok
19:31:53.0687 3192 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:31:53.0796 3192 Fs_Rec - ok
19:31:53.0812 3192 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:31:53.0921 3192 Ftdisk - ok
19:31:54.0109 3192 [ 2973B4EB7BE10A0D491B2037DCAAE88F ] Garmin Core Update Service C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
19:31:54.0125 3192 Garmin Core Update Service - ok
19:31:54.0156 3192 [ 54789F9BA0D59072CDD4E7C200E122C4 ] gdrv C:\WINDOWS\gdrv.sys
19:31:55.0296 3192 gdrv - ok
19:31:55.0359 3192 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:31:55.0390 3192 GEARAspiWDM - ok
19:31:55.0453 3192 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:31:55.0546 3192 Gpc - ok
19:31:55.0625 3192 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:31:55.0640 3192 gusvc - ok
19:31:55.0687 3192 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:31:55.0781 3192 HDAudBus - ok
19:31:55.0859 3192 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:31:55.0937 3192 helpsvc - ok
19:31:56.0015 3192 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
19:31:56.0109 3192 HidServ - ok
19:31:56.0156 3192 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:31:56.0234 3192 HidUsb - ok
19:31:56.0281 3192 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:31:56.0390 3192 hkmsvc - ok
19:31:56.0390 3192 hpn - ok
19:31:56.0421 3192 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:31:56.0640 3192 HPZid412 - ok
19:31:56.0640 3192 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:31:56.0671 3192 HPZipr12 - ok
19:31:56.0734 3192 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:31:56.0765 3192 HPZius12 - ok
19:31:56.0812 3192 [ 6312DC46356DF3974E88AA51B69360DC ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
19:31:56.0890 3192 HSFHWBS2 - ok
19:31:56.0968 3192 [ EBB354438A4C5A3327FB97306260714A ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
19:31:57.0109 3192 HSF_DP - ok
19:31:57.0156 3192 [ DAAB917EEC9849840A13353198D48CC5 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
19:31:57.0218 3192 HSF_DPV - ok
19:31:57.0234 3192 [ 74E379857D4C0DFB56DE2D19B8F4C434 ] hsf_msft C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys
19:31:57.0343 3192 hsf_msft - ok
19:31:57.0375 3192 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:31:57.0468 3192 HTTP - ok
19:31:57.0515 3192 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:31:57.0640 3192 HTTPFilter - ok
19:31:57.0640 3192 i2omgmt - ok
19:31:57.0656 3192 i2omp - ok
19:31:57.0703 3192 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:31:57.0781 3192 i8042prt - ok
19:31:57.0906 3192 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:31:57.0984 3192 IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:31:57.0984 3192 IDriverT - detected UnsignedFile.Multi.Generic (1)
19:31:58.0281 3192 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:32:00.0218 3192 idsvc - ok
19:32:00.0390 3192 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\IPSDefs\20130612.001\IDSxpx86.sys
19:32:00.0421 3192 IDSxpx86 - ok
19:32:00.0500 3192 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:32:00.0625 3192 Imapi - ok
19:32:00.0687 3192 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:32:00.0796 3192 ImapiService - ok
19:32:00.0843 3192 [ 1DA147ACB525A4822228BE06154C7CBB ] InCDfs C:\WINDOWS\system32\drivers\InCDFs.sys
19:32:00.0890 3192 InCDfs - ok
19:32:00.0953 3192 [ 2EC469A401AE6FE7A67D80EFFD3091B1 ] InCDPass C:\WINDOWS\system32\drivers\InCDPass.sys
19:32:00.0984 3192 InCDPass - ok
19:32:01.0046 3192 [ 544498D06B8CA187A5960B4F3B4BD63E ] InCDRec C:\WINDOWS\system32\drivers\InCDRec.sys
19:32:01.0062 3192 InCDRec - ok
19:32:01.0109 3192 [ 2863A00B0F64D937F0CD9561C53B5A37 ] incdrm C:\WINDOWS\system32\drivers\InCDRm.sys
19:32:01.0125 3192 incdrm - ok
19:32:01.0296 3192 [ CA32EA0F5FC2A36CA44AD7238F18C248 ] InCDsrv C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
19:32:01.0343 3192 InCDsrv - ok
19:32:01.0343 3192 ini910u - ok
19:32:01.0500 3192 [ 319A38A3F786153FFF2A84A48FEB09B1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:32:01.0671 3192 IntcAzAudAddService - ok
19:32:01.0687 3192 IntelIde - ok
19:32:01.0734 3192 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:32:01.0812 3192 intelppm - ok
19:32:01.0843 3192 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:32:01.0968 3192 ip6fw - ok
19:32:02.0000 3192 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:32:02.0109 3192 IpFilterDriver - ok
19:32:02.0125 3192 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:32:02.0218 3192 IpInIp - ok
19:32:02.0250 3192 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:32:02.0343 3192 IpNat - ok
19:32:02.0437 3192 [ FE56897B27ED266F9C4E7D90A0B5DA47 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:32:02.0484 3192 iPod Service - ok
19:32:02.0515 3192 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:32:02.0593 3192 IPSec - ok
19:32:02.0625 3192 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:32:02.0687 3192 IRENUM - ok
19:32:02.0703 3192 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:32:02.0781 3192 isapnp - ok
19:32:02.0937 3192 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
19:32:02.0953 3192 JavaQuickStarterService - ok
19:32:02.0968 3192 [ 9C5E3FDBFCC30CF71A49CA178B9AD442 ] K56 C:\WINDOWS\system32\DRIVERS\HSF_K56K.sys
19:32:03.0078 3192 K56 - ok
19:32:03.0109 3192 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:32:03.0203 3192 Kbdclass - ok
19:32:03.0250 3192 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:32:03.0343 3192 kbdhid - ok
19:32:03.0406 3192 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:32:03.0515 3192 kmixer - ok
19:32:03.0562 3192 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:32:03.0687 3192 KSecDD - ok
19:32:03.0734 3192 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:32:03.0828 3192 lanmanserver - ok
19:32:03.0875 3192 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:32:03.0968 3192 lanmanworkstation - ok
19:32:03.0968 3192 Lbd - ok
19:32:03.0984 3192 lbrtfdc - ok
19:32:04.0031 3192 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:32:04.0125 3192 LmHosts - ok
19:32:04.0203 3192 [ E1158B0CB852DB0573922C92E6E564DE ] lvpopflt C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
19:32:04.0250 3192 lvpopflt - ok
19:32:04.0296 3192 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
19:32:04.0296 3192 LVPr2Mon - ok
19:32:04.0343 3192 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
19:32:04.0375 3192 LVRS - ok
19:32:04.0421 3192 [ 5F987FC1AAD215EC2C60CF07719B1CCE ] LVUSBSta C:\WINDOWS\system32\drivers\LVUSBSta.sys
19:32:04.0437 3192 LVUSBSta - ok
19:32:04.0515 3192 [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
19:32:04.0656 3192 LVUVC - ok
19:32:04.0703 3192 [ 290FB01F7F51EFF0960599404A09F8D6 ] mbmiodrvr C:\WINDOWS\system32\mbmiodrvr.sys
19:32:04.0718 3192 mbmiodrvr ( UnsignedFile.Multi.Generic ) - warning
19:32:04.0718 3192 mbmiodrvr - detected UnsignedFile.Multi.Generic (1)
19:32:04.0765 3192 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:32:04.0796 3192 mdmxsdk - ok
19:32:04.0828 3192 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:32:04.0937 3192 Messenger - ok
19:32:05.0015 3192 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:32:05.0031 3192 Microsoft Office Groove Audit Service - ok
19:32:05.0078 3192 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:32:05.0171 3192 mnmdd - ok
19:32:05.0203 3192 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
19:32:05.0281 3192 mnmsrvc - ok
19:32:05.0328 3192 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:32:05.0406 3192 Modem - ok
19:32:05.0437 3192 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
19:32:05.0500 3192 MODEMCSA - ok
19:32:05.0546 3192 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
19:32:05.0593 3192 Monfilt - ok
19:32:05.0609 3192 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:32:05.0703 3192 Mouclass - ok
19:32:05.0750 3192 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:32:05.0828 3192 mouhid - ok
19:32:05.0875 3192 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:32:05.0953 3192 MountMgr - ok
19:32:06.0000 3192 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:32:06.0046 3192 MozillaMaintenance - ok
19:32:06.0046 3192 mraid35x - ok
19:32:06.0046 3192 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:32:06.0156 3192 MRxDAV - ok
19:32:06.0203 3192 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:32:06.0328 3192 MRxSmb - ok
19:32:06.0375 3192 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:32:06.0500 3192 MSDTC - ok
19:32:06.0515 3192 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:32:06.0609 3192 Msfs - ok
19:32:06.0609 3192 MSIServer - ok
19:32:06.0625 3192 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:32:06.0703 3192 MSKSSRV - ok
19:32:06.0718 3192 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:32:06.0812 3192 MSPCLOCK - ok
19:32:06.0812 3192 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:32:06.0890 3192 MSPQM - ok
19:32:06.0921 3192 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:32:06.0984 3192 mssmbios - ok
19:32:07.0031 3192 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:32:07.0109 3192 MSTEE - ok
19:32:07.0140 3192 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:32:07.0187 3192 Mup - ok
19:32:07.0203 3192 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:32:07.0312 3192 NABTSFEC - ok
19:32:07.0343 3192 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:32:07.0453 3192 napagent - ok
19:32:07.0546 3192 [ CE2156DF796D41614AB60E68D107D573 ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\VirusDefs\20130612.021\NAVENG.SYS
19:32:07.0562 3192 NAVENG - ok
19:32:07.0593 3192 [ 19CEB8F4EC8C800A53D0B67E658E0367 ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.1.22\Definitions\VirusDefs\20130612.021\NAVEX15.SYS
19:32:07.0640 3192 NAVEX15 - ok
19:32:07.0687 3192 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:32:07.0765 3192 NDIS - ok
19:32:07.0796 3192 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:32:07.0875 3192 NdisIP - ok
19:32:07.0921 3192 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:32:07.0968 3192 NdisTapi - ok
19:32:08.0031 3192 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:32:08.0109 3192 Ndisuio - ok
19:32:08.0109 3192 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:32:08.0234 3192 NdisWan - ok
19:32:08.0281 3192 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:32:08.0328 3192 NDProxy - ok
19:32:08.0390 3192 [ A8960FA773CCC3E38515F637E19A76C0 ] NeroRegInCDSrv C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
19:32:08.0390 3192 NeroRegInCDSrv - ok
19:32:08.0453 3192 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:32:08.0531 3192 NetBIOS - ok
19:32:08.0562 3192 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:32:08.0671 3192 NetBT - ok
19:32:08.0703 3192 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
19:32:08.0781 3192 NetDDE - ok
19:32:08.0781 3192 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:32:08.0875 3192 NetDDEdsdm - ok
19:32:08.0906 3192 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:32:09.0000 3192 Netlogon - ok
19:32:09.0015 3192 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
19:32:09.0093 3192 Netman - ok
19:32:09.0140 3192 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:32:09.0156 3192 NetTcpPortSharing - ok
19:32:09.0265 3192 [ 241BD3019FB31E812A51B31B06906335 ] NIS C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
19:32:09.0296 3192 NIS - ok
19:32:09.0328 3192 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
19:32:09.0390 3192 Nla - ok
19:32:09.0562 3192 [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
19:32:09.0593 3192 NMIndexingService - ok
19:32:09.0625 3192 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:32:09.0718 3192 Npfs - ok
19:32:09.0812 3192 [ B28873F1A04DFFD29D03D6EB201F9E49 ] npkcmsvc C:\Nexon\Mabinogi\npkcmsvc.exe
19:32:09.0828 3192 npkcmsvc - ok
19:32:09.0828 3192 npkcrypt - ok
19:32:09.0859 3192 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:32:09.0984 3192 Ntfs - ok
19:32:10.0031 3192 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
19:32:10.0093 3192 NtLmSsp - ok
19:32:10.0156 3192 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:32:10.0234 3192 NtmsSvc - ok
19:32:10.0281 3192 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:32:10.0375 3192 Null - ok
19:32:10.0671 3192 [ 785500CE8693C06EAAF29FAA64DB17C5 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:32:11.0156 3192 nv - ok
19:32:11.0203 3192 [ A211AB524324E84C2C805B52DFCDD544 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys
19:32:11.0218 3192 NVHDA - ok
19:32:11.0265 3192 [ 3A990B8FA88E1B9F2D99C1B9B8D76F4B ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
19:32:11.0281 3192 NVSvc - ok
19:32:11.0390 3192 [ 14314A33845ABD19CADA062A037CC2F6 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:32:11.0437 3192 nvUpdatusService - ok
19:32:11.0515 3192 [ 2C2FD0E6B0180F94C260DD26706AA5F4 ] NWCWorkstation C:\WINDOWS\System32\nwwks.dll
19:32:11.0609 3192 NWCWorkstation - ok
19:32:11.0687 3192 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:32:11.0812 3192 NwlnkFlt - ok
19:32:11.0828 3192 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:32:12.0000 3192 NwlnkFwd - ok
19:32:12.0062 3192 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
19:32:12.0218 3192 NwlnkIpx - ok
19:32:12.0250 3192 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
19:32:12.0375 3192 NwlnkNb - ok
19:32:12.0406 3192 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
19:32:12.0515 3192 NwlnkSpx - ok
19:32:12.0562 3192 [ 36B9B950E3D2E100970A48D8BAD86740 ] NWRDR C:\WINDOWS\system32\DRIVERS\nwrdr.sys
19:32:12.0656 3192 NWRDR - ok
19:32:12.0718 3192 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:32:12.0750 3192 odserv - ok
19:32:12.0796 3192 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:32:12.0828 3192 ose - ok
19:32:12.0859 3192 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:32:12.0984 3192 Parport - ok
19:32:13.0015 3192 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:32:13.0140 3192 PartMgr - ok
19:32:13.0187 3192 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:32:13.0265 3192 ParVdm - ok
19:32:13.0281 3192 [ 3ADB8BD6154A3EF87496E8FCE9C22493 ] pavboot C:\WINDOWS\system32\drivers\pavboot.sys
19:32:13.0296 3192 pavboot - ok
19:32:13.0328 3192 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
19:32:13.0375 3192 pccsmcfd - ok
19:32:13.0453 3192 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:32:13.0562 3192 PCI - ok
19:32:13.0562 3192 PciCon - ok
19:32:13.0578 3192 PCIDump - ok
19:32:13.0593 3192 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:32:13.0687 3192 PCIIde - ok
19:32:13.0703 3192 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:32:13.0812 3192 Pcmcia - ok
19:32:13.0812 3192 PDCOMP - ok
19:32:13.0812 3192 PDFRAME - ok
19:32:13.0812 3192 PDRELI - ok
19:32:13.0828 3192 PDRFRAME - ok
19:32:13.0828 3192 perc2 - ok
19:32:13.0828 3192 perc2hib - ok
19:32:13.0890 3192 [ 5903FA75200807AD739286BBF40C4904 ] pfc C:\WINDOWS\system32\drivers\pfc.sys
19:32:13.0921 3192 pfc ( UnsignedFile.Multi.Generic ) - warning
19:32:13.0921 3192 pfc - detected UnsignedFile.Multi.Generic (1)
19:32:13.0937 3192 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
19:32:13.0953 3192 PlugPlay - ok
19:32:14.0046 3192 [ FB03F341FF5380394BF2EE52F1979925 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
19:32:14.0078 3192 Pml Driver HPZ12 - ok
19:32:14.0078 3192 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:32:14.0156 3192 PolicyAgent - ok
19:32:14.0218 3192 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:32:14.0281 3192 PptpMiniport - ok
19:32:14.0343 3192 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:32:14.0421 3192 Processor - ok
19:32:14.0421 3192 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:32:14.0500 3192 ProtectedStorage - ok
19:32:14.0531 3192 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf.sys
19:32:14.0546 3192 PSI - ok
19:32:14.0578 3192 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:32:14.0656 3192 Ptilink - ok
19:32:14.0671 3192 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:32:14.0671 3192 PxHelp20 - ok
19:32:14.0687 3192 ql1080 - ok
19:32:14.0687 3192 Ql10wnt - ok
19:32:14.0687 3192 ql12160 - ok
19:32:14.0687 3192 ql1240 - ok
19:32:14.0703 3192 ql1280 - ok
19:32:14.0734 3192 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:32:14.0796 3192 RasAcd - ok
19:32:14.0843 3192 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:32:14.0937 3192 RasAuto - ok
19:32:14.0953 3192 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:32:15.0062 3192 Rasl2tp - ok
19:32:15.0109 3192 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:32:15.0218 3192 RasMan - ok
19:32:15.0218 3192 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:32:15.0328 3192 RasPppoe - ok
19:32:15.0328 3192 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:32:15.0421 3192 Raspti - ok
19:32:15.0453 3192 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:32:15.0546 3192 Rdbss - ok
19:32:15.0562 3192 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:32:15.0656 3192 RDPCDD - ok
19:32:15.0671 3192 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:32:15.0781 3192 rdpdr - ok
19:32:15.0812 3192 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:32:15.0859 3192 RDPWD - ok
19:32:15.0906 3192 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:32:16.0031 3192 RDSessMgr - ok
19:32:16.0078 3192 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
19:32:16.0093 3192 RealNetworks Downloader Resolver Service - ok
19:32:16.0140 3192 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:32:16.0218 3192 redbook - ok
19:32:16.0265 3192 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:32:16.0375 3192 RemoteAccess - ok
19:32:16.0437 3192 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:32:16.0546 3192 RemoteRegistry - ok
19:32:16.0578 3192 [ BB7549BD94D1AAC3599C7606C50C48A0 ] Rksample C:\WINDOWS\system32\DRIVERS\HSF_SAMP.sys
19:32:16.0671 3192 Rksample - ok
19:32:16.0718 3192 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
19:32:16.0828 3192 RpcLocator - ok
19:32:16.0875 3192 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
19:32:16.0953 3192 RpcSs - ok
19:32:16.0968 3192 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
19:32:17.0062 3192 RSVP - ok
19:32:17.0109 3192 [ C6D34A1874CD2B212DC3E788091C64B4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
19:32:17.0125 3192 RTLE8023xp - ok
19:32:17.0140 3192 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
19:32:17.0218 3192 SamSs - ok
19:32:17.0312 3192 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:32:17.0328 3192 SASDIFSV - ok
19:32:17.0328 3192 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
19:32:17.0343 3192 SASKUTIL - ok
19:32:17.0406 3192 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:32:17.0531 3192 SCardSvr - ok
19:32:17.0578 3192 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:32:17.0671 3192 Schedule - ok
19:32:17.0703 3192 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:32:17.0750 3192 Secdrv - ok
19:32:17.0781 3192 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:32:17.0859 3192 seclogon - ok
19:32:18.0000 3192 [ 306F9390976E41063D21AB9AB6D48122 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
19:32:18.0062 3192 Secunia PSI Agent - ok
19:32:18.0156 3192 [ 29C852880E9634F8C6BD77A4E68B5B34 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
19:32:18.0218 3192 Secunia Update Agent - ok
19:32:18.0250 3192 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
19:32:18.0343 3192 SENS - ok
19:32:18.0406 3192 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:32:18.0515 3192 serenum - ok
19:32:18.0515 3192 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:32:18.0593 3192 Serial - ok
19:32:18.0671 3192 [ 2D841B7B7F6DEC32162EDFCC69D61F42 ] ServiceLayer C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
19:32:18.0734 3192 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
19:32:18.0734 3192 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
19:32:18.0765 3192 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:32:18.0859 3192 Sfloppy - ok
19:32:18.0906 3192 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:32:19.0015 3192 SharedAccess - ok
19:32:19.0046 3192 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:32:19.0671 3192 ShellHWDetection - ok
19:32:19.0671 3192 Simbad - ok
19:32:19.0765 3192 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:32:19.0812 3192 SkypeUpdate - ok
19:32:19.0843 3192 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:32:19.0937 3192 SLIP - ok
19:32:20.0000 3192 [ D9E8E0CE154A2F6430D9EFABDF730867 ] SoftFax C:\WINDOWS\system32\DRIVERS\HSF_FAXX.sys
19:32:20.0093 3192 SoftFax - ok
19:32:20.0093 3192 Sparrow - ok
19:32:20.0140 3192 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:32:20.0218 3192 splitter - ok
19:32:20.0265 3192 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:32:20.0343 3192 Spooler - ok
19:32:20.0375 3192 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:32:20.0453 3192 sr - ok
19:32:20.0500 3192 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\System32\srsvc.dll
19:32:20.0546 3192 srservice - ok
19:32:20.0671 3192 [ 0A8F71E1DB5432A5B9285111421E77EC ] SRTSP C:\WINDOWS\System32\Drivers\NIS\1403010.016\SRTSP.SYS
19:32:20.0718 3192 SRTSP - ok
19:32:20.0750 3192 [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX C:\WINDOWS\system32\drivers\NIS\1403010.016\SRTSPX.SYS
19:32:20.0765 3192 SRTSPX - ok
19:32:20.0812 3192 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:32:20.0921 3192 Srv - ok
19:32:20.0968 3192 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:32:21.0062 3192 SSDPSRV - ok
19:32:21.0093 3192 [ 6C0CC5868F99064516FB9F82563A02EA ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
19:32:21.0125 3192 ssudmdm - ok
19:32:21.0156 3192 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
19:32:21.0281 3192 StillCam - ok
19:32:21.0343 3192 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:32:21.0468 3192 stisvc - ok
19:32:21.0515 3192 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:32:21.0593 3192 streamip - ok
19:32:21.0640 3192 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:32:21.0734 3192 swenum - ok
19:32:21.0750 3192 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:32:21.0828 3192 swmidi - ok
19:32:21.0828 3192 SwPrv - ok
19:32:21.0937 3192 [ 267C914667C94E5F47D342311C1C577F ] Symantec RemoteAssist C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
19:32:21.0968 3192 Symantec RemoteAssist - ok
19:32:21.0968 3192 symc810 - ok
19:32:21.0984 3192 symc8xx - ok
19:32:22.0015 3192 [ 6EA77FF0CE4E839EA8B1CEA5F5B28C00 ] SymDS C:\WINDOWS\system32\drivers\NIS\1403010.016\SYMDS.SYS
19:32:22.0031 3192 SymDS - ok
19:32:22.0062 3192 [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA C:\WINDOWS\system32\drivers\NIS\1403010.016\SYMEFA.SYS
19:32:22.0109 3192 SymEFA - ok
19:32:22.0156 3192 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
19:32:22.0171 3192 SymEvent - ok
19:32:22.0218 3192 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\WINDOWS\system32\drivers\NIS\1403010.016\Ironx86.SYS
19:32:22.0250 3192 SymIRON - ok
19:32:22.0296 3192 [ EC979002EBA25C9D109B2FE0E03457DA ] SYMTDI C:\WINDOWS\System32\Drivers\NIS\1403010.016\SYMTDI.SYS
19:32:22.0312 3192 SYMTDI - ok
19:32:22.0328 3192 sym_hi - ok
19:32:22.0328 3192 sym_u3 - ok
19:32:22.0359 3192 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:32:22.0468 3192 sysaudio - ok
19:32:22.0515 3192 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:32:22.0609 3192 SysmonLog - ok
19:32:22.0656 3192 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:32:22.0765 3192 TapiSrv - ok
19:32:22.0828 3192 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:32:22.0843 3192 Tcpip - ok
19:32:22.0890 3192 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:32:22.0953 3192 TDPIPE - ok
19:32:22.0984 3192 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:32:23.0062 3192 TDTCP - ok
19:32:23.0078 3192 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:32:23.0187 3192 TermDD - ok
19:32:23.0218 3192 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
19:32:23.0296 3192 TermService - ok
19:32:23.0328 3192 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
19:32:23.0359 3192 Themes - ok
19:32:23.0390 3192 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
19:32:23.0468 3192 TlntSvr - ok
19:32:23.0500 3192 [ 8021A499DB46B2961C285168671CB9AF ] Tones C:\WINDOWS\system32\DRIVERS\HSF_TONE.sys
19:32:23.0578 3192 Tones - ok
19:32:23.0578 3192 TosIde - ok
19:32:23.0578 3192 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:32:23.0656 3192 TrkWks - ok
19:32:23.0671 3192 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:32:23.0765 3192 Udfs - ok
19:32:23.0765 3192 ultra - ok
19:32:23.0921 3192 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
19:32:23.0968 3192 UMVPFSrv - ok
19:32:24.0031 3192 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:32:24.0171 3192 Update - ok
19:32:24.0218 3192 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:32:24.0281 3192 upnphost - ok
19:32:24.0296 3192 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
19:32:24.0390 3192 UPS - ok
19:32:24.0437 3192 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:32:24.0515 3192 usbaudio - ok
19:32:24.0562 3192 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:32:24.0640 3192 usbccgp - ok
19:32:24.0640 3192 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:32:24.0718 3192 usbehci - ok
19:32:24.0781 3192 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:32:24.0875 3192 usbhub - ok
19:32:24.0875 3192 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:32:24.0953 3192 usbprint - ok
19:32:24.0953 3192 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:32:25.0031 3192 usbscan - ok
19:32:25.0046 3192 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:32:25.0125 3192 USBSTOR - ok
19:32:25.0140 3192 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:32:25.0234 3192 usbuhci - ok
19:32:25.0281 3192 [ 269C0ADE94B90029B12497747BE408CB ] V124 C:\WINDOWS\system32\DRIVERS\HSF_V124.sys
19:32:25.0390 3192 V124 - ok
19:32:25.0421 3192 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:32:25.0500 3192 VgaSave - ok
19:32:25.0500 3192 ViaIde - ok
19:32:25.0531 3192 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:32:25.0609 3192 VolSnap - ok
19:32:25.0656 3192 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
19:32:25.0718 3192 VSS - ok
19:32:25.0718 3192 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
19:32:25.0796 3192 W32Time - ok
19:32:25.0796 3192 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:32:25.0921 3192 Wanarp - ok
19:32:25.0953 3192 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
19:32:25.0984 3192 Wdf01000 - ok
19:32:26.0000 3192 WDICA - ok
19:32:26.0062 3192 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:32:26.0156 3192 wdmaud - ok
19:32:26.0203 3192 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:32:26.0296 3192 WebClient - ok
19:32:26.0359 3192 [ BE3A842C2F2E87E7C840D36BCF13E8E0 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
19:32:26.0406 3192 winachsf - ok
19:32:26.0515 3192 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:32:26.0640 3192 winmgmt - ok
19:32:26.0781 3192 [ D9250B31B353EE3322C1CAD411997E38 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:32:26.0843 3192 wlidsvc - ok
19:32:26.0890 3192 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:32:26.0968 3192 WmdmPmSN - ok
19:32:27.0000 3192 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
19:32:27.0062 3192 Wmi - ok
19:32:27.0125 3192 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
19:32:27.0234 3192 WmiApSrv - ok
19:32:27.0343 3192 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
19:32:27.0406 3192 WMPNetworkSvc - ok
19:32:27.0468 3192 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:32:27.0468 3192 WpdUsb - ok
19:32:27.0609 3192 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:32:27.0656 3192 WPFFontCache_v0400 - ok
19:32:27.0703 3192 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:32:27.0796 3192 wscsvc - ok
19:32:27.0828 3192 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:32:27.0906 3192 WSTCODEC - ok
19:32:27.0937 3192 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:32:28.0062 3192 wuauserv - ok
19:32:28.0109 3192 [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:32:28.0171 3192 WudfPf - ok
19:32:28.0187 3192 [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:32:28.0218 3192 WudfRd - ok
19:32:28.0250 3192 [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:32:28.0265 3192 WudfSvc - ok
19:32:28.0312 3192 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:32:28.0468 3192 WZCSVC - ok
19:32:28.0500 3192 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:32:28.0578 3192 xmlprov - ok
19:32:28.0578 3192 ================ Scan global ===============================
19:32:28.0625 3192 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
19:32:28.0687 3192 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
19:32:28.0687 3192 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
19:32:28.0718 3192 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
19:32:28.0718 3192 [Global] - ok
19:32:28.0718 3192 ================ Scan MBR ==================================
19:32:28.0750 3192 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:32:29.0062 3192 \Device\Harddisk0\DR0 - ok
19:32:29.0062 3192 ================ Scan VBR ==================================
19:32:29.0062 3192 [ 52FE3258CB2E7641EC69AE01FA3066C4 ] \Device\Harddisk0\DR0\Partition1
19:32:29.0062 3192 \Device\Harddisk0\DR0\Partition1 - ok
19:32:29.0062 3192 ============================================================
19:32:29.0062 3192 Scan finished
19:32:29.0062 3192 ============================================================
19:32:29.0171 2372 Detected object count: 8
19:32:29.0171 2372 Actual detected object count: 8
19:32:51.0875 2372 Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:51.0875 2372 Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:32:51.0875 2372 BANTExt ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:51.0875 2372 BANTExt ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:32:51.0875 2372 BrPar ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:51.0875 2372 BrPar ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:32:51.0875 2372 CCALib8 ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:51.0875 2372 CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:32:51.0875 2372 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:51.0875 2372 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:32:51.0875 2372 mbmiodrvr ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:51.0875 2372 mbmiodrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:32:51.0890 2372 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:51.0890 2372 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:32:51.0890 2372 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:51.0890 2372 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip

Share this post


Link to post
Share on other sites

okay it found no threats but if i clicked verify file digital signatures it found a few unsigned files. "loaded modules" was not checked either btw.

I don't see anything there that's a problem, so let's do some cleanup.

 

You can now delete the following programs you downloaded, and any logs they produced:

DDS

Security Check

Malwarebytes Anti-Rootkit

TDSSKiller

AdwCleaner

Junkware Removal Tool

 

Sophos Virus Removal Tool can be uninstalled from Start > Control Panel > Add or Remove Programs.

 

According to Security Check, you have both Adobe Reader 8 and Adobe Reader XI installed. I would uninstall the older Adobe Reader 8, but since that might also cause problems with Adobe Reader XI, I recommend you uninstall both and then reinstall version XI. If you no longer have the installer, you can download it from http://get.adobe.com/reader/

 

Create a Restore Point

  • Go to Start > Programs > Accessories > System Tools > System Restore
  • Select Create a Restore Point and then Next.
  • In the box for "Restore point description", enter a descriptive name and press Create
  • When the "Restore Point Created" window appears, click Close

Run Disk Cleanup

  • Go to Start > Run and type the below line:

    cleanmgr

  • Click OK
    • If you have more than one drive, select the drive Windows is installed on
    • Click OK
  • When Disk Cleanup opens, select the More Options tab
  • In the System Restore section (bottom of window), click Cleanup
    • In the confirmation window that opens, click Yes
  • Now click on the Disk Cleanup tab and select the following items:
    • Downloaded Program Files
    • Temporary Internet Files
    • Recycle Bin
    • Temporary Files
  • Click OK
  • in the confirmation window, select Yes (Disk Cleanup will close).

To help keep malware off your system:

  • Keep Windows updated at Windows Update or Microsoft Update.
  • Keep your other applications updated, there are vulnerabilities that rely on exploits through other programs like Java, Microsoft Office, Adobe Reader, Flash, and others.
  • Run a program like Secunia Online Software Inspector or FileHippo Update Checker to see what programs need to be updated.
  • Be careful with flash drives, as they can spread infections. See this post on USB/flash drive safety.
  • Stay away from P2P software; even with a clean P2P program, their networks are often riddled with malware.
  • Don't click on attachments or links in e-mail, and read your e-mail in text-only mode for the highest safety.
  • Don't click on links received in instant message programs.
  • In place of Internet Explorer, browse with Firefox with the NoScript and AdBlock Plus add-ons.
  • A HOSTS file will prevent Internet Explorer from communicating with sites known to be associated with adware or spyware. A good regularly updated HOST file is MVPS HOSTS File, available at http://www.mvps.org/winhelp2002/hosts.htm
  • A free non-resident utility to prevent the installation of ActiveX-based malware is JavaCool's SpywareBlaster. For real-time protection, there is SpywareGuard. Both are available at http://www.javacoolsoftware.com/products.html
  • I recommend reading Tony Klein's article So How did I get Infected in the First Place? at http://www.spywareinfoforum.com/index.php?showtopic=60955

Does your problem appear resolved?

Share this post


Link to post
Share on other sites

hey joker

 

"According to Security Check, you have both Adobe Reader 8 and Adobe Reader XI installed. I would uninstall the older Adobe Reader 8, but since that might also cause problems with Adobe Reader XI, I recommend you uninstall both and then reinstall version XI. If you no longer have the installer, you can download it from http://get.adobe.com/reader/"

 

i checked add and remove programs and there only appears Adobe Reader XI.

 

Yes the problem seems to be fixed!

 

Thanks so much for your help :)

 

Edited by greatserpent

Share this post


Link to post
Share on other sites

Glad we could help. :)

 

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0