[Gammo]

Your logs appear to be clean, so I don't think malware is causing your problems.

I suggest you start a new topic here.

[Advertisements]

Ok Thank you for your help!!

[orapaho]

Ok Thank you for your help!!

[Gammo]

orapaho, a fellow staff member advised me to try some other things.


First of all, please rerun the TDSSKiller as posted in reply #10. Choose "Skip" for everything found, except for "TDSS File System", use "Delete" for that one. Please post the resulting log file.


Secondly:
Download and save the norton removal tool
ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe
Run the tool by right clicking and Run As Admin.


Thirdly:
Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :OTL
  SRV - File not found [Auto | Stopped] -- G:\HitmanPro35.exe /crusader:boot -- (HitmanPro35CrusaderBoot) Hitman Pro 3.5 Crusader (Boot)
  DRV - File not found [Kernel | System | Stopped] -- C:\Users\Daniel\Downloads\SASKUTIL.SYS -- (SABKUTIL)
  DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\NAVEX15.SYS -- (NAVEX15)
  DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\NAVENG.SYS -- (NAVENG)
  DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{767A5A13-E730-4133-8181-8582449E5980}\MpKsld1c08d25.sys -- (MpKsld1c08d25)
  DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{98B5CA0C-846F-4E0E-A61F-AE8E8CEAA4A1}\MpKslaa4e8ed7.sys -- (MpKslaa4e8ed7)
  DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{98B5CA0C-846F-4E0E-A61F-AE8E8CEAA4A1}\MpKsl6d712253.sys -- (MpKsl6d712253)
  
  :Services
  
  :Reg
  
  :Files
  ipconfig /flushdns /c
  
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [emptyflash]
  [createrestorepoint]
  [reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done

Did the above fix any of your problems?

[orapaho]

Ok here is the tdss log, will run the removal tool. I ran it, but not as administrator. will do it now.





08:48:57.0958 3500 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
08:48:58.0543 3500 ============================================================
08:48:58.0543 3500 Current date / time: 2012/04/28 08:48:58.0543
08:48:58.0543 3500 SystemInfo:
08:48:58.0543 3500
08:48:58.0544 3500 OS Version: 6.1.7601 ServicePack: 1.0
08:48:58.0544 3500 Product type: Workstation
08:48:58.0544 3500 ComputerName: DANIEL-MSI
08:48:58.0544 3500 UserName: Daniel
08:48:58.0544 3500 Windows directory: C:\windows
08:48:58.0544 3500 System windows directory: C:\windows
08:48:58.0544 3500 Processor architecture: Intel x86
08:48:58.0544 3500 Number of processors: 2
08:48:58.0544 3500 Page size: 0x1000
08:48:58.0544 3500 Boot type: Normal boot
08:48:58.0544 3500 ============================================================
08:49:00.0990 3500 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:49:01.0017 3500 ============================================================
08:49:01.0017 3500 \Device\Harddisk0\DR0:
08:49:01.0017 3500 MBR partitions:
08:49:01.0017 3500 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1432800, BlocksNum 0x15997000
08:49:01.0017 3500 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x16DC9800, BlocksNum 0xE664800
08:49:01.0017 3500 ============================================================
08:49:01.0048 3500 C: <-> \Device\Harddisk0\DR0\Partition0
08:49:01.0082 3500 D: <-> \Device\Harddisk0\DR0\Partition1
08:49:01.0082 3500 ============================================================
08:49:01.0082 3500 Initialize success
08:49:01.0082 3500 ============================================================
08:49:10.0365 0988 ============================================================
08:49:10.0365 0988 Scan started
08:49:10.0365 0988 Mode: Manual; SigCheck; TDLFS;
08:49:10.0365 0988 ============================================================
08:49:12.0156 0988 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
08:49:12.0215 0988 1394ohci - ok
08:49:12.0257 0988 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
08:49:12.0274 0988 ACPI - ok
08:49:12.0311 0988 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
08:49:12.0329 0988 AcpiPmi - ok
08:49:12.0437 0988 AdobeActiveFileMonitor9.0 (1474f121c3df1232d3e7239c03691ee6) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
08:49:12.0450 0988 AdobeActiveFileMonitor9.0 - ok
08:49:12.0565 0988 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
08:49:12.0575 0988 AdobeARMservice - ok
08:49:12.0638 0988 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
08:49:12.0661 0988 adp94xx - ok
08:49:12.0713 0988 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
08:49:12.0732 0988 adpahci - ok
08:49:12.0756 0988 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
08:49:12.0772 0988 adpu320 - ok
08:49:12.0808 0988 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll
08:49:12.0838 0988 AeLookupSvc - ok
08:49:12.0885 0988 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys
08:49:12.0907 0988 AFD - ok
08:49:12.0935 0988 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
08:49:12.0949 0988 agp440 - ok
08:49:13.0009 0988 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
08:49:13.0024 0988 aic78xx - ok
08:49:13.0072 0988 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe
08:49:13.0088 0988 ALG - ok
08:49:13.0133 0988 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
08:49:13.0147 0988 aliide - ok
08:49:13.0167 0988 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
08:49:13.0181 0988 amdagp - ok
08:49:13.0218 0988 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
08:49:13.0232 0988 amdide - ok
08:49:13.0283 0988 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
08:49:13.0299 0988 AmdK8 - ok
08:49:13.0305 0988 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
08:49:13.0323 0988 AmdPPM - ok
08:49:13.0352 0988 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
08:49:13.0367 0988 amdsata - ok
08:49:13.0403 0988 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
08:49:13.0420 0988 amdsbs - ok
08:49:13.0440 0988 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
08:49:13.0453 0988 amdxata - ok
08:49:13.0576 0988 Amsp (feb0b5022c012a4a68dabcb711faff03) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
08:49:13.0607 0988 Amsp - ok
08:49:13.0648 0988 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
08:49:13.0677 0988 AppID - ok
08:49:13.0704 0988 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll
08:49:13.0731 0988 AppIDSvc - ok
08:49:13.0783 0988 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll
08:49:13.0810 0988 Appinfo - ok
08:49:13.0921 0988 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:49:13.0933 0988 Apple Mobile Device - ok
08:49:13.0990 0988 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
08:49:14.0005 0988 arc - ok
08:49:14.0017 0988 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
08:49:14.0032 0988 arcsas - ok
08:49:14.0074 0988 ArcSoftKsUFilter (dfd07f0a36bd4f7e7ad2bc5548213694) C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys
08:49:14.0085 0988 ArcSoftKsUFilter - ok
08:49:14.0228 0988 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
08:49:14.0240 0988 aspnet_state - ok
08:49:14.0277 0988 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
08:49:14.0305 0988 AsyncMac - ok
08:49:14.0344 0988 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
08:49:14.0357 0988 atapi - ok
08:49:14.0419 0988 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
08:49:14.0451 0988 AudioEndpointBuilder - ok
08:49:14.0458 0988 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
08:49:14.0490 0988 Audiosrv - ok
08:49:14.0531 0988 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll
08:49:14.0551 0988 AxInstSV - ok
08:49:14.0599 0988 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
08:49:14.0622 0988 b06bdrv - ok
08:49:14.0663 0988 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
08:49:14.0684 0988 b57nd60x - ok
08:49:14.0727 0988 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll
08:49:14.0744 0988 BDESVC - ok
08:49:14.0768 0988 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
08:49:14.0796 0988 Beep - ok
08:49:14.0850 0988 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll
08:49:14.0882 0988 BFE - ok
08:49:14.0932 0988 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\system32\qmgr.dll
08:49:14.0977 0988 BITS - ok
08:49:14.0988 0988 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
08:49:15.0004 0988 blbdrive - ok
08:49:15.0120 0988 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
08:49:15.0135 0988 Bonjour Service - ok
08:49:15.0183 0988 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
08:49:15.0199 0988 bowser - ok
08:49:15.0217 0988 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
08:49:15.0235 0988 BrFiltLo - ok
08:49:15.0239 0988 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
08:49:15.0259 0988 BrFiltUp - ok
08:49:15.0308 0988 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\windows\system32\DRIVERS\bridge.sys
08:49:15.0339 0988 BridgeMP - ok
08:49:15.0368 0988 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll
08:49:15.0395 0988 Browser - ok
08:49:15.0430 0988 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
08:49:15.0451 0988 Brserid - ok
08:49:15.0457 0988 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
08:49:15.0477 0988 BrSerWdm - ok
08:49:15.0481 0988 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
08:49:15.0501 0988 BrUsbMdm - ok
08:49:15.0506 0988 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
08:49:15.0523 0988 BrUsbSer - ok
08:49:15.0529 0988 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
08:49:15.0549 0988 BTHMODEM - ok
08:49:15.0579 0988 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll
08:49:15.0609 0988 bthserv - ok
08:49:15.0705 0988 catchme - ok
08:49:15.0771 0988 cbVSCService (e9bf75b975ccd281e1361f8445ffc6fa) C:\Program Files\Cobian Backup 10\cbVSCService.exe
08:49:15.0778 0988 cbVSCService ( UnsignedFile.Multi.Generic ) - warning
08:49:15.0778 0988 cbVSCService - detected UnsignedFile.Multi.Generic (1)
08:49:15.0851 0988 cbVSCService11 (58bf7714a312698108a96d0de2bb6825) C:\Program Files\Cobian Backup 11\cbVSCService11.exe
08:49:15.0858 0988 cbVSCService11 ( UnsignedFile.Multi.Generic ) - warning
08:49:15.0858 0988 cbVSCService11 - detected UnsignedFile.Multi.Generic (1)
08:49:15.0896 0988 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
08:49:15.0926 0988 cdfs - ok
08:49:15.0973 0988 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys
08:49:15.0991 0988 cdrom - ok
08:49:16.0021 0988 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
08:49:16.0048 0988 CertPropSvc - ok
08:49:16.0076 0988 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
08:49:16.0095 0988 circlass - ok
08:49:16.0153 0988 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
08:49:16.0169 0988 CLFS - ok
08:49:16.0239 0988 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:49:16.0251 0988 clr_optimization_v2.0.50727_32 - ok
08:49:16.0314 0988 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:49:16.0327 0988 clr_optimization_v4.0.30319_32 - ok
08:49:16.0344 0988 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
08:49:16.0361 0988 CmBatt - ok
08:49:16.0390 0988 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
08:49:16.0403 0988 cmdide - ok
08:49:16.0441 0988 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys
08:49:16.0469 0988 CNG - ok
08:49:16.0593 0988 CobianBackup11 (f3ecf4d778f40129e2e5d80aa9751006) C:\Program Files\Cobian Backup 11\cbService.exe
08:49:16.0614 0988 CobianBackup11 ( UnsignedFile.Multi.Generic ) - warning
08:49:16.0614 0988 CobianBackup11 - detected UnsignedFile.Multi.Generic (1)
08:49:16.0747 0988 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
08:49:16.0761 0988 Compbatt - ok
08:49:16.0813 0988 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
08:49:16.0831 0988 CompositeBus - ok
08:49:16.0852 0988 COMSysApp - ok
08:49:16.0889 0988 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
08:49:16.0902 0988 crcdisk - ok
08:49:16.0936 0988 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\windows\system32\cryptsvc.dll
08:49:16.0965 0988 CryptSvc - ok
08:49:16.0997 0988 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
08:49:17.0029 0988 DcomLaunch - ok
08:49:17.0066 0988 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll
08:49:17.0101 0988 defragsvc - ok
08:49:17.0134 0988 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
08:49:17.0176 0988 DfsC - ok
08:49:17.0244 0988 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll
08:49:17.0285 0988 Dhcp - ok
08:49:17.0316 0988 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
08:49:17.0345 0988 discache - ok
08:49:17.0413 0988 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
08:49:17.0427 0988 Disk - ok
08:49:17.0452 0988 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll
08:49:17.0470 0988 Dnscache - ok
08:49:17.0503 0988 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll
08:49:17.0532 0988 dot3svc - ok
08:49:17.0560 0988 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll
08:49:17.0588 0988 DPS - ok
08:49:17.0629 0988 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
08:49:17.0646 0988 drmkaud - ok
08:49:17.0700 0988 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
08:49:17.0725 0988 DXGKrnl - ok
08:49:17.0763 0988 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll
08:49:17.0793 0988 EapHost - ok
08:49:17.0915 0988 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
08:49:17.0999 0988 ebdrv - ok
08:49:18.0086 0988 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe
08:49:18.0109 0988 EFS - ok
08:49:18.0213 0988 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe
08:49:18.0236 0988 ehRecvr - ok
08:49:18.0275 0988 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe
08:49:18.0312 0988 ehSched - ok
08:49:18.0378 0988 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
08:49:18.0401 0988 elxstor - ok
08:49:18.0431 0988 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
08:49:18.0447 0988 ErrDev - ok
08:49:18.0523 0988 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll
08:49:18.0555 0988 EventSystem - ok
08:49:18.0587 0988 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
08:49:18.0618 0988 exfat - ok
08:49:18.0633 0988 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
08:49:18.0664 0988 fastfat - ok
08:49:18.0714 0988 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe
08:49:18.0738 0988 Fax - ok
08:49:18.0757 0988 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
08:49:18.0773 0988 fdc - ok
08:49:18.0802 0988 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll
08:49:18.0830 0988 fdPHost - ok
08:49:18.0841 0988 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll
08:49:18.0871 0988 FDResPub - ok
08:49:18.0899 0988 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
08:49:18.0914 0988 FileInfo - ok
08:49:18.0919 0988 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
08:49:18.0949 0988 Filetrace - ok
08:49:18.0969 0988 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
08:49:18.0986 0988 flpydisk - ok
08:49:19.0015 0988 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
08:49:19.0033 0988 FltMgr - ok
08:49:19.0088 0988 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll
08:49:19.0119 0988 FontCache - ok
08:49:19.0215 0988 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:49:19.0226 0988 FontCache3.0.0.0 - ok
08:49:19.0254 0988 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
08:49:19.0268 0988 FsDepends - ok
08:49:19.0326 0988 fspad_wlh32 (8042377edef55850f275b36f6e8b24ab) C:\windows\system32\DRIVERS\fspad_wlh32.sys
08:49:19.0353 0988 fspad_wlh32 - ok
08:49:19.0372 0988 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
08:49:19.0385 0988 Fs_Rec - ok
08:49:19.0424 0988 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
08:49:19.0443 0988 fvevol - ok
08:49:19.0484 0988 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
08:49:19.0499 0988 gagp30kx - ok
08:49:19.0567 0988 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
08:49:19.0577 0988 GEARAspiWDM - ok
08:49:19.0615 0988 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll
08:49:19.0650 0988 gpsvc - ok
08:49:19.0731 0988 gupdate (7629a95fe5c3c94ceaf88a623be3469c) C:\Program Files\Google\Update\GoogleUpdate.exe
08:49:19.0751 0988 gupdate ( UnsignedFile.Multi.Generic ) - warning
08:49:19.0751 0988 gupdate - detected UnsignedFile.Multi.Generic (1)
08:49:19.0779 0988 gupdatem (7629a95fe5c3c94ceaf88a623be3469c) C:\Program Files\Google\Update\GoogleUpdate.exe
08:49:19.0785 0988 gupdatem ( UnsignedFile.Multi.Generic ) - warning
08:49:19.0785 0988 gupdatem - detected UnsignedFile.Multi.Generic (1)
08:49:19.0810 0988 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
08:49:19.0827 0988 hcw85cir - ok
08:49:19.0876 0988 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
08:49:19.0899 0988 HdAudAddService - ok
08:49:19.0919 0988 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
08:49:19.0937 0988 HDAudBus - ok
08:49:19.0965 0988 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
08:49:19.0981 0988 HidBatt - ok
08:49:19.0988 0988 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
08:49:20.0011 0988 HidBth - ok
08:49:20.0039 0988 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
08:49:20.0056 0988 HidIr - ok
08:49:20.0080 0988 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\System32\hidserv.dll
08:49:20.0115 0988 hidserv - ok
08:49:20.0164 0988 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\DRIVERS\hidusb.sys
08:49:20.0181 0988 HidUsb - ok
08:49:20.0209 0988 HitmanPro35CrusaderBoot - ok
08:49:20.0249 0988 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll
08:49:20.0277 0988 hkmsvc - ok
08:49:20.0295 0988 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll
08:49:20.0329 0988 HomeGroupListener - ok
08:49:20.0356 0988 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll
08:49:20.0373 0988 HomeGroupProvider - ok
08:49:20.0416 0988 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
08:49:20.0431 0988 HpSAMD - ok
08:49:20.0493 0988 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
08:49:20.0527 0988 HTTP - ok
08:49:20.0536 0988 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
08:49:20.0549 0988 hwpolicy - ok
08:49:20.0614 0988 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
08:49:20.0631 0988 i8042prt - ok
08:49:20.0684 0988 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
08:49:20.0705 0988 iaStorV - ok
08:49:20.0842 0988 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:49:20.0864 0988 idsvc - ok
08:49:20.0921 0988 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
08:49:20.0935 0988 iirsp - ok
08:49:20.0977 0988 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll
08:49:21.0013 0988 IKEEXT - ok
08:49:21.0117 0988 IntcAzAudAddService (8b27c21412ae4404eb0acfe1d98579ec) C:\windows\system32\drivers\RTKVHDA.sys
08:49:21.0182 0988 IntcAzAudAddService - ok
08:49:21.0294 0988 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
08:49:21.0307 0988 intelide - ok
08:49:21.0342 0988 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
08:49:21.0358 0988 intelppm - ok
08:49:21.0384 0988 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll
08:49:21.0414 0988 IPBusEnum - ok
08:49:21.0435 0988 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
08:49:21.0465 0988 IpFilterDriver - ok
08:49:21.0511 0988 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\windows\System32\iphlpsvc.dll
08:49:21.0545 0988 iphlpsvc - ok
08:49:21.0577 0988 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
08:49:21.0594 0988 IPMIDRV - ok
08:49:21.0631 0988 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
08:49:21.0670 0988 IPNAT - ok
08:49:21.0713 0988 iPod Service - ok
08:49:21.0746 0988 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
08:49:21.0774 0988 IRENUM - ok
08:49:21.0802 0988 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
08:49:21.0816 0988 isapnp - ok
08:49:21.0843 0988 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
08:49:21.0862 0988 iScsiPrt - ok
08:49:21.0907 0988 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
08:49:21.0920 0988 kbdclass - ok
08:49:21.0954 0988 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
08:49:21.0971 0988 kbdhid - ok
08:49:21.0998 0988 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
08:49:22.0014 0988 KeyIso - ok
08:49:22.0030 0988 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys
08:49:22.0045 0988 KSecDD - ok
08:49:22.0059 0988 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys
08:49:22.0075 0988 KSecPkg - ok
08:49:22.0121 0988 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll
08:49:22.0155 0988 KtmRm - ok
08:49:22.0221 0988 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\System32\srvsvc.dll
08:49:22.0251 0988 LanmanServer - ok
08:49:22.0280 0988 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll
08:49:22.0310 0988 LanmanWorkstation - ok
08:49:22.0365 0988 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
08:49:22.0395 0988 lltdio - ok
08:49:22.0446 0988 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll
08:49:22.0494 0988 lltdsvc - ok
08:49:22.0505 0988 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll
08:49:22.0533 0988 lmhosts - ok
08:49:22.0564 0988 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
08:49:22.0580 0988 LSI_FC - ok
08:49:22.0607 0988 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
08:49:22.0622 0988 LSI_SAS - ok
08:49:22.0637 0988 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
08:49:22.0651 0988 LSI_SAS2 - ok
08:49:22.0669 0988 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
08:49:22.0684 0988 LSI_SCSI - ok
08:49:22.0707 0988 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
08:49:22.0738 0988 luafv - ok
08:49:22.0973 0988 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\windows\system32\DRIVERS\lvuvc.sys
08:49:23.0170 0988 LVUVC - ok
08:49:23.0270 0988 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll
08:49:23.0287 0988 Mcx2Svc - ok
08:49:23.0345 0988 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
08:49:23.0358 0988 megasas - ok
08:49:23.0401 0988 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
08:49:23.0419 0988 MegaSR - ok
08:49:23.0450 0988 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
08:49:23.0480 0988 MMCSS - ok
08:49:23.0501 0988 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
08:49:23.0566 0988 Modem - ok
08:49:23.0598 0988 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
08:49:23.0615 0988 monitor - ok
08:49:23.0649 0988 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
08:49:23.0664 0988 mouclass - ok
08:49:23.0694 0988 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
08:49:23.0710 0988 mouhid - ok
08:49:23.0734 0988 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
08:49:23.0748 0988 mountmgr - ok
08:49:23.0897 0988 Movielink Core Service (19e4baa7be36144c41af844de1cfb50d) C:\Program Files\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
08:49:23.0933 0988 Movielink Core Service - ok
08:49:24.0072 0988 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\windows\system32\DRIVERS\MpFilter.sys
08:49:24.0090 0988 MpFilter - ok
08:49:24.0134 0988 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
08:49:24.0150 0988 mpio - ok
08:49:24.0244 0988 MpKsl6d712253 - ok
08:49:24.0278 0988 MpKslaa4e8ed7 - ok
08:49:24.0296 0988 MpKsld1c08d25 - ok
08:49:24.0325 0988 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\windows\system32\DRIVERS\MpNWMon.sys
08:49:24.0337 0988 MpNWMon - ok
08:49:24.0366 0988 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
08:49:24.0406 0988 mpsdrv - ok
08:49:24.0446 0988 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll
08:49:24.0480 0988 MpsSvc - ok
08:49:24.0504 0988 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
08:49:24.0524 0988 MRxDAV - ok
08:49:24.0598 0988 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
08:49:24.0615 0988 mrxsmb - ok
08:49:24.0643 0988 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
08:49:24.0662 0988 mrxsmb10 - ok
08:49:24.0715 0988 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
08:49:24.0744 0988 mrxsmb20 - ok
08:49:24.0781 0988 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
08:49:24.0795 0988 msahci - ok
08:49:24.0855 0988 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
08:49:24.0870 0988 msdsm - ok
08:49:24.0899 0988 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe
08:49:24.0918 0988 MSDTC - ok
08:49:24.0963 0988 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
08:49:24.0992 0988 Msfs - ok
08:49:25.0001 0988 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
08:49:25.0030 0988 mshidkmdf - ok
08:49:25.0052 0988 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
08:49:25.0065 0988 msisadrv - ok
08:49:25.0101 0988 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll
08:49:25.0130 0988 MSiSCSI - ok
08:49:25.0134 0988 msiserver - ok
08:49:25.0172 0988 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
08:49:25.0201 0988 MSKSSRV - ok
08:49:25.0222 0988 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
08:49:25.0250 0988 MSPCLOCK - ok
08:49:25.0267 0988 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
08:49:25.0296 0988 MSPQM - ok
08:49:25.0330 0988 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
08:49:25.0346 0988 MsRPC - ok
08:49:25.0383 0988 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
08:49:25.0397 0988 mssmbios - ok
08:49:25.0438 0988 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
08:49:25.0467 0988 MSTEE - ok
08:49:25.0476 0988 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
08:49:25.0492 0988 MTConfig - ok
08:49:25.0506 0988 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
08:49:25.0520 0988 Mup - ok
08:49:25.0554 0988 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll
08:49:25.0595 0988 napagent - ok
08:49:25.0675 0988 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
08:49:25.0707 0988 NativeWifiP - ok
08:49:25.0773 0988 NAVENG - ok
08:49:25.0781 0988 NAVEX15 - ok
08:49:25.0840 0988 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
08:49:25.0863 0988 NDIS - ok
08:49:25.0905 0988 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
08:49:25.0935 0988 NdisCap - ok
08:49:25.0962 0988 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
08:49:25.0990 0988 NdisTapi - ok
08:49:26.0028 0988 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
08:49:26.0056 0988 Ndisuio - ok
08:49:26.0105 0988 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
08:49:26.0133 0988 NdisWan - ok
08:49:26.0154 0988 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
08:49:26.0182 0988 NDProxy - ok
08:49:26.0213 0988 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
08:49:26.0243 0988 NetBIOS - ok
08:49:26.0279 0988 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
08:49:26.0342 0988 NetBT - ok
08:49:26.0376 0988 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
08:49:26.0392 0988 Netlogon - ok
08:49:26.0433 0988 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll
08:49:26.0466 0988 Netman - ok
08:49:26.0569 0988 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:49:26.0581 0988 NetMsmqActivator - ok
08:49:26.0586 0988 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:49:26.0601 0988 NetPipeActivator - ok
08:49:26.0630 0988 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll
08:49:26.0663 0988 netprofm - ok
08:49:26.0720 0988 netr28 (091d731c04e7a1543b391a5b883b4598) C:\windows\system32\DRIVERS\netr28.sys
08:49:26.0747 0988 netr28 - ok
08:49:26.0869 0988 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:49:26.0882 0988 NetTcpActivator - ok
08:49:26.0886 0988 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:49:26.0900 0988 NetTcpPortSharing - ok
08:49:26.0952 0988 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
08:49:26.0966 0988 nfrd960 - ok
08:49:27.0163 0988 NIHardwareService (bd7a1d7bef2c0fde73f7b87971ed9d2f) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
08:49:27.0221 0988 NIHardwareService ( UnsignedFile.Multi.Generic ) - warning
08:49:27.0221 0988 NIHardwareService - detected UnsignedFile.Multi.Generic (1)
08:49:27.0375 0988 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\windows\system32\DRIVERS\NisDrvWFP.sys
08:49:27.0388 0988 NisDrv - ok
08:49:27.0420 0988 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll
08:49:27.0461 0988 NlaSvc - ok
08:49:27.0480 0988 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
08:49:27.0510 0988 Npfs - ok
08:49:27.0542 0988 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll
08:49:27.0572 0988 nsi - ok
08:49:27.0594 0988 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
08:49:27.0623 0988 nsiproxy - ok
08:49:27.0693 0988 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
08:49:27.0724 0988 Ntfs - ok
08:49:27.0756 0988 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
08:49:27.0784 0988 Null - ok
08:49:27.0819 0988 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\windows\system32\DRIVERS\nvm62x32.sys
08:49:27.0840 0988 NVENETFD - ok
08:49:27.0890 0988 NVHDA (603b0c9bb86f7b3efb88a482c6663ec4) C:\windows\system32\drivers\nvhda32v.sys
08:49:27.0903 0988 NVHDA - ok
08:49:28.0260 0988 nvlddmkm (6369c7702e931ec4b495a8930a8149f2) C:\windows\system32\DRIVERS\nvlddmkm.sys
08:49:28.0497 0988 nvlddmkm - ok
08:49:28.0681 0988 NVNET (5bf9c11586f4764446407f509f1beca8) C:\windows\system32\DRIVERS\nvmf6232.sys
08:49:28.0699 0988 NVNET - ok
08:49:28.0753 0988 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
08:49:28.0769 0988 nvraid - ok
08:49:28.0819 0988 nvsmu (f13618f0cb1e95232f4c2401592a59e9) C:\windows\system32\DRIVERS\nvsmu.sys
08:49:28.0846 0988 nvsmu - ok
08:49:28.0893 0988 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
08:49:28.0909 0988 nvstor - ok
08:49:28.0941 0988 nvstor32 (3ff57a9a657c9690ecbc8b1e3b6e3979) C:\windows\system32\DRIVERS\nvstor32.sys
08:49:28.0955 0988 nvstor32 - ok
08:49:28.0984 0988 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
08:49:29.0000 0988 nv_agp - ok
08:49:29.0075 0988 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:49:29.0091 0988 odserv - ok
08:49:29.0113 0988 ohci1394 - ok
08:49:29.0186 0988 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:49:29.0198 0988 ose - ok
08:49:29.0244 0988 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
08:49:29.0262 0988 p2pimsvc - ok
08:49:29.0280 0988 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll
08:49:29.0300 0988 p2psvc - ok
08:49:29.0335 0988 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
08:49:29.0352 0988 Parport - ok
08:49:29.0374 0988 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
08:49:29.0389 0988 partmgr - ok
08:49:29.0419 0988 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
08:49:29.0435 0988 Parvdm - ok
08:49:29.0476 0988 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll
08:49:29.0496 0988 PcaSvc - ok
08:49:29.0529 0988 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
08:49:29.0547 0988 pci - ok
08:49:29.0558 0988 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
08:49:29.0572 0988 pciide - ok
08:49:29.0598 0988 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
08:49:29.0616 0988 pcmcia - ok
08:49:29.0630 0988 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
08:49:29.0645 0988 pcw - ok
08:49:29.0673 0988 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
08:49:29.0751 0988 PEAUTH - ok
08:49:29.0857 0988 pgsql-8.3 (acc93675d78d1c07dad09d7837f2397a) C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
08:49:29.0864 0988 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - warning
08:49:29.0864 0988 pgsql-8.3 - detected UnsignedFile.Multi.Generic (1)
08:49:29.0932 0988 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll
08:49:29.0976 0988 pla - ok
08:49:30.0087 0988 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll
08:49:30.0113 0988 PlugPlay - ok
08:49:30.0138 0988 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll
08:49:30.0158 0988 PNRPAutoReg - ok
08:49:30.0177 0988 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
08:49:30.0196 0988 PNRPsvc - ok
08:49:30.0238 0988 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll
08:49:30.0269 0988 PolicyAgent - ok
08:49:30.0307 0988 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll
08:49:30.0336 0988 Power - ok
08:49:30.0414 0988 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
08:49:30.0444 0988 PptpMiniport - ok
08:49:30.0464 0988 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
08:49:30.0487 0988 Processor - ok
08:49:30.0529 0988 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\windows\system32\profsvc.dll
08:49:30.0559 0988 ProfSvc - ok
08:49:30.0588 0988 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
08:49:30.0604 0988 ProtectedStorage - ok
08:49:30.0636 0988 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
08:49:30.0666 0988 Psched - ok
08:49:30.0703 0988 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\windows\system32\Drivers\PxHelp20.sys
08:49:30.0715 0988 PxHelp20 - ok
08:49:30.0787 0988 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
08:49:30.0830 0988 ql2300 - ok
08:49:30.0964 0988 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
08:49:30.0979 0988 ql40xx - ok
08:49:31.0014 0988 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll
08:49:31.0036 0988 QWAVE - ok
08:49:31.0048 0988 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
08:49:31.0067 0988 QWAVEdrv - ok
08:49:31.0081 0988 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
08:49:31.0118 0988 RasAcd - ok
08:49:31.0151 0988 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
08:49:31.0183 0988 RasAgileVpn - ok
08:49:31.0217 0988 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll
08:49:31.0248 0988 RasAuto - ok
08:49:31.0289 0988 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
08:49:31.0320 0988 Rasl2tp - ok
08:49:31.0376 0988 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll
08:49:31.0406 0988 RasMan - ok
08:49:31.0428 0988 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
08:49:31.0459 0988 RasPppoe - ok
08:49:31.0491 0988 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
08:49:31.0519 0988 RasSstp - ok
08:49:31.0548 0988 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
08:49:31.0580 0988 rdbss - ok
08:49:31.0609 0988 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
08:49:31.0626 0988 rdpbus - ok
08:49:31.0653 0988 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
08:49:31.0680 0988 RDPCDD - ok
08:49:31.0718 0988 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
08:49:31.0745 0988 RDPENCDD - ok
08:49:31.0759 0988 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
08:49:31.0786 0988 RDPREFMP - ok
08:49:31.0817 0988 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys
08:49:31.0836 0988 RDPWD - ok
08:49:31.0888 0988 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
08:49:31.0905 0988 rdyboost - ok
08:49:31.0949 0988 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll
08:49:31.0978 0988 RemoteAccess - ok
08:49:32.0009 0988 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll
08:49:32.0075 0988 RemoteRegistry - ok
08:49:32.0104 0988 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll
08:49:32.0134 0988 RpcEptMapper - ok
08:49:32.0160 0988 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe
08:49:32.0179 0988 RpcLocator - ok
08:49:32.0211 0988 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\System32\rpcss.dll
08:49:32.0243 0988 RpcSs - ok
08:49:32.0282 0988 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
08:49:32.0312 0988 rspndr - ok
08:49:32.0338 0988 RSUSBSTOR - ok
08:49:32.0376 0988 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
08:49:32.0394 0988 RTL8167 - ok
08:49:32.0398 0988 RtsUIR - ok
08:49:32.0469 0988 SABKUTIL - ok
08:49:32.0511 0988 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
08:49:32.0526 0988 SamSs - ok
08:49:32.0583 0988 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
08:49:32.0598 0988 sbp2port - ok
08:49:32.0624 0988 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll
08:49:32.0653 0988 SCardSvr - ok
08:49:32.0687 0988 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
08:49:32.0715 0988 scfilter - ok
08:49:32.0777 0988 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll
08:49:32.0813 0988 Schedule - ok
08:49:32.0835 0988 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
08:49:32.0864 0988 SCPolicySvc - ok
08:49:32.0905 0988 sdbus (0328be1c7f1cba23848179f8762e391c) C:\windows\system32\drivers\sdbus.sys
08:49:32.0924 0988 sdbus - ok
08:49:32.0954 0988 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll
08:49:32.0971 0988 SDRSVC - ok
08:49:32.0995 0988 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
08:49:33.0025 0988 secdrv - ok
08:49:33.0061 0988 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll
08:49:33.0091 0988 seclogon - ok
08:49:33.0147 0988 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\system32\sens.dll
08:49:33.0178 0988 SENS - ok
08:49:33.0195 0988 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll
08:49:33.0212 0988 SensrSvc - ok
08:49:33.0223 0988 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
08:49:33.0239 0988 Serenum - ok
08:49:33.0275 0988 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
08:49:33.0293 0988 Serial - ok
08:49:33.0317 0988 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
08:49:33.0333 0988 sermouse - ok
08:49:33.0382 0988 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll
08:49:33.0432 0988 SessionEnv - ok
08:49:33.0458 0988 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
08:49:33.0475 0988 sffdisk - ok
08:49:33.0480 0988 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
08:49:33.0499 0988 sffp_mmc - ok
08:49:33.0504 0988 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
08:49:33.0523 0988 sffp_sd - ok
08:49:33.0548 0988 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
08:49:33.0564 0988 sfloppy - ok
08:49:33.0619 0988 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll
08:49:33.0651 0988 SharedAccess - ok
08:49:33.0692 0988 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll
08:49:33.0725 0988 ShellHWDetection - ok
08:49:33.0753 0988 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
08:49:33.0767 0988 sisagp - ok
08:49:33.0812 0988 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
08:49:33.0826 0988 SiSRaid2 - ok
08:49:33.0840 0988 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
08:49:33.0855 0988 SiSRaid4 - ok
08:49:33.0919 0988 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files\Skype\Updater\Updater.exe
08:49:33.0931 0988 SkypeUpdate - ok
08:49:33.0966 0988 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
08:49:34.0006 0988 Smb - ok
08:49:34.0074 0988 smserial (19301c27f3425dc39f6c599f527e507d) C:\windows\system32\DRIVERS\smserial.sys
08:49:34.0115 0988 smserial - ok
08:49:34.0150 0988 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe
08:49:34.0167 0988 SNMPTRAP - ok
08:49:34.0176 0988 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
08:49:34.0191 0988 spldr - ok
08:49:34.0237 0988 Spooler (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe
08:49:34.0268 0988 Spooler - ok
08:49:34.0389 0988 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe
08:49:34.0454 0988 sppsvc - ok
08:49:34.0557 0988 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll
08:49:34.0585 0988 sppuinotify - ok
08:49:34.0667 0988 SRTSP (e81f6caeab9ad5732e94c07c97866aa2) C:\windows\system32\drivers\NIS\1007000.01E\SRTSP.SYS
08:49:34.0685 0988 SRTSP - ok
08:49:34.0720 0988 SRTSPX (e28de499d942b08058bffac69d4122b6) C:\windows\system32\drivers\NIS\1007000.01E\SRTSPX.SYS
08:49:34.0731 0988 SRTSPX - ok
08:49:34.0763 0988 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
08:49:34.0784 0988 srv - ok
08:49:34.0800 0988 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
08:49:34.0821 0988 srv2 - ok
08:49:34.0853 0988 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
08:49:34.0870 0988 srvnet - ok
08:49:34.0894 0988 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll
08:49:34.0926 0988 SSDPSRV - ok
08:49:34.0946 0988 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll
08:49:34.0978 0988 SstpSvc - ok
08:49:35.0006 0988 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
08:49:35.0020 0988 stexstor - ok
08:49:35.0053 0988 StillCam (edb05bd63148796f23ea78506404a538) C:\windows\system32\DRIVERS\serscan.sys
08:49:35.0071 0988 StillCam - ok
08:49:35.0127 0988 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll
08:49:35.0152 0988 StiSvc - ok
08:49:35.0181 0988 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
08:49:35.0195 0988 swenum - ok
08:49:35.0233 0988 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll
08:49:35.0274 0988 swprv - ok
08:49:35.0336 0988 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll
08:49:35.0368 0988 SysMain - ok
08:49:35.0399 0988 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll
08:49:35.0419 0988 TabletInputService - ok
08:49:35.0463 0988 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll
08:49:35.0494 0988 TapiSrv - ok
08:49:35.0539 0988 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll
08:49:35.0570 0988 TBS - ok
08:49:35.0697 0988 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys
08:49:35.0729 0988 Tcpip - ok
08:49:35.0753 0988 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys
08:49:35.0785 0988 TCPIP6 - ok
08:49:35.0818 0988 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
08:49:35.0846 0988 tcpipreg - ok
08:49:35.0886 0988 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
08:49:35.0901 0988 TDPIPE - ok
08:49:35.0931 0988 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
08:49:35.0953 0988 TDTCP - ok
08:49:35.0984 0988 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
08:49:36.0013 0988 tdx - ok
08:49:36.0042 0988 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
08:49:36.0056 0988 TermDD - ok
08:49:36.0109 0988 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll
08:49:36.0144 0988 TermService - ok
08:49:36.0170 0988 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll
08:49:36.0190 0988 Themes - ok
08:49:36.0208 0988 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
08:49:36.0238 0988 THREADORDER - ok
08:49:36.0287 0988 tmactmon (e8e528896ff2595cfada88749cd72ef8) C:\windows\system32\DRIVERS\tmactmon.sys
08:49:36.0299 0988 tmactmon - ok
08:49:36.0370 0988 tmcomm (1837512d4aab862bd297a2ef035fba14) C:\windows\system32\DRIVERS\tmcomm.sys
08:49:36.0385 0988 tmcomm - ok
08:49:36.0435 0988 tmeevw (f49ca5c26378f4d5603f2a2fc86e09a1) C:\windows\system32\DRIVERS\tmeevw.sys
08:49:36.0447 0988 tmeevw - ok
08:49:36.0493 0988 tmevtmgr (dbac510d1c7cc66b7a78eb2264f3072e) C:\windows\system32\DRIVERS\tmevtmgr.sys
08:49:36.0506 0988 tmevtmgr - ok
08:49:36.0522 0988 tmnciesc (2e078184034a179c47787f87f238d5ba) C:\windows\system32\DRIVERS\tmnciesc.sys
08:49:36.0535 0988 tmnciesc - ok
08:49:36.0588 0988 tmtdi (a6e20b094a8d3e3f46d10bbe7e1ebb82) C:\windows\system32\DRIVERS\tmtdi.sys
08:49:36.0602 0988 tmtdi - ok
08:49:36.0651 0988 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll
08:49:36.0681 0988 TrkWks - ok
08:49:36.0727 0988 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe
08:49:36.0756 0988 TrustedInstaller - ok
08:49:36.0774 0988 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
08:49:36.0802 0988 tssecsrv - ok
08:49:36.0837 0988 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
08:49:36.0853 0988 TsUsbFlt - ok
08:49:36.0908 0988 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
08:49:36.0937 0988 tunnel - ok
08:49:36.0980 0988 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
08:49:36.0994 0988 uagp35 - ok
08:49:37.0025 0988 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
08:49:37.0081 0988 udfs - ok
08:49:37.0134 0988 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe
08:49:37.0151 0988 UI0Detect - ok
08:49:37.0198 0988 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
08:49:37.0213 0988 uliagpkx - ok
08:49:37.0247 0988 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
08:49:37.0264 0988 umbus - ok
08:49:37.0298 0988 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
08:49:37.0314 0988 UmPass - ok
08:49:37.0348 0988 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll
08:49:37.0380 0988 upnphost - ok
08:49:37.0418 0988 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\windows\system32\Drivers\usbaapl.sys
08:49:37.0433 0988 USBAAPL - ok
08:49:37.0483 0988 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\windows\system32\drivers\usbaudio.sys
08:49:37.0502 0988 usbaudio - ok
08:49:37.0516 0988 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
08:49:37.0533 0988 usbccgp - ok
08:49:37.0537 0988 USBCCID - ok
08:49:37.0582 0988 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
08:49:37.0601 0988 usbcir - ok
08:49:37.0613 0988 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
08:49:37.0629 0988 usbehci - ok
08:49:37.0660 0988 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
08:49:37.0679 0988 usbhub - ok
08:49:37.0705 0988 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\DRIVERS\usbohci.sys
08:49:37.0735 0988 usbohci - ok
08:49:37.0771 0988 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
08:49:37.0789 0988 usbprint - ok
08:49:37.0825 0988 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys
08:49:37.0843 0988 usbscan - ok
08:49:37.0867 0988 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
08:49:37.0884 0988 USBSTOR - ok
08:49:37.0902 0988 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\drivers\usbuhci.sys
08:49:37.0918 0988 usbuhci - ok
08:49:37.0968 0988 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys
08:49:37.0989 0988 usbvideo - ok
08:49:38.0013 0988 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll
08:49:38.0052 0988 UxSms - ok
08:49:38.0090 0988 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
08:49:38.0112 0988 VaultSvc - ok
08:49:38.0143 0988 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
08:49:38.0157 0988 vdrvroot - ok
08:49:38.0211 0988 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe
08:49:38.0282 0988 vds - ok
08:49:38.0320 0988 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
08:49:38.0338 0988 vga - ok
08:49:38.0353 0988 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
08:49:38.0383 0988 VgaSave - ok
08:49:38.0425 0988 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
08:49:38.0441 0988 vhdmp - ok
08:49:38.0477 0988 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
08:49:38.0491 0988 viaagp - ok
08:49:38.0527 0988 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
08:49:38.0544 0988 ViaC7 - ok
08:49:38.0573 0988 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
08:49:38.0586 0988 viaide - ok
08:49:38.0608 0988 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
08:49:38.0622 0988 volmgr - ok
08:49:38.0662 0988 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
08:49:38.0679 0988 volmgrx - ok
08:49:38.0713 0988 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
08:49:38.0731 0988 volsnap - ok
08:49:38.0764 0988 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
08:49:38.0781 0988 vsmraid - ok
08:49:38.0835 0988 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe
08:49:38.0875 0988 VSS - ok
08:49:38.0890 0988 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
08:49:38.0907 0988 vwifibus - ok
08:49:38.0938 0988 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
08:49:38.0957 0988 vwififlt - ok
08:49:38.0968 0988 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys
08:49:38.0988 0988 vwifimp - ok
08:49:39.0027 0988 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll
08:49:39.0060 0988 W32Time - ok
08:49:39.0090 0988 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
08:49:39.0126 0988 WacomPen - ok
08:49:39.0167 0988 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
08:49:39.0196 0988 WANARP - ok
08:49:39.0199 0988 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
08:49:39.0228 0988 Wanarpv6 - ok
08:49:39.0308 0988 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\windows\system32\Wat\WatAdminSvc.exe
08:49:39.0341 0988 WatAdminSvc - ok
08:49:39.0405 0988 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe
08:49:39.0435 0988 wbengine - ok
08:49:39.0466 0988 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll
08:49:39.0487 0988 WbioSrvc - ok
08:49:39.0517 0988 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll
08:49:39.0542 0988 wcncsvc - ok
08:49:39.0577 0988 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll
08:49:39.0594 0988 WcsPlugInService - ok
08:49:39.0647 0988 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
08:49:39.0661 0988 Wd - ok
08:49:39.0692 0988 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
08:49:39.0718 0988 Wdf01000 - ok
08:49:39.0743 0988 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
08:49:39.0777 0988 WdiServiceHost - ok
08:49:39.0781 0988 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
08:49:39.0802 0988 WdiSystemHost - ok
08:49:39.0829 0988 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll
08:49:39.0851 0988 WebClient - ok
08:49:39.0876 0988 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll
08:49:39.0920 0988 Wecsvc - ok
08:49:39.0932 0988 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll
08:49:39.0962 0988 wercplsupport - ok
08:49:40.0004 0988 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll
08:49:40.0035 0988 WerSvc - ok
08:49:40.0070 0988 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
08:49:40.0121 0988 WfpLwf - ok
08:49:40.0188 0988 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
08:49:40.0202 0988 WIMMount - ok
08:49:40.0279 0988 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
08:49:40.0305 0988 WinDefend - ok
08:49:40.0315 0988 WinHttpAutoProxySvc - ok
08:49:40.0383 0988 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll
08:49:40.0420 0988 Winmgmt - ok
08:49:40.0487 0988 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll
08:49:40.0528 0988 WinRM - ok
08:49:40.0591 0988 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys
08:49:40.0609 0988 WinUsb - ok
08:49:40.0677 0988 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll
08:49:40.0706 0988 Wlansvc - ok
08:49:40.0754 0988 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
08:49:40.0770 0988 WmiAcpi - ok
08:49:40.0833 0988 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe
08:49:40.0850 0988 wmiApSrv - ok
08:49:40.0959 0988 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
08:49:40.0986 0988 WMPNetworkSvc - ok
08:49:41.0021 0988 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll
08:49:41.0037 0988 WPCSvc - ok
08:49:41.0057 0988 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll
08:49:41.0075 0988 WPDBusEnum - ok
08:49:41.0137 0988 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
08:49:41.0166 0988 ws2ifsl - ok
08:49:41.0202 0988 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\system32\wscsvc.dll
08:49:41.0223 0988 wscsvc - ok
08:49:41.0226 0988 WSearch - ok
08:49:41.0316 0988 wuauserv (3026418a50c5b4761befa632cedb7406) C:\windows\system32\wuaueng.dll
08:49:41.0365 0988 wuauserv - ok
08:49:41.0485 0988 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys
08:49:41.0514 0988 WudfPf - ok
08:49:41.0526 0988 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys
08:49:41.0556 0988 WUDFRd - ok
08:49:41.0592 0988 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\windows\System32\WUDFSvc.dll
08:49:41.0621 0988 wudfsvc - ok
08:49:41.0660 0988 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll
08:49:41.0681 0988 WwanSvc - ok
08:49:41.0720 0988 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:49:41.0815 0988 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
08:49:41.0815 0988 \Device\Harddisk0\DR0 - detected TDSS File System (1)
08:49:41.0850 0988 Boot (0x1200) (3fb453d45083640cf69166a58c6c1524) \Device\Harddisk0\DR0\Partition0
08:49:41.0851 0988 \Device\Harddisk0\DR0\Partition0 - ok
08:49:41.0875 0988 Boot (0x1200) (47c488a83f7d5043947c9b1a68c8c0df) \Device\Harddisk0\DR0\Partition1
08:49:41.0876 0988 \Device\Harddisk0\DR0\Partition1 - ok
08:49:41.0877 0988 ============================================================
08:49:41.0877 0988 Scan finished
08:49:41.0877 0988 ============================================================
08:49:41.0894 2848 Detected object count: 8
08:49:41.0894 2848 Actual detected object count: 8
08:51:19.0371 2848 cbVSCService ( UnsignedFile.Multi.Generic ) - skipped by user
08:51:19.0371 2848 cbVSCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:51:19.0373 2848 cbVSCService11 ( UnsignedFile.Multi.Generic ) - skipped by user
08:51:19.0373 2848 cbVSCService11 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:51:19.0377 2848 CobianBackup11 ( UnsignedFile.Multi.Generic ) - skipped by user
08:51:19.0377 2848 CobianBackup11 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:51:19.0380 2848 gupdate ( UnsignedFile.Multi.Generic ) - skipped by user
08:51:19.0381 2848 gupdate ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:51:19.0381 2848 gupdatem ( UnsignedFile.Multi.Generic ) - skipped by user
08:51:19.0381 2848 gupdatem ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:51:19.0384 2848 NIHardwareService ( UnsignedFile.Multi.Generic ) - skipped by user
08:51:19.0384 2848 NIHardwareService ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:51:19.0386 2848 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - skipped by user
08:51:19.0387 2848 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:51:19.0432 2848 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
08:51:19.0478 2848 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
08:51:19.0481 2848 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
08:51:19.0493 2848 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
08:51:19.0497 2848 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
08:51:19.0501 2848 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
08:51:19.0506 2848 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
08:51:19.0510 2848 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
08:51:19.0511 2848 \Device\Harddisk0\DR0\TDLFS - deleted
08:51:19.0511 2848 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
08:52:36.0290 5636 Deinitialize success

[orapaho]

No improvement of the text issue on internet either IE or Mozilla

All processes killed
========== OTL ==========
Error: No service named HitmanPro35CrusaderBoot) Hitman Pro 3.5 Crusader (Boot was found to stop!
Service\Driver key HitmanPro35CrusaderBoot) Hitman Pro 3.5 Crusader (Boot not found.
File G:\HitmanPro35.exe /crusader:boot not found.
Service SABKUTIL stopped successfully!
Service SABKUTIL deleted successfully!
File C:\Users\Daniel\Downloads\SASKUTIL.SYS not found.
Error: No service named NAVEX15 was found to stop!
Service\Driver key NAVEX15 not found.
File C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\NAVEX15.SYS not found.
Error: No service named NAVENG was found to stop!
Service\Driver key NAVENG not found.
File C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\NAVENG.SYS not found.
Service MpKsld1c08d25 stopped successfully!
Service MpKsld1c08d25 deleted successfully!
File c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{767A5A13-E730-4133-8181-8582449E5980}\MpKsld1c08d25.sys not found.
Service MpKslaa4e8ed7 stopped successfully!
Service MpKslaa4e8ed7 deleted successfully!
File c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{98B5CA0C-846F-4E0E-A61F-AE8E8CEAA4A1}\MpKslaa4e8ed7.sys not found.
Service MpKsl6d712253 stopped successfully!
Service MpKsl6d712253 deleted successfully!
File c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{98B5CA0C-846F-4E0E-A61F-AE8E8CEAA4A1}\MpKsl6d712253.sys not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Daniel\Desktop\cmd.bat deleted successfully.
C:\Users\Daniel\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Daniel
->Temp folder emptied: 41968552 bytes
->Temporary Internet Files folder emptied: 52600493 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 57633290 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 470 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: fixme
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49632 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 145.00 mb


[EMPTYFLASH]

User: All Users

User: Daniel
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: fixme
->Flash cache emptied: 0 bytes

User: postgres

User: Public

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.41.0 log created on 04282012_112415

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[Gammo]

I'm sorry to hear that didn't help either.

• Download OTC to your desktop and run it
• A list of tool components used in the Cleanup of malware will be downloaded.
• If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
• Click Yes to begin the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

[Gammo]

Let's try a couple of more things.



Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

• Double-click SystemLook.exe to run it.
• Copy the content of the following codebox into the main textfield:
  

  :contents
  C:\windows\System32\config.nt
  

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt






Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow

(This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

[orapaho]

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 28/04/2012 3:28:29 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/04/2012 10:00:36 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The iPod Service service failed to start due to the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 28/04/2012 10:00:37 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "2" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Log: 'System' Date/Time: 28/04/2012 9:59:59 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Cobian Backup 11 Gravity service failed to start due to the following error: The service did not start due to a logon failure.

Log: 'System' Date/Time: 28/04/2012 9:59:59 PM
Type: Error Category: 0
Event: 7038 Source: Service Control Manager
The CobianBackup11 service was unable to log on as .\daniel with the currently configured password due to the following error: Logon failure: unknown user name or bad password. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Log: 'System' Date/Time: 28/04/2012 9:59:58 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Cobian Backup 10 Volume Shadow Copy service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 28/04/2012 9:59:58 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Cobian Backup 10 Volume Shadow Copy service service to connect.

Log: 'System' Date/Time: 28/04/2012 9:59:53 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Hitman Pro 3.5 Crusader (Boot) service failed to start due to the following error: The system cannot find the file specified.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/04/2012 10:19:07 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.Home timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 28/04/2012 9:59:15 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 28/04/2012 3:30:02 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 28/04/2012 10:14:18 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 12745

Log: 'Application' Date/Time: 28/04/2012 10:14:18 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 12745

Log: 'Application' Date/Time: 28/04/2012 10:14:18 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 28/04/2012 10:14:17 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 11544

Log: 'Application' Date/Time: 28/04/2012 10:14:17 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 11544

Log: 'Application' Date/Time: 28/04/2012 10:14:17 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 28/04/2012 10:14:15 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 9937

Log: 'Application' Date/Time: 28/04/2012 10:14:15 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 9937

Log: 'Application' Date/Time: 28/04/2012 10:14:15 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 28/04/2012 10:14:14 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 8814

Log: 'Application' Date/Time: 28/04/2012 10:14:14 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 8814

Log: 'Application' Date/Time: 28/04/2012 10:14:14 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 28/04/2012 10:14:13 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 7815

Log: 'Application' Date/Time: 28/04/2012 10:14:13 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 7815

Log: 'Application' Date/Time: 28/04/2012 10:14:13 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 28/04/2012 10:14:12 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 6817

Log: 'Application' Date/Time: 28/04/2012 10:14:12 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 6817

Log: 'Application' Date/Time: 28/04/2012 10:14:12 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 28/04/2012 10:14:11 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 5709

Log: 'Application' Date/Time: 28/04/2012 10:14:11 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 5709

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 28/04/2012 9:59:10 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 3 user registry handles leaked from \Registry\User\S-1-5-21-927333513-3874424503-187824201-1000:
Process 1180 (\Device\HarddiskVolume3\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-927333513-3874424503-187824201-1000
Process 1180 (\Device\HarddiskVolume3\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-927333513-3874424503-187824201-1000\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
Process 1180 (\Device\HarddiskVolume3\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-927333513-3874424503-187824201-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings

[orapaho]

Here is systemlook log

SystemLook 30.07.11 by jpshortstuff
Log created at 14:52 on 28/04/2012 by Daniel
Administrator - Elevation successful

========== contents ==========

C:\windows\System32\config.nt - Opened succesfully.

REM Windows MS-DOS Startup File
REM
REM CONFIG.SYS vs CONFIG.NT
REM CONFIG.SYS is not used to initialize the MS-DOS environment.
REM CONFIG.NT is used to initialize the MS-DOS environment unless a
REM different startup file is specified in an application's PIF.
REM
REM ECHOCONFIG
REM By default, no information is displayed when the MS-DOS environment
REM is initialized. To display CONFIG.NT/AUTOEXEC.NT information, add
REM the command echoconfig to CONFIG.NT or other startup file.
REM
REM NTCMDPROMPT
REM When you return to the command prompt from a TSR or while running an
REM MS-DOS-based application, Windows runs COMMAND.COM. This allows the
REM TSR to remain active. To run CMD.EXE, the Windows command prompt,
REM rather than COMMAND.COM, add the command ntcmdprompt to CONFIG.NT or
REM other startup file.
REM
REM DOSONLY
REM By default, you can start any type of application when running
REM COMMAND.COM. If you start an application other than an MS-DOS-based
REM application, any running TSR may be disrupted. To ensure that only
REM MS-DOS-based applications can be started, add the command dosonly to
REM CONFIG.NT or other startup file.
REM
REM EMM
REM You can use EMM command line to configure EMM(Expanded Memory Manager).
REM The syntax is:
REM
REM EMM = [A=AltRegSets] [B=BaseSegment] [RAM]
REM
REM AltRegSets
REM specifies the total Alternative Mapping Register Sets you
REM want the system to support. 1 <= AltRegSets <= 255. The
REM default value is 8.
REM BaseSegment
REM specifies the starting segment address in the Dos conventional
REM memory you want the system to allocate for EMM page frames.
REM The value must be given in Hexdecimal.
REM 0x1000 <= BaseSegment <= 0x4000. The value is rounded down to
REM 16KB boundary. The default value is 0x4000
REM RAM
REM specifies that the system should only allocate 64Kb address
REM space from the Upper Memory Block(UMB) area for EMM page frames
REM and leave the rests(if available) to be used by DOS to support
REM loadhigh and devicehigh commands. The system, by default, would
REM allocate all possible and available UMB for page frames.
REM
REM The EMM size is determined by pif file(either the one associated
REM with your application or _default.pif). If the size from PIF file
REM is zero, EMM will be disabled and the EMM line will be ignored.
REM
dos=high, umb
device=%SystemRoot%\system32\himem.sys
files=40


-= EOF =-

[orapaho]

OK IT WORKS!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! No more weird text appearance on IE or Mozilla. And for now I have not seen mozilla crash! I will give you another report in a few hours. What was wrong? malware? virus? registry error? Thank you very much!

[Gammo]

• Click on All Programs and Accessories, then right click on Command Prompt and click on Run as administrator. (See screenshot below)
  
• Copy the line below and paste it at the command prompt. Then press Enter
  
  

  findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >%userprofile%\Desktop\sfcdetails.txt

• The file sfcdetails.txt will now be on your desktop. Please open it , Edit | select all | copy and paste it in your next reply.

You may want to reinstall Cobian Backup 11, since it's not working properly now.




Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :Services
  HitmanPro35CrusaderBoot
  iPod Service
  

• Then click the Run Fix button at the top
• Let the program run unhindered.

• Download OTC to your desktop and run it
• A list of tool components used in the Cleanup of malware will be downloaded.
• If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
• Click Yes to begin the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

[orapaho]

2012-04-28 15:03:38, Info CSI 00000009 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:03:38, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2012-04-28 15:03:55, Info CSI 0000000c [SR] Verify complete
2012-04-28 15:03:55, Info CSI 0000000d [SR] Verifying 100 (0x00000064) components
2012-04-28 15:03:55, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2012-04-28 15:04:08, Info CSI 00000010 [SR] Verify complete
2012-04-28 15:04:08, Info CSI 00000011 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:04:08, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2012-04-28 15:04:27, Info CSI 00000014 [SR] Verify complete
2012-04-28 15:04:27, Info CSI 00000015 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:04:27, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2012-04-28 15:04:31, Info CSI 00000018 [SR] Verify complete
2012-04-28 15:04:32, Info CSI 00000019 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:04:32, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2012-04-28 15:04:43, Info CSI 0000001c [SR] Verify complete
2012-04-28 15:04:43, Info CSI 0000001d [SR] Verifying 100 (0x00000064) components
2012-04-28 15:04:43, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2012-04-28 15:05:02, Info CSI 00000020 [SR] Verify complete
2012-04-28 15:05:05, Info CSI 00000021 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:05:05, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2012-04-28 15:05:20, Info CSI 00000024 [SR] Verify complete
2012-04-28 15:05:23, Info CSI 00000025 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:05:23, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2012-04-28 15:05:39, Info CSI 00000028 [SR] Verify complete
2012-04-28 15:05:40, Info CSI 00000029 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:05:40, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2012-04-28 15:05:50, Info CSI 0000002c [SR] Verify complete
2012-04-28 15:05:51, Info CSI 0000002d [SR] Verifying 100 (0x00000064) components
2012-04-28 15:05:51, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2012-04-28 15:05:58, Info CSI 00000030 [SR] Verify complete
2012-04-28 15:05:59, Info CSI 00000031 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:05:59, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2012-04-28 15:06:08, Info CSI 00000034 [SR] Verify complete
2012-04-28 15:06:09, Info CSI 00000035 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:06:09, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2012-04-28 15:06:23, Info CSI 00000038 [SR] Verify complete
2012-04-28 15:06:24, Info CSI 00000039 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:06:24, Info CSI 0000003a [SR] Beginning Verify and Repair transaction
2012-04-28 15:06:35, Info CSI 0000003f [SR] Verify complete
2012-04-28 15:06:35, Info CSI 00000040 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:06:35, Info CSI 00000041 [SR] Beginning Verify and Repair transaction
2012-04-28 15:06:42, Info CSI 00000044 [SR] Verify complete
2012-04-28 15:06:43, Info CSI 00000045 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:06:43, Info CSI 00000046 [SR] Beginning Verify and Repair transaction
2012-04-28 15:06:50, Info CSI 0000004a [SR] Verify complete
2012-04-28 15:06:51, Info CSI 0000004b [SR] Verifying 100 (0x00000064) components
2012-04-28 15:06:51, Info CSI 0000004c [SR] Beginning Verify and Repair transaction
2012-04-28 15:07:02, Info CSI 00000056 [SR] Verify complete
2012-04-28 15:07:02, Info CSI 00000057 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:07:02, Info CSI 00000058 [SR] Beginning Verify and Repair transaction
2012-04-28 15:07:10, Info CSI 0000005a [SR] Verify complete
2012-04-28 15:07:10, Info CSI 0000005b [SR] Verifying 100 (0x00000064) components
2012-04-28 15:07:10, Info CSI 0000005c [SR] Beginning Verify and Repair transaction
2012-04-28 15:07:20, Info CSI 0000005e [SR] Verify complete
2012-04-28 15:07:20, Info CSI 0000005f [SR] Verifying 100 (0x00000064) components
2012-04-28 15:07:20, Info CSI 00000060 [SR] Beginning Verify and Repair transaction
2012-04-28 15:07:29, Info CSI 00000062 [SR] Verify complete
2012-04-28 15:07:30, Info CSI 00000063 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:07:30, Info CSI 00000064 [SR] Beginning Verify and Repair transaction
2012-04-28 15:07:38, Info CSI 00000066 [SR] Verify complete
2012-04-28 15:07:39, Info CSI 00000067 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:07:39, Info CSI 00000068 [SR] Beginning Verify and Repair transaction
2012-04-28 15:07:47, Info CSI 0000006a [SR] Verify complete
2012-04-28 15:07:48, Info CSI 0000006b [SR] Verifying 100 (0x00000064) components
2012-04-28 15:07:48, Info CSI 0000006c [SR] Beginning Verify and Repair transaction
2012-04-28 15:08:02, Info CSI 00000070 [SR] Verify complete
2012-04-28 15:08:02, Info CSI 00000071 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:08:02, Info CSI 00000072 [SR] Beginning Verify and Repair transaction
2012-04-28 15:08:14, Info CSI 00000074 [SR] Verify complete
2012-04-28 15:08:14, Info CSI 00000075 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:08:14, Info CSI 00000076 [SR] Beginning Verify and Repair transaction
2012-04-28 15:08:26, Info CSI 00000078 [SR] Repairing corrupted file [ml:520{260},l:40{20}]"\??\C:\windows\fonts"\[l:20{10}]"ariali.ttf" from store
2012-04-28 15:08:28, Info CSI 0000007a [SR] Verify complete
2012-04-28 15:08:29, Info CSI 0000007b [SR] Verifying 100 (0x00000064) components
2012-04-28 15:08:29, Info CSI 0000007c [SR] Beginning Verify and Repair transaction
2012-04-28 15:08:44, Info CSI 0000007e [SR] Verify complete
2012-04-28 15:08:44, Info CSI 0000007f [SR] Verifying 100 (0x00000064) components
2012-04-28 15:08:44, Info CSI 00000080 [SR] Beginning Verify and Repair transaction
2012-04-28 15:08:48, Info CSI 00000082 [SR] Verify complete
2012-04-28 15:08:49, Info CSI 00000083 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:08:49, Info CSI 00000084 [SR] Beginning Verify and Repair transaction
2012-04-28 15:08:51, Info CSI 00000086 [SR] Verify complete
2012-04-28 15:08:51, Info CSI 00000087 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:08:51, Info CSI 00000088 [SR] Beginning Verify and Repair transaction
2012-04-28 15:08:55, Info CSI 0000008a [SR] Verify complete
2012-04-28 15:08:56, Info CSI 0000008b [SR] Verifying 100 (0x00000064) components
2012-04-28 15:08:56, Info CSI 0000008c [SR] Beginning Verify and Repair transaction
2012-04-28 15:09:08, Info CSI 000000aa [SR] Verify complete
2012-04-28 15:09:09, Info CSI 000000ab [SR] Verifying 100 (0x00000064) components
2012-04-28 15:09:09, Info CSI 000000ac [SR] Beginning Verify and Repair transaction
2012-04-28 15:09:12, Info CSI 000000ae [SR] Verify complete
2012-04-28 15:09:13, Info CSI 000000af [SR] Verifying 100 (0x00000064) components
2012-04-28 15:09:13, Info CSI 000000b0 [SR] Beginning Verify and Repair transaction
2012-04-28 15:09:18, Info CSI 000000b2 [SR] Verify complete
2012-04-28 15:09:18, Info CSI 000000b3 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:09:18, Info CSI 000000b4 [SR] Beginning Verify and Repair transaction
2012-04-28 15:09:22, Info CSI 000000b6 [SR] Verify complete
2012-04-28 15:09:23, Info CSI 000000b7 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:09:23, Info CSI 000000b8 [SR] Beginning Verify and Repair transaction
2012-04-28 15:09:32, Info CSI 000000ba [SR] Verify complete
2012-04-28 15:09:33, Info CSI 000000bb [SR] Verifying 100 (0x00000064) components
2012-04-28 15:09:33, Info CSI 000000bc [SR] Beginning Verify and Repair transaction
2012-04-28 15:09:44, Info CSI 000000bf [SR] Verify complete
2012-04-28 15:09:45, Info CSI 000000c0 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:09:45, Info CSI 000000c1 [SR] Beginning Verify and Repair transaction
2012-04-28 15:09:49, Info CSI 000000c3 [SR] Verify complete
2012-04-28 15:09:50, Info CSI 000000c4 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:09:50, Info CSI 000000c5 [SR] Beginning Verify and Repair transaction
2012-04-28 15:09:53, Info CSI 000000c7 [SR] Verify complete
2012-04-28 15:09:54, Info CSI 000000c8 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:09:54, Info CSI 000000c9 [SR] Beginning Verify and Repair transaction
2012-04-28 15:10:07, Info CSI 000000cb [SR] Verify complete
2012-04-28 15:10:07, Info CSI 000000cc [SR] Verifying 100 (0x00000064) components
2012-04-28 15:10:07, Info CSI 000000cd [SR] Beginning Verify and Repair transaction
2012-04-28 15:10:17, Info CSI 000000cf [SR] Verify complete
2012-04-28 15:10:18, Info CSI 000000d0 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:10:18, Info CSI 000000d1 [SR] Beginning Verify and Repair transaction
2012-04-28 15:10:26, Info CSI 000000d3 [SR] Verify complete
2012-04-28 15:10:26, Info CSI 000000d4 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:10:26, Info CSI 000000d5 [SR] Beginning Verify and Repair transaction
2012-04-28 15:10:44, Info CSI 000000fb [SR] Verify complete
2012-04-28 15:10:45, Info CSI 000000fc [SR] Verifying 100 (0x00000064) components
2012-04-28 15:10:45, Info CSI 000000fd [SR] Beginning Verify and Repair transaction
2012-04-28 15:10:56, Info CSI 000000ff [SR] Verify complete
2012-04-28 15:10:56, Info CSI 00000100 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:10:56, Info CSI 00000101 [SR] Beginning Verify and Repair transaction
2012-04-28 15:11:30, Info CSI 00000103 [SR] Verify complete
2012-04-28 15:11:30, Info CSI 00000104 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:11:30, Info CSI 00000105 [SR] Beginning Verify and Repair transaction
2012-04-28 15:11:54, Info CSI 00000108 [SR] Verify complete
2012-04-28 15:11:55, Info CSI 00000109 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:11:55, Info CSI 0000010a [SR] Beginning Verify and Repair transaction
2012-04-28 15:12:22, Info CSI 0000010c [SR] Verify complete
2012-04-28 15:12:22, Info CSI 0000010d [SR] Verifying 100 (0x00000064) components
2012-04-28 15:12:22, Info CSI 0000010e [SR] Beginning Verify and Repair transaction
2012-04-28 15:12:36, Info CSI 00000110 [SR] Verify complete
2012-04-28 15:12:36, Info CSI 00000111 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:12:36, Info CSI 00000112 [SR] Beginning Verify and Repair transaction
2012-04-28 15:12:46, Info CSI 00000114 [SR] Verify complete
2012-04-28 15:12:47, Info CSI 00000115 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:12:47, Info CSI 00000116 [SR] Beginning Verify and Repair transaction
2012-04-28 15:12:53, Info CSI 00000118 [SR] Verify complete
2012-04-28 15:12:54, Info CSI 00000119 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:12:54, Info CSI 0000011a [SR] Beginning Verify and Repair transaction
2012-04-28 15:13:01, Info CSI 0000011d [SR] Verify complete
2012-04-28 15:13:02, Info CSI 0000011e [SR] Verifying 100 (0x00000064) components
2012-04-28 15:13:02, Info CSI 0000011f [SR] Beginning Verify and Repair transaction
2012-04-28 15:13:27, Info CSI 00000121 [SR] Verify complete
2012-04-28 15:13:27, Info CSI 00000122 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:13:27, Info CSI 00000123 [SR] Beginning Verify and Repair transaction
2012-04-28 15:13:40, Info CSI 00000126 [SR] Verify complete
2012-04-28 15:13:41, Info CSI 00000127 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:13:41, Info CSI 00000128 [SR] Beginning Verify and Repair transaction
2012-04-28 15:13:50, Info CSI 0000012a [SR] Verify complete
2012-04-28 15:13:51, Info CSI 0000012b [SR] Verifying 100 (0x00000064) components
2012-04-28 15:13:51, Info CSI 0000012c [SR] Beginning Verify and Repair transaction
2012-04-28 15:14:00, Info CSI 0000012e [SR] Verify complete
2012-04-28 15:14:00, Info CSI 0000012f [SR] Verifying 100 (0x00000064) components
2012-04-28 15:14:00, Info CSI 00000130 [SR] Beginning Verify and Repair transaction
2012-04-28 15:19:22, Info CSI 00000133 [SR] Verify complete
2012-04-28 15:19:23, Info CSI 00000134 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:19:23, Info CSI 00000135 [SR] Beginning Verify and Repair transaction
2012-04-28 15:19:33, Info CSI 00000137 [SR] Verify complete
2012-04-28 15:19:34, Info CSI 00000138 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:19:34, Info CSI 00000139 [SR] Beginning Verify and Repair transaction
2012-04-28 15:19:43, Info CSI 0000013b [SR] Verify complete
2012-04-28 15:19:44, Info CSI 0000013c [SR] Verifying 100 (0x00000064) components
2012-04-28 15:19:44, Info CSI 0000013d [SR] Beginning Verify and Repair transaction
2012-04-28 15:19:54, Info CSI 0000013f [SR] Verify complete
2012-04-28 15:19:54, Info CSI 00000140 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:19:54, Info CSI 00000141 [SR] Beginning Verify and Repair transaction
2012-04-28 15:20:06, Info CSI 00000144 [SR] Verify complete
2012-04-28 15:20:07, Info CSI 00000145 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:20:07, Info CSI 00000146 [SR] Beginning Verify and Repair transaction
2012-04-28 15:20:14, Info CSI 00000148 [SR] Verify complete
2012-04-28 15:20:14, Info CSI 00000149 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:20:14, Info CSI 0000014a [SR] Beginning Verify and Repair transaction
2012-04-28 15:20:24, Info CSI 0000014c [SR] Verify complete
2012-04-28 15:20:24, Info CSI 0000014d [SR] Verifying 100 (0x00000064) components
2012-04-28 15:20:24, Info CSI 0000014e [SR] Beginning Verify and Repair transaction
2012-04-28 15:20:34, Info CSI 00000151 [SR] Verify complete
2012-04-28 15:20:34, Info CSI 00000152 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:20:34, Info CSI 00000153 [SR] Beginning Verify and Repair transaction
2012-04-28 15:20:43, Info CSI 00000155 [SR] Verify complete
2012-04-28 15:20:44, Info CSI 00000156 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:20:44, Info CSI 00000157 [SR] Beginning Verify and Repair transaction
2012-04-28 15:20:56, Info CSI 00000159 [SR] Verify complete
2012-04-28 15:20:56, Info CSI 0000015a [SR] Verifying 100 (0x00000064) components
2012-04-28 15:20:56, Info CSI 0000015b [SR] Beginning Verify and Repair transaction
2012-04-28 15:21:07, Info CSI 0000015d [SR] Verify complete
2012-04-28 15:21:08, Info CSI 0000015e [SR] Verifying 100 (0x00000064) components
2012-04-28 15:21:08, Info CSI 0000015f [SR] Beginning Verify and Repair transaction
2012-04-28 15:21:16, Info CSI 00000161 [SR] Verify complete
2012-04-28 15:21:16, Info CSI 00000162 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:21:16, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
2012-04-28 15:21:20, Info CSI 00000165 [SR] Verify complete
2012-04-28 15:21:20, Info CSI 00000166 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:21:20, Info CSI 00000167 [SR] Beginning Verify and Repair transaction
2012-04-28 15:21:27, Info CSI 00000169 [SR] Verify complete
2012-04-28 15:21:27, Info CSI 0000016a [SR] Verifying 100 (0x00000064) components
2012-04-28 15:21:27, Info CSI 0000016b [SR] Beginning Verify and Repair transaction
2012-04-28 15:21:34, Info CSI 0000016d [SR] Verify complete
2012-04-28 15:21:35, Info CSI 0000016e [SR] Verifying 100 (0x00000064) components
2012-04-28 15:21:35, Info CSI 0000016f [SR] Beginning Verify and Repair transaction
2012-04-28 15:21:42, Info CSI 00000171 [SR] Verify complete
2012-04-28 15:21:42, Info CSI 00000172 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:21:42, Info CSI 00000173 [SR] Beginning Verify and Repair transaction
2012-04-28 15:21:48, Info CSI 00000175 [SR] Verify complete
2012-04-28 15:21:49, Info CSI 00000176 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:21:49, Info CSI 00000177 [SR] Beginning Verify and Repair transaction
2012-04-28 15:22:00, Info CSI 00000179 [SR] Verify complete
2012-04-28 15:22:01, Info CSI 0000017a [SR] Verifying 100 (0x00000064) components
2012-04-28 15:22:01, Info CSI 0000017b [SR] Beginning Verify and Repair transaction
2012-04-28 15:22:29, Info CSI 0000017d [SR] Verify complete
2012-04-28 15:22:30, Info CSI 0000017e [SR] Verifying 100 (0x00000064) components
2012-04-28 15:22:30, Info CSI 0000017f [SR] Beginning Verify and Repair transaction
2012-04-28 15:22:56, Info CSI 00000181 [SR] Verify complete
2012-04-28 15:22:56, Info CSI 00000182 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:22:56, Info CSI 00000183 [SR] Beginning Verify and Repair transaction
2012-04-28 15:23:08, Info CSI 00000185 [SR] Verify complete
2012-04-28 15:23:08, Info CSI 00000186 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:23:08, Info CSI 00000187 [SR] Beginning Verify and Repair transaction
2012-04-28 15:23:12, Info CSI 00000189 [SR] Verify complete
2012-04-28 15:23:12, Info CSI 0000018a [SR] Verifying 100 (0x00000064) components
2012-04-28 15:23:12, Info CSI 0000018b [SR] Beginning Verify and Repair transaction
2012-04-28 15:23:18, Info CSI 0000018d [SR] Verify complete
2012-04-28 15:23:19, Info CSI 0000018e [SR] Verifying 100 (0x00000064) components
2012-04-28 15:23:19, Info CSI 0000018f [SR] Beginning Verify and Repair transaction
2012-04-28 15:23:25, Info CSI 00000191 [SR] Verify complete
2012-04-28 15:23:25, Info CSI 00000192 [SR] Verifying 100 (0x00000064) components
2012-04-28 15:23:25, Info CSI 00000193 [SR] Beginning Verify and Repair transaction
2012-04-28 15:23:35, Info CSI 00000195 [SR] Verify complete
2012-04-28 15:23:36, Info CSI 00000196 [SR] Verifying 52 (0x00000034) components
2012-04-28 15:23:36, Info CSI 00000197 [SR] Beginning Verify and Repair transaction
2012-04-28 15:23:40, Info CSI 00000199 [SR] Verify complete
2012-04-28 15:23:40, Info CSI 0000019a [SR] Repairing 1 components
2012-04-28 15:23:40, Info CSI 0000019b [SR] Beginning Verify and Repair transaction
2012-04-28 15:23:40, Info CSI 0000019d [SR] Repairing corrupted file [ml:520{260},l:40{20}]"\??\C:\windows\fonts"\[l:20{10}]"ariali.ttf" from store
2012-04-28 15:23:40, Info CSI 0000019f [SR] Repair complete
2012-04-28 15:23:40, Info CSI 000001a0 [SR] Committing transaction
2012-04-28 15:23:40, Info CSI 000001a4 [SR] Unable to complete Verify and Repair transaction because some of the files that need to be repaired are in use. A reboot is required to complete this operation.
2012-04-28 15:23:40, Info CSI 000001a5 [SR] Repairing 1 components
2012-04-28 15:23:40, Info CSI 000001a6 [SR] Beginning Verify and Repair transaction
2012-04-28 15:23:40, Info CSI 000001a8 [SR] Repairing corrupted file [ml:520{260},l:40{20}]"\??\C:\windows\fonts"\[l:20{10}]"ariali.ttf" from store
2012-04-28 15:23:40, Info CSI 000001aa [SR] Repair complete

[Gammo]

One of your fonts (ariali) was corrupted. I'm not sure whether malware caused this. It's most definitely possible.