Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

virus [Closed]


  • This topic is locked This topic is locked

#16
topedge

topedge

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Whatever I have won't allow antivirus to run. I did get TDSS to run and this is the file.

14:52:30.0140 3552 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:52:30.0640 3552 ============================================================
14:52:30.0640 3552 Current date / time: 2013/04/16 14:52:30.0640
14:52:30.0640 3552 SystemInfo:
14:52:30.0640 3552
14:52:30.0640 3552 OS Version: 5.1.2600 ServicePack: 3.0
14:52:30.0640 3552 Product type: Workstation
14:52:30.0640 3552 ComputerName: EDGELOW
14:52:30.0640 3552 UserName: Scott
14:52:30.0640 3552 Windows directory: C:\WINDOWS
14:52:30.0640 3552 System windows directory: C:\WINDOWS
14:52:30.0640 3552 Processor architecture: Intel x86
14:52:30.0640 3552 Number of processors: 2
14:52:30.0640 3552 Page size: 0x1000
14:52:30.0640 3552 Boot type: Normal boot
14:52:30.0640 3552 ============================================================
14:52:31.0843 3552 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:52:31.0906 3552 ============================================================
14:52:31.0906 3552 \Device\Harddisk0\DR0:
14:52:31.0906 3552 MBR partitions:
14:52:31.0906 3552 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x123B5260
14:52:31.0906 3552 ============================================================
14:52:31.0984 3552 C: <-> \Device\Harddisk0\DR0\Partition1
14:52:31.0984 3552 ============================================================
14:52:31.0984 3552 Initialize success
14:52:31.0984 3552 ============================================================
14:52:54.0921 3672 ============================================================
14:52:54.0921 3672 Scan started
14:52:54.0921 3672 Mode: Manual;
14:52:54.0921 3672 ============================================================
14:52:55.0031 3672 ================ Scan system memory ========================
14:52:55.0031 3672 System memory - ok
14:52:55.0031 3672 ================ Scan services =============================
14:52:55.0171 3672 54647022 - ok
14:52:55.0234 3672 [ C07D5197410AAB28D0D93F943F59656D ] 6to4 C:\WINDOWS\System32\6to4svc.dll
14:52:55.0234 3672 6to4 - ok
14:52:55.0250 3672 Abiosdsk - ok
14:52:55.0312 3672 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
14:52:55.0312 3672 abp480n5 - ok
14:52:55.0390 3672 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:52:55.0390 3672 ACPI - ok
14:52:55.0406 3672 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:52:55.0406 3672 ACPIEC - ok
14:52:55.0484 3672 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
14:52:55.0484 3672 adpu160m - ok
14:52:55.0500 3672 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:52:55.0515 3672 aec - ok
14:52:55.0562 3672 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:52:55.0562 3672 AFD - ok
14:52:55.0625 3672 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
14:52:55.0625 3672 agp440 - ok
14:52:55.0656 3672 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
14:52:55.0656 3672 agpCPQ - ok
14:52:55.0687 3672 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
14:52:55.0687 3672 Aha154x - ok
14:52:55.0687 3672 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
14:52:55.0687 3672 aic78u2 - ok
14:52:55.0703 3672 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
14:52:55.0718 3672 aic78xx - ok
14:52:55.0750 3672 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:52:55.0750 3672 Alerter - ok
14:52:55.0781 3672 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
14:52:55.0796 3672 ALG - ok
14:52:55.0812 3672 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
14:52:55.0812 3672 AliIde - ok
14:52:55.0828 3672 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
14:52:55.0828 3672 alim1541 - ok
14:52:55.0828 3672 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
14:52:55.0828 3672 amdagp - ok
14:52:55.0843 3672 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
14:52:55.0843 3672 amsint - ok
14:52:56.0015 3672 [ D503DF3ABA595F551B98B9BAE017A271 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:52:56.0031 3672 Apple Mobile Device - ok
14:52:56.0031 3672 AppMgmt - ok
14:52:56.0062 3672 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
14:52:56.0062 3672 asc - ok
14:52:56.0078 3672 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
14:52:56.0078 3672 asc3350p - ok
14:52:56.0140 3672 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
14:52:56.0140 3672 asc3550 - ok
14:52:56.0406 3672 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:52:56.0437 3672 aspnet_state - ok
14:52:56.0453 3672 Ast Service - ok
14:52:56.0484 3672 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:52:56.0484 3672 AsyncMac - ok
14:52:56.0515 3672 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:52:56.0515 3672 atapi - ok
14:52:56.0531 3672 Atdisk - ok
14:52:56.0609 3672 [ ABC57A6F6070BAF9786C318F59F29F0B ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
14:52:56.0609 3672 Ati HotKey Poller - ok
14:52:56.0718 3672 [ 03621F7F968FF63713943405DEB777F9 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
14:52:56.0718 3672 ati2mtag - ok
14:52:56.0750 3672 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:52:56.0750 3672 Atmarpc - ok
14:52:56.0812 3672 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:52:56.0812 3672 AudioSrv - ok
14:52:56.0812 3672 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:52:56.0812 3672 audstub - ok
14:52:56.0843 3672 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:52:56.0843 3672 Beep - ok
14:52:56.0906 3672 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
14:52:57.0093 3672 BITS - ok
14:52:57.0265 3672 [ 686045905787B68D829CE647A6DFAD2B ] Blackberry Device Manager C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
14:52:57.0265 3672 Blackberry Device Manager - ok
14:52:57.0375 3672 [ EBAD0F51D8D4DADE7660B1851ADDBD07 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:52:57.0375 3672 Bonjour Service - ok
14:52:57.0437 3672 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
14:52:57.0437 3672 Browser - ok
14:52:57.0640 3672 catchme - ok
14:52:57.0687 3672 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
14:52:57.0687 3672 cbidf - ok
14:52:57.0687 3672 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:52:57.0687 3672 cbidf2k - ok
14:52:57.0750 3672 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:52:57.0750 3672 CCDECODE - ok
14:52:57.0765 3672 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
14:52:57.0765 3672 cd20xrnt - ok
14:52:57.0781 3672 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:52:57.0781 3672 Cdaudio - ok
14:52:57.0843 3672 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:52:57.0843 3672 Cdfs - ok
14:52:57.0906 3672 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:52:57.0906 3672 Cdrom - ok
14:52:57.0921 3672 Changer - ok
14:52:57.0968 3672 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:52:57.0968 3672 CiSvc - ok
14:52:58.0015 3672 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:52:58.0015 3672 ClipSrv - ok
14:52:58.0125 3672 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:52:58.0359 3672 clr_optimization_v2.0.50727_32 - ok
14:52:58.0390 3672 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:52:58.0437 3672 clr_optimization_v4.0.30319_32 - ok
14:52:58.0468 3672 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
14:52:58.0468 3672 CmdIde - ok
14:52:58.0468 3672 COMSysApp - ok
14:52:58.0500 3672 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
14:52:58.0500 3672 Cpqarray - ok
14:52:58.0562 3672 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:52:58.0562 3672 CryptSvc - ok
14:52:58.0578 3672 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
14:52:58.0578 3672 dac2w2k - ok
14:52:58.0593 3672 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
14:52:58.0593 3672 dac960nt - ok
14:52:58.0640 3672 [ 109B8CDB404729F82477EC2C668123EA ] DCamUSBUVT C:\WINDOWS\system32\Drivers\usbuvt.sys
14:52:58.0640 3672 DCamUSBUVT - ok
14:52:58.0703 3672 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:52:58.0734 3672 DcomLaunch - ok
14:52:58.0781 3672 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:52:58.0781 3672 Dhcp - ok
14:52:58.0828 3672 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:52:58.0828 3672 Disk - ok
14:52:58.0828 3672 dmadmin - ok
14:52:58.0875 3672 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:52:58.0890 3672 dmboot - ok
14:52:58.0890 3672 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:52:58.0906 3672 dmio - ok
14:52:58.0906 3672 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:52:58.0906 3672 dmload - ok
14:52:58.0968 3672 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:52:58.0968 3672 dmserver - ok
14:52:59.0000 3672 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:52:59.0000 3672 DMusic - ok
14:52:59.0062 3672 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:52:59.0062 3672 Dnscache - ok
14:52:59.0093 3672 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:52:59.0109 3672 Dot3svc - ok
14:52:59.0140 3672 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
14:52:59.0140 3672 dpti2o - ok
14:52:59.0140 3672 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:52:59.0140 3672 drmkaud - ok
14:52:59.0171 3672 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
14:52:59.0171 3672 E100B - ok
14:52:59.0234 3672 [ 5B75BBF89D8341F424171DF7AD9DC465 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
14:52:59.0234 3672 e1express - ok
14:52:59.0281 3672 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:52:59.0281 3672 EapHost - ok
14:52:59.0328 3672 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:52:59.0328 3672 ERSvc - ok
14:52:59.0390 3672 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
14:52:59.0390 3672 Eventlog - ok
14:52:59.0468 3672 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
14:52:59.0468 3672 EventSystem - ok
14:52:59.0515 3672 F-Secure Filter - ok
14:52:59.0531 3672 F-Secure Gatekeeper - ok
14:52:59.0531 3672 F-Secure Gatekeeper Handler Starter - ok
14:52:59.0531 3672 F-Secure HIPS - ok
14:52:59.0546 3672 F-Secure Recognizer - ok
14:52:59.0625 3672 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:52:59.0625 3672 Fastfat - ok
14:52:59.0687 3672 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:52:59.0687 3672 FastUserSwitchingCompatibility - ok
14:52:59.0750 3672 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
14:52:59.0750 3672 Fax - ok
14:52:59.0765 3672 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
14:52:59.0765 3672 Fdc - ok
14:52:59.0781 3672 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:52:59.0781 3672 Fips - ok
14:52:59.0796 3672 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:52:59.0796 3672 Flpydisk - ok
14:52:59.0812 3672 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
14:52:59.0828 3672 FltMgr - ok
14:52:59.0906 3672 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:52:59.0906 3672 FontCache3.0.0.0 - ok
14:52:59.0921 3672 fsbts - ok
14:52:59.0968 3672 FSDFWD - ok
14:52:59.0968 3672 FSFW - ok
14:53:00.0031 3672 FSMA - ok
14:53:00.0031 3672 FSORSPClient - ok
14:53:00.0046 3672 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:53:00.0046 3672 Fs_Rec - ok
14:53:00.0062 3672 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:53:00.0062 3672 Ftdisk - ok
14:53:00.0062 3672 FTSvc - ok
14:53:00.0125 3672 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
14:53:00.0125 3672 GEARAspiWDM - ok
14:53:00.0187 3672 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:53:00.0187 3672 Gpc - ok
14:53:00.0343 3672 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9886f316d16b0 C:\Program Files\Google\Update\GoogleUpdate.exe
14:53:00.0359 3672 gupdate1c9886f316d16b0 - ok
14:53:00.0359 3672 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:53:00.0359 3672 gupdatem - ok
14:53:00.0437 3672 [ 408DDD80EEDE47175F6844817B90213E ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:53:00.0437 3672 gusvc - ok
14:53:00.0453 3672 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:53:00.0468 3672 HDAudBus - ok
14:53:00.0531 3672 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:53:00.0531 3672 helpsvc - ok
14:53:00.0562 3672 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
14:53:00.0562 3672 HidServ - ok
14:53:00.0593 3672 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:53:00.0593 3672 HidUsb - ok
14:53:00.0656 3672 [ E3E45EBFEFA50F14ECD6559BD0FC1F7C ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
14:53:00.0656 3672 HitmanProScheduler - ok
14:53:00.0734 3672 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:53:00.0734 3672 hkmsvc - ok
14:53:00.0781 3672 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
14:53:00.0781 3672 hpn - ok
14:53:00.0843 3672 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:53:00.0843 3672 HTTP - ok
14:53:00.0906 3672 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:53:00.0906 3672 HTTPFilter - ok
14:53:00.0937 3672 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
14:53:00.0937 3672 i2omgmt - ok
14:53:00.0968 3672 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
14:53:00.0968 3672 i2omp - ok
14:53:01.0000 3672 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:53:01.0000 3672 i8042prt - ok
14:53:01.0109 3672 [ D43E91E271C041BB86A6223462A41D28 ] IAANTMon C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
14:53:01.0109 3672 IAANTMon - ok
14:53:01.0156 3672 [ 9A65E42664D1534B68512CAAD0EFE963 ] iastor C:\WINDOWS\system32\drivers\iastor.sys
14:53:01.0156 3672 iastor - ok
14:53:01.0250 3672 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:53:01.0265 3672 idsvc - ok
14:53:01.0296 3672 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:53:01.0296 3672 Imapi - ok
14:53:01.0375 3672 [ 1ACAD13923E467E473C3EC503223F983 ] Imapi Helper C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
14:53:01.0375 3672 Imapi Helper - ok
14:53:01.0437 3672 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:53:01.0437 3672 ImapiService - ok
14:53:01.0453 3672 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
14:53:01.0453 3672 ini910u - ok
14:53:01.0468 3672 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
14:53:01.0468 3672 IntelIde - ok
14:53:01.0484 3672 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:53:01.0484 3672 intelppm - ok
14:53:01.0500 3672 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
14:53:01.0500 3672 Ip6Fw - ok
14:53:01.0562 3672 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:53:01.0562 3672 IpFilterDriver - ok
14:53:01.0625 3672 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:53:01.0625 3672 IpInIp - ok
14:53:01.0640 3672 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:53:01.0640 3672 IpNat - ok
14:53:01.0687 3672 [ 3C30491045DBBD44A42876B3D6F3917D ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:53:01.0703 3672 iPod Service - ok
14:53:01.0734 3672 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:53:01.0734 3672 IPSec - ok
14:53:01.0750 3672 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:53:01.0750 3672 IRENUM - ok
14:53:01.0812 3672 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:53:01.0812 3672 isapnp - ok
14:53:01.0812 3672 ISWKL - ok
14:53:01.0828 3672 IswSvc - ok
14:53:01.0984 3672 [ 1758AF653723679E3746FC7DDD93C69B ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
14:53:02.0000 3672 JavaQuickStarterService - ok
14:53:02.0000 3672 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:53:02.0000 3672 Kbdclass - ok
14:53:02.0015 3672 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:53:02.0015 3672 kbdhid - ok
14:53:02.0015 3672 KL1 - ok
14:53:02.0015 3672 kl2 - ok
14:53:02.0031 3672 KLIF - ok
14:53:02.0046 3672 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:53:02.0046 3672 kmixer - ok
14:53:02.0109 3672 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:53:02.0109 3672 KSecDD - ok
14:53:02.0187 3672 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
14:53:02.0187 3672 lanmanserver - ok
14:53:02.0250 3672 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:53:02.0250 3672 lanmanworkstation - ok
14:53:02.0250 3672 lbrtfdc - ok
14:53:02.0265 3672 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:53:02.0265 3672 LmHosts - ok
14:53:02.0312 3672 LMIInfo - ok
14:53:02.0375 3672 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys
14:53:02.0375 3672 lmimirr - ok
14:53:02.0375 3672 LMIRfsClientNP - ok
14:53:02.0437 3672 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
14:53:02.0437 3672 LMIRfsDriver - ok
14:53:02.0484 3672 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
14:53:02.0484 3672 MBAMSwissArmy - ok
14:53:02.0515 3672 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:53:02.0515 3672 Messenger - ok
14:53:02.0562 3672 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:53:02.0562 3672 mnmdd - ok
14:53:02.0593 3672 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:53:02.0609 3672 mnmsrvc - ok
14:53:02.0640 3672 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:53:02.0640 3672 Modem - ok
14:53:02.0671 3672 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:53:02.0671 3672 Mouclass - ok
14:53:02.0703 3672 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:53:02.0703 3672 mouhid - ok
14:53:02.0703 3672 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:53:02.0718 3672 MountMgr - ok
14:53:02.0796 3672 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:53:02.0796 3672 MozillaMaintenance - ok
14:53:02.0828 3672 [ FEE0BADED54222E9F1DAE9541212AAB1 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
14:53:02.0828 3672 MpFilter - ok
14:53:02.0921 3672 [ A69630D039C38018689190234F866D77 ] MpKsle263c3b1 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3164ADD3-2E4A-4DE9-8D4E-A19FBAAF6FB0}\MpKsle263c3b1.sys
14:53:02.0921 3672 MpKsle263c3b1 - ok
14:53:02.0968 3672 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
14:53:02.0968 3672 mraid35x - ok
14:53:03.0000 3672 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:53:03.0000 3672 MRxDAV - ok
14:53:03.0078 3672 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:53:03.0093 3672 MRxSmb - ok
14:53:03.0140 3672 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:53:03.0140 3672 MSDTC - ok
14:53:03.0171 3672 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:53:03.0171 3672 Msfs - ok
14:53:03.0187 3672 MSIServer - ok
14:53:03.0203 3672 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:53:03.0203 3672 MSKSSRV - ok
14:53:03.0265 3672 [ CFCE43B70CA0CC4DCC8ADB62B792B173 ] MsMpSvc c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
14:53:03.0265 3672 MsMpSvc - ok
14:53:03.0281 3672 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:53:03.0281 3672 MSPCLOCK - ok
14:53:03.0328 3672 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:53:03.0328 3672 MSPQM - ok
14:53:03.0343 3672 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:53:03.0343 3672 mssmbios - ok
14:53:03.0343 3672 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
14:53:03.0343 3672 MSTEE - ok
14:53:03.0375 3672 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:53:03.0375 3672 Mup - ok
14:53:03.0421 3672 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:53:03.0421 3672 NABTSFEC - ok
14:53:03.0468 3672 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
14:53:03.0484 3672 napagent - ok
14:53:03.0500 3672 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:53:03.0500 3672 NDIS - ok
14:53:03.0500 3672 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:53:03.0515 3672 NdisIP - ok
14:53:03.0546 3672 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:53:03.0546 3672 NdisTapi - ok
14:53:03.0562 3672 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:53:03.0562 3672 Ndisuio - ok
14:53:03.0625 3672 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:53:03.0625 3672 NdisWan - ok
14:53:03.0671 3672 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:53:03.0671 3672 NDProxy - ok
14:53:03.0671 3672 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:53:03.0687 3672 NetBIOS - ok
14:53:03.0703 3672 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:53:03.0703 3672 NetBT - ok
14:53:03.0765 3672 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
14:53:03.0765 3672 NetDDE - ok
14:53:03.0765 3672 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:53:03.0765 3672 NetDDEdsdm - ok
14:53:03.0812 3672 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:53:03.0812 3672 Netlogon - ok
14:53:03.0875 3672 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
14:53:03.0890 3672 Netman - ok
14:53:04.0000 3672 [ 9DA26B773BD04B867A8E9F427CD048FC ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
14:53:04.0015 3672 NetSvc - ok
14:53:04.0062 3672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:53:04.0109 3672 NetTcpPortSharing - ok
14:53:04.0171 3672 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
14:53:04.0171 3672 Nla - ok
14:53:04.0234 3672 [ B1EF4686961986DFFB7FE8F18E6FCB5B ] nlsX86cc C:\WINDOWS\system32\nlssrv32.exe
14:53:04.0234 3672 nlsX86cc - ok
14:53:04.0296 3672 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:53:04.0296 3672 Npfs - ok
14:53:04.0328 3672 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:53:04.0343 3672 Ntfs - ok
14:53:04.0343 3672 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:53:04.0343 3672 NtLmSsp - ok
14:53:04.0421 3672 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:53:04.0437 3672 NtmsSvc - ok
14:53:04.0437 3672 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
14:53:04.0437 3672 Null - ok
14:53:04.0500 3672 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:53:04.0546 3672 nv - ok
14:53:04.0593 3672 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:53:04.0609 3672 NwlnkFlt - ok
14:53:04.0609 3672 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:53:04.0609 3672 NwlnkFwd - ok
14:53:04.0671 3672 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:53:04.0671 3672 ose - ok
14:53:04.0734 3672 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
14:53:04.0734 3672 Parport - ok
14:53:04.0750 3672 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:53:04.0750 3672 PartMgr - ok
14:53:04.0765 3672 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:53:04.0781 3672 ParVdm - ok
14:53:04.0796 3672 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:53:04.0796 3672 PCI - ok
14:53:04.0812 3672 PCIDump - ok
14:53:04.0859 3672 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:53:04.0859 3672 PCIIde - ok
14:53:04.0875 3672 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:53:04.0875 3672 Pcmcia - ok
14:53:04.0875 3672 PDCOMP - ok
14:53:04.0890 3672 PDFRAME - ok
14:53:04.0890 3672 PDRELI - ok
14:53:04.0906 3672 PDRFRAME - ok
14:53:04.0984 3672 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
14:53:04.0984 3672 perc2 - ok
14:53:05.0000 3672 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
14:53:05.0000 3672 perc2hib - ok
14:53:05.0062 3672 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
14:53:05.0062 3672 PlugPlay - ok
14:53:05.0140 3672 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:53:05.0140 3672 PolicyAgent - ok
14:53:05.0187 3672 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:53:05.0187 3672 PptpMiniport - ok
14:53:05.0203 3672 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:53:05.0203 3672 ProtectedStorage - ok
14:53:05.0203 3672 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:53:05.0203 3672 PSched - ok
14:53:05.0265 3672 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:53:05.0265 3672 Ptilink - ok
14:53:05.0296 3672 [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:53:05.0296 3672 PxHelp20 - ok
14:53:05.0296 3672 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
14:53:05.0296 3672 ql1080 - ok
14:53:05.0343 3672 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
14:53:05.0343 3672 Ql10wnt - ok
14:53:05.0359 3672 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
14:53:05.0359 3672 ql12160 - ok
14:53:05.0375 3672 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
14:53:05.0375 3672 ql1240 - ok
14:53:05.0390 3672 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
14:53:05.0390 3672 ql1280 - ok
14:53:05.0406 3672 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:53:05.0406 3672 RasAcd - ok
14:53:05.0437 3672 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:53:05.0437 3672 RasAuto - ok
14:53:05.0453 3672 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:53:05.0453 3672 Rasl2tp - ok
14:53:05.0500 3672 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:53:05.0500 3672 RasMan - ok
14:53:05.0515 3672 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:53:05.0515 3672 RasPppoe - ok
14:53:05.0531 3672 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:53:05.0531 3672 Raspti - ok
14:53:05.0546 3672 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:53:05.0562 3672 Rdbss - ok
14:53:05.0578 3672 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:53:05.0578 3672 RDPCDD - ok
14:53:05.0593 3672 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:53:05.0593 3672 rdpdr - ok
14:53:05.0656 3672 [ FC105DD312ED64EB66BFF111E8EC6EAC ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:53:05.0656 3672 RDPWD - ok
14:53:05.0687 3672 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:53:05.0687 3672 RDSessMgr - ok
14:53:05.0734 3672 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:53:05.0734 3672 redbook - ok
14:53:05.0796 3672 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:53:05.0796 3672 RemoteAccess - ok
14:53:05.0859 3672 [ C40E698F974EB74173C570E75CBD2E64 ] RIM MDNS C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
14:53:05.0875 3672 RIM MDNS - ok
14:53:05.0921 3672 [ D1347489774ED8182032998E97930880 ] RIM Tunnel Service C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
14:53:05.0937 3672 RIM Tunnel Service - ok
14:53:06.0000 3672 [ BBCE96557881586683611C561FB06269 ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
14:53:06.0000 3672 RimUsb - ok
14:53:06.0062 3672 [ 78E1F420AB39CA733C1B6F723094A29B ] rimvndis C:\WINDOWS\system32\Drivers\rimvndis.sys
14:53:06.0062 3672 rimvndis - ok
14:53:06.0109 3672 [ 3A5633AD615E2B15291BD0B1B97CCD8A ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
14:53:06.0109 3672 RimVSerPort - ok
14:53:06.0140 3672 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
14:53:06.0140 3672 ROOTMODEM - ok
14:53:06.0171 3672 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
14:53:06.0187 3672 RpcLocator - ok
14:53:06.0250 3672 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
14:53:06.0250 3672 RpcSs - ok
14:53:06.0312 3672 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:53:06.0328 3672 RSVP - ok
14:53:06.0375 3672 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
14:53:06.0375 3672 SamSs - ok
14:53:06.0484 3672 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:53:06.0484 3672 SASDIFSV - ok
14:53:06.0500 3672 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:53:06.0500 3672 SASKUTIL - ok
14:53:06.0500 3672 SBRE - ok
14:53:06.0578 3672 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:53:06.0578 3672 SCardSvr - ok
14:53:06.0640 3672 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:53:06.0640 3672 Schedule - ok
14:53:06.0718 3672 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:53:06.0718 3672 Secdrv - ok
14:53:06.0781 3672 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:53:06.0781 3672 seclogon - ok
14:53:06.0843 3672 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
14:53:06.0843 3672 SENS - ok
14:53:06.0906 3672 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:53:06.0906 3672 serenum - ok
14:53:06.0921 3672 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:53:06.0921 3672 Serial - ok
14:53:07.0000 3672 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:53:07.0000 3672 Sfloppy - ok
14:53:07.0078 3672 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:53:07.0078 3672 SharedAccess - ok
14:53:07.0109 3672 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:53:07.0109 3672 ShellHWDetection - ok
14:53:07.0109 3672 Simbad - ok
14:53:07.0187 3672 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
14:53:07.0187 3672 sisagp - ok
14:53:07.0203 3672 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:53:07.0203 3672 SLIP - ok
14:53:07.0250 3672 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
14:53:07.0250 3672 SONYPVU1 - ok
14:53:07.0328 3672 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
14:53:07.0328 3672 Sparrow - ok
14:53:07.0375 3672 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:53:07.0375 3672 splitter - ok
14:53:07.0437 3672 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:53:07.0437 3672 Spooler - ok
14:53:07.0453 3672 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:53:07.0453 3672 sr - ok
14:53:07.0515 3672 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
14:53:07.0531 3672 srservice - ok
14:53:07.0593 3672 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:53:07.0609 3672 Srv - ok
14:53:07.0656 3672 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:53:07.0656 3672 SSDPSRV - ok
14:53:07.0734 3672 [ 352B663A81402BE7CD7BD4EA27C9998C ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
14:53:07.0734 3672 STHDA - ok
14:53:07.0812 3672 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:53:07.0812 3672 stisvc - ok
14:53:07.0859 3672 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:53:07.0859 3672 streamip - ok
14:53:07.0890 3672 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:53:07.0890 3672 swenum - ok
14:53:07.0890 3672 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:53:07.0906 3672 swmidi - ok
14:53:07.0906 3672 SwPrv - ok
14:53:07.0953 3672 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
14:53:07.0953 3672 symc810 - ok
14:53:07.0968 3672 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
14:53:07.0968 3672 symc8xx - ok
14:53:07.0968 3672 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
14:53:07.0968 3672 sym_hi - ok
14:53:07.0984 3672 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
14:53:07.0984 3672 sym_u3 - ok
14:53:08.0046 3672 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:53:08.0046 3672 sysaudio - ok
14:53:08.0078 3672 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:53:08.0078 3672 SysmonLog - ok
14:53:08.0140 3672 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:53:08.0140 3672 TapiSrv - ok
14:53:08.0203 3672 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:53:08.0218 3672 Tcpip - ok
14:53:08.0250 3672 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
14:53:08.0250 3672 Tcpip6 - ok
14:53:08.0281 3672 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:53:08.0296 3672 TDPIPE - ok
14:53:08.0296 3672 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:53:08.0296 3672 TDTCP - ok
14:53:08.0328 3672 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:53:08.0328 3672 TermDD - ok
14:53:08.0406 3672 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
14:53:08.0421 3672 TermService - ok
14:53:08.0437 3672 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
14:53:08.0437 3672 Themes - ok
14:53:08.0437 3672 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
14:53:08.0437 3672 TosIde - ok
14:53:08.0500 3672 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:53:08.0500 3672 TrkWks - ok
14:53:08.0515 3672 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
14:53:08.0515 3672 tunmp - ok
14:53:08.0562 3672 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:53:08.0562 3672 Udfs - ok
14:53:08.0593 3672 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
14:53:08.0593 3672 ultra - ok
14:53:08.0640 3672 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:53:08.0640 3672 Update - ok
14:53:08.0687 3672 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:53:08.0687 3672 upnphost - ok
14:53:08.0718 3672 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
14:53:08.0718 3672 UPS - ok
14:53:08.0765 3672 [ E8C1B9EBAC65288E1B51E8A987D98AF6 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
14:53:08.0765 3672 USBAAPL - ok
14:53:08.0796 3672 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
14:53:08.0812 3672 usbaudio - ok
14:53:08.0875 3672 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:53:08.0875 3672 usbccgp - ok
14:53:08.0875 3672 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:53:08.0875 3672 usbehci - ok
14:53:08.0875 3672 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:53:08.0890 3672 usbhub - ok
14:53:08.0968 3672 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:53:08.0968 3672 usbprint - ok
14:53:09.0000 3672 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:53:09.0000 3672 usbscan - ok
14:53:09.0046 3672 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:53:09.0046 3672 USBSTOR - ok
14:53:09.0078 3672 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:53:09.0078 3672 usbuhci - ok
14:53:09.0078 3672 [ B6CC50279D6CD28E090A5D33244ADC9A ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
14:53:09.0078 3672 usb_rndisx - ok
14:53:09.0156 3672 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:53:09.0156 3672 VgaSave - ok
14:53:09.0203 3672 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
14:53:09.0203 3672 viaagp - ok
14:53:09.0218 3672 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
14:53:09.0218 3672 ViaIde - ok
14:53:09.0218 3672 vncmirror - ok
14:53:09.0281 3672 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:53:09.0281 3672 VolSnap - ok
14:53:09.0296 3672 Vsdatant - ok
14:53:09.0296 3672 vsmon - ok
14:53:09.0343 3672 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
14:53:09.0343 3672 VSS - ok
14:53:09.0390 3672 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
14:53:09.0390 3672 w32time - ok
14:53:09.0437 3672 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:53:09.0453 3672 Wanarp - ok
14:53:09.0453 3672 wanatw - ok
14:53:09.0515 3672 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
14:53:09.0531 3672 Wdf01000 - ok
14:53:09.0531 3672 WDICA - ok
14:53:09.0593 3672 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:53:09.0593 3672 wdmaud - ok
14:53:09.0609 3672 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:53:09.0609 3672 WebClient - ok
14:53:09.0703 3672 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:53:09.0703 3672 winmgmt - ok
14:53:09.0765 3672 [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
14:53:09.0765 3672 WinUSB - ok
14:53:09.0828 3672 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:53:09.0828 3672 WmdmPmSN - ok
14:53:09.0859 3672 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:53:09.0859 3672 WmiApSrv - ok
14:53:10.0015 3672 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
14:53:10.0031 3672 WMPNetworkSvc - ok
14:53:10.0125 3672 [ 017695393AFFFED8DE58ABD1B085BE6D ] WMZuneComm c:\Program Files\Zune\WMZuneComm.exe
14:53:10.0140 3672 WMZuneComm - ok
14:53:10.0281 3672 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:53:10.0296 3672 WPFFontCache_v0400 - ok
14:53:10.0312 3672 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:53:10.0312 3672 WS2IFSL - ok
14:53:10.0375 3672 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:53:10.0406 3672 wscsvc - ok
14:53:10.0437 3672 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:53:10.0437 3672 WSTCODEC - ok
14:53:10.0500 3672 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:53:10.0500 3672 wuauserv - ok
14:53:10.0562 3672 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:53:10.0562 3672 WudfPf - ok
14:53:10.0593 3672 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:53:10.0593 3672 WudfRd - ok
14:53:10.0656 3672 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:53:10.0656 3672 WudfSvc - ok
14:53:10.0734 3672 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:53:10.0765 3672 WZCSVC - ok
14:53:10.0843 3672 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:53:10.0843 3672 xmlprov - ok
14:53:10.0953 3672 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
14:53:10.0968 3672 YahooAUService - ok
14:53:11.0000 3672 [ AE279CD76B38FC079EEC3CA6D65A5926 ] zumbus C:\WINDOWS\system32\DRIVERS\zumbus.sys
14:53:11.0000 3672 zumbus - ok
14:53:11.0062 3672 [ 37F339B64F19E2775284ED7161B96683 ] ZuneBusEnum c:\Program Files\Zune\ZuneBusEnum.exe
14:53:11.0078 3672 ZuneBusEnum - ok
14:53:11.0281 3672 [ 1076DF9ADE4E13EA3BF39D2165AEB903 ] ZuneNetworkSvc c:\Program Files\Zune\ZuneNss.exe
14:53:11.0500 3672 ZuneNetworkSvc - ok
14:53:11.0562 3672 [ DE1CDB333A402B279F04D627122FA08E ] ZuneWlanCfgSvc c:\Program Files\Zune\ZuneWlanCfgSvc.exe
14:53:11.0562 3672 ZuneWlanCfgSvc - ok
14:53:11.0578 3672 ================ Scan global ===============================
14:53:11.0640 3672 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
14:53:11.0718 3672 [ 95CF3446911A6E25EE4086DF8A45B2AA ] C:\WINDOWS\system32\winsrv.dll
14:53:11.0718 3672 [ 95CF3446911A6E25EE4086DF8A45B2AA ] C:\WINDOWS\system32\winsrv.dll
14:53:11.0750 3672 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
14:53:11.0750 3672 [Global] - ok
14:53:11.0750 3672 ================ Scan MBR ==================================
14:53:11.0812 3672 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14:53:12.0109 3672 \Device\Harddisk0\DR0 - ok
14:53:12.0109 3672 ================ Scan VBR ==================================
14:53:12.0109 3672 [ 53D523EC460D2965D6651921DB8DF21B ] \Device\Harddisk0\DR0\Partition1
14:53:12.0109 3672 \Device\Harddisk0\DR0\Partition1 - ok
14:53:12.0109 3672 ============================================================
14:53:12.0109 3672 Scan finished
14:53:12.0109 3672 ============================================================
14:53:12.0125 3664 Detected object count: 0
14:53:12.0125 3664 Actual detected object count: 0


It's not a hardware problem.

Thank you
  • 0

Advertisements


#17
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi topedge,

First I will ask you not to do scans on your own. This is one of my rules (number 4) from my first post to you. TDSSKiller is specific tool for specific infection. You can damage your system if you continue with this scans.

Now please tell me what problems you experience with AVAST boot scan. This scan starts before windows load and malware can't influence this scan. If you get any error message please write it down for me because it could help narrow the problem.
  • 0

#18
topedge

topedge

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Thanks Maliprog. I need to remove other antivirus as I rec'd an error message from Avast that other AV needed to be removed first. I will do that and try and run Avast and post my results.
  • 0

#19
topedge

topedge

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
This is the log from my attempt to install Avast;

18.04.201306:46:24Started: 18.04.2013, 06:46:24
18.04.201306:46:24Operation set to INST_OP_UNKNOWN
18.04.201306:46:24Set registry: AvastPersistentStorage\GUID=1f884c1e-4510-4ae4-8acb-2d30538a40a4
18.04.201306:46:24Old version: ffffffff (-1)
18.04.201306:46:24Cmdline: /sfx /sfxstorage "C:\DOCUME~1\Scott\LOCALS~1\Temp\_av_sfx.tm~abd369fe-3a92-4fea-8c81-42fa036c0147" /GetEdition:free /edition "1" /brandcode "A" /srcpath "E:" /sfxname "avast_free_antivirus_setup"
18.04.201306:46:25SYNCER: Agent=Syncer/5.00 (ais-1483;p)
18.04.201306:46:25Running SETUP_AIS-5cb (1483)
18.04.201306:46:25Operating system: Windows XP ver 5.1, build 2600, sp 3.0 [Service Pack 3]
18.04.201306:46:25Memory: 30% load. Phys:1453340/2095196K free, Page:2314228/2724232K free, Virt:2050660/2097024K free
18.04.201306:46:25Computer WinName: EDGELOW
18.04.201306:46:25Windows Net User: EDGELOW\Scott
18.04.201306:46:25DldSrc set to sfx
18.04.201306:46:25Old version: ffffffff (-1)
18.04.201306:46:25Install check: SetupVersion does NOT exist
18.04.201306:46:25SGW32AIS::CheckIfInstalled set m_bAlreadyInstalled and m_bIsOldVersionDetected to 0
18.04.201306:46:27SYNCER: Agent=Syncer/5.00 (ais-1483;p)
18.04.201306:46:28SYNCER: Type: use IE settings
18.04.201306:46:28SYNCER: Auth: another authentication, use WinInet
18.04.201306:46:28Used server:
18.04.201306:46:28Setup GUI has been successfuly loaded from DLL.
18.04.201306:46:28Ignoring cmdline switch: /GetEdition:free
18.04.201306:46:29Get registry: Software\Microsoft\Internet Explorer\Version=8.0.6001.18702
18.04.201306:46:29Operation set to INST_OP_INSTALL
18.04.201306:46:29GUID: 1f884c1e-4510-4ae4-8acb-2d30538a40a4
18.04.201306:46:29SelectCurrent: selected server 'tmp sfx storage' from 'sfx'
18.04.201306:46:29SYNCER: Type: use IE settings
18.04.201306:46:29SYNCER: Auth: another authentication, use WinInet
18.04.201306:46:29Changed Edition=1
18.04.201306:46:29Debug: Windows Server registry key not retrieved.
18.04.201306:46:29Entered SetupProcessAIS::Do( INST_OP_INSTALL )
18.04.201306:46:29Entered SetupProcessWin32Avast::Do( INST_OP_INSTALL )
18.04.201306:46:29Entered SetupProcessWin32::Do( INST_OP_INSTALL )
18.04.201306:46:29Entered SetupProcess::Do( INST_OP_INSTALL )
18.04.201306:46:29SYNCER: Agent=Syncer/5.00 (ais-1483;p)
18.04.201306:46:29SYNCER: Type: use IE settings
18.04.201306:46:29SYNCER: Auth: another authentication, use WinInet
18.04.201306:46:29Used server: C:\DOCUME~1\Scott\LOCALS~1\Temp\_av_sfx.tm~abd369fe-3a92-4fea-8c81-42fa036c0147
18.04.201306:46:38SYNCER: Agent=Syncer/5.00 (ais-1483;p)
18.04.201306:46:38SYNCER: Type: use IE settings
18.04.201306:46:38SYNCER: Auth: another authentication, use WinInet
18.04.201306:46:38Used server: C:\DOCUME~1\Scott\LOCALS~1\Temp\_av_sfx.tm~abd369fe-3a92-4fea-8c81-42fa036c0147
18.04.201306:46:39SYNCER: Agent=Syncer/5.00 (ais-1483;p)
18.04.201306:46:39SYNCER: Type: use IE settings
18.04.201306:46:39SYNCER: Auth: another authentication, use WinInet
18.04.201306:46:39Used server: C:\DOCUME~1\Scott\LOCALS~1\Temp\_av_sfx.tm~abd369fe-3a92-4fea-8c81-42fa036c0147
18.04.201306:46:42SYNCER: Agent=Syncer/5.00 (ais-1483;p)
18.04.201306:46:42SYNCER: Type: use IE settings
18.04.201306:46:42SYNCER: Auth: another authentication, use WinInet
18.04.201306:46:42Used server: C:\DOCUME~1\Scott\LOCALS~1\Temp\_av_sfx.tm~abd369fe-3a92-4fea-8c81-42fa036c0147
18.04.201306:46:42LoadPartInfo: jrog = jrog-a7 returned 00000000
18.04.201306:46:42LoadPartInfo: jrog2 = jrog2-729 returned 00000000
18.04.201306:46:42LoadPartInfo: program = prg_ais-5cb returned 00000000
18.04.201306:46:42LoadPartInfo: setup = setup_ais-5cb returned 00000000
18.04.201306:46:42LoadPartInfo: vps = vps_win32-13030700 returned 00000000
18.04.201306:46:42Part prg_ais-5cb was set to be installed
18.04.201306:46:42Part vps_win32-13030700 was set to be installed
18.04.201306:46:42Part setup_ais-5cb was set to be installed
18.04.201306:46:42Part jrog-a7 was set to be installed
18.04.201306:46:42Part jrog2-729 was set to be installed
18.04.201306:46:42SYNCER: Agent=Syncer/5.00 (ais-1483;p)
18.04.201306:46:42SYNCER: Type: use IE settings
18.04.201306:46:42SYNCER: Auth: another authentication, use WinInet
18.04.201306:46:42Used server: C:\DOCUME~1\Scott\LOCALS~1\Temp\_av_sfx.tm~abd369fe-3a92-4fea-8c81-42fa036c0147
18.04.201306:46:46SYNCER: Agent=Syncer/5.00 (ais-1483;p)
18.04.201306:46:46SYNCER: Type: use IE settings
18.04.201306:46:46SYNCER: Auth: another authentication, use WinInet
18.04.201306:46:46Used server: C:\DOCUME~1\Scott\LOCALS~1\Temp\_av_sfx.tm~abd369fe-3a92-4fea-8c81-42fa036c0147
18.04.201306:46:46SYNCER: Agent=Syncer/5.00 (ais-1483;p)
18.04.201306:46:46SYNCER: Type: use IE settings
18.04.201306:46:46SYNCER: Auth: another authentication, use WinInet
18.04.201306:46:46Used server: C:\DOCUME~1\Scott\LOCALS~1\Temp\_av_sfx.tm~abd369fe-3a92-4fea-8c81-42fa036c0147
18.04.201306:46:51SYNCER: Agent=Syncer/5.00 (ais-1483;p)
18.04.201306:46:51SYNCER: Type: use IE settings
18.04.201306:46:51SYNCER: Auth: another authentication, use WinInet
18.04.201306:46:51Used server: C:\DOCUME~1\Scott\LOCALS~1\Temp\_av_sfx.tm~abd369fe-3a92-4fea-8c81-42fa036c0147
18.04.201306:46:51LoadPartInfo: jrog = jrog-a7 returned 00000000
18.04.201306:46:51LoadPartInfo: jrog2 = jrog2-729 returned 00000000
18.04.201306:46:51LoadPartInfo: program = prg_ais-5cb returned 00000000
18.04.201306:46:51LoadPartInfo: setup = setup_ais-5cb returned 00000000
18.04.201306:46:51LoadPartInfo: vps = vps_win32-13030700 returned 00000000
18.04.201306:46:51Part prg_ais-5cb was set to be installed
18.04.201306:46:51Part vps_win32-13030700 was set to be installed
18.04.201306:46:51Part setup_ais-5cb was set to be installed
18.04.201306:46:51Part jrog-a7 was set to be installed
18.04.201306:46:51Part jrog2-729 was set to be installed
18.04.201306:46:51SYNCER: Agent=Syncer/5.00 (ais-1483;p)
18.04.201306:46:51SYNCER: Type: use IE settings
18.04.201306:46:51SYNCER: Auth: another authentication, use WinInet
18.04.201306:46:52Used server: C:\DOCUME~1\Scott\LOCALS~1\Temp\_av_sfx.tm~abd369fe-3a92-4fea-8c81-42fa036c0147
18.04.201306:46:55SYNCER: Agent=Syncer/5.00 (ais-1483;p)
18.04.201306:46:55SYNCER: Type: use IE settings
18.04.201306:46:55SYNCER: Auth: another authentication, use WinInet
18.04.201306:46:55Used server: C:\DOCUME~1\Scott\LOCALS~1\Temp\_av_sfx.tm~abd369fe-3a92-4fea-8c81-42fa036c0147
18.04.201306:46:55SYNCER: Agent=Syncer/5.00 (ais-1483;p)
18.04.201306:46:55SYNCER: Type: use IE settings
18.04.201306:46:55SYNCER: Auth: another authentication, use WinInet
18.04.201306:46:55Used server: C:\DOCUME~1\Scott\LOCALS~1\Temp\_av_sfx.tm~abd369fe-3a92-4fea-8c81-42fa036c0147
18.04.201306:47:03SYNCER: Agent=Syncer/5.00 (ais-1483;p)
18.04.201306:47:03LoadPartInfo: jrog = jrog-a7 returned 00000000
18.04.201306:47:03LoadPartInfo: jrog2 = jrog2-729 returned 00000000
18.04.201306:47:03LoadPartInfo: program = prg_ais-5cb returned 00000000
18.04.201306:47:03LoadPartInfo: setup = setup_ais-5cb returned 00000000
18.04.201306:47:03LoadPartInfo: vps = vps_win32-13030700 returned 00000000
18.04.201306:47:03Part prg_ais-5cb was set to be installed
18.04.201306:47:03Part vps_win32-13030700 was set to be installed
18.04.201306:47:03Part setup_ais-5cb was set to be installed
18.04.201306:47:03Part jrog-a7 was set to be installed
18.04.201306:47:03Part jrog2-729 was set to be installed
18.04.201306:47:04FilterOutExistingFiles: 421 & 0 = 421
18.04.201306:47:04FilterOutExistingFiles: 421 & 0 = 421
18.04.201306:47:04IsFullOkay: ais_core-4cd.vpx - not okay (doesn't exist)
18.04.201306:47:04IsFullOkay: ais_core-4cd.vpx - not okay (doesn't exist)
18.04.201306:47:04SetFullAsMarked: Package ais_core set to 1
18.04.201306:47:04IsFullOkay: ais_dll_eng-525.vpx - not okay (doesn't exist)
18.04.201306:47:04IsFullOkay: ais_dll_eng-525.vpx - not okay (doesn't exist)
18.04.201306:47:04SetFullAsMarked: Package ais_dll_eng set to 1
18.04.201306:47:04IsFullOkay: ais_res-414.vpx - not okay (doesn't exist)
18.04.201306:47:04IsFullOkay: ais_res-414.vpx - not okay (doesn't exist)
18.04.201306:47:04SetFullAsMarked: Package ais_res set to 1
18.04.201306:47:04IsFullOkay: winsys-8.vpx - not okay (doesn't exist)
18.04.201306:47:04IsFullOkay: winsys-8.vpx - not okay (doesn't exist)
18.04.201306:47:04SetFullAsMarked: Package winsys set to 1
18.04.201306:47:04IsFullOkay: vps_32-a3f.vpx - not okay (doesn't exist)
18.04.201306:47:04IsFullOkay: vps_32-a3f.vpx - not okay (doesn't exist)
18.04.201306:47:04SetFullAsMarked: Package vps_32 set to 1
18.04.201306:47:04IsFullOkay: vps_win32-a52.vpx - not okay (doesn't exist)
18.04.201306:47:04IsFullOkay: vps_win32-a52.vpx - not okay (doesn't exist)
18.04.201306:47:04SetFullAsMarked: Package vps_win32 set to 1
18.04.201306:47:04IsFullOkay: jrog-a7.vpx - not okay (doesn't exist)
18.04.201306:47:04IsFullOkay: jrog-a7.vpx - not okay (doesn't exist)
18.04.201306:47:04SetFullAsMarked: Package jrog set to 1
18.04.201306:47:04IsFullOkay: jrog2-729.vpx - not okay (doesn't exist)
18.04.201306:47:04IsFullOkay: jrog2-729.vpx - not okay (doesn't exist)
18.04.201306:47:04SetFullAsMarked: Package jrog2 set to 1
18.04.201306:47:04FilterOutExistingFiles: 421 & 0 = 421
18.04.201306:47:04IsFullOkay: ais_core-4cd.vpx - not okay (doesn't exist)
18.04.201306:47:04IsFullOkay: ais_core-4cd.vpx - not okay (doesn't exist)
18.04.201306:47:04SetFullAsMarked: Package ais_core set to 1
18.04.201306:47:04IsFullOkay: ais_dll_eng-525.vpx - not okay (doesn't exist)
18.04.201306:47:04IsFullOkay: ais_dll_eng-525.vpx - not okay (doesn't exist)
18.04.201306:47:04SetFullAsMarked: Package ais_dll_eng set to 1
18.04.201306:47:04IsFullOkay: ais_res-414.vpx - not okay (doesn't exist)
18.04.201306:47:04IsFullOkay: ais_res-414.vpx - not okay (doesn't exist)
18.04.201306:47:04SetFullAsMarked: Package ais_res set to 1
18.04.201306:47:04IsFullOkay: winsys-8.vpx - not okay (doesn't exist)
18.04.201306:47:04IsFullOkay: winsys-8.vpx - not okay (doesn't exist)
18.04.201306:47:04SetFullAsMarked: Package winsys set to 1
18.04.201306:47:04IsFullOkay: vps_32-a3f.vpx - not okay (doesn't exist)
18.04.201306:47:04IsFullOkay: vps_32-a3f.vpx - not okay (doesn't exist)
18.04.201306:47:04SetFullAsMarked: Package vps_32 set to 1
18.04.201306:47:04IsFullOkay: vps_win32-a52.vpx - not okay (doesn't exist)
18.04.201306:47:04IsFullOkay: vps_win32-a52.vpx - not okay (doesn't exist)
18.04.201306:47:04SetFullAsMarked: Package vps_win32 set to 1
18.04.201306:47:04IsFullOkay: jrog-a7.vpx - not okay (doesn't exist)
18.04.201306:47:04IsFullOkay: jrog-a7.vpx - not okay (doesn't exist)
18.04.201306:47:04SetFullAsMarked: Package jrog set to 1
18.04.201306:47:04IsFullOkay: jrog2-729.vpx - not okay (doesn't exist)
18.04.201306:47:04IsFullOkay: jrog2-729.vpx - not okay (doesn't exist)
18.04.201306:47:04SetFullAsMarked: Package jrog2 set to 1
18.04.201306:47:04Used server: C:\DOCUME~1\Scott\LOCALS~1\Temp\_av_sfx.tm~abd369fe-3a92-4fea-8c81-42fa036c0147
18.04.201306:47:04GetFileWithRetry: ais_core-4cd.vpx downloaded and verified
18.04.201306:47:04DldPackage: C:\Program Files\AVAST Software\Avast\Setup\ais_core-4cd.vpx, returned 0x00000000
18.04.201306:47:09Used server: C:\DOCUME~1\Scott\LOCALS~1\Temp\_av_sfx.tm~abd369fe-3a92-4fea-8c81-42fa036c0147
18.04.201306:47:09GetFileWithRetry: ais_dll_eng-525.vpx downloaded and verified
18.04.201306:47:09DldPackage: C:\Program Files\AVAST Software\Avast\Setup\ais_dll_eng-525.vpx, returned 0x00000000
18.04.201306:47:09Used server: C:\DOCUME~1\Scott\LOCALS~1\Temp\_av_sfx.tm~abd369fe-3a92-4fea-8c81-42fa036c0147
18.04.201306:47:09GetFileWithRetry: ais_res-414.vpx downloaded and verified
18.04.201306:47:09DldPackage: C:\Program Files\AVAST Software\Avast\Setup\ais_res-414.vpx, returned 0x00000000
18.04.201306:47:11Used server: C:\DOCUME~1\Scott\LOCALS~1\Temp\_av_sfx.tm~abd369fe-3a92-4fea-8c81-42fa036c0147
18.04.201306:47:11GetFileWithRetry:DSA_FileVerify(C:\Program Files\AVAST Software\Avast\Setup\winsys-8.vpx), error: 0x2000000B
18.04.201306:47:11InvalidateCurrent: invalidated server 'tmp sfx storage' from 'sfx'
18.04.201306:47:11SelectCurrent: unable to find any suitable server in 'sfx'
18.04.201306:47:11while trying to get file 'winsys-8.vpx', error 0x2000000B has occured, try 1
18.04.201306:47:11tried 1 servers to get file 'winsys-8.vpx', but failed (0x2000000B)
18.04.201306:47:11DldPackage: C:\Program Files\AVAST Software\Avast\Setup\winsys-8.vpx, returned 0x2000000b
18.04.201306:47:25Uninstalling aswTdi.sys
18.04.201306:47:25Stopping service aswTdi
18.04.201306:47:25OpenSCManager
18.04.201306:47:25OpenService
18.04.201306:47:25OpenService, errcode: 0x00000424
18.04.201306:47:25Service aswTdi stopped, errcode: 0x00000424
18.04.201306:47:25Cannot open reg. key:Software\Microsoft\Windows\CurrentVersion\App Paths\AvastUI.exe
18.04.201306:47:25RegLoadKey(HKEY_USERS, Av_S-1-5-18, C:\WINDOWS\system32\config\systemprofile\NtUser.dat)
18.04.201306:47:25RegLoadKey(HKEY_USERS, Av_S-1-5-19, C:\Documents and Settings\LocalService\NtUser.dat)
18.04.201306:47:25Load registry hive ERROR_SHARING_VIOLATION
18.04.201306:47:25RegLoadKey(HKEY_USERS, Av_S-1-5-20, C:\Documents and Settings\NetworkService\NtUser.dat)
18.04.201306:47:25Load registry hive ERROR_SHARING_VIOLATION
18.04.201306:47:25RegLoadKey(HKEY_USERS, Av_S-1-5-21-2771394249-4081502383-3354649462-1006, C:\Documents and Settings\Scott\NtUser.dat)
18.04.201306:47:25Load registry hive ERROR_SHARING_VIOLATION
18.04.201306:47:25RegLoadKey(HKEY_USERS, Av_S-1-5-21-2771394249-4081502383-3354649462-1007, C:\Documents and Settings\Esther\NtUser.dat)
18.04.201306:47:25RegUnloadKey
18.04.201306:47:25RegLoadKey(HKEY_USERS, Av_S-1-5-21-2771394249-4081502383-3354649462-1008, C:\Documents and Settings\Alison\NtUser.dat)
18.04.201306:47:25RegUnloadKey
18.04.201306:47:25RegLoadKey(HKEY_USERS, Av_S-1-5-21-2771394249-4081502383-3354649462-1009, C:\Documents and Settings\Alexis\NtUser.dat)
18.04.201306:47:25RegUnloadKey
18.04.201306:47:26RegLoadKey(HKEY_USERS, Av_S-1-5-21-2771394249-4081502383-3354649462-1010, C:\Documents and Settings\LogMeInRemoteUser\NtUser.dat)
18.04.201306:47:26RegUnloadKey
18.04.201306:47:26RegLoadKey(HKEY_USERS, Av_S-1-5-21-2771394249-4081502383-3354649462-500, C:\Documents and Settings\Administrator\NtUser.dat)
18.04.201306:47:26RegUnloadKey
18.04.201306:47:26Direct delete of file: C:\Program Files\AVAST Software\Avast\Setup\ais_core-4cd.vpx
18.04.201306:47:26Direct delete of file: C:\Program Files\AVAST Software\Avast\Setup\ais_dll_eng-525.vpx
18.04.201306:47:26Direct delete of file: C:\Program Files\AVAST Software\Avast\Setup\ais_res-414.vpx
18.04.201306:47:26Direct delete of file: C:\Program Files\AVAST Software\Avast\Setup\part-jrog-a7.vpx
18.04.201306:47:26Direct delete of file: C:\Program Files\AVAST Software\Avast\Setup\part-jrog2-729.vpx
18.04.201306:47:26Direct delete of file: C:\Program Files\AVAST Software\Avast\Setup\part-prg_ais-5cb.vpx
18.04.201306:47:26Direct delete of file: C:\Program Files\AVAST Software\Avast\Setup\part-setup_ais-5cb.vpx
18.04.201306:47:26Direct delete of file: C:\Program Files\AVAST Software\Avast\Setup\part-vps_win32-13030700.vpx
18.04.201306:47:26Direct delete of file: C:\Program Files\AVAST Software\Avast\Setup\prod-ais.vpx
18.04.201306:47:26Direct delete of file: C:\Program Files\AVAST Software\Avast\Setup\servers.def
18.04.201306:47:26Direct delete of file: C:\Program Files\AVAST Software\Avast\Setup\servers.def.vpx
18.04.201306:47:26Direct delete of file: C:\Program Files\AVAST Software\Avast\Setup\setif_ais-5cb.vpx
18.04.201306:47:26Direct delete of file: C:\Program Files\AVAST Software\Avast\Setup\setup.ini
18.04.201306:47:26Direct delete of file: C:\Program Files\AVAST Software\Avast\Setup\setup_ais-5cb.vpx
18.04.201306:47:26No recommendation number found
18.04.201306:47:26Transferred: files 12, bytes 488, time 2282 ms
18.04.201306:47:26Retries: total 1, files 1, servers 1
18.04.201306:47:26GetLicNumber: LoadLibrary( C:\Program Files\AVAST Software\Avast\ashBase.dll ) return value: 0x00000000
18.04.201306:47:27DldSrc set to inet
18.04.201306:47:27Server definition(s) loaded for 'main': 109 (maintenance:0)
18.04.201306:47:27SelectCurrent: selected server 'Download120 AVAST5 Server' from 'main'
18.04.201306:47:27SYNCER: Type: use IE settings
18.04.201306:47:27SYNCER: Auth: another authentication, use WinInet
18.04.201306:47:27Sending stats 'http://v7.stats.avast.com/cgi-bin/iavs4stats.cgi': 00000000 204
18.04.201306:47:27NeedReboot=false
18.04.201306:47:27Return code: 0x2000000B [Invalid file signature. Setup will terminate.]
18.04.201306:47:27Stopped: 18.04.2013, 06:47:27
18.04.201306:47:28SYNCER: Agent=Syncer/5.00 (ais-1483;p)
18.04.201306:47:28SYNCER: Type: use IE settings
18.04.201306:47:28SYNCER: Auth: another authentication, use WinInet
18.04.201306:47:28Used server: http://77.234.43.39/iavs5x
  • 0

#20
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi topedge,

OK. Let's try to check disk for errors and see is there any clues is system logs.

Step 1

Download and run Puran Disc Defragmenter

NOTE: If it ask you to install and toolbar or any other software Skip the offer

Click on Boot Time Defrag button and choose Restart-Defrag-Restart + Check disk

Posted Image

Step 2

QuickEvents

  • Download QuickEvents and save it on Desktop
  • Run downloaded program
  • After the scan it will open log file
  • Copy and paste content of that log in your next reply.

Step 3

Please don't forget to include these items in your reply:

  • QuickEvents log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#21
topedge

topedge

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Thanks Maliprog. I went too fast on your first instruction and didn't read it very well. This is the log;

2013/04/20 at 12:42:11 - Boot Time Defrag Report
Analysis Report For C:

Total Files 121049
Total Directories 16112
Total Excluded 0
Total Deleted 0
Total Deleted Bytes 0 MB

Total Fragmented Files 8157
Total Fragmented Directories 317
Total Fragmented Bytes 11940 MB

MFT Fragments 7
Pagefile Fragments 2
Registry Fragments 1

Fragmentation Percentage By Size 21%
Fragmentation Percentage By Count 6%

Analysis Report For C: After Defragmentation

Total Fragmented Files 1
Total Fragmented Directories 0
Total Fragmented Bytes 7 MB

MFT Fragments 2
Pagefile Fragments 1
Registry Fragments 1

Fragmentation Percentage By Size 0%
Fragmentation Percentage By Count 0%


The following files/directories were defragmented - Top 10

Path Lcn Size in MB Fragments
C:\RECYCLER\S-1-5-21-2771394249-4081502383-3354649462-1006 3420 0.1 1
C:\Documents and Settings\Scott\Application Data\com.picaboo.Picaboo.A382D4714709B456C4E0088DFC1F7243AF9EBF75.1\Local Store\thumbnails\f2e55a3c85d97d0bf54507a43365212a 3423 0.1 1
C:\SierraChart\SierraChartTransActMA\ACS_Source 3427 0.0 1
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1137\snapshot 3433 0.0 1
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1138\snapshot 3435 0.0 1
C:\Program Files\Ava MetaTrader\history\AvaFinancial-Real 3437 0.2 1
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1177\snapshot 3444 0.0 1
C:\Documents and Settings\Scott\My Documents\NinjaTrader 7\db\minute\$EURUSD 3447 0.0 1
C:\Program Files\Research In Motion\BlackBerry Link\Modules 3449 0.0 1
C:\Program Files\Research In Motion\BlackBerry Link\DeviceData 3451 0.0 1


The following files/directories are still fragmented - Top 10

Path Lcn Size in MB Fragments
C:\Documents and Settings\Scott\My Documents\blackberry\Backup\BlackBerry Pearl 8100-Migration (02-17-2013).bbb 329930 7.78 39
  • 0

#22
topedge

topedge

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
This is the log from quickevents;

QuickEvents v0.1 by maliprog
Log file created on 04/21/2013


-------------------------------
System Log
(Error, Warning, Critical)
-------------------------------


Event Type: error
Time Written: 04/21/2013 02:35:37
Category: 0
Event Code: 7026
Source Name: Service Control Manager

The following boot-start or system-start driver(s) failed to load:
F-Secure HIPS
FSFW
KL1
kl2
KLIF
SBRE
Vsdatant

- -

Event Type: error
Time Written: 04/21/2013 02:35:27
Category: 0
Event Code: 7000
Source Name: Service Control Manager

The LogMeIn Kernel Information Provider service failed to start due to the following error:
The system cannot find the path specified.


- -

Event Type: error
Time Written: 04/21/2013 02:35:26
Category: 0
Event Code: 7000
Source Name: Service Control Manager

The ZoneAlarm LTD Toolbar ISWKL service failed to start due to the following error:
The system cannot find the path specified.


- -

Event Type: error
Time Written: 04/21/2013 02:35:26
Category: 0
Event Code: 7001
Source Name: Service Control Manager

The TrueVector Internet Monitor service depends on the Vsdatant service which failed to start because of the following error:
A device attached to the system is not functioning.


- -

Event Type: error
Time Written: 04/21/2013 02:31:58
Category: 0
Event Code: 7026
Source Name: Service Control Manager

The following boot-start or system-start driver(s) failed to load:
F-Secure HIPS
FSFW
KL1
kl2
KLIF
SBRE
Vsdatant

- -

Event Type: error
Time Written: 04/21/2013 02:31:51
Category: 0
Event Code: 7000
Source Name: Service Control Manager

The LogMeIn Kernel Information Provider service failed to start due to the following error:
The system cannot find the path specified.


- -

Event Type: error
Time Written: 04/21/2013 02:31:51
Category: 0
Event Code: 7000
Source Name: Service Control Manager

The ZoneAlarm LTD Toolbar ISWKL service failed to start due to the following error:
The system cannot find the path specified.


- -

Event Type: error
Time Written: 04/21/2013 02:31:51
Category: 0
Event Code: 7001
Source Name: Service Control Manager

The TrueVector Internet Monitor service depends on the Vsdatant service which failed to start because of the following error:
A device attached to the system is not functioning.


- -

Event Type: error
Time Written: 04/21/2013 02:17:20
Category: 0
Event Code: 7026
Source Name: Service Control Manager

The following boot-start or system-start driver(s) failed to load:
F-Secure HIPS
FSFW
KL1
kl2
KLIF
SBRE
Vsdatant

- -

Event Type: error
Time Written: 04/21/2013 02:17:12
Category: 0
Event Code: 7000
Source Name: Service Control Manager

The LogMeIn Kernel Information Provider service failed to start due to the following error:
The system cannot find the path specified.


-------------------------------
System Log
(Information)
-------------------------------


Event Type: information
Time Written: 04/21/2013 02:36:23
Category: 0
Event Code: 7036
Source Name: Service Control Manager

The Google Software Updater service entered the stopped state.

- -

Event Type: information
Time Written: 04/21/2013 02:35:44
Category: 0
Event Code: 7036
Source Name: Service Control Manager

The IMAPI CD-Burning COM Service service entered the stopped state.

- -

Event Type: information
Time Written: 04/21/2013 02:35:39
Category: 0
Event Code: 7036
Source Name: Service Control Manager

The BlackBerry Link Communication Manager service entered the stopped state.

- -

Event Type: information
Time Written: 04/21/2013 02:35:38
Category: 0
Event Code: 7036
Source Name: Service Control Manager

The Application Layer Gateway Service service entered the running state.

- -

Event Type: information
Time Written: 04/21/2013 02:35:38
Category: 0
Event Code: 7035
Source Name: Service Control Manager

The Application Layer Gateway Service service was successfully sent a start control.

-------------------------------
Application Log
(Error, Warning, Critical)
-------------------------------


Event Type: error
Time Written: 04/18/2013 16:16:54
Category: 0
Event Code: 10005
Source Name: MsiInstaller

Product: Windows Support Tools -- Internal Error 2350.

- -

Event Type: error
Time Written: 04/18/2013 16:16:51
Category: 0
Event Code: 11335
Source Name: MsiInstaller

Product: Windows Support Tools -- Error 1335. The cabinet file 'support.cab' required for this installation is corrupt and cannot be used. This could indicate a network error, an error reading from the CD-ROM, or a problem with this package.

- -

-------------------------------
Application Log
(Information)
-------------------------------


Event Type: information
Time Written: 04/21/2013 02:36:23
Category: 0
Event Code: 0
Source Name: gusvc


- -

Event Type: information
Time Written: 04/21/2013 02:35:37
Category: 0
Event Code: 0
Source Name: Blackberry Device Manager


- -

Event Type: information
Time Written: 04/21/2013 02:35:29
Category: 0
Event Code: 1800
Source Name: SecurityCenter

The Windows Security Center Service has started.

- -

Event Type: information
Time Written: 04/21/2013 02:35:24
Category: 0
Event Code: 100
Source Name: RIM MDNS

Service started


- -

Event Type: information
Time Written: 04/21/2013 02:35:24
Category: 0
Event Code: 100
Source Name: RIM MDNS

Service initialized

-------- Done! ---------
  • 0

#23
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi topedge,

Please do one step at the time and let me know results.

Step 1

Unplug all external devices such as printers, scanners or any other device that is connected. Try to reboot. Test your system and if it fails then do Step 2.

Step 2

If first step didn't do much good then can you please try to detected your CD-ROM/DVD-ROM device from your system. That means to disconnect all cables from it and try to reboot your system.

Step 3

Download Data Lifeguard

Click Download button to download tool to your desktop.

Below Downlaod button there is description how to use this toll in order to test your hard disk.

You can first run Quick Test and if all goes fine then run Extended Test.

When the test completes, you will be notified with a pass/fail message. Click the Close button.

Let me know results.
  • 0

#24
topedge

topedge

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Hi,
The quick test was good. On the first attempt at extended when I returned I had BSOD. The first time it ran for quite awhile. On the second attempt it didn't run for very long and got a BSOD.
Two different error messages 008 and 024. The windows security pops up now and says not protected. It won't allow updates to virus.
Thank you
  • 0

#25
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
OK. Let's try bootable image of this tool so there won't be any dependences with your windows.

Please click Here

Donload ISO image of CD and burn this image on CD. There is also instructions how to do this on the same page where you downlaod tool.

As you did last time, first run short test then Extended Test.

If you have any questions about this step please ask.
  • 0

Advertisements


#26
topedge

topedge

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Hi,
Quick test passed and extended test passed.
Thanks
  • 0

#27
topedge

topedge

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Hi,
I was also able to run a quick scan and this is the log;

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.27.04

Windows XP x86 NTFS
Internet Explorer 6.0.2800.5512
SYSTEM :: MiniXP [administrator]

2013-04-23 16:09:32
mbam-log-2013-04-23 (16-10-18).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 87249
Time elapsed: 20 second(s)

Memory Processes Detected: 1
X:\I386\System32\keybtray.exe (Malware.Packer.Gen) -> 1708 -> No action taken.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKCR\CLSID\{3F4DACA4-160D-11D2-A8E9-00104B365C9F} (Malware.Packer.Gen) -> No action taken.
HKCR\TypeLib\{3F4DACA7-160D-11D2-A8E9-00104B365C9F} (Malware.Packer.Gen) -> No action taken.
HKCR\Interface\{3F4DACA0-160D-11D2-A8E9-00104B365C9F} (Malware.Packer.Gen) -> No action taken.
HKCR\VBScript.RegExp (Malware.Packer.Gen) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoSMHelp (PUM.Hijack.Help) -> Bad: (1) Good: (0) -> No action taken.

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
X:\I386\System32\keybtray.exe (Malware.Packer.Gen) -> No action taken.
X:\I386\System32\msxml2.dll (Malware.Packer.Gen) -> No action taken.
X:\I386\System32\vbscript.dll (Malware.Packer.Gen) -> No action taken.
X:\I386\System32\wzcsvc.dll (Trojan.FakeAV) -> No action taken.
X:\I386\System32\sfcfiles.dll (Trojan.Patched) -> No action taken.

(end)

Thanks
  • 0

#28
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
OK. Because you can't finish any antivirus scan let's try with Dr.Web live CD. It also have his own system so it's not depended on you windows installation.

Download FreeISOBurner to desktop
Download Dr.Web Live CD to desktop

  • Insert blank CD into CD burner
  • Start FreeISOBurner
  • Click Open button and load Dr.Web LiveCD ISO file
  • Select burn speed 16x or less
  • Press Burn button
  • Having made the bootable CD set your system to boot from CD (Instructions)
  • Once Dr.Web starts select Dr.Web LiveCD (Default)
  • Press Scanner button on the top
  • Press Custom scan on the left side
  • Check all disks on the right side
  • Now press Begin the scan button to start scanner
  • After the scan select all infected files and press Cure button
  • Select Tools then Journal
  • Click Export button and save report as drweb.txt to hda1 folder
Restart your system and post C:\drweb.txt log here for me.
  • 0

#29
topedge

topedge

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Hi,
I did the above. The link to the av didn't work but I found one and burned a disk. It would not read in my computer.
I did burn another program iso which the computer did read ok. I did not run it but just wanted to test that.
Thanks
  • 0

#30
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Let's try this tool instead Dr.Web. Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP