Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Win32:Malware-gen trojan infection


  • Please log in to reply

#16
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
do i want to save any logs in event viewer before i clear them?
  • 0

Advertisements


#17
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
also, should i stay in safe mode?
  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP
No need to save event logs before clearing. You can reboot into regular mode.
  • 0

#19
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
event viewer log

Vino's Event Viewer v01c run on Windows XP in English
Report run at 25/09/2013 2:33:09 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 25/09/2013 2:29:12 PM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP
OTL did not find any outlook.pst file. You can try a search and see if there is one hiding somewhere.

Probably you will need to recreate it:
http://office.micros...A010354964.aspx


I don't see any errors right now. (The one that shows is because of Safe Mode). How is it running now?
  • 0

#21
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
that file is not there. office12 was there but no scanpst.exe.

still have the star icon in the tray that says this version of windows is not authentic, i have no idea where the original discs could be or the validation numbers. hard drive still runs at random and still slow.

Edited by gregahoffman, 26 September 2013 - 06:02 AM.

  • 0

#22
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
i used the tip from microsoft to re create the .pst file and can now get outlook to work. still have the other problems though.
  • 0

#23
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP
We usually see an error in the event logs when it doesn't authenticate:

Run VEW again just for System and copy and paste the log.

There is a diagnostic program for authentication problems:

http://support.microsoft.com/kb/916247

Hopefully your shop did not install a bootleg version of Windows XP while they were trying to fix it.
  • 0

#24
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
VEW log

Vino's Event Viewer v01c run on Windows XP in English
Report run at 26/09/2013 11:07:18 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/09/2013 8:20:12 AM
Type: error Category: 0
Event: 1002 Source: Dhcp
The IP address lease 172.16.0.17 for the Network Card with network address 00FF03CF4955 has been denied by the DHCP server 172.16.0.18 (The DHCP Server sent a DHCPNACK message).

Log: 'System' Date/Time: 26/09/2013 6:58:12 AM
Type: error Category: 0
Event: 1002 Source: Dhcp
The IP address lease 172.16.0.17 for the Network Card with network address 00FF03CF4955 has been denied by the DHCP server 172.16.0.18 (The DHCP Server sent a DHCPNACK message).

Log: 'System' Date/Time: 25/09/2013 2:29:12 PM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - information Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/09/2013 10:23:15 AM
Type: information Category: 0
Event: 7035 Source: Service Control Manager
The Adobe Flash Player Update Service service was successfully sent a start control.

Log: 'System' Date/Time: 26/09/2013 10:23:15 AM
Type: information Category: 0
Event: 7036 Source: Service Control Manager
The Adobe Flash Player Update Service service entered the stopped state.

Log: 'System' Date/Time: 26/09/2013 10:23:15 AM
Type: information Category: 0
Event: 7036 Source: Service Control Manager
The Adobe Flash Player Update Service service entered the running state.

Log: 'System' Date/Time: 26/09/2013 9:50:38 AM
Type: information Category: 0
Event: 7036 Source: Service Control Manager
The BITS service entered the running state.

Log: 'System' Date/Time: 26/09/2013 9:50:37 AM
Type: information Category: 0
Event: 7035 Source: Service Control Manager
The BITS service was successfully sent a start control.

Log: 'System' Date/Time: 26/09/2013 9:50:36 AM
Type: information Category: 0
Event: 7036 Source: Service Control Manager
The IMAPI CD-Burning COM Service service entered the stopped state.

Log: 'System' Date/Time: 26/09/2013 9:50:30 AM
Type: information Category: 0
Event: 7036 Source: Service Control Manager
The Computer Browser service entered the stopped state.

Log: 'System' Date/Time: 26/09/2013 9:50:29 AM
Type: information Category: 0
Event: 7036 Source: Service Control Manager
The Remote Access Connection Manager service entered the running state.

Log: 'System' Date/Time: 26/09/2013 9:50:29 AM
Type: information Category: 0
Event: 7036 Source: Service Control Manager
The Application Layer Gateway Service service entered the running state.

Log: 'System' Date/Time: 26/09/2013 9:50:29 AM
Type: information Category: 0
Event: 7035 Source: Service Control Manager
The Application Layer Gateway Service service was successfully sent a start control.

Log: 'System' Date/Time: 26/09/2013 9:50:28 AM
Type: information Category: 0
Event: 7036 Source: Service Control Manager
The IMAPI CD-Burning COM Service service entered the running state.

Log: 'System' Date/Time: 26/09/2013 9:50:28 AM
Type: information Category: 0
Event: 7035 Source: Service Control Manager
The Remote Access Connection Manager service was successfully sent a start control.

Log: 'System' Date/Time: 26/09/2013 9:50:28 AM
Type: information Category: 0
Event: 7036 Source: Service Control Manager
The Telephony service entered the running state.

Log: 'System' Date/Time: 26/09/2013 9:50:28 AM
Type: information Category: 0
Event: 7035 Source: Service Control Manager
The IMAPI CD-Burning COM Service service was successfully sent a start control.

Log: 'System' Date/Time: 26/09/2013 9:50:28 AM
Type: information Category: 0
Event: 7036 Source: Service Control Manager
The SSDP Discovery Service service entered the running state.

Log: 'System' Date/Time: 26/09/2013 9:50:28 AM
Type: information Category: 0
Event: 4202 Source: Tcpip
The system detected that network adapter \DEVICE\TCPIP_{F26D3BA9-1159-430D-B6F8-B6938E9A64E1} was disconnected from the network, and the adapter's network configuration has been released. If the network adapter was not disconnected, this may indicate that it has malfunctioned. Please contact your vendor for updated drivers.

Log: 'System' Date/Time: 26/09/2013 9:50:28 AM
Type: information Category: 0
Event: 4201 Source: Tcpip
The system detected that network adapter \DEVICE\TCPIP_{308E3A72-D076-4737-B06F-201DDC587F7C} was connected to the network, and has initiated normal operation over the network adapter.

Log: 'System' Date/Time: 26/09/2013 9:50:28 AM
Type: information Category: 0
Event: 7035 Source: Service Control Manager
The SSDP Discovery Service service was successfully sent a start control.

Log: 'System' Date/Time: 26/09/2013 9:50:28 AM
Type: information Category: 0
Event: 7036 Source: Service Control Manager
The Network Location Awareness (NLA) service entered the running state.

Log: 'System' Date/Time: 26/09/2013 9:50:28 AM
Type: information Category: 0
Event: 7035 Source: Service Control Manager
The Network Location Awareness (NLA) service was successfully sent a start control.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/09/2013 9:04:35 AM
Type: warning Category: 0
Event: 4226 Source: Tcpip
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Log: 'System' Date/Time: 26/09/2013 4:09:24 AM
Type: warning Category: 0
Event: 36 Source: W32Time
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.
  • 0

#25
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
this is the log from the validation page, but it won't validate the program, it redirects me to purchase windows 7

United States Change | All Microsoft Sites Skip to content pane


Search this website
HomeDiscover Windows
DesktopPersonalizeDigital photosTV and streamingWindows TouchMore articlesProducts
Windows 7Windows VistaWindows XPInternet ExplorerWindows LiveWindows Media PlayerWindows PhoneGenuine Windows homeShopDownloads
Windows 7Windows VistaWindows XPInternet ExplorerWindows LivePersonalization Gallery homeWindows 7 themesDesktop backgroundsGadgetsLanguagesService Pack CenterHelp & How-to
Windows 7Windows VistaWindows XPInternet ExplorerWindows LiveWindows Media PlayerWindows PhoneWindows CommunityWindows AccessibilityGenuine Windows homeBefore you buyFor your businessGet Help

Genuine Microsoft Software – Diagnostic Site
Repairing your computer configuration may take a few minutes.
Please Wait...

Your computer is not properly configured to run the Microsoft validation process. Click Resolve Now to continue.
Resolve Now
Your computer is properly configured to run the Microsoft validation process. Click either Validate Windows or Validate Office to use the Microsoft validation process.

Validate WindowsValidate OfficeYour computer is properly configured to run the Microsoft validation process. Click continue to try again.

Genuine Microsoft Software Diagnostics is unable to automatically resolve your computer configuration.
In order to continue, you must be logged-in as an administrator.

The following error(s) occured while trying to repair your computer configuration. To learn how to resolve each configuration error, click More Information.
If you are unable to resolve an error, see all your options for support including how to contact us and the steps for submitting a technical support request.
Diagnostic Error Error Code More Information

What is the purpose of this site?
These diagnostic pages will help you ensure that your Internet Explorer (6.0 or later) settings are configured properly to see images, run scripts, and allow ActiveX controls to download and run.

You will be walked through the troubleshooting process step by step. If your configuration settings are not correct, you will be provided with suggestions to resolve the problem. If your problem persists, you will be provided with information about where you can obtain additional assistance.

Genuine Microsoft Software Diagnostic Results
Passed Active scripting allowed
Passed Display images enabled
Passed Computer time and date correct
Passed Cookies enabled
Passed ActiveX enabled
Passed Windows validation ActiveX loaded
Passed Office validation ActiveX loaded
Passed Validation Self-help ActiveX loaded
Passed Validation Self-help: Data.dat Corruption check
Passed Validation Self-help: Cryptography check
Passed Validation Self-help: Product Activation check
Passed ActiveX controls connect with Microsoft validation servers
  • 0

Advertisements


#26
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP

Event: 4226 Source: Tcpip
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.


This one is usually seen when running one of the P2P programs like uTorrent. If you are not doing that there still may be something hiding.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe and to start the program.

If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.



Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.



See if you can get the time to update:

Windows XP has a built-in time synchronization feature that’s designed to automatically synchronize your computer’s clock with an Internet time server on a regular basis. To access this feature, double-click the clock in the notification area of the taskbar. From the Date And Time Properties dialog box, select Internet Time. Make sure that the Automatically Synchronize With An Internet Time Server check box is selected. Should be an Update Now option. See if it will work. Some times it helps to change to a different time source.
  • 0

#27
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
here is the TDSSKiller log

08:45:23.0824 2260 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
08:45:24.0480 2260 ============================================================
08:45:24.0480 2260 Current date / time: 2013/09/24 08:45:24.0480
08:45:24.0480 2260 SystemInfo:
08:45:24.0480 2260
08:45:24.0480 2260 OS Version: 5.1.2600 ServicePack: 3.0
08:45:24.0480 2260 Product type: Workstation
08:45:24.0480 2260 ComputerName: TEMP-6A27591C80
08:45:24.0480 2260 UserName: Temp
08:45:24.0480 2260 Windows directory: C:\WINDOWS
08:45:24.0480 2260 System windows directory: C:\WINDOWS
08:45:24.0480 2260 Processor architecture: Intel x86
08:45:24.0480 2260 Number of processors: 2
08:45:24.0480 2260 Page size: 0x1000
08:45:24.0480 2260 Boot type: Normal boot
08:45:24.0480 2260 ============================================================
08:45:25.0808 2260 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
08:45:25.0808 2260 ============================================================
08:45:25.0808 2260 \Device\Harddisk0\DR0:
08:45:25.0808 2260 MBR partitions:
08:45:25.0808 2260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x94FE97E
08:45:25.0808 2260 ============================================================
08:45:25.0839 2260 C: <-> \Device\Harddisk0\DR0\Partition1
08:45:25.0839 2260 ============================================================
08:45:25.0839 2260 Initialize success
08:45:25.0839 2260 ============================================================
08:45:43.0464 2328 ============================================================
08:45:43.0480 2328 Scan started
08:45:43.0480 2328 Mode: Manual; TDLFS;
08:45:43.0480 2328 ============================================================
08:45:44.0105 2328 ================ Scan system memory ========================
08:45:44.0105 2328 System memory - ok
08:45:44.0105 2328 ================ Scan services =============================
08:45:44.0183 2328 Abiosdsk - ok
08:45:44.0183 2328 abp480n5 - ok
08:45:44.0230 2328 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:45:44.0230 2328 ACPI - ok
08:45:44.0261 2328 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
08:45:44.0261 2328 ACPIEC - ok
08:45:44.0324 2328 [ 24A0876D07EF356DCBC1D7A7929354AB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:45:44.0339 2328 AdobeFlashPlayerUpdateSvc - ok
08:45:44.0339 2328 adpu160m - ok
08:45:44.0386 2328 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
08:45:44.0386 2328 aec - ok
08:45:44.0417 2328 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
08:45:44.0417 2328 AFD - ok
08:45:44.0417 2328 Aha154x - ok
08:45:44.0433 2328 aic78u2 - ok
08:45:44.0433 2328 aic78xx - ok
08:45:44.0464 2328 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
08:45:44.0464 2328 Alerter - ok
08:45:44.0496 2328 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
08:45:44.0496 2328 ALG - ok
08:45:44.0496 2328 AliIde - ok
08:45:44.0511 2328 amsint - ok
08:45:44.0527 2328 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
08:45:44.0527 2328 AppMgmt - ok
08:45:44.0542 2328 asc - ok
08:45:44.0542 2328 asc3350p - ok
08:45:44.0558 2328 asc3550 - ok
08:45:44.0652 2328 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
08:45:44.0652 2328 aspnet_state - ok
08:45:44.0667 2328 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:45:44.0667 2328 AsyncMac - ok
08:45:44.0699 2328 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
08:45:44.0699 2328 atapi - ok
08:45:44.0699 2328 Atdisk - ok
08:45:44.0714 2328 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:45:44.0714 2328 Atmarpc - ok
08:45:44.0761 2328 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
08:45:44.0761 2328 AudioSrv - ok
08:45:44.0792 2328 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
08:45:44.0792 2328 audstub - ok
08:45:45.0027 2328 [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
08:45:45.0089 2328 AVGIDSAgent - ok
08:45:45.0136 2328 [ 4D7E34E36E586EA26F171A258341BD80 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
08:45:45.0136 2328 AVGIDSDriver - ok
08:45:45.0167 2328 [ 7C8E88549BCDAAC965B1B724C175F7A9 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
08:45:45.0167 2328 AVGIDSHX - ok
08:45:45.0183 2328 [ 2717EBC35166B8793DBFFB4390B8F2E7 ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
08:45:45.0199 2328 AVGIDSShim - ok
08:45:45.0214 2328 [ 2018C4E9A40B122408763A5635CF14D9 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
08:45:45.0214 2328 Avgldx86 - ok
08:45:45.0230 2328 [ E2B9CF2CF787C6978E7CC898E9684E48 ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
08:45:45.0246 2328 Avglogx - ok
08:45:45.0261 2328 [ 3F59750A3AA55C46663801E7C2FD1E2B ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
08:45:45.0261 2328 Avgmfx86 - ok
08:45:45.0277 2328 [ CBCE8ED318DB8EA431F9D25AC9B7FF41 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
08:45:45.0277 2328 Avgrkx86 - ok
08:45:45.0292 2328 [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
08:45:45.0292 2328 Avgtdix - ok
08:45:45.0308 2328 [ C760DB4EBFED4409638070B1BEBE6C34 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
08:45:45.0324 2328 avgtp - ok
08:45:45.0339 2328 [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
08:45:45.0355 2328 avgwd - ok
08:45:45.0386 2328 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
08:45:45.0386 2328 Beep - ok
08:45:45.0417 2328 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
08:45:45.0464 2328 BITS - ok
08:45:45.0496 2328 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
08:45:45.0496 2328 Browser - ok
08:45:45.0527 2328 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
08:45:45.0527 2328 cbidf2k - ok
08:45:45.0542 2328 cd20xrnt - ok
08:45:45.0542 2328 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
08:45:45.0542 2328 Cdaudio - ok
08:45:45.0589 2328 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
08:45:45.0589 2328 Cdfs - ok
08:45:45.0621 2328 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:45:45.0621 2328 Cdrom - ok
08:45:45.0621 2328 Changer - ok
08:45:45.0636 2328 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
08:45:45.0636 2328 CiSvc - ok
08:45:45.0652 2328 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
08:45:45.0652 2328 ClipSrv - ok
08:45:45.0683 2328 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:45:45.0683 2328 clr_optimization_v2.0.50727_32 - ok
08:45:45.0699 2328 CmdIde - ok
08:45:45.0699 2328 COMSysApp - ok
08:45:45.0714 2328 Cpqarray - ok
08:45:45.0746 2328 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
08:45:45.0746 2328 CryptSvc - ok
08:45:45.0761 2328 dac2w2k - ok
08:45:45.0761 2328 dac960nt - ok
08:45:45.0808 2328 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
08:45:45.0824 2328 DcomLaunch - ok
08:45:45.0824 2328 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
08:45:45.0824 2328 Dhcp - ok
08:45:45.0839 2328 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
08:45:45.0839 2328 Disk - ok
08:45:45.0855 2328 dmadmin - ok
08:45:45.0902 2328 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
08:45:45.0917 2328 dmboot - ok
08:45:45.0933 2328 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
08:45:45.0933 2328 dmio - ok
08:45:45.0964 2328 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
08:45:45.0964 2328 dmload - ok
08:45:45.0996 2328 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
08:45:45.0996 2328 dmserver - ok
08:45:46.0027 2328 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
08:45:46.0027 2328 DMusic - ok
08:45:46.0058 2328 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
08:45:46.0058 2328 Dnscache - ok
08:45:46.0089 2328 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
08:45:46.0089 2328 Dot3svc - ok
08:45:46.0121 2328 [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] Dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
08:45:46.0121 2328 Dot4 - ok
08:45:46.0152 2328 [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
08:45:46.0152 2328 Dot4Print - ok
08:45:46.0167 2328 [ 0A57B5876530FEBB4EBF6AD501864F96 ] dot4ufd C:\WINDOWS\system32\DRIVERS\hppaufd0.sys
08:45:46.0167 2328 dot4ufd - ok
08:45:46.0183 2328 dpti2o - ok
08:45:46.0199 2328 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
08:45:46.0199 2328 drmkaud - ok
08:45:46.0230 2328 [ AC9CF17EE2AE003C98EB4F5336C38058 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
08:45:46.0230 2328 E100B - ok
08:45:46.0261 2328 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
08:45:46.0261 2328 EapHost - ok
08:45:46.0277 2328 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
08:45:46.0277 2328 ERSvc - ok
08:45:46.0324 2328 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
08:45:46.0339 2328 Eventlog - ok
08:45:46.0371 2328 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
08:45:46.0371 2328 EventSystem - ok
08:45:46.0402 2328 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
08:45:46.0417 2328 Fastfat - ok
08:45:46.0449 2328 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
08:45:46.0464 2328 FastUserSwitchingCompatibility - ok
08:45:46.0511 2328 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
08:45:46.0511 2328 Fdc - ok
08:45:46.0527 2328 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
08:45:46.0542 2328 Fips - ok
08:45:46.0542 2328 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
08:45:46.0542 2328 Flpydisk - ok
08:45:46.0574 2328 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
08:45:46.0574 2328 FltMgr - ok
08:45:46.0621 2328 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
08:45:46.0636 2328 FontCache3.0.0.0 - ok
08:45:46.0636 2328 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:45:46.0636 2328 Fs_Rec - ok
08:45:46.0652 2328 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:45:46.0652 2328 Ftdisk - ok
08:45:46.0667 2328 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:45:46.0667 2328 Gpc - ok
08:45:46.0699 2328 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:45:46.0699 2328 HDAudBus - ok
08:45:46.0746 2328 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:45:46.0746 2328 helpsvc - ok
08:45:46.0777 2328 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
08:45:46.0792 2328 HidServ - ok
08:45:46.0824 2328 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:45:46.0824 2328 hidusb - ok
08:45:46.0855 2328 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
08:45:46.0855 2328 hkmsvc - ok
08:45:46.0871 2328 hpn - ok
08:45:46.0902 2328 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
08:45:46.0902 2328 HSFHWBS2 - ok
08:45:46.0933 2328 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
08:45:46.0949 2328 HSF_DP - ok
08:45:46.0996 2328 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
08:45:46.0996 2328 HTTP - ok
08:45:47.0027 2328 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
08:45:47.0042 2328 HTTPFilter - ok
08:45:47.0042 2328 i2omgmt - ok
08:45:47.0042 2328 i2omp - ok
08:45:47.0074 2328 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
08:45:47.0074 2328 i8042prt - ok
08:45:47.0121 2328 [ 0294A30B302CA71A2C26E582DDA93486 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
08:45:47.0136 2328 ialm - ok
08:45:47.0183 2328 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:45:47.0199 2328 idsvc - ok
08:45:47.0230 2328 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
08:45:47.0230 2328 Imapi - ok
08:45:47.0261 2328 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
08:45:47.0261 2328 ImapiService - ok
08:45:47.0277 2328 ini910u - ok
08:45:47.0308 2328 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
08:45:47.0308 2328 IntelIde - ok
08:45:47.0339 2328 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:45:47.0339 2328 intelppm - ok
08:45:47.0355 2328 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
08:45:47.0355 2328 Ip6Fw - ok
08:45:47.0371 2328 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:45:47.0371 2328 IpFilterDriver - ok
08:45:47.0402 2328 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:45:47.0402 2328 IpInIp - ok
08:45:47.0417 2328 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:45:47.0417 2328 IpNat - ok
08:45:47.0464 2328 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:45:47.0464 2328 IPSec - ok
08:45:47.0496 2328 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
08:45:47.0496 2328 IRENUM - ok
08:45:47.0511 2328 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:45:47.0511 2328 isapnp - ok
08:45:47.0542 2328 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:45:47.0542 2328 Kbdclass - ok
08:45:47.0542 2328 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:45:47.0542 2328 kbdhid - ok
08:45:47.0574 2328 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
08:45:47.0574 2328 kmixer - ok
08:45:47.0605 2328 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
08:45:47.0605 2328 KSecDD - ok
08:45:47.0652 2328 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
08:45:47.0652 2328 LanmanServer - ok
08:45:47.0683 2328 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
08:45:47.0699 2328 lanmanworkstation - ok
08:45:47.0699 2328 lbrtfdc - ok
08:45:47.0746 2328 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
08:45:47.0746 2328 LmHosts - ok
08:45:47.0808 2328 [ DABCB3AD9B60BFDA876CB4F6081E822F ] LMIGuardianSvc C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
08:45:47.0824 2328 LMIGuardianSvc - ok
08:45:47.0824 2328 [ 26E3BEC8F2F0CFAF9FFE4C7AEF1BC049 ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys
08:45:47.0824 2328 LMIInfo - ok
08:45:47.0839 2328 [ AB73A7C8594ABE0A7418626F0E742F40 ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe
08:45:47.0839 2328 LMIMaint - ok
08:45:47.0855 2328 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys
08:45:47.0855 2328 lmimirr - ok
08:45:47.0855 2328 LMIRfsClientNP - ok
08:45:47.0871 2328 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
08:45:47.0871 2328 LMIRfsDriver - ok
08:45:47.0886 2328 [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe
08:45:47.0902 2328 LogMeIn - ok
08:45:47.0902 2328 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
08:45:47.0902 2328 mdmxsdk - ok
08:45:47.0933 2328 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
08:45:47.0933 2328 Messenger - ok
08:45:47.0996 2328 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
08:45:47.0996 2328 Microsoft Office Groove Audit Service - ok
08:45:48.0027 2328 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
08:45:48.0027 2328 mnmdd - ok
08:45:48.0058 2328 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
08:45:48.0058 2328 mnmsrvc - ok
08:45:48.0074 2328 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
08:45:48.0074 2328 Modem - ok
08:45:48.0105 2328 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
08:45:48.0105 2328 MODEMCSA - ok
08:45:48.0121 2328 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:45:48.0121 2328 Mouclass - ok
08:45:48.0136 2328 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:45:48.0136 2328 mouhid - ok
08:45:48.0152 2328 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
08:45:48.0152 2328 MountMgr - ok
08:45:48.0167 2328 mraid35x - ok
08:45:48.0183 2328 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:45:48.0183 2328 MRxDAV - ok
08:45:48.0230 2328 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:45:48.0230 2328 MRxSmb - ok
08:45:48.0277 2328 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
08:45:48.0277 2328 MSDTC - ok
08:45:48.0324 2328 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
08:45:48.0324 2328 Msfs - ok
08:45:48.0324 2328 MSIServer - ok
08:45:48.0355 2328 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:45:48.0355 2328 MSKSSRV - ok
08:45:48.0371 2328 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:45:48.0371 2328 MSPCLOCK - ok
08:45:48.0371 2328 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
08:45:48.0371 2328 MSPQM - ok
08:45:48.0433 2328 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:45:48.0433 2328 mssmbios - ok
08:45:48.0449 2328 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
08:45:48.0449 2328 Mup - ok
08:45:48.0496 2328 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
08:45:48.0527 2328 napagent - ok
08:45:48.0542 2328 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
08:45:48.0542 2328 NDIS - ok
08:45:48.0574 2328 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:45:48.0574 2328 NdisTapi - ok
08:45:48.0621 2328 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:45:48.0621 2328 Ndisuio - ok
08:45:48.0636 2328 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:45:48.0636 2328 NdisWan - ok
08:45:48.0667 2328 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
08:45:48.0667 2328 NDProxy - ok
08:45:48.0714 2328 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
08:45:48.0714 2328 Net Driver HPZ12 - ok
08:45:48.0714 2328 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
08:45:48.0714 2328 NetBIOS - ok
08:45:48.0746 2328 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
08:45:48.0746 2328 NetBT - ok
08:45:48.0777 2328 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
08:45:48.0792 2328 NetDDE - ok
08:45:48.0792 2328 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
08:45:48.0792 2328 NetDDEdsdm - ok
08:45:48.0808 2328 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
08:45:48.0808 2328 Netlogon - ok
08:45:48.0839 2328 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
08:45:48.0839 2328 Netman - ok
08:45:48.0871 2328 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:45:48.0871 2328 NetTcpPortSharing - ok
08:45:48.0902 2328 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
08:45:48.0902 2328 Nla - ok
08:45:48.0917 2328 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
08:45:48.0917 2328 Npfs - ok
08:45:48.0933 2328 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
08:45:48.0949 2328 Ntfs - ok
08:45:48.0949 2328 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
08:45:48.0964 2328 NtLmSsp - ok
08:45:48.0996 2328 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
08:45:49.0011 2328 NtmsSvc - ok
08:45:49.0027 2328 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
08:45:49.0027 2328 Null - ok
08:45:49.0074 2328 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:45:49.0074 2328 NwlnkFlt - ok
08:45:49.0074 2328 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:45:49.0074 2328 NwlnkFwd - ok
08:45:49.0199 2328 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:45:49.0199 2328 odserv - ok
08:45:49.0261 2328 [ 3825F59AE3277880D04A620CCA8CF3EA ] OpenVPNService C:\Program Files\OpenVPN\bin\openvpnserv.exe
08:45:49.0261 2328 OpenVPNService - ok
08:45:49.0292 2328 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:45:49.0292 2328 ose - ok
08:45:49.0308 2328 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
08:45:49.0308 2328 Parport - ok
08:45:49.0324 2328 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
08:45:49.0324 2328 PartMgr - ok
08:45:49.0355 2328 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
08:45:49.0355 2328 ParVdm - ok
08:45:49.0371 2328 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
08:45:49.0371 2328 PCI - ok
08:45:49.0386 2328 PCIDump - ok
08:45:49.0386 2328 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys
08:45:49.0386 2328 PCIIde - ok
08:45:49.0417 2328 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
08:45:49.0433 2328 Pcmcia - ok
08:45:49.0433 2328 PDCOMP - ok
08:45:49.0433 2328 PDFRAME - ok
08:45:49.0449 2328 PDRELI - ok
08:45:49.0449 2328 PDRFRAME - ok
08:45:49.0464 2328 perc2 - ok
08:45:49.0464 2328 perc2hib - ok
08:45:49.0496 2328 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
08:45:49.0496 2328 PlugPlay - ok
08:45:49.0527 2328 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
08:45:49.0527 2328 Pml Driver HPZ12 - ok
08:45:49.0542 2328 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
08:45:49.0542 2328 PolicyAgent - ok
08:45:49.0558 2328 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:45:49.0558 2328 PptpMiniport - ok
08:45:49.0558 2328 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
08:45:49.0574 2328 ProtectedStorage - ok
08:45:49.0574 2328 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
08:45:49.0574 2328 PSched - ok
08:45:49.0574 2328 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:45:49.0589 2328 Ptilink - ok
08:45:49.0683 2328 [ 2631FC0676CC310B2E85FDE46B1560D9 ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
08:45:49.0683 2328 QBCFMonitorService - ok
08:45:49.0714 2328 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
08:45:49.0714 2328 QBFCService - ok
08:45:49.0730 2328 ql1080 - ok
08:45:49.0730 2328 Ql10wnt - ok
08:45:49.0746 2328 ql12160 - ok
08:45:49.0746 2328 ql1240 - ok
08:45:49.0746 2328 ql1280 - ok
08:45:49.0777 2328 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:45:49.0777 2328 RasAcd - ok
08:45:49.0808 2328 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
08:45:49.0808 2328 RasAuto - ok
08:45:49.0839 2328 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:45:49.0839 2328 Rasl2tp - ok
08:45:49.0855 2328 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
08:45:49.0871 2328 RasMan - ok
08:45:49.0871 2328 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:45:49.0871 2328 RasPppoe - ok
08:45:49.0871 2328 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
08:45:49.0886 2328 Raspti - ok
08:45:49.0902 2328 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:45:49.0902 2328 Rdbss - ok
08:45:49.0902 2328 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:45:49.0902 2328 RDPCDD - ok
08:45:49.0949 2328 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:45:49.0949 2328 rdpdr - ok
08:45:49.0996 2328 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
08:45:49.0996 2328 RDPWD - ok
08:45:50.0042 2328 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
08:45:50.0042 2328 RDSessMgr - ok
08:45:50.0042 2328 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
08:45:50.0058 2328 redbook - ok
08:45:50.0074 2328 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
08:45:50.0074 2328 RemoteAccess - ok
08:45:50.0089 2328 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
08:45:50.0105 2328 RemoteRegistry - ok
08:45:50.0136 2328 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
08:45:50.0136 2328 RpcLocator - ok
08:45:50.0167 2328 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
08:45:50.0167 2328 RpcSs - ok
08:45:50.0183 2328 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
08:45:50.0199 2328 RSVP - ok
08:45:50.0214 2328 [ B4A166449464A4BF4A8BA0CCC0C00E16 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
08:45:50.0230 2328 RTL8023xp - ok
08:45:50.0230 2328 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
08:45:50.0246 2328 SamSs - ok
08:45:50.0261 2328 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
08:45:50.0261 2328 SCardSvr - ok
08:45:50.0292 2328 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
08:45:50.0292 2328 Schedule - ok
08:45:50.0324 2328 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:45:50.0324 2328 Secdrv - ok
08:45:50.0339 2328 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
08:45:50.0339 2328 seclogon - ok
08:45:50.0371 2328 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
08:45:50.0371 2328 SENS - ok
08:45:50.0386 2328 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
08:45:50.0386 2328 Serial - ok
08:45:50.0402 2328 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
08:45:50.0402 2328 Sfloppy - ok
08:45:50.0433 2328 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
08:45:50.0433 2328 SharedAccess - ok
08:45:50.0464 2328 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
08:45:50.0464 2328 ShellHWDetection - ok
08:45:50.0480 2328 Simbad - ok
08:45:50.0480 2328 Sparrow - ok
08:45:50.0527 2328 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
08:45:50.0527 2328 splitter - ok
08:45:50.0558 2328 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
08:45:50.0574 2328 Spooler - ok
08:45:50.0605 2328 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
08:45:50.0605 2328 sr - ok
08:45:50.0621 2328 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
08:45:50.0636 2328 srservice - ok
08:45:50.0667 2328 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
08:45:50.0683 2328 Srv - ok
08:45:50.0714 2328 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
08:45:50.0714 2328 SSDPSRV - ok
08:45:50.0777 2328 [ 2A2DC39623ADEF8AB3703AB9FAC4B440 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
08:45:50.0792 2328 STHDA - ok
08:45:50.0824 2328 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
08:45:50.0839 2328 stisvc - ok
08:45:50.0855 2328 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
08:45:50.0855 2328 swenum - ok
08:45:50.0855 2328 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
08:45:50.0871 2328 swmidi - ok
08:45:50.0871 2328 SwPrv - ok
08:45:50.0871 2328 symc810 - ok
08:45:50.0886 2328 symc8xx - ok
08:45:50.0886 2328 sym_hi - ok
08:45:50.0902 2328 sym_u3 - ok
08:45:50.0902 2328 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
08:45:50.0902 2328 sysaudio - ok
08:45:50.0917 2328 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
08:45:50.0949 2328 SysmonLog - ok
08:45:50.0949 2328 [ 8CF6E2AE1707D82E904ECCA68CEF8B87 ] tap0901 C:\WINDOWS\system32\DRIVERS\tap0901.sys
08:45:50.0949 2328 tap0901 - ok
08:45:50.0980 2328 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
08:45:50.0980 2328 TapiSrv - ok
08:45:51.0027 2328 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:45:51.0042 2328 Tcpip - ok
08:45:51.0074 2328 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
08:45:51.0074 2328 TDPIPE - ok
08:45:51.0074 2328 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
08:45:51.0089 2328 TDTCP - ok
08:45:51.0121 2328 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
08:45:51.0121 2328 TermDD - ok
08:45:51.0136 2328 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
08:45:51.0136 2328 TermService - ok
08:45:51.0167 2328 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
08:45:51.0167 2328 Themes - ok
08:45:51.0199 2328 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
08:45:51.0199 2328 TlntSvr - ok
08:45:51.0214 2328 TosIde - ok
08:45:51.0230 2328 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
08:45:51.0246 2328 TrkWks - ok
08:45:51.0261 2328 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
08:45:51.0261 2328 Udfs - ok
08:45:51.0277 2328 ultra - ok
08:45:51.0308 2328 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
08:45:51.0324 2328 Update - ok
08:45:51.0339 2328 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
08:45:51.0339 2328 upnphost - ok
08:45:51.0371 2328 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
08:45:51.0371 2328 UPS - ok
08:45:51.0371 2328 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:45:51.0386 2328 usbccgp - ok
08:45:51.0386 2328 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:45:51.0386 2328 usbehci - ok
08:45:51.0402 2328 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:45:51.0402 2328 usbhub - ok
08:45:51.0433 2328 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:45:51.0433 2328 usbscan - ok
08:45:51.0464 2328 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:45:51.0496 2328 USBSTOR - ok
08:45:51.0511 2328 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:45:51.0527 2328 usbuhci - ok
08:45:51.0527 2328 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
08:45:51.0527 2328 VgaSave - ok
08:45:51.0527 2328 ViaIde - ok
08:45:51.0558 2328 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
08:45:51.0558 2328 VolSnap - ok
08:45:51.0605 2328 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
08:45:51.0621 2328 VSS - ok
08:45:51.0714 2328 [ DCE9CC4129E1DAC6AAE25C6050E20A16 ] vToolbarUpdater15.5.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
08:45:51.0730 2328 vToolbarUpdater15.5.0 - ok
08:45:51.0777 2328 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
08:45:51.0777 2328 W32Time - ok
08:45:51.0792 2328 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:45:51.0792 2328 Wanarp - ok
08:45:51.0808 2328 WDICA - ok
08:45:51.0824 2328 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
08:45:51.0824 2328 wdmaud - ok
08:45:51.0824 2328 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
08:45:51.0839 2328 WebClient - ok
08:45:51.0886 2328 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
08:45:51.0886 2328 winachsf - ok
08:45:51.0964 2328 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
08:45:51.0964 2328 winmgmt - ok
08:45:52.0011 2328 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
08:45:52.0011 2328 WmdmPmSN - ok
08:45:52.0042 2328 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
08:45:52.0058 2328 Wmi - ok
08:45:52.0105 2328 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:45:52.0105 2328 WmiApSrv - ok
08:45:52.0152 2328 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
08:45:52.0152 2328 wscsvc - ok
08:45:52.0183 2328 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
08:45:52.0183 2328 wuauserv - ok
08:45:52.0214 2328 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
08:45:52.0230 2328 WZCSVC - ok
08:45:52.0261 2328 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
08:45:52.0277 2328 xmlprov - ok
08:45:52.0277 2328 ================ Scan global ===============================
08:45:52.0308 2328 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
08:45:52.0355 2328 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
08:45:52.0371 2328 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
08:45:52.0386 2328 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
08:45:52.0386 2328 [Global] - ok
08:45:52.0386 2328 ================ Scan MBR ==================================
08:45:52.0402 2328 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
08:45:52.0589 2328 \Device\Harddisk0\DR0 - ok
08:45:52.0589 2328 ================ Scan VBR ==================================
08:45:52.0605 2328 [ A1D233B51A45ABC8DE89FFBA19F928B3 ] \Device\Harddisk0\DR0\Partition1
08:45:52.0605 2328 \Device\Harddisk0\DR0\Partition1 - ok
08:45:52.0605 2328 ============================================================
08:45:52.0605 2328 Scan finished
08:45:52.0605 2328 ============================================================
08:45:52.0621 2320 Detected object count: 0
08:45:52.0621 2320 Actual detected object count: 0
08:45:56.0105 2256 Deinitialize success
  • 0

#28
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
MBAM log

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.26.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Temp :: TEMP-6A27591C80 [administrator]

9/26/2013 1:05:12 PM
mbam-log-2013-09-26 (13-05-12).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 234755
Time elapsed: 7 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#29
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP
Were you able to get the time to sync? I found one website that says the time and date are critical:

http://www.ehow.com/...on-failure.html
  • 0

#30
gregahoffman

gregahoffman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 400 posts
got the time to sync but still will not validate. this all happened after running combofix.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP