Jump to content

sparkyinedinburgh

Members
 View Profile  See their activity

  • Posts

    14

  • Joined

  • Last visited

Reputation

0 Neutral
  1. sparkyinedinburgh
    Hi Maurice, RogueKiller seemed to return two reports: RogueKiller V8.0.2 [08/31/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Elizabeth Evans [Admin rights] Mode : Scan -- Date : 09/11/2012 17:36:42 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] 6a6868b07f34c5ea3c969a2f4f3e5cb4 [bSP] 987cf5983f07a295a06cf311d092e291 : Windows XP MBR Code Partition table: 0 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 63 | Size: 5120 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 10485846 | Size: 33034 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt And then the second one: RogueKiller V8.0.2 [08/31/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Elizabeth Evans [Admin rights] Mode : Remove -- Date : 09/11/2012 17:37:37 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] 6a6868b07f34c5ea3c969a2f4f3e5cb4 [bSP] 987cf5983f07a295a06cf311d092e291 : Windows XP MBR Code Partition table: 0 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 63 | Size: 5120 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 10485846 | Size: 33034 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[3].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt TDSS Killer Report: 17:52:01.0687 3376 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48 17:52:01.0843 3376 ============================================================ 17:52:01.0843 3376 Current date / time: 2012/09/11 17:52:01.0843 17:52:01.0843 3376 SystemInfo: 17:52:01.0843 3376 17:52:01.0843 3376 OS Version: 5.1.2600 ServicePack: 3.0 17:52:01.0843 3376 Product type: Workstation 17:52:01.0843 3376 ComputerName: BROWNS 17:52:01.0843 3376 UserName: Elizabeth Evans 17:52:01.0843 3376 Windows directory: C:\WINDOWS 17:52:01.0843 3376 System windows directory: C:\WINDOWS 17:52:01.0843 3376 Processor architecture: Intel x86 17:52:01.0843 3376 Number of processors: 1 17:52:01.0843 3376 Page size: 0x1000 17:52:01.0843 3376 Boot type: Normal boot 17:52:01.0843 3376 ============================================================ 17:52:03.0906 3376 Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 17:52:03.0921 3376 Drive \Device\Harddisk1\DR5 - Size: 0x77800000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 17:52:03.0921 3376 ============================================================ 17:52:03.0921 3376 \Device\Harddisk0\DR0: 17:52:03.0921 3376 MBR partitions: 17:52:03.0921 3376 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xA00056, BlocksNum 0x40852AA 17:52:03.0921 3376 \Device\Harddisk1\DR5: 17:52:03.0921 3376 MBR partitions: 17:52:03.0921 3376 \Device\Harddisk1\DR5\Partition1: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0x3BBFC0 17:52:03.0921 3376 ============================================================ 17:52:03.0968 3376 C: <-> \Device\Harddisk0\DR0\Partition1 17:52:03.0968 3376 ============================================================ 17:52:03.0968 3376 Initialize success 17:52:03.0968 3376 ============================================================ 17:52:13.0953 3416 ============================================================ 17:52:13.0968 3416 Scan started 17:52:13.0968 3416 Mode: Manual; 17:52:13.0968 3416 ============================================================ 17:52:14.0156 3416 ================ Scan system memory ======================== 17:52:14.0156 3416 System memory - ok 17:52:14.0156 3416 ================ Scan services ============================= 17:52:14.0328 3416 [ 0B27AE82C113D3687024D18459440426 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys 17:52:14.0328 3416 Aavmker4 - ok 17:52:14.0359 3416 Abiosdsk - ok 17:52:14.0390 3416 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 17:52:14.0390 3416 abp480n5 - ok 17:52:14.0453 3416 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 17:52:14.0453 3416 ACPI - ok 17:52:14.0531 3416 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 17:52:14.0531 3416 ACPIEC - ok 17:52:14.0562 3416 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys 17:52:14.0562 3416 adpu160m - ok 17:52:14.0640 3416 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 17:52:14.0656 3416 aec - ok 17:52:14.0718 3416 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 17:52:14.0734 3416 AFD - ok 17:52:14.0812 3416 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys 17:52:14.0812 3416 agp440 - ok 17:52:14.0843 3416 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 17:52:14.0843 3416 agpCPQ - ok 17:52:14.0890 3416 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys 17:52:14.0890 3416 Aha154x - ok 17:52:14.0921 3416 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys 17:52:14.0921 3416 aic78u2 - ok 17:52:14.0937 3416 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys 17:52:14.0953 3416 aic78xx - ok 17:52:15.0000 3416 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 17:52:15.0000 3416 Alerter - ok 17:52:15.0031 3416 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe 17:52:15.0046 3416 ALG - ok 17:52:15.0078 3416 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys 17:52:15.0078 3416 AliIde - ok 17:52:15.0109 3416 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys 17:52:15.0109 3416 alim1541 - ok 17:52:15.0156 3416 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys 17:52:15.0156 3416 amdagp - ok 17:52:15.0187 3416 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys 17:52:15.0187 3416 amsint - ok 17:52:15.0437 3416 [ EF74EEBB2D3DDC9F71C6D3CC8C7889C6 ] AOL ACS C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe 17:52:15.0453 3416 AOL ACS - ok 17:52:15.0484 3416 AppMgmt - ok 17:52:15.0546 3416 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys 17:52:15.0546 3416 asc - ok 17:52:15.0578 3416 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys 17:52:15.0578 3416 asc3350p - ok 17:52:15.0625 3416 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys 17:52:15.0625 3416 asc3550 - ok 17:52:15.0796 3416 [ D33C507942299753868204CC7642FA27 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 17:52:15.0796 3416 aspnet_state - ok 17:52:15.0859 3416 [ 1C1F3D6DDDC046C920C493A779649F66 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys 17:52:15.0875 3416 aswFsBlk - ok 17:52:15.0906 3416 [ 9E912FE7B41650701EF2B227ACA440F3 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys 17:52:15.0906 3416 aswMon2 - ok 17:52:15.0937 3416 [ 982E275D1C5801042FE94209FB0160FB ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys 17:52:15.0937 3416 AswRdr - ok 17:52:16.0000 3416 [ 73DBCF808E00580F2A47F93DD9B03876 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys 17:52:16.0015 3416 aswSnx - ok 17:52:16.0078 3416 [ 6CBD7D3A33F498D09C831CDD732DA2E0 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys 17:52:16.0078 3416 aswSP - ok 17:52:16.0109 3416 [ 7109A9AA551F37CD168C02368465957E ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys 17:52:16.0109 3416 aswTdi - ok 17:52:16.0187 3416 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 17:52:16.0187 3416 AsyncMac - ok 17:52:16.0265 3416 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 17:52:16.0265 3416 atapi - ok 17:52:16.0296 3416 Atdisk - ok 17:52:16.0375 3416 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 17:52:16.0375 3416 Atmarpc - ok 17:52:16.0453 3416 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 17:52:16.0453 3416 AudioSrv - ok 17:52:16.0484 3416 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 17:52:16.0484 3416 audstub - ok 17:52:16.0578 3416 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 17:52:16.0593 3416 avast! Antivirus - ok 17:52:16.0671 3416 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 17:52:16.0671 3416 Beep - ok 17:52:16.0765 3416 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll 17:52:16.0781 3416 BITS - ok 17:52:16.0875 3416 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll 17:52:16.0875 3416 Browser - ok 17:52:16.0906 3416 catchme - ok 17:52:16.0968 3416 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 17:52:16.0968 3416 cbidf - ok 17:52:17.0000 3416 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 17:52:17.0000 3416 cbidf2k - ok 17:52:17.0046 3416 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 17:52:17.0046 3416 cd20xrnt - ok 17:52:17.0125 3416 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 17:52:17.0125 3416 Cdaudio - ok 17:52:17.0203 3416 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 17:52:17.0203 3416 Cdfs - ok 17:52:17.0265 3416 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 17:52:17.0265 3416 Cdrom - ok 17:52:17.0296 3416 Changer - ok 17:52:17.0375 3416 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe 17:52:17.0375 3416 CiSvc - ok 17:52:17.0421 3416 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 17:52:17.0437 3416 ClipSrv - ok 17:52:17.0500 3416 [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 17:52:17.0500 3416 clr_optimization_v2.0.50727_32 - ok 17:52:17.0562 3416 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys 17:52:17.0562 3416 CmdIde - ok 17:52:17.0593 3416 COMSysApp - ok 17:52:17.0656 3416 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys 17:52:17.0656 3416 Cpqarray - ok 17:52:17.0734 3416 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 17:52:17.0734 3416 CryptSvc - ok 17:52:17.0765 3416 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 17:52:17.0765 3416 dac2w2k - ok 17:52:17.0796 3416 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys 17:52:17.0796 3416 dac960nt - ok 17:52:17.0875 3416 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 17:52:17.0890 3416 DcomLaunch - ok 17:52:17.0968 3416 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 17:52:17.0984 3416 Dhcp - ok 17:52:18.0046 3416 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 17:52:18.0046 3416 Disk - ok 17:52:18.0078 3416 dmadmin - ok 17:52:18.0187 3416 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 17:52:18.0203 3416 dmboot - ok 17:52:18.0281 3416 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys 17:52:18.0281 3416 dmio - ok 17:52:18.0343 3416 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 17:52:18.0359 3416 dmload - ok 17:52:18.0421 3416 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll 17:52:18.0437 3416 dmserver - ok 17:52:18.0500 3416 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 17:52:18.0500 3416 DMusic - ok 17:52:18.0562 3416 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 17:52:18.0578 3416 Dnscache - ok 17:52:18.0640 3416 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 17:52:18.0656 3416 Dot3svc - ok 17:52:18.0687 3416 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys 17:52:18.0687 3416 dpti2o - ok 17:52:18.0765 3416 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 17:52:18.0765 3416 drmkaud - ok 17:52:18.0828 3416 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll 17:52:18.0843 3416 EapHost - ok 17:52:18.0906 3416 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll 17:52:18.0906 3416 ERSvc - ok 17:52:18.0984 3416 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe 17:52:19.0000 3416 Eventlog - ok 17:52:19.0078 3416 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll 17:52:19.0078 3416 EventSystem - ok 17:52:19.0156 3416 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 17:52:19.0156 3416 Fastfat - ok 17:52:19.0234 3416 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 17:52:19.0250 3416 FastUserSwitchingCompatibility - ok 17:52:19.0312 3416 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 17:52:19.0312 3416 Fdc - ok 17:52:19.0390 3416 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 17:52:19.0390 3416 Fips - ok 17:52:19.0468 3416 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 17:52:19.0468 3416 Flpydisk - ok 17:52:19.0546 3416 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 17:52:19.0546 3416 FltMgr - ok 17:52:19.0578 3416 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 17:52:19.0578 3416 Fs_Rec - ok 17:52:19.0625 3416 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 17:52:19.0625 3416 Ftdisk - ok 17:52:19.0703 3416 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 17:52:19.0703 3416 Gpc - ok 17:52:19.0921 3416 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 17:52:19.0937 3416 gupdate - ok 17:52:19.0953 3416 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 17:52:19.0968 3416 gupdatem - ok 17:52:20.0031 3416 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 17:52:20.0031 3416 gusvc - ok 17:52:20.0140 3416 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 17:52:20.0140 3416 helpsvc - ok 17:52:20.0218 3416 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll 17:52:20.0234 3416 HidServ - ok 17:52:20.0296 3416 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 17:52:20.0296 3416 HidUsb - ok 17:52:20.0375 3416 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 17:52:20.0375 3416 hkmsvc - ok 17:52:20.0421 3416 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys 17:52:20.0421 3416 hpn - ok 17:52:20.0500 3416 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 17:52:20.0500 3416 HTTP - ok 17:52:20.0562 3416 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 17:52:20.0578 3416 HTTPFilter - ok 17:52:20.0640 3416 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys 17:52:20.0656 3416 i2omgmt - ok 17:52:20.0687 3416 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys 17:52:20.0703 3416 i2omp - ok 17:52:20.0734 3416 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 17:52:20.0734 3416 i8042prt - ok 17:52:20.0796 3416 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 17:52:20.0812 3416 Imapi - ok 17:52:20.0890 3416 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe 17:52:20.0906 3416 ImapiService - ok 17:52:20.0937 3416 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys 17:52:20.0953 3416 ini910u - ok 17:52:21.0000 3416 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 17:52:21.0000 3416 IntelIde - ok 17:52:21.0062 3416 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 17:52:21.0062 3416 intelppm - ok 17:52:21.0125 3416 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 17:52:21.0125 3416 Ip6Fw - ok 17:52:21.0187 3416 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 17:52:21.0187 3416 IpFilterDriver - ok 17:52:21.0234 3416 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 17:52:21.0250 3416 IpInIp - ok 17:52:21.0296 3416 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 17:52:21.0312 3416 IpNat - ok 17:52:21.0375 3416 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 17:52:21.0375 3416 IPSec - ok 17:52:21.0453 3416 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 17:52:21.0453 3416 IRENUM - ok 17:52:21.0531 3416 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 17:52:21.0531 3416 isapnp - ok 17:52:21.0593 3416 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 17:52:21.0609 3416 Kbdclass - ok 17:52:21.0656 3416 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 17:52:21.0656 3416 kbdhid - ok 17:52:21.0718 3416 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 17:52:21.0734 3416 kmixer - ok 17:52:21.0781 3416 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 17:52:21.0796 3416 KSecDD - ok 17:52:21.0859 3416 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 17:52:21.0875 3416 lanmanserver - ok 17:52:21.0953 3416 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 17:52:21.0968 3416 lanmanworkstation - ok 17:52:22.0000 3416 lbrtfdc - ok 17:52:22.0093 3416 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 17:52:22.0093 3416 LmHosts - ok 17:52:22.0156 3416 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys 17:52:22.0156 3416 MBAMSwissArmy - ok 17:52:22.0265 3416 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe 17:52:22.0281 3416 McComponentHostService - ok 17:52:22.0328 3416 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll 17:52:22.0343 3416 Messenger - ok 17:52:22.0406 3416 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 17:52:22.0406 3416 mnmdd - ok 17:52:22.0468 3416 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 17:52:22.0484 3416 mnmsrvc - ok 17:52:22.0562 3416 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 17:52:22.0562 3416 Modem - ok 17:52:22.0625 3416 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys 17:52:22.0640 3416 MODEMCSA - ok 17:52:22.0671 3416 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 17:52:22.0671 3416 Mouclass - ok 17:52:22.0718 3416 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 17:52:22.0718 3416 mouhid - ok 17:52:22.0765 3416 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 17:52:22.0765 3416 MountMgr - ok 17:52:22.0812 3416 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys 17:52:22.0812 3416 mraid35x - ok 17:52:22.0843 3416 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 17:52:22.0859 3416 MRxDAV - ok 17:52:22.0937 3416 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 17:52:22.0953 3416 MRxSmb - ok 17:52:23.0015 3416 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe 17:52:23.0031 3416 MSDTC - ok 17:52:23.0078 3416 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 17:52:23.0078 3416 Msfs - ok 17:52:23.0109 3416 MSIServer - ok 17:52:23.0140 3416 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 17:52:23.0156 3416 MSKSSRV - ok 17:52:23.0203 3416 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 17:52:23.0203 3416 MSPCLOCK - ok 17:52:23.0234 3416 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 17:52:23.0234 3416 MSPQM - ok 17:52:23.0312 3416 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 17:52:23.0312 3416 mssmbios - ok 17:52:23.0390 3416 [ 33F438BD66F2877BBB5567E49208A346 ] Mtlmnt5 C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys 17:52:23.0406 3416 Mtlmnt5 - ok 17:52:23.0531 3416 [ 4D98402AE75097E362CC8ED94079D94C ] Mtlstrm C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys 17:52:23.0562 3416 Mtlstrm - ok 17:52:23.0625 3416 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 17:52:23.0625 3416 Mup - ok 17:52:23.0703 3416 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll 17:52:23.0734 3416 napagent - ok 17:52:23.0781 3416 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 17:52:23.0781 3416 NDIS - ok 17:52:23.0843 3416 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 17:52:23.0859 3416 NdisTapi - ok 17:52:23.0921 3416 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 17:52:23.0921 3416 Ndisuio - ok 17:52:23.0968 3416 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 17:52:23.0968 3416 NdisWan - ok 17:52:24.0046 3416 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 17:52:24.0046 3416 NDProxy - ok 17:52:24.0125 3416 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 17:52:24.0125 3416 NetBIOS - ok 17:52:24.0171 3416 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 17:52:24.0171 3416 NetBT - ok 17:52:24.0234 3416 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe 17:52:24.0250 3416 NetDDE - ok 17:52:24.0281 3416 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 17:52:24.0296 3416 NetDDEdsdm - ok 17:52:24.0359 3416 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe 17:52:24.0375 3416 Netlogon - ok 17:52:24.0484 3416 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll 17:52:24.0500 3416 Netman - ok 17:52:24.0562 3416 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll 17:52:24.0578 3416 Nla - ok 17:52:24.0671 3416 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 17:52:24.0687 3416 Npfs - ok 17:52:24.0734 3416 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 17:52:24.0750 3416 Ntfs - ok 17:52:24.0781 3416 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 17:52:24.0812 3416 NtLmSsp - ok 17:52:24.0906 3416 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 17:52:24.0921 3416 NtmsSvc - ok 17:52:25.0000 3416 [ 6AF0557BBFFDDE15B985F2C1B82D43E0 ] NtMtlFax C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys 17:52:25.0000 3416 NtMtlFax - ok 17:52:25.0031 3416 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 17:52:25.0046 3416 Null - ok 17:52:25.0109 3416 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 17:52:25.0109 3416 NwlnkFlt - ok 17:52:25.0125 3416 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 17:52:25.0140 3416 NwlnkFwd - ok 17:52:25.0218 3416 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 17:52:25.0218 3416 ose - ok 17:52:25.0312 3416 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 17:52:25.0328 3416 Parport - ok 17:52:25.0390 3416 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 17:52:25.0390 3416 PartMgr - ok 17:52:25.0453 3416 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 17:52:25.0453 3416 ParVdm - ok 17:52:25.0500 3416 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 17:52:25.0500 3416 PCI - ok 17:52:25.0531 3416 PCIDump - ok 17:52:25.0562 3416 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 17:52:25.0562 3416 PCIIde - ok 17:52:25.0625 3416 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 17:52:25.0640 3416 Pcmcia - ok 17:52:25.0656 3416 PDCOMP - ok 17:52:25.0687 3416 PDFRAME - ok 17:52:25.0718 3416 PDRELI - ok 17:52:25.0750 3416 PDRFRAME - ok 17:52:25.0796 3416 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys 17:52:25.0812 3416 perc2 - ok 17:52:25.0843 3416 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys 17:52:25.0843 3416 perc2hib - ok 17:52:25.0937 3416 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe 17:52:25.0953 3416 PlugPlay - ok 17:52:25.0984 3416 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 17:52:26.0000 3416 PolicyAgent - ok 17:52:26.0046 3416 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 17:52:26.0062 3416 PptpMiniport - ok 17:52:26.0125 3416 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 17:52:26.0125 3416 Processor - ok 17:52:26.0156 3416 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 17:52:26.0156 3416 ProtectedStorage - ok 17:52:26.0218 3416 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 17:52:26.0218 3416 PSched - ok 17:52:26.0250 3416 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 17:52:26.0250 3416 Ptilink - ok 17:52:26.0328 3416 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys 17:52:26.0343 3416 ql1080 - ok 17:52:26.0390 3416 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 17:52:26.0390 3416 Ql10wnt - ok 17:52:26.0421 3416 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys 17:52:26.0437 3416 ql12160 - ok 17:52:26.0453 3416 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys 17:52:26.0468 3416 ql1240 - ok 17:52:26.0500 3416 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys 17:52:26.0500 3416 ql1280 - ok 17:52:26.0546 3416 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 17:52:26.0546 3416 RasAcd - ok 17:52:26.0609 3416 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll 17:52:26.0625 3416 RasAuto - ok 17:52:26.0687 3416 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 17:52:26.0703 3416 Rasl2tp - ok 17:52:26.0765 3416 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll 17:52:26.0796 3416 RasMan - ok 17:52:26.0828 3416 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 17:52:26.0828 3416 RasPppoe - ok 17:52:26.0875 3416 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 17:52:26.0875 3416 Raspti - ok 17:52:26.0921 3416 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 17:52:26.0921 3416 Rdbss - ok 17:52:26.0953 3416 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 17:52:26.0968 3416 RDPCDD - ok 17:52:27.0015 3416 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 17:52:27.0031 3416 rdpdr - ok 17:52:27.0109 3416 [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 17:52:27.0125 3416 RDPWD - ok 17:52:27.0187 3416 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 17:52:27.0203 3416 RDSessMgr - ok 17:52:27.0265 3416 [ E9AAA0092D74A9D371659C4C38882E12 ] RecAgent C:\WINDOWS\system32\DRIVERS\RecAgent.sys 17:52:27.0265 3416 RecAgent - ok 17:52:27.0343 3416 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 17:52:27.0343 3416 redbook - ok 17:52:27.0421 3416 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 17:52:27.0421 3416 RemoteAccess - ok 17:52:27.0484 3416 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe 17:52:27.0500 3416 RpcLocator - ok 17:52:27.0562 3416 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll 17:52:27.0593 3416 RpcSs - ok 17:52:27.0656 3416 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe 17:52:27.0671 3416 RSVP - ok 17:52:27.0734 3416 [ D0AC0B0355A3FFB85EB77B083CD0627C ] rtl8139 C:\WINDOWS\system32\DRIVERS\R8139n51.SYS 17:52:27.0750 3416 rtl8139 - ok 17:52:27.0781 3416 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe 17:52:27.0781 3416 SamSs - ok 17:52:27.0843 3416 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 17:52:27.0859 3416 SCardSvr - ok 17:52:27.0937 3416 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll 17:52:27.0953 3416 Schedule - ok 17:52:28.0031 3416 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 17:52:28.0031 3416 Secdrv - ok 17:52:28.0093 3416 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll 17:52:28.0109 3416 seclogon - ok 17:52:28.0187 3416 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll 17:52:28.0187 3416 SENS - ok 17:52:28.0265 3416 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 17:52:28.0265 3416 Serenum - ok 17:52:28.0296 3416 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 17:52:28.0296 3416 Serial - ok 17:52:28.0328 3416 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 17:52:28.0343 3416 Sfloppy - ok 17:52:28.0421 3416 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 17:52:28.0437 3416 SharedAccess - ok 17:52:28.0484 3416 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 17:52:28.0500 3416 ShellHWDetection - ok 17:52:28.0531 3416 Simbad - ok 17:52:28.0578 3416 [ BC9BA034D6019D7C41DC92BDDF454C75 ] SiS315 C:\WINDOWS\system32\DRIVERS\sisgrp.sys 17:52:28.0593 3416 SiS315 - ok 17:52:28.0656 3416 [ 923D23638C616EECB0D811461161D0B8 ] sisagp C:\WINDOWS\system32\DRIVERS\SISAGPX.sys 17:52:28.0671 3416 sisagp - ok 17:52:28.0718 3416 [ 7DC37953A6BAF159B5A017323D51FADF ] SiSkp C:\WINDOWS\system32\DRIVERS\srvkp.sys 17:52:28.0718 3416 SiSkp - ok 17:52:28.0781 3416 [ 769D8F1C7BBDB5C0C1EB157575DAD0BA ] Slntamr C:\WINDOWS\system32\DRIVERS\slntamr.sys 17:52:28.0796 3416 Slntamr - ok 17:52:28.0859 3416 [ EDD0BCB2B8548A95B2633C249BFAEEC7 ] SlNtHal C:\WINDOWS\system32\DRIVERS\Slnthal.sys 17:52:28.0859 3416 SlNtHal - ok 17:52:28.0890 3416 SLService - ok 17:52:28.0937 3416 [ 3B4A3B282F62FE5D75127D22B26909ED ] SlWdmSup C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys 17:52:28.0937 3416 SlWdmSup - ok 17:52:29.0000 3416 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys 17:52:29.0015 3416 Sparrow - ok 17:52:29.0062 3416 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 17:52:29.0078 3416 splitter - ok 17:52:29.0140 3416 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 17:52:29.0156 3416 Spooler - ok 17:52:29.0203 3416 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 17:52:29.0203 3416 sr - ok 17:52:29.0281 3416 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll 17:52:29.0312 3416 srservice - ok 17:52:29.0390 3416 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 17:52:29.0406 3416 Srv - ok 17:52:29.0437 3416 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 17:52:29.0468 3416 SSDPSRV - ok 17:52:29.0531 3416 [ 8E84DC1619B02E57E6F0514718C6343D ] STAC97 C:\WINDOWS\system32\drivers\STAC97.sys 17:52:29.0546 3416 STAC97 - ok 17:52:29.0609 3416 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll 17:52:29.0640 3416 stisvc - ok 17:52:29.0703 3416 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 17:52:29.0718 3416 swenum - ok 17:52:29.0750 3416 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 17:52:29.0765 3416 swmidi - ok 17:52:29.0781 3416 SwPrv - ok 17:52:29.0843 3416 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys 17:52:29.0843 3416 symc810 - ok 17:52:29.0875 3416 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys 17:52:29.0875 3416 symc8xx - ok 17:52:29.0906 3416 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys 17:52:29.0906 3416 sym_hi - ok 17:52:29.0937 3416 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys 17:52:29.0937 3416 sym_u3 - ok 17:52:29.0984 3416 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 17:52:29.0984 3416 sysaudio - ok 17:52:30.0046 3416 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 17:52:30.0062 3416 SysmonLog - ok 17:52:30.0125 3416 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 17:52:30.0140 3416 TapiSrv - ok 17:52:30.0234 3416 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 17:52:30.0250 3416 Tcpip - ok 17:52:30.0296 3416 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 17:52:30.0312 3416 TDPIPE - ok 17:52:30.0359 3416 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 17:52:30.0359 3416 TDTCP - ok 17:52:30.0406 3416 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 17:52:30.0406 3416 TermDD - ok 17:52:30.0500 3416 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll 17:52:30.0515 3416 TermService - ok 17:52:30.0562 3416 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll 17:52:30.0593 3416 Themes - ok 17:52:30.0625 3416 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys 17:52:30.0640 3416 TosIde - ok 17:52:30.0703 3416 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll 17:52:30.0718 3416 TrkWks - ok 17:52:30.0796 3416 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 17:52:30.0796 3416 Udfs - ok 17:52:30.0828 3416 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys 17:52:30.0828 3416 ultra - ok 17:52:30.0921 3416 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 17:52:30.0921 3416 Update - ok 17:52:30.0984 3416 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll 17:52:31.0015 3416 upnphost - ok 17:52:31.0062 3416 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe 17:52:31.0078 3416 UPS - ok 17:52:31.0156 3416 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 17:52:31.0156 3416 usbccgp - ok 17:52:31.0187 3416 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 17:52:31.0187 3416 usbehci - ok 17:52:31.0218 3416 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 17:52:31.0218 3416 usbhub - ok 17:52:31.0250 3416 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys 17:52:31.0265 3416 usbohci - ok 17:52:31.0328 3416 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 17:52:31.0328 3416 usbprint - ok 17:52:31.0390 3416 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 17:52:31.0390 3416 usbscan - ok 17:52:31.0453 3416 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 17:52:31.0453 3416 USBSTOR - ok 17:52:31.0484 3416 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 17:52:31.0484 3416 VgaSave - ok 17:52:31.0546 3416 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys 17:52:31.0546 3416 viaagp - ok 17:52:31.0593 3416 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys 17:52:31.0609 3416 ViaIde - ok 17:52:31.0640 3416 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 17:52:31.0640 3416 VolSnap - ok 17:52:31.0703 3416 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe 17:52:31.0734 3416 VSS - ok 17:52:31.0875 3416 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll 17:52:31.0890 3416 W32Time - ok 17:52:31.0953 3416 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 17:52:31.0953 3416 Wanarp - ok 17:52:32.0015 3416 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys 17:52:32.0015 3416 wanatw - ok 17:52:32.0062 3416 WDICA - ok 17:52:32.0125 3416 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 17:52:32.0140 3416 wdmaud - ok 17:52:32.0218 3416 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll 17:52:32.0234 3416 WebClient - ok 17:52:32.0359 3416 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 17:52:32.0375 3416 winmgmt - ok 17:52:32.0468 3416 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll 17:52:32.0484 3416 WmdmPmSN - ok 17:52:32.0578 3416 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 17:52:32.0593 3416 WmiApSrv - ok 17:52:32.0640 3416 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 17:52:32.0640 3416 WS2IFSL - ok 17:52:32.0718 3416 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll 17:52:32.0734 3416 wscsvc - ok 17:52:32.0796 3416 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 17:52:32.0828 3416 wuauserv - ok 17:52:32.0890 3416 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 17:52:32.0906 3416 WudfPf - ok 17:52:32.0968 3416 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 17:52:32.0984 3416 WudfSvc - ok 17:52:33.0062 3416 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 17:52:33.0109 3416 WZCSVC - ok 17:52:33.0171 3416 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 17:52:33.0203 3416 xmlprov - ok 17:52:33.0218 3416 ================ Scan global =============================== 17:52:33.0281 3416 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll 17:52:33.0359 3416 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 17:52:33.0406 3416 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 17:52:33.0453 3416 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe 17:52:33.0468 3416 [Global] - ok 17:52:33.0484 3416 ================ Scan MBR ================================== 17:52:33.0515 3416 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 17:52:33.0718 3416 \Device\Harddisk0\DR0 - ok 17:52:33.0734 3416 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR5 17:52:37.0093 3416 \Device\Harddisk1\DR5 - ok 17:52:37.0093 3416 ================ Scan VBR ================================== 17:52:37.0109 3416 [ 183E33DFA4F8FF6A61C483989D452B67 ] \Device\Harddisk0\DR0\Partition1 17:52:37.0109 3416 \Device\Harddisk0\DR0\Partition1 - ok 17:52:37.0125 3416 [ E80FA87105544567DC7FE19464C65C09 ] \Device\Harddisk1\DR5\Partition1 17:52:37.0125 3416 \Device\Harddisk1\DR5\Partition1 - ok 17:52:37.0140 3416 ============================================================ 17:52:37.0140 3416 Scan finished 17:52:37.0140 3416 ============================================================ 17:52:37.0171 3408 Detected object count: 0 17:52:37.0171 3408 Actual detected object count: 0 RSIT failed to run again, returning the same error as before
  2. sparkyinedinburgh
    Hi Maurice, I'm on holiday until next Tuesday but will have a go at this then. Not sure if there is the option to run as administrator when you right click. I think it only lets you choose from the two user accounts. I think I can start in safe mode and then log in as administrator, would this be the best thing to do? Cheers Mark
  3. sparkyinedinburgh
    Hi Maurice, RKill ran ok ERUNT ran ok Managed to unhide everything ok RSIT failed to run, image of error screen attached Security Check failed to run, image of error screen attached iExplorer, no Run in start menu, tried it via CTRL-ALT-DEL and new task (which I believe should work?) but that returned a cannot find iexplore.exe Tigzys Roguekiller ran info below RogueKiller V8.0.2 [08/31/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Elizabeth Evans [Admin rights] Mode : Scan -- Date : 09/05/2012 17:54:39 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] 6a6868b07f34c5ea3c969a2f4f3e5cb4 [bSP] 987cf5983f07a295a06cf311d092e291 : Windows XP MBR Code Partition table: 0 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 63 | Size: 5120 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 10485846 | Size: 33034 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt
  4. sparkyinedinburgh
    Hi Maurice, Apologies for the delay. I can't get Internet explorer or Chrome (the two installed browsers) to run. Chrome completely refuses and IE started and then tried to load start.funmoods.com/?f=........... before crashing. I tried setting the home page to blank but this made no difference. Can you please advise? Cheers Mark
  5. sparkyinedinburgh
    Hi Maurice, I'll give this a go on Monday and reply with the scan log. Kind regards Mark
  6. sparkyinedinburgh
    Hi Maurice and MrC, I can't run the programs in the way that Maurice has suggested as the All Programs in the Start Menu remains blank. I've gone to the Program Files > Malwarebytes > Chameleon folder and run each program in turn however each one returns the same run time error as before "0" and then "440" when trying to update and then again when trying to run Malwarebytes. The only difference in running each was that mbam-killer wouldn't run. It stalled right at the start with a blank command prompt, not sure if that is relevant. Kind Regards Mark
  7. sparkyinedinburgh
    Hi MrC, Did as you suggested, got the 3 success messages but unfortunately Malwarebytes still doesn't run.
  8. sparkyinedinburgh
    Hi MrC, I couldn't uninstall via add / remove programs as the list was empty. I ran the mbam-clean program to uninstall and then installed the latest version however this also returns the same vbAccelerator SGrid II Control - Runtime error '0' followed by Malwarebytes Runtime error '440' Automation error. Kind Regards Mark
  9. sparkyinedinburgh
    Hi MrC, Still no change. No programs available in start menu and Malwarebytes wont run. Combofix log attached. Kind regards Mark ComboFix.txt
  10. sparkyinedinburgh
    Please find the log attached log.txt
  11. sparkyinedinburgh
    Hi MrC, Nothing detected again. I've attached the output file. Kind Regards Mark TDSSKiller.2.8.6.0_21.08.2012_16.43.00_log.txt
  12. sparkyinedinburgh
    Hi MrC, It appears that the text file was corrupted when I transferred it. Please find the original copy attached. Thanks for your time on this. Kind Regards Mark RKreport.txt
  13. sparkyinedinburgh
    Hi MrC, I've carried out your instructions. I tried all the different methods to return the programs to All Programs but the menu still wont show any programs. Please find the RogueKiller report attached. RKreport1.txt
  14. sparkyinedinburgh
    Hi all, I'm trying to fix a PC running XP SP3 for a friend. It appears that they downloaded some malware in error by clicking on a link while trying to download open office. Funmoods was one thing that was installed that they then removed using Add / Remove Programs. Since then the contents of the Start Menu have disappeared (presumably hidden) and Malwarebytes also wont run. I tried installing AVG & Sophos but get an error saying that the Windows installer is unavailable. I installed Avast, it found one infected file on a full scan but didnt solve the issue, I also tried the Boot time scan. I've tried Rkill to try and get Malwarebytes to run but no luck with that either. I've also tried the Chameleon versions of Malwarebytes but all versions return a vbAccelerator SGrid II Control - Runtime error '0' followed by Malwarebytes Runtime error '440' Automation error I've attached the dds output files as requested. I'm out of ideas so any help would be really appreciated. attach.txt dds.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.