Jump to content

Whichie

Honorary Members
 View Profile  See their activity

  • Posts

    35

  • Joined

  • Last visited

 Content Type 

Everything posted by Whichie

  1. Whichie
    Gringo, Whichie 21:03:16.0654 4008 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 21:03:18.0089 4008 ============================================================ 21:03:18.0089 4008 Current date / time: 2012/11/07 21:03:18.0089 21:03:18.0089 4008 SystemInfo: 21:03:18.0089 4008 21:03:18.0089 4008 OS Version: 6.0.6002 ServicePack: 2.0 21:03:18.0089 4008 Product type: Workstation 21:03:18.0089 4008 ComputerName: HOLY-PC 21:03:18.0089 4008 UserName: holy 21:03:18.0089 4008 Windows directory: C:\Windows 21:03:18.0089 4008 System windows directory: C:\Windows 21:03:18.0089 4008 Processor architecture: Intel x86 21:03:18.0089 4008 Number of processors: 1 21:03:18.0089 4008 Page size: 0x1000 21:03:18.0089 4008 Boot type: Normal boot 21:03:18.0089 4008 ============================================================ 21:03:18.0698 4008 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type &#39;K0&#39;, Flags 0x00000050 21:03:18.0713 4008 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type &#39;K0&#39;, Flags 0x00000050 21:03:18.0713 4008 ============================================================ 21:03:18.0713 4008 \Device\Harddisk0\DR0: 21:03:18.0713 4008 MBR partitions: 21:03:18.0713 4008 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xD40E092 21:03:18.0713 4008 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xD40E0D1, BlocksNum 0xB856F0 21:03:18.0713 4008 \Device\Harddisk1\DR1: 21:03:18.0713 4008 MBR partitions: 21:03:18.0713 4008 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927 21:03:18.0713 4008 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1C641000, BlocksNum 0xB83800 21:03:18.0713 4008 ============================================================ 21:03:18.0729 4008 C: <-> \Device\Harddisk0\DR0\Partition1 21:03:18.0776 4008 D: <-> \Device\Harddisk0\DR0\Partition2 21:03:18.0791 4008 F: <-> \Device\Harddisk1\DR1\Partition1 21:03:18.0823 4008 G: <-> \Device\Harddisk1\DR1\Partition2 21:03:18.0823 4008 ============================================================ 21:03:18.0823 4008 Initialize success 21:03:18.0823 4008 ============================================================ 21:03:35.0671 2480 ============================================================ 21:03:35.0671 2480 Scan started 21:03:35.0671 2480 Mode: Manual; 21:03:35.0671 2480 ============================================================ 21:03:36.0809 2480 ================ Scan system memory ======================== 21:03:36.0809 2480 System memory - ok 21:03:36.0809 2480 ================ Scan services ============================= 21:03:36.0981 2480 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe 21:03:37.0028 2480 ABBYY.Licensing.FineReader.Sprint.9.0 - ok 21:03:37.0153 2480 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys 21:03:37.0168 2480 ACPI - ok 21:03:37.0231 2480 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 21:03:37.0262 2480 adp94xx - ok 21:03:37.0309 2480 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys 21:03:37.0340 2480 adpahci - ok 21:03:37.0371 2480 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 21:03:37.0387 2480 adpu160m - ok 21:03:37.0418 2480 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys 21:03:37.0465 2480 adpu320 - ok 21:03:37.0543 2480 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:03:37.0574 2480 AeLookupSvc - ok 21:03:37.0652 2480 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys 21:03:37.0699 2480 AFD - ok 21:03:37.0745 2480 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys 21:03:37.0777 2480 agp440 - ok 21:03:37.0839 2480 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 21:03:37.0855 2480 aic78xx - ok 21:03:37.0886 2480 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 21:03:37.0948 2480 ALG - ok 21:03:37.0979 2480 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys 21:03:37.0995 2480 aliide - ok 21:03:38.0057 2480 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys 21:03:38.0104 2480 amdagp - ok 21:03:38.0151 2480 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys 21:03:38.0167 2480 amdide - ok 21:03:38.0229 2480 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 21:03:38.0260 2480 AmdK7 - ok 21:03:38.0291 2480 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 21:03:38.0323 2480 AmdK8 - ok 21:03:38.0369 2480 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 21:03:38.0369 2480 Appinfo - ok 21:03:38.0432 2480 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys 21:03:38.0447 2480 arc - ok 21:03:38.0479 2480 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys 21:03:38.0494 2480 arcsas - ok 21:03:38.0541 2480 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:03:38.0557 2480 AsyncMac - ok 21:03:38.0603 2480 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys 21:03:38.0603 2480 atapi - ok 21:03:38.0759 2480 [ 46BFAE60C542585770D1EE3C4CBE57DC ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe 21:03:38.0806 2480 Ati External Event Utility - ok 21:03:39.0009 2480 [ 641449667853591A5A12CD9D0621FBA5 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 21:03:39.0134 2480 atikmdag - ok 21:03:39.0181 2480 [ A356E45E8432432C06981EA63A1E0FE8 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys 21:03:39.0212 2480 AtiPcie - ok 21:03:39.0415 2480 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:03:39.0539 2480 AudioEndpointBuilder - ok 21:03:39.0555 2480 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll 21:03:39.0555 2480 Audiosrv - ok 21:03:39.0633 2480 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 21:03:39.0649 2480 Beep - ok 21:03:39.0727 2480 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll 21:03:39.0758 2480 BFE - ok 21:03:39.0867 2480 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll 21:03:39.0914 2480 BITS - ok 21:03:39.0929 2480 blbdrive - ok 21:03:39.0961 2480 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:03:39.0992 2480 bowser - ok 21:03:40.0054 2480 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 21:03:40.0070 2480 BrFiltLo - ok 21:03:40.0085 2480 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 21:03:40.0101 2480 BrFiltUp - ok 21:03:40.0132 2480 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 21:03:40.0148 2480 Browser - ok 21:03:40.0195 2480 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 21:03:40.0226 2480 Brserid - ok 21:03:40.0241 2480 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 21:03:40.0273 2480 BrSerWdm - ok 21:03:40.0319 2480 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 21:03:40.0335 2480 BrUsbMdm - ok 21:03:40.0366 2480 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 21:03:40.0382 2480 BrUsbSer - ok 21:03:40.0429 2480 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 21:03:40.0444 2480 BTHMODEM - ok 21:03:40.0600 2480 catchme - ok 21:03:40.0725 2480 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:03:40.0772 2480 cdfs - ok 21:03:40.0819 2480 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 21:03:40.0834 2480 cdrom - ok 21:03:40.0912 2480 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll 21:03:40.0928 2480 CertPropSvc - ok 21:03:41.0006 2480 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys 21:03:41.0021 2480 circlass - ok 21:03:41.0068 2480 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys 21:03:41.0099 2480 CLFS - ok 21:03:41.0162 2480 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:03:41.0193 2480 clr_optimization_v2.0.50727_32 - ok 21:03:41.0333 2480 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:03:41.0349 2480 clr_optimization_v4.0.30319_32 - ok 21:03:41.0396 2480 CLTNetCnService - ok 21:03:41.0458 2480 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:03:41.0474 2480 cmdide - ok 21:03:41.0505 2480 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 21:03:41.0521 2480 Compbatt - ok 21:03:41.0536 2480 COMSysApp - ok 21:03:41.0583 2480 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 21:03:41.0599 2480 crcdisk - ok 21:03:41.0630 2480 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys 21:03:41.0645 2480 Crusoe - ok 21:03:41.0708 2480 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:03:41.0723 2480 CryptSvc - ok 21:03:41.0786 2480 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll 21:03:41.0817 2480 DcomLaunch - ok 21:03:41.0833 2480 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:03:41.0864 2480 DfsC - ok 21:03:41.0973 2480 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe 21:03:42.0098 2480 DFSR - ok 21:03:42.0176 2480 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll 21:03:42.0176 2480 Dhcp - ok 21:03:42.0223 2480 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys 21:03:42.0238 2480 disk - ok 21:03:42.0285 2480 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:03:42.0301 2480 Dnscache - ok 21:03:42.0347 2480 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll 21:03:42.0363 2480 dot3svc - ok 21:03:42.0441 2480 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 21:03:42.0457 2480 DPS - ok 21:03:42.0503 2480 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:03:42.0519 2480 drmkaud - ok 21:03:42.0566 2480 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:03:42.0597 2480 DXGKrnl - ok 21:03:42.0644 2480 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 21:03:42.0675 2480 E1G60 - ok 21:03:42.0706 2480 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 21:03:42.0737 2480 EapHost - ok 21:03:42.0769 2480 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys 21:03:42.0800 2480 Ecache - ok 21:03:42.0847 2480 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys 21:03:42.0878 2480 elxstor - ok 21:03:42.0940 2480 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll 21:03:42.0971 2480 EMDMgmt - ok 21:03:43.0049 2480 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe 21:03:43.0049 2480 EpsonBidirectionalService - ok 21:03:43.0112 2480 [ B78436CA173FF723A1EACE5CD4900375 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe 21:03:43.0143 2480 EpsonCustomerParticipation - ok 21:03:43.0221 2480 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll 21:03:43.0221 2480 EventSystem - ok 21:03:43.0268 2480 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys 21:03:43.0283 2480 exfat - ok 21:03:43.0502 2480 [ D4980588ED87F8BB16BE43DDD0FBD5FE ] F-Secure Filter C:\Program Files\EMBARQ Online Security\Anti-Virus\Win2K\FSfilter.sys 21:03:43.0502 2480 F-Secure Filter - ok 21:03:43.0564 2480 [ ECBAE8634BD87A26DAA67C3A2A42DEEB ] F-Secure Gatekeeper C:\Program Files\EMBARQ Online Security\Anti-Virus\minifilter\fsgk.sys 21:03:43.0564 2480 F-Secure Gatekeeper - ok 21:03:43.0611 2480 [ A9BE66E05254B20DF82E0F7CDDECA7DD ] F-Secure Gatekeeper Handler Starter C:\Program Files\EMBARQ Online Security\Anti-Virus\fsgk32st.exe 21:03:43.0627 2480 F-Secure Gatekeeper Handler Starter - ok 21:03:43.0689 2480 [ F5ACA65237C7511D5803CDC5E7003D75 ] F-Secure HIPS C:\Program Files\EMBARQ Online Security\HIPS\drivers\fshs.sys 21:03:43.0689 2480 F-Secure HIPS - ok 21:03:43.0751 2480 [ 6CE1195511533C9359F91A9E63792F5E ] F-Secure Recognizer C:\Program Files\EMBARQ Online Security\Anti-Virus\Win2K\FSrec.sys 21:03:43.0751 2480 F-Secure Recognizer - ok 21:03:43.0783 2480 F-Secure Standalone Minifilter - ok 21:03:43.0814 2480 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:03:43.0845 2480 fastfat - ok 21:03:43.0923 2480 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 21:03:44.0126 2480 fdc - ok 21:03:44.0173 2480 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 21:03:44.0235 2480 fdPHost - ok 21:03:44.0329 2480 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 21:03:44.0438 2480 FDResPub - ok 21:03:44.0485 2480 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:03:44.0500 2480 FileInfo - ok 21:03:44.0547 2480 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:03:44.0609 2480 Filetrace - ok 21:03:44.0687 2480 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 21:03:44.0812 2480 flpydisk - ok 21:03:44.0906 2480 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:03:45.0015 2480 FltMgr - ok 21:03:45.0093 2480 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll 21:03:45.0124 2480 FontCache - ok 21:03:45.0187 2480 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 21:03:45.0249 2480 FontCache3.0.0.0 - ok 21:03:45.0296 2480 [ 18DA737DD5122A475DA4948ED4643675 ] fsbts C:\Windows\system32\Drivers\fsbts.sys 21:03:45.0311 2480 fsbts - ok 21:03:45.0421 2480 [ 8E0BF7478CC3BAED48282ADBC97ADAFB ] FSDFWD C:\Program Files\EMBARQ Online Security\FWES\Program\fsdfwd.exe 21:03:45.0421 2480 FSDFWD - ok 21:03:45.0467 2480 [ 2BFFAE1318CE3D9847A8D61B3726E54E ] FSES C:\Windows\system32\drivers\fses.sys 21:03:45.0483 2480 FSES - ok 21:03:45.0545 2480 [ 73E6E711455491DA6EBBAF9603E96323 ] FSFW C:\Windows\system32\drivers\fsdfw.sys 21:03:45.0577 2480 FSFW - ok 21:03:45.0639 2480 [ 392E85687A902239C01BADDF212B1A36 ] FSMA C:\Program Files\EMBARQ Online Security\Common\FSMA32.EXE 21:03:45.0639 2480 FSMA - ok 21:03:45.0701 2480 [ 42AEF6A385354ACA65FC210CE7CE4D7C ] FSORSPClient C:\Program Files\EMBARQ Online Security\ORSP Client\fsorsp.exe 21:03:45.0701 2480 FSORSPClient - ok 21:03:45.0764 2480 [ D909075FA72C090F27AA926C32CB4612 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 21:03:45.0811 2480 fssfltr - ok 21:03:45.0935 2480 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe 21:03:46.0013 2480 fsssvc - ok 21:03:46.0076 2480 [ F4A1769BD7A3F073C492663E6A7DECD1 ] fsvista C:\Program Files\EMBARQ Online Security\Anti-Virus\minifilter\fsvista.sys 21:03:46.0076 2480 fsvista - ok 21:03:46.0123 2480 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:03:46.0138 2480 Fs_Rec - ok 21:03:46.0185 2480 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 21:03:46.0201 2480 gagp30kx - ok 21:03:46.0263 2480 [ FD7E9ABA274DF75E08320420B8E9A1D5 ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll 21:03:46.0279 2480 getPlusHelper - ok 21:03:46.0357 2480 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll 21:03:46.0388 2480 gpsvc - ok 21:03:46.0466 2480 [ 408DDD80EEDE47175F6844817B90213E ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 21:03:46.0466 2480 gusvc - ok 21:03:46.0528 2480 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 21:03:46.0559 2480 HdAudAddService - ok 21:03:46.0637 2480 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 21:03:46.0637 2480 HDAudBus - ok 21:03:46.0684 2480 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 21:03:46.0700 2480 HidBth - ok 21:03:46.0715 2480 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 21:03:46.0747 2480 HidIr - ok 21:03:46.0778 2480 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll 21:03:46.0793 2480 hidserv - ok 21:03:46.0825 2480 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:03:46.0856 2480 HidUsb - ok 21:03:46.0887 2480 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:03:46.0903 2480 hkmsvc - ok 21:03:46.0949 2480 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 21:03:46.0965 2480 HpCISSs - ok 21:03:47.0043 2480 [ 88749FBF8BEB18C90E7D6626C8C1910B ] HSF_DP C:\Windows\system32\DRIVERS\HSX_DP.sys 21:03:47.0105 2480 HSF_DP - ok 21:03:47.0152 2480 [ FE440536BD98AF772130DC3A6FE1915F ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys 21:03:47.0183 2480 HSXHWBS2 - ok 21:03:47.0230 2480 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:03:47.0277 2480 HTTP - ok 21:03:47.0339 2480 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys 21:03:47.0355 2480 i2omp - ok 21:03:47.0417 2480 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 21:03:47.0433 2480 i8042prt - ok 21:03:47.0480 2480 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 21:03:47.0511 2480 iaStorV - ok 21:03:47.0823 2480 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 21:03:48.0026 2480 idsvc - ok 21:03:48.0057 2480 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 21:03:48.0073 2480 iirsp - ok 21:03:48.0119 2480 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll 21:03:48.0151 2480 IKEEXT - ok 21:03:48.0291 2480 [ 84ED2154239F9D013BBD3220755ADA8B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 21:03:48.0447 2480 IntcAzAudAddService - ok 21:03:48.0494 2480 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys 21:03:48.0509 2480 intelide - ok 21:03:48.0556 2480 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 21:03:48.0556 2480 intelppm - ok 21:03:48.0587 2480 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:03:48.0619 2480 IPBusEnum - ok 21:03:48.0665 2480 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:03:48.0681 2480 IpFilterDriver - ok 21:03:48.0712 2480 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:03:48.0743 2480 iphlpsvc - ok 21:03:48.0759 2480 IpInIp - ok 21:03:48.0806 2480 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 21:03:48.0821 2480 IPMIDRV - ok 21:03:48.0868 2480 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 21:03:48.0884 2480 IPNAT - ok 21:03:48.0915 2480 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:03:48.0931 2480 IRENUM - ok 21:03:48.0962 2480 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:03:48.0993 2480 isapnp - ok 21:03:49.0040 2480 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 21:03:49.0055 2480 iScsiPrt - ok 21:03:49.0087 2480 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 21:03:49.0102 2480 iteatapi - ok 21:03:49.0133 2480 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 21:03:49.0149 2480 iteraid - ok 21:03:49.0196 2480 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 21:03:49.0211 2480 kbdclass - ok 21:03:49.0258 2480 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 21:03:49.0274 2480 kbdhid - ok 21:03:49.0321 2480 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe 21:03:49.0336 2480 KeyIso - ok 21:03:49.0399 2480 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:03:49.0430 2480 KSecDD - ok 21:03:49.0492 2480 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 21:03:49.0492 2480 KtmRm - ok 21:03:49.0539 2480 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll 21:03:49.0570 2480 LanmanServer - ok 21:03:49.0633 2480 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:03:49.0648 2480 LanmanWorkstation - ok 21:03:49.0711 2480 [ 6E5DAC168D1FF9843E84A59D51D31107 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe 21:03:49.0726 2480 LightScribeService - ok 21:03:49.0773 2480 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:03:49.0789 2480 lltdio - ok 21:03:49.0835 2480 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:03:49.0867 2480 lltdsvc - ok 21:03:49.0898 2480 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 21:03:49.0913 2480 lmhosts - ok 21:03:49.0976 2480 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 21:03:49.0991 2480 LSI_FC - ok 21:03:50.0023 2480 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 21:03:50.0038 2480 LSI_SAS - ok 21:03:50.0085 2480 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 21:03:50.0116 2480 LSI_SCSI - ok 21:03:50.0147 2480 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 21:03:50.0179 2480 luafv - ok 21:03:50.0225 2480 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys 21:03:50.0241 2480 mdmxsdk - ok 21:03:50.0272 2480 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys 21:03:50.0288 2480 megasas - ok 21:03:50.0319 2480 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 21:03:50.0335 2480 MMCSS - ok 21:03:50.0381 2480 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 21:03:50.0381 2480 Modem - ok 21:03:50.0428 2480 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:03:50.0428 2480 monitor - ok 21:03:50.0459 2480 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:03:50.0475 2480 mouclass - ok 21:03:50.0506 2480 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:03:50.0522 2480 mouhid - ok 21:03:50.0584 2480 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 21:03:50.0600 2480 MountMgr - ok 21:03:50.0647 2480 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys 21:03:50.0678 2480 mpio - ok 21:03:50.0709 2480 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:03:50.0725 2480 mpsdrv - ok 21:03:50.0787 2480 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll 21:03:50.0803 2480 MpsSvc - ok 21:03:50.0849 2480 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 21:03:50.0865 2480 Mraid35x - ok 21:03:50.0912 2480 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:03:50.0927 2480 MRxDAV - ok 21:03:50.0974 2480 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:03:51.0005 2480 mrxsmb - ok 21:03:51.0052 2480 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:03:51.0068 2480 mrxsmb10 - ok 21:03:51.0115 2480 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:03:51.0130 2480 mrxsmb20 - ok 21:03:51.0177 2480 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys 21:03:51.0193 2480 msahci - ok 21:03:51.0224 2480 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:03:51.0239 2480 msdsm - ok 21:03:51.0286 2480 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 21:03:51.0317 2480 MSDTC - ok 21:03:51.0364 2480 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:03:51.0395 2480 Msfs - ok 21:03:51.0427 2480 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:03:51.0458 2480 msisadrv - ok 21:03:51.0505 2480 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:03:51.0520 2480 MSiSCSI - ok 21:03:51.0536 2480 msiserver - ok 21:03:51.0583 2480 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:03:51.0598 2480 MSKSSRV - ok 21:03:51.0629 2480 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:03:51.0661 2480 MSPCLOCK - ok 21:03:51.0692 2480 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:03:51.0707 2480 MSPQM - ok 21:03:51.0754 2480 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:03:51.0770 2480 MsRPC - ok 21:03:51.0817 2480 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 21:03:51.0817 2480 mssmbios - ok 21:03:51.0848 2480 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:03:51.0863 2480 MSTEE - ok 21:03:51.0895 2480 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys 21:03:51.0926 2480 Mup - ok 21:03:51.0957 2480 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll 21:03:51.0973 2480 napagent - ok 21:03:52.0019 2480 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:03:52.0066 2480 NativeWifiP - ok 21:03:52.0129 2480 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys 21:03:52.0144 2480 NDIS - ok 21:03:52.0191 2480 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:03:52.0207 2480 NdisTapi - ok 21:03:52.0238 2480 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:03:52.0253 2480 Ndisuio - ok 21:03:52.0300 2480 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:03:52.0316 2480 NdisWan - ok 21:03:52.0363 2480 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:03:52.0378 2480 NDProxy - ok 21:03:52.0409 2480 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:03:52.0425 2480 NetBIOS - ok 21:03:52.0472 2480 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 21:03:52.0487 2480 netbt - ok 21:03:52.0519 2480 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe 21:03:52.0519 2480 Netlogon - ok 21:03:52.0565 2480 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 21:03:52.0581 2480 Netman - ok 21:03:52.0628 2480 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 21:03:52.0659 2480 netprofm - ok 21:03:52.0690 2480 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:03:52.0706 2480 NetTcpPortSharing - ok 21:03:52.0753 2480 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 21:03:52.0768 2480 nfrd960 - ok 21:03:52.0815 2480 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 21:03:52.0815 2480 NlaSvc - ok 21:03:52.0877 2480 [ B15E0180C43D8B5219196D76878CC2DD ] NPF C:\Windows\system32\drivers\npf.sys 21:03:52.0893 2480 NPF - ok 21:03:52.0924 2480 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:03:52.0940 2480 Npfs - ok 21:03:52.0971 2480 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 21:03:53.0002 2480 nsi - ok 21:03:53.0033 2480 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:03:53.0049 2480 nsiproxy - ok 21:03:53.0127 2480 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:03:53.0189 2480 Ntfs - ok 21:03:53.0221 2480 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 21:03:53.0236 2480 ntrigdigi - ok 21:03:53.0283 2480 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 21:03:53.0299 2480 Null - ok 21:03:53.0330 2480 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:03:53.0361 2480 nvraid - ok 21:03:53.0408 2480 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:03:53.0423 2480 nvstor - ok 21:03:53.0455 2480 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:03:53.0470 2480 nv_agp - ok 21:03:53.0486 2480 NwlnkFlt - ok 21:03:53.0501 2480 NwlnkFwd - ok 21:03:53.0626 2480 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 21:03:53.0673 2480 odserv - ok 21:03:53.0720 2480 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:03:53.0735 2480 ohci1394 - ok 21:03:53.0782 2480 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:03:53.0798 2480 ose - ok 21:03:53.0860 2480 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll 21:03:53.0923 2480 p2pimsvc - ok 21:03:53.0954 2480 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll 21:03:53.0969 2480 p2psvc - ok 21:03:54.0001 2480 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys 21:03:54.0016 2480 Parport - ok 21:03:54.0047 2480 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:03:54.0079 2480 partmgr - ok 21:03:54.0141 2480 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 21:03:54.0172 2480 Parvdm - ok 21:03:54.0235 2480 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 21:03:54.0250 2480 PcaSvc - ok 21:03:54.0297 2480 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys 21:03:54.0328 2480 pci - ok 21:03:54.0359 2480 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys 21:03:54.0375 2480 pciide - ok 21:03:54.0422 2480 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 21:03:54.0453 2480 pcmcia - ok 21:03:54.0500 2480 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:03:54.0562 2480 PEAUTH - ok 21:03:54.0671 2480 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 21:03:54.0765 2480 pla - ok 21:03:54.0796 2480 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:03:54.0827 2480 PlugPlay - ok 21:03:54.0859 2480 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 21:03:54.0874 2480 PNRPAutoReg - ok 21:03:54.0905 2480 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll 21:03:54.0905 2480 PNRPsvc - ok 21:03:54.0952 2480 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:03:54.0983 2480 PolicyAgent - ok 21:03:55.0030 2480 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:03:55.0046 2480 PptpMiniport - ok 21:03:55.0077 2480 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys 21:03:55.0108 2480 Processor - ok 21:03:55.0139 2480 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll 21:03:55.0139 2480 ProfSvc - ok 21:03:55.0171 2480 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe 21:03:55.0171 2480 ProtectedStorage - ok 21:03:55.0233 2480 [ 64E413BA0C529AA40C3924BBCC4153DB ] ProtexisLicensing C:\Windows\system32\PSIService.exe 21:03:55.0264 2480 ProtexisLicensing - ok 21:03:55.0295 2480 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys 21:03:55.0327 2480 PSched - ok 21:03:55.0373 2480 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys 21:03:55.0389 2480 PxHelp20 - ok 21:03:55.0451 2480 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys 21:03:55.0498 2480 ql2300 - ok 21:03:55.0545 2480 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 21:03:55.0561 2480 ql40xx - ok 21:03:55.0623 2480 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 21:03:55.0654 2480 QWAVE - ok 21:03:55.0701 2480 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:03:55.0717 2480 QWAVEdrv - ok 21:03:55.0810 2480 [ 641449667853591A5A12CD9D0621FBA5 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys 21:03:55.0841 2480 R300 - ok 21:03:55.0888 2480 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:03:55.0904 2480 RasAcd - ok 21:03:55.0935 2480 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 21:03:55.0966 2480 RasAuto - ok 21:03:56.0013 2480 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:03:56.0029 2480 Rasl2tp - ok 21:03:56.0075 2480 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll 21:03:56.0107 2480 RasMan - ok 21:03:56.0138 2480 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:03:56.0153 2480 RasPppoe - ok 21:03:56.0200 2480 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:03:56.0216 2480 RasSstp - ok 21:03:56.0247 2480 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:03:56.0278 2480 rdbss - ok 21:03:56.0325 2480 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:03:56.0325 2480 RDPCDD - ok 21:03:56.0387 2480 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 21:03:56.0434 2480 rdpdr - ok 21:03:56.0465 2480 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:03:56.0481 2480 RDPENCDD - ok 21:03:56.0528 2480 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:03:56.0559 2480 RDPWD - ok 21:03:56.0621 2480 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 21:03:56.0637 2480 RemoteAccess - ok 21:03:56.0684 2480 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:03:56.0699 2480 RemoteRegistry - ok 21:03:56.0762 2480 [ EEC7EE5675294B03E88AA868540007C1 ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys 21:03:56.0777 2480 RMCAST - ok 21:03:56.0824 2480 [ 9ED13880478F14900A5840FF048D174C ] rpcapd C:\Program Files\WinPcap\rpcapd.exe 21:03:56.0855 2480 rpcapd - ok 21:03:56.0902 2480 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 21:03:56.0918 2480 RpcLocator - ok 21:03:56.0965 2480 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll 21:03:56.0980 2480 RpcSs - ok 21:03:57.0011 2480 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:03:57.0027 2480 rspndr - ok 21:03:57.0074 2480 [ 5E01AB8AB1ACF8850B2D64A6FD068E46 ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys 21:03:57.0089 2480 RTL8023xp - ok 21:03:57.0105 2480 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe 21:03:57.0105 2480 SamSs - ok 21:03:57.0152 2480 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:03:57.0183 2480 sbp2port - ok 21:03:57.0230 2480 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:03:57.0261 2480 SCardSvr - ok 21:03:57.0308 2480 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll 21:03:57.0323 2480 Schedule - ok 21:03:57.0370 2480 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll 21:03:57.0370 2480 SCPolicySvc - ok 21:03:57.0417 2480 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:03:57.0448 2480 SDRSVC - ok 21:03:57.0464 2480 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:03:57.0479 2480 secdrv - ok 21:03:57.0526 2480 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 21:03:57.0542 2480 seclogon - ok 21:03:57.0589 2480 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll 21:03:57.0589 2480 SENS - ok 21:03:57.0635 2480 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys 21:03:57.0651 2480 Serenum - ok 21:03:57.0682 2480 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys 21:03:57.0713 2480 Serial - ok 21:03:57.0729 2480 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 21:03:57.0760 2480 sermouse - ok 21:03:57.0823 2480 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 21:03:57.0838 2480 SessionEnv - ok 21:03:57.0869 2480 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:03:57.0885 2480 sffdisk - ok 21:03:57.0901 2480 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:03:57.0932 2480 sffp_mmc - ok 21:03:57.0963 2480 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:03:57.0994 2480 sffp_sd - ok 21:03:58.0010 2480 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 21:03:58.0025 2480 sfloppy - ok 21:03:58.0072 2480 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:03:58.0103 2480 SharedAccess - ok 21:03:58.0150 2480 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:03:58.0166 2480 ShellHWDetection - ok 21:03:58.0213 2480 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys 21:03:58.0228 2480 sisagp - ok 21:03:58.0259 2480 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 21:03:58.0275 2480 SiSRaid2 - ok 21:03:58.0322 2480 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 21:03:58.0337 2480 SiSRaid4 - ok 21:03:58.0478 2480 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe 21:03:58.0649 2480 slsvc - ok 21:03:58.0696 2480 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll 21:03:58.0712 2480 SLUINotify - ok 21:03:58.0759 2480 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:03:58.0774 2480 Smb - ok 21:03:58.0837 2480 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:03:58.0852 2480 SNMPTRAP - ok 21:03:58.0883 2480 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 21:03:58.0899 2480 spldr - ok 21:03:58.0946 2480 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe 21:03:58.0961 2480 Spooler - ok 21:03:59.0008 2480 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys 21:03:59.0055 2480 srv - ok 21:03:59.0102 2480 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:03:59.0133 2480 srv2 - ok 21:03:59.0164 2480 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:03:59.0195 2480 srvnet - ok 21:03:59.0227 2480 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:03:59.0258 2480 SSDPSRV - ok 21:03:59.0305 2480 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:03:59.0336 2480 SstpSvc - ok 21:03:59.0383 2480 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll 21:03:59.0398 2480 stisvc - ok 21:03:59.0414 2480 stllssvr - ok 21:03:59.0429 2480 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 21:03:59.0445 2480 swenum - ok 21:03:59.0492 2480 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll 21:03:59.0523 2480 swprv - ok 21:03:59.0554 2480 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 21:03:59.0570 2480 Symc8xx - ok 21:03:59.0601 2480 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 21:03:59.0632 2480 Sym_hi - ok 21:03:59.0663 2480 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 21:03:59.0679 2480 Sym_u3 - ok 21:03:59.0741 2480 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll 21:03:59.0788 2480 SysMain - ok 21:03:59.0835 2480 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:03:59.0851 2480 TabletInputService - ok 21:03:59.0897 2480 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll 21:03:59.0913 2480 TapiSrv - ok 21:03:59.0960 2480 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 21:03:59.0960 2480 TBS - ok 21:04:00.0022 2480 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:04:00.0085 2480 Tcpip - ok 21:04:00.0131 2480 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 21:04:00.0147 2480 Tcpip6 - ok 21:04:00.0194 2480 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:04:00.0209 2480 tcpipreg - ok 21:04:00.0241 2480 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:04:00.0256 2480 TDPIPE - ok 21:04:00.0303 2480 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:04:00.0319 2480 TDTCP - ok 21:04:00.0350 2480 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:04:00.0365 2480 tdx - ok 21:04:00.0412 2480 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 21:04:00.0428 2480 TermDD - ok 21:04:00.0475 2480 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll 21:04:00.0506 2480 TermService - ok 21:04:00.0537 2480 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll 21:04:00.0553 2480 Themes - ok 21:04:00.0568 2480 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 21:04:00.0568 2480 THREADORDER - ok 21:04:00.0615 2480 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 21:04:00.0631 2480 TrkWks - ok 21:04:00.0693 2480 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:04:00.0693 2480 TrustedInstaller - ok 21:04:00.0755 2480 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:04:00.0771 2480 tssecsrv - ok 21:04:00.0802 2480 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 21:04:00.0818 2480 tunmp - ok 21:04:00.0865 2480 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:04:00.0865 2480 tunnel - ok 21:04:00.0911 2480 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 21:04:00.0943 2480 uagp35 - ok 21:04:00.0989 2480 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:04:01.0005 2480 udfs - ok 21:04:01.0067 2480 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:04:01.0083 2480 UI0Detect - ok 21:04:01.0130 2480 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:04:01.0145 2480 uliagpkx - ok 21:04:01.0177 2480 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys 21:04:01.0208 2480 uliahci - ok 21:04:01.0239 2480 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 21:04:01.0270 2480 UlSata - ok 21:04:01.0286 2480 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 21:04:01.0317 2480 ulsata2 - ok 21:04:01.0348 2480 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 21:04:01.0379 2480 umbus - ok 21:04:01.0426 2480 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 21:04:01.0426 2480 upnphost - ok 21:04:01.0489 2480 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 21:04:01.0520 2480 usbaudio - ok 21:04:01.0551 2480 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:04:01.0582 2480 usbccgp - ok 21:04:01.0629 2480 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:04:01.0645 2480 usbcir - ok 21:04:01.0691 2480 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 21:04:01.0707 2480 usbehci - ok 21:04:01.0754 2480 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:04:01.0785 2480 usbhub - ok 21:04:01.0832 2480 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 21:04:01.0847 2480 usbohci - ok 21:04:01.0879 2480 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 21:04:01.0894 2480 usbprint - ok 21:04:01.0957 2480 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 21:04:01.0972 2480 usbscan - ok 21:04:02.0003 2480 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:04:02.0035 2480 USBSTOR - ok 21:04:02.0066 2480 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 21:04:02.0081 2480 usbuhci - ok 21:04:02.0128 2480 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll 21:04:02.0144 2480 UxSms - ok 21:04:02.0191 2480 [ B4FDC6C4720F43A5A1D7EC95F21A489A ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys 21:04:02.0206 2480 VBoxDrv - ok 21:04:02.0237 2480 [ E86D511DA592AB864F400828D519B911 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys 21:04:02.0253 2480 VBoxUSBMon - ok 21:04:02.0300 2480 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe 21:04:02.0362 2480 vds - ok 21:04:02.0425 2480 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:04:02.0440 2480 vga - ok 21:04:02.0471 2480 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 21:04:02.0487 2480 VgaSave - ok 21:04:02.0518 2480 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys 21:04:02.0549 2480 viaagp - ok 21:04:02.0565 2480 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys 21:04:02.0581 2480 ViaC7 - ok 21:04:02.0627 2480 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys 21:04:02.0643 2480 viaide - ok 21:04:02.0674 2480 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:04:02.0690 2480 volmgr - ok 21:04:02.0737 2480 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:04:02.0768 2480 volmgrx - ok 21:04:02.0815 2480 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:04:02.0846 2480 volsnap - ok 21:04:02.0893 2480 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 21:04:02.0908 2480 vsmraid - ok 21:04:02.0971 2480 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe 21:04:03.0049 2480 VSS - ok 21:04:03.0095 2480 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll 21:04:03.0127 2480 W32Time - ok 21:04:03.0173 2480 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 21:04:03.0189 2480 WacomPen - ok 21:04:03.0220 2480 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 21:04:03.0251 2480 Wanarp - ok 21:04:03.0267 2480 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:04:03.0267 2480 Wanarpv6 - ok 21:04:03.0314 2480 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:04:03.0345 2480 wcncsvc - ok 21:04:03.0392 2480 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:04:03.0407 2480 WcsPlugInService - ok 21:04:03.0454 2480 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys 21:04:03.0470 2480 Wd - ok 21:04:03.0517 2480 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:04:03.0548 2480 Wdf01000 - ok 21:04:03.0579 2480 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:04:03.0610 2480 WdiServiceHost - ok 21:04:03.0626 2480 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:04:03.0641 2480 WdiSystemHost - ok 21:04:03.0688 2480 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll 21:04:03.0704 2480 WebClient - ok 21:04:03.0751 2480 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:04:03.0766 2480 Wecsvc - ok 21:04:03.0813 2480 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:04:03.0844 2480 wercplsupport - ok 21:04:03.0891 2480 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll 21:04:03.0922 2480 WerSvc - ok 21:04:03.0985 2480 [ 72CC6A8CA7891031D6380DB5025C773C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys 21:04:04.0047 2480 winachsf - ok 21:04:04.0203 2480 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 21:04:04.0297 2480 WinDefend - ok 21:04:04.0328 2480 WinHttpAutoProxySvc - ok 21:04:04.0406 2480 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:04:04.0437 2480 Winmgmt - ok 21:04:04.0562 2480 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll 21:04:04.0640 2480 WinRM - ok 21:04:04.0702 2480 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll 21:04:04.0780 2480 Wlansvc - ok 21:04:04.0921 2480 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 21:04:05.0108 2480 wlcrasvc - ok 21:04:05.0217 2480 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 21:04:05.0295 2480 wlidsvc - ok 21:04:05.0342 2480 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 21:04:05.0357 2480 WmiAcpi - ok 21:04:05.0420 2480 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:04:05.0435 2480 wmiApSrv - ok 21:04:05.0529 2480 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 21:04:05.0576 2480 WMPNetworkSvc - ok 21:04:05.0623 2480 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:04:05.0638 2480 WPCSvc - ok 21:04:05.0685 2480 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:04:05.0701 2480 WPDBusEnum - ok 21:04:05.0732 2480 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 21:04:05.0747 2480 WpdUsb - ok 21:04:05.0872 2480 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 21:04:05.0919 2480 WPFFontCache_v0400 - ok 21:04:05.0950 2480 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:04:05.0966 2480 ws2ifsl - ok 21:04:05.0997 2480 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll 21:04:06.0013 2480 wscsvc - ok 21:04:06.0028 2480 WSearch - ok 21:04:06.0122 2480 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 21:04:06.0184 2480 wuauserv - ok 21:04:06.0231 2480 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:04:06.0247 2480 WUDFRd - ok 21:04:06.0293 2480 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:04:06.0309 2480 wudfsvc - ok 21:04:06.0356 2480 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys 21:04:06.0371 2480 XAudio - ok 21:04:06.0418 2480 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe 21:04:06.0449 2480 XAudioService - ok 21:04:06.0465 2480 ================ Scan global =============================== 21:04:06.0496 2480 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 21:04:06.0559 2480 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll 21:04:06.0637 2480 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll 21:04:06.0683 2480 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe 21:04:06.0699 2480 [Global] - ok 21:04:06.0699 2480 ================ Scan MBR ================================== 21:04:06.0715 2480 [ 8913823FF508CCF109DB74B636C301DA ] \Device\Harddisk0\DR0 21:04:07.0105 2480 \Device\Harddisk0\DR0 - ok 21:04:07.0136 2480 [ 8913823FF508CCF109DB74B636C301DA ] \Device\Harddisk1\DR1 21:04:07.0588 2480 \Device\Harddisk1\DR1 - ok 21:04:07.0588 2480 ================ Scan VBR ================================== 21:04:07.0604 2480 [ C0F372D74CB1D1C79E02DCC43D5B9A99 ] \Device\Harddisk0\DR0\Partition1 21:04:07.0604 2480 \Device\Harddisk0\DR0\Partition1 - ok 21:04:07.0651 2480 [ CB5824A667CCDD9CFA3208D9E854D390 ] \Device\Harddisk0\DR0\Partition2 21:04:07.0651 2480 \Device\Harddisk0\DR0\Partition2 - ok 21:04:07.0666 2480 [ 0E93E86D854089516E13FB9B1FC683EB ] \Device\Harddisk1\DR1\Partition1 21:04:07.0666 2480 \Device\Harddisk1\DR1\Partition1 - ok 21:04:07.0682 2480 [ F6129CBFE8B3365D3186D6B0C31D73AD ] \Device\Harddisk1\DR1\Partition2 21:04:07.0682 2480 \Device\Harddisk1\DR1\Partition2 - ok 21:04:07.0682 2480 ============================================================ 21:04:07.0682 2480 Scan finished 21:04:07.0682 2480 ============================================================ 21:04:07.0713 1008 Detected object count: 0 21:04:07.0713 1008 Actual detected object count: 0 aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-11-07 22:32:39 ----------------------------- 22:32:39.055 OS Version: Windows 6.0.6002 Service Pack 2 22:32:39.055 Number of processors: 1 586 0x605 22:32:39.070 ComputerName: HOLY-PC UserName: holy 22:32:39.663 Initialize success 22:48:30.192 AVAST engine defs: 12110701 22:48:40.504 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 22:48:40.504 Disk 0 Vendor: ST3120213AS 3.AHL Size: 114473MB BusType: 3 22:48:40.519 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-2 22:48:40.519 Disk 1 Vendor: WDC_WD2500AAJS-00L7A0 01.03E01 Size: 238475MB BusType: 3 22:48:40.535 Disk 0 MBR read successfully 22:48:40.551 Disk 0 MBR scan 22:48:40.597 Disk 0 unknown MBR code 22:48:40.613 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 108572 MB offset 63 22:48:40.644 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 5898 MB offset 222355665 22:48:40.691 Disk 0 scanning sectors +234436545 22:48:40.831 Disk 0 scanning C:\Windows\system32\drivers 22:48:57.274 Service scanning 22:49:44.027 Modules scanning 22:50:05.368 Disk 0 trace - called modules: 22:50:05.805 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys 22:50:05.805 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84984ac8] 22:50:05.836 3 CLASSPNP.SYS[869b28b3] -> nt!IofCallDriver -> [0x84859720] 22:50:05.836 5 acpi.sys[8069d6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8486f030] 22:50:06.663 AVAST engine scan C:\Windows 22:50:14.057 AVAST engine scan C:\Windows\system32 22:53:57.792 AVAST engine scan C:\Windows\system32\drivers 22:54:14.952 AVAST engine scan C:\Users\holy 23:00:09.649 AVAST engine scan C:\ProgramData 23:01:29.693 Scan finished successfully 23:02:45.103 Disk 0 MBR has been saved successfully to "C:\Users\holy\Desktop\MBR.dat" 23:02:45.103 The log file has been saved successfully to "C:\Users\holy\Desktop\aswMBR.txt"
  2. Whichie
    Dear Gringo, I had to run it twice 1st time from the old icon on desk top created Oct. 22. I did not do the up date from there from there so it didn't run right. Did a restart and downloaded it again and was able to run it. I see now my AV is not on and was not able to open it to turn it on. Here that report and my desk top seems to be running faster. ComboFix 12-11-06.03 - holy 11/07/2012 16:03:11.1.1 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.895.372 [GMT -5:00] Running from: c:\users\holy\Downloads\ComboFix.exe FW: CenturyLink™ Online Security 9.01 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\fspscprereqmsiinst.log . . ((((((((((((((((((((((((( Files Created from 2012-10-07 to 2012-11-07 ))))))))))))))))))))))))))))))) . . 2012-11-07 21:13 . 2012-11-07 21:14 -------- d-----w- c:\users\holy\AppData\Local\temp 2012-11-07 21:13 . 2012-11-07 21:13 -------- d-----w- c:\users\REP\AppData\Local\temp 2012-11-07 21:13 . 2012-11-07 21:13 -------- d-----w- c:\users\Guest\AppData\Local\temp 2012-11-07 21:13 . 2012-11-07 21:13 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-06 22:58 . 2012-11-06 22:58 -------- d-----w- c:\program files\7-zip 2012-11-06 19:38 . 2012-10-17 06:32 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4CFC374A-CDE6-462D-B34E-EE12C270AD75}\mpengine.dll 2012-11-05 00:20 . 2012-11-07 20:05 44240 ----a-w- c:\windows\system32\drivers\fsbts.sys 2012-11-04 20:49 . 2012-11-05 00:25 36792 ----a-w- c:\windows\system32\drivers\fses.sys 2012-11-04 20:49 . 2012-11-05 00:26 73160 ----a-w- c:\windows\system32\drivers\fsdfw.sys 2012-10-24 21:28 . 2012-10-24 21:28 -------- d-----w- c:\program files\CCleaner 2012-10-24 15:29 . 2012-10-24 15:29 -------- d-----w- c:\program files\Common Files\Java 2012-10-24 15:28 . 2012-10-24 15:27 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-10-24 15:02 . 2012-10-24 15:02 -------- d-----w- c:\program files\Foxit Software 2012-10-24 14:09 . 2012-10-24 14:09 -------- d-----w- c:\program files\VS Revo Group 2012-10-19 01:01 . 2012-06-02 00:02 985088 ----a-w- c:\windows\system32\crypt32.dll 2012-10-19 01:01 . 2012-06-02 00:02 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-10-19 01:01 . 2012-06-02 00:02 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2012-10-19 01:00 . 2012-08-24 15:53 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-10-19 00:59 . 2012-09-13 13:28 2048 ----a-w- c:\windows\system32\tzres.dll 2012-10-19 00:56 . 2012-08-29 11:27 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-10-19 00:56 . 2012-08-29 11:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-24 15:27 . 2010-08-31 15:28 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-13 18:22 . 2012-09-13 18:23 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-03-04 00:14 . 2012-03-04 00:14 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "F-Secure Manager"="c:\program files\EMBARQ Online Security\Common\FSM32.EXE" [2009-08-05 199264] "F-Secure TNB"="c:\program files\EMBARQ Online Security\FSGUI\TNBUtil.exe" [2009-08-05 2349664] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiSpywareOverride"=dword:00000001 "FirewallOverride"=dword:00000001 . S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc getPlusHelper REG_MULTI_SZ getPlusHelper LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder . 2012-10-27 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-03-17 18:29] . 2012-11-07 c:\windows\Tasks\Scheduled scanning task.job - c:\progra~1\EMBARQ~1\ANTI-V~1\fsav.exe [2012-11-04 15:56] . 2012-11-07 c:\windows\Tasks\User_Feed_Synchronization-{9887A036-951C-4FB4-BBAF-AB8E7A936267}.job - c:\windows\system32\msfeedssync.exe [2012-10-26 19:31] . 2012-11-07 c:\windows\Tasks\User_Feed_Synchronization-{DF92EA2C-A000-4A47-8DDC-B538EB8648F5}.job - c:\windows\system32\msfeedssync.exe [2012-10-26 19:31] . . ------- Supplementary Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html LSP: c:\program files\EMBARQ Online Security\FSPS\program\FSLSP.DLL TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\holy\AppData\Roaming\Mozilla\Firefox\Profiles\tujcccj1.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Wikipedia (en) FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-11-07 16:14 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(608) c:\program files\embarq online security\hips\fshook32.dll . - - - - - - - > 'lsass.exe'(644) c:\program files\embarq online security\hips\fshook32.dll . Completion time: 2012-11-07 16:18:16 ComboFix-quarantined-files.txt 2012-11-07 21:17 ComboFix2.txt 2012-10-23 18:06 ComboFix3.txt 2012-10-21 22:54 . Pre-Run: 46,442,078,208 bytes free Post-Run: 46,438,629,376 bytes free . - - End Of File - - 70714B3FB3A8E523E6A3E12A27B9AE1F
  3. Whichie
    Gringo, When I tried to use the RogueKiller still on my pc it directed to to up date so I did. However the link I downloaded is 7-zip and it looked nothing like RogueKiller but sense I was directed there as an update I downloaded that. I ended up not extracting the files because it didn't look like the origianl program. I used the existing RogueKiller without the update. Let me know if I did this wrong. Whichie Results of screen317&amp;amp;#39;s Security Check version 0.99.54 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` CCleaner Java 7 Update 9 Adobe Flash Player 11.3.300.265 Mozilla Firefox 10.0.2 Firefox out of Date! Mozilla Thunderbird (15.0.1) ````````Process Check: objlist.exe by Laurent```````` EMBARQ Online Security Anti-Virus fsgk32st.exe EMBARQ Online Security Anti-Virus FSGK32.EXE EMBARQ Online Security Anti-Virus fssm32.exe EMBARQ Online Security Common FSMA32.EXE EMBARQ Online Security Common FSLAUNCHER0.EXE `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0 % ````````````````````End of Log`````````````````````` # AdwCleaner v2.005 - Logfile created 11/06/2012 at 17:34:36 # Updated 14/10/2012 by Xplode # Operating system : Windows Vista Home Basic Service Pack 2 (32 bits) # User : holy - HOLY-PC # Boot Mode : Normal # Running from : C:\Users\holy\Downloads\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v10.0.2 (en-US) Profile name : default File : C:\Users\holy\AppData\Roaming\Mozilla\Firefox\Profiles\tujcccj1.default\prefs.js [OK] File is clean. Profile name : default File : C:\Users\REP\AppData\Roaming\Mozilla\Firefox\Profiles\nxcwat4w.default\prefs.js [OK] File is clean. -\\ Google Chrome v [unable to get version] File : C:\Users\holy\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[s1].txt - [1308 octets] - [20/10/2012 10:53:30] AdwCleaner[s2].txt - [1049 octets] - [06/11/2012 17:34:36] ########## EOF - C:\AdwCleaner[s2].txt - [1109 octets] ########## RogueKiller V8.1.1 [10/01/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website: http://tigzy.geekstogo.com/roguekiller.php Blog: http://tigzyrk.blogspot.com Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User : holy [Admin rights] Mode : Remove -- Date : 11/06/2012 18:17:50 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 1 ¤¤¤ [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ Extern Hives: ¤¤¤ -> F:\windows\system32\config\SOFTWARE -> F:\Users\Administrator\NTUSER.DAT -> F:\Users\Default\NTUSER.DAT ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST3120213AS ATA Device +++++ --- User --- [MBR] 99b4c67d9f534404c2654034f9b223c6 [bSP] 2552b2d2227b2ea2b3c92a526a1a6f5d : HP tatooed MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 108572 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 222355665 | Size: 5898 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: +++++ --- User --- [MBR] 4bd9312b49c298bb6625eef728205801 [bSP] cdc80cc7f77062a8a8a69def2ef3874f : HP tatooed MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 476319744 | Size: 5895 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[4].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt
  4. Whichie
    Dear Gringo, Your amazing advice worked so far. Before I held the power button I found that it had turned itself on. I cut the power and held the power button while turning on the power source. 30 Seconds and waited 30 seconds and it turned on. I followed these instructions: Run HijackThis > Click on the Scan button > Put a check beside all of the items listed below (if present): > > > O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files\Epson Software\FAX > Utility\FUFAXSTM.exe" > O4 - HKLM\..\Run: [FUFAXRCV] "C:\Program Files\Epson Software\FAX > Utility\FUFAXRCV.exe" > O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common > Files\Java\Java Update\jusched.exe" > O4 - HKCU\..\Run: [swg] "C:\Program > Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" I checked these and run the fix check. It has been over and hour keep waiting ? It just shows a blank scan page. If you read this maybe I should allow it to run longer? And I used the run as administrator. I'll just wait. The thinking light flashes every so often. Thank you some more. Whichie Oh and this is a desk top.
  5. Whichie
    Nothing. It's still on. The monitor does seem to be a part of just blinking so I no it has power. Whichie
  6. Whichie
    When you power it on the yellow "thinking" light flicks on for a moment goes to cd/dvd for a moment then the green light stays on with no "thinking" what so ever. No to any cord changing. Hope this helps. Whichie
  7. Whichie
    Dear Gringo, I spent time reading about what AV to use and finally decided to reinstall the same one I was using. F-Secure. After I uninstalled and then reinstalled I had an error message that it was not the most recent update even after I manually updated it. Did a chat they recommended I call them which I did and they told me they had a glitch and it was ok. I asked if they were going to find a fix and they said yes they were working on it but it was safe. After a few reboots and still with the error message I shut it off on the screen before you log on. Big Red Button. Now with it on I do not have a monitor. I tried a different monitor with the same results. The monitor acts like it's in hibernation but the processor is a steady stream of green. I shut it off once and waited and restated it with the same results. Seemed to be working up till this point, so I can't even see what is going on. Sorry any suggestions? Ugh. Whichie
  8. Whichie
    Hi Gringo, Yes I am still having problems. When I first had the malware Doppler Trojan on the Vista pc # 1 and quarantined by Malwarebyes I posted for help. The first thing suggested was to downloaded and run 1st tool to give my reports here DDS.txt and Attach. txt. I thought I was carefull using my XP pc to transfer over to the vista. I bought a new Flash drive and read that it was a good idea to use the recommended protection on that. Reading this from the orig Malewarebytes recommendation to use dds.com. Panda USB Vaccine. Then I saw I had Jdownload also. I am using my second pc XP to do all this and it started having pop up so I ran Malewarebytes on this pc XP. Malwarebytes found five pup.funmoods on the second pc. I read about that and I believe that is gone now just getting rid of it yesterday. The installer of pup.funmoods was tied in with Jdownloader folder so after Malwarebytes found the five spyware on XP I spend time looking for the rest of it. (pretty sure it all gone now). I didn't open my DDS.txt or Attach.txt above and as I read your instruction, I used malewarebytes uploader tool. I believe you want me to copy and paste it? sorry about this. I did't understand that so is that what I should do before I do all the rest of your instructions? On the infected pc Vista Doppler trojan found by Malwarebytes is quarantined. I was thinking from my DDS.txt and Attach.txt report from Vista pc you could see if it is okay. If it is then maybe I need to increase the RAM only. I have 1GB on it and maybe that is problem now. It is slow, It doesn't show the Flash drive at all. It is not on Internet so I had to use a cd to transfer the original download to run the two reports DDS.txt and Attach.txt. Sincerely, Whichie
  9. Whichie
    Dear Marlwarebytes, Thank you ahead of time for your help. I ran malwarebytes because the Vista PC started opening in safe mode and acted supicious. I tried a recovery no success. I still have the trojan in quarantine so before I post the two reports can you tell me should I delete them in quarantine or wait until this is done ? Thank you I hope I can attach the two files. Sincerely, Whichie DDS.txt Attach.txt Looks like it here ! Thanks again
  10. Whichie
    My vista was slow and started in safe mode serveral times I finally got it to open in Normal mode ran malwarebytes and it found a trogan doppler. The report said it was sucessfully removed. PC still runs slow and acts funny so I downloaded dds.com and had to open from download file. I saw the DOS screen quickly but no reports. It is saved on my desk top as a notepad file. (it appears to look like that) nothing else has happened no logs as instructions said I should have : DDS.txt and Attach.txt. What should I do now? Sincerely, Whichie
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.