Jump to content

kgej_73

Honorary Members
 View Profile  See their activity

  • Posts

    29

  • Joined

  • Last visited

Reputation

0 Neutral
  1. kgej_73
    Thank you. You have a happy Easter as well!
  2. kgej_73
    Cleanup is all done. Thank you very much for all your help!
  3. kgej_73
    We couldn't find the OTL application on our computer, and when we tried to use the link you provided earlier to re-download it we got this error: "Forbidden You don't have permission to access /OTL.exe on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request." Also, is it safe to delete the TDSSQuarantine folder?
  4. kgej_73
    My computer seems to be running ok. since the malicious software scan had detected and partially removed 6 threats we have been mostly running scans and not doing much else. But it seems to be running fine.
  5. kgej_73
    Here is the log file from the on line scanner. the first time we ran it we forgot to turn off the anti virus software. so we had to scan it again. ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=8 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=e1a128e445e0f4448dce9ba6686cc14b # engine=13513 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2013-03-29 07:57:13 # local_time=2013-03-29 03:57:13 (-0500, Eastern Daylight Time) # country="United States" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=9732 16777213 100 95 0 160581147 0 0 # scanned=70856 # found=6 # cleaned=0 # scan_time=4323 sh=1238F6E12158079E821E2C709C98B932147F0014 ft=1 fh=a16150051c4bc0a5 vn="Win64/Olmasco.Y trojan" ac=I fn="C:\TDSSKiller_Quarantine\20.03.2013_22.10.10\tdlfs0000\tsk0006.dta" sh=A8BD0C439D7D54532445A68600D7F9A420B7F1EA ft=1 fh=00a7a3e908704888 vn="Win32/Olmasco.O trojan" ac=I fn="C:\TDSSKiller_Quarantine\20.03.2013_22.10.10\tdlfs0000\tsk0007.dta" sh=E3F9312A48E3F9098364871D6368719319C44865 ft=1 fh=007800bc27690928 vn="Win64/Olmasco.AA trojan" ac=I fn="C:\TDSSKiller_Quarantine\20.03.2013_22.10.10\tdlfs0000\tsk0010.dta" sh=614A4E374797F94A1327F4C7D08A79A948660E9A ft=1 fh=1cb93ee4eea17c9e vn="Win32/Olmasco.Q trojan" ac=I fn="C:\TDSSKiller_Quarantine\20.03.2013_22.10.10\tdlfs0000\tsk0011.dta" sh=9D2E7DE60D42D7DCE2FCD9C3923EC098B4BFB51D ft=1 fh=66fa15f5ce12754e vn="Win32/Olmasco.AA trojan" ac=I fn="C:\TDSSKiller_Quarantine\20.03.2013_22.10.10\tdlfs0000\tsk0014.dta" sh=FA0B1157F3426C7D945CD3215872C0F7E61311AA ft=1 fh=842bfd24ed0098fa vn="Win64/Olmasco.Z trojan" ac=I fn="C:\TDSSKiller_Quarantine\20.03.2013_22.10.10\tdlfs0000\tsk0015.dta" ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=e1a128e445e0f4448dce9ba6686cc14b # engine=13515 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2013-03-29 08:52:15 # local_time=2013-03-29 04:52:15 (-0500, Eastern Daylight Time) # country="United States" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=9732 16777214 100 96 0 160584449 0 0 # scanned=70878 # found=6 # cleaned=0 # scan_time=2735 sh=1238F6E12158079E821E2C709C98B932147F0014 ft=1 fh=a16150051c4bc0a5 vn="Win64/Olmasco.Y trojan" ac=I fn="C:\TDSSKiller_Quarantine\20.03.2013_22.10.10\tdlfs0000\tsk0006.dta" sh=A8BD0C439D7D54532445A68600D7F9A420B7F1EA ft=1 fh=00a7a3e908704888 vn="Win32/Olmasco.O trojan" ac=I fn="C:\TDSSKiller_Quarantine\20.03.2013_22.10.10\tdlfs0000\tsk0007.dta" sh=E3F9312A48E3F9098364871D6368719319C44865 ft=1 fh=007800bc27690928 vn="Win64/Olmasco.AA trojan" ac=I fn="C:\TDSSKiller_Quarantine\20.03.2013_22.10.10\tdlfs0000\tsk0010.dta" sh=614A4E374797F94A1327F4C7D08A79A948660E9A ft=1 fh=1cb93ee4eea17c9e vn="Win32/Olmasco.Q trojan" ac=I fn="C:\TDSSKiller_Quarantine\20.03.2013_22.10.10\tdlfs0000\tsk0011.dta" sh=9D2E7DE60D42D7DCE2FCD9C3923EC098B4BFB51D ft=1 fh=66fa15f5ce12754e vn="Win32/Olmasco.AA trojan" ac=I fn="C:\TDSSKiller_Quarantine\20.03.2013_22.10.10\tdlfs0000\tsk0014.dta" sh=FA0B1157F3426C7D945CD3215872C0F7E61311AA ft=1 fh=842bfd24ed0098fa vn="Win64/Olmasco.Z trojan" ac=I fn="C:\TDSSKiller_Quarantine\20.03.2013_22.10.10\tdlfs0000\tsk0015.dta"
  6. kgej_73
    It finally worked! Here is the log: ComboFix 13-03-28.01 - Glenn 03/29/2013 14:06:52.4.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2585 [GMT -4:00] Running from: c:\documents and settings\Glenn\Desktop\nombr.exe AV: GFI Software VIPRE *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C} . . ((((((((((((((((((((((((( Files Created from 2013-02-28 to 2013-03-29 ))))))))))))))))))))))))))))))) . . 2013-03-29 00:32 . 2013-03-29 00:32 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2013-03-23 21:05 . 2013-03-23 21:09 -------- d-----w- C:\Netgear 2013-03-23 20:53 . 2013-03-23 20:53 -------- d-----w- c:\windows\system32\wbem\Repository 2013-03-21 02:17 . 2013-03-21 02:17 -------- d-----w- C:\TDSSKiller_Quarantine 2013-03-18 01:10 . 2008-04-14 10:42 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll 2013-03-16 00:34 . 2013-03-16 00:34 -------- d-----w- c:\program files\Common Files\Adobe 2013-03-16 00:07 . 2013-03-16 00:09 -------- d-----w- c:\program files\HRBlock2012 2013-03-16 00:07 . 2013-03-16 00:07 -------- d-----w- c:\program files\PDF995 2013-03-16 00:04 . 2013-03-16 00:04 -------- d-----w- c:\documents and settings\All Users\Application Data\TaxCut 2013-03-15 01:34 . 2013-02-12 00:32 12928 ------w- c:\windows\system32\dllcache\usb8023x.sys 2013-03-15 01:34 . 2013-02-12 00:32 12928 ------w- c:\windows\system32\dllcache\usb8023.sys 2013-03-12 02:57 . 2013-03-12 02:57 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-03-12 02:57 . 2013-03-12 02:57 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-03-12 02:23 . 2013-03-12 02:23 -------- d-----w- C:\b3d49f0659b2ad7319dd55e7 2013-03-12 01:39 . 2013-03-12 02:25 -------- d-----w- c:\program files\Windows Desktop Search 2013-03-12 01:39 . 2013-03-12 01:39 -------- d-----w- c:\windows\system32\GroupPolicy 2013-03-12 01:38 . 2008-03-07 17:02 29696 ------w- c:\windows\system32\dllcache\mimefilt.dll 2013-03-12 01:38 . 2008-03-07 17:02 98304 ------w- c:\windows\system32\dllcache\nlhtml.dll 2013-03-12 01:38 . 2008-03-07 17:02 192000 ------w- c:\windows\system32\dllcache\offfilt.dll 2013-03-12 01:37 . 2013-03-12 01:38 -------- d-----w- c:\program files\Windows Media Connect 2 2013-03-12 01:36 . 2013-03-12 01:36 -------- d-----w- c:\windows\system32\drivers\UMDF 2013-03-12 01:33 . 2011-08-16 10:45 6144 ------w- c:\windows\system32\dllcache\iecompat.dll 2013-03-11 23:50 . 2008-04-14 04:15 26368 ----a-w- c:\windows\system32\dllcache\usbstor.sys 2013-03-11 23:27 . 2008-04-14 09:42 159232 ----a-w- c:\windows\system32\ptpusd.dll 2013-03-11 23:27 . 2001-08-18 02:36 5632 ----a-w- c:\windows\system32\ptpusb.dll 2013-03-11 23:27 . 2008-04-14 04:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys 2013-03-11 23:27 . 2008-04-14 04:15 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys 2013-03-11 23:11 . 2008-04-14 04:15 26112 ----a-w- c:\windows\system32\drivers\usbser.sys 2013-03-11 23:11 . 2008-04-14 04:15 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys 2013-03-11 22:57 . 2013-03-11 22:59 -------- d-----w- C:\Arduino_1_0_4 2013-03-11 11:09 . 2013-03-11 11:09 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2013-03-11 09:09 . 2013-03-11 09:09 -------- d-----w- c:\documents and settings\Administrator\Application Data\GFI Software 2013-03-11 09:09 . 2013-03-11 09:09 -------- d-s---w- c:\documents and settings\Administrator\IETldCache 2013-03-11 07:23 . 2013-03-11 07:25 -------- d-----w- c:\program files\Common Files\Nero 2013-03-11 07:23 . 2013-03-11 07:23 -------- d-----w- c:\program files\Nero 2013-03-11 07:23 . 2013-03-11 07:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero 2013-03-11 06:28 . 2011-03-11 14:10 471552 ------w- c:\windows\system32\dllcache\aclayers.dll 2013-03-11 06:14 . 2013-03-11 06:14 -------- d-----w- c:\program files\MSXML 4.0 2013-03-11 06:04 . 2013-02-05 20:05 522240 ------w- c:\windows\system32\dllcache\jsdbgui.dll 2013-03-11 06:03 . 2012-12-16 12:23 290560 ------w- c:\windows\system32\dllcache\atmfd.dll 2013-03-11 06:03 . 2012-07-04 14:05 139784 ------w- c:\windows\system32\dllcache\rdpwd.sys 2013-03-11 06:02 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll 2013-03-11 06:02 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\dllcache\iacenc.dll 2013-03-11 06:01 . 2011-07-15 13:29 456320 ------w- c:\windows\system32\dllcache\mrxsmb.sys 2013-03-11 06:01 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys 2013-03-11 06:00 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys 2013-03-11 05:59 . 2010-11-02 15:17 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys 2013-03-11 05:59 . 2010-10-11 14:59 45568 ------w- c:\windows\system32\dllcache\wab.exe 2013-03-11 05:59 . 2010-08-16 08:45 590848 ------w- c:\windows\system32\dllcache\rpcrt4.dll 2013-03-11 05:59 . 2010-09-18 06:53 954368 ------w- c:\windows\system32\dllcache\mfc40.dll 2013-03-11 05:59 . 2011-02-08 13:33 978944 ------w- c:\windows\system32\dllcache\mfc42.dll 2013-03-11 05:59 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll 2013-03-11 05:59 . 2010-08-23 16:12 617472 ------w- c:\windows\system32\dllcache\comctl32.dll 2013-03-11 05:58 . 2010-06-18 13:36 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe 2013-03-11 05:58 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe 2013-03-11 05:57 . 2010-08-27 08:02 119808 ------w- c:\windows\system32\dllcache\t2embed.dll 2013-03-11 05:57 . 2009-10-15 16:28 81920 ------w- c:\windows\system32\dllcache\fontsub.dll 2013-03-11 05:56 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll 2013-03-11 05:54 . 2011-02-17 12:32 5120 ----a-w- c:\windows\system32\xpsp4res.dll 2013-03-11 05:54 . 2010-07-12 12:55 218112 ------w- c:\windows\system32\dllcache\wordpad.exe 2013-03-11 05:54 . 2008-05-01 14:33 331776 ------w- c:\windows\system32\dllcache\msadce.dll 2013-03-11 05:53 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\dllcache\bthport.sys 2013-03-11 05:53 . 2008-05-08 14:02 203136 ------w- c:\windows\system32\dllcache\rmcast.sys 2013-03-11 05:49 . 2012-06-02 20:19 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2013-03-11 05:49 . 2012-06-02 20:19 45080 ----a-w- c:\windows\system32\wups2.dll 2013-03-11 05:49 . 2012-06-02 20:19 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2013-03-11 05:49 . 2012-06-02 20:19 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2013-03-11 05:49 . 2012-06-02 20:19 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2013-03-11 05:40 . 2013-02-05 20:05 630272 ------w- c:\windows\system32\dllcache\msfeeds.dll 2013-03-11 05:40 . 2013-02-05 20:05 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll 2013-03-11 05:40 . 2013-02-05 20:05 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll 2013-03-11 05:40 . 2013-02-05 20:05 12800 ------w- c:\windows\system32\dllcache\xpshims.dll 2013-03-11 05:40 . 2013-02-05 20:05 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll 2013-03-11 05:40 . 2013-02-05 20:05 2004992 ------w- c:\windows\system32\dllcache\iertutil.dll 2013-03-11 05:40 . 2013-02-05 20:05 11111424 ------w- c:\windows\system32\dllcache\ieframe.dll 2013-03-11 05:31 . 2013-03-11 05:31 -------- d-s---w- c:\documents and settings\NetworkService\IETldCache 2013-03-11 05:27 . 2013-03-11 05:28 -------- dc-h--w- c:\windows\ie8 2013-03-11 05:06 . 2013-03-11 05:06 -------- d-----w- c:\program files\MSECache 2013-03-11 04:47 . 2003-06-18 22:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll 2013-03-11 04:47 . 2003-06-18 22:31 17920 ----a-w- c:\windows\system32\mdimon.dll 2013-03-11 04:47 . 2013-03-11 04:47 -------- d-----w- c:\program files\Common Files\L&H 2013-03-11 04:47 . 2013-03-11 04:47 -------- d-----w- c:\program files\Microsoft ActiveSync 2013-03-11 04:47 . 2013-03-11 04:47 -------- d-----w- c:\program files\Microsoft Works 2013-03-11 04:47 . 2013-03-11 04:47 -------- d-----w- c:\windows\SHELLNEW 2013-03-11 04:46 . 2013-03-11 04:46 -------- d-----w- c:\program files\Microsoft.NET 2013-03-11 04:44 . 2013-03-11 04:44 -------- d-----r- C:\MSOCache 2013-03-11 03:23 . 2011-12-23 15:42 14848 ----a-w- c:\windows\system32\drivers\MFWCtwl.sys 2013-03-11 03:23 . 2013-03-11 03:23 -------- d-----w- c:\program files\SamsungFirmwareUpdater 2013-03-11 03:16 . 2013-03-11 03:16 -------- d-----w- c:\program files\MonitorDriver 2013-03-11 03:04 . 2013-03-11 03:04 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation 2013-03-11 03:04 . 2013-03-23 20:53 -------- d-----w- c:\documents and settings\UpdatusUser 2013-03-11 03:01 . 2013-03-11 03:04 -------- d-----w- c:\program files\NVIDIA Corporation 2013-03-11 03:01 . 2013-03-11 03:01 -------- d-----w- C:\NVIDIA 2013-03-11 02:58 . 2013-03-11 02:58 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA 2013-03-11 02:58 . 2013-03-11 02:58 -------- d-----w- c:\windows\Sun 2013-03-11 02:57 . 2013-03-11 02:57 782240 ----a-w- c:\windows\system32\deployJava1.dll 2013-03-11 02:57 . 2013-03-11 02:57 143872 ----a-w- c:\windows\system32\javacpl.cpl 2013-03-11 02:57 . 2013-03-11 02:57 861088 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-03-11 02:57 . 2013-03-11 02:57 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-03-11 02:57 . 2013-03-11 02:57 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2013-03-11 02:45 . 2013-03-11 02:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2013-03-11 02:45 . 2013-03-11 02:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-03-11 02:45 . 2012-12-14 21:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-03-11 02:18 . 2013-02-11 17:28 35896 ----a-w- c:\windows\system32\drivers\gfiark.sys 2013-03-11 02:16 . 2012-12-05 02:01 68904 ----a-w- c:\windows\system32\drivers\sbapifs.sys 2013-03-11 02:16 . 2012-12-05 02:01 23088 ----a-w- c:\windows\system32\drivers\sbaphd.sys 2013-03-11 02:16 . 2013-03-11 02:16 -------- d-----w- c:\documents and settings\All Users\Application Data\GFI Software 2013-03-11 02:16 . 2012-12-27 02:02 222960 ----a-w- c:\windows\system32\drivers\sbtis.sys 2013-03-11 02:16 . 2013-03-11 02:16 -------- d-----w- c:\windows\system32\drivers\VDD 2013-03-11 02:16 . 2013-03-11 02:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations 2013-03-11 02:16 . 2013-03-11 02:16 -------- d-----w- c:\program files\GFI Software 2013-03-11 01:41 . 2013-03-12 01:36 -------- d-----w- c:\windows\system32\LogFiles 2013-03-11 01:35 . 2013-03-29 13:41 -------- d-----w- c:\documents and settings\Glenn 2013-03-11 01:33 . 2006-04-11 16:02 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Creative 2013-03-11 01:33 . 2006-04-11 15:59 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Corel 2013-03-11 01:33 . 2006-04-11 15:55 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Gtek 2013-03-11 01:27 . 2008-04-14 05:09 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2013-03-11 01:27 . 2001-08-17 19:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys 2013-03-11 01:27 . 2008-04-14 05:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys 2013-03-11 01:27 . 2008-04-14 05:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-02-21 02:30 . 2013-02-21 02:30 13632 ----a-w- c:\windows\system32\drivers\VDD\apvdd.dll 2013-02-21 02:30 . 2013-02-21 02:30 44864 ----a-w- c:\windows\system32\sbbd.exe 2013-02-12 00:32 . 2005-08-16 09:18 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-02-05 20:05 . 2005-08-16 09:18 916480 ----a-w- c:\windows\system32\wininet.dll 2013-02-05 20:05 . 2005-08-16 09:18 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-02-05 20:05 . 2005-08-16 09:18 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2013-02-05 05:53 . 2005-08-16 09:18 385024 ----a-w- c:\windows\system32\html.iec 2013-01-31 11:22 . 2006-04-11 15:28 19189760 ----a-w- c:\windows\system32\nvoglnt.dll 2013-01-31 11:22 . 2005-08-16 09:35 12648960 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2013-01-31 11:22 . 2005-08-16 09:35 4494336 ----a-w- c:\windows\system32\nv4_disp.dll 2013-01-31 09:06 . 2006-04-11 15:28 126976 ----a-w- c:\windows\system32\nvrszht.dll 2013-01-31 09:06 . 2006-04-11 15:28 274432 ----a-w- c:\windows\system32\nvrsnl.dll 2013-01-31 09:06 . 2006-04-11 15:28 270336 ----a-w- c:\windows\system32\nvrsptb.dll 2013-01-31 09:06 . 2006-04-11 15:28 266240 ----a-w- c:\windows\system32\nvrsko.dll 2013-01-31 09:06 . 2006-04-11 15:28 253952 ----a-w- c:\windows\system32\nvrssv.dll 2013-01-31 09:06 . 2006-04-11 15:28 253952 ----a-w- c:\windows\system32\nvrsno.dll 2013-01-31 09:06 . 2006-04-11 15:28 229376 ----a-w- c:\windows\system32\nvrszhc.dll 2013-01-31 09:06 . 2006-04-11 15:28 286720 ----a-w- c:\windows\system32\nvrsfr.dll 2013-01-31 09:06 . 2006-04-11 15:28 282624 ----a-w- c:\windows\system32\nvrsit.dll 2013-01-31 09:06 . 2006-04-11 15:28 282624 ----a-w- c:\windows\system32\nvrses.dll 2013-01-31 09:06 . 2006-04-11 15:28 274432 ----a-w- c:\windows\system32\nvrsja.dll 2013-01-31 09:06 . 2006-04-11 15:28 249856 ----a-w- c:\windows\system32\nvrsfi.dll 2013-01-31 09:06 . 2006-04-11 15:28 278528 ----a-w- c:\windows\system32\nvrsde.dll 2013-01-31 09:06 . 2006-04-11 15:28 253952 ----a-w- c:\windows\system32\nvrsda.dll 2013-01-31 09:02 . 2006-04-11 15:28 54272 ----a-w- c:\windows\system32\nvwddi.dll 2013-01-31 09:02 . 2006-04-11 15:28 156448 ----a-w- c:\windows\system32\nvsvc32.exe 2013-01-31 09:02 . 2006-04-11 15:28 108832 ----a-w- c:\windows\system32\nvmctray.dll 2013-01-31 09:02 . 2006-04-11 15:28 15517472 ----a-w- c:\windows\system32\nvcpl.dll 2013-01-26 03:55 . 2005-08-16 09:18 552448 ----a-w- c:\windows\system32\oleaut32.dll 2013-01-07 01:19 . 2005-08-16 09:18 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-01-07 00:37 . 2004-08-04 03:59 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-01-04 01:20 . 2005-08-16 09:18 1867264 ----a-w- c:\windows\system32\win32k.sys 2013-01-02 06:49 . 2005-08-16 09:18 1292288 ----a-w- c:\windows\system32\quartz.dll 2013-03-07 14:31 . 2013-03-11 02:12 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt] @="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}" [HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}] 2008-07-10 12:23 97064 ----a-w- c:\program files\Nero\Nero8\InCD\NBHShx.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264] "CTSysVol"="c:\program files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344] "CTDVDDET"="c:\program files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056] "CTHelper"="CTHELPER.EXE" [2007-04-09 19456] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940] "SBAMTray"="c:\program files\GFI Software\VIPRE\SBAMTray.exe" [2013-02-21 3154752] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2013-01-31 15517472] "NvMediaCenter"="NvMCTray.dll" [2013-01-31 108832] "nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-01-31 1982312] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-4-11 24576] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD] 2008-07-10 12:23 1083176 ----a-w- c:\program files\Nero\Nero8\InCD\InCD.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2008-06-24 19:06 1840424 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2005-06-10 15:44 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2005-06-10 15:44 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2008-07-09 18:39 570664 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2006-04-11 15:54 98304 ----a-w- c:\program files\QuickTime\qttask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] 2006-04-11 15:54 26112 ----a-w- c:\program files\Real\RealPlayer\realplay.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc] 2008-07-10 12:23 2049320 ----a-w- c:\program files\Nero\Nero8\InCD\NBHGui.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 . R1 SamsungMonitorFirmware;SamsungMonitorFirmware;c:\windows\system32\drivers\MFWCtwl.sys [3/10/2013 11:23 PM 14848] R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [3/10/2013 10:16 PM 23088] R1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys [3/10/2013 10:16 PM 222960] R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [3/10/2013 10:45 PM 398184] R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [7/10/2008 8:23 AM 53032] R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [3/10/2013 10:16 PM 68904] R2 SBPIMSvc;SB Recovery Service;c:\program files\GFI Software\VIPRE\SBPIMSvc.exe [2/20/2013 10:30 PM 175936] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3/10/2013 10:45 PM 21104] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [3/10/2013 10:45 PM 682344] S2 SBAMSvc;VIPRE Antivirus;c:\program files\GFI Software\VIPRE\SBAMSvc.exe [2/20/2013 10:30 PM 3680512] S3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys [3/10/2013 10:18 PM 35896] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [3/28/2013 8:32 PM 40776] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\Glenn\Application Data\Mozilla\Firefox\Profiles\4939n7d9.default\ FF - prefs.js: browser.startup.homepage - about:home FF - ExtSQL: 2013-03-10 22:49; https-everywhere@eff.org; c:\documents and settings\Glenn\Application Data\Mozilla\Firefox\Profiles\4939n7d9.default\extensions\https-everywhere@eff.org FF - ExtSQL: 2013-03-11 22:21; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-03-29 14:12 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . Completion time: 2013-03-29 14:13:57 ComboFix-quarantined-files.txt 2013-03-29 18:13 . Pre-Run: 110,667,771,904 bytes free Post-Run: 110,626,619,392 bytes free . - - End Of File - - 139C232D9ECFCEA9962F1566C31CC325
  7. kgej_73
    Both ComboFix and aswMBR still give me the blue screen of death. However, something different when I tried to run combofix was that an error popped up during the beginning of the scan saying "catchme.3xe encountered an error and needed to close".
  8. kgej_73
    I ran the symantec program and it said "backdoor.Tidsevr has not been found on your computer".
  9. kgej_73
    ComboFix ran all the way to creating the log file, and then it blue screened. This is all I got: ComboFix 13-03-28.01 - Glenn 03/29/2013 1:08:04.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2555 [GMT -4:00] Running from: C:\Documents and Settings\Glenn\Desktop\ComboFix.exe AV: GFI Software VIPRE *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C} * Created a new restore point
  10. kgej_73
    i ran defogger successfully and deleted the tdss program then reinstalled it and did a scan. here is the log from that: 23:23:36.0500 2596 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 23:23:36.0953 2596 ============================================================ 23:23:36.0953 2596 Current date / time: 2013/03/28 23:23:36.0953 23:23:36.0953 2596 SystemInfo: 23:23:36.0953 2596 23:23:36.0953 2596 OS Version: 5.1.2600 ServicePack: 3.0 23:23:36.0953 2596 Product type: Workstation 23:23:36.0953 2596 ComputerName: MAIN_COMPUTER 23:23:36.0953 2596 UserName: Glenn 23:23:36.0953 2596 Windows directory: C:\WINDOWS 23:23:36.0953 2596 System windows directory: C:\WINDOWS 23:23:36.0953 2596 Processor architecture: Intel x86 23:23:36.0953 2596 Number of processors: 2 23:23:36.0953 2596 Page size: 0x1000 23:23:36.0953 2596 Boot type: Normal boot 23:23:36.0953 2596 ============================================================ 23:23:37.0390 2596 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 23:23:37.0390 2596 ============================================================ 23:23:37.0390 2596 \Device\Harddisk0\DR0: 23:23:37.0390 2596 MBR partitions: 23:23:37.0390 2596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x120A4B98 23:23:37.0390 2596 ============================================================ 23:23:37.0421 2596 C: <-> \Device\Harddisk0\DR0\Partition1 23:23:37.0421 2596 ============================================================ 23:23:37.0421 2596 Initialize success 23:23:37.0421 2596 ============================================================ 23:23:46.0812 3328 ============================================================ 23:23:46.0812 3328 Scan started 23:23:46.0812 3328 Mode: Manual; SigCheck; TDLFS; 23:23:46.0812 3328 ============================================================ 23:23:46.0875 3328 ================ Scan system memory ======================== 23:23:46.0875 3328 System memory - ok 23:23:46.0875 3328 ================ Scan services ============================= 23:23:47.0000 3328 Abiosdsk - ok 23:23:47.0046 3328 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 23:23:48.0578 3328 abp480n5 - ok 23:23:48.0609 3328 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 23:23:48.0796 3328 ACPI - ok 23:23:48.0828 3328 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 23:23:48.0953 3328 ACPIEC - ok 23:23:48.0984 3328 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys 23:23:49.0125 3328 adpu160m - ok 23:23:49.0171 3328 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 23:23:49.0296 3328 aec - ok 23:23:49.0343 3328 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 23:23:49.0421 3328 AFD - ok 23:23:49.0453 3328 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys 23:23:49.0578 3328 agp440 - ok 23:23:49.0609 3328 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 23:23:49.0734 3328 agpCPQ - ok 23:23:49.0734 3328 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys 23:23:49.0796 3328 Aha154x - ok 23:23:49.0796 3328 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys 23:23:49.0921 3328 aic78u2 - ok 23:23:49.0953 3328 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys 23:23:50.0093 3328 aic78xx - ok 23:23:50.0125 3328 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 23:23:50.0250 3328 Alerter - ok 23:23:50.0281 3328 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe 23:23:50.0421 3328 ALG - ok 23:23:50.0437 3328 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys 23:23:50.0546 3328 AliIde - ok 23:23:50.0578 3328 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys 23:23:50.0703 3328 alim1541 - ok 23:23:50.0718 3328 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys 23:23:50.0859 3328 amdagp - ok 23:23:50.0859 3328 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys 23:23:50.0937 3328 amsint - ok 23:23:51.0062 3328 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 23:23:51.0078 3328 Apple Mobile Device - ok 23:23:51.0109 3328 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 23:23:51.0250 3328 AppMgmt - ok 23:23:51.0281 3328 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 23:23:51.0421 3328 Arp1394 - ok 23:23:51.0453 3328 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys 23:23:51.0578 3328 asc - ok 23:23:51.0578 3328 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys 23:23:51.0656 3328 asc3350p - ok 23:23:51.0656 3328 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys 23:23:51.0781 3328 asc3550 - ok 23:23:51.0812 3328 [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys 23:23:51.0812 3328 ASCTRM ( UnsignedFile.Multi.Generic ) - warning 23:23:51.0812 3328 ASCTRM - detected UnsignedFile.Multi.Generic (1) 23:23:51.0937 3328 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 23:23:51.0953 3328 aspnet_state - ok 23:23:51.0968 3328 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 23:23:52.0109 3328 AsyncMac - ok 23:23:52.0125 3328 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 23:23:52.0250 3328 atapi - ok 23:23:52.0250 3328 Atdisk - ok 23:23:52.0296 3328 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 23:23:52.0437 3328 Atmarpc - ok 23:23:52.0468 3328 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 23:23:52.0593 3328 AudioSrv - ok 23:23:52.0625 3328 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 23:23:52.0765 3328 audstub - ok 23:23:52.0812 3328 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 23:23:52.0937 3328 Beep - ok 23:23:53.0000 3328 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll 23:23:53.0171 3328 BITS - ok 23:23:53.0234 3328 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 23:23:53.0250 3328 Bonjour Service - ok 23:23:53.0296 3328 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll 23:23:53.0359 3328 Browser - ok 23:23:53.0359 3328 bvrp_pci - ok 23:23:53.0515 3328 catchme - ok 23:23:53.0546 3328 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 23:23:53.0703 3328 cbidf - ok 23:23:53.0703 3328 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 23:23:53.0828 3328 cbidf2k - ok 23:23:53.0859 3328 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 23:23:53.0921 3328 cd20xrnt - ok 23:23:53.0953 3328 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 23:23:54.0078 3328 Cdaudio - ok 23:23:54.0109 3328 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 23:23:54.0234 3328 Cdfs - ok 23:23:54.0250 3328 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 23:23:54.0390 3328 Cdrom - ok 23:23:54.0390 3328 Changer - ok 23:23:54.0421 3328 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe 23:23:54.0562 3328 CiSvc - ok 23:23:54.0609 3328 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 23:23:54.0750 3328 ClipSrv - ok 23:23:54.0796 3328 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:23:54.0843 3328 clr_optimization_v2.0.50727_32 - ok 23:23:54.0875 3328 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys 23:23:55.0000 3328 CmdIde - ok 23:23:55.0031 3328 [ 1EF05B641E9A67DED74AC8AD40055DBF ] COMMONFX.DLL C:\WINDOWS\system32\COMMONFX.DLL 23:23:55.0078 3328 COMMONFX.DLL - ok 23:23:55.0078 3328 COMSysApp - ok 23:23:55.0109 3328 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys 23:23:55.0234 3328 Cpqarray - ok 23:23:55.0281 3328 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.EXE 23:23:55.0296 3328 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - warning 23:23:55.0296 3328 Creative Service for CDROM Access - detected UnsignedFile.Multi.Generic (1) 23:23:55.0328 3328 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 23:23:55.0453 3328 CryptSvc - ok 23:23:55.0484 3328 [ 6191A973461852A09D643609E1D5F7C6 ] CT20XUT.DLL C:\WINDOWS\system32\CT20XUT.DLL 23:23:55.0625 3328 CT20XUT.DLL - ok 23:23:55.0687 3328 [ 8AC5F77E30E37D2D11BD99EFF0C53D8C ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys 23:23:55.0703 3328 ctac32k - ok 23:23:55.0734 3328 [ 673241D314E932F4890509AE8EBF26DB ] ctaud2k C:\WINDOWS\system32\drivers\ctaud2k.sys 23:23:55.0765 3328 ctaud2k - ok 23:23:55.0812 3328 [ 472B82D7E549E7FAB428852E4D16F21D ] CTAUDFX.DLL C:\WINDOWS\system32\CTAUDFX.DLL 23:23:55.0859 3328 CTAUDFX.DLL - ok 23:23:55.0921 3328 [ ED316D4C3D39C5B6C23DE067E275C183 ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys 23:23:55.0937 3328 ctdvda2k - ok 23:23:55.0968 3328 [ 6A57F82009563AEE8826F117E1D3C72C ] CTEAPSFX.DLL C:\WINDOWS\system32\CTEAPSFX.DLL 23:23:56.0000 3328 CTEAPSFX.DLL - ok 23:23:56.0031 3328 [ C8AC1FFAEADD655193D7B1811A572D8D ] CTEDSPFX.DLL C:\WINDOWS\system32\CTEDSPFX.DLL 23:23:56.0078 3328 CTEDSPFX.DLL - ok 23:23:56.0093 3328 [ 44495D9DAF675257D00B25B041EE6667 ] CTEDSPIO.DLL C:\WINDOWS\system32\CTEDSPIO.DLL 23:23:56.0140 3328 CTEDSPIO.DLL - ok 23:23:56.0187 3328 [ 8E90B1762CB42E2FC76DAC9210C83C66 ] CTEDSPSY.DLL C:\WINDOWS\system32\CTEDSPSY.DLL 23:23:56.0234 3328 CTEDSPSY.DLL - ok 23:23:56.0265 3328 [ D3FBD9983325435B06795F29CB57ED3D ] CTERFXFX.DLL C:\WINDOWS\system32\CTERFXFX.DLL 23:23:56.0296 3328 CTERFXFX.DLL - ok 23:23:56.0375 3328 [ 2C48E9D8CA703964463F27AE341115B7 ] CTEXFIFX.DLL C:\WINDOWS\system32\CTEXFIFX.DLL 23:23:56.0484 3328 CTEXFIFX.DLL - ok 23:23:56.0500 3328 [ F7657C598E7C29C6683C1E4A8DD68884 ] CTHWIUT.DLL C:\WINDOWS\system32\CTHWIUT.DLL 23:23:56.0546 3328 CTHWIUT.DLL - ok 23:23:56.0578 3328 [ 34E7F8A499FD8361DF14FEDB724C0AD3 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys 23:23:56.0593 3328 ctprxy2k - ok 23:23:56.0609 3328 [ 679AE21EB7F48A08184813AEBABDEC7C ] CTSBLFX.DLL C:\WINDOWS\system32\CTSBLFX.DLL 23:23:56.0703 3328 CTSBLFX.DLL - ok 23:23:56.0718 3328 [ 32098497CB4DFE9EA7660FA62DD91060 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys 23:23:56.0734 3328 ctsfm2k - ok 23:23:56.0765 3328 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 23:23:56.0906 3328 dac2w2k - ok 23:23:56.0906 3328 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys 23:23:57.0078 3328 dac960nt - ok 23:23:57.0125 3328 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 23:23:57.0187 3328 DcomLaunch - ok 23:23:57.0218 3328 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 23:23:57.0359 3328 Dhcp - ok 23:23:57.0375 3328 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 23:23:57.0500 3328 Disk - ok 23:23:57.0562 3328 [ E2D0DE31442390C35E3163C87CB6A9EB ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS 23:23:57.0578 3328 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning 23:23:57.0578 3328 DLABOIOM - detected UnsignedFile.Multi.Generic (1) 23:23:57.0593 3328 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS 23:23:57.0609 3328 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning 23:23:57.0609 3328 DLACDBHM - detected UnsignedFile.Multi.Generic (1) 23:23:57.0625 3328 [ 83545593E297F50A8E2524B4C071A153 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS 23:23:57.0625 3328 DLADResN ( UnsignedFile.Multi.Generic ) - warning 23:23:57.0625 3328 DLADResN - detected UnsignedFile.Multi.Generic (1) 23:23:57.0640 3328 [ 96E01D901CDC98C7817155CC057001BF ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS 23:23:57.0656 3328 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning 23:23:57.0656 3328 DLAIFS_M - detected UnsignedFile.Multi.Generic (1) 23:23:57.0656 3328 [ 0A60A39CC5E767980A31CA5D7238DFA9 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS 23:23:57.0671 3328 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning 23:23:57.0671 3328 DLAOPIOM - detected UnsignedFile.Multi.Generic (1) 23:23:57.0671 3328 [ 9FE2B72558FC808357F427FD83314375 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS 23:23:57.0687 3328 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning 23:23:57.0687 3328 DLAPoolM - detected UnsignedFile.Multi.Generic (1) 23:23:57.0687 3328 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS 23:23:57.0703 3328 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning 23:23:57.0703 3328 DLARTL_N - detected UnsignedFile.Multi.Generic (1) 23:23:57.0718 3328 [ F08E1DAFAC457893399E03430A6A1397 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS 23:23:57.0734 3328 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning 23:23:57.0734 3328 DLAUDFAM - detected UnsignedFile.Multi.Generic (1) 23:23:57.0734 3328 [ E7D105ED1E694449D444A9933DF8E060 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS 23:23:57.0734 3328 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning 23:23:57.0734 3328 DLAUDF_M - detected UnsignedFile.Multi.Generic (1) 23:23:57.0750 3328 dmadmin - ok 23:23:57.0828 3328 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 23:23:57.0968 3328 dmboot - ok 23:23:57.0984 3328 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys 23:23:58.0109 3328 dmio - ok 23:23:58.0140 3328 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 23:23:58.0265 3328 dmload - ok 23:23:58.0296 3328 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll 23:23:58.0421 3328 dmserver - ok 23:23:58.0437 3328 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 23:23:58.0578 3328 DMusic - ok 23:23:58.0625 3328 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 23:23:58.0687 3328 Dnscache - ok 23:23:58.0718 3328 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 23:23:58.0859 3328 Dot3svc - ok 23:23:58.0890 3328 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys 23:23:59.0015 3328 dpti2o - ok 23:23:59.0046 3328 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 23:23:59.0171 3328 drmkaud - ok 23:23:59.0203 3328 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS 23:23:59.0203 3328 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning 23:23:59.0203 3328 DRVMCDB - detected UnsignedFile.Multi.Generic (1) 23:23:59.0218 3328 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS 23:23:59.0234 3328 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning 23:23:59.0234 3328 DRVNDDM - detected UnsignedFile.Multi.Generic (1) 23:23:59.0250 3328 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys 23:23:59.0375 3328 E100B - ok 23:23:59.0406 3328 [ 0849EACDC01487573ADD86F5E470806C ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys 23:23:59.0453 3328 e1express - ok 23:23:59.0500 3328 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll 23:23:59.0625 3328 EapHost - ok 23:23:59.0671 3328 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe 23:23:59.0718 3328 ehRecvr - ok 23:23:59.0750 3328 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe 23:23:59.0796 3328 ehSched - ok 23:23:59.0843 3328 [ 1976FEDF6D7F87135C9B7F5CB4C8C868 ] ELacpi C:\WINDOWS\system32\DRIVERS\ELacpi.sys 23:23:59.0875 3328 ELacpi - ok 23:23:59.0906 3328 [ AE65C02444907966378454138B9F99F0 ] ELhid C:\WINDOWS\system32\DRIVERS\ELhid.sys 23:23:59.0921 3328 ELhid ( UnsignedFile.Multi.Generic ) - warning 23:23:59.0921 3328 ELhid - detected UnsignedFile.Multi.Generic (1) 23:23:59.0921 3328 [ E485C3BA1DADDEEF3E14FEA1E8FDA6E1 ] ELkbd C:\WINDOWS\system32\DRIVERS\ELkbd.sys 23:23:59.0921 3328 ELkbd ( UnsignedFile.Multi.Generic ) - warning 23:23:59.0921 3328 ELkbd - detected UnsignedFile.Multi.Generic (1) 23:23:59.0937 3328 [ 0D87CB825ED6CB2EBCC147A10A42F1D6 ] ELmon C:\WINDOWS\system32\DRIVERS\ELmon.sys 23:23:59.0937 3328 ELmon ( UnsignedFile.Multi.Generic ) - warning 23:23:59.0937 3328 ELmon - detected UnsignedFile.Multi.Generic (1) 23:23:59.0937 3328 [ A4ADD3847B67BACAB6FC851A2B60FDB3 ] ELmou C:\WINDOWS\system32\DRIVERS\ELmou.sys 23:23:59.0953 3328 ELmou ( UnsignedFile.Multi.Generic ) - warning 23:23:59.0953 3328 ELmou - detected UnsignedFile.Multi.Generic (1) 23:24:00.0015 3328 [ D1DE16926C682DCD3D99AE5500CA5522 ] ELService C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe 23:24:00.0031 3328 ELService ( UnsignedFile.Multi.Generic ) - warning 23:24:00.0031 3328 ELService - detected UnsignedFile.Multi.Generic (1) 23:24:00.0078 3328 [ 2885F72D2DAFFD0329272F12E16D6579 ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys 23:24:00.0093 3328 emupia - ok 23:24:00.0125 3328 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll 23:24:00.0250 3328 ERSvc - ok 23:24:00.0296 3328 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe 23:24:00.0328 3328 Eventlog - ok 23:24:00.0359 3328 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll 23:24:00.0421 3328 EventSystem - ok 23:24:00.0437 3328 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 23:24:00.0578 3328 Fastfat - ok 23:24:00.0609 3328 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 23:24:00.0656 3328 FastUserSwitchingCompatibility - ok 23:24:00.0703 3328 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe 23:24:00.0828 3328 Fax - ok 23:24:00.0859 3328 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 23:24:00.0984 3328 Fdc - ok 23:24:01.0015 3328 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 23:24:01.0140 3328 Fips - ok 23:24:01.0171 3328 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 23:24:01.0296 3328 Flpydisk - ok 23:24:01.0343 3328 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 23:24:01.0468 3328 FltMgr - ok 23:24:01.0546 3328 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 23:24:01.0578 3328 FontCache3.0.0.0 - ok 23:24:01.0593 3328 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 23:24:01.0718 3328 Fs_Rec - ok 23:24:01.0750 3328 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 23:24:01.0890 3328 Ftdisk - ok 23:24:01.0921 3328 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys 23:24:02.0046 3328 gameenum - ok 23:24:02.0093 3328 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 23:24:02.0109 3328 GEARAspiWDM - ok 23:24:02.0140 3328 [ 1BFABBB4C99E1FDBC7B756BE39868D03 ] gfiark C:\WINDOWS\system32\drivers\gfiark.sys 23:24:02.0156 3328 gfiark - ok 23:24:02.0171 3328 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 23:24:02.0343 3328 Gpc - ok 23:24:02.0390 3328 [ DA2C735B66D2E7B739F9A46146581A9D ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys 23:24:02.0406 3328 ha10kx2k - ok 23:24:02.0453 3328 [ 5C7D6D68796E4621B4168C879908DAE0 ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys 23:24:02.0468 3328 hap16v2k - ok 23:24:02.0500 3328 [ A595B88AD16D8B5693DDF08113CAF30E ] hap17v2k C:\WINDOWS\system32\drivers\hap17v2k.sys 23:24:02.0515 3328 hap17v2k - ok 23:24:02.0609 3328 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 23:24:02.0734 3328 helpsvc - ok 23:24:02.0750 3328 HidServ - ok 23:24:02.0765 3328 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 23:24:02.0890 3328 HidUsb - ok 23:24:02.0921 3328 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 23:24:03.0062 3328 hkmsvc - ok 23:24:03.0109 3328 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys 23:24:03.0234 3328 hpn - ok 23:24:03.0250 3328 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys 23:24:03.0312 3328 HSFHWBS2 - ok 23:24:03.0343 3328 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys 23:24:03.0406 3328 HSF_DP - ok 23:24:03.0468 3328 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 23:24:03.0531 3328 HTTP - ok 23:24:03.0562 3328 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 23:24:03.0687 3328 HTTPFilter - ok 23:24:03.0703 3328 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys 23:24:03.0828 3328 i2omgmt - ok 23:24:03.0859 3328 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys 23:24:03.0984 3328 i2omp - ok 23:24:03.0984 3328 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 23:24:04.0125 3328 i8042prt - ok 23:24:04.0171 3328 [ D43E91E271C041BB86A6223462A41D28 ] IAANTMon C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe 23:24:04.0171 3328 IAANTMon ( UnsignedFile.Multi.Generic ) - warning 23:24:04.0171 3328 IAANTMon - detected UnsignedFile.Multi.Generic (1) 23:24:04.0218 3328 [ 9A65E42664D1534B68512CAAD0EFE963 ] iastor C:\WINDOWS\system32\drivers\iastor.sys 23:24:04.0312 3328 iastor - ok 23:24:04.0437 3328 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 23:24:04.0484 3328 idsvc - ok 23:24:04.0500 3328 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 23:24:04.0625 3328 Imapi - ok 23:24:04.0656 3328 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe 23:24:04.0796 3328 ImapiService - ok 23:24:04.0828 3328 [ 1DA147ACB525A4822228BE06154C7CBB ] InCDfs C:\WINDOWS\system32\drivers\InCDFs.sys 23:24:04.0843 3328 InCDfs - ok 23:24:04.0859 3328 [ 2EC469A401AE6FE7A67D80EFFD3091B1 ] InCDPass C:\WINDOWS\system32\drivers\InCDPass.sys 23:24:04.0875 3328 InCDPass - ok 23:24:04.0890 3328 [ 544498D06B8CA187A5960B4F3B4BD63E ] InCDRec C:\WINDOWS\system32\drivers\InCDRec.sys 23:24:04.0906 3328 InCDRec - ok 23:24:04.0906 3328 [ 2863A00B0F64D937F0CD9561C53B5A37 ] incdrm C:\WINDOWS\system32\drivers\InCDRm.sys 23:24:04.0921 3328 incdrm - ok 23:24:05.0015 3328 [ CA32EA0F5FC2A36CA44AD7238F18C248 ] InCDsrv C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe 23:24:05.0093 3328 InCDsrv - ok 23:24:05.0140 3328 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys 23:24:05.0265 3328 ini910u - ok 23:24:05.0281 3328 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 23:24:05.0421 3328 IntelIde - ok 23:24:05.0453 3328 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 23:24:05.0578 3328 intelppm - ok 23:24:05.0625 3328 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 23:24:05.0750 3328 Ip6Fw - ok 23:24:05.0781 3328 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 23:24:05.0906 3328 IpFilterDriver - ok 23:24:05.0953 3328 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 23:24:06.0062 3328 IpInIp - ok 23:24:06.0093 3328 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 23:24:06.0218 3328 IpNat - ok 23:24:06.0265 3328 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 23:24:06.0281 3328 iPod Service - ok 23:24:06.0328 3328 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 23:24:06.0453 3328 IPSec - ok 23:24:06.0484 3328 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 23:24:06.0593 3328 IRENUM - ok 23:24:06.0640 3328 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 23:24:06.0781 3328 isapnp - ok 23:24:06.0890 3328 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe 23:24:06.0906 3328 JavaQuickStarterService - ok 23:24:06.0921 3328 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 23:24:07.0046 3328 Kbdclass - ok 23:24:07.0062 3328 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 23:24:07.0187 3328 kbdhid - ok 23:24:07.0218 3328 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 23:24:07.0343 3328 kmixer - ok 23:24:07.0375 3328 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 23:24:07.0406 3328 KSecDD - ok 23:24:07.0453 3328 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 23:24:07.0515 3328 lanmanserver - ok 23:24:07.0546 3328 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 23:24:07.0593 3328 lanmanworkstation - ok 23:24:07.0593 3328 lbrtfdc - ok 23:24:07.0671 3328 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 23:24:07.0796 3328 LmHosts - ok 23:24:07.0828 3328 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 23:24:07.0843 3328 MBAMProtector - ok 23:24:07.0890 3328 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 23:24:07.0921 3328 MBAMScheduler - ok 23:24:07.0968 3328 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 23:24:08.0000 3328 MBAMService - ok 23:24:08.0031 3328 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys 23:24:08.0046 3328 MBAMSwissArmy - ok 23:24:08.0078 3328 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe 23:24:08.0125 3328 McrdSvc - ok 23:24:08.0156 3328 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 23:24:08.0187 3328 MDM - ok 23:24:08.0203 3328 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 23:24:08.0218 3328 mdmxsdk - ok 23:24:08.0265 3328 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll 23:24:08.0406 3328 Messenger - ok 23:24:08.0437 3328 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll 23:24:08.0453 3328 MHN ( UnsignedFile.Multi.Generic ) - warning 23:24:08.0453 3328 MHN - detected UnsignedFile.Multi.Generic (1) 23:24:08.0484 3328 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys 23:24:08.0484 3328 MHNDRV ( UnsignedFile.Multi.Generic ) - warning 23:24:08.0484 3328 MHNDRV - detected UnsignedFile.Multi.Generic (1) 23:24:08.0515 3328 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 23:24:08.0640 3328 mnmdd - ok 23:24:08.0671 3328 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 23:24:08.0812 3328 mnmsrvc - ok 23:24:08.0843 3328 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 23:24:08.0968 3328 Modem - ok 23:24:09.0000 3328 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys 23:24:09.0140 3328 MODEMCSA - ok 23:24:09.0203 3328 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 23:24:09.0328 3328 Mouclass - ok 23:24:09.0359 3328 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 23:24:09.0484 3328 mouhid - ok 23:24:09.0500 3328 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 23:24:09.0625 3328 MountMgr - ok 23:24:09.0656 3328 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys 23:24:09.0796 3328 mraid35x - ok 23:24:09.0812 3328 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 23:24:09.0937 3328 MRxDAV - ok 23:24:09.0984 3328 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 23:24:10.0046 3328 MRxSmb - ok 23:24:10.0093 3328 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe 23:24:10.0218 3328 MSDTC - ok 23:24:10.0234 3328 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 23:24:10.0375 3328 Msfs - ok 23:24:10.0375 3328 MSIServer - ok 23:24:10.0406 3328 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 23:24:10.0531 3328 MSKSSRV - ok 23:24:10.0562 3328 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 23:24:10.0671 3328 MSPCLOCK - ok 23:24:10.0718 3328 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 23:24:10.0843 3328 MSPQM - ok 23:24:10.0875 3328 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 23:24:10.0984 3328 mssmbios - ok 23:24:11.0015 3328 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 23:24:11.0078 3328 Mup - ok 23:24:11.0109 3328 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll 23:24:11.0265 3328 napagent - ok 23:24:11.0281 3328 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 23:24:11.0421 3328 NDIS - ok 23:24:11.0437 3328 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 23:24:11.0500 3328 NdisTapi - ok 23:24:11.0515 3328 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 23:24:11.0640 3328 Ndisuio - ok 23:24:11.0656 3328 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 23:24:11.0781 3328 NdisWan - ok 23:24:11.0812 3328 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 23:24:11.0859 3328 NDProxy - ok 23:24:11.0906 3328 [ A8960FA773CCC3E38515F637E19A76C0 ] NeroRegInCDSrv C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe 23:24:11.0921 3328 NeroRegInCDSrv - ok 23:24:11.0937 3328 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 23:24:12.0062 3328 NetBIOS - ok 23:24:12.0125 3328 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 23:24:12.0250 3328 NetBT - ok 23:24:12.0296 3328 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe 23:24:12.0437 3328 NetDDE - ok 23:24:12.0437 3328 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 23:24:12.0562 3328 NetDDEdsdm - ok 23:24:12.0593 3328 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe 23:24:12.0718 3328 Netlogon - ok 23:24:12.0750 3328 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll 23:24:12.0875 3328 Netman - ok 23:24:13.0015 3328 [ 9DA26B773BD04B867A8E9F427CD048FC ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe 23:24:13.0031 3328 NetSvc ( UnsignedFile.Multi.Generic ) - warning 23:24:13.0031 3328 NetSvc - detected UnsignedFile.Multi.Generic (1) 23:24:13.0093 3328 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 23:24:13.0109 3328 NetTcpPortSharing - ok 23:24:13.0140 3328 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 23:24:13.0265 3328 NIC1394 - ok 23:24:13.0296 3328 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll 23:24:13.0312 3328 Nla - ok 23:24:13.0390 3328 [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe 23:24:13.0421 3328 NMIndexingService - ok 23:24:13.0437 3328 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 23:24:13.0578 3328 Npfs - ok 23:24:13.0625 3328 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 23:24:13.0765 3328 Ntfs - ok 23:24:13.0781 3328 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 23:24:13.0906 3328 NtLmSsp - ok 23:24:13.0984 3328 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 23:24:14.0109 3328 NtmsSvc - ok 23:24:14.0125 3328 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 23:24:14.0265 3328 Null - ok 23:24:14.0625 3328 [ 7C56F3FD65B2BDB315CA3605A5392D7B ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 23:24:15.0062 3328 nv - ok 23:24:15.0109 3328 [ 1982E96B2C5C2EFFEF38EFC37293A42E ] NVSvc C:\WINDOWS\system32\nvsvc32.exe 23:24:15.0125 3328 NVSvc - ok 23:24:15.0234 3328 [ E6568D2D90028207587CB43CD8E5FD01 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 23:24:15.0328 3328 nvUpdatusService - ok 23:24:15.0359 3328 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 23:24:15.0500 3328 NwlnkFlt - ok 23:24:15.0500 3328 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 23:24:15.0640 3328 NwlnkFwd - ok 23:24:15.0656 3328 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 23:24:15.0781 3328 ohci1394 - ok 23:24:15.0828 3328 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 23:24:15.0843 3328 ose - ok 23:24:15.0875 3328 [ 61C85AFEAA6EF0C1B32D43F84F7BFBCF ] ossrv C:\WINDOWS\system32\drivers\ctoss2k.sys 23:24:15.0890 3328 ossrv - ok 23:24:15.0921 3328 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 23:24:16.0062 3328 Parport - ok 23:24:16.0062 3328 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 23:24:16.0187 3328 PartMgr - ok 23:24:16.0218 3328 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 23:24:16.0359 3328 ParVdm - ok 23:24:16.0375 3328 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 23:24:16.0500 3328 PCI - ok 23:24:16.0500 3328 PCIDump - ok 23:24:16.0531 3328 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 23:24:16.0671 3328 PCIIde - ok 23:24:16.0734 3328 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 23:24:16.0859 3328 Pcmcia - ok 23:24:16.0859 3328 PDCOMP - ok 23:24:16.0859 3328 PDFRAME - ok 23:24:16.0875 3328 PDRELI - ok 23:24:16.0875 3328 PDRFRAME - ok 23:24:16.0906 3328 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys 23:24:17.0046 3328 perc2 - ok 23:24:17.0062 3328 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys 23:24:17.0203 3328 perc2hib - ok 23:24:17.0375 3328 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\ComboFix\pev.3XE 23:24:17.0406 3328 PEVSystemStart ( UnsignedFile.Multi.Generic ) - warning 23:24:17.0406 3328 PEVSystemStart - detected UnsignedFile.Multi.Generic (1) 23:24:17.0437 3328 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe 23:24:17.0453 3328 PlugPlay - ok 23:24:17.0453 3328 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 23:24:17.0578 3328 PolicyAgent - ok 23:24:17.0609 3328 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 23:24:17.0750 3328 PptpMiniport - ok 23:24:17.0750 3328 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 23:24:17.0875 3328 ProtectedStorage - ok 23:24:17.0875 3328 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 23:24:18.0000 3328 PSched - ok 23:24:18.0015 3328 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 23:24:18.0156 3328 Ptilink - ok 23:24:18.0203 3328 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 23:24:18.0218 3328 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning 23:24:18.0218 3328 PxHelp20 - detected UnsignedFile.Multi.Generic (1) 23:24:18.0234 3328 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys 23:24:18.0359 3328 ql1080 - ok 23:24:18.0406 3328 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 23:24:18.0546 3328 Ql10wnt - ok 23:24:18.0546 3328 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys 23:24:18.0671 3328 ql12160 - ok 23:24:18.0671 3328 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys 23:24:18.0812 3328 ql1240 - ok 23:24:18.0812 3328 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys 23:24:18.0937 3328 ql1280 - ok 23:24:18.0953 3328 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 23:24:19.0078 3328 RasAcd - ok 23:24:19.0109 3328 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll 23:24:19.0250 3328 RasAuto - ok 23:24:19.0265 3328 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 23:24:19.0390 3328 Rasl2tp - ok 23:24:19.0437 3328 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll 23:24:19.0546 3328 RasMan - ok 23:24:19.0562 3328 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 23:24:19.0687 3328 RasPppoe - ok 23:24:19.0687 3328 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 23:24:19.0828 3328 Raspti - ok 23:24:19.0843 3328 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 23:24:19.0968 3328 Rdbss - ok 23:24:19.0968 3328 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 23:24:20.0093 3328 RDPCDD - ok 23:24:20.0125 3328 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 23:24:20.0265 3328 rdpdr - ok 23:24:20.0296 3328 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 23:24:20.0343 3328 RDPWD - ok 23:24:20.0406 3328 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 23:24:20.0531 3328 RDSessMgr - ok 23:24:20.0546 3328 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 23:24:20.0671 3328 redbook - ok 23:24:20.0734 3328 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 23:24:20.0859 3328 RemoteAccess - ok 23:24:20.0906 3328 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 23:24:21.0031 3328 RemoteRegistry - ok 23:24:21.0109 3328 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe 23:24:21.0234 3328 RpcLocator - ok 23:24:21.0265 3328 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll 23:24:21.0281 3328 RpcSs - ok 23:24:21.0328 3328 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe 23:24:21.0453 3328 RSVP - ok 23:24:21.0484 3328 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe 23:24:21.0593 3328 SamSs - ok 23:24:21.0625 3328 [ D087A031E2E07B21E7A4F92ED657B985 ] SamsungMonitorFirmware C:\WINDOWS\system32\drivers\MFWCtwl.sys 23:24:21.0640 3328 SamsungMonitorFirmware ( UnsignedFile.Multi.Generic ) - warning 23:24:21.0640 3328 SamsungMonitorFirmware - detected UnsignedFile.Multi.Generic (1) 23:24:21.0796 3328 [ 03C67BDB26D79BC71406F52E385926A1 ] SBAMSvc C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe 23:24:21.0921 3328 SBAMSvc - ok 23:24:21.0953 3328 [ 40AA51F794921683CA143EE27F2F4171 ] sbaphd C:\WINDOWS\system32\drivers\sbaphd.sys 23:24:21.0968 3328 sbaphd - ok 23:24:22.0000 3328 [ 701109A92E144182E262BCC8DD898DC5 ] sbapifs C:\WINDOWS\system32\drivers\sbapifs.sys 23:24:22.0015 3328 sbapifs - ok 23:24:22.0046 3328 [ E0F866D00F85F55A04E066FEE23065F9 ] SBPIMSvc C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe 23:24:22.0062 3328 SBPIMSvc - ok 23:24:22.0109 3328 [ 0FCFE672B915687F5BFC0FD8944B360C ] sbtis C:\WINDOWS\system32\drivers\sbtis.sys 23:24:22.0125 3328 sbtis - ok 23:24:22.0171 3328 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 23:24:22.0328 3328 SCardSvr - ok 23:24:22.0359 3328 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll 23:24:22.0484 3328 Schedule - ok 23:24:22.0500 3328 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 23:24:22.0625 3328 Secdrv - ok 23:24:22.0656 3328 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll 23:24:22.0781 3328 seclogon - ok 23:24:22.0828 3328 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll 23:24:22.0953 3328 SENS - ok 23:24:22.0968 3328 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 23:24:23.0078 3328 serenum - ok 23:24:23.0093 3328 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 23:24:23.0234 3328 Serial - ok 23:24:23.0265 3328 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 23:24:23.0421 3328 Sfloppy - ok 23:24:23.0468 3328 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 23:24:23.0609 3328 SharedAccess - ok 23:24:23.0625 3328 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 23:24:23.0687 3328 ShellHWDetection - ok 23:24:23.0703 3328 Simbad - ok 23:24:23.0734 3328 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys 23:24:23.0859 3328 sisagp - ok 23:24:23.0890 3328 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys 23:24:23.0937 3328 Sparrow - ok 23:24:23.0968 3328 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 23:24:24.0078 3328 splitter - ok 23:24:24.0125 3328 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 23:24:24.0187 3328 Spooler - ok 23:24:24.0218 3328 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 23:24:24.0359 3328 sr - ok 23:24:24.0390 3328 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll 23:24:24.0515 3328 srservice - ok 23:24:24.0562 3328 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 23:24:24.0671 3328 Srv - ok 23:24:24.0718 3328 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 23:24:24.0843 3328 SSDPSRV - ok 23:24:24.0875 3328 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll 23:24:25.0046 3328 stisvc - ok 23:24:25.0062 3328 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 23:24:25.0187 3328 swenum - ok 23:24:25.0218 3328 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 23:24:25.0343 3328 swmidi - ok 23:24:25.0343 3328 SwPrv - ok 23:24:25.0375 3328 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys 23:24:25.0515 3328 symc810 - ok 23:24:25.0515 3328 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys 23:24:25.0671 3328 symc8xx - ok 23:24:25.0671 3328 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys 23:24:25.0796 3328 sym_hi - ok 23:24:25.0812 3328 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys 23:24:25.0937 3328 sym_u3 - ok 23:24:25.0968 3328 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 23:24:26.0093 3328 sysaudio - ok 23:24:26.0140 3328 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 23:24:26.0265 3328 SysmonLog - ok 23:24:26.0296 3328 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 23:24:26.0453 3328 TapiSrv - ok 23:24:26.0500 3328 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 23:24:26.0515 3328 Tcpip - ok 23:24:26.0578 3328 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 23:24:26.0703 3328 TDPIPE - ok 23:24:26.0718 3328 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 23:24:26.0859 3328 TDTCP - ok 23:24:26.0890 3328 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 23:24:27.0015 3328 TermDD - ok 23:24:27.0046 3328 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll 23:24:27.0187 3328 TermService - ok 23:24:27.0203 3328 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll 23:24:27.0218 3328 Themes - ok 23:24:27.0250 3328 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 23:24:27.0390 3328 TlntSvr - ok 23:24:27.0406 3328 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys 23:24:27.0531 3328 TosIde - ok 23:24:27.0562 3328 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll 23:24:27.0687 3328 TrkWks - ok 23:24:27.0718 3328 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 23:24:27.0843 3328 Udfs - ok 23:24:27.0875 3328 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys 23:24:27.0937 3328 ultra - ok 23:24:27.0968 3328 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 23:24:28.0093 3328 Update - ok 23:24:28.0140 3328 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll 23:24:28.0265 3328 upnphost - ok 23:24:28.0281 3328 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe 23:24:28.0406 3328 UPS - ok 23:24:28.0437 3328 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys 23:24:28.0468 3328 USBAAPL - ok 23:24:28.0484 3328 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 23:24:28.0625 3328 usbehci - ok 23:24:28.0656 3328 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 23:24:28.0781 3328 usbhub - ok 23:24:28.0812 3328 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 23:24:28.0921 3328 usbprint - ok 23:24:28.0953 3328 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 23:24:29.0078 3328 usbscan - ok 23:24:29.0109 3328 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\DRIVERS\usbser.sys 23:24:29.0218 3328 usbser - ok 23:24:29.0250 3328 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 23:24:29.0390 3328 USBSTOR - ok 23:24:29.0406 3328 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 23:24:29.0531 3328 usbuhci - ok 23:24:29.0546 3328 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 23:24:29.0671 3328 VgaSave - ok 23:24:29.0718 3328 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys 23:24:29.0843 3328 viaagp - ok 23:24:29.0875 3328 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys 23:24:30.0015 3328 ViaIde - ok 23:24:30.0031 3328 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 23:24:30.0140 3328 VolSnap - ok 23:24:30.0250 3328 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe 23:24:30.0375 3328 VSS - ok 23:24:30.0406 3328 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll 23:24:30.0531 3328 w32time - ok 23:24:30.0546 3328 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 23:24:30.0671 3328 Wanarp - ok 23:24:30.0687 3328 wanatw - ok 23:24:30.0687 3328 WDICA - ok 23:24:30.0734 3328 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 23:24:30.0859 3328 wdmaud - ok 23:24:30.0890 3328 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll 23:24:31.0031 3328 WebClient - ok 23:24:31.0078 3328 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 23:24:31.0156 3328 winachsf - ok 23:24:31.0203 3328 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 23:24:31.0312 3328 winmgmt - ok 23:24:31.0359 3328 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 23:24:31.0437 3328 WmdmPmSN - ok 23:24:31.0484 3328 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll 23:24:31.0546 3328 Wmi - ok 23:24:31.0578 3328 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 23:24:31.0718 3328 WmiApSrv - ok 23:24:31.0812 3328 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 23:24:31.0890 3328 WMPNetworkSvc - ok 23:24:31.0890 3328 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 23:24:32.0031 3328 WS2IFSL - ok 23:24:32.0078 3328 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll 23:24:32.0203 3328 wscsvc - ok 23:24:32.0218 3328 WSearch - ok 23:24:32.0234 3328 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 23:24:32.0375 3328 wuauserv - ok 23:24:32.0390 3328 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 23:24:32.0468 3328 WudfPf - ok 23:24:32.0484 3328 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 23:24:32.0515 3328 WudfRd - ok 23:24:32.0531 3328 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 23:24:32.0562 3328 WudfSvc - ok 23:24:32.0609 3328 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 23:24:32.0796 3328 WZCSVC - ok 23:24:32.0828 3328 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 23:24:32.0953 3328 xmlprov - ok 23:24:32.0968 3328 ================ Scan global =============================== 23:24:33.0015 3328 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll 23:24:33.0046 3328 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 23:24:33.0062 3328 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 23:24:33.0078 3328 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe 23:24:33.0078 3328 [Global] - ok 23:24:33.0078 3328 ================ Scan MBR ================================== 23:24:33.0109 3328 [ 91722E6BC3A2B40FF00222DCA4A3DB3E ] \Device\Harddisk0\DR0 23:24:33.0343 3328 \Device\Harddisk0\DR0 - ok 23:24:33.0343 3328 ================ Scan VBR ================================== 23:24:33.0343 3328 [ 9C4EB5919C002C7721F1E0947BA4A8CF ] \Device\Harddisk0\DR0\Partition1 23:24:33.0343 3328 \Device\Harddisk0\DR0\Partition1 - ok 23:24:33.0343 3328 ============================================================ 23:24:33.0343 3328 Scan finished 23:24:33.0343 3328 ============================================================ 23:24:33.0468 3320 Detected object count: 25 23:24:33.0468 3320 Actual detected object count: 25 23:25:06.0468 3320 ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0468 3320 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0468 3320 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0468 3320 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0484 3320 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0484 3320 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0484 3320 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0484 3320 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0484 3320 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0484 3320 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0484 3320 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0484 3320 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0484 3320 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0484 3320 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0484 3320 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0484 3320 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0484 3320 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0484 3320 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0484 3320 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0484 3320 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0484 3320 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0484 3320 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0484 3320 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0484 3320 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0484 3320 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0484 3320 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0484 3320 ELhid ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0484 3320 ELhid ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0500 3320 ELkbd ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0500 3320 ELkbd ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0500 3320 ELmon ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0500 3320 ELmon ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0500 3320 ELmou ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0500 3320 ELmou ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0500 3320 ELService ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0500 3320 ELService ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0500 3320 IAANTMon ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0500 3320 IAANTMon ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0500 3320 MHN ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0500 3320 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0500 3320 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0500 3320 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0500 3320 NetSvc ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0500 3320 NetSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0500 3320 PEVSystemStart ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0500 3320 PEVSystemStart ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0500 3320 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0500 3320 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:06.0500 3320 SamsungMonitorFirmware ( UnsignedFile.Multi.Generic ) - skipped by user 23:25:06.0500 3320 SamsungMonitorFirmware ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:25:21.0250 0324 Deinitialize success we ran the windows malicious software tool also and it found 6 variations of the Alureon trojan. win32/alureon.en, win32/alureon.fa, win32/alureon.ff, win64/alureon.gen!g, win64/alureon.gen!i, winnt/alureon.aa the windows malicious software said that it partially removed some of it and manual steps were required. thanks!
  11. kgej_73
    Do you want me to just delete the TDSSKiller application icon on my desktop, or remove every file associated with TDSSKiller from my computer?
  12. kgej_73
    I rebooted my computer after doing the Malwarebytes Anti-Rootkit scan and when the desktop first started loading a command prompt window popped up for a second and disappeared. Then When XP finished loading I got a "Windows has recovered from a serious error" message. Is this normal after running the Malwarebytes Anti-Rootkit scan?
  13. kgej_73
    I ran Malwarebytes Anti-Rootkit tool and it said no malware found. Here's the log: Malwarebytes Anti-Rootkit BETA 1.01.0.1021 www.malwarebytes.org Database version: v2013.03.28.09 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Glenn :: MAIN_COMPUTER [administrator] 3/28/2013 12:43:14 PM mbar-log-2013-03-28 (12-43-14).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 26756 Time elapsed: 9 minute(s), 22 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  14. kgej_73
    I ran aswMBR and it asked me to download the avast! definitions and I declined. I ran the scan and in about 3 seconds I got the blue screen of death.
  15. kgej_73
    I was able to run Rkill, but ComboFix still gave me a blue screen. Here is the Rkill log: Rkill 2.4.7 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2013 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 03/27/2013 08:11:04 PM in x86 mode. Windows Version: Microsoft Windows XP Service Pack 3 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * C:\WINDOWS\System32\DLA\DLACTRLW.EXE (PID: 192) [WD-HEUR] * C:\WINDOWS\system32\CTsvcCDA.EXE (PID: 328) [WD-HEUR] * C:\WINDOWS\system32\WISPTIS.EXE (PID: 2100) [WD-HEUR] 3 proccesses terminated! Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * No issues found. Checking Windows Service Integrity: * RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [incorrect ImagePath] Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * HOSTS file entries found: Program finished at: 03/27/2013 08:11:47 PM Execution time: 0 hours(s), 0 minute(s), and 42 seconds(s) Before you first answered my topic the monitor for this computer crashed while my dad was trying to update the firmware, so we had to send it away to be fixed. We just got it back in the mail. Am I allowed to reinstall the monitor? I read somewhere on here that we aren't supposed to install anything while we are receiving assistance here without asking. Also, in case this helps at all. Here are some parts of the blue screen of death that I get when I try to run ComboFix: near the top of the screen it says DRIVER_IRQL_NOT_LESS_OR_EQUAL near the bottom it says the error is iastor.sys
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.