-
hello! thanks for being so patient with me. I found out I was not pressing F2 the instant I turned the computer on!
I have configured BIOS to have the USB drive for 1st boot.
I then let it go into Windows. But, it did not have a screen pop up saying "Welcome to XPud." I figured it could be one of two problems:
1. I have a password set up on Windows
2. I have to shut-down and restart.
I disabled my Windows password and restarted the computer.
That didn't work so I configured BIOS to re-boot from HDD because I couldn't connect to the internet.
I reformatted the USB drive and followed the steps to add the programs to the USB drive just in case I missed an earlier step.
So right now, this is how far I've gotten:
-- I have the Xpud files and Dumpit file on the USB Drive.
-- I have configured BIOS to 1st Boot from the USB Drive.
I still cannot get to the "Welcome to Xpud" screen. :-(
-
Security Expert- Emeritus
Hello Michelea1976 
,
We try another method, but before that, please zip up this file as aswMBR.zip and attach it to your reply:
C:\Documents and Settings\Michele Acampora\Desktop\MBR.dat
-
Here is aswMBR.zip.
Thanks!
-
Security Expert- Emeritus
Hello Michelea1976 ,
Rerun TDSSKiller
- Double click on TDSSKiller.exe to execute it.
- Press Start scan to begin.
- If any malicious objects are found, the default action will be Cure. If any suspicious objects are found, the default action will be Skip. In case Cure is not an option, please select Skip only and let me know what was the action prompted.
- Then click on Continue at the lower right corner.
- You may be prompted to reboot your computer, please consent.
- Once complete, a log will be produced at C:\. It will be named TDSSKiller.Version_Date_Time_log.txt, for example, C:\TDSSKiller.2.4.12.0_26.12.2010_23.12.11_log.txt.
- Please post the contents of this log.
If there are any Cure actions, please reboot the computer after the scan is finished.
--------------------
Please post back:
1. TDSSKiller log
-
I think it might have worked..........here is the log. 2 logs were created, one when I first did TDSSKiller and then when it had me reboot, it did another scan and another log was created. I am giving you the latest log, so I hope this is good. I am connected to the internet and Avast is not blocking anything malicious. Computer seems to be running fine. Let me know if there are more scans to make sure I am completely virus free!! I can't believe this might have actually worked....
-
It won't allow me to attach, so here is the log in this reply:
18:15:29.0718 2576 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:15:29.0765 2576 ============================================================
18:15:29.0765 2576 Current date / time: 2012/12/02 18:15:29.0765
18:15:29.0765 2576 SystemInfo:
18:15:29.0765 2576
18:15:29.0765 2576 OS Version: 5.1.2600 ServicePack: 3.0
18:15:29.0765 2576 Product type: Workstation
18:15:29.0765 2576 ComputerName: MICHELE
18:15:29.0765 2576 UserName: Michele Acampora
18:15:29.0765 2576 Windows directory: C:\WINDOWS
18:15:29.0765 2576 System windows directory: C:\WINDOWS
18:15:29.0765 2576 Processor architecture: Intel x86
18:15:29.0765 2576 Number of processors: 2
18:15:29.0765 2576 Page size: 0x1000
18:15:29.0765 2576 Boot type: Normal boot
18:15:29.0765 2576 ============================================================
18:15:34.0515 2576 BG loaded
18:15:45.0500 2576 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:15:45.0562 2576 ============================================================
18:15:45.0562 2576 \Device\Harddisk0\DR0:
18:15:45.0562 2576 MBR partitions:
18:15:45.0562 2576 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1203EBBF
18:15:45.0562 2576 ============================================================
18:15:45.0750 2576 C: <-> \Device\Harddisk0\DR0\Partition1
18:15:45.0796 2576 ============================================================
18:15:45.0796 2576 Initialize success
18:15:45.0796 2576 ============================================================
18:15:52.0281 2924 ============================================================
18:15:52.0281 2924 Scan started
18:15:52.0281 2924 Mode: Manual;
18:15:52.0281 2924 ============================================================
18:15:53.0687 2924 ================ Scan system memory ========================
18:15:53.0687 2924 System memory - ok
18:15:53.0703 2924 ================ Scan services =============================
18:15:54.0203 2924 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
18:15:54.0203 2924 !SASCORE - ok
18:15:55.0718 2924 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
18:15:55.0718 2924 Aavmker4 - ok
18:15:55.0781 2924 Abiosdsk - ok
18:15:55.0812 2924 abp480n5 - ok
18:15:55.0968 2924 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:15:55.0984 2924 ACPI - ok
18:15:56.0109 2924 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
18:15:56.0109 2924 ACPIEC - ok
18:15:56.0453 2924 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:15:56.0468 2924 AdobeFlashPlayerUpdateSvc - ok
18:15:56.0484 2924 adpu160m - ok
18:15:56.0703 2924 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:15:56.0703 2924 aec - ok
18:15:56.0812 2924 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:15:56.0812 2924 AFD - ok
18:15:56.0843 2924 Aha154x - ok
18:15:56.0875 2924 aic78u2 - ok
18:15:56.0890 2924 aic78xx - ok
18:15:57.0000 2924 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:15:57.0000 2924 Alerter - ok
18:15:57.0125 2924 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
18:15:57.0125 2924 ALG - ok
18:15:57.0140 2924 AliIde - ok
18:15:57.0437 2924 [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
18:15:57.0765 2924 Ambfilt - ok
18:15:57.0781 2924 amsint - ok
18:15:58.0140 2924 [ 2E3E53A6AEF23E24F402C7855B9B1542 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:15:58.0203 2924 Apple Mobile Device - ok
18:15:58.0218 2924 AppMgmt - ok
18:15:58.0656 2924 [ E0EE769D14128014965E03B433F5F46E ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
18:15:58.0687 2924 AR5416 - ok
18:15:58.0718 2924 asc - ok
18:15:58.0750 2924 asc3350p - ok
18:15:58.0765 2924 asc3550 - ok
18:15:59.0125 2924 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:15:59.0265 2924 aspnet_state - ok
18:15:59.0468 2924 [ E67493490466B5F04B58C22D2590E8CA ] AsUpIO C:\WINDOWS\system32\drivers\AsUpIO.sys
18:15:59.0484 2924 AsUpIO - ok
18:15:59.0828 2924 [ 12415A4B61DED200FE9932B47A35FA42 ] AsusACPI C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys
18:15:59.0828 2924 AsusACPI - ok
18:15:59.0937 2924 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
18:15:59.0937 2924 aswFsBlk - ok
18:15:59.0968 2924 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
18:15:59.0968 2924 aswMon2 - ok
18:16:00.0031 2924 [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
18:16:00.0031 2924 aswRdr - ok
18:16:00.0406 2924 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
18:16:00.0453 2924 aswSnx - ok
18:16:00.0578 2924 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
18:16:00.0593 2924 aswSP - ok
18:16:00.0671 2924 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
18:16:00.0671 2924 aswTdi - ok
18:16:00.0828 2924 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:16:00.0843 2924 AsyncMac - ok
18:16:00.0921 2924 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
18:16:00.0937 2924 atapi - ok
18:16:00.0953 2924 Atdisk - ok
18:16:01.0000 2924 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:16:01.0000 2924 Atmarpc - ok
18:16:01.0187 2924 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:16:01.0187 2924 AudioSrv - ok
18:16:01.0328 2924 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:16:01.0328 2924 audstub - ok
18:16:01.0859 2924 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
18:16:01.0937 2924 avast! Antivirus - ok
18:16:02.0296 2924 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
18:16:02.0312 2924 BBSvc - ok
18:16:02.0531 2924 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
18:16:02.0578 2924 BBUpdate - ok
18:16:02.0703 2924 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:16:02.0718 2924 Beep - ok
18:16:02.0875 2924 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
18:16:02.0937 2924 BITS - ok
18:16:03.0078 2924 [ 5AB58C337AC65837FE404462AD6265AB ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:16:03.0078 2924 Bonjour Service - ok
18:16:03.0187 2924 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
18:16:03.0203 2924 Browser - ok
18:16:03.0203 2924 btaudio - ok
18:16:03.0250 2924 BTDriver - ok
18:16:03.0265 2924 BTWDNDIS - ok
18:16:03.0296 2924 btwhid - ok
18:16:03.0312 2924 BTWUSB - ok
18:16:03.0359 2924 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:16:03.0375 2924 cbidf2k - ok
18:16:03.0546 2924 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:16:03.0562 2924 CCDECODE - ok
18:16:03.0562 2924 cd20xrnt - ok
18:16:03.0718 2924 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:16:03.0734 2924 Cdaudio - ok
18:16:03.0781 2924 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:16:03.0796 2924 Cdfs - ok
18:16:03.0859 2924 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:16:03.0875 2924 Cdrom - ok
18:16:03.0890 2924 Changer - ok
18:16:03.0984 2924 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:16:03.0984 2924 CiSvc - ok
18:16:04.0062 2924 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:16:04.0078 2924 ClipSrv - ok
18:16:04.0265 2924 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:16:04.0406 2924 clr_optimization_v2.0.50727_32 - ok
18:16:04.0593 2924 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
18:16:04.0593 2924 CmBatt - ok
18:16:04.0609 2924 CmdIde - ok
18:16:04.0640 2924 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
18:16:04.0656 2924 Compbatt - ok
18:16:04.0671 2924 COMSysApp - ok
18:16:04.0703 2924 Cpqarray - ok
18:16:05.0093 2924 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:16:05.0093 2924 CryptSvc - ok
18:16:05.0125 2924 dac2w2k - ok
18:16:05.0140 2924 dac960nt - ok
18:16:05.0687 2924 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:16:05.0703 2924 DcomLaunch - ok
18:16:05.0968 2924 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:16:05.0968 2924 Dhcp - ok
18:16:06.0031 2924 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:16:06.0046 2924 Disk - ok
18:16:06.0046 2924 dmadmin - ok
18:16:06.0375 2924 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:16:06.0515 2924 dmboot - ok
18:16:06.0609 2924 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:16:06.0796 2924 dmio - ok
18:16:06.0890 2924 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:16:06.0890 2924 dmload - ok
18:16:07.0000 2924 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:16:07.0000 2924 dmserver - ok
18:16:07.0234 2924 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:16:07.0250 2924 DMusic - ok
18:16:07.0375 2924 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:16:07.0375 2924 Dnscache - ok
18:16:07.0437 2924 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:16:07.0531 2924 Dot3svc - ok
18:16:07.0625 2924 dpti2o - ok
18:16:07.0687 2924 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:16:07.0703 2924 drmkaud - ok
18:16:07.0750 2924 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:16:07.0765 2924 EapHost - ok
18:16:07.0906 2924 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:16:07.0921 2924 ERSvc - ok
18:16:08.0031 2924 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
18:16:08.0046 2924 Eventlog - ok
18:16:08.0234 2924 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
18:16:08.0234 2924 EventSystem - ok
18:16:08.0375 2924 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:16:08.0375 2924 Fastfat - ok
18:16:08.0515 2924 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:16:08.0546 2924 FastUserSwitchingCompatibility - ok
18:16:08.0718 2924 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
18:16:08.0718 2924 Fdc - ok
18:16:08.0796 2924 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:16:08.0796 2924 Fips - ok
18:16:09.0078 2924 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
18:16:09.0093 2924 Flpydisk - ok
18:16:09.0265 2924 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
18:16:09.0296 2924 FltMgr - ok
18:16:09.0421 2924 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:16:09.0437 2924 FontCache3.0.0.0 - ok
18:16:09.0656 2924 [ C6EE3A87FE609D3E1DB9DBD072A248DE ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
18:16:09.0656 2924 fssfltr - ok
18:16:10.0265 2924 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
18:16:10.0796 2924 fsssvc - ok
18:16:10.0953 2924 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:16:10.0953 2924 Fs_Rec - ok
18:16:11.0187 2924 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:16:11.0203 2924 Ftdisk - ok
18:16:11.0437 2924 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:16:11.0437 2924 GEARAspiWDM - ok
18:16:11.0671 2924 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:16:11.0671 2924 Gpc - ok
18:16:12.0000 2924 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:16:12.0000 2924 gupdate - ok
18:16:12.0093 2924 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:16:12.0093 2924 gupdatem - ok
18:16:12.0484 2924 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:16:12.0484 2924 gusvc - ok
18:16:12.0656 2924 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:16:12.0656 2924 HDAudBus - ok
18:16:12.0906 2924 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:16:12.0906 2924 helpsvc - ok
18:16:13.0000 2924 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
18:16:13.0031 2924 HidServ - ok
18:16:13.0140 2924 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:16:13.0156 2924 HidUsb - ok
18:16:13.0265 2924 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:16:13.0281 2924 hkmsvc - ok
18:16:13.0296 2924 hpn - ok
18:16:13.0453 2924 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:16:13.0484 2924 HTTP - ok
18:16:13.0546 2924 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:16:13.0593 2924 HTTPFilter - ok
18:16:13.0609 2924 i2omgmt - ok
18:16:13.0625 2924 i2omp - ok
18:16:13.0796 2924 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:16:13.0796 2924 i8042prt - ok
18:16:14.0531 2924 [ 0F68E2EC713F132FFB19E45415B09679 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
18:16:14.0609 2924 ialm - ok
18:16:14.0843 2924 [ 8EF427C54497C5F8A7A645990E4278C7 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
18:16:14.0859 2924 iaStor - ok
18:16:15.0484 2924 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:16:15.0890 2924 idsvc - ok
18:16:16.0031 2924 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:16:16.0046 2924 Imapi - ok
18:16:16.0281 2924 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:16:16.0437 2924 ImapiService - ok
18:16:16.0453 2924 ini910u - ok
18:16:17.0359 2924 [ 9037C8BD3E896D7F2803A171FDEAEEF4 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:16:17.0468 2924 IntcAzAudAddService - ok
18:16:17.0484 2924 IntelIde - ok
18:16:17.0593 2924 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:16:17.0593 2924 intelppm - ok
18:16:17.0640 2924 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
18:16:17.0687 2924 Ip6Fw - ok
18:16:17.0750 2924 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:16:17.0781 2924 IpFilterDriver - ok
18:16:17.0828 2924 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:16:17.0843 2924 IpInIp - ok
18:16:18.0046 2924 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:16:18.0187 2924 IpNat - ok
18:16:18.0625 2924 [ 8F610078437A459948480407F4DB91EA ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:16:19.0750 2924 iPod Service - ok
18:16:19.0796 2924 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:16:19.0796 2924 IPSec - ok
18:16:19.0906 2924 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:16:19.0921 2924 IRENUM - ok
18:16:20.0015 2924 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:16:20.0031 2924 isapnp - ok
18:16:20.0515 2924 [ 9DBA73C2F1E76EC4CB837E67C5743596 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
18:16:20.0531 2924 JavaQuickStarterService - ok
18:16:20.0640 2924 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:16:20.0640 2924 Kbdclass - ok
18:16:20.0687 2924 [ 7F2B8D0B31FB4A797E5786EF124C5A80 ] kbfiltr C:\WINDOWS\system32\DRIVERS\kbfiltr.sys
18:16:20.0703 2924 kbfiltr - ok
18:16:20.0750 2924 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:16:20.0765 2924 kmixer - ok
18:16:20.0875 2924 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:16:20.0890 2924 KSecDD - ok
18:16:21.0000 2924 [ 6C8658587E91EA25B0FD2E71781AD228 ] L1c C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
18:16:21.0015 2924 L1c - ok
18:16:21.0125 2924 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
18:16:21.0171 2924 LanmanServer - ok
18:16:21.0312 2924 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:16:21.0343 2924 lanmanworkstation - ok
18:16:21.0359 2924 lbrtfdc - ok
18:16:21.0531 2924 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:16:21.0546 2924 LmHosts - ok
18:16:21.0593 2924 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:16:21.0625 2924 Messenger - ok
18:16:21.0765 2924 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:16:21.0781 2924 mnmdd - ok
18:16:21.0921 2924 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:16:21.0968 2924 mnmsrvc - ok
18:16:22.0031 2924 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:16:22.0031 2924 Modem - ok
18:16:22.0453 2924 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
18:16:22.0953 2924 Monfilt - ok
18:16:23.0093 2924 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:16:23.0093 2924 Mouclass - ok
18:16:23.0281 2924 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:16:23.0296 2924 mouhid - ok
18:16:23.0812 2924 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:16:23.0812 2924 MountMgr - ok
18:16:24.0000 2924 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:16:24.0015 2924 MozillaMaintenance - ok
18:16:24.0046 2924 mraid35x - ok
18:16:24.0187 2924 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:16:24.0187 2924 MRxDAV - ok
18:16:24.0343 2924 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:16:24.0359 2924 MRxSmb - ok
18:16:24.0406 2924 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:16:24.0437 2924 MSDTC - ok
18:16:24.0484 2924 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:16:24.0484 2924 Msfs - ok
18:16:24.0500 2924 MSIServer - ok
18:16:24.0546 2924 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:16:24.0562 2924 MSKSSRV - ok
18:16:24.0562 2924 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:16:24.0578 2924 MSPCLOCK - ok
18:16:24.0593 2924 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:16:24.0593 2924 MSPQM - ok
18:16:24.0656 2924 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:16:24.0656 2924 mssmbios - ok
18:16:24.0671 2924 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
18:16:24.0671 2924 MSTEE - ok
18:16:24.0734 2924 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:16:24.0734 2924 Mup - ok
18:16:24.0750 2924 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:16:24.0765 2924 NABTSFEC - ok
18:16:24.0859 2924 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:16:24.0906 2924 napagent - ok
18:16:24.0953 2924 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:16:24.0968 2924 NDIS - ok
18:16:24.0984 2924 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:16:24.0984 2924 NdisIP - ok
18:16:25.0078 2924 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:16:25.0078 2924 NdisTapi - ok
18:16:25.0171 2924 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:16:25.0187 2924 Ndisuio - ok
18:16:25.0203 2924 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:16:25.0203 2924 NdisWan - ok
18:16:25.0296 2924 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:16:25.0296 2924 NDProxy - ok
18:16:25.0406 2924 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:16:25.0406 2924 NetBIOS - ok
18:16:25.0515 2924 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:16:25.0531 2924 NetBT - ok
18:16:25.0578 2924 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
18:16:25.0593 2924 NetDDE - ok
18:16:25.0625 2924 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:16:25.0640 2924 NetDDEdsdm - ok
18:16:25.0687 2924 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:16:25.0703 2924 Netlogon - ok
18:16:25.0734 2924 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
18:16:25.0750 2924 Netman - ok
18:16:25.0828 2924 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:16:25.0828 2924 NetTcpPortSharing - ok
18:16:25.0890 2924 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
18:16:25.0906 2924 Nla - ok
18:16:26.0000 2924 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:16:26.0015 2924 Npfs - ok
18:16:26.0046 2924 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:16:26.0078 2924 Ntfs - ok
18:16:26.0093 2924 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:16:26.0109 2924 NtLmSsp - ok
18:16:26.0171 2924 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:16:26.0203 2924 NtmsSvc - ok
18:16:26.0265 2924 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
18:16:26.0265 2924 Null - ok
18:16:26.0312 2924 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:16:26.0328 2924 NwlnkFlt - ok
18:16:26.0343 2924 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:16:26.0343 2924 NwlnkFwd - ok
18:16:26.0500 2924 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:16:26.0500 2924 odserv - ok
18:16:26.0625 2924 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:16:26.0640 2924 ose - ok
18:16:26.0953 2924 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:16:27.0125 2924 osppsvc - ok
18:16:27.0187 2924 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
18:16:27.0203 2924 Parport - ok
18:16:27.0250 2924 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:16:27.0296 2924 PartMgr - ok
18:16:27.0359 2924 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:16:27.0359 2924 ParVdm - ok
18:16:27.0375 2924 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:16:27.0390 2924 PCI - ok
18:16:27.0437 2924 PCIDump - ok
18:16:27.0453 2924 PCIIde - ok
18:16:27.0515 2924 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:16:27.0515 2924 Pcmcia - ok
18:16:27.0531 2924 PDCOMP - ok
18:16:27.0546 2924 PDFRAME - ok
18:16:27.0562 2924 PDRELI - ok
18:16:27.0578 2924 PDRFRAME - ok
18:16:27.0593 2924 perc2 - ok
18:16:27.0609 2924 perc2hib - ok
18:16:27.0687 2924 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
18:16:27.0703 2924 PlugPlay - ok
18:16:27.0718 2924 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:16:27.0734 2924 PolicyAgent - ok
18:16:27.0750 2924 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:16:27.0765 2924 PptpMiniport - ok
18:16:27.0796 2924 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:16:27.0796 2924 ProtectedStorage - ok
18:16:27.0812 2924 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:16:27.0828 2924 PSched - ok
18:16:27.0828 2924 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:16:27.0843 2924 Ptilink - ok
18:16:27.0843 2924 ql1080 - ok
18:16:27.0859 2924 Ql10wnt - ok
18:16:27.0875 2924 ql12160 - ok
18:16:27.0890 2924 ql1240 - ok
18:16:27.0906 2924 ql1280 - ok
18:16:27.0953 2924 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:16:27.0953 2924 RasAcd - ok
18:16:28.0000 2924 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:16:28.0046 2924 RasAuto - ok
18:16:28.0109 2924 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:16:28.0109 2924 Rasl2tp - ok
18:16:28.0140 2924 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:16:28.0156 2924 RasMan - ok
18:16:28.0171 2924 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:16:28.0171 2924 RasPppoe - ok
18:16:28.0187 2924 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:16:28.0187 2924 Raspti - ok
18:16:28.0218 2924 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:16:28.0234 2924 Rdbss - ok
18:16:28.0343 2924 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:16:28.0343 2924 RDPCDD - ok
18:16:28.0421 2924 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:16:28.0437 2924 RDPWD - ok
18:16:28.0515 2924 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:16:28.0578 2924 RDSessMgr - ok
18:16:28.0656 2924 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:16:28.0656 2924 redbook - ok
18:16:28.0734 2924 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:16:28.0781 2924 RemoteAccess - ok
18:16:28.0875 2924 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
18:16:28.0906 2924 RpcLocator - ok
18:16:29.0000 2924 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
18:16:29.0046 2924 RpcSs - ok
18:16:29.0109 2924 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:16:29.0156 2924 RSVP - ok
18:16:29.0218 2924 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
18:16:29.0234 2924 SamSs - ok
18:16:29.0375 2924 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:16:29.0375 2924 SASDIFSV - ok
18:16:29.0390 2924 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:16:29.0390 2924 SASKUTIL - ok
18:16:29.0453 2924 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:16:29.0515 2924 SCardSvr - ok
18:16:29.0609 2924 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:16:29.0656 2924 Schedule - ok
18:16:29.0906 2924 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
18:16:29.0921 2924 SDScannerService - ok
18:16:30.0062 2924 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
18:16:30.0093 2924 SDUpdateService - ok
18:16:30.0125 2924 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
18:16:30.0125 2924 SDWSCService - ok
18:16:30.0187 2924 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:16:30.0203 2924 Secdrv - ok
18:16:30.0234 2924 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:16:30.0265 2924 seclogon - ok
18:16:30.0375 2924 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
18:16:30.0421 2924 SENS - ok
18:16:30.0453 2924 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
18:16:30.0453 2924 Serial - ok
18:16:30.0531 2924 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:16:30.0531 2924 Sfloppy - ok
18:16:30.0578 2924 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:16:30.0593 2924 SharedAccess - ok
18:16:30.0625 2924 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:16:30.0656 2924 ShellHWDetection - ok
18:16:30.0656 2924 Simbad - ok
18:16:30.0781 2924 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:16:30.0781 2924 SkypeUpdate - ok
18:16:30.0828 2924 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:16:30.0843 2924 SLIP - ok
18:16:31.0046 2924 [ 473F35E2A378B854731E67C377A3BEA7 ] SNP2UVC C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
18:16:31.0078 2924 SNP2UVC - ok
18:16:31.0093 2924 Sparrow - ok
18:16:31.0187 2924 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:16:31.0187 2924 splitter - ok
18:16:31.0296 2924 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:16:31.0328 2924 Spooler - ok
18:16:31.0406 2924 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:16:31.0421 2924 sr - ok
18:16:31.0468 2924 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
18:16:31.0500 2924 srservice - ok
18:16:31.0578 2924 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:16:31.0593 2924 Srv - ok
18:16:31.0625 2924 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:16:31.0671 2924 SSDPSRV - ok
18:16:31.0734 2924 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:16:31.0781 2924 stisvc - ok
18:16:31.0812 2924 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:16:31.0828 2924 streamip - ok
18:16:31.0890 2924 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:16:31.0906 2924 swenum - ok
18:16:31.0921 2924 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:16:31.0937 2924 swmidi - ok
18:16:31.0968 2924 SwPrv - ok
18:16:32.0015 2924 symc810 - ok
18:16:32.0046 2924 symc8xx - ok
18:16:32.0062 2924 sym_hi - ok
18:16:32.0078 2924 sym_u3 - ok
18:16:32.0109 2924 [ 8E25A1DBB8527B2074AF9B682F818768 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
18:16:32.0125 2924 SynTP - ok
18:16:32.0140 2924 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:16:32.0140 2924 sysaudio - ok
18:16:32.0218 2924 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:16:32.0250 2924 SysmonLog - ok
18:16:32.0406 2924 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:16:32.0421 2924 TapiSrv - ok
18:16:32.0531 2924 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:16:32.0546 2924 Tcpip - ok
18:16:32.0609 2924 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:16:32.0609 2924 TDPIPE - ok
18:16:32.0640 2924 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:16:32.0640 2924 TDTCP - ok
18:16:32.0703 2924 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:16:32.0718 2924 TermDD - ok
18:16:32.0765 2924 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
18:16:32.0812 2924 TermService - ok
18:16:32.0859 2924 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
18:16:32.0906 2924 Themes - ok
18:16:32.0953 2924 TosIde - ok
18:16:33.0062 2924 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:16:33.0093 2924 TrkWks - ok
18:16:33.0171 2924 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:16:33.0187 2924 Udfs - ok
18:16:33.0203 2924 ultra - ok
18:16:33.0296 2924 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:16:33.0312 2924 Update - ok
18:16:33.0390 2924 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:16:33.0453 2924 upnphost - ok
18:16:33.0484 2924 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
18:16:33.0531 2924 UPS - ok
18:16:33.0609 2924 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:16:33.0625 2924 usbccgp - ok
18:16:33.0718 2924 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:16:33.0734 2924 usbehci - ok
18:16:33.0765 2924 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:16:33.0781 2924 usbhub - ok
18:16:33.0812 2924 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:16:33.0812 2924 usbstor - ok
18:16:33.0843 2924 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:16:33.0859 2924 usbuhci - ok
18:16:33.0906 2924 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
18:16:33.0921 2924 usbvideo - ok
18:16:33.0937 2924 [ C019889035CDC1A06F2FEBC93CBB6897 ] uvclf C:\WINDOWS\system32\DRIVERS\uvclf.sys
18:16:33.0937 2924 uvclf - ok
18:16:34.0000 2924 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:16:34.0000 2924 VgaSave - ok
18:16:34.0015 2924 ViaIde - ok
18:16:34.0140 2924 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:16:34.0156 2924 VolSnap - ok
18:16:34.0218 2924 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
18:16:34.0265 2924 VSS - ok
18:16:34.0375 2924 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
18:16:34.0406 2924 W32Time - ok
18:16:34.0437 2924 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:16:34.0437 2924 Wanarp - ok
18:16:34.0578 2924 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
18:16:34.0593 2924 Wdf01000 - ok
18:16:34.0609 2924 WDICA - ok
18:16:34.0640 2924 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:16:34.0640 2924 wdmaud - ok
18:16:34.0734 2924 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:16:34.0750 2924 WebClient - ok
18:16:34.0953 2924 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:16:34.0953 2924 winmgmt - ok
18:16:35.0046 2924 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:16:35.0062 2924 WmdmPmSN - ok
18:16:35.0093 2924 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:16:35.0109 2924 WmiApSrv - ok
18:16:35.0234 2924 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
18:16:35.0281 2924 WMPNetworkSvc - ok
18:16:35.0375 2924 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:16:35.0390 2924 wscsvc - ok
18:16:35.0421 2924 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:16:35.0421 2924 WSTCODEC - ok
18:16:35.0515 2924 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:16:35.0531 2924 wuauserv - ok
18:16:35.0546 2924 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:16:35.0562 2924 WudfPf - ok
18:16:35.0578 2924 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:16:35.0578 2924 WudfRd - ok
18:16:35.0640 2924 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
18:16:35.0671 2924 WudfSvc - ok
18:16:35.0765 2924 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:16:35.0796 2924 WZCSVC - ok
18:16:35.0875 2924 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:16:35.0906 2924 xmlprov - ok
18:16:35.0921 2924 ================ Scan global ===============================
18:16:36.0062 2924 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
18:16:36.0125 2924 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:16:36.0156 2924 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:16:36.0234 2924 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
18:16:36.0250 2924 [Global] - ok
18:16:36.0250 2924 ================ Scan MBR ==================================
18:16:36.0296 2924 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
18:16:36.0656 2924 \Device\Harddisk0\DR0 - ok
18:16:36.0656 2924 ================ Scan VBR ==================================
18:16:36.0656 2924 [ B055A910E0D627B4724382EDCA5AF673 ] \Device\Harddisk0\DR0\Partition1
18:16:36.0656 2924 \Device\Harddisk0\DR0\Partition1 - ok
18:16:36.0671 2924 ============================================================
18:16:36.0671 2924 Scan finished
18:16:36.0671 2924 ============================================================
18:16:36.0687 2912 Detected object count: 0
18:16:36.0687 2912 Actual detected object count: 0
18:16:40.0390 2556 Deinitialize success
-
Security Expert- Emeritus
Hello Michelea1976 ,
Good to hear things are getting better. Could you please post the previous TDSSKiller log? The first one before the reboot. You will be able to retrieve from C:\ in TDSSKiller.Version_Date_Time_log.txt format. We have a few more steps to do before we are done.
--------------------
Run aswMBR again, zip and attach the newer C:\Documents and Settings\Michele Acampora\Desktop\MBR.dat as aswMBR2.zip. Post back the log as well.
--------------------
Please download ComboFix and save it to your desktop. Click here.
Do not mouse click on ComboFix while it is running. That may cause it to stall. ComboFix is a powerful tool and must not be used without supervision.
Install Recovery Console and run ComboFix
- Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily when running ComboFix. They will interfere and may cause unexpected results.
- If you need help to disable your protection programs see here and here.
- Double click on ComboFix.exe and follow the prompts. Please run it in Normal Mode.
- As part of its process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. You will be asked to install it if it is not present in your computer. Click Yes to proceed.
- Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
Note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue its malware removal procedures. - Once the Microsoft Windows Recovery Console is installed using ComboFix, click on Yes to continue scanning for malware.
- When finished, a log will be produced as C:\ComboFix.txt. Please post this log in your next reply.
- If you lose Internet connection after running ComboFix, right click on the network icon at the system tray and select Repair, or you can reboot the computer.
- Enable back your security softwares as soon as you completed the ComboFix steps.
A detailed step by step tutorial to run ComboFix can be found here if you need help.
--------------------
Please post back:
1. previous TDSSKiller log
2. new aswMBR log
3. aswMBR2.zip
4. ComboFix log
-
Previous TDSS Log
18:10:38.0812 2932 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:10:38.0843 2932 ============================================================
18:10:38.0859 2932 Current date / time: 2012/12/02 18:10:38.0843
18:10:38.0859 2932 SystemInfo:
18:10:38.0859 2932
18:10:38.0859 2932 OS Version: 5.1.2600 ServicePack: 3.0
18:10:38.0859 2932 Product type: Workstation
18:10:38.0859 2932 ComputerName: MICHELE
18:10:38.0859 2932 UserName: Michele Acampora
18:10:38.0859 2932 Windows directory: C:\WINDOWS
18:10:38.0859 2932 System windows directory: C:\WINDOWS
18:10:38.0859 2932 Processor architecture: Intel x86
18:10:38.0859 2932 Number of processors: 2
18:10:38.0859 2932 Page size: 0x1000
18:10:38.0859 2932 Boot type: Normal boot
18:10:38.0859 2932 ============================================================
18:10:39.0421 2932 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:10:39.0421 2932 ============================================================
18:10:39.0421 2932 \Device\Harddisk0\DR0:
18:10:39.0421 2932 MBR partitions:
18:10:39.0421 2932 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1203EBBF
18:10:39.0421 2932 ============================================================
18:10:39.0484 2932 C: <-> \Device\Harddisk0\DR0\Partition1
18:10:39.0484 2932 ============================================================
18:10:39.0484 2932 Initialize success
18:10:39.0484 2932 ============================================================
18:10:53.0921 2944 ============================================================
18:10:53.0921 2944 Scan started
18:10:53.0921 2944 Mode: Manual;
18:10:53.0921 2944 ============================================================
18:10:55.0140 2944 ================ Scan system memory ========================
18:10:55.0156 2944 System memory - ok
18:10:55.0156 2944 ================ Scan services =============================
18:10:55.0437 2944 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
18:10:55.0437 2944 !SASCORE - ok
18:10:55.0750 2944 [ 2A8681AEA24003040CA7D677BE9F1702 ] 45517545 C:\WINDOWS\system32\drivers\02888491.sys
18:10:55.0843 2944 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
18:10:55.0859 2944 Aavmker4 - ok
18:10:55.0875 2944 Abiosdsk - ok
18:10:55.0921 2944 abp480n5 - ok
18:10:56.0015 2944 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:10:56.0015 2944 ACPI - ok
18:10:56.0093 2944 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
18:10:56.0093 2944 ACPIEC - ok
18:10:56.0281 2944 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:10:56.0296 2944 AdobeFlashPlayerUpdateSvc - ok
18:10:56.0328 2944 adpu160m - ok
18:10:56.0468 2944 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:10:56.0484 2944 aec - ok
18:10:56.0593 2944 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:10:56.0609 2944 AFD - ok
18:10:56.0640 2944 Aha154x - ok
18:10:56.0687 2944 aic78u2 - ok
18:10:56.0718 2944 aic78xx - ok
18:10:56.0812 2944 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:10:56.0812 2944 Alerter - ok
18:10:56.0875 2944 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
18:10:56.0890 2944 ALG - ok
18:10:56.0906 2944 AliIde - ok
18:10:57.0015 2944 [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
18:10:57.0078 2944 Ambfilt - ok
18:10:57.0093 2944 amsint - ok
18:10:57.0250 2944 [ 2E3E53A6AEF23E24F402C7855B9B1542 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:10:57.0265 2944 Apple Mobile Device - ok
18:10:57.0281 2944 AppMgmt - ok
18:10:57.0453 2944 [ E0EE769D14128014965E03B433F5F46E ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
18:10:57.0625 2944 AR5416 - ok
18:10:57.0640 2944 asc - ok
18:10:57.0671 2944 asc3350p - ok
18:10:57.0703 2944 asc3550 - ok
18:10:58.0000 2944 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:10:58.0031 2944 aspnet_state - ok
18:10:58.0109 2944 [ E67493490466B5F04B58C22D2590E8CA ] AsUpIO C:\WINDOWS\system32\drivers\AsUpIO.sys
18:10:58.0125 2944 AsUpIO - ok
18:10:58.0203 2944 [ 12415A4B61DED200FE9932B47A35FA42 ] AsusACPI C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys
18:10:58.0203 2944 AsusACPI - ok
18:10:58.0328 2944 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
18:10:58.0328 2944 aswFsBlk - ok
18:10:58.0375 2944 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
18:10:58.0375 2944 aswMon2 - ok
18:10:58.0421 2944 [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
18:10:58.0421 2944 aswRdr - ok
18:10:58.0562 2944 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
18:10:58.0593 2944 aswSnx - ok
18:10:58.0656 2944 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
18:10:58.0671 2944 aswSP - ok
18:10:58.0703 2944 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
18:10:58.0718 2944 aswTdi - ok
18:10:58.0843 2944 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:10:58.0859 2944 AsyncMac - ok
18:10:59.0000 2944 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
18:10:59.0000 2944 atapi - ok
18:10:59.0031 2944 Atdisk - ok
18:10:59.0093 2944 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:10:59.0093 2944 Atmarpc - ok
18:10:59.0156 2944 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:10:59.0171 2944 AudioSrv - ok
18:10:59.0265 2944 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:10:59.0265 2944 audstub - ok
18:10:59.0453 2944 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
18:10:59.0453 2944 avast! Antivirus - ok
18:10:59.0703 2944 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
18:10:59.0703 2944 BBSvc - ok
18:10:59.0828 2944 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
18:10:59.0828 2944 BBUpdate - ok
18:10:59.0953 2944 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:10:59.0953 2944 Beep - ok
18:11:00.0046 2944 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
18:11:00.0109 2944 BITS - ok
18:11:00.0218 2944 [ 5AB58C337AC65837FE404462AD6265AB ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:11:00.0296 2944 Bonjour Service - ok
18:11:00.0406 2944 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
18:11:00.0421 2944 Browser - ok
18:11:00.0453 2944 btaudio - ok
18:11:00.0484 2944 BTDriver - ok
18:11:00.0531 2944 BTWDNDIS - ok
18:11:00.0578 2944 btwhid - ok
18:11:00.0593 2944 BTWUSB - ok
18:11:00.0671 2944 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:11:00.0671 2944 cbidf2k - ok
18:11:00.0718 2944 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:11:00.0718 2944 CCDECODE - ok
18:11:00.0734 2944 cd20xrnt - ok
18:11:00.0812 2944 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:11:00.0828 2944 Cdaudio - ok
18:11:00.0875 2944 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:11:00.0890 2944 Cdfs - ok
18:11:00.0921 2944 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:11:00.0921 2944 Cdrom - ok
18:11:00.0953 2944 Changer - ok
18:11:00.0984 2944 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:11:00.0984 2944 CiSvc - ok
18:11:01.0015 2944 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:11:01.0015 2944 ClipSrv - ok
18:11:01.0062 2944 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:11:01.0171 2944 clr_optimization_v2.0.50727_32 - ok
18:11:01.0234 2944 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
18:11:01.0234 2944 CmBatt - ok
18:11:01.0265 2944 CmdIde - ok
18:11:01.0343 2944 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
18:11:01.0343 2944 Compbatt - ok
18:11:01.0375 2944 COMSysApp - ok
18:11:01.0437 2944 Cpqarray - ok
18:11:01.0546 2944 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:11:01.0546 2944 CryptSvc - ok
18:11:01.0562 2944 dac2w2k - ok
18:11:01.0593 2944 dac960nt - ok
18:11:01.0718 2944 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:11:01.0765 2944 DcomLaunch - ok
18:11:01.0875 2944 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:11:01.0890 2944 Dhcp - ok
18:11:01.0906 2944 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:11:01.0906 2944 Disk - ok
18:11:01.0937 2944 dmadmin - ok
18:11:02.0015 2944 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:11:02.0062 2944 dmboot - ok
18:11:02.0109 2944 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:11:02.0125 2944 dmio - ok
18:11:02.0171 2944 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:11:02.0171 2944 dmload - ok
18:11:02.0203 2944 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:11:02.0218 2944 dmserver - ok
18:11:02.0296 2944 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:11:02.0296 2944 DMusic - ok
18:11:02.0390 2944 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:11:02.0406 2944 Dnscache - ok
18:11:02.0484 2944 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:11:02.0500 2944 Dot3svc - ok
18:11:02.0531 2944 dpti2o - ok
18:11:02.0609 2944 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:11:02.0609 2944 drmkaud - ok
18:11:02.0671 2944 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:11:02.0687 2944 EapHost - ok
18:11:02.0781 2944 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:11:02.0796 2944 ERSvc - ok
18:11:02.0906 2944 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
18:11:02.0953 2944 Eventlog - ok
18:11:03.0078 2944 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
18:11:03.0109 2944 EventSystem - ok
18:11:03.0234 2944 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:11:03.0281 2944 Fastfat - ok
18:11:03.0359 2944 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:11:03.0406 2944 FastUserSwitchingCompatibility - ok
18:11:03.0484 2944 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
18:11:03.0500 2944 Fdc - ok
18:11:03.0531 2944 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:11:03.0546 2944 Fips - ok
18:11:03.0625 2944 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
18:11:03.0625 2944 Flpydisk - ok
18:11:03.0703 2944 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
18:11:03.0703 2944 FltMgr - ok
18:11:03.0812 2944 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:11:03.0828 2944 FontCache3.0.0.0 - ok
18:11:03.0937 2944 [ C6EE3A87FE609D3E1DB9DBD072A248DE ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
18:11:03.0937 2944 fssfltr - ok
18:11:04.0062 2944 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
18:11:04.0093 2944 fsssvc - ok
18:11:04.0187 2944 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:11:04.0187 2944 Fs_Rec - ok
18:11:04.0312 2944 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:11:04.0312 2944 Ftdisk - ok
18:11:04.0421 2944 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:11:04.0437 2944 GEARAspiWDM - ok
18:11:04.0515 2944 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:11:04.0531 2944 Gpc - ok
18:11:04.0734 2944 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:11:04.0750 2944 gupdate - ok
18:11:04.0765 2944 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:11:04.0781 2944 gupdatem - ok
18:11:04.0859 2944 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:11:04.0859 2944 gusvc - ok
18:11:04.0953 2944 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:11:04.0968 2944 HDAudBus - ok
18:11:05.0156 2944 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:11:05.0171 2944 helpsvc - ok
18:11:05.0265 2944 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
18:11:05.0281 2944 HidServ - ok
18:11:05.0390 2944 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:11:05.0406 2944 HidUsb - ok
18:11:05.0468 2944 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:11:05.0500 2944 hkmsvc - ok
18:11:05.0515 2944 hpn - ok
18:11:05.0625 2944 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:11:05.0640 2944 HTTP - ok
18:11:05.0734 2944 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:11:05.0765 2944 HTTPFilter - ok
18:11:05.0796 2944 i2omgmt - ok
18:11:05.0843 2944 i2omp - ok
18:11:05.0968 2944 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:11:05.0968 2944 i8042prt - ok
18:11:06.0296 2944 [ 0F68E2EC713F132FFB19E45415B09679 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
18:11:06.0562 2944 ialm - ok
18:11:06.0687 2944 [ 8EF427C54497C5F8A7A645990E4278C7 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
18:11:06.0687 2944 iaStor - ok
18:11:06.0796 2944 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:11:06.0859 2944 idsvc - ok
18:11:06.0937 2944 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:11:06.0953 2944 Imapi - ok
18:11:07.0031 2944 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:11:07.0046 2944 ImapiService - ok
18:11:07.0062 2944 ini910u - ok
18:11:07.0359 2944 [ 9037C8BD3E896D7F2803A171FDEAEEF4 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:11:07.0750 2944 IntcAzAudAddService - ok
18:11:07.0781 2944 IntelIde - ok
18:11:07.0875 2944 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:11:07.0875 2944 intelppm - ok
18:11:07.0953 2944 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
18:11:07.0953 2944 Ip6Fw - ok
18:11:07.0984 2944 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:11:07.0984 2944 IpFilterDriver - ok
18:11:08.0000 2944 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:11:08.0015 2944 IpInIp - ok
18:11:08.0078 2944 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:11:08.0078 2944 IpNat - ok
18:11:08.0203 2944 [ 8F610078437A459948480407F4DB91EA ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:11:08.0218 2944 iPod Service - ok
18:11:08.0234 2944 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:11:08.0234 2944 IPSec - ok
18:11:08.0296 2944 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:11:08.0312 2944 IRENUM - ok
18:11:08.0390 2944 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:11:08.0390 2944 isapnp - ok
18:11:08.0609 2944 [ 9DBA73C2F1E76EC4CB837E67C5743596 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
18:11:08.0609 2944 JavaQuickStarterService - ok
18:11:08.0703 2944 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:11:08.0703 2944 Kbdclass - ok
18:11:08.0812 2944 [ 7F2B8D0B31FB4A797E5786EF124C5A80 ] kbfiltr C:\WINDOWS\system32\DRIVERS\kbfiltr.sys
18:11:08.0812 2944 kbfiltr - ok
18:11:08.0859 2944 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:11:08.0875 2944 kmixer - ok
18:11:08.0921 2944 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:11:08.0937 2944 KSecDD - ok
18:11:09.0031 2944 [ 6C8658587E91EA25B0FD2E71781AD228 ] L1c C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
18:11:09.0031 2944 L1c - ok
18:11:09.0140 2944 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
18:11:09.0203 2944 LanmanServer - ok
18:11:09.0312 2944 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:11:09.0375 2944 lanmanworkstation - ok
18:11:09.0390 2944 lbrtfdc - ok
18:11:09.0562 2944 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:11:09.0578 2944 LmHosts - ok
18:11:09.0640 2944 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:11:09.0671 2944 Messenger - ok
18:11:09.0750 2944 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:11:09.0750 2944 mnmdd - ok
18:11:09.0828 2944 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:11:09.0890 2944 mnmsrvc - ok
18:11:09.0937 2944 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:11:09.0937 2944 Modem - ok
18:11:10.0046 2944 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
18:11:10.0093 2944 Monfilt - ok
18:11:10.0187 2944 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:11:10.0187 2944 Mouclass - ok
18:11:10.0296 2944 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:11:10.0312 2944 mouhid - ok
18:11:10.0375 2944 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:11:10.0390 2944 MountMgr - ok
18:11:10.0484 2944 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:11:10.0500 2944 MozillaMaintenance - ok
18:11:10.0515 2944 mraid35x - ok
18:11:10.0578 2944 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:11:10.0593 2944 MRxDAV - ok
18:11:10.0687 2944 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:11:10.0812 2944 MRxSmb - ok
18:11:10.0875 2944 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:11:10.0906 2944 MSDTC - ok
18:11:10.0937 2944 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:11:10.0968 2944 Msfs - ok
18:11:11.0000 2944 MSIServer - ok
18:11:11.0046 2944 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:11:11.0062 2944 MSKSSRV - ok
18:11:11.0078 2944 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:11:11.0078 2944 MSPCLOCK - ok
18:11:11.0109 2944 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:11:11.0109 2944 MSPQM - ok
18:11:11.0171 2944 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:11:11.0187 2944 mssmbios - ok
18:11:11.0203 2944 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
18:11:11.0203 2944 MSTEE - ok
18:11:11.0265 2944 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:11:11.0281 2944 Mup - ok
18:11:11.0296 2944 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:11:11.0296 2944 NABTSFEC - ok
18:11:11.0343 2944 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:11:11.0375 2944 napagent - ok
18:11:11.0453 2944 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:11:11.0468 2944 NDIS - ok
18:11:11.0500 2944 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:11:11.0500 2944 NdisIP - ok
18:11:11.0609 2944 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:11:11.0609 2944 NdisTapi - ok
18:11:11.0718 2944 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:11:11.0718 2944 Ndisuio - ok
18:11:11.0750 2944 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:11:11.0765 2944 NdisWan - ok
18:11:11.0843 2944 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:11:11.0859 2944 NDProxy - ok
18:11:12.0000 2944 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:11:12.0000 2944 NetBIOS - ok
18:11:12.0125 2944 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:11:12.0125 2944 NetBT - ok
18:11:12.0187 2944 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
18:11:12.0218 2944 NetDDE - ok
18:11:12.0265 2944 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:11:12.0296 2944 NetDDEdsdm - ok
18:11:12.0375 2944 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:11:12.0390 2944 Netlogon - ok
18:11:12.0406 2944 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
18:11:12.0437 2944 Netman - ok
18:11:12.0515 2944 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:11:12.0515 2944 NetTcpPortSharing - ok
18:11:12.0578 2944 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
18:11:12.0593 2944 Nla - ok
18:11:12.0625 2944 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:11:12.0625 2944 Npfs - ok
18:11:12.0671 2944 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:11:12.0703 2944 Ntfs - ok
18:11:12.0718 2944 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:11:12.0734 2944 NtLmSsp - ok
18:11:12.0781 2944 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:11:12.0812 2944 NtmsSvc - ok
18:11:12.0890 2944 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
18:11:12.0890 2944 Null - ok
18:11:12.0968 2944 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:11:12.0968 2944 NwlnkFlt - ok
18:11:12.0984 2944 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:11:13.0000 2944 NwlnkFwd - ok
18:11:13.0156 2944 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:11:13.0187 2944 odserv - ok
18:11:13.0234 2944 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:11:13.0250 2944 ose - ok
18:11:13.0625 2944 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:11:13.0843 2944 osppsvc - ok
18:11:13.0906 2944 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
18:11:13.0921 2944 Parport - ok
18:11:14.0000 2944 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:11:14.0000 2944 PartMgr - ok
18:11:14.0078 2944 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:11:14.0093 2944 ParVdm - ok
18:11:14.0156 2944 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:11:14.0171 2944 PCI - ok
18:11:14.0187 2944 PCIDump - ok
18:11:14.0203 2944 PCIIde - ok
18:11:14.0281 2944 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:11:14.0296 2944 Pcmcia - ok
18:11:14.0312 2944 PDCOMP - ok
18:11:14.0328 2944 PDFRAME - ok
18:11:14.0359 2944 PDRELI - ok
18:11:14.0390 2944 PDRFRAME - ok
18:11:14.0421 2944 perc2 - ok
18:11:14.0453 2944 perc2hib - ok
18:11:14.0562 2944 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
18:11:14.0593 2944 PlugPlay - ok
18:11:14.0609 2944 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:11:14.0625 2944 PolicyAgent - ok
18:11:14.0640 2944 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:11:14.0656 2944 PptpMiniport - ok
18:11:14.0687 2944 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:11:14.0687 2944 ProtectedStorage - ok
18:11:14.0718 2944 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:11:14.0718 2944 PSched - ok
18:11:14.0750 2944 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:11:14.0750 2944 Ptilink - ok
18:11:14.0765 2944 ql1080 - ok
18:11:14.0796 2944 Ql10wnt - ok
18:11:14.0828 2944 ql12160 - ok
18:11:14.0859 2944 ql1240 - ok
18:11:14.0890 2944 ql1280 - ok
18:11:14.0921 2944 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:11:14.0921 2944 RasAcd - ok
18:11:14.0984 2944 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:11:15.0015 2944 RasAuto - ok
18:11:15.0078 2944 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:11:15.0093 2944 Rasl2tp - ok
18:11:15.0125 2944 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:11:15.0156 2944 RasMan - ok
18:11:15.0171 2944 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:11:15.0171 2944 RasPppoe - ok
18:11:15.0203 2944 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:11:15.0203 2944 Raspti - ok
18:11:15.0234 2944 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:11:15.0250 2944 Rdbss - ok
18:11:15.0359 2944 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:11:15.0359 2944 RDPCDD - ok
18:11:15.0453 2944 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:11:15.0468 2944 RDPWD - ok
18:11:15.0515 2944 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:11:15.0562 2944 RDSessMgr - ok
18:11:15.0640 2944 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:11:15.0640 2944 redbook - ok
18:11:15.0718 2944 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:11:15.0734 2944 RemoteAccess - ok
18:11:15.0765 2944 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
18:11:15.0812 2944 RpcLocator - ok
18:11:15.0906 2944 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
18:11:15.0937 2944 RpcSs - ok
18:11:15.0984 2944 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:11:16.0046 2944 RSVP - ok
18:11:16.0109 2944 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
18:11:16.0140 2944 SamSs - ok
18:11:16.0234 2944 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:11:16.0234 2944 SASDIFSV - ok
18:11:16.0265 2944 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:11:16.0281 2944 SASKUTIL - ok
18:11:16.0359 2944 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:11:16.0406 2944 SCardSvr - ok
18:11:16.0515 2944 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:11:16.0562 2944 Schedule - ok
18:11:16.0812 2944 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
18:11:17.0078 2944 SDScannerService - ok
18:11:17.0187 2944 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
18:11:17.0250 2944 SDUpdateService - ok
18:11:17.0312 2944 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
18:11:17.0328 2944 SDWSCService - ok
18:11:17.0406 2944 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:11:17.0406 2944 Secdrv - ok
18:11:17.0453 2944 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:11:17.0484 2944 seclogon - ok
18:11:17.0562 2944 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
18:11:17.0609 2944 SENS - ok
18:11:17.0656 2944 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
18:11:17.0671 2944 Serial - ok
18:11:17.0812 2944 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:11:17.0828 2944 Sfloppy - ok
18:11:17.0859 2944 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:11:17.0890 2944 SharedAccess - ok
18:11:18.0046 2944 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:11:18.0062 2944 ShellHWDetection - ok
18:11:18.0093 2944 Simbad - ok
18:11:18.0218 2944 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:11:18.0234 2944 SkypeUpdate - ok
18:11:18.0281 2944 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:11:18.0296 2944 SLIP - ok
18:11:18.0468 2944 [ 473F35E2A378B854731E67C377A3BEA7 ] SNP2UVC C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
18:11:18.0562 2944 SNP2UVC - ok
18:11:18.0578 2944 Sparrow - ok
18:11:18.0703 2944 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:11:18.0703 2944 splitter - ok
18:11:18.0812 2944 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:11:18.0984 2944 Spooler - ok
18:11:19.0109 2944 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:11:19.0109 2944 sr - ok
18:11:19.0156 2944 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
18:11:19.0203 2944 srservice - ok
18:11:19.0281 2944 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:11:19.0296 2944 Srv - ok
18:11:19.0359 2944 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:11:19.0406 2944 SSDPSRV - ok
18:11:19.0453 2944 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:11:19.0484 2944 stisvc - ok
18:11:19.0515 2944 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:11:19.0515 2944 streamip - ok
18:11:19.0593 2944 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:11:19.0593 2944 swenum - ok
18:11:19.0640 2944 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:11:19.0640 2944 swmidi - ok
18:11:19.0656 2944 SwPrv - ok
18:11:19.0703 2944 symc810 - ok
18:11:19.0718 2944 symc8xx - ok
18:11:19.0750 2944 sym_hi - ok
18:11:19.0781 2944 sym_u3 - ok
18:11:19.0843 2944 [ 8E25A1DBB8527B2074AF9B682F818768 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
18:11:19.0984 2944 SynTP - ok
18:11:20.0015 2944 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:11:20.0031 2944 sysaudio - ok
18:11:20.0093 2944 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:11:20.0125 2944 SysmonLog - ok
18:11:20.0218 2944 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:11:20.0250 2944 TapiSrv - ok
18:11:20.0359 2944 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:11:20.0390 2944 Tcpip - ok
18:11:20.0453 2944 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:11:20.0468 2944 TDPIPE - ok
18:11:20.0500 2944 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:11:20.0515 2944 TDTCP - ok
18:11:20.0562 2944 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:11:20.0578 2944 TermDD - ok
18:11:20.0640 2944 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
18:11:20.0687 2944 TermService - ok
18:11:20.0750 2944 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
18:11:20.0765 2944 Themes - ok
18:11:20.0828 2944 TosIde - ok
18:11:21.0015 2944 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:11:21.0046 2944 TrkWks - ok
18:11:21.0125 2944 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:11:21.0140 2944 Udfs - ok
18:11:21.0156 2944 ultra - ok
18:11:21.0265 2944 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:11:21.0281 2944 Update - ok
18:11:21.0359 2944 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:11:21.0390 2944 upnphost - ok
18:11:21.0421 2944 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
18:11:21.0468 2944 UPS - ok
18:11:21.0546 2944 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:11:21.0562 2944 usbccgp - ok
18:11:21.0687 2944 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:11:21.0687 2944 usbehci - ok
18:11:21.0796 2944 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:11:21.0812 2944 usbhub - ok
18:11:21.0843 2944 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:11:21.0875 2944 usbstor - ok
18:11:22.0015 2944 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:11:22.0015 2944 usbuhci - ok
18:11:22.0093 2944 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
18:11:22.0109 2944 usbvideo - ok
18:11:22.0156 2944 [ C019889035CDC1A06F2FEBC93CBB6897 ] uvclf C:\WINDOWS\system32\DRIVERS\uvclf.sys
18:11:22.0171 2944 uvclf - ok
18:11:22.0234 2944 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:11:22.0234 2944 VgaSave - ok
18:11:22.0265 2944 ViaIde - ok
18:11:22.0406 2944 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:11:22.0421 2944 VolSnap - ok
18:11:22.0500 2944 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
18:11:22.0562 2944 VSS - ok
18:11:22.0656 2944 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
18:11:22.0718 2944 W32Time - ok
18:11:22.0859 2944 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:11:22.0875 2944 Wanarp - ok
18:11:23.0031 2944 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
18:11:23.0062 2944 Wdf01000 - ok
18:11:23.0093 2944 WDICA - ok
18:11:23.0125 2944 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:11:23.0140 2944 wdmaud - ok
18:11:23.0218 2944 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:11:23.0250 2944 WebClient - ok
18:11:23.0453 2944 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:11:23.0468 2944 winmgmt - ok
18:11:23.0609 2944 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:11:23.0640 2944 WmdmPmSN - ok
18:11:23.0687 2944 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:11:23.0703 2944 WmiApSrv - ok
18:11:23.0781 2944 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
18:11:23.0812 2944 WMPNetworkSvc - ok
18:11:23.0968 2944 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:11:24.0015 2944 wscsvc - ok
18:11:24.0046 2944 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:11:24.0062 2944 WSTCODEC - ok
18:11:24.0156 2944 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:11:24.0203 2944 wuauserv - ok
18:11:24.0250 2944 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:11:24.0265 2944 WudfPf - ok
18:11:24.0281 2944 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:11:24.0296 2944 WudfRd - ok
18:11:24.0343 2944 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
18:11:24.0375 2944 WudfSvc - ok
18:11:24.0484 2944 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:11:24.0531 2944 WZCSVC - ok
18:11:24.0609 2944 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:11:24.0640 2944 xmlprov - ok
18:11:24.0671 2944 ================ Scan global ===============================
18:11:24.0750 2944 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
18:11:24.0859 2944 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:11:25.0015 2944 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:11:25.0093 2944 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
18:11:25.0109 2944 [Global] - ok
18:11:25.0109 2944 ================ Scan MBR ==================================
18:11:25.0171 2944 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
18:11:25.0171 2944 Suspicious mbr (Forged): \Device\Harddisk0\DR0
18:11:25.0218 2944 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
18:11:25.0218 2944 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
18:11:25.0218 2944 ================ Scan VBR ==================================
18:11:25.0234 2944 [ B055A910E0D627B4724382EDCA5AF673 ] \Device\Harddisk0\DR0\Partition1
18:11:25.0250 2944 \Device\Harddisk0\DR0\Partition1 - ok
18:11:25.0250 2944 ============================================================
18:11:25.0250 2944 Scan finished
18:11:25.0250 2944 ============================================================
18:11:25.0312 3384 Detected object count: 1
18:11:25.0312 3384 Actual detected object count: 1
18:13:08.0015 3384 \Device\Harddisk0\DR0\# - copied to quarantine
18:13:08.0015 3384 \Device\Harddisk0\DR0 - copied to quarantine
18:13:08.0109 3384 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
18:13:08.0140 3384 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
18:13:08.0390 3384 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
18:13:08.0781 3384 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
18:13:19.0156 3384 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
18:13:20.0234 3384 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
18:13:20.0250 3384 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
18:13:20.0265 3384 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
18:13:20.0281 3384 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
18:13:20.0875 3384 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
18:13:21.0250 3384 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
18:13:21.0468 3384 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
18:13:21.0468 3384 \Device\Harddisk0\DR0 - ok
18:13:21.0468 3384 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
18:13:42.0250 3196 Deinitialize success
-
I don't remember how to run the MBR.dat file. Do I just zip it up? It's on my desktop and when I click on it, there is no program to run it. I've got so many anti-spyware things on my desktop, I forget which one. Thanks!!
-
Security Expert- Emeritus
Hello Michelea1976 ,
No worries about aswMBR, skip it and continue with ComboFix.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
