Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: HELP - hyjacked brouser and other malware..

  1. #1
    Junior Member
    Join Date
    Aug 2013
    Posts
    8

    Default HELP - hyjacked brouser and other malware..

    I seem to have been hyjacked. I run all the tools I have all the time. Skybot finds "win32dowloader.gen" plus various other threats almost daily for a week now. (spybot 2.1) Malaware finds numerous "pop.0 optional" files. Avast updates several times a day and runs daily but doesn't seem to find anything. Yesterday I ran the deep scan, but nothing came up. My yahoo account seems to have been hyjacked. When I open it my avast says it's a plishing window and do I want to continue. At the beginning I entered my name and password and it took me to my regular account,but something is seriously wrong. That is not the only site I have problems accessing..

    My computer won't allow me to download "aswMBR" - It seems stuck and keeps saying it will take an hour. Now it says 48 mins. At least it's moving which yesterday it wouldn't.

    Below find the logs as per your request.
    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2
    Run by Phil at 17:40:36 on 2013-08-18
    Microsoft Windows XP Home Edition 5.1.2600.3.1255.44.1033.18.2037.665 [GMT 3:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    ============== Running Processes ================
    .
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\PROGRAM FILES\FAXTALK COMMUNICATOR\FTCtrl32.exe
    C:\Program Files\AVAST Software\Avast\avastUI.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\FsUsbExService.Exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Program Files\Samsung\Kies\KiesAirMessage.exe
    C:\Program Files\Samsung\Kies\Kies.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\PROGRAM FILES\FAXTALK COMMUNICATOR\FAPIEXE.EXE
    C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
    C:\WINDOWS\system32\taskmgr.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\zshp1018.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    mStart Page = hxxp://search.appsarefun.info/
    uProxyServer = localhost:21320
    uURLSearchHooks: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - <orphaned>
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [BC9BF43140F8DFDE8A13C323ED26B8D82B231876._service_run] "c:\program files\google\chrome\application\chrome.exe" --type=service
    uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
    uRun: [] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
    uRun: [KiesAirMessage] c:\program files\samsung\kies\KiesAirMessage.exe -startup
    uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
    mRun: [WrtMon.exe] c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe
    mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4.0\OpwareSE4.exe"
    mRun: [CallControl 4.5] c:\program files\faxtalk communicator\FTCtrl32.exe /autoload
    mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
    mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
    mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [Alcmtr] ALCMTR.EXE
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    StartupFolder: c:\docume~1\phil\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1369691278156
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1369689354156
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
    TCP: NameServer = 10.0.0.138
    TCP: Interfaces\{D46186AE-A8E2-416E-8171-303509F28198} : NameServer = 8.26.56.26,156.154.70.22
    TCP: Interfaces\{D46186AE-A8E2-416E-8171-303509F28198} : DHCPNameServer = 10.0.0.138
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: igfxcui - igfxdev.dll
    Notify: SDWinLogon - SDWinLogon.dll
    AppInit_DLLs= c:\windows\system32\guard32.dll c:\progra~1\sprote~1\sprote~1.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.95\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    IFEO: cdbxpp.exe - "c:\program files\tuneup utilities 2011\TUAutoReactivator32.exe"
    IFEO: registrybooster.exe - "c:\program files\tuneup utilities 2011\TUAutoReactivator32.exe"
    IFEO: switch.exe - "c:\program files\tuneup utilities 2011\TUAutoReactivator32.exe"
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-6 49376]
    R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-6 175176]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-10-27 770344]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-10-27 369584]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-10-27 29816]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-3-6 66336]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-10-27 46808]
    R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2013-7-2 233472]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-6-30 1817560]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-6-30 1033688]
    R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2013-7-2 37344]
    S1 MpKsl5c047abb;MpKsl5c047abb;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{aadafceb-3a84-4b59-bac0-c5c725f1e960}\mpksl5c047abb.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{aadafceb-3a84-4b59-bac0-c5c725f1e960}\MpKsl5c047abb.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-6-30 171928]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-3 162408]
    S3 Aldebaran;Aldebaran - Storage Filter Drivers;\??\c:\windows\system32\drivers\aldebaran.sys --> c:\windows\system32\drivers\Aldebaran.sys [?]
    S3 DM9USB;DM9601 USB To Fast Ethernet Adapter;c:\windows\system32\drivers\dm9usb.sys [2011-1-12 54272]
    S3 GSService;GSService;c:\windows\system32\GSService.exe [2012-12-21 252928]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
    S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-16 755880]
    .
    =============== Created Last 30 ================
    .
    2013-08-17 13:21:41 -------- d-----w- c:\documents and settings\phil\local settings\application data\Conduit
    2013-07-29 22:00:49 -------- d-----w- c:\windows\system32\MRT
    .
    ==================== Find3M ====================
    .
    2013-07-26 02:47:17 920064 ----a-w- c:\windows\system32\wininet.dll
    2013-07-26 02:47:13 43520 ------w- c:\windows\system32\licmgr10.dll
    2013-07-26 02:47:12 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2013-07-25 15:52:59 385024 ------w- c:\windows\system32\html.iec
    2013-07-10 10:37:53 406016 ----a-w- c:\windows\system32\usp10.dll
    2013-07-04 03:03:25 2149888 ------w- c:\windows\system32\ntoskrnl.exe
    2013-07-04 02:08:30 2028544 ------w- c:\windows\system32\ntkrnlpa.exe
    2013-07-01 01:40:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-07-01 01:40:26 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-06-28 08:47:51 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2013-06-28 08:47:51 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
    2013-06-27 09:53:55 22 ----a-w- c:\documents and settings\phil\dc.bat
    2013-06-04 07:23:02 562688 ------w- c:\windows\system32\qedit.dll
    2013-06-04 01:40:45 1876736 ------w- c:\windows\system32\win32k.sys
    2013-05-28 01:59:37 590848 ----a-w- c:\windows\system32\rpcrt4.dll
    2013-05-28 00:41:07 6144 ----a-w- c:\windows\system32\xpsp4res.dll
    2013-05-27 19:34:50 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2013-05-27 19:34:43 144896 ----a-w- c:\windows\system32\javacpl.cpl
    2013-05-27 19:34:42 866720 ----a-w- c:\windows\system32\npDeployJava1.dll
    2013-05-27 19:34:42 788896 ----a-w- c:\windows\system32\deployJava1.dll
    2013-05-22 11:34:26 37344 ----a-w- c:\windows\system32\FsUsbExDisk.Sys
    2013-05-22 11:34:24 233472 ----a-w- c:\windows\system32\FsUsbExService.Exe
    .
    ============= FINISH: 17:40:45.12 ===============
    Attached Files Attached Files

  2. #2
    Malware Team: Emeritus
    Join Date
    Oct 2012
    Posts
    246

    Default

    Hi and Welcome!! pgbacal

    My name is Robybel.

    I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
    • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
    • The fixes are specific to your problem and should only be used for the issues on this machine.
    • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
    • It's often worth reading through these instructions and printing them for ease of reference.
    • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
    • Please reply to this thread. Do not start a new topic.


    IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
    DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.


    Vista and Windows 7 users:

    These tools MUST be run from the executable. (.exe) every time you run them
    with Admin Rights (Right click, choose "Run as Administrator")


    Stay with this topic until I give you the all clean post.

    Having said that....Let's get going!!

    ====================

    " I see from the logs that you have two antivirus products installed. Having more than one antivirus can cause slowdowns, conflicts and crashes.
    I suggest removing one of them via Programs and Features"


    P2P Programs:

    P2P programs are a major source of Malware infections.
    From your log I see you have uTorrent We do not pass judgment on file-sharing, however we must inform you that engaging in this activity and having this kind of software installed on your system will always make you more susceptible to Malware infections.
    The use of P2P programs may be contributing to your current situation, and you would certainly be doing yourself a favour by removing them.
    If you wish to keep the program(s), please do not use them until your computer is cleaned.

    Information regarding the risk of using these programs can be found from here and here

    Next




    Please read carefully and follow these steps.
    • Download TDSSKiller and save it to your Desktop.
    • Extract its contents to your desktop.
    • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.




    • If an infected file is detected, the default action will be Cure, click on Continue.




    • If a suspicious file is detected, the default action will be Skip, click on Continue.




    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.




    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
    - Proud Graduate of WTT Classroom -

    - Member of UNITE -

  3. #3
    Junior Member
    Join Date
    Aug 2013
    Posts
    8

    Default TDSSKiller report below

    01:03:48.0937 13876 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
    01:03:49.0687 13876 ============================================================
    01:03:49.0687 13876 Current date / time: 2013/08/21 01:03:49.0687
    01:03:49.0687 13876 SystemInfo:
    01:03:49.0687 13876
    01:03:49.0687 13876 OS Version: 5.1.2600 ServicePack: 3.0
    01:03:49.0687 13876 Product type: Workstation
    01:03:49.0687 13876 ComputerName: PHILIPA-8D9C728
    01:03:49.0781 13876 UserName: Phil
    01:03:49.0781 13876 Windows directory: C:\WINDOWS
    01:03:49.0781 13876 System windows directory: C:\WINDOWS
    01:03:49.0781 13876 Processor architecture: Intel x86
    01:03:49.0781 13876 Number of processors: 2
    01:03:49.0781 13876 Page size: 0x1000
    01:03:49.0781 13876 Boot type: Normal boot
    01:03:49.0781 13876 ============================================================
    01:03:52.0140 13876 Drive \Device\Harddisk0\DR0 - Size: 0x1BF286DE00 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
    01:03:52.0156 13876 Drive \Device\Harddisk1\DR1 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
    01:03:52.0171 13876 ============================================================
    01:03:52.0171 13876 \Device\Harddisk0\DR0:
    01:03:52.0171 13876 MBR partitions:
    01:03:52.0171 13876 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x6B6DE25
    01:03:52.0171 13876 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x6B6DE64, BlocksNum 0x742595D
    01:03:52.0171 13876 \Device\Harddisk1\DR1:
    01:03:52.0171 13876 MBR partitions:
    01:03:52.0171 13876 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1368192C
    01:03:52.0171 13876 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x136819AA, BlocksNum 0x1368192C
    01:03:52.0203 13876 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x26D03315, BlocksNum 0x1367DA6B
    01:03:52.0203 13876 ============================================================
    01:03:52.0453 13876 F: <-> \Device\Harddisk1\DR1\Partition2
    01:03:52.0750 13876 G: <-> \Device\Harddisk1\DR1\Partition3
    01:03:53.0421 13876 C: <-> \Device\Harddisk1\DR1\Partition1
    01:03:53.0453 13876 Y: <-> \Device\Harddisk0\DR0\Partition1
    01:03:53.0453 13876 Z: <-> \Device\Harddisk0\DR0\Partition2
    01:03:53.0453 13876 ============================================================
    01:03:53.0453 13876 Initialize success
    01:03:53.0453 13876 ============================================================
    01:03:56.0234 9184 ============================================================
    01:03:56.0234 9184 Scan started
    01:03:56.0234 9184 Mode: Manual;
    01:03:56.0234 9184 ============================================================
    01:03:58.0765 9184 ================ Scan system memory ========================
    01:03:58.0765 9184 System memory - ok
    01:03:58.0765 9184 ================ Scan services =============================
    01:03:58.0984 9184 Abiosdsk - ok
    01:03:58.0984 9184 abp480n5 - ok
    01:03:59.0062 9184 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
    01:03:59.0062 9184 ACPI - ok
    01:03:59.0093 9184 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
    01:03:59.0109 9184 ACPIEC - ok
    01:03:59.0203 9184 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    01:03:59.0218 9184 AdobeFlashPlayerUpdateSvc - ok
    01:03:59.0234 9184 adpu160m - ok
    01:03:59.0281 9184 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
    01:03:59.0281 9184 aec - ok
    01:03:59.0437 9184 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
    01:03:59.0453 9184 AFD - ok
    01:03:59.0453 9184 Aha154x - ok
    01:03:59.0468 9184 aic78u2 - ok
    01:03:59.0468 9184 aic78xx - ok
    01:03:59.0484 9184 Aldebaran - ok
    01:03:59.0515 9184 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
    01:03:59.0515 9184 Alerter - ok
    01:03:59.0531 9184 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
    01:03:59.0531 9184 ALG - ok
    01:03:59.0531 9184 AliIde - ok
    01:03:59.0546 9184 amsint - ok
    01:03:59.0546 9184 AppMgmt - ok
    01:03:59.0546 9184 asc - ok
    01:03:59.0562 9184 asc3350p - ok
    01:03:59.0562 9184 asc3550 - ok
    01:03:59.0703 9184 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
    01:03:59.0718 9184 aspnet_state - ok
    01:03:59.0734 9184 [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
    01:03:59.0750 9184 aswFsBlk - ok
    01:03:59.0781 9184 [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
    01:03:59.0781 9184 aswMonFlt - ok
    01:03:59.0812 9184 [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
    01:03:59.0828 9184 AswRdr - ok
    01:03:59.0859 9184 [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
    01:03:59.0859 9184 aswRvrt - ok
    01:03:59.0890 9184 [ CCD565A8A72AF7D45F9A242013870926 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
    01:03:59.0921 9184 aswSnx - ok
    01:03:59.0953 9184 [ 937300BC7C4CDF7576BCCE44E19BBB9D ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
    01:03:59.0968 9184 aswSP - ok
    01:04:00.0000 9184 [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
    01:04:00.0000 9184 aswTdi - ok
    01:04:00.0031 9184 [ 8CFAA2B965773A653F48F1207A9CB9C4 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
    01:04:00.0031 9184 aswVmm - ok
    01:04:00.0125 9184 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    01:04:00.0140 9184 AsyncMac - ok
    01:04:00.0140 9184 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
    01:04:00.0156 9184 atapi - ok
    01:04:00.0156 9184 Atdisk - ok
    01:04:00.0234 9184 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    01:04:00.0234 9184 Atmarpc - ok
    01:04:00.0250 9184 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
    01:04:00.0250 9184 AudioSrv - ok
    01:04:00.0296 9184 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
    01:04:00.0296 9184 audstub - ok
    01:04:00.0578 9184 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    01:04:00.0593 9184 avast! Antivirus - ok
    01:04:00.0625 9184 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
    01:04:00.0625 9184 Beep - ok
    01:04:00.0640 9184 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
    01:04:00.0671 9184 BITS - ok
    01:04:00.0703 9184 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
    01:04:00.0734 9184 Browser - ok
    01:04:00.0750 9184 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
    01:04:00.0750 9184 cbidf2k - ok
    01:04:00.0796 9184 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    01:04:00.0812 9184 CCDECODE - ok
    01:04:00.0812 9184 cd20xrnt - ok
    01:04:00.0843 9184 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
    01:04:00.0843 9184 Cdaudio - ok
    01:04:00.0859 9184 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
    01:04:00.0859 9184 Cdfs - ok
    01:04:00.0890 9184 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
    01:04:00.0890 9184 Cdrom - ok
    01:04:00.0890 9184 Changer - ok
    01:04:00.0906 9184 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
    01:04:00.0906 9184 CiSvc - ok
    01:04:00.0921 9184 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
    01:04:00.0953 9184 ClipSrv - ok
    01:04:01.0046 9184 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    01:04:01.0062 9184 clr_optimization_v2.0.50727_32 - ok
    01:04:01.0125 9184 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    01:04:01.0125 9184 clr_optimization_v4.0.30319_32 - ok
    01:04:01.0140 9184 CmdIde - ok
    01:04:01.0140 9184 COMSysApp - ok
    01:04:01.0156 9184 Cpqarray - ok
    01:04:01.0187 9184 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
    01:04:01.0187 9184 CryptSvc - ok
    01:04:01.0203 9184 dac2w2k - ok
    01:04:01.0203 9184 dac960nt - ok
    01:04:01.0328 9184 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
    01:04:01.0359 9184 DcomLaunch - ok
    01:04:01.0390 9184 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
    01:04:01.0390 9184 Dhcp - ok
    01:04:01.0406 9184 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
    01:04:01.0421 9184 Disk - ok
    01:04:01.0453 9184 [ CBA7EC7D2CD6082D934EE40038C45D4D ] DM9USB C:\WINDOWS\system32\DRIVERS\dm9usb.sys
    01:04:01.0453 9184 DM9USB - ok
    01:04:01.0453 9184 dmadmin - ok
    01:04:01.0578 9184 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
    01:04:01.0609 9184 dmboot - ok
    01:04:01.0625 9184 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
    01:04:01.0640 9184 dmio - ok
    01:04:01.0656 9184 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
    01:04:01.0671 9184 dmload - ok
    01:04:01.0671 9184 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
    01:04:01.0687 9184 dmserver - ok
    01:04:01.0718 9184 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
    01:04:01.0718 9184 DMusic - ok
    01:04:01.0734 9184 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
    01:04:01.0750 9184 Dnscache - ok
    01:04:01.0875 9184 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
    01:04:01.0890 9184 Dot3svc - ok
    01:04:01.0890 9184 dpti2o - ok
    01:04:01.0921 9184 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
    01:04:01.0937 9184 drmkaud - ok
    01:04:01.0968 9184 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
    01:04:01.0984 9184 EapHost - ok
    01:04:02.0015 9184 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
    01:04:02.0015 9184 ERSvc - ok
    01:04:02.0031 9184 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
    01:04:02.0046 9184 Eventlog - ok
    01:04:02.0109 9184 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
    01:04:02.0140 9184 EventSystem - ok
    01:04:02.0234 9184 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
    01:04:02.0234 9184 Fastfat - ok
    01:04:02.0265 9184 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
    01:04:02.0390 9184 FastUserSwitchingCompatibility - ok
    01:04:02.0406 9184 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
    01:04:02.0406 9184 Fdc - ok
    01:04:02.0421 9184 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
    01:04:02.0453 9184 Fips - ok
    01:04:02.0484 9184 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    01:04:02.0484 9184 Flpydisk - ok
    01:04:02.0515 9184 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
    01:04:02.0515 9184 FltMgr - ok
    01:04:02.0734 9184 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    01:04:02.0750 9184 FontCache3.0.0.0 - ok
    01:04:02.0890 9184 [ DDEE99DC54EFA20BD5A442CD733C4462 ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
    01:04:02.0906 9184 FsUsbExDisk - ok
    01:04:02.0921 9184 [ 0796C1E47ADB9825269E64B9DAB4E741 ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe
    01:04:02.0953 9184 FsUsbExService - ok
    01:04:02.0984 9184 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
    01:04:02.0984 9184 Fs_Rec - ok
    01:04:03.0000 9184 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    01:04:03.0031 9184 Ftdisk - ok
    01:04:03.0062 9184 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
    01:04:03.0062 9184 Gpc - ok
    01:04:03.0093 9184 [ A423E4E2187B5E8DEA8A6B31950ACC18 ] GSService C:\WINDOWS\system32\GSService.exe
    01:04:03.0093 9184 GSService - ok
    01:04:03.0171 9184 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
    01:04:03.0187 9184 gupdate - ok
    01:04:03.0203 9184 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
    01:04:03.0203 9184 gupdatem - ok
    01:04:03.0265 9184 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    01:04:03.0296 9184 HDAudBus - ok
    01:04:03.0390 9184 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
    01:04:03.0406 9184 helpsvc - ok
    01:04:03.0406 9184 HidServ - ok
    01:04:03.0437 9184 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
    01:04:03.0437 9184 HidUsb - ok
    01:04:03.0656 9184 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
    01:04:03.0734 9184 hkmsvc - ok
    01:04:03.0734 9184 hpn - ok
    01:04:03.0781 9184 [ 970178E8E003EB1481293830069624B9 ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys
    01:04:03.0828 9184 HSFHWBS2 - ok
    01:04:03.0843 9184 [ EBB354438A4C5A3327FB97306260714A ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
    01:04:03.0875 9184 HSF_DP - ok
    01:04:03.0968 9184 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
    01:04:03.0984 9184 HTTP - ok
    01:04:04.0062 9184 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
    01:04:04.0437 9184 HTTPFilter - ok
    01:04:04.0437 9184 i2omgmt - ok
    01:04:04.0453 9184 i2omp - ok
    01:04:04.0890 9184 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    01:04:04.0953 9184 i8042prt - ok
    01:04:05.0265 9184 [ 3B743262B6456167888D15F1121B3BF7 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
    01:04:05.0640 9184 ialm - ok
    01:04:05.0765 9184 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    01:04:05.0765 9184 IDriverT - ok
    01:04:05.0937 9184 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    01:04:06.0078 9184 idsvc - ok
    01:04:06.0156 9184 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
    01:04:06.0171 9184 Imapi - ok
    01:04:06.0234 9184 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
    01:04:06.0250 9184 ImapiService - ok
    01:04:06.0250 9184 ini910u - ok
    01:04:06.0718 9184 [ DB589671E0C403D65884CF0B50600FCD ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
    01:04:06.0921 9184 IntcAzAudAddService - ok
    01:04:06.0921 9184 IntelIde - ok
    01:04:06.0984 9184 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
    01:04:06.0984 9184 intelppm - ok
    01:04:06.0984 9184 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
    01:04:06.0984 9184 Ip6Fw - ok
    01:04:07.0015 9184 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    01:04:07.0015 9184 IpFilterDriver - ok
    01:04:07.0046 9184 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
    01:04:07.0062 9184 IpInIp - ok
    01:04:07.0218 9184 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
    01:04:07.0218 9184 IpNat - ok
    01:04:07.0234 9184 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
    01:04:07.0234 9184 IPSec - ok
    01:04:07.0281 9184 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
    01:04:07.0296 9184 IRENUM - ok
    01:04:07.0312 9184 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
    01:04:07.0328 9184 isapnp - ok
    01:04:07.0421 9184 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
    01:04:07.0421 9184 JavaQuickStarterService - ok
    01:04:07.0468 9184 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    01:04:07.0468 9184 Kbdclass - ok
    01:04:07.0484 9184 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    01:04:07.0500 9184 kbdhid - ok
    01:04:07.0593 9184 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
    01:04:07.0625 9184 kmixer - ok
    01:04:07.0671 9184 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
    01:04:07.0687 9184 KSecDD - ok
    01:04:07.0703 9184 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
    01:04:07.0796 9184 lanmanserver - ok
    01:04:07.0812 9184 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
    01:04:07.0843 9184 lanmanworkstation - ok
    01:04:07.0859 9184 Lavasoft Kernexplorer - ok
    01:04:07.0875 9184 lbrtfdc - ok
    01:04:07.0953 9184 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
    01:04:07.0953 9184 LmHosts - ok
    01:04:07.0968 9184 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
    01:04:07.0968 9184 MarvinBus - ok
    01:04:08.0078 9184 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    01:04:08.0093 9184 MDM - ok
    01:04:08.0125 9184 [ 195741AEE20369980796B557358CD774 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
    01:04:08.0140 9184 mdmxsdk - ok
    01:04:08.0171 9184 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
    01:04:08.0234 9184 Messenger - ok
    01:04:08.0375 9184 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
    01:04:08.0375 9184 mnmdd - ok
    01:04:08.0390 9184 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
    01:04:08.0390 9184 mnmsrvc - ok
    01:04:08.0437 9184 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
    01:04:08.0437 9184 Modem - ok
    01:04:08.0468 9184 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
    01:04:08.0468 9184 Mouclass - ok
    01:04:08.0484 9184 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
    01:04:08.0484 9184 mouhid - ok
    01:04:08.0484 9184 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
    01:04:08.0500 9184 MountMgr - ok
    01:04:08.0671 9184 MpKsl5c047abb - ok
    01:04:08.0671 9184 mraid35x - ok
    01:04:08.0703 9184 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    01:04:08.0718 9184 MRxDAV - ok
    01:04:08.0875 9184 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    01:04:08.0875 9184 MRxSmb - ok
    01:04:08.0906 9184 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
    01:04:08.0906 9184 MSDTC - ok
    01:04:08.0921 9184 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
    01:04:08.0937 9184 Msfs - ok
    01:04:08.0937 9184 MSIServer - ok
    01:04:08.0984 9184 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
    01:04:08.0984 9184 MSKSSRV - ok
    01:04:09.0000 9184 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    01:04:09.0000 9184 MSPCLOCK - ok
    01:04:09.0015 9184 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
    01:04:09.0015 9184 MSPQM - ok
    01:04:09.0031 9184 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    01:04:09.0031 9184 mssmbios - ok
    01:04:09.0062 9184 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
    01:04:09.0062 9184 MSTEE - ok
    01:04:09.0140 9184 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
    01:04:09.0140 9184 Mup - ok
    01:04:09.0187 9184 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    01:04:09.0203 9184 NABTSFEC - ok
    01:04:09.0265 9184 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
    01:04:09.0281 9184 napagent - ok
    01:04:09.0328 9184 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
    01:04:09.0343 9184 NDIS - ok
    01:04:09.0406 9184 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    01:04:09.0421 9184 NdisIP - ok
    01:04:09.0437 9184 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    01:04:09.0453 9184 NdisTapi - ok
    01:04:09.0453 9184 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    01:04:09.0453 9184 Ndisuio - ok
    01:04:09.0500 9184 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    01:04:09.0500 9184 NdisWan - ok
    01:04:09.0515 9184 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
    01:04:09.0531 9184 NDProxy - ok
    01:04:09.0625 9184 [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    01:04:09.0640 9184 Nero BackItUp Scheduler 4.0 - ok
    01:04:09.0640 9184 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
    01:04:09.0640 9184 NetBIOS - ok
    01:04:09.0671 9184 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
    01:04:09.0687 9184 NetBT - ok
    01:04:09.0734 9184 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
    01:04:09.0750 9184 NetDDE - ok
    01:04:09.0750 9184 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
    01:04:09.0765 9184 NetDDEdsdm - ok
    01:04:09.0765 9184 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
    01:04:09.0781 9184 Netlogon - ok
    01:04:09.0781 9184 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
    01:04:09.0890 9184 Netman - ok
    01:04:09.0906 9184 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    01:04:09.0937 9184 NetTcpPortSharing - ok
    01:04:09.0968 9184 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
    01:04:10.0000 9184 Nla - ok
    01:04:10.0046 9184 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
    01:04:10.0062 9184 Npfs - ok
    01:04:10.0062 9184 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
    01:04:10.0078 9184 Ntfs - ok
    01:04:10.0078 9184 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
    01:04:10.0078 9184 NtLmSsp - ok
    01:04:10.0171 9184 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
    01:04:10.0218 9184 NtmsSvc - ok
    01:04:10.0234 9184 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
    01:04:10.0234 9184 Null - ok
    01:04:10.0359 9184 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    01:04:10.0359 9184 NwlnkFlt - ok
    01:04:10.0375 9184 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    01:04:10.0375 9184 NwlnkFwd - ok
    01:04:10.0515 9184 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    01:04:10.0515 9184 odserv - ok
    01:04:10.0546 9184 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    01:04:10.0546 9184 ose - ok
    01:04:10.0593 9184 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
    01:04:10.0609 9184 Parport - ok
    01:04:10.0625 9184 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
    01:04:10.0625 9184 PartMgr - ok
    01:04:10.0656 9184 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
    01:04:10.0656 9184 ParVdm - ok
    01:04:10.0671 9184 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
    01:04:10.0687 9184 PCI - ok
    01:04:10.0687 9184 PCIDump - ok
    01:04:10.0687 9184 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
    01:04:10.0687 9184 PCIIde - ok
    01:04:10.0796 9184 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
    01:04:10.0796 9184 Pcmcia - ok
    01:04:10.0812 9184 PDCOMP - ok
    01:04:10.0812 9184 PDFRAME - ok
    01:04:10.0812 9184 PDRELI - ok
    01:04:10.0828 9184 PDRFRAME - ok
    01:04:10.0828 9184 perc2 - ok
    01:04:10.0843 9184 perc2hib - ok
    01:04:10.0859 9184 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
    01:04:10.0859 9184 PlugPlay - ok
    01:04:10.0875 9184 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
    01:04:10.0875 9184 PolicyAgent - ok
    01:04:10.0875 9184 PPPoEWin - ok
    01:04:10.0906 9184 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
    01:04:10.0906 9184 PptpMiniport - ok
    01:04:10.0921 9184 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
    01:04:10.0921 9184 ProtectedStorage - ok
    01:04:10.0937 9184 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
    01:04:10.0953 9184 PSched - ok
    01:04:11.0000 9184 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
    01:04:11.0015 9184 Ptilink - ok
    01:04:11.0031 9184 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
    01:04:11.0062 9184 PxHelp20 - ok
    01:04:11.0062 9184 ql1080 - ok
    01:04:11.0062 9184 Ql10wnt - ok
    01:04:11.0078 9184 ql12160 - ok
    01:04:11.0078 9184 ql1240 - ok
    01:04:11.0078 9184 ql1280 - ok
    01:04:11.0109 9184 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
    01:04:11.0125 9184 RasAcd - ok
    01:04:11.0140 9184 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
    01:04:11.0171 9184 RasAuto - ok
    01:04:11.0171 9184 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    01:04:11.0171 9184 Rasl2tp - ok
    01:04:11.0187 9184 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
    01:04:11.0375 9184 RasMan - ok
    01:04:11.0421 9184 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    01:04:11.0421 9184 RasPppoe - ok
    01:04:11.0468 9184 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
    01:04:11.0484 9184 Raspti - ok
    01:04:11.0546 9184 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
    01:04:11.0640 9184 Rdbss - ok
    01:04:11.0703 9184 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    01:04:11.0703 9184 RDPCDD - ok
    01:04:11.0750 9184 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
    01:04:11.0796 9184 RDPWD - ok
    01:04:11.0843 9184 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
    01:04:11.0859 9184 RDSessMgr - ok
    01:04:11.0906 9184 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
    01:04:11.0906 9184 redbook - ok
    01:04:11.0921 9184 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
    01:04:11.0921 9184 RemoteAccess - ok
    01:04:12.0031 9184 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
    01:04:12.0062 9184 RpcLocator - ok
    01:04:12.0125 9184 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
    01:04:12.0125 9184 RpcSs - ok
    01:04:12.0171 9184 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
    01:04:12.0203 9184 RSVP - ok
    01:04:12.0265 9184 [ 6EBFBBF24FED8285928B825A46618F8A ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
    01:04:12.0296 9184 RTLE8023xp - ok
    01:04:12.0296 9184 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
    01:04:12.0296 9184 SamSs - ok
    01:04:12.0312 9184 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
    01:04:12.0343 9184 SCardSvr - ok
    01:04:12.0421 9184 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
    01:04:12.0437 9184 Schedule - ok
    01:04:13.0515 9184 [ 95AA9E165C7DE1B64A11E8B18E91E499 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
    01:04:13.0640 9184 SDScannerService - ok
    01:04:13.0812 9184 [ D31398D4BB4907B517B6E784C2100C4A ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
    01:04:13.0843 9184 SDUpdateService - ok
    01:04:13.0921 9184 [ 6AE8E702D1027A9627DDE2B77BB9992B ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
    01:04:13.0921 9184 SDWSCService - ok
    01:04:13.0953 9184 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
    01:04:13.0968 9184 Secdrv - ok
    01:04:14.0000 9184 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
    01:04:14.0015 9184 seclogon - ok
    01:04:14.0062 9184 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
    01:04:14.0078 9184 SENS - ok
    01:04:14.0109 9184 [ 95A26D5D8CEDA33377AF627DAFC2796F ] Sentinel C:\WINDOWS\System32\Drivers\SENTINEL.SYS
    01:04:14.0125 9184 Sentinel - ok
    01:04:14.0187 9184 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
    01:04:14.0187 9184 serenum - ok
    01:04:14.0203 9184 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
    01:04:14.0203 9184 Serial - ok
    01:04:14.0250 9184 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
    01:04:14.0265 9184 Sfloppy - ok
    01:04:14.0359 9184 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
    01:04:14.0406 9184 SharedAccess - ok
    01:04:14.0453 9184 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
    01:04:14.0453 9184 ShellHWDetection - ok
    01:04:14.0453 9184 Simbad - ok
    01:04:14.0609 9184 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
    01:04:14.0640 9184 SkypeUpdate - ok
    01:04:14.0687 9184 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
    01:04:14.0703 9184 SLIP - ok
    01:04:14.0703 9184 Sparrow - ok
    01:04:14.0750 9184 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
    01:04:14.0765 9184 splitter - ok
    01:04:14.0796 9184 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
    01:04:14.0812 9184 Spooler - ok
    01:04:14.0843 9184 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
    01:04:14.0859 9184 sr - ok
    01:04:14.0906 9184 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
    01:04:14.0921 9184 srservice - ok
    01:04:15.0000 9184 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
    01:04:15.0015 9184 Srv - ok
    01:04:15.0031 9184 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
    01:04:15.0062 9184 SSDPSRV - ok
    01:04:15.0062 9184 StarOpen - ok
    01:04:15.0109 9184 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
    01:04:15.0125 9184 stisvc - ok
    01:04:15.0156 9184 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    01:04:15.0156 9184 streamip - ok
    01:04:15.0171 9184 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
    01:04:15.0171 9184 swenum - ok
    01:04:15.0234 9184 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
    01:04:15.0234 9184 swmidi - ok
    01:04:15.0250 9184 SwPrv - ok
    01:04:15.0250 9184 symc810 - ok
    01:04:15.0265 9184 symc8xx - ok
    01:04:15.0265 9184 sym_hi - ok
    01:04:15.0265 9184 sym_u3 - ok
    01:04:15.0312 9184 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
    01:04:15.0328 9184 sysaudio - ok
    01:04:15.0375 9184 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
    01:04:15.0390 9184 SysmonLog - ok
    01:04:15.0421 9184 [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] taphss C:\WINDOWS\system32\DRIVERS\taphss.sys
    01:04:15.0437 9184 taphss - ok
    01:04:15.0468 9184 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
    01:04:15.0500 9184 TapiSrv - ok
    01:04:15.0593 9184 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
    01:04:15.0609 9184 Tcpip - ok
    01:04:15.0640 9184 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
    01:04:15.0656 9184 TDPIPE - ok
    01:04:15.0671 9184 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
    01:04:15.0687 9184 TDTCP - ok
    01:04:15.0703 9184 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
    01:04:15.0718 9184 TermDD - ok
    01:04:15.0796 9184 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
    01:04:15.0828 9184 TermService - ok
    01:04:15.0843 9184 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
    01:04:15.0859 9184 Themes - ok
    01:04:15.0859 9184 TosIde - ok
    01:04:15.0890 9184 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
    01:04:15.0906 9184 TrkWks - ok
    01:04:15.0921 9184 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
    01:04:15.0921 9184 Udfs - ok
    01:04:15.0937 9184 ultra - ok
    01:04:16.0000 9184 [ BB879DCFD22926EFBEB3298129898CBB ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
    01:04:16.0000 9184 UnlockerDriver5 - ok
    01:04:16.0062 9184 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
    01:04:16.0078 9184 Update - ok
    01:04:16.0140 9184 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
    01:04:16.0171 9184 upnphost - ok
    01:04:16.0187 9184 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
    01:04:16.0203 9184 UPS - ok
    01:04:16.0296 9184 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
    01:04:16.0312 9184 usbaudio - ok
    01:04:16.0343 9184 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    01:04:16.0343 9184 usbccgp - ok
    01:04:16.0406 9184 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
    01:04:16.0421 9184 usbehci - ok
    01:04:16.0453 9184 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
    01:04:16.0453 9184 usbhub - ok
    01:04:16.0500 9184 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
    01:04:16.0500 9184 usbprint - ok
    01:04:16.0531 9184 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
    01:04:16.0546 9184 usbscan - ok
    01:04:16.0593 9184 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    01:04:16.0593 9184 usbstor - ok
    01:04:16.0640 9184 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    01:04:16.0640 9184 usbuhci - ok
    01:04:16.0687 9184 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
    01:04:16.0703 9184 usbvideo - ok
    01:04:16.0750 9184 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
    01:04:16.0765 9184 VgaSave - ok
    01:04:16.0765 9184 ViaIde - ok
    01:04:16.0812 9184 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
    01:04:16.0812 9184 VolSnap - ok
    01:04:16.0875 9184 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
    01:04:16.0890 9184 VSS - ok
    01:04:16.0937 9184 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
    01:04:16.0968 9184 W32Time - ok
    01:04:16.0984 9184 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
    01:04:16.0984 9184 Wanarp - ok
    01:04:17.0000 9184 WDICA - ok
    01:04:17.0031 9184 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
    01:04:17.0046 9184 wdmaud - ok
    01:04:17.0093 9184 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
    01:04:17.0093 9184 WebClient - ok
    01:04:17.0203 9184 [ 1225EBEA76AAC3C84DF6C54FE5E5D8BE ] winachsf C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys
    01:04:18.0171 9184 winachsf - ok
    01:04:18.0921 9184 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
    01:04:18.0953 9184 winmgmt - ok
    01:04:19.0125 9184 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
    01:04:19.0671 9184 WinRM - ok
    01:04:19.0906 9184 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
    01:04:20.0000 9184 WmdmPmSN - ok
    01:04:20.0671 9184 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
    01:04:20.0703 9184 WmiApSrv - ok
    01:04:20.0937 9184 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
    01:04:20.0953 9184 WMPNetworkSvc - ok
    01:04:21.0000 9184 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
    01:04:21.0000 9184 WpdUsb - ok
    01:04:21.0218 9184 [ 120F3B596F79FC990B7D808857A8B3BC ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    01:04:21.0250 9184 WPFFontCache_v0400 - ok
    01:04:21.0281 9184 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
    01:04:21.0281 9184 WS2IFSL - ok
    01:04:21.0296 9184 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
    01:04:21.0296 9184 wscsvc - ok
    01:04:21.0328 9184 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    01:04:21.0328 9184 WSTCODEC - ok
    01:04:21.0343 9184 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
    01:04:21.0359 9184 wuauserv - ok
    01:04:21.0375 9184 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    01:04:21.0390 9184 WudfPf - ok
    01:04:21.0406 9184 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    01:04:21.0406 9184 WudfRd - ok
    01:04:21.0406 9184 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
    01:04:21.0421 9184 WudfSvc - ok
    01:04:21.0437 9184 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
    01:04:21.0453 9184 WZCSVC - ok
    01:04:21.0484 9184 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
    01:04:21.0500 9184 xmlprov - ok
    01:04:21.0515 9184 ================ Scan global ===============================
    01:04:21.0562 9184 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
    01:04:21.0640 9184 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
    01:04:21.0671 9184 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
    01:04:21.0703 9184 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
    01:04:21.0703 9184 [Global] - ok
    01:04:21.0703 9184 ================ Scan MBR ==================================
    01:04:21.0703 9184 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
    01:04:21.0718 9184 \Device\Harddisk0\DR0 - ok
    01:04:21.0734 9184 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
    01:04:30.0625 9184 \Device\Harddisk1\DR1 - ok
    01:04:30.0625 9184 ================ Scan VBR ==================================
    01:04:30.0625 9184 [ 4314789BB1482B84387BC54E94086D25 ] \Device\Harddisk0\DR0\Partition1
    01:04:30.0625 9184 \Device\Harddisk0\DR0\Partition1 - ok
    01:04:30.0640 9184 [ D8B475B5753DA72631577D7F66750E6E ] \Device\Harddisk0\DR0\Partition2
    01:04:30.0640 9184 \Device\Harddisk0\DR0\Partition2 - ok
    01:04:30.0671 9184 [ 96A5BFDB37207B900762E94D1495513F ] \Device\Harddisk1\DR1\Partition1
    01:04:30.0671 9184 \Device\Harddisk1\DR1\Partition1 - ok
    01:04:30.0687 9184 [ 413072DD2881799E527E686F1FF37D26 ] \Device\Harddisk1\DR1\Partition2
    01:04:30.0718 9184 \Device\Harddisk1\DR1\Partition2 - ok
    01:04:30.0734 9184 [ 185B5E6792C359249007C4A2D9824251 ] \Device\Harddisk1\DR1\Partition3
    01:04:30.0781 9184 \Device\Harddisk1\DR1\Partition3 - ok
    01:04:30.0781 9184 ============================================================
    01:04:30.0781 9184 Scan finished
    01:04:30.0781 9184 ============================================================
    01:04:30.0781 1664 Detected object count: 0
    01:04:30.0781 1664 Actual detected object count: 0

    Quick question: You said I am running two anti virus programs. I know I am running advast. Is Spybot the 2nd. Please excuse my ignorance.

    Thanks,
    pgbacal


    [

  4. #4
    Junior Member
    Join Date
    Aug 2013
    Posts
    8

    Default tdsskiller

    When I ran tdsskiller from my desktop it did not allow me to scan objects (the 2 boxes as shown in your image). It just had Start scan which I pressed

  5. #5
    Malware Team: Emeritus
    Join Date
    Oct 2012
    Posts
    246

    Default

    Hi pgbacal

    Quick question: You said I am running two anti virus programs. I know I am running advast. Is Spybot the 2nd. Please excuse my ignorance.
    From your log I see: Avast and AVG

    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    Feel free to ask everything

    Ok good!!

    Download Security Check by screen317 from here or here.
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


    Next

    AdwCleaner

    • Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.


    Next

    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.



    Next


    • Download RogueKiller and save it to your desktop.
    • Quit all other programs
    • Start RogueKiller.exe
    • Wait until the Prescan has finished ...
    • Click on Scan
    • Wait for the end of the scan
    • A report will be created on your desktop.
    • Click on the Delete button
    • Next click on the ShortcutsFix
    • another report will be created on your desktop.


    Please post: All RKreport.txt text files located on your desktop.

    On your next reply please post :
    • checkup.txt
    • AdwCleaner[S1].txt
    • JRT.txt
    • All RKreport.txt

    Let me know if you have any problems in performing with the steps above or any questions you may have.

    Good Day!
    - Proud Graduate of WTT Classroom -

    - Member of UNITE -

  6. #6
    Junior Member
    Join Date
    Aug 2013
    Posts
    8

    Default more problems

    I started following your instructions:

    and am posting the one I finished checkup.txt . I am unable to access the adwClearner. BUT
    the advclearner didn't work as you mentioned and afterwards, I could not access the drives on my computer via "My Computer". I rebooted and it was the same. Also when I reboot I get this message:

    "WINDOWS SECURIY ALERT
    Windows Explorer with 3 options: keep blocking / unblock / ask me later"

    I press "As Me Later"

    Below are the 2 reports that I finished (I am worried why I can't access my hard drives)

    Results of screen317's Security Check version 0.99.72
    Windows XP Service Pack 3 x86
    Internet Explorer 8
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    avast! Free Antivirus
    `````````Anti-malware/Other Utilities Check:`````````
    MVPS Hosts File
    Spybot - Search & Destroy
    Malwarebytes Anti-Malware version 1.75.0.1300
    CCleaner
    Wise Disk Cleaner 7.85
    Java(TM) 6 Update 45
    Java 7 Update 21
    Java version out of Date!
    Adobe Flash Player 11.7.700.224
    Adobe Reader 10.1.7 Adobe Reader out of Date!
    Google Chrome 28.0.1500.72
    Google Chrome 28.0.1500.95
    ````````Process Check: objlist.exe by Laurent````````
    Spybot Teatimer.exe is disabled!
    AVAST Software Avast AvastSvc.exe
    AVAST Software Avast avastUI.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C:: 7%
    ````````````````````End of Log``````````````````````







    TGH
    Quote Originally Posted by Robybel View Post
    Hi pgbacal

    From your log I see: Avast and AVG


    Feel free to ask everything

    Ok good!!

    Download Security Check by screen317 from here or here.
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


    Next

    AdwCleaner

    • Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.


    Next

    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.



    Next


    • Download RogueKiller and save it to your desktop.
    • Quit all other programs
    • Start RogueKiller.exe
    • Wait until the Prescan has finished ...
    • Click on Scan
    • Wait for the end of the scan
    • A report will be created on your desktop.
    • Click on the Delete button
    • Next click on the ShortcutsFix
    • another report will be created on your desktop.


    Please post: All RKreport.txt text files located on your desktop.

    On your next reply please post :
    • checkup.txt
    • AdwCleaner[S1].txt
    • JRT.txt
    • All RKreport.txt

    Let me know if you have any problems in performing with the steps above or any questions you may have.

    Good Day!

  7. #7
    Junior Member
    Join Date
    Aug 2013
    Posts
    8

    Default

    I wrote to you yesterday.

    I can not seem to remove AVG, and it doesn't appear as a running program.

    I dowloaded all the files you told me to \
    * checkup.txt
    * AdwCleaner[S1].txt
    * JRT.txt
    * All RKreport.txt

    BUT
    I ran checkup.txt. See below

    Results of screen317's Security Check version 0.99.72
    Windows XP Service Pack 3 x86
    Internet Explorer 8
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    avast! Free Antivirus
    `````````Anti-malware/Other Utilities Check:`````````
    MVPS Hosts File
    Spybot - Search & Destroy
    Malwarebytes Anti-Malware version 1.75.0.1300
    CCleaner
    Wise Disk Cleaner 7.85
    Java(TM) 6 Update 45
    Java 7 Update 21
    Java version out of Date!
    Adobe Flash Player 11.7.700.224
    Adobe Reader 10.1.7 Adobe Reader out of Date!
    Google Chrome 28.0.1500.72
    Google Chrome 28.0.1500.95
    ````````Process Check: objlist.exe by Laurent````````
    Spybot Teatimer.exe is disabled!
    AVAST Software Avast AvastSvc.exe
    AVAST Software Avast avastUI.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C:: 7%
    ````````````````````End of Log``````````````````````


    Next

    I tried running Adwcleaner, and it didn't work like you said and has created havoic with my computer. It takes forever to open "My computer" and now it isn't opening. It is extremely slow when I reboot. I can't access my C: drive so can't access the the file saved from Adwclearner . I can access my documents from inside a program (word)

    HELP... I feel worse off them before.

    I have not run the other two programs.

    SHOULD I TRY TORAN THE OTHER TWO PROGRAMS I thought I already answered you yesterday, but it doesn't seem to be on this thread.

    Please get back to me as soon as possible,


    Thanks,

    Pgbacal



    Quote Originally Posted by Robybel View Post
    Hi pgbacal

    From your log I see: Avast and AVG


    Feel free to ask everything

    Ok good!!

    Download Security Check by screen317 from here or here.
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


    Next

    AdwCleaner

    • Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.


    Next

    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.



    Next


    • Download RogueKiller and save it to your desktop.
    • Quit all other programs
    • Start RogueKiller.exe
    • Wait until the Prescan has finished ...
    • Click on Scan
    • Wait for the end of the scan
    • A report will be created on your desktop.
    • Click on the Delete button
    • Next click on the ShortcutsFix
    • another report will be created on your desktop.


    Please post: All RKreport.txt text files located on your desktop.

    On your next reply please post :
    • checkup.txt
    • AdwCleaner[S1].txt
    • JRT.txt
    • All RKreport.txt

    Let me know if you have any problems in performing with the steps above or any questions you may have.

    Good Day!

  8. #8
    Malware Team: Emeritus
    Join Date
    Oct 2012
    Posts
    246

    Default

    Hi pgbacal

    Ok I'm here

    Please read through these instructions to familarize yourself with what to expect when this tool runs

    Refer to the ComboFix User's Guide

    Download ComboFix from one of these locations:

    Link 1
    Link 2


    * IMPORTANT- Save ComboFix.exe to your Desktop

    ====================================================

    Disable your AntiVirus and AntiSpyware applications as they will interfere with our tools and the removal. If you are unsure how to do this, please refer to our sticky topic How to disable your security applications

    ====================================================


    Double click on ComboFix.exe & follow the prompts.

    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.





    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:





    Click on Yes, to continue scanning for malware.

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.



    On your next reply please post :
    • Combofix log

    Let me know if you have any problems in performing with the steps above or any questions you may have.

    Good Day!
    - Proud Graduate of WTT Classroom -

    - Member of UNITE -

  9. #9
    Junior Member
    Join Date
    Aug 2013
    Posts
    8

    Default AVG Free Anti Virus 2012

    I downloaded Combofix and tried running it. It said that I am running real time AVG Free Antivirus 2012. I can't find it to uninstall it in the Add/Delete of the Control Panel, so I did I search and still didn't find the actual program.

    How do I find this nuisance of a program and delete once and for all, so I can continue .

    I am in the middle fo Combofix so am waiting for a reply from you.

    Many thanks,

    Philippa

    Quote Originally Posted by Robybel View Post
    Hi pgbacal

    Ok I'm here

    Please read through these instructions to familarize yourself with what to expect when this tool runs

    Refer to the ComboFix User's Guide

    Download ComboFix from one of these locations:

    Link 1
    Link 2


    * IMPORTANT- Save ComboFix.exe to your Desktop

    ====================================================

    Disable your AntiVirus and AntiSpyware applications as they will interfere with our tools and the removal. If you are unsure how to do this, please refer to our sticky topic How to disable your security applications

    ====================================================


    Double click on ComboFix.exe & follow the prompts.

    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.





    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:





    Click on Yes, to continue scanning for malware.

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.



    On your next reply please post :
    • Combofix log

    Let me know if you have any problems in performing with the steps above or any questions you may have.

    Good Day!

  10. #10
    Malware Team: Emeritus
    Join Date
    Oct 2012
    Posts
    246

    Default

    Hi pgbacal

    Try this

    Unistall AVG

    Download AVG Remover: http://www.avg.com/ww-en/utilities
    Choose the version compatible with your OS
    Place the file on the Desktop
    Double-click on the tool to run
    restart the system
    - Proud Graduate of WTT Classroom -

    - Member of UNITE -

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •