Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Was in process of removing malware BUT stopped in process!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Was in process of removing malware BUT stopped in proces

Unread postby Cypher » March 16th, 2013, 12:22 pm

Hi,
Did you want the attach.txt or no?

Not at present.

  • Open Notepad, if you don't know how do the following.
  • Click Start > All programs > Accessories > Notepad.
  • Copy and Paste everything from the Code Box below into Notepad: (Do not include the word Code:)
    Code: Select all
    @Echo off
    pushd\windows\system32\drivers\etc
    attrib -h -s -r hosts
    echo 127.0.0.1 localhost>HOSTS
    attrib +r +h +s hosts
    popd
    ipconfig /release
    ipconfig /renew
    ipconfig /flushdns
    del %0
  • Go to File >> Save As.
  • Save File name as FixHosts.bat
  • Change Save as Type to All Files and save the file to your Desktop.
Now double click on the desktop FixHosts.bat to run the batch file. It will self-delete when completed.

Next.

Reboot your computer then post a new DDS log.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove

Re: Was in process of removing malware BUT stopped in proces

Unread postby TrucknMom2 » March 16th, 2013, 3:36 pm

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Owner at 14:05:19 on 2013-03-16
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.22 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\SupportSoft\bin\bcont.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\Owner\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Verizon\VSP\ServicepointService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Desktop Software] "c:\program files\common files\supportsoft\bin\bcont.exe" /ini "c:\program files\comcastui\desktop software\uinstaller.ini" /fromrun /starthidden
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Hoolapp Android] "c:\docume~1\owner\applic~1\hoolap~1\Hoolapp.exe" /Minimized
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
dRun: [Exetender] "c:\program files\free ride games\GPlayer.exe" /runonstartup
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\owner\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - <orphaned>
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupda ... 4589066690
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microso ... 1872922859
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/f ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{5E0D0766-8E3C-43B6-A7C7-3349999721D2} : DHCPNameServer = 75.75.75.75 75.75.76.76
Notify: igfxcui - igfxsrvc.dll
Notify: LMIinit - LMIinit.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\6ul3z8xi.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=ZUGO&form=ZGAADF&q=
FF - plugin: c:\documents and settings\owner\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\verizon\vsp\nprpspa.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
FF - ExtSQL: 2013-01-29 13:12; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
FF - ExtSQL: 2013-02-06 22:54; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\documents and settings\owner\application data\mozilla\firefox\profiles\6ul3z8xi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - ExtSQL: !HIDDEN! 2013-01-29 13:12; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2013-2-6 65848]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-11 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-3-5 361032]
R1 RapportCerberus_43926;RapportCerberus_43926;c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportcerberus\43926\RapportCerberus32_43926.sys [2012-10-30 272216]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2013-2-6 71480]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2013-2-6 166840]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-3-5 21256]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-3-5 44808]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2011-3-1 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2010-9-17 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2011-4-16 47640]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-3-13 398184]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-3-13 682344]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2013-2-6 976728]
R2 ServicepointService;ServicepointService;c:\program files\verizon\vsp\ServicepointService.exe [2010-12-5 668912]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-3-13 21104]
R3 RapportIaso;RapportIaso;c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\39624\RapportIaso.sys [2012-5-28 21520]
S2 X4HSEx;X4HSEx;\??\c:\program files\free ride games\x4hsex.sys --> c:\program files\free ride games\X4HSEx.Sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-3-15 40776]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
.
=============== Created Last 30 ================
.
2013-03-15 17:11:15 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-03-14 03:20:38 -------- d-----w- c:\documents and settings\owner\application data\Malwarebytes
2013-03-14 03:20:13 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2013-03-14 03:20:07 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-14 03:20:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-12 21:39:47 17887640 ----a-w- c:\program files\mozilla firefox\xul.dll
2013-03-12 21:38:10 96664 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe
2013-03-12 21:38:10 19352 ----a-w- c:\program files\mozilla firefox\xpcom.dll
2013-03-12 21:38:09 170232 ----a-w- c:\program files\mozilla firefox\webapp-uninstaller.exe
2013-03-12 21:38:08 272280 ----a-w- c:\program files\mozilla firefox\updater.exe
2013-03-12 21:38:03 865744 ----a-w- c:\program files\mozilla firefox\uninstall\helper.exe
2013-03-12 21:38:03 155544 ----a-w- c:\program files\mozilla firefox\ssl3.dll
2013-03-12 21:38:02 151960 ----a-w- c:\program files\mozilla firefox\softokn3.dll
2013-03-12 21:38:00 92056 ----a-w- c:\program files\mozilla firefox\smime3.dll
2013-03-12 21:36:53 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll
2013-03-12 21:36:52 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
2013-03-12 21:36:50 116120 ----a-w- c:\program files\mozilla firefox\crashreporter.exe
2013-03-12 21:36:49 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2013-03-12 21:36:35 74136 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll
2013-03-12 21:34:34 19352 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll
2013-03-04 14:36:53 -------- d-----w- c:\program files\ESET
2013-02-28 08:06:10 -------- d-----w- C:\_OTL
.
==================== Find3M ====================
.
2013-03-12 22:44:06 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-12 22:44:05 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-06 13:59:20 65848 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2013-02-05 20:05:47 916480 ----a-w- c:\windows\system32\wininet.dll
2013-02-05 20:05:46 43520 ------w- c:\windows\system32\licmgr10.dll
2013-02-05 20:05:46 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-02-05 05:53:57 385024 ------w- c:\windows\system32\html.iec
2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 01:16:02 2193024 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:36:58 2069760 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49:10 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll
.
============= FINISH: 14:06:50.06 ===============
TrucknMom2
Regular Member
 
Posts: 36
Joined: February 22nd, 2013, 9:03 pm

Re: Was in process of removing malware BUT stopped in proces

Unread postby Cypher » March 16th, 2013, 3:42 pm

Hi,
Good that looks better.
Today it seems to be NOT redirecting..but I haven't used it much..

Please use your computer for 24hrs or so, then let me know if any of your searches are redirected.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Was in process of removing malware BUT stopped in proces

Unread postby TrucknMom2 » March 16th, 2013, 4:09 pm

Will do...thanks so much!!
Happy St. Patty's Day to ya..going to go drink green beer :D
TrucknMom2
Regular Member
 
Posts: 36
Joined: February 22nd, 2013, 9:03 pm

Re: Was in process of removing malware BUT stopped in proces

Unread postby Cypher » March 16th, 2013, 4:12 pm

thanks so much!!

My pleasure.
Happy St. Patty's Day to ya

And to you to :)
Going to go drink green beer

Sounds like a good plan, enjoy ;) :D
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Was in process of removing malware BUT stopped in proces

Unread postby Cypher » March 18th, 2013, 6:12 am

Hi,
Cypher wrote:Please use your computer for 24hrs or so, then let me know if any of your searches are redirected.

Can you give me an update please, any more redirected searches?
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Was in process of removing malware BUT stopped in proces

Unread postby TrucknMom2 » March 18th, 2013, 6:22 am

Good Morning..
When I use Google I get redirected in my searches..here is what it says..hxxp://www.thesmartresult.org/s.php?key ... 31390ed8d5

I do know my sister was here trying to install my scanner and she downloaded IE as for some reason my computer didn't have it??? but that is when I believe all my problems started. I do know when I go to do 'set program access and default' Mozilla is not listed as my program and whatever is ..is not listed but always takes over.
Does that make sense?
TrucknMom2
Regular Member
 
Posts: 36
Joined: February 22nd, 2013, 9:03 pm

Re: Was in process of removing malware BUT stopped in proces

Unread postby Cypher » March 18th, 2013, 6:46 am

Hi,
When I use Google I get redirected in my searches.

Do the redirects happen in Internet Explorer, FireFox or both?
Let me know in your next reply.

Please download TDSSKiller and save it to your Desktop.

  • Double click TDSSKiller.exe to run it.
  • Under Additional Options check Verify file digital signatures
  • IMPORTANT: Ensure Detect TDLFS file system remains UNchecked.
  • Click Start scan and allow it to scan for Malicious objects.

    • If Malicious objects are detected, the default action will be Cure, ensure Cure is selected then click Continue
    • If suspicious objects are detected, the default action will be Skip, ensure Skip is selected then click Continue
    • If Unsigned files are detected, the default action will be Skip, ensure Skip is selected then click Continue

    DO NOT change the default actions.

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now and allow the computer to reboot.
  • A log will be created on your root (usually C:) drive. The log is like UtilityName.Version_Date_Time_log.txt.
    for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt.
  • If no reboot is required, click on Report. A log file should appear.
  • Please post the contents in your next reply
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Was in process of removing malware BUT stopped in proces

Unread postby TrucknMom2 » March 18th, 2013, 7:27 am

I do not have IE..redirects are when I'm using Firefox, as it is my internet connection.
I am not able to copy and paste that report for some reason. I can get the report highlighted but am not able to copy it by right clicking..hmmm therefore I am not able to post it here.
TrucknMom2
Regular Member
 
Posts: 36
Joined: February 22nd, 2013, 9:03 pm

Re: Was in process of removing malware BUT stopped in proces

Unread postby TrucknMom2 » March 18th, 2013, 7:34 am

I looked at the report details...I found this:

2 suspicious threats;
NET Driver HPZ12 (UnsignedFile.Multi.Generic)
Pml Driver HPZ12 (UnsignedFile.Multi.Generic)

and then at the bottom was:
skipped by user on both.
TrucknMom2
Regular Member
 
Posts: 36
Joined: February 22nd, 2013, 9:03 pm

Re: Was in process of removing malware BUT stopped in proces

Unread postby Cypher » March 18th, 2013, 7:36 am

Hi,
I am not able to copy and paste that report for some reason. I can get the report highlighted but am not able to copy it by right clicking

That's odd, try this.
To Copy the log Highlight it then hold 'Ctrl' + 'C'.
To Paste it, Click your mouse where you are replying, and then press 'Ctrl' + 'V'.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Was in process of removing malware BUT stopped in proces

Unread postby TrucknMom2 » March 18th, 2013, 7:43 am

06:09:50.0171 3072 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
06:09:52.0187 3072 ============================================================
06:09:52.0187 3072 Current date / time: 2013/03/18 06:09:52.0187
06:09:52.0187 3072 SystemInfo:
06:09:52.0187 3072
06:09:52.0187 3072 OS Version: 5.1.2600 ServicePack: 3.0
06:09:52.0187 3072 Product type: Workstation
06:09:52.0187 3072 ComputerName: HOMES-9448A7F3B
06:09:52.0234 3072 UserName: Owner
06:09:52.0234 3072 Windows directory: C:\WINDOWS
06:09:52.0234 3072 System windows directory: C:\WINDOWS
06:09:52.0234 3072 Processor architecture: Intel x86
06:09:52.0234 3072 Number of processors: 1
06:09:52.0234 3072 Page size: 0x1000
06:09:52.0234 3072 Boot type: Normal boot
06:09:52.0234 3072 ============================================================
06:09:58.0546 3072 Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
06:09:59.0046 3072 ============================================================
06:09:59.0046 3072 \Device\Harddisk0\DR0:
06:09:59.0203 3072 MBR partitions:
06:09:59.0203 3072 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
06:09:59.0203 3072 ============================================================
06:09:59.0500 3072 C: <-> \Device\Harddisk0\DR0\Partition1
06:09:59.0515 3072 ============================================================
06:09:59.0515 3072 Initialize success
06:09:59.0515 3072 ============================================================
06:12:07.0109 3928 ============================================================
06:12:07.0109 3928 Scan started
06:12:07.0109 3928 Mode: Manual; SigCheck;
06:12:07.0109 3928 ============================================================
06:12:08.0593 3928 ================ Scan system memory ========================
06:12:08.0656 3928 System memory - ok
06:12:08.0671 3928 ================ Scan services =============================
06:12:08.0890 3928 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
06:12:09.0625 3928 Aavmker4 - ok
06:12:09.0640 3928 Abiosdsk - ok
06:12:09.0656 3928 abp480n5 - ok
06:12:09.0703 3928 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
06:12:12.0031 3928 ACPI - ok
06:12:12.0078 3928 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
06:12:12.0515 3928 ACPIEC - ok
06:12:12.0593 3928 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
06:12:12.0687 3928 AdobeFlashPlayerUpdateSvc - ok
06:12:12.0703 3928 adpu160m - ok
06:12:12.0750 3928 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
06:12:13.0093 3928 aec - ok
06:12:13.0156 3928 [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc C:\WINDOWS\system32\drivers\Afc.sys
06:12:13.0234 3928 Afc - ok
06:12:13.0296 3928 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
06:12:13.0421 3928 AFD - ok
06:12:13.0437 3928 Aha154x - ok
06:12:13.0453 3928 aic78u2 - ok
06:12:13.0468 3928 aic78xx - ok
06:12:13.0515 3928 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
06:12:13.0781 3928 Alerter - ok
06:12:13.0796 3928 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
06:12:13.0953 3928 ALG - ok
06:12:13.0968 3928 AliIde - ok
06:12:13.0984 3928 amsint - ok
06:12:14.0000 3928 AppMgmt - ok
06:12:14.0015 3928 asc - ok
06:12:14.0031 3928 asc3350p - ok
06:12:14.0062 3928 asc3550 - ok
06:12:14.0156 3928 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
06:12:14.0265 3928 aspnet_state - ok
06:12:14.0281 3928 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
06:12:14.0359 3928 aswFsBlk - ok
06:12:14.0421 3928 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
06:12:14.0500 3928 aswMon2 - ok
06:12:14.0531 3928 [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
06:12:14.0578 3928 aswRdr - ok
06:12:14.0625 3928 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
06:12:14.0734 3928 aswSnx - ok
06:12:14.0796 3928 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
06:12:14.0859 3928 aswSP - ok
06:12:14.0906 3928 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
06:12:14.0968 3928 aswTdi - ok
06:12:15.0015 3928 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
06:12:15.0312 3928 AsyncMac - ok
06:12:15.0343 3928 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
06:12:15.0625 3928 atapi - ok
06:12:15.0656 3928 Atdisk - ok
06:12:15.0687 3928 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
06:12:15.0968 3928 Atmarpc - ok
06:12:16.0000 3928 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
06:12:16.0281 3928 AudioSrv - ok
06:12:16.0312 3928 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
06:12:16.0578 3928 audstub - ok
06:12:16.0656 3928 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
06:12:16.0718 3928 avast! Antivirus - ok
06:12:16.0765 3928 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
06:12:17.0031 3928 Beep - ok
06:12:17.0093 3928 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
06:12:17.0562 3928 BITS - ok
06:12:17.0609 3928 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
06:12:17.0734 3928 Browser - ok
06:12:17.0765 3928 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
06:12:18.0046 3928 cbidf2k - ok
06:12:18.0062 3928 cd20xrnt - ok
06:12:18.0093 3928 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
06:12:18.0390 3928 Cdaudio - ok
06:12:18.0437 3928 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
06:12:18.0734 3928 Cdfs - ok
06:12:18.0781 3928 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
06:12:19.0046 3928 Cdrom - ok
06:12:19.0062 3928 Changer - ok
06:12:19.0109 3928 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
06:12:19.0390 3928 CiSvc - ok
06:12:19.0421 3928 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
06:12:19.0687 3928 ClipSrv - ok
06:12:19.0750 3928 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:12:19.0921 3928 clr_optimization_v2.0.50727_32 - ok
06:12:19.0937 3928 CmdIde - ok
06:12:19.0953 3928 COMSysApp - ok
06:12:20.0000 3928 Cpqarray - ok
06:12:20.0046 3928 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
06:12:20.0359 3928 CryptSvc - ok
06:12:20.0359 3928 dac2w2k - ok
06:12:20.0390 3928 dac960nt - ok
06:12:20.0437 3928 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
06:12:20.0625 3928 DcomLaunch - ok
06:12:20.0656 3928 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
06:12:20.0937 3928 Dhcp - ok
06:12:20.0968 3928 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
06:12:21.0250 3928 Disk - ok
06:12:21.0265 3928 dmadmin - ok
06:12:21.0343 3928 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
06:12:21.0656 3928 dmboot - ok
06:12:21.0687 3928 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
06:12:22.0015 3928 dmio - ok
06:12:22.0046 3928 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
06:12:22.0312 3928 dmload - ok
06:12:22.0359 3928 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
06:12:22.0703 3928 dmserver - ok
06:12:22.0750 3928 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
06:12:23.0125 3928 DMusic - ok
06:12:23.0156 3928 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
06:12:23.0296 3928 Dnscache - ok
06:12:23.0328 3928 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
06:12:23.0734 3928 Dot3svc - ok
06:12:23.0765 3928 dpti2o - ok
06:12:23.0843 3928 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
06:12:24.0234 3928 drmkaud - ok
06:12:24.0296 3928 [ DE5D0CCCE14B774D4DE68E44C0D6D980 ] E1000 C:\WINDOWS\system32\DRIVERS\e1000325.sys
06:12:24.0390 3928 E1000 - ok
06:12:24.0437 3928 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
06:12:24.0781 3928 EapHost - ok
06:12:24.0828 3928 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
06:12:25.0187 3928 ERSvc - ok
06:12:25.0234 3928 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
06:12:25.0296 3928 Eventlog - ok
06:12:25.0359 3928 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
06:12:25.0468 3928 EventSystem - ok
06:12:25.0500 3928 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
06:12:25.0796 3928 Fastfat - ok
06:12:25.0828 3928 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
06:12:26.0000 3928 FastUserSwitchingCompatibility - ok
06:12:26.0015 3928 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
06:12:26.0343 3928 Fdc - ok
06:12:26.0375 3928 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
06:12:26.0718 3928 Fips - ok
06:12:26.0750 3928 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
06:12:27.0062 3928 Flpydisk - ok
06:12:27.0093 3928 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
06:12:27.0421 3928 FltMgr - ok
06:12:27.0500 3928 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
06:12:27.0562 3928 FontCache3.0.0.0 - ok
06:12:27.0593 3928 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
06:12:27.0859 3928 Fs_Rec - ok
06:12:27.0890 3928 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
06:12:28.0203 3928 Ftdisk - ok
06:12:28.0265 3928 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
06:12:28.0312 3928 GEARAspiWDM - ok
06:12:28.0390 3928 [ 360FC9E29EBCD7CB75320E2663EBA0F2 ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll
06:12:28.0437 3928 getPlusHelper - ok
06:12:28.0468 3928 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
06:12:28.0765 3928 Gpc - ok
06:12:28.0796 3928 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
06:12:29.0093 3928 helpsvc - ok
06:12:29.0125 3928 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
06:12:29.0406 3928 HidServ - ok
06:12:29.0453 3928 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
06:12:29.0703 3928 hidusb - ok
06:12:29.0734 3928 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
06:12:30.0031 3928 hkmsvc - ok
06:12:30.0046 3928 hpn - ok
06:12:30.0171 3928 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
06:12:31.0640 3928 hpqcxs08 - ok
06:12:31.0703 3928 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
06:12:31.0750 3928 hpqddsvc - ok
06:12:31.0781 3928 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
06:12:32.0062 3928 HPZid412 - ok
06:12:32.0078 3928 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
06:12:32.0250 3928 HPZipr12 - ok
06:12:32.0281 3928 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
06:12:32.0421 3928 HPZius12 - ok
06:12:32.0468 3928 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
06:12:32.0656 3928 HTTP - ok
06:12:32.0687 3928 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
06:12:33.0046 3928 HTTPFilter - ok
06:12:33.0062 3928 i2omgmt - ok
06:12:33.0093 3928 i2omp - ok
06:12:33.0140 3928 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
06:12:33.0453 3928 i8042prt - ok
06:12:33.0531 3928 [ 510A5E1CB84E82D4E89DFF3D96752048 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
06:12:33.0671 3928 ialm - ok
06:12:33.0796 3928 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
06:12:33.0953 3928 idsvc - ok
06:12:33.0984 3928 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
06:12:34.0265 3928 Imapi - ok
06:12:34.0296 3928 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
06:12:34.0593 3928 ImapiService - ok
06:12:34.0609 3928 ini910u - ok
06:12:34.0656 3928 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
06:12:34.0937 3928 IntelIde - ok
06:12:34.0984 3928 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
06:12:35.0281 3928 intelppm - ok
06:12:35.0312 3928 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
06:12:35.0593 3928 Ip6Fw - ok
06:12:35.0625 3928 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
06:12:35.0921 3928 IpFilterDriver - ok
06:12:35.0953 3928 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
06:12:36.0234 3928 IpInIp - ok
06:12:36.0281 3928 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
06:12:36.0578 3928 IpNat - ok
06:12:36.0812 3928 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
06:12:37.0078 3928 IPSec - ok
06:12:37.0125 3928 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
06:12:37.0250 3928 IRENUM - ok
06:12:37.0281 3928 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
06:12:37.0578 3928 isapnp - ok
06:12:37.0625 3928 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
06:12:37.0921 3928 Kbdclass - ok
06:12:37.0953 3928 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
06:12:38.0250 3928 kbdhid - ok
06:12:38.0281 3928 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
06:12:38.0562 3928 kmixer - ok
06:12:38.0593 3928 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
06:12:38.0750 3928 KSecDD - ok
06:12:38.0781 3928 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
06:12:38.0906 3928 LanmanServer - ok
06:12:38.0953 3928 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
06:12:39.0140 3928 lanmanworkstation - ok
06:12:39.0156 3928 lbrtfdc - ok
06:12:39.0218 3928 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
06:12:39.0531 3928 LmHosts - ok
06:12:39.0609 3928 [ 16B08BB43AED8B39D41D6796A607544F ] LMIGuardianSvc C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
06:12:39.0671 3928 LMIGuardianSvc - ok
06:12:39.0687 3928 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys
06:12:39.0750 3928 LMIInfo - ok
06:12:39.0812 3928 [ 039B9E1C04061BE5455A00481EE2B3FB ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe
06:12:39.0859 3928 LMIMaint - ok
06:12:39.0906 3928 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys
06:12:39.0984 3928 lmimirr - ok
06:12:40.0015 3928 LMIRfsClientNP - ok
06:12:40.0046 3928 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
06:12:40.0109 3928 LMIRfsDriver - ok
06:12:40.0156 3928 [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe
06:12:40.0250 3928 LogMeIn - ok
06:12:40.0296 3928 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
06:12:40.0343 3928 MBAMProtector - ok
06:12:40.0406 3928 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
06:12:40.0531 3928 MBAMScheduler - ok
06:12:40.0593 3928 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
06:12:40.0718 3928 MBAMService - ok
06:12:40.0750 3928 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
06:12:40.0796 3928 MBAMSwissArmy - ok
06:12:40.0828 3928 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
06:12:41.0140 3928 Messenger - ok
06:12:41.0156 3928 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
06:12:41.0453 3928 mnmdd - ok
06:12:41.0500 3928 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
06:12:41.0781 3928 mnmsrvc - ok
06:12:41.0843 3928 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
06:12:42.0156 3928 Modem - ok
06:12:42.0234 3928 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
06:12:42.0562 3928 Mouclass - ok
06:12:42.0625 3928 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
06:12:42.0875 3928 mouhid - ok
06:12:42.0921 3928 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
06:12:43.0250 3928 MountMgr - ok
06:12:43.0437 3928 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
06:12:43.0500 3928 MozillaMaintenance - ok
06:12:43.0515 3928 mraid35x - ok
06:12:43.0562 3928 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
06:12:43.0906 3928 MRxDAV - ok
06:12:44.0031 3928 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
06:12:44.0187 3928 MRxSmb - ok
06:12:44.0234 3928 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
06:12:44.0531 3928 MSDTC - ok
06:12:44.0578 3928 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
06:12:44.0906 3928 Msfs - ok
06:12:44.0953 3928 MSIServer - ok
06:12:45.0031 3928 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
06:12:45.0359 3928 MSKSSRV - ok
06:12:45.0421 3928 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
06:12:45.0750 3928 MSPCLOCK - ok
06:12:45.0796 3928 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
06:12:46.0156 3928 MSPQM - ok
06:12:46.0218 3928 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
06:12:46.0500 3928 mssmbios - ok
06:12:46.0593 3928 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
06:12:46.0734 3928 Mup - ok
06:12:46.0859 3928 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
06:12:47.0187 3928 napagent - ok
06:12:47.0234 3928 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
06:12:47.0500 3928 NDIS - ok
06:12:47.0531 3928 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
06:12:47.0593 3928 NdisTapi - ok
06:12:47.0640 3928 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
06:12:47.0953 3928 Ndisuio - ok
06:12:47.0984 3928 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
06:12:48.0265 3928 NdisWan - ok
06:12:48.0312 3928 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
06:12:48.0406 3928 NDProxy - ok
06:12:48.0453 3928 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
06:12:48.0515 3928 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
06:12:48.0515 3928 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
06:12:48.0546 3928 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
06:12:48.0843 3928 NetBIOS - ok
06:12:48.0875 3928 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
06:12:49.0125 3928 NetBT - ok
06:12:49.0171 3928 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
06:12:49.0484 3928 NetDDE - ok
06:12:49.0500 3928 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
06:12:49.0781 3928 NetDDEdsdm - ok
06:12:49.0812 3928 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
06:12:50.0078 3928 Netlogon - ok
06:12:50.0125 3928 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
06:12:50.0421 3928 Netman - ok
06:12:50.0484 3928 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
06:12:50.0546 3928 NetTcpPortSharing - ok
06:12:50.0593 3928 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
06:12:50.0671 3928 Nla - ok
06:12:50.0687 3928 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
06:12:50.0984 3928 Npfs - ok
06:12:51.0046 3928 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
06:12:51.0328 3928 Ntfs - ok
06:12:51.0343 3928 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
06:12:51.0625 3928 NtLmSsp - ok
06:12:51.0671 3928 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
06:12:51.0968 3928 NtmsSvc - ok
06:12:52.0000 3928 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
06:12:52.0265 3928 Null - ok
06:12:52.0312 3928 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
06:12:52.0578 3928 NwlnkFlt - ok
06:12:52.0609 3928 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
06:12:52.0859 3928 NwlnkFwd - ok
06:12:52.0921 3928 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
06:12:53.0187 3928 NwlnkIpx - ok
06:12:53.0234 3928 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
06:12:53.0500 3928 NwlnkNb - ok
06:12:53.0531 3928 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
06:12:53.0796 3928 NwlnkSpx - ok
06:12:53.0890 3928 [ 4B83FCBBE72AF5F99D109798653E8B78 ] NwSapAgent C:\WINDOWS\System32\ipxsap.dll
06:12:54.0171 3928 NwSapAgent - ok
06:12:54.0265 3928 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:12:54.0312 3928 ose - ok
06:12:54.0359 3928 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
06:12:54.0656 3928 Parport - ok
06:12:54.0687 3928 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
06:12:54.0953 3928 PartMgr - ok
06:12:55.0000 3928 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
06:12:55.0250 3928 ParVdm - ok
06:12:55.0281 3928 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
06:12:55.0546 3928 PCI - ok
06:12:55.0562 3928 PCIDump - ok
06:12:55.0609 3928 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys
06:12:55.0875 3928 PCIIde - ok
06:12:55.0906 3928 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
06:12:56.0187 3928 Pcmcia - ok
06:12:56.0218 3928 PDCOMP - ok
06:12:56.0234 3928 PDFRAME - ok
06:12:56.0250 3928 PDRELI - ok
06:12:56.0281 3928 PDRFRAME - ok
06:12:56.0312 3928 perc2 - ok
06:12:56.0328 3928 perc2hib - ok
06:12:56.0406 3928 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
06:12:56.0468 3928 PlugPlay - ok
06:12:56.0500 3928 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
06:12:56.0593 3928 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
06:12:56.0593 3928 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
06:12:56.0625 3928 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
06:12:56.0906 3928 PolicyAgent - ok
06:12:56.0937 3928 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
06:12:57.0218 3928 PptpMiniport - ok
06:12:57.0250 3928 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
06:12:57.0515 3928 ProtectedStorage - ok
06:12:57.0562 3928 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
06:12:57.0828 3928 PSched - ok
06:12:57.0859 3928 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
06:12:58.0109 3928 Ptilink - ok
06:12:58.0125 3928 ql1080 - ok
06:12:58.0140 3928 Ql10wnt - ok
06:12:58.0171 3928 ql12160 - ok
06:12:58.0187 3928 ql1240 - ok
06:12:58.0203 3928 ql1280 - ok
06:12:58.0328 3928 [ 3AF684252780CF87DC2809F85B8F7591 ] RapportCerberus_43926 C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys
06:12:58.0390 3928 RapportCerberus_43926 - ok
06:12:58.0437 3928 [ DE5B3962B8D5C75F47A689FF79E5C592 ] RapportEI C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
06:12:58.0484 3928 RapportEI - ok
06:12:58.0562 3928 [ 35199EC35EDC7DCBA71FDA711DFB05C0 ] RapportIaso c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\39624\rapportiaso.sys
06:12:58.0625 3928 RapportIaso - ok
06:12:58.0671 3928 [ E652FDF1D24AFE247C75FC4F5AE32B5A ] RapportKELL C:\WINDOWS\system32\Drivers\RapportKELL.sys
06:12:58.0703 3928 RapportKELL - ok
06:12:58.0781 3928 [ F2FA542F21CFD86ECD757F9E68C7C4B8 ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
06:12:58.0953 3928 RapportMgmtService - ok
06:12:58.0984 3928 [ 53FE93EE7A4A8C36641BFF5C05E20573 ] RapportPG C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
06:12:59.0031 3928 RapportPG - ok
06:12:59.0062 3928 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
06:12:59.0296 3928 RasAcd - ok
06:12:59.0343 3928 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
06:12:59.0625 3928 RasAuto - ok
06:12:59.0656 3928 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
06:12:59.0921 3928 Rasl2tp - ok
06:12:59.0968 3928 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
06:13:00.0250 3928 RasMan - ok
06:13:00.0296 3928 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
06:13:00.0609 3928 RasPppoe - ok
06:13:00.0625 3928 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
06:13:00.0890 3928 Raspti - ok
06:13:00.0921 3928 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
06:13:01.0171 3928 Rdbss - ok
06:13:01.0203 3928 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
06:13:01.0484 3928 RDPCDD - ok
06:13:01.0546 3928 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
06:13:01.0640 3928 RDPWD - ok
06:13:01.0687 3928 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
06:13:01.0953 3928 RDSessMgr - ok
06:13:01.0968 3928 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
06:13:02.0234 3928 redbook - ok
06:13:02.0296 3928 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
06:13:02.0546 3928 RemoteAccess - ok
06:13:02.0609 3928 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
06:13:02.0890 3928 ROOTMODEM - ok
06:13:02.0921 3928 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
06:13:03.0203 3928 RpcLocator - ok
06:13:03.0250 3928 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
06:13:03.0359 3928 RpcSs - ok
06:13:03.0375 3928 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
06:13:03.0671 3928 RSVP - ok
06:13:03.0703 3928 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
06:13:03.0953 3928 SamSs - ok
06:13:04.0000 3928 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
06:13:04.0281 3928 SCardSvr - ok
06:13:04.0343 3928 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
06:13:04.0796 3928 Schedule - ok
06:13:04.0843 3928 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
06:13:04.0968 3928 Secdrv - ok
06:13:05.0000 3928 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
06:13:05.0281 3928 seclogon - ok
06:13:05.0343 3928 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys
06:13:05.0468 3928 senfilt - ok
06:13:05.0500 3928 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
06:13:05.0765 3928 SENS - ok
06:13:05.0781 3928 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
06:13:06.0062 3928 serenum - ok
06:13:06.0109 3928 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
06:13:06.0375 3928 Serial - ok
06:13:06.0515 3928 [ C9CCB7FC0B0C1117BB7ABE79B3A3C5F3 ] ServicepointService C:\Program Files\Verizon\VSP\ServicepointService.exe
06:13:06.0640 3928 ServicepointService - ok
06:13:06.0656 3928 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
06:13:06.0937 3928 Sfloppy - ok
06:13:06.0984 3928 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
06:13:07.0296 3928 SharedAccess - ok
06:13:07.0328 3928 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
06:13:07.0390 3928 ShellHWDetection - ok
06:13:07.0406 3928 Simbad - ok
06:13:07.0468 3928 [ C6D9959E493682F872A639B6EC1B4A08 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
06:13:07.0578 3928 smwdm - ok
06:13:07.0593 3928 Sparrow - ok
06:13:07.0640 3928 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
06:13:07.0953 3928 splitter - ok
06:13:08.0015 3928 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
06:13:08.0109 3928 Spooler - ok
06:13:08.0156 3928 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
06:13:08.0296 3928 sr - ok
06:13:08.0328 3928 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
06:13:08.0468 3928 srservice - ok
06:13:08.0515 3928 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
06:13:08.0609 3928 Srv - ok
06:13:08.0656 3928 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
06:13:08.0812 3928 SSDPSRV - ok
06:13:08.0843 3928 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
06:13:09.0062 3928 StillCam - ok
06:13:09.0125 3928 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
06:13:09.0453 3928 stisvc - ok
06:13:09.0484 3928 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
06:13:09.0750 3928 swenum - ok
06:13:09.0796 3928 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
06:13:10.0046 3928 swmidi - ok
06:13:10.0062 3928 SwPrv - ok
06:13:10.0093 3928 symc810 - ok
06:13:10.0109 3928 symc8xx - ok
06:13:10.0140 3928 sym_hi - ok
06:13:10.0156 3928 sym_u3 - ok
06:13:10.0218 3928 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
06:13:10.0500 3928 sysaudio - ok
06:13:10.0531 3928 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
06:13:10.0812 3928 SysmonLog - ok
06:13:10.0843 3928 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
06:13:11.0156 3928 TapiSrv - ok
06:13:11.0218 3928 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
06:13:11.0296 3928 Tcpip - ok
06:13:11.0343 3928 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
06:13:11.0609 3928 TDPIPE - ok
06:13:11.0640 3928 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
06:13:11.0906 3928 TDTCP - ok
06:13:11.0937 3928 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
06:13:12.0203 3928 TermDD - ok
06:13:12.0234 3928 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
06:13:12.0515 3928 TermService - ok
06:13:12.0546 3928 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
06:13:12.0625 3928 Themes - ok
06:13:12.0640 3928 TosIde - ok
06:13:12.0656 3928 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
06:13:12.0968 3928 TrkWks - ok
06:13:13.0031 3928 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
06:13:13.0296 3928 Udfs - ok
06:13:13.0328 3928 ultra - ok
06:13:13.0390 3928 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
06:13:13.0671 3928 Update - ok
06:13:13.0718 3928 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
06:13:13.0875 3928 upnphost - ok
06:13:13.0906 3928 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
06:13:14.0171 3928 UPS - ok
06:13:14.0203 3928 USBAAPL - ok
06:13:14.0234 3928 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
06:13:14.0515 3928 usbccgp - ok
06:13:14.0562 3928 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
06:13:14.0828 3928 usbehci - ok
06:13:14.0875 3928 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
06:13:15.0156 3928 usbhub - ok
06:13:15.0171 3928 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
06:13:15.0437 3928 usbprint - ok
06:13:15.0468 3928 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
06:13:15.0750 3928 usbscan - ok
06:13:15.0812 3928 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
06:13:16.0093 3928 USBSTOR - ok
06:13:16.0125 3928 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
06:13:16.0390 3928 usbuhci - ok
06:13:16.0437 3928 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
06:13:16.0687 3928 VgaSave - ok
06:13:16.0718 3928 ViaIde - ok
06:13:16.0765 3928 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
06:13:17.0046 3928 VolSnap - ok
06:13:17.0093 3928 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
06:13:17.0281 3928 VSS - ok
06:13:17.0328 3928 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
06:13:17.0609 3928 W32Time - ok
06:13:17.0656 3928 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
06:13:17.0937 3928 Wanarp - ok
06:13:17.0968 3928 WDICA - ok
06:13:18.0000 3928 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
06:13:18.0250 3928 wdmaud - ok
06:13:18.0296 3928 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
06:13:18.0593 3928 WebClient - ok
06:13:18.0656 3928 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
06:13:18.0937 3928 winmgmt - ok
06:13:19.0015 3928 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
06:13:19.0109 3928 WmdmPmSN - ok
06:13:19.0171 3928 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
06:13:19.0437 3928 WmiApSrv - ok
06:13:19.0531 3928 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
06:13:19.0640 3928 WMPNetworkSvc - ok
06:13:19.0687 3928 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
06:13:20.0015 3928 wscsvc - ok
06:13:20.0062 3928 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
06:13:20.0359 3928 wuauserv - ok
06:13:20.0406 3928 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
06:13:20.0468 3928 WudfPf - ok
06:13:20.0500 3928 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
06:13:20.0546 3928 WudfRd - ok
06:13:20.0593 3928 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
06:13:20.0656 3928 WudfSvc - ok
06:13:20.0703 3928 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
06:13:21.0000 3928 WZCSVC - ok
06:13:21.0031 3928 X4HSEx - ok
06:13:21.0062 3928 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
06:13:21.0359 3928 xmlprov - ok
06:13:21.0359 3928 ================ Scan global ===============================
06:13:21.0421 3928 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
06:13:21.0468 3928 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
06:13:21.0515 3928 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
06:13:21.0562 3928 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
06:13:21.0578 3928 [Global] - ok
06:13:21.0578 3928 ================ Scan MBR ==================================
06:13:21.0593 3928 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
06:13:21.0765 3928 \Device\Harddisk0\DR0 - ok
06:13:21.0765 3928 ================ Scan VBR ==================================
06:13:21.0781 3928 [ 790B4F9AAD3DDD69594125D90CAC70A6 ] \Device\Harddisk0\DR0\Partition1
06:13:21.0781 3928 \Device\Harddisk0\DR0\Partition1 - ok
06:13:21.0781 3928 ============================================================
06:13:21.0781 3928 Scan finished
06:13:21.0781 3928 ============================================================
06:13:21.0906 3152 Detected object count: 2
06:13:21.0906 3152 Actual detected object count: 2
06:14:07.0906 3152 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
06:14:07.0906 3152 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:14:07.0906 3152 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
06:14:07.0906 3152 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
TrucknMom2
Regular Member
 
Posts: 36
Joined: February 22nd, 2013, 9:03 pm

Re: Was in process of removing malware BUT stopped in proces

Unread postby Cypher » March 18th, 2013, 7:47 am

Ok nothing of concern there.
redirects are when I'm using Firefox

Try running FireFox with add-ons disabled, then let me know if you get any redirected searches.

In the FireFox Browser, go to Help > Restart with Add-ons Disabled > Restart.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Was in process of removing malware BUT stopped in proces

Unread postby TrucknMom2 » March 18th, 2013, 8:27 am

Not sure about this..I disabled 'add-on's' restarted..then tried google again but the search bar flashed 'livesearch' then showed numbers as it directed to a new list of pages..
TrucknMom2
Regular Member
 
Posts: 36
Joined: February 22nd, 2013, 9:03 pm

Re: Was in process of removing malware BUT stopped in proces

Unread postby Cypher » March 18th, 2013, 11:43 am

Hi,
Lets reset FireFox, do the following then give me another update.
In the FireFiox browser click Help > Troubleshooting information > Reset FireFox.
In the pop-up window click Reset FireFox again.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 303 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware