Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to Use Google/Bing (Redirected to Ads)


  • Please log in to reply
13 replies to this topic

#1 ashleyand

ashleyand

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 27 March 2012 - 07:55 PM

I had a virus two days ago that would not allow me to access my computer. Whenever I turned it on, it would take me to a fake desktop with a "System Check" scanning my computer and asking for my credit card. I researched online and was able to do a System Restore Point back to March 5th. I thought this removed the virus because I was finally able to logged on to my computer and see my desktop. Unfortunately, ALL of my files and pictures had been deleted and a few of my programs also. I tried running Malware Bites but it couldn't find anything. Consequently, I did an online ETST scan which found a trojan virus. I also used avast which claimed to get rid of another virus. I then downloaded Spybot which removed both Trojan Viruses and adware/malware. I''ve also tried cleaning with CCleaner. I thought this would be the end of my problems but unfortunately I cannot use google or any other search service because when I click on a link it redirects me to an add or reloads the same google search. I have tried everything but have come up unsuccessful.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:30 AM

Posted 27 March 2012 - 08:46 PM

You should not have used CCLEANER

Press Windows+R key and type

%temp% and click ok

if you have a folder called SMTMP, copy it to a safe location

Download UNHIDE

http://www.bleepingcomputer.com/download/anti-virus/unhide

Allow it to run,it should restore your files

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Restart the PC

Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Edited by narenxp, 27 March 2012 - 08:47 PM.


#3 ashleyand

ashleyand
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 28 March 2012 - 12:37 AM

After the TDSSkiller, should i click continue with the cure option for the rootkit.boot and the skip option for the TDSS file system or just exit out?

here's the log:
01:31:56.0156 2608 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
01:31:57.0000 2608 ============================================================
01:31:57.0000 2608 Current date / time: 2012/03/28 01:31:57.0000
01:31:57.0000 2608 SystemInfo:
01:31:57.0000 2608
01:31:57.0000 2608 OS Version: 5.1.2600 ServicePack: 3.0
01:31:57.0000 2608 Product type: Workstation
01:31:57.0000 2608 ComputerName: SBCNAZ
01:31:57.0000 2608 UserName: naz
01:31:57.0000 2608 Windows directory: C:\WINDOWS
01:31:57.0000 2608 System windows directory: C:\WINDOWS
01:31:57.0000 2608 Processor architecture: Intel x86
01:31:57.0000 2608 Number of processors: 2
01:31:57.0000 2608 Page size: 0x1000
01:31:57.0000 2608 Boot type: Normal boot
01:31:57.0000 2608 ============================================================
01:31:57.0546 2608 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
01:31:57.0546 2608 \Device\Harddisk0\DR0:
01:31:57.0546 2608 MBR used
01:31:57.0546 2608 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3B10, BlocksNum 0x12A14C00
01:31:57.0593 2608 Initialize success
01:31:57.0593 2608 ============================================================
01:32:10.0671 2756 ============================================================
01:32:10.0671 2756 Scan started
01:32:10.0671 2756 Mode: Manual; TDLFS;
01:32:10.0671 2756 ============================================================
01:32:10.0906 2756 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
01:32:10.0921 2756 Aavmker4 - ok
01:32:10.0921 2756 Abiosdsk - ok
01:32:10.0968 2756 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
01:32:10.0968 2756 abp480n5 - ok
01:32:11.0000 2756 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:32:11.0000 2756 ACPI - ok
01:32:11.0015 2756 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
01:32:11.0015 2756 ACPIEC - ok
01:32:11.0062 2756 ADIHdAudAddService (beee84a79710f705864685b05f1bb172) C:\WINDOWS\system32\drivers\ADIHdAud.sys
01:32:11.0062 2756 ADIHdAudAddService - ok
01:32:11.0093 2756 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
01:32:11.0109 2756 adpu160m - ok
01:32:11.0140 2756 AEAudioService (358063ab6c1c4173b735525cdfa65f94) C:\WINDOWS\system32\drivers\AEAudio.sys
01:32:11.0140 2756 AEAudioService - ok
01:32:11.0187 2756 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
01:32:11.0187 2756 aec - ok
01:32:11.0218 2756 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
01:32:11.0218 2756 AFD - ok
01:32:11.0250 2756 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
01:32:11.0250 2756 agp440 - ok
01:32:11.0265 2756 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
01:32:11.0265 2756 agpCPQ - ok
01:32:11.0281 2756 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
01:32:11.0281 2756 Aha154x - ok
01:32:11.0312 2756 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
01:32:11.0312 2756 aic78u2 - ok
01:32:11.0328 2756 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
01:32:11.0328 2756 aic78xx - ok
01:32:11.0359 2756 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
01:32:11.0359 2756 Alerter - ok
01:32:11.0390 2756 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
01:32:11.0390 2756 ALG - ok
01:32:11.0406 2756 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
01:32:11.0421 2756 AliIde - ok
01:32:11.0437 2756 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
01:32:11.0437 2756 alim1541 - ok
01:32:11.0453 2756 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
01:32:11.0453 2756 amdagp - ok
01:32:11.0468 2756 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
01:32:11.0468 2756 amsint - ok
01:32:11.0500 2756 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:32:11.0500 2756 Apple Mobile Device - ok
01:32:11.0531 2756 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
01:32:11.0531 2756 AppMgmt - ok
01:32:11.0546 2756 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
01:32:11.0546 2756 asc - ok
01:32:11.0562 2756 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
01:32:11.0562 2756 asc3350p - ok
01:32:11.0578 2756 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
01:32:11.0578 2756 asc3550 - ok
01:32:11.0656 2756 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
01:32:11.0671 2756 aspnet_state - ok
01:32:11.0750 2756 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
01:32:11.0750 2756 aswFsBlk - ok
01:32:11.0765 2756 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
01:32:11.0765 2756 aswMon2 - ok
01:32:11.0781 2756 AswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\AswRdr.sys
01:32:11.0781 2756 AswRdr - ok
01:32:11.0859 2756 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
01:32:11.0875 2756 aswSnx - ok
01:32:11.0906 2756 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
01:32:11.0921 2756 aswSP - ok
01:32:11.0953 2756 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
01:32:11.0953 2756 aswTdi - ok
01:32:12.0000 2756 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:32:12.0000 2756 AsyncMac - ok
01:32:12.0046 2756 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
01:32:12.0046 2756 atapi - ok
01:32:12.0062 2756 Atdisk - ok
01:32:12.0109 2756 Ati HotKey Poller (46e2dac60303e69e1884daf20c9d027c) C:\WINDOWS\system32\Ati2evxx.exe
01:32:12.0125 2756 Ati HotKey Poller - ok
01:32:12.0250 2756 ati2mtag (2b6f1b90dd34910f329b5a655140032b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
01:32:12.0312 2756 ati2mtag - ok
01:32:12.0359 2756 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:32:12.0359 2756 Atmarpc - ok
01:32:12.0390 2756 atmeltpm (dbf0d7e2df33b469eb55406fea759350) C:\WINDOWS\system32\DRIVERS\atmeltpm.sys
01:32:12.0390 2756 atmeltpm - ok
01:32:12.0437 2756 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
01:32:12.0437 2756 AudioSrv - ok
01:32:12.0468 2756 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
01:32:12.0468 2756 audstub - ok
01:32:12.0531 2756 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
01:32:12.0531 2756 avast! Antivirus - ok
01:32:12.0562 2756 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
01:32:12.0562 2756 Beep - ok
01:32:12.0609 2756 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
01:32:12.0625 2756 BITS - ok
01:32:12.0656 2756 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
01:32:12.0656 2756 Browser - ok
01:32:12.0687 2756 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
01:32:12.0703 2756 cbidf - ok
01:32:12.0703 2756 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
01:32:12.0703 2756 cbidf2k - ok
01:32:12.0750 2756 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
01:32:12.0750 2756 CCDECODE - ok
01:32:12.0859 2756 CcmExec (15434423b77f80036c71205a240c1507) C:\WINDOWS\system32\CCM\CcmExec.exe
01:32:12.0875 2756 CcmExec - ok
01:32:12.0921 2756 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
01:32:12.0921 2756 cd20xrnt - ok
01:32:12.0953 2756 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
01:32:12.0953 2756 Cdaudio - ok
01:32:13.0000 2756 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
01:32:13.0000 2756 Cdfs - ok
01:32:13.0015 2756 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:32:13.0015 2756 Cdrom - ok
01:32:13.0046 2756 Changer - ok
01:32:13.0078 2756 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
01:32:13.0078 2756 CiSvc - ok
01:32:13.0093 2756 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
01:32:13.0109 2756 ClipSrv - ok
01:32:13.0171 2756 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:32:13.0171 2756 clr_optimization_v2.0.50727_32 - ok
01:32:13.0218 2756 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
01:32:13.0218 2756 CmBatt - ok
01:32:13.0250 2756 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
01:32:13.0250 2756 CmdIde - ok
01:32:13.0281 2756 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
01:32:13.0281 2756 Compbatt - ok
01:32:13.0281 2756 COMSysApp - ok
01:32:13.0312 2756 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
01:32:13.0312 2756 Cpqarray - ok
01:32:13.0343 2756 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
01:32:13.0343 2756 CryptSvc - ok
01:32:13.0359 2756 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
01:32:13.0375 2756 dac2w2k - ok
01:32:13.0375 2756 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
01:32:13.0390 2756 dac960nt - ok
01:32:13.0406 2756 DC21x4 (bb005cb49d0638039703ac4f67fe0a05) C:\WINDOWS\system32\DRIVERS\dc21x4.sys
01:32:13.0421 2756 DC21x4 - ok
01:32:13.0453 2756 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
01:32:13.0484 2756 DcomLaunch - ok
01:32:13.0531 2756 Dhcp (c51de19619d50cbd03708647aca10e70) C:\WINDOWS\System32\dhcpcsvc.dll
01:32:13.0546 2756 Dhcp - ok
01:32:13.0578 2756 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
01:32:13.0578 2756 Disk - ok
01:32:13.0625 2756 DLABMFSM (475024f44e0b0ff2e89b0b7450c51e9a) C:\WINDOWS\system32\DLA\DLABMFSM.SYS
01:32:13.0625 2756 DLABMFSM - ok
01:32:13.0640 2756 DLABOIOM (d418a2c037f0367af8ceb955f8162219) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
01:32:13.0640 2756 DLABOIOM - ok
01:32:13.0656 2756 DLACDBHM (5230cdb7e715f3a3b4a882e254cdd35d) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
01:32:13.0656 2756 DLACDBHM - ok
01:32:13.0671 2756 DLADResM (c696b47b36c278a349b433b206e4b105) C:\WINDOWS\system32\DLA\DLADResM.SYS
01:32:13.0671 2756 DLADResM - ok
01:32:13.0687 2756 DLAIFS_M (97e1cc730f1f931c5232013432584334) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
01:32:13.0687 2756 DLAIFS_M - ok
01:32:13.0703 2756 DLAOPIOM (d98be003d85c0251a3db5851a29c6ba8) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
01:32:13.0703 2756 DLAOPIOM - ok
01:32:13.0718 2756 DLAPoolM (3821ad5aa0ac0f05625923cfcc0c0fbb) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
01:32:13.0718 2756 DLAPoolM - ok
01:32:13.0734 2756 DLARTL_M (77fe51f0f8d86804cb81f6ef6bfb86dd) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
01:32:13.0734 2756 DLARTL_M - ok
01:32:13.0750 2756 DLAUDFAM (0fdd55d09da1657fc28ebc015f5f45d6) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
01:32:13.0750 2756 DLAUDFAM - ok
01:32:13.0765 2756 DLAUDF_M (147bc35eba264118988f5c5580860336) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
01:32:13.0765 2756 DLAUDF_M - ok
01:32:13.0781 2756 dmadmin - ok
01:32:13.0828 2756 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
01:32:13.0843 2756 dmboot - ok
01:32:13.0875 2756 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
01:32:13.0875 2756 dmio - ok
01:32:13.0890 2756 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
01:32:13.0890 2756 dmload - ok
01:32:13.0921 2756 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
01:32:13.0921 2756 dmserver - ok
01:32:13.0968 2756 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
01:32:13.0968 2756 DMusic - ok
01:32:14.0000 2756 Dnscache (474b4dc3983173e4b4c9740b0dac98a6) C:\WINDOWS\System32\dnsrslvr.dll
01:32:14.0000 2756 Dnscache - ok
01:32:14.0031 2756 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
01:32:14.0031 2756 Dot3svc - ok
01:32:14.0062 2756 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
01:32:14.0062 2756 dpti2o - ok
01:32:14.0109 2756 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
01:32:14.0109 2756 drmkaud - ok
01:32:14.0125 2756 DRVMCDB (83106585494d5eb96f59187200c144bd) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
01:32:14.0140 2756 DRVMCDB - ok
01:32:14.0156 2756 DRVNDDM (ffc371525aa55d1bae18715ebcb8797c) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
01:32:14.0156 2756 DRVNDDM - ok
01:32:14.0187 2756 e1express (27f19c1cd70ebe00817c1eefc5239de1) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
01:32:14.0203 2756 e1express - ok
01:32:14.0234 2756 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
01:32:14.0234 2756 EapHost - ok
01:32:14.0281 2756 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
01:32:14.0281 2756 ERSvc - ok
01:32:14.0328 2756 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
01:32:14.0359 2756 Eventlog - ok
01:32:14.0375 2756 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
01:32:14.0390 2756 EventSystem - ok
01:32:14.0421 2756 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
01:32:14.0437 2756 Fastfat - ok
01:32:14.0468 2756 FastUserSwitchingCompatibility (1926899bf9ffe2602b63074971700412) C:\WINDOWS\System32\shsvcs.dll
01:32:14.0484 2756 FastUserSwitchingCompatibility - ok
01:32:14.0546 2756 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
01:32:14.0546 2756 Fax - ok
01:32:14.0593 2756 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
01:32:14.0609 2756 Fdc - ok
01:32:14.0625 2756 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
01:32:14.0625 2756 Fips - ok
01:32:14.0640 2756 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
01:32:14.0640 2756 Flpydisk - ok
01:32:14.0671 2756 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
01:32:14.0671 2756 FltMgr - ok
01:32:14.0734 2756 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
01:32:14.0734 2756 FontCache3.0.0.0 - ok
01:32:14.0765 2756 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:32:14.0765 2756 Fs_Rec - ok
01:32:14.0781 2756 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:32:14.0796 2756 Ftdisk - ok
01:32:14.0843 2756 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
01:32:14.0843 2756 GEARAspiWDM - ok
01:32:14.0890 2756 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:32:14.0906 2756 Gpc - ok
01:32:14.0937 2756 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
01:32:14.0937 2756 HDAudBus - ok
01:32:14.0953 2756 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
01:32:14.0953 2756 helpsvc - ok
01:32:14.0984 2756 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
01:32:14.0984 2756 HidServ - ok
01:32:15.0031 2756 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:32:15.0031 2756 HidUsb - ok
01:32:15.0062 2756 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
01:32:15.0078 2756 hkmsvc - ok
01:32:15.0109 2756 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
01:32:15.0109 2756 hpn - ok
01:32:15.0171 2756 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
01:32:15.0187 2756 hpqcxs08 - ok
01:32:15.0203 2756 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
01:32:15.0203 2756 hpqddsvc - ok
01:32:15.0250 2756 HPSLPSVC (568e44f6dcfa173f3670172b69379891) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
01:32:15.0265 2756 HPSLPSVC - ok
01:32:15.0328 2756 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
01:32:15.0328 2756 HPZid412 - ok
01:32:15.0343 2756 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
01:32:15.0343 2756 HPZipr12 - ok
01:32:15.0390 2756 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
01:32:15.0406 2756 HPZius12 - ok
01:32:15.0453 2756 HSFHWAZL (0aaef566e6782957252fa79f566fbc0b) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
01:32:15.0453 2756 HSFHWAZL - ok
01:32:15.0500 2756 HSF_DPV (e472e0cb4e716cc34c0e045f2c196221) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
01:32:15.0515 2756 HSF_DPV - ok
01:32:15.0546 2756 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
01:32:15.0562 2756 HTTP - ok
01:32:15.0593 2756 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
01:32:15.0609 2756 HTTPFilter - ok
01:32:15.0640 2756 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
01:32:15.0656 2756 i2omgmt - ok
01:32:15.0687 2756 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
01:32:15.0687 2756 i2omp - ok
01:32:15.0703 2756 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
01:32:15.0703 2756 i8042prt - ok
01:32:15.0734 2756 iaStor (abfebc5f846c71afebd7f8f6ba740c03) C:\WINDOWS\system32\DRIVERS\iaStor.sys
01:32:15.0734 2756 iaStor - ok
01:32:15.0750 2756 IBMPMDRV (931af21653dd91cd85270a2b31f87eeb) C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
01:32:15.0750 2756 IBMPMDRV - ok
01:32:15.0781 2756 IBMPMSVC (35d08de36eb85f66731b7808768d512c) C:\WINDOWS\system32\ibmpmsvc.exe
01:32:15.0781 2756 IBMPMSVC - ok
01:32:15.0890 2756 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
01:32:15.0890 2756 IDriverT - ok
01:32:16.0078 2756 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:32:16.0093 2756 idsvc - ok
01:32:16.0187 2756 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
01:32:16.0187 2756 Imapi - ok
01:32:16.0218 2756 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
01:32:16.0234 2756 ImapiService - ok
01:32:16.0265 2756 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
01:32:16.0265 2756 ini910u - ok
01:32:16.0281 2756 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
01:32:16.0281 2756 IntelIde - ok
01:32:16.0296 2756 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:32:16.0296 2756 intelppm - ok
01:32:16.0375 2756 IntuitUpdateService (7bdb4e00e1cb174b56e5b2c31dde68a7) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
01:32:16.0375 2756 IntuitUpdateService - ok
01:32:16.0406 2756 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
01:32:16.0406 2756 Ip6Fw - ok
01:32:16.0421 2756 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:32:16.0421 2756 IpFilterDriver - ok
01:32:16.0437 2756 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:32:16.0437 2756 IpInIp - ok
01:32:16.0515 2756 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:32:16.0515 2756 IpNat - ok
01:32:16.0562 2756 iPod Service (e51bd095b2fdf56b17ee010bb794d6ed) C:\Program Files\iPod\bin\iPodService.exe
01:32:16.0578 2756 iPod Service - ok
01:32:16.0593 2756 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:32:16.0593 2756 IPSec - ok
01:32:16.0625 2756 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
01:32:16.0640 2756 irda - ok
01:32:16.0656 2756 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
01:32:16.0656 2756 IRENUM - ok
01:32:16.0671 2756 Irmon (49cc4533ce897cb2e93c1e84a818fde5) C:\WINDOWS\System32\irmon.dll
01:32:16.0687 2756 Irmon - ok
01:32:16.0765 2756 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:32:16.0765 2756 isapnp - ok
01:32:16.0781 2756 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:32:16.0781 2756 Kbdclass - ok
01:32:16.0812 2756 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
01:32:16.0812 2756 kmixer - ok
01:32:16.0843 2756 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
01:32:16.0843 2756 KSecDD - ok
01:32:16.0875 2756 LanmanServer (f385f4b02c535bffe1d70cab80838123) C:\WINDOWS\System32\srvsvc.dll
01:32:16.0890 2756 LanmanServer - ok
01:32:16.0906 2756 lanmanworkstation (1b67b632786fef1c1bbaef46c2f3f2e6) C:\WINDOWS\System32\wkssvc.dll
01:32:16.0921 2756 lanmanworkstation - ok
01:32:16.0921 2756 lbrtfdc - ok
01:32:16.0968 2756 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
01:32:16.0968 2756 LmHosts - ok
01:32:17.0031 2756 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
01:32:17.0031 2756 LVPr2Mon - ok
01:32:17.0093 2756 LVPrcSrv (0ddfdcaa92c7f553328db06ba599bea9) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
01:32:17.0093 2756 LVPrcSrv - ok
01:32:17.0140 2756 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
01:32:17.0156 2756 McComponentHostService - ok
01:32:17.0218 2756 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
01:32:17.0218 2756 MDM - ok
01:32:17.0265 2756 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
01:32:17.0265 2756 mdmxsdk - ok
01:32:17.0296 2756 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
01:32:17.0312 2756 Messenger - ok
01:32:17.0375 2756 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
01:32:17.0375 2756 mnmdd - ok
01:32:17.0390 2756 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
01:32:17.0406 2756 mnmsrvc - ok
01:32:17.0421 2756 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
01:32:17.0421 2756 Modem - ok
01:32:17.0453 2756 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:32:17.0453 2756 Mouclass - ok
01:32:17.0484 2756 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:32:17.0500 2756 mouhid - ok
01:32:17.0531 2756 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
01:32:17.0531 2756 MountMgr - ok
01:32:17.0531 2756 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
01:32:17.0531 2756 mraid35x - ok
01:32:17.0546 2756 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:32:17.0562 2756 MRxDAV - ok
01:32:17.0593 2756 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:32:17.0609 2756 MRxSmb - ok
01:32:17.0687 2756 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
01:32:17.0703 2756 MSDTC - ok
01:32:17.0734 2756 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
01:32:17.0734 2756 Msfs - ok
01:32:17.0734 2756 MSIServer - ok
01:32:17.0781 2756 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:32:17.0781 2756 MSKSSRV - ok
01:32:17.0796 2756 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:32:17.0796 2756 MSPCLOCK - ok
01:32:17.0796 2756 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
01:32:17.0812 2756 MSPQM - ok
01:32:17.0828 2756 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:32:17.0828 2756 mssmbios - ok
01:32:17.0859 2756 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
01:32:17.0859 2756 MSTEE - ok
01:32:17.0875 2756 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
01:32:17.0875 2756 Mup - ok
01:32:17.0890 2756 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
01:32:17.0890 2756 NABTSFEC - ok
01:32:17.0937 2756 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
01:32:17.0937 2756 napagent - ok
01:32:18.0000 2756 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
01:32:18.0000 2756 NDIS - ok
01:32:18.0015 2756 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
01:32:18.0015 2756 NdisIP - ok
01:32:18.0031 2756 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:32:18.0031 2756 NdisTapi - ok
01:32:18.0062 2756 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:32:18.0062 2756 Ndisuio - ok
01:32:18.0078 2756 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:32:18.0078 2756 NdisWan - ok
01:32:18.0093 2756 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
01:32:18.0093 2756 NDProxy - ok
01:32:18.0125 2756 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\WINDOWS\system32\HPZinw12.dll
01:32:18.0140 2756 Net Driver HPZ12 - ok
01:32:18.0171 2756 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
01:32:18.0171 2756 NetBIOS - ok
01:32:18.0203 2756 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
01:32:18.0203 2756 NetBT - ok
01:32:18.0234 2756 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
01:32:18.0234 2756 NetDDE - ok
01:32:18.0234 2756 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
01:32:18.0250 2756 NetDDEdsdm - ok
01:32:18.0281 2756 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
01:32:18.0281 2756 Netlogon - ok
01:32:18.0328 2756 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
01:32:18.0328 2756 Netman - ok
01:32:18.0453 2756 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:32:18.0453 2756 NetTcpPortSharing - ok
01:32:18.0546 2756 NETw4x32 (01f8a43ff0b77df0e115a7ed4bd76d68) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
01:32:18.0578 2756 NETw4x32 - ok
01:32:18.0640 2756 Nla (832e4dd8964ab7acc880b2837cb1ed20) C:\WINDOWS\System32\mswsock.dll
01:32:18.0656 2756 Nla - ok
01:32:18.0687 2756 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
01:32:18.0687 2756 Npfs - ok
01:32:18.0718 2756 NSCIRDA (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys
01:32:18.0718 2756 NSCIRDA - ok
01:32:18.0765 2756 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
01:32:18.0781 2756 Ntfs - ok
01:32:18.0828 2756 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
01:32:18.0828 2756 NtLmSsp - ok
01:32:18.0875 2756 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
01:32:18.0890 2756 NtmsSvc - ok
01:32:18.0921 2756 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
01:32:18.0921 2756 Null - ok
01:32:18.0953 2756 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:32:18.0953 2756 NwlnkFlt - ok
01:32:18.0984 2756 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:32:19.0000 2756 NwlnkFwd - ok
01:32:19.0062 2756 odserv (e54aa592a65f317390eee386a8821692) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
01:32:19.0078 2756 odserv - ok
01:32:19.0140 2756 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:32:19.0140 2756 ose - ok
01:32:19.0203 2756 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
01:32:19.0218 2756 Parport - ok
01:32:19.0250 2756 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
01:32:19.0250 2756 PartMgr - ok
01:32:19.0265 2756 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
01:32:19.0265 2756 ParVdm - ok
01:32:19.0296 2756 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
01:32:19.0296 2756 PCI - ok
01:32:19.0296 2756 PCIDump - ok
01:32:19.0312 2756 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
01:32:19.0312 2756 PCIIde - ok
01:32:19.0328 2756 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
01:32:19.0328 2756 Pcmcia - ok
01:32:19.0343 2756 PDCOMP - ok
01:32:19.0359 2756 PDFRAME - ok
01:32:19.0359 2756 PDRELI - ok
01:32:19.0375 2756 PDRFRAME - ok
01:32:19.0390 2756 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
01:32:19.0390 2756 perc2 - ok
01:32:19.0390 2756 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
01:32:19.0406 2756 perc2hib - ok
01:32:19.0500 2756 PID_PEPI (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
01:32:19.0546 2756 PID_PEPI - ok
01:32:19.0640 2756 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
01:32:19.0656 2756 PlugPlay - ok
01:32:19.0687 2756 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\WINDOWS\system32\HPZipm12.dll
01:32:19.0687 2756 Pml Driver HPZ12 - ok
01:32:19.0718 2756 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
01:32:19.0718 2756 PolicyAgent - ok
01:32:19.0750 2756 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:32:19.0765 2756 PptpMiniport - ok
01:32:19.0796 2756 prepdrvr (2a3e82aeaf8a4a1ed7bd22f6a2424a35) C:\WINDOWS\system32\CCM\prepdrv.sys
01:32:19.0812 2756 prepdrvr - ok
01:32:19.0812 2756 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
01:32:19.0828 2756 ProtectedStorage - ok
01:32:19.0843 2756 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
01:32:19.0843 2756 PSched - ok
01:32:19.0875 2756 PTDUBus (bc37a428bd4b3b8f0ad2fd2df0822851) C:\WINDOWS\system32\DRIVERS\PTDUBus.sys
01:32:19.0890 2756 PTDUBus - ok
01:32:19.0953 2756 PTDUMdm (0bc211b0320f17851e8c24ace775ea44) C:\WINDOWS\system32\DRIVERS\PTDUMdm.sys
01:32:19.0953 2756 PTDUMdm - ok
01:32:19.0984 2756 PTDUVsp (3ea007ffc7a6b9c9f56324fb16584904) C:\WINDOWS\system32\DRIVERS\PTDUVsp.sys
01:32:19.0984 2756 PTDUVsp - ok
01:32:20.0000 2756 PTDUWWAN (a49e0d84d6744746f3053980f73f897a) C:\WINDOWS\system32\DRIVERS\PTDUWWAN.sys
01:32:20.0000 2756 PTDUWWAN - ok
01:32:20.0015 2756 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:32:20.0015 2756 Ptilink - ok
01:32:20.0046 2756 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
01:32:20.0046 2756 PxHelp20 - ok
01:32:20.0078 2756 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
01:32:20.0078 2756 ql1080 - ok
01:32:20.0078 2756 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
01:32:20.0093 2756 Ql10wnt - ok
01:32:20.0093 2756 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
01:32:20.0109 2756 ql12160 - ok
01:32:20.0109 2756 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
01:32:20.0109 2756 ql1240 - ok
01:32:20.0125 2756 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
01:32:20.0125 2756 ql1280 - ok
01:32:20.0156 2756 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:32:20.0156 2756 RasAcd - ok
01:32:20.0187 2756 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
01:32:20.0187 2756 RasAuto - ok
01:32:20.0250 2756 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
01:32:20.0250 2756 Rasirda - ok
01:32:20.0265 2756 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:32:20.0265 2756 Rasl2tp - ok
01:32:20.0296 2756 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
01:32:20.0296 2756 RasMan - ok
01:32:20.0312 2756 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:32:20.0312 2756 RasPppoe - ok
01:32:20.0328 2756 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
01:32:20.0328 2756 Raspti - ok
01:32:20.0359 2756 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:32:20.0359 2756 Rdbss - ok
01:32:20.0375 2756 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:32:20.0375 2756 RDPCDD - ok
01:32:20.0390 2756 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
01:32:20.0390 2756 rdpdr - ok
01:32:20.0406 2756 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
01:32:20.0406 2756 RDPWD - ok
01:32:20.0453 2756 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
01:32:20.0468 2756 RDSessMgr - ok
01:32:20.0500 2756 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
01:32:20.0515 2756 redbook - ok
01:32:20.0546 2756 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
01:32:20.0546 2756 RemoteAccess - ok
01:32:20.0593 2756 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
01:32:20.0593 2756 RemoteRegistry - ok
01:32:20.0703 2756 RimUsb (4f4a4c09cc5be58a76cac1c337e004e6) C:\WINDOWS\system32\Drivers\RimUsb.sys
01:32:20.0703 2756 RimUsb - ok
01:32:20.0734 2756 RimVSerPort (3a5633ad615e2b15291bd0b1b97ccd8a) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
01:32:20.0734 2756 RimVSerPort - ok
01:32:20.0781 2756 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
01:32:20.0781 2756 ROOTMODEM - ok
01:32:20.0796 2756 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
01:32:20.0812 2756 RpcLocator - ok
01:32:20.0843 2756 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
01:32:20.0859 2756 RpcSs - ok
01:32:20.0890 2756 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
01:32:20.0906 2756 RSVP - ok
01:32:20.0984 2756 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
01:32:20.0984 2756 SamSs - ok
01:32:21.0031 2756 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
01:32:21.0046 2756 SCardSvr - ok
01:32:21.0078 2756 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
01:32:21.0093 2756 Schedule - ok
01:32:21.0109 2756 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:32:21.0125 2756 Secdrv - ok
01:32:21.0140 2756 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
01:32:21.0156 2756 seclogon - ok
01:32:21.0171 2756 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
01:32:21.0171 2756 SENS - ok
01:32:21.0187 2756 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
01:32:21.0187 2756 serenum - ok
01:32:21.0203 2756 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
01:32:21.0203 2756 Serial - ok
01:32:21.0234 2756 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
01:32:21.0234 2756 Sfloppy - ok
01:32:21.0250 2756 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
01:32:21.0265 2756 SharedAccess - ok
01:32:21.0328 2756 ShellHWDetection (1926899bf9ffe2602b63074971700412) C:\WINDOWS\System32\shsvcs.dll
01:32:21.0328 2756 ShellHWDetection - ok
01:32:21.0359 2756 Simbad - ok
01:32:21.0390 2756 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
01:32:21.0390 2756 sisagp - ok
01:32:21.0437 2756 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
01:32:21.0437 2756 SLIP - ok
01:32:21.0546 2756 SmcService (cc3472f5ea5d7dbe6820e1796a03c150) C:\Program Files\Sygate\SSA\smc.exe
01:32:21.0562 2756 SmcService - ok
01:32:21.0656 2756 smsmdd (4736f44316b481eb2ead736b639a7a7f) C:\WINDOWS\system32\DRIVERS\smsmdm.sys
01:32:21.0656 2756 smsmdd - ok
01:32:21.0671 2756 smstsmgr - ok
01:32:21.0718 2756 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
01:32:21.0718 2756 Sparrow - ok
01:32:21.0750 2756 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
01:32:21.0750 2756 splitter - ok
01:32:21.0781 2756 Spooler (d8e14a61acc1d4a6cd0d38aebac7fa3b) C:\WINDOWS\system32\spoolsv.exe
01:32:21.0781 2756 Spooler - ok
01:32:21.0812 2756 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
01:32:21.0812 2756 sr - ok
01:32:21.0875 2756 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
01:32:21.0890 2756 srservice - ok
01:32:21.0921 2756 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys
01:32:21.0937 2756 Srv - ok
01:32:21.0953 2756 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
01:32:21.0968 2756 SSDPSRV - ok
01:32:22.0000 2756 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
01:32:22.0000 2756 StillCam - ok
01:32:22.0078 2756 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
01:32:22.0093 2756 stisvc - ok
01:32:22.0109 2756 stllssvr - ok
01:32:22.0156 2756 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
01:32:22.0156 2756 streamip - ok
01:32:22.0187 2756 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
01:32:22.0203 2756 swenum - ok
01:32:22.0234 2756 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
01:32:22.0234 2756 swmidi - ok
01:32:22.0234 2756 SwPrv - ok
01:32:22.0281 2756 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
01:32:22.0281 2756 symc810 - ok
01:32:22.0296 2756 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
01:32:22.0296 2756 symc8xx - ok
01:32:22.0296 2756 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
01:32:22.0296 2756 sym_hi - ok
01:32:22.0312 2756 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
01:32:22.0312 2756 sym_u3 - ok
01:32:22.0343 2756 SynTP (a81e52df43dc66493eac8ce58fc9b658) C:\WINDOWS\system32\DRIVERS\SynTP.sys
01:32:22.0343 2756 SynTP - ok
01:32:22.0375 2756 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
01:32:22.0375 2756 sysaudio - ok
01:32:22.0406 2756 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
01:32:22.0406 2756 SysmonLog - ok
01:32:22.0484 2756 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
01:32:22.0484 2756 TapiSrv - ok
01:32:22.0531 2756 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:32:22.0531 2756 Tcpip - ok
01:32:22.0578 2756 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
01:32:22.0578 2756 TDPIPE - ok
01:32:22.0593 2756 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
01:32:22.0593 2756 TDTCP - ok
01:32:22.0625 2756 Teefer (24b0e77813704d497d0f3f938fbecc33) C:\WINDOWS\system32\Drivers\Teefer.sys
01:32:22.0625 2756 Teefer - ok
01:32:22.0671 2756 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
01:32:22.0671 2756 TermDD - ok
01:32:22.0734 2756 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
01:32:22.0750 2756 TermService - ok
01:32:22.0781 2756 Themes (1926899bf9ffe2602b63074971700412) C:\WINDOWS\System32\shsvcs.dll
01:32:22.0781 2756 Themes - ok
01:32:22.0828 2756 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
01:32:22.0828 2756 TlntSvr - ok
01:32:22.0843 2756 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
01:32:22.0859 2756 TosIde - ok
01:32:22.0875 2756 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
01:32:22.0890 2756 TrkWks - ok
01:32:22.0906 2756 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
01:32:22.0906 2756 Udfs - ok
01:32:22.0921 2756 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
01:32:22.0921 2756 ultra - ok
01:32:22.0937 2756 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
01:32:22.0937 2756 Update - ok
01:32:22.0968 2756 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
01:32:22.0984 2756 upnphost - ok
01:32:23.0015 2756 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
01:32:23.0031 2756 UPS - ok
01:32:23.0078 2756 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
01:32:23.0078 2756 usbaudio - ok
01:32:23.0109 2756 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:32:23.0109 2756 usbccgp - ok
01:32:23.0140 2756 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:32:23.0140 2756 usbehci - ok
01:32:23.0156 2756 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:32:23.0171 2756 usbhub - ok
01:32:23.0203 2756 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
01:32:23.0203 2756 usbprint - ok
01:32:23.0250 2756 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:32:23.0250 2756 usbscan - ok
01:32:23.0265 2756 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:32:23.0265 2756 USBSTOR - ok
01:32:23.0312 2756 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
01:32:23.0312 2756 usbuhci - ok
01:32:23.0359 2756 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
01:32:23.0359 2756 VgaSave - ok
01:32:23.0390 2756 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
01:32:23.0390 2756 viaagp - ok
01:32:23.0406 2756 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
01:32:23.0406 2756 ViaIde - ok
01:32:23.0421 2756 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
01:32:23.0421 2756 VolSnap - ok
01:32:23.0468 2756 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
01:32:23.0484 2756 VSS - ok
01:32:23.0515 2756 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
01:32:23.0531 2756 W32Time - ok
01:32:23.0546 2756 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:32:23.0562 2756 Wanarp - ok
01:32:23.0609 2756 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
01:32:23.0609 2756 Wdf01000 - ok
01:32:23.0640 2756 WDICA - ok
01:32:23.0671 2756 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
01:32:23.0671 2756 wdmaud - ok
01:32:23.0718 2756 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
01:32:23.0734 2756 WebClient - ok
01:32:23.0765 2756 wg3n (8e95e30e9031c3ac25ec2455da19831f) C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys
01:32:23.0765 2756 wg3n - ok
01:32:23.0812 2756 winachsf (0e666ac2766f2fd860cc03f405a2ace1) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
01:32:23.0828 2756 winachsf - ok
01:32:23.0859 2756 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
01:32:23.0875 2756 winmgmt - ok
01:32:23.0906 2756 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll
01:32:23.0906 2756 WmdmPmSN - ok
01:32:23.0968 2756 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
01:32:23.0984 2756 Wmi - ok
01:32:24.0015 2756 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
01:32:24.0015 2756 WmiApSrv - ok
01:32:24.0062 2756 wpsdrvnt (33c2c3b439294f2d28fae2aa3d48e104) C:\WINDOWS\system32\drivers\wpsdrvnt.sys
01:32:24.0062 2756 wpsdrvnt - ok
01:32:24.0093 2756 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
01:32:24.0109 2756 wscsvc - ok
01:32:24.0156 2756 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
01:32:24.0171 2756 WSTCODEC - ok
01:32:24.0218 2756 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
01:32:24.0218 2756 wuauserv - ok
01:32:24.0265 2756 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
01:32:24.0281 2756 WZCSVC - ok
01:32:24.0312 2756 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
01:32:24.0328 2756 xmlprov - ok
01:32:24.0343 2756 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
01:32:24.0375 2756 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
01:32:24.0375 2756 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
01:32:24.0468 2756 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
01:32:24.0468 2756 \Device\Harddisk0\DR0 - detected TDSS File System (1)
01:32:24.0484 2756 Boot (0x1200) (f3c57a5143679ca61b4a6ab6cfc1efda) \Device\Harddisk0\DR0\Partition0
01:32:24.0484 2756 \Device\Harddisk0\DR0\Partition0 - ok
01:32:24.0484 2756 ============================================================
01:32:24.0484 2756 Scan finished
01:32:24.0484 2756 ============================================================
01:32:24.0500 2672 Detected object count: 2
01:32:24.0500 2672 Actual detected object count: 2

#4 access2godzila

access2godzila

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:30 AM

Posted 28 March 2012 - 01:33 AM

Continue with the cure option.

Also, could you post the contents of %SystemRoot%\system32\drivers\etc\hosts here? It may help to resolve the redirection problem.

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:30 AM

Posted 28 March 2012 - 02:08 AM

After the TDSSkiller, should i click continue with the cure option for the rootkit.boot and the skip option for the TDSS file system or just exit out?

Yes,rootkit.boot.pihar needs to be cured and TDSS file system should be deleted

Restart the PC and continue with other instructions

good luck

#6 ashleyand

ashleyand
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 28 March 2012 - 03:17 AM

how would i get the results if the contents of %SystemRoot%\system32\drivers\etc\hosts?

It says the gmer file is too long to upload, I have uploaded it to filedropper, I hope this is okay?http://www.filedropper.com/gmer

Also, I forgot to previously mention that when I start my computer, It asks to do a disk check on Disk C (NFTS), this started the day of the virus and I haven't let it finish the check by interupting it. Cold this be a part of the problem also?

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:30 AM

Posted 28 March 2012 - 03:32 AM

how would i get the results if the contents of %SystemRoot%\system32\drivers\etc\hosts?

It says the gmer file is too long to upload, I have uploaded it to filedropper, I hope this is okay?http://www.filedropper.com/gmer

Also, I forgot to previously mention that when I start my computer, It asks to do a disk check on Disk C (NFTS), this started the day of the virus and I haven't let it finish the check by interupting it. Cold this be a part of the problem also?



Lets look at these issues after i get aswmbr log :thumbup2: ,GMER log looks clean

#8 ashleyand

ashleyand
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 28 March 2012 - 05:33 AM

Okay thank you for everything so far :)


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-28 04:13:46
-----------------------------
04:13:46.125 OS Version: Windows 5.1.2600 Service Pack 3
04:13:46.125 Number of processors: 2 586 0xF06
04:13:46.125 ComputerName: SBCNAZ UserName: naz
04:13:47.421 Initialize success
04:13:47.500 AVAST engine defs: 12032702
04:17:57.796 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
04:17:57.812 Disk 0 Vendor: HITACHI_ FC2Z Size: 152627MB BusType: 3
04:17:57.843 Disk 0 MBR read successfully
04:17:57.843 Disk 0 MBR scan
04:17:57.859 Disk 0 Windows VISTA default MBR code
04:17:57.890 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152617 MB offset 15120
04:17:57.890 Disk 0 scanning sectors +312575760
04:17:58.125 Disk 0 scanning C:\WINDOWS\system32\drivers
04:18:33.953 Service scanning
04:18:46.781 Modules scanning
04:20:02.859 Disk 0 trace - called modules:
04:20:02.875 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
04:20:02.875 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a5c2ab8]
04:20:02.875 3 CLASSPNP.SYS[ba168fd7] -> nt!IofCallDriver -> \Device\000000b1[0x8a5b1b08]
04:20:02.875 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8a08e028]
04:20:03.421 AVAST engine scan C:\WINDOWS
04:20:42.484 AVAST engine scan C:\WINDOWS\system32
04:29:16.859 AVAST engine scan C:\WINDOWS\system32\drivers
04:30:30.515 AVAST engine scan C:\Documents and Settings\naz
04:34:44.953 File: C:\Documents and Settings\naz\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe **INFECTED** Win32:Malware-gen
04:34:45.046 File: C:\Documents and Settings\naz\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleUpdate.exe **INFECTED** Win32:Trojan-gen
04:47:53.156 AVAST engine scan C:\Documents and Settings\All Users
04:48:57.343 Scan finished successfully
06:32:34.125 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\naz\Desktop\MBR.dat"
06:32:34.125 The log file has been saved successfully to "C:\Documents and Settings\naz\Desktop\aswMBR.txt"

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:30 AM

Posted 28 March 2012 - 06:26 AM

Press Windows+R key and type

%temp% and click ok

if you have a folder called SMTMP, copy it to a safe location

Download UNHIDE

http://www.bleepingcomputer.com/download/anti-virus/unhide

Allow it to run,it should restore your files


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#10 ashleyand

ashleyand
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 28 March 2012 - 11:36 AM

C:\Documents and Settings\naz\Local Settings\Temp\ICReinstall\cnet_PandoraRecovery2_1_1Setup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Documents and Settings\naz\My Documents\Downloads\cnet_PandoraRecovery2_1_1Setup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Documents and Settings\naz\My Documents\Downloads\Codec-C.exe Win32/InstallMate application cleaned by deleting - quarantined

#11 ashleyand

ashleyand
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 28 March 2012 - 11:42 AM

MiniToolBox by Farbar Version: 18-01-2012
Ran by naz (administrator) on 28-03-2012 at 12:37:58
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: http=127.0.0.1:27811

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15173 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Connected)
Intel® PRO/1000 PL Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : SBCNAZ

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection

Physical Address. . . . . . . . . : 00-1B-77-B0-03-1E

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.2

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

Lease Obtained. . . . . . . . . . : Wednesday, March 28, 2012 2:08:54 AM

Lease Expires . . . . . . . . . . : Thursday, March 29, 2012 2:08:54 AM



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Intel® PRO/1000 PL Network Connection

Physical Address. . . . . . . . . : 00-1A-6B-6A-DB-21

Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.224.192, 74.125.224.193, 74.125.224.194, 74.125.224.195
74.125.224.196, 74.125.224.197, 74.125.224.198, 74.125.224.199, 74.125.224.200
74.125.224.201, 74.125.224.206



Pinging google.com [74.125.224.198] with 32 bytes of data:



Reply from 74.125.224.198: bytes=32 time=39ms TTL=54

Reply from 74.125.224.198: bytes=32 time=42ms TTL=54



Ping statistics for 74.125.224.198:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 39ms, Maximum = 42ms, Average = 40ms

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=432ms TTL=46

Reply from 98.139.183.24: bytes=32 time=353ms TTL=47



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 353ms, Maximum = 432ms, Average = 392ms

Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1b 77 b0 03 1e ...... Intel® PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport
0x20003 ...00 1a 6b 6a db 21 ...... Intel® PRO/1000 PL Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.2 192.168.1.2 25
192.168.1.2 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.2 192.168.1.2 25
224.0.0.0 240.0.0.0 192.168.1.2 192.168.1.2 25
255.255.255.255 255.255.255.255 192.168.1.2 20003 1
255.255.255.255 255.255.255.255 192.168.1.2 192.168.1.2 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/28/2012 02:04:05 AM) (Source: Application Hang) (User: )
Description: Hanging application avast.setup, version 7.0.1426.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/28/2012 02:01:49 AM) (Source: Application Hang) (User: )
Description: Hanging application avast.setup, version 7.0.1426.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/28/2012 02:01:48 AM) (Source: Application Hang) (User: )
Description: Hanging application avast.setup, version 7.0.1426.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/27/2012 08:35:53 PM) (Source: Application Error) (User: )
Description: Faulting application chrome.exe, version 17.0.963.83, faulting module unknown, version 0.0.0.0, fault address 0x00c9901d.
Processing media-specific event for [chrome.exe!ws!]

Error: (03/27/2012 08:31:10 PM) (Source: Application Hang) (User: )
Description: Hanging application setup.exe, version 2.1.1116.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/27/2012 08:31:08 PM) (Source: Application Hang) (User: )
Description: Hanging application setup.exe, version 2.1.1116.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/27/2012 08:29:16 PM) (Source: MPSampleSubmission) (User: )
Description: mptelemetry0x80070003moaccachereset3.0.8402.0unspecifiedunspecifiedunspecifiedNILNILNIL

Error: (03/27/2012 08:27:12 PM) (Source: Application Error) (User: )
Description: Faulting application chrome.exe, version 17.0.963.83, faulting module unknown, version 0.0.0.0, fault address 0x00c9901d.
Processing media-specific event for [chrome.exe!ws!]

Error: (03/27/2012 08:06:38 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/27/2012 03:40:36 PM) (Source: Application Error) (User: )
Description: Faulting application facebookvideocalling.exe, version 1.2.0.159, faulting module facebookvideocalling.exe, version 1.2.0.159, fault address 0x000e7647.
Processing media-specific event for [facebookvideocalling.exe!ws!]


System errors:
=============
Error: (03/28/2012 02:43:03 AM) (Source: PlugPlayManager) (User: )
Description: The device 'Intel® PRO/1000 PL Network Connection' (PCI\VEN_8086&DEV_109A&SUBSYS_200117AA&REV_00\4&192ac53f&0&00E0) disappeared from the system without first being prepared for removal.

Error: (03/28/2012 02:05:39 AM) (Source: Service Control Manager) (User: )
Description: The avast! Asynchronous Virus Monitor service failed to start due to the following error:
%%2

Error: (03/28/2012 02:03:20 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).

Error: (03/28/2012 01:26:01 AM) (Source: PlugPlayManager) (User: )
Description: The device 'Intel® PRO/1000 PL Network Connection' (PCI\VEN_8086&DEV_109A&SUBSYS_200117AA&REV_00\4&192ac53f&0&00E0) disappeared from the system without first being prepared for removal.

Error: (03/28/2012 01:20:53 AM) (Source: DCOM) (User: SYSTEM)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7E89FF0B-F649-4F9A-A9C3-F05DFAAA3DA1}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.

Error: (03/27/2012 09:18:08 PM) (Source: PlugPlayManager) (User: )
Description: The device 'Intel® PRO/1000 PL Network Connection' (PCI\VEN_8086&DEV_109A&SUBSYS_200117AA&REV_00\4&192ac53f&0&00E0) disappeared from the system without first being prepared for removal.

Error: (03/27/2012 05:21:38 PM) (Source: DCOM) (User: SYSTEM)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7E89FF0B-F649-4F9A-A9C3-F05DFAAA3DA1}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.

Error: (03/27/2012 11:19:10 AM) (Source: PlugPlayManager) (User: )
Description: The device 'Intel® PRO/1000 PL Network Connection' (PCI\VEN_8086&DEV_109A&SUBSYS_200117AA&REV_00\4&192ac53f&0&00E0) disappeared from the system without first being prepared for removal.

Error: (03/26/2012 03:41:44 PM) (Source: PlugPlayManager) (User: )
Description: The device 'Intel® PRO/1000 PL Network Connection' (PCI\VEN_8086&DEV_109A&SUBSYS_200117AA&REV_00\4&192ac53f&0&00E0) disappeared from the system without first being prepared for removal.

Error: (03/26/2012 02:03:08 PM) (Source: DCOM) (User: SYSTEM)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7E89FF0B-F649-4F9A-A9C3-F05DFAAA3DA1}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.


Microsoft Office Sessions:
=========================
Error: (12/02/2010 01:54:20 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 396 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

2007 Microsoft Office Suite Service Pack 1 (SP1)
32 Bit HP CIO Components Installer (Version: 6.1.1)
4500_G510nz_Help (Version: 000.0.439.000)
4500G510nz (Version: 000.0.439.000)
4500G510nz_Software_Min (Version: 000.0.423.000)
ACD Systems ACDSee 3.0
Adobe Acrobat 5.0 (Version: 5.1)
Adobe Acrobat Professional w tmstmp no-elicense v8.1.3
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Reader X (10.1.0) (Version: 10.1.0)
Apple Application Support (Version: 1.5.1)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.2.120)
ATI Display Driver (Version: 8.442.3-080103a1-057754C-Lenovo)
avast! Free Antivirus (Version: 7.0.1426.0)
BufferChm (Version: 130.0.331.000)
CCleaner (Version: 3.16)
Certification Preparation (Version: 1.0.0)
Computrainer (Version: 4.00.0000)
Configuration Manager Client (Version: 4.00.5931.0001)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.372.000)
DivX Setup (Version: 2.6.1.3)
DocMgr (Version: 130.0.000.000)
DocProc (Version: 13.0.0.0)
Drag-to-Disc (Version: 9.05)
ESET Online Scanner v3
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Fax (Version: 130.0.418.000)
Google Chrome (Version: 17.0.963.83)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.111)
GPBaseService2 (Version: 130.0.371.000)
HiJackThis (Version: 1.0.0)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Document Manager 2.0 (Version: 2.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Officejet 4500 G510n-z (Version: 13.0)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPProductAssistant (Version: 130.0.371.000)
InstallIQ Updater (Version: 1.1.2.0)
Intel® PRO Network Connections Drivers
iSEEK AnswerWorks English Runtime (Version: 009.000.0002)
iTunes (Version: 10.2.2.14)
JJEDS POLCA Certificate v1.0 R2
Lenovo Multimedia Center R2 v9.0.629
Logitech Vid HD (Version: 7.2 (7259))
Logitech Webcam Software (Version: 12.10.1113)
Logitech Webcam Software Driver Package (Version: 12.10.1110)
MarketResearch (Version: 130.0.374.000)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .Net Framework v3.5
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Corp. Office Enterprise Prof Equivalent v2007 SP1
Microsoft Corporation Hotfix KB953761 v1.0
Microsoft Corporation XMLLite for XP KB915865 v11
Microsoft GPO Client Side Extensions Windows XP v1.0
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6215.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6213.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6213.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6213.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft PowerShell for XP v1.0R2
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6215.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Windows XP SP2 IR KB885855 v1.0
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
Multimedia Center for XP and 2000 (Version: 1.0)
Network (Version: 130.0.374.000)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
PANTECH UM175 Driver (Version: 3.1.20.1215)
PDF IFilter (Version: 6.0)
PDFLIB
PDFlib 4.0.1
QuickTime (Version: 7.69.80.9)
RDC
RealPlayer (Version: 10.0)
Scan (Version: 13.0.0.0)
Series 7 (Version: 1.00.000)
Silvestri Comp Review PN 4e
SmartWebPrinting (Version: 130.0.373.000)
SolutionCenter (Version: 130.0.373.000)
Spotify (Version: 0.5.2)
Spotify (Version: 0.8.1.76.g4773b858)
Spybot - Search & Destroy (Version: 1.6.2)
Status (Version: 130.0.373.000)
Sygate Security Agent 3.5 (Version: 3.5.2571)
ThinkPad Modem (Version: 7.70.00)
ThinkPad Power Management Driver (Version: 1.44)
Token Utilities TAC Update R2 (Version: 1.0.0)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
TurboTax 2009
TurboTax 2009 wcaiper (Version: 009.000.1050)
TurboTax 2009 WinPerFedFormset (Version: 009.000.2881)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0245)
TurboTax 2009 wrapper (Version: 009.000.0145)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB943729)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 130.0.132.017)
WIMGAPI (Version: 1.0.0.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Oct 2008 DST update (Version: 1.0.0)
Windows PowerShell™ 1.0 (Version: 1)
Windows Update Settings (Version: 1.0)
XML Paper Specification Shared Components Pack 1.0

========================= Memory info: ===================================

Percentage of memory in use: 60%
Total physical RAM: 2046.36 MB
Available physical RAM: 801.65 MB
Total Pagefile: 2658.92 MB
Available Pagefile: 1585.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.36 MB

========================= Partitions: =====================================

1 Drive c: (OSDisk) (Fixed) (Total:149.04 GB) (Free:122.31 GB) NTFS

========================= Users: ========================================

User accounts for \\SBCNAZ

ASPNET Guest HelpAssistant
itsdeploy6 jjitsadmin5 naz
SUPPORT_388945a0


**** End of log ****

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:30 AM

Posted 28 March 2012 - 02:03 PM

Download hosts fixit

http://go.microsoft.com/?linkid=9668866

Run it and restart the PC


Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#13 ashleyand

ashleyand
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 28 March 2012 - 02:42 PM

Thank you so much for everything, you have been so patient and helpful. :)

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:30 AM

Posted 28 March 2012 - 03:21 PM

You're welcome :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users