Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Removed Smart HDD Virus but cannot connect to internet or printer


  • Please log in to reply
9 replies to this topic

#1 pleasehelpme62

pleasehelpme62

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 18 April 2012 - 07:19 PM

I had the Smart HDD virus and used your instructions at http://www.bleepingcomputer.com/virus-removal/remove-smart-hdd to remove it. It was extremely helpful and after going through all the steps, the virus appears to be gone. However, I cannot connect to the internet or my printer. I have a desktop, not a wireless connection, and a Cisco router. I have 2 computers running to this router and the other one works fine. When I try to connect to the internet, the LAN reads "Acquiring Network Address." I have reset the router, reset the internet settings-nothing works.

By the way, I can use all of my other programs and nothing is hidden now that I used the unhide.exe application.

I called Dell. The IT guy helped me download drivers but that did not work. He said it is a software problem. Please help me! I have not had internet access for over a week on this computer.

I have Windows XP. Thank you so much!

Edited by pleasehelpme62, 18 April 2012 - 07:21 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:52 AM

Posted 18 April 2012 - 07:47 PM

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#3 DerekCBriggs

DerekCBriggs

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:52 AM

Posted 18 April 2012 - 11:02 PM

I am having the exact same issue. Here are the results after running FSS.exe:

Farbar Service Scanner Version: 16-04-2012
Ran by Whitney (administrator) on 18-04-2012 at 21:52:22
Running from "F:\"
Microsoft Windows 7 Enterprise Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys
[2011-06-21 06:45] - [2011-04-24 20:18] - 0338944 ____A () 3E7AACF7B95C6D80B14C4AFAF8136168

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:52 AM

Posted 18 April 2012 - 11:20 PM

DerekCBriggs

Create a new topic to avoid confusion

Thanks

Edited by narenxp, 18 April 2012 - 11:21 PM.


#5 pleasehelpme62

pleasehelpme62
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 19 April 2012 - 08:59 PM

I downloaded FSS, and here are the results:

Farbar Service Scanner Version: 16-04-2012
Ran by Mom (administrator) on 19-04-2012 at 20:56:50
Running from "F:\"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd: "system32\drivers\tsk3A.tmp".


Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error: Google IP is unreachable
Attempt to access Yahoo IP returend error: Yahoo IP is unreachable


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: Attention! Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS: "C:\WINDOWS\system32\qmgr.dll".


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) SbTis(9) Tcpip(4)
0x09000000080000000500000001000000020000000300000004000000090000000700000006000000


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:52 AM

Posted 19 April 2012 - 11:03 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Download

http://www.snapfiles.com/get/erunt.html

Install it and backup your registry to C:/Windows/erdnt

Now Download both the registry file

Download

http://www.filedropper.com/afd

Launch the registry key ,click YES when you get a pop up

restart the PC ,check your browser and post the new FSS log

good luck

#7 pleasehelpme62

pleasehelpme62
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 20 April 2012 - 06:40 AM

Thank you for your help, but it didn't go as I planned. I ran TDSS as you said. Here's the report:

05:54:46.0000 3644 TDSS rootkit removing tool 2.7.30.0 Apr 19 2012 15:10:31
05:54:46.0031 3644 ============================================================
05:54:46.0031 3644 Current date / time: 2012/04/20 05:54:46.0031
05:54:46.0031 3644 SystemInfo:
05:54:46.0031 3644
05:54:46.0031 3644 OS Version: 5.1.2600 ServicePack: 3.0
05:54:46.0031 3644 Product type: Workstation
05:54:46.0031 3644 ComputerName: TERRI
05:54:46.0031 3644 UserName: Mom
05:54:46.0031 3644 Windows directory: C:\WINDOWS
05:54:46.0031 3644 System windows directory: C:\WINDOWS
05:54:46.0031 3644 Processor architecture: Intel x86
05:54:46.0031 3644 Number of processors: 2
05:54:46.0031 3644 Page size: 0x1000
05:54:46.0031 3644 Boot type: Normal boot
05:54:46.0031 3644 ============================================================
05:54:49.0562 3644 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
05:54:49.0703 3644 Drive \Device\Harddisk2\DR6 - Size: 0x7470C05E00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
05:54:49.0718 3644 \Device\Harddisk0\DR0:
05:54:49.0734 3644 MBR partitions:
05:54:49.0734 3644 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A011FC
05:54:49.0734 3644 \Device\Harddisk2\DR6:
05:54:49.0734 3644 MBR partitions:
05:54:49.0734 3644 \Device\Harddisk2\DR6\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C01
05:54:49.0796 3644 C: <-> \Device\Harddisk0\DR0\Partition0
05:54:50.0921 3644 F: <-> \Device\Harddisk2\DR6\Partition0
05:54:50.0921 3644 Initialize success
05:54:50.0921 3644 ============================================================
05:55:26.0421 2976 ============================================================
05:55:26.0421 2976 Scan started
05:55:26.0421 2976 Mode: Manual; TDLFS;
05:55:26.0421 2976 ============================================================
05:55:27.0890 2976 62656022 - ok
05:55:27.0906 2976 A88xEnc - ok
05:55:27.0921 2976 aalogger - ok
05:55:27.0921 2976 Abiosdsk - ok
05:55:27.0937 2976 abp480n5 - ok
05:55:27.0937 2976 ac97intc - ok
05:55:27.0953 2976 ACDaemon - ok
05:55:27.0968 2976 acedrv07 - ok
05:55:27.0968 2976 aclient - ok
05:55:28.0031 2976 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
05:55:28.0046 2976 ACPI - ok
05:55:28.0062 2976 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
05:55:28.0140 2976 ACPIEC - ok
05:55:28.0140 2976 acrotray - ok
05:55:28.0156 2976 acsvc - ok
05:55:28.0171 2976 actser - ok
05:55:28.0171 2976 addfiltr - ok
05:55:28.0218 2976 ADIHdAudAddService (0f0a69496989912351284bb1baa2ce57) C:\WINDOWS\system32\drivers\ADIHdAud.sys
05:55:28.0234 2976 ADIHdAudAddService - ok
05:55:28.0234 2976 adobeactivefilemonitor5.0 - ok
05:55:28.0250 2976 adpu160m - ok
05:55:28.0250 2976 adpu320 - ok
05:55:28.0265 2976 aeaudio - ok
05:55:28.0281 2976 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
05:55:28.0312 2976 aec - ok
05:55:28.0328 2976 AFD - ok
05:55:28.0328 2976 afs2k - ok
05:55:28.0343 2976 AGV - ok
05:55:28.0359 2976 Aha154x - ok
05:55:28.0390 2976 aic116x - ok
05:55:28.0390 2976 aic78u2 - ok
05:55:28.0406 2976 aic78xx - ok
05:55:28.0406 2976 AKSIFDH - ok
05:55:28.0437 2976 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
05:55:28.0437 2976 Alerter - ok
05:55:28.0468 2976 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
05:55:28.0468 2976 ALG - ok
05:55:28.0484 2976 AliIde - ok
05:55:28.0500 2976 allegro - ok
05:55:28.0515 2976 amdppm - ok
05:55:28.0515 2976 amsint - ok
05:55:28.0531 2976 Amsmpu4p - ok
05:55:28.0546 2976 amusbprt - ok
05:55:28.0562 2976 Angel2 - ok
05:55:28.0562 2976 apache - ok
05:55:28.0578 2976 apfiltrservice - ok
05:55:28.0687 2976 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:55:28.0765 2976 Apple Mobile Device - ok
05:55:28.0765 2976 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
05:55:28.0781 2976 AppMgmt - ok
05:55:28.0781 2976 ar5211 - ok
05:55:28.0796 2976 ARPolicy - ok
05:55:28.0812 2976 artourservice - ok
05:55:28.0828 2976 asc - ok
05:55:28.0843 2976 asc3350p - ok
05:55:28.0859 2976 asc3550 - ok
05:55:28.0875 2976 ASDR - ok
05:55:28.0890 2976 ashampoodefragservice - ok
05:55:28.0937 2976 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
05:55:28.0984 2976 aspnet_state - ok
05:55:29.0000 2976 aswupdsv - ok
05:55:29.0015 2976 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
05:55:29.0031 2976 AsyncMac - ok
05:55:29.0062 2976 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
05:55:29.0062 2976 atapi - ok
05:55:29.0078 2976 atchksrv - ok
05:55:29.0078 2976 Atdisk - ok
05:55:29.0093 2976 ati2mtag - ok
05:55:29.0093 2976 atiavaiw - ok
05:55:29.0109 2976 atimtag - ok
05:55:29.0109 2976 atixsaudio - ok
05:55:29.0125 2976 ATKFUSService - ok
05:55:29.0140 2976 atkkeyboardservice - ok
05:55:29.0156 2976 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
05:55:29.0171 2976 Atmarpc - ok
05:55:29.0203 2976 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
05:55:29.0203 2976 AudioSrv - ok
05:55:29.0218 2976 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
05:55:29.0250 2976 audstub - ok
05:55:29.0250 2976 autocomplete - ok
05:55:29.0265 2976 avcgbfl - ok
05:55:29.0281 2976 AVCSTRM - ok
05:55:29.0281 2976 avgems - ok
05:55:29.0296 2976 AVWLP_USB - ok
05:55:29.0328 2976 b57w2k (d0692f7b8217e3b82d2bfac535816117) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
05:55:29.0359 2976 b57w2k - ok
05:55:29.0359 2976 backupclientsvc - ok
05:55:29.0375 2976 backupexecjobengine - ok
05:55:29.0375 2976 backuplauncher - ok
05:55:29.0390 2976 bantext - ok
05:55:29.0390 2976 bb-run - ok
05:55:29.0468 2976 BBSvc (dbf43db0c648db9101d61041e00df5c4) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
05:55:29.0578 2976 BBSvc - ok
05:55:29.0578 2976 bcm43xx - ok
05:55:29.0593 2976 bcm4sbxp - ok
05:55:29.0625 2976 bcoreusb - ok
05:55:29.0625 2976 bcserver - ok
05:55:29.0640 2976 bc_filter - ok
05:55:29.0640 2976 bdfsfltr - ok
05:55:29.0656 2976 bdss - ok
05:55:29.0671 2976 beatjammusicstreamingserver - ok
05:55:29.0703 2976 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
05:55:29.0718 2976 Beep - ok
05:55:29.0718 2976 belgium_id_card_service - ok
05:55:29.0750 2976 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
05:55:29.0765 2976 BITS - ok
05:55:29.0765 2976 bjmcmng - ok
05:55:29.0781 2976 blueletscoaudio - ok
05:55:29.0781 2976 blueservice - ok
05:55:29.0796 2976 bmuservice - ok
05:55:29.0812 2976 BoiHwsetup - ok
05:55:29.0828 2976 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files\Bonjour\mDNSResponder.exe
05:55:29.0843 2976 Bonjour Service - ok
05:55:29.0859 2976 BRCMDECO - ok
05:55:29.0859 2976 bridge - ok
05:55:29.0890 2976 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
05:55:29.0890 2976 Browser - ok
05:55:29.0906 2976 BrScnUsb - ok
05:55:29.0937 2976 BrSerIf - ok
05:55:29.0937 2976 bt - ok
05:55:29.0953 2976 bthpan - ok
05:55:29.0968 2976 bthport - ok
05:55:29.0968 2976 btkrnl - ok
05:55:29.0984 2976 btnetfilter - ok
05:55:29.0984 2976 btnhnd - ok
05:55:30.0000 2976 btwusb - ok
05:55:30.0031 2976 caccprovsp - ok
05:55:30.0031 2976 cachemanxp - ok
05:55:30.0046 2976 cacheserver - ok
05:55:30.0046 2976 CADlink - ok
05:55:30.0062 2976 CAMCAUD - ok
05:55:30.0109 2976 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
05:55:30.0125 2976 cbidf2k - ok
05:55:30.0125 2976 ccalib8 - ok
05:55:30.0140 2976 ccevtmgr - ok
05:55:30.0140 2976 ccflic0 - ok
05:55:30.0156 2976 ccproxy - ok
05:55:30.0187 2976 ccpwdsvc - ok
05:55:30.0187 2976 cd20xrnt - ok
05:55:30.0218 2976 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
05:55:30.0250 2976 Cdaudio - ok
05:55:30.0281 2976 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
05:55:30.0281 2976 Cdfs - ok
05:55:30.0296 2976 cdralw2k - ok
05:55:30.0343 2976 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
05:55:30.0375 2976 Cdrom - ok
05:55:30.0375 2976 cerc6 - ok
05:55:30.0406 2976 cfosspeed - ok
05:55:30.0406 2976 cfosspeeds - ok
05:55:30.0421 2976 Changer - ok
05:55:30.0437 2976 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
05:55:30.0437 2976 CiSvc - ok
05:55:30.0437 2976 clcapsvc - ok
05:55:30.0468 2976 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
05:55:30.0468 2976 ClipSrv - ok
05:55:30.0484 2976 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:55:30.0562 2976 clr_optimization_v2.0.50727_32 - ok
05:55:30.0593 2976 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:55:30.0640 2976 clr_optimization_v4.0.30319_32 - ok
05:55:30.0656 2976 CmdIde - ok
05:55:30.0656 2976 cmpci - ok
05:55:30.0671 2976 cobbmservice - ok
05:55:30.0687 2976 com4qlb - ok
05:55:30.0687 2976 commserver - ok
05:55:30.0703 2976 COMSysApp - ok
05:55:30.0718 2976 coste - ok
05:55:30.0734 2976 co_mon - ok
05:55:30.0734 2976 Cpqarray - ok
05:55:30.0765 2976 cpqarry2 - ok
05:55:30.0765 2976 cpqfws2e - ok
05:55:30.0812 2976 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
05:55:30.0812 2976 CryptSvc - ok
05:55:30.0828 2976 ctac32k - ok
05:55:30.0828 2976 CTAUDFX.DLL - ok
05:55:30.0843 2976 CTEDSPIO.DLL - ok
05:55:30.0843 2976 CTERFXFX.DLL - ok
05:55:30.0859 2976 CTSBLFX.DLL - ok
05:55:30.0859 2976 CTSYN - ok
05:55:30.0875 2976 cusrvc - ok
05:55:30.0875 2976 cvspydr2 - ok
05:55:30.0890 2976 cwafadminmonitor - ok
05:55:30.0906 2976 cwbrxd - ok
05:55:30.0906 2976 CX88ENC - ok
05:55:30.0921 2976 CXAVXBAR - ok
05:55:30.0921 2976 cxusb - ok
05:55:30.0937 2976 dac2w2k - ok
05:55:30.0953 2976 dac960nt - ok
05:55:30.0968 2976 db2das00 - ok
05:55:30.0968 2976 DCamUSBMke - ok
05:55:30.0984 2976 DCamUSBMke2 - ok
05:55:31.0000 2976 DcCam - ok
05:55:31.0000 2976 DcFpoint - ok
05:55:31.0046 2976 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
05:55:31.0046 2976 DcomLaunch - ok
05:55:31.0046 2976 defragfs - ok
05:55:31.0062 2976 defwatch - ok
05:55:31.0078 2976 DgiVecp - ok
05:55:31.0109 2976 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
05:55:31.0109 2976 Dhcp - ok
05:55:31.0125 2976 digisptiservice - ok
05:55:31.0125 2976 dimension4 - ok
05:55:31.0140 2976 DirectUpdate - ok
05:55:31.0171 2976 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
05:55:31.0171 2976 Disk - ok
05:55:31.0171 2976 DivisCTP - ok
05:55:31.0187 2976 DivisCTS - ok
05:55:31.0187 2976 djsnetcn - ok
05:55:31.0203 2976 dkeysync - ok
05:55:31.0218 2976 dlabmfsm - ok
05:55:31.0218 2976 dlaopiom - ok
05:55:31.0234 2976 DLARTL_M - ok
05:55:31.0234 2976 dlcg_device - ok
05:55:31.0250 2976 dlcq_device - ok
05:55:31.0250 2976 dmadmin - ok
05:55:31.0312 2976 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
05:55:31.0328 2976 dmboot - ok
05:55:31.0359 2976 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
05:55:31.0359 2976 dmio - ok
05:55:31.0390 2976 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
05:55:31.0390 2976 dmload - ok
05:55:31.0390 2976 dmprimer - ok
05:55:31.0437 2976 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
05:55:31.0437 2976 dmserver - ok
05:55:31.0468 2976 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
05:55:31.0484 2976 DMusic - ok
05:55:31.0500 2976 DN2AKNET - ok
05:55:31.0515 2976 DniVad - ok
05:55:31.0562 2976 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
05:55:31.0562 2976 Dnscache - ok
05:55:31.0578 2976 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
05:55:31.0578 2976 Dot3svc - ok
05:55:31.0578 2976 dot4usb - ok
05:55:31.0593 2976 dpti2o - ok
05:55:31.0609 2976 driverhardwarev2 - ok
05:55:31.0625 2976 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
05:55:31.0640 2976 drmkaud - ok
05:55:31.0671 2976 DS1410D - ok
05:55:31.0687 2976 dtscsi - ok
05:55:31.0687 2976 dvd43llh - ok
05:55:31.0703 2976 DVDRC - ok
05:55:31.0718 2976 dxdebug - ok
05:55:31.0718 2976 e100b - ok
05:55:31.0734 2976 eamon - ok
05:55:31.0750 2976 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
05:55:31.0750 2976 EapHost - ok
05:55:31.0750 2976 earthlinksafeconnectagent - ok
05:55:31.0765 2976 eeyeevnt - ok
05:55:31.0781 2976 ehsched - ok
05:55:31.0781 2976 eimvmeaz - ok
05:55:31.0812 2976 EIO - ok
05:55:31.0828 2976 eliservice - ok
05:55:31.0828 2976 elockservice - ok
05:55:31.0843 2976 eloggersvc6 - ok
05:55:31.0843 2976 elosystemservice - ok
05:55:31.0859 2976 EMATCORE - ok
05:55:31.0875 2976 emAudio - ok
05:55:31.0875 2976 EMSCR - ok
05:55:31.0890 2976 emu10k - ok
05:55:31.0890 2976 enethusb - ok
05:55:31.0906 2976 entertainment - ok
05:55:31.0921 2976 Epfwndis - ok
05:55:31.0921 2976 Epiusb - ok
05:55:31.0937 2976 EpmShd - ok
05:55:31.0937 2976 epsonbidirectionalagent - ok
05:55:31.0953 2976 epstnt01 - ok
05:55:31.0953 2976 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
05:55:31.0953 2976 ERSvc - ok
05:55:31.0968 2976 eskerlicensecontrol - ok
05:55:31.0968 2976 eventclientmultiplexer - ok
05:55:32.0000 2976 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
05:55:32.0000 2976 Eventlog - ok
05:55:32.0031 2976 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
05:55:32.0031 2976 EventSystem - ok
05:55:32.0046 2976 ezplay - ok
05:55:32.0046 2976 FA312 - ok
05:55:32.0078 2976 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
05:55:32.0109 2976 Fastfat - ok
05:55:32.0140 2976 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
05:55:32.0140 2976 FastUserSwitchingCompatibility - ok
05:55:32.0156 2976 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
05:55:32.0171 2976 Fdc - ok
05:55:32.0171 2976 FETNDIS - ok
05:55:32.0187 2976 FETNDISB - ok
05:55:32.0187 2976 FileDisk - ok
05:55:32.0203 2976 filterservice - ok
05:55:32.0218 2976 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
05:55:32.0234 2976 Fips - ok
05:55:32.0250 2976 flashcom - ok
05:55:32.0265 2976 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
05:55:32.0281 2976 Flpydisk - ok
05:55:32.0328 2976 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
05:55:32.0343 2976 FltMgr - ok
05:55:32.0390 2976 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
05:55:32.0437 2976 FontCache3.0.0.0 - ok
05:55:32.0484 2976 FreeAgentGoNext Service (81b4a2c6c9bd17ffb6031a0a61c09764) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
05:55:32.0500 2976 FreeAgentGoNext Service - ok
05:55:32.0515 2976 freebsd - ok
05:55:32.0531 2976 freepops - ok
05:55:32.0531 2976 fsaa - ok
05:55:32.0546 2976 fshttps - ok
05:55:32.0578 2976 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
05:55:32.0593 2976 Fs_Rec - ok
05:55:32.0625 2976 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
05:55:32.0625 2976 Ftdisk - ok
05:55:32.0640 2976 gameenum - ok
05:55:32.0656 2976 gbpoll - ok
05:55:32.0687 2976 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
05:55:32.0703 2976 GEARAspiWDM - ok
05:55:32.0718 2976 genregistrar - ok
05:55:32.0718 2976 Gernuwa - ok
05:55:32.0734 2976 ghoststartservice - ok
05:55:32.0750 2976 googledesktopmanager - ok
05:55:32.0781 2976 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
05:55:33.0218 2976 GoToAssist - ok
05:55:33.0234 2976 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
05:55:33.0250 2976 Gpc - ok
05:55:33.0250 2976 GTSCSER - ok
05:55:33.0265 2976 GTWModem - ok
05:55:33.0328 2976 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
05:55:33.0328 2976 gupdate - ok
05:55:33.0328 2976 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
05:55:33.0328 2976 gupdatem - ok
05:55:33.0343 2976 HabuFltr - ok
05:55:33.0343 2976 hap16v2k - ok
05:55:33.0359 2976 hcwPVRP2 - ok
05:55:33.0359 2976 hdaudaddservice - ok
05:55:33.0406 2976 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
05:55:33.0406 2976 HDAudBus - ok
05:55:33.0421 2976 hdthermal - ok
05:55:33.0468 2976 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
05:55:33.0484 2976 helpsvc - ok
05:55:33.0484 2976 HidBth - ok
05:55:33.0500 2976 HidServ - ok
05:55:33.0515 2976 HIDSwvd - ok
05:55:33.0546 2976 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
05:55:33.0578 2976 hidusb - ok
05:55:33.0609 2976 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
05:55:33.0609 2976 hkmsvc - ok
05:55:33.0609 2976 hmonitor - ok
05:55:33.0625 2976 Hotkey - ok
05:55:33.0640 2976 hpn - ok
05:55:33.0656 2976 HpqRemHid - ok
05:55:33.0671 2976 hsvcmod - ok
05:55:33.0703 2976 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
05:55:33.0718 2976 HTTP - ok
05:55:33.0750 2976 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
05:55:33.0750 2976 HTTPFilter - ok
05:55:33.0750 2976 HWIONT - ok
05:55:33.0765 2976 hwpsgt - ok
05:55:33.0765 2976 i2omgmt - ok
05:55:33.0781 2976 i2omp - ok
05:55:33.0796 2976 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
05:55:33.0812 2976 i8042prt - ok
05:55:33.0828 2976 iaantmon - ok
05:55:33.0828 2976 iaimfp0 - ok
05:55:33.0843 2976 iaimfp4 - ok
05:55:33.0843 2976 iAimFP6 - ok
05:55:33.0859 2976 iaimtv0 - ok
05:55:34.0046 2976 ialm (b2768350bb50469aeb1afe694372b613) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
05:55:34.0140 2976 ialm - ok
05:55:34.0156 2976 iam - ok
05:55:34.0156 2976 iap - ok
05:55:34.0171 2976 ibmpmdrv - ok
05:55:34.0187 2976 ibmpmsvc - ok
05:55:34.0187 2976 IBMTPCHK - ok
05:55:34.0203 2976 IBM_LLC2 - ok
05:55:34.0203 2976 icdsptsv - ok
05:55:34.0218 2976 icm10blk - ok
05:55:34.0218 2976 icollectservice - ok
05:55:34.0234 2976 id2scaps - ok
05:55:34.0328 2976 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
05:55:34.0390 2976 idsvc - ok
05:55:34.0406 2976 ikhlayer - ok
05:55:34.0406 2976 iksysflt - ok
05:55:34.0421 2976 iksyssec - ok
05:55:34.0453 2976 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
05:55:34.0453 2976 Imapi - ok
05:55:34.0515 2976 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
05:55:34.0515 2976 ImapiService - ok
05:55:34.0546 2976 ini910u - ok
05:55:34.0578 2976 ino_flpy - ok
05:55:34.0593 2976 inspect - ok
05:55:34.0609 2976 IntelIde - ok
05:55:34.0640 2976 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
05:55:34.0671 2976 intelppm - ok
05:55:34.0671 2976 interactivelogon - ok
05:55:34.0687 2976 IntuitUpdateService - ok
05:55:34.0687 2976 iolodmv - ok
05:55:34.0718 2976 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
05:55:34.0734 2976 Ip6Fw - ok
05:55:34.0750 2976 iPassPeriodicUpdateApp - ok
05:55:34.0781 2976 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
05:55:34.0796 2976 IpFilterDriver - ok
05:55:34.0812 2976 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
05:55:34.0828 2976 IpInIp - ok
05:55:34.0843 2976 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
05:55:34.0859 2976 IpNat - ok
05:55:34.0921 2976 iPod Service (3a6d4d8abacf64292d060c9e06d2050d) C:\Program Files\iPod\bin\iPodService.exe
05:55:34.0984 2976 iPod Service - ok
05:55:35.0015 2976 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
05:55:35.0015 2976 IPSec - ok
05:55:35.0046 2976 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
05:55:35.0062 2976 IRENUM - ok
05:55:35.0078 2976 irmon - ok
05:55:35.0125 2976 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
05:55:35.0125 2976 isapnp - ok
05:55:35.0125 2976 isdrv120 - ok
05:55:35.0140 2976 isdrv122 - ok
05:55:35.0156 2976 issimon - ok
05:55:35.0156 2976 IWCA - ok
05:55:35.0171 2976 iwebmsg - ok
05:55:35.0203 2976 JavaQuickStarterService (126a16f569122ae00ad3d12ef831d651) C:\Program Files\Java\jre6\bin\jqs.exe
05:55:35.0218 2976 JavaQuickStarterService - ok
05:55:35.0234 2976 JiaoCap - ok
05:55:35.0234 2976 JiaoIO - ok
05:55:35.0250 2976 jtagserver - ok
05:55:35.0250 2976 Jukebox - ok
05:55:35.0265 2976 kavsvc - ok
05:55:35.0296 2976 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
05:55:35.0328 2976 Kbdclass - ok
05:55:35.0359 2976 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
05:55:35.0375 2976 kbdhid - ok
05:55:35.0390 2976 kbstuff - ok
05:55:35.0406 2976 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
05:55:35.0421 2976 kmixer - ok
05:55:35.0437 2976 KMW_SYS - ok
05:55:35.0437 2976 KR10N - ok
05:55:35.0468 2976 KR3NPXP - ok
05:55:35.0468 2976 kraidsvc - ok
05:55:35.0484 2976 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
05:55:35.0484 2976 KSecDD - ok
05:55:35.0500 2976 kservice - ok
05:55:35.0500 2976 l8042pr2 - ok
05:55:35.0546 2976 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
05:55:35.0546 2976 LanmanServer - ok
05:55:35.0593 2976 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
05:55:35.0593 2976 lanmanworkstation - ok
05:55:35.0625 2976 lbrtfdc - ok
05:55:35.0656 2976 lbtserv - ok
05:55:35.0671 2976 LC7981 - ok
05:55:35.0687 2976 ldlcserv - ok
05:55:35.0687 2976 lgsnd_filter - ok
05:55:35.0703 2976 license - ok
05:55:35.0718 2976 liveupdate - ok
05:55:35.0718 2976 lktimesync - ok
05:55:35.0765 2976 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
05:55:35.0765 2976 LmHosts - ok
05:55:35.0781 2976 LMS - ok
05:55:35.0781 2976 lusbaudio - ok
05:55:35.0796 2976 LUsbFilt - ok
05:55:35.0812 2976 lvpr2mon - ok
05:55:35.0828 2976 LVRS - ok
05:55:35.0843 2976 lvupdtio - ok
05:55:35.0843 2976 LVVI500A - ok
05:55:35.0859 2976 lxbu_device - ok
05:55:35.0859 2976 lxdj_device - ok
05:55:35.0953 2976 lxeaCATSCustConnectService (2349335a8033fd9834d1c401eae1c9bf) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeaserv.exe
05:55:36.0000 2976 lxeaCATSCustConnectService - ok
05:55:36.0015 2976 lxea_device - ok
05:55:36.0031 2976 lxrjd31d (c62f76344cd3a3a6314055b4929e529d) C:\WINDOWS\system32\BrSerIf.dll
05:55:36.0031 2976 lxrjd31d - ok
05:55:36.0046 2976 M2500 - ok
05:55:36.0046 2976 MA-620 - ok
05:55:36.0062 2976 mapserver6.3 - ok
05:55:36.0078 2976 MaRdPnp - ok
05:55:36.0078 2976 MASPINT - ok
05:55:36.0093 2976 McciCMService - ok
05:55:36.0093 2976 mcdetect.exe - ok
05:55:36.0109 2976 mcpromgr - ok
05:55:36.0109 2976 mcrdsvc - ok
05:55:36.0125 2976 mcredirector - ok
05:55:36.0125 2976 mcstrm - ok
05:55:36.0140 2976 mcvsrte - ok
05:55:36.0156 2976 megamonitorsrv - ok
05:55:36.0171 2976 Memctl - ok
05:55:36.0187 2976 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
05:55:36.0187 2976 Messenger - ok
05:55:36.0203 2976 mfcom - ok
05:55:36.0218 2976 mfeapfk - ok
05:55:36.0218 2976 mfesmfk - ok
05:55:36.0250 2976 mgabg - ok
05:55:36.0250 2976 mgabgexe - ok
05:55:36.0265 2976 mhn - ok
05:55:36.0265 2976 mi-raysat_3dsMax2008_32 - ok
05:55:36.0281 2976 MKEMUSB - ok
05:55:36.0296 2976 mksupdateint - ok
05:55:36.0312 2976 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
05:55:36.0328 2976 mnmdd - ok
05:55:36.0359 2976 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
05:55:36.0359 2976 mnmsrvc - ok
05:55:36.0390 2976 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
05:55:36.0406 2976 Modem - ok
05:55:36.0406 2976 modemcsa - ok
05:55:36.0421 2976 monfilt - ok
05:55:36.0453 2976 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
05:55:36.0468 2976 Mouclass - ok
05:55:36.0484 2976 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
05:55:36.0500 2976 mouhid - ok
05:55:36.0531 2976 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
05:55:36.0531 2976 MountMgr - ok
05:55:36.0531 2976 MpKsl0a223bca - ok
05:55:36.0546 2976 MpKslbc266a05 - ok
05:55:36.0546 2976 MpKslef8517a5 - ok
05:55:36.0578 2976 mps9 - ok
05:55:36.0578 2976 mqdmserd - ok
05:55:36.0609 2976 mraid35x - ok
05:55:36.0625 2976 MREMP50a64 - ok
05:55:36.0625 2976 MRESP50a64 - ok
05:55:36.0640 2976 MRV6X32P - ok
05:55:36.0656 2976 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
05:55:36.0656 2976 MRxDAV - ok
05:55:36.0718 2976 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
05:55:36.0718 2976 MRxSmb - ok
05:55:36.0734 2976 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
05:55:36.0734 2976 MSDTC - ok
05:55:36.0750 2976 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
05:55:36.0750 2976 Msfs - ok
05:55:36.0750 2976 MSFWHLPR - ok
05:55:36.0765 2976 MSIServer - ok
05:55:36.0781 2976 msi_wlan_service - ok
05:55:36.0781 2976 msk80service - ok
05:55:36.0812 2976 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
05:55:36.0828 2976 MSKSSRV - ok
05:55:36.0828 2976 msmframework - ok
05:55:36.0859 2976 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
05:55:36.0875 2976 MSPCLOCK - ok
05:55:36.0890 2976 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
05:55:36.0890 2976 MSPQM - ok
05:55:36.0937 2976 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
05:55:36.0937 2976 mssmbios - ok
05:55:36.0937 2976 mssql$microsoftsmlbiz - ok
05:55:36.0953 2976 mssqlserver - ok
05:55:36.0953 2976 mssqlserverolapservice - ok
05:55:36.0968 2976 mstdc - ok
05:55:36.0968 2976 ms_mpu401 - ok
05:55:37.0000 2976 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
05:55:37.0000 2976 Mup - ok
05:55:37.0000 2976 mwagent - ok
05:55:37.0015 2976 mwsejcap - ok
05:55:37.0015 2976 mwstick - ok
05:55:37.0046 2976 MXOFX - ok
05:55:37.0046 2976 NAL - ok
05:55:37.0093 2976 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
05:55:37.0093 2976 napagent - ok
05:55:37.0093 2976 navapel - ok
05:55:37.0109 2976 navapsvc - ok
05:55:37.0109 2976 ncupdatesvc - ok
05:55:37.0125 2976 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
05:55:37.0125 2976 NDIS - ok
05:55:37.0140 2976 ndisip - ok
05:55:37.0156 2976 Ndismeetro - ok
05:55:37.0187 2976 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
05:55:37.0218 2976 NdisTapi - ok
05:55:37.0250 2976 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
05:55:37.0281 2976 Ndisuio - ok
05:55:37.0312 2976 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
05:55:37.0328 2976 NdisWan - ok
05:55:37.0359 2976 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
05:55:37.0359 2976 NDProxy - ok
05:55:37.0375 2976 NeroMediaHomeService.4 - ok
05:55:37.0375 2976 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
05:55:37.0390 2976 NetBIOS - ok
05:55:37.0421 2976 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
05:55:37.0421 2976 NetBT - ok
05:55:37.0468 2976 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
05:55:37.0468 2976 NetDDE - ok
05:55:37.0484 2976 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
05:55:37.0484 2976 NetDDEdsdm - ok
05:55:37.0500 2976 netdevio - ok
05:55:37.0515 2976 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
05:55:37.0515 2976 Netlogon - ok
05:55:37.0546 2976 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
05:55:37.0546 2976 Netman - ok
05:55:37.0625 2976 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
05:55:37.0656 2976 NetTcpPortSharing - ok
05:55:37.0671 2976 NETw3x32 - ok
05:55:37.0687 2976 NETw4v32 - ok
05:55:37.0687 2976 netwg311 - ok
05:55:37.0703 2976 NICSer_WPC54G - ok
05:55:37.0718 2976 nimcdldu - ok
05:55:37.0718 2976 NIPALK - ok
05:55:37.0765 2976 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
05:55:37.0765 2976 Nla - ok
05:55:37.0765 2976 NMSAccessU - ok
05:55:37.0781 2976 nmwcd - ok
05:55:37.0796 2976 nocashio - ok
05:55:37.0796 2976 NOWMEMDF - ok
05:55:37.0812 2976 npapimon - ok
05:55:37.0843 2976 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\NPF.sys
05:55:37.0859 2976 NPF - ok
05:55:37.0875 2976 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
05:55:37.0875 2976 Npfs - ok
05:55:37.0875 2976 npkcmsvc - ok
05:55:37.0890 2976 npptnt2 - ok
05:55:37.0890 2976 nsm1serd - ok
05:55:37.0906 2976 NsTrcNT - ok
05:55:37.0921 2976 Nsynas32 - ok
05:55:37.0937 2976 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
05:55:37.0937 2976 Ntfs - ok
05:55:37.0968 2976 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
05:55:37.0968 2976 NtLmSsp - ok
05:55:37.0984 2976 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
05:55:38.0000 2976 NtmsSvc - ok
05:55:38.0000 2976 ntrtscan - ok
05:55:38.0015 2976 NTSIM - ok
05:55:38.0015 2976 ntsyslog - ok
05:55:38.0046 2976 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
05:55:38.0078 2976 Null - ok
05:55:38.0078 2976 nv4 - ok
05:55:38.0093 2976 nvedavt - ok
05:55:38.0093 2976 NVENET - ok
05:55:38.0109 2976 nvmd - ok
05:55:38.0125 2976 NVNET - ok
05:55:38.0140 2976 nvnforce - ok
05:55:38.0140 2976 nvport - ok
05:55:38.0156 2976 nvraid - ok
05:55:38.0171 2976 nvstor32 - ok
05:55:38.0187 2976 NVTCP - ok
05:55:38.0187 2976 NVXBAR - ok
05:55:38.0203 2976 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
05:55:38.0234 2976 NwlnkFlt - ok
05:55:38.0234 2976 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
05:55:38.0250 2976 NwlnkFwd - ok
05:55:38.0265 2976 NxNetMon - ok
05:55:38.0328 2976 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
05:55:38.0375 2976 odserv - ok
05:55:38.0375 2976 OEM02Afx - ok
05:55:38.0390 2976 olapserver - ok
05:55:38.0390 2976 omsad - ok
05:55:38.0406 2976 oracle_load_balancer_60_client-forms6i - ok
05:55:38.0453 2976 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:55:38.0484 2976 ose - ok
05:55:38.0484 2976 ovepstatusengine - ok
05:55:38.0500 2976 ovmsmaccessmanager - ok
05:55:38.0500 2976 p1131vid - ok
05:55:38.0515 2976 Packet - ok
05:55:38.0531 2976 pacsptisvr - ok
05:55:38.0531 2976 padfsvr - ok
05:55:38.0562 2976 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
05:55:38.0578 2976 Parport - ok
05:55:38.0609 2976 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
05:55:38.0609 2976 PartMgr - ok
05:55:38.0609 2976 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
05:55:38.0625 2976 ParVdm - ok
05:55:38.0640 2976 pavatscheduler - ok
05:55:38.0640 2976 pavdrv - ok
05:55:38.0656 2976 pcampr5 - ok
05:55:38.0656 2976 pcctlcom - ok
05:55:38.0687 2976 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
05:55:38.0687 2976 PCI - ok
05:55:38.0703 2976 PCIDump - ok
05:55:38.0703 2976 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
05:55:38.0703 2976 PCIIde - ok
05:55:38.0718 2976 pclepci - ok
05:55:38.0734 2976 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
05:55:38.0750 2976 Pcmcia - ok
05:55:38.0750 2976 pcouffin - ok
05:55:38.0765 2976 PDCOMP - ok
05:55:38.0765 2976 PDFRAME - ok
05:55:38.0781 2976 pdlnacom - ok
05:55:38.0796 2976 pdlncbas - ok
05:55:38.0796 2976 pdlnepkt - ok
05:55:38.0812 2976 pdlnshay - ok
05:55:38.0812 2976 PDRELI - ok
05:55:38.0828 2976 PDRFRAME - ok
05:55:38.0828 2976 perc2 - ok
05:55:38.0843 2976 perc2hib - ok
05:55:38.0859 2976 phc600 - ok
05:55:38.0875 2976 PID_PEPI - ok
05:55:38.0875 2976 pinnaclemarvinusb - ok
05:55:38.0890 2976 plsremotesvc - ok
05:55:38.0921 2976 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
05:55:38.0921 2976 PlugPlay - ok
05:55:38.0937 2976 pmem - ok
05:55:38.0937 2976 pmj151la - ok
05:55:38.0953 2976 pml - ok
05:55:38.0953 2976 pnkbstrb - ok
05:55:38.0984 2976 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
05:55:38.0984 2976 PolicyAgent - ok
05:55:38.0984 2976 ppa3 - ok
05:55:39.0015 2976 ppmoucls - ok
05:55:39.0031 2976 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
05:55:39.0031 2976 PptpMiniport - ok
05:55:39.0046 2976 prfldsvc - ok
05:55:39.0046 2976 prismxl - ok
05:55:39.0062 2976 prodrv06 - ok
05:55:39.0078 2976 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
05:55:39.0078 2976 ProtectedStorage - ok
05:55:39.0093 2976 proxyhostdriver - ok
05:55:39.0093 2976 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
05:55:39.0140 2976 PSched - ok
05:55:39.0156 2976 PSDNServ - ok
05:55:39.0156 2976 pserve - ok
05:55:39.0171 2976 pshost - ok
05:55:39.0171 2976 psimsvc - ok
05:55:39.0234 2976 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
05:55:39.0234 2976 Ptilink - ok
05:55:39.0250 2976 Ptserlp - ok
05:55:39.0265 2976 puscsrvc - ok
05:55:39.0281 2976 pwd_2K - ok
05:55:39.0281 2976 pwkntmon - ok
05:55:39.0359 2976 QBCFMonitorService (f6ea2dce39f1accb2c6c38d61fc79075) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
05:55:39.0531 2976 QBCFMonitorService - ok
05:55:39.0593 2976 QBFCService (bab30d2799754f6ea22f0b9076311793) C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
05:55:39.0640 2976 QBFCService - ok
05:55:39.0640 2976 qbposdbservices - ok
05:55:39.0656 2976 ql1080 - ok
05:55:39.0671 2976 Ql10wnt - ok
05:55:39.0671 2976 ql12160 - ok
05:55:39.0687 2976 ql1240 - ok
05:55:39.0703 2976 ql1280 - ok
05:55:39.0718 2976 ql2100 - ok
05:55:39.0734 2976 qserver - ok
05:55:39.0750 2976 RapiMgr - ok
05:55:39.0765 2976 RAPIProtocol - ok
05:55:39.0796 2976 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
05:55:39.0812 2976 RasAcd - ok
05:55:39.0859 2976 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
05:55:39.0859 2976 RasAuto - ok
05:55:39.0859 2976 rasirda - ok
05:55:39.0890 2976 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
05:55:39.0906 2976 Rasl2tp - ok
05:55:39.0937 2976 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
05:55:39.0937 2976 RasMan - ok
05:55:39.0953 2976 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
05:55:39.0968 2976 RasPppoe - ok
05:55:40.0000 2976 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
05:55:40.0000 2976 Raspti - ok
05:55:40.0031 2976 rbfilter - ok
05:55:40.0093 2976 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
05:55:40.0093 2976 Rdbss - ok
05:55:40.0109 2976 RDID1027 - ok
05:55:40.0109 2976 rdnaoflsvc - ok
05:55:40.0125 2976 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
05:55:40.0140 2976 RDPCDD - ok
05:55:40.0187 2976 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
05:55:40.0203 2976 rdpdr - ok
05:55:40.0234 2976 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
05:55:40.0250 2976 RDPWD - ok
05:55:40.0281 2976 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
05:55:40.0281 2976 RDSessMgr - ok
05:55:40.0312 2976 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
05:55:40.0375 2976 redbook - ok
05:55:40.0375 2976 regservice - ok
05:55:40.0437 2976 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
05:55:40.0437 2976 RemoteAccess - ok
05:55:40.0437 2976 remotelyanywhere - ok
05:55:40.0468 2976 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
05:55:40.0468 2976 RemoteRegistry - ok
05:55:40.0468 2976 resourcemanagermail - ok
05:55:40.0500 2976 richvideo - ok
05:55:40.0500 2976 rimsptsk - ok
05:55:40.0515 2976 rimvserport - ok
05:55:40.0531 2976 RIOUNIV - ok
05:55:40.0531 2976 rkhdrv31 - ok
05:55:40.0562 2976 rnadirmultiplexor - ok
05:55:40.0562 2976 roammgr - ok
05:55:40.0593 2976 rootmodem - ok
05:55:40.0609 2976 roxupnpserver - ok
05:55:40.0625 2976 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
05:55:40.0640 2976 RpcLocator - ok
05:55:40.0687 2976 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
05:55:40.0703 2976 RpcSs - ok
05:55:40.0703 2976 rp_fws - ok
05:55:40.0718 2976 rrrspy - ok
05:55:40.0765 2976 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
05:55:40.0765 2976 RSVP - ok
05:55:40.0781 2976 rupsmon - ok
05:55:40.0812 2976 s217obex - ok
05:55:40.0828 2976 s3savagemx - ok
05:55:40.0828 2976 s716bus - ok
05:55:40.0843 2976 s716mgmt - ok
05:55:40.0859 2976 sagefserver - ok
05:55:40.0859 2976 SaiClass - ok
05:55:40.0906 2976 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
05:55:40.0906 2976 SamSs - ok
05:55:40.0906 2976 sandradatasrv - ok
05:55:41.0156 2976 SBAMSvc (2977a3760a2780b467e92ffa6c92d426) C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
05:55:41.0281 2976 SBAMSvc - ok
05:55:41.0328 2976 sbaphd (62ba65cc0b4a4bd1eaff5fed6e2b5069) C:\WINDOWS\system32\drivers\sbaphd.sys
05:55:41.0359 2976 sbaphd - ok
05:55:41.0406 2976 sbapifs (3fff8cda4d2f29ca06f1557e85163c30) C:\WINDOWS\system32\drivers\sbapifs.sys
05:55:41.0421 2976 sbapifs - ok
05:55:41.0421 2976 sbp2port - ok
05:55:41.0468 2976 SBPIMSvc (7d7652fb094a4632b0314641de976855) C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
05:55:41.0484 2976 SBPIMSvc - ok
05:55:41.0531 2976 SBRE (c1ae5d1f53285d79a0b73a62af20734f) C:\WINDOWS\system32\drivers\SBREDrv.sys
05:55:41.0546 2976 SBRE - ok
05:55:41.0593 2976 SbTis (8bb1632b79ff24f570956ebb43a07501) C:\WINDOWS\system32\drivers\sbtis.sys
05:55:41.0625 2976 SbTis - ok
05:55:41.0625 2976 scanwscs - ok
05:55:41.0640 2976 scarddrv - ok
05:55:41.0687 2976 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
05:55:41.0687 2976 SCardSvr - ok
05:55:41.0687 2976 ScFBPNT3 - ok
05:55:41.0750 2976 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
05:55:41.0750 2976 Schedule - ok
05:55:41.0750 2976 ScsiPort - ok
05:55:41.0765 2976 SE26mdm - ok
05:55:41.0781 2976 SE26mgmt - ok
05:55:41.0796 2976 SE27mgmt - ok
05:55:41.0812 2976 se27unic - ok
05:55:41.0812 2976 SE2Bmgmt - ok
05:55:41.0828 2976 se2Bnd5 - ok
05:55:41.0843 2976 SE2Dmdfl - ok
05:55:41.0859 2976 SE2Dmdm - ok
05:55:41.0875 2976 se44bus - ok
05:55:41.0875 2976 se44mdm - ok
05:55:41.0890 2976 se45bus - ok
05:55:41.0890 2976 se58nd5 - ok
05:55:41.0968 2976 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
05:55:42.0000 2976 SeaPort - ok
05:55:42.0015 2976 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
05:55:42.0031 2976 Secdrv - ok
05:55:42.0078 2976 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
05:55:42.0078 2976 seclogon - ok
05:55:42.0125 2976 SenFiltService (b6a6b409fda9d9ebd3aadb838d3d7173) C:\WINDOWS\system32\drivers\Senfilt.sys
05:55:42.0140 2976 SenFiltService - ok
05:55:42.0171 2976 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
05:55:42.0171 2976 SENS - ok
05:55:42.0187 2976 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
05:55:42.0203 2976 serenum - ok
05:55:42.0218 2976 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
05:55:42.0234 2976 Serial - ok
05:55:42.0281 2976 sfcure01 - ok
05:55:42.0296 2976 sfdrv01 - ok
05:55:42.0296 2976 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
05:55:42.0328 2976 Sfloppy - ok
05:55:42.0328 2976 sfman - ok
05:55:42.0359 2976 sfng32 - ok
05:55:42.0359 2976 sfvfs02 - ok
05:55:42.0375 2976 SGIR - ok
05:55:42.0390 2976 sglfb - ok
05:55:42.0421 2976 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
05:55:42.0437 2976 SharedAccess - ok
05:55:42.0484 2976 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
05:55:42.0484 2976 ShellHWDetection - ok
05:55:42.0500 2976 sifilter - ok
05:55:42.0500 2976 Simbad - ok
05:55:42.0515 2976 SIODRV - ok
05:55:42.0515 2976 SiRemFil - ok
05:55:42.0546 2976 Sk99202k - ok
05:55:42.0562 2976 Slpsvdr - ok
05:55:42.0593 2976 slssvc - ok
05:55:42.0640 2976 smapint - ok
05:55:42.0656 2976 smcirda - ok
05:55:42.0671 2976 smwdm - ok
05:55:42.0671 2976 snareiis - ok
05:55:42.0687 2976 SNDO763 - ok
05:55:42.0718 2976 sndsrvc - ok
05:55:42.0718 2976 SNP2STD - ok
05:55:42.0734 2976 Sparrow - ok
05:55:42.0750 2976 spcstb - ok
05:55:42.0765 2976 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
05:55:42.0781 2976 splitter - ok
05:55:42.0828 2976 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
05:55:42.0828 2976 Spooler - ok
05:55:42.0828 2976 sprtsvc_smartagent - ok
05:55:42.0843 2976 Spsmqvsm - ok
05:55:42.0859 2976 sqlagent$soshome22 - ok
05:55:42.0859 2976 sqlserveragent - ok
05:55:42.0890 2976 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
05:55:42.0890 2976 sr - ok
05:55:42.0906 2976 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
05:55:42.0906 2976 srservice - ok
05:55:42.0921 2976 SRTSP - ok
05:55:42.0937 2976 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
05:55:42.0953 2976 Srv - ok
05:55:42.0984 2976 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
05:55:42.0984 2976 SSDPSRV - ok
05:55:43.0000 2976 sshrmd - ok
05:55:43.0015 2976 ssoftservice - ok
05:55:43.0015 2976 starwindservice - ok
05:55:43.0046 2976 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
05:55:43.0046 2976 stisvc - ok
05:55:43.0062 2976 surveyor - ok
05:55:43.0093 2976 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
05:55:43.0109 2976 swenum - ok
05:55:43.0125 2976 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
05:55:43.0125 2976 swmidi - ok
05:55:43.0140 2976 SWMX00 - ok
05:55:43.0156 2976 SWNC5E00 - ok
05:55:43.0156 2976 SwPrv - ok
05:55:43.0171 2976 SWUMX20 - ok
05:55:43.0187 2976 SWUMX51 - ok
05:55:43.0187 2976 symc810 - ok
05:55:43.0203 2976 symc8xx - ok
05:55:43.0218 2976 symfw - ok
05:55:43.0234 2976 symidsco - ok
05:55:43.0250 2976 symlcbrd - ok
05:55:43.0250 2976 symredrv - ok
05:55:43.0265 2976 sym_hi - ok
05:55:43.0265 2976 sym_u3 - ok
05:55:43.0281 2976 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
05:55:43.0328 2976 sysaudio - ok
05:55:43.0328 2976 syslogd - ok
05:55:43.0343 2976 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
05:55:43.0343 2976 SysmonLog - ok
05:55:43.0359 2976 szkg - ok
05:55:43.0375 2976 tandpl - ok
05:55:43.0390 2976 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
05:55:43.0406 2976 TapiSrv - ok
05:55:43.0406 2976 TClass2k - ok
05:55:43.0453 2976 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
05:55:43.0453 2976 Tcpip - ok
05:55:43.0515 2976 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
05:55:43.0515 2976 TDPIPE - ok
05:55:43.0531 2976 tdrpman174 - ok
05:55:43.0578 2976 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
05:55:43.0625 2976 TDTCP - ok
05:55:43.0968 2976 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
05:55:43.0984 2976 TermDD - ok
05:55:44.0062 2976 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
05:55:44.0062 2976 TermService - ok
05:55:44.0078 2976 TestHandler - ok
05:55:44.0125 2976 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
05:55:44.0125 2976 Themes - ok
05:55:44.0140 2976 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
05:55:44.0156 2976 TlntSvr - ok
05:55:44.0171 2976 tmtdi - ok
05:55:44.0187 2976 tmxpflt - ok
05:55:44.0187 2976 tnbrlds - ok
05:55:44.0203 2976 tng-dtmg - ok
05:55:44.0234 2976 toscosrv - ok
05:55:44.0250 2976 TosIde - ok
05:55:44.0265 2976 tosporte - ok
05:55:44.0265 2976 tphkdrv - ok
05:55:44.0296 2976 TPM - ok
05:55:44.0328 2976 transbaseservice - ok
05:55:44.0343 2976 traprcvr - ok
05:55:44.0343 2976 trayman - ok
05:55:44.0359 2976 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
05:55:44.0359 2976 TrkWks - ok
05:55:44.0375 2976 trufos - ok
05:55:44.0390 2976 tvtpktfilter - ok
05:55:44.0390 2976 twotrack - ok
05:55:44.0406 2976 UCTblHid - ok
05:55:44.0421 2976 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
05:55:44.0453 2976 Udfs - ok
05:55:44.0468 2976 uleadburninghelper - ok
05:55:44.0484 2976 ultra - ok
05:55:44.0484 2976 UMPass - ok
05:55:44.0500 2976 UNDPX2A - ok
05:55:44.0515 2976 unlockerdriver5 - ok
05:55:44.0546 2976 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
05:55:44.0562 2976 Update - ok
05:55:44.0640 2976 Updater Service for StartNow Toolbar (7ccf424450af71461ca5aca14fb45b72) C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
05:55:44.0921 2976 Updater Service for StartNow Toolbar - ok
05:55:44.0953 2976 uploadmgr - ok
05:55:45.0031 2976 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
05:55:45.0031 2976 upnphost - ok
05:55:45.0062 2976 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
05:55:45.0062 2976 UPS - ok
05:55:45.0078 2976 upsmonservice - ok
05:55:45.0078 2976 us30sys - ok
05:55:45.0093 2976 Usb20Scan - ok
05:55:45.0140 2976 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
05:55:45.0156 2976 USBAAPL - ok
05:55:45.0156 2976 USBCamera - ok
05:55:45.0203 2976 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
05:55:45.0218 2976 usbccgp - ok
05:55:45.0250 2976 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
05:55:45.0250 2976 usbehci - ok
05:55:45.0296 2976 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
05:55:45.0312 2976 usbhub - ok
05:55:45.0328 2976 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
05:55:45.0343 2976 usbprint - ok
05:55:45.0375 2976 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
05:55:45.0390 2976 usbscan - ok
05:55:45.0390 2976 usbser - ok
05:55:45.0421 2976 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
05:55:45.0437 2976 USBSTOR - ok
05:55:45.0468 2976 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
05:55:45.0500 2976 usbuhci - ok
05:55:45.0500 2976 USRpdA - ok
05:55:45.0515 2976 v124 - ok
05:55:45.0515 2976 vaiomediaplatform-integratedserver-appserver - ok
05:55:45.0531 2976 vaiomediaplatform-integratedserver-http - ok
05:55:45.0531 2976 vaiomediaplatform-integratedserver-upnp - ok
05:55:45.0546 2976 vaiomediaplatform-photoserver-appserver - ok
05:55:45.0562 2976 vci - ok
05:55:45.0562 2976 VCIDRV - ok
05:55:45.0578 2976 vclone - ok
05:55:45.0593 2976 venturi2 - ok
05:55:45.0625 2976 vga - ok
05:55:45.0656 2976 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
05:55:45.0671 2976 VgaSave - ok
05:55:45.0687 2976 ViaIde - ok
05:55:45.0687 2976 vmauthdservice - ok
05:55:45.0703 2976 vmnetdhcp - ok
05:55:45.0703 2976 vmount2 - ok
05:55:45.0718 2976 vmparport - ok
05:55:45.0734 2976 vncmirror - ok
05:55:45.0750 2976 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
05:55:45.0750 2976 VolSnap - ok
05:55:45.0765 2976 vsdatant - ok
05:55:45.0765 2976 vserial - ok
05:55:45.0796 2976 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
05:55:45.0796 2976 VSS - ok
05:55:45.0812 2976 vsserv - ok
05:55:45.0828 2976 vstor2 - ok
05:55:45.0828 2976 vvoice - ok
05:55:45.0843 2976 VX1000 - ok
05:55:45.0843 2976 vxd - ok
05:55:45.0859 2976 w200mdm - ok
05:55:45.0875 2976 w29n51 - ok
05:55:45.0875 2976 W2acehid - ok
05:55:45.0921 2976 w300mdfl (e634abb8346e8c70c7c90c9311993819) C:\WINDOWS\system32\ati.dll
05:55:45.0921 2976 w300mdfl - ok
05:55:45.0937 2976 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
05:55:45.0937 2976 W32Time - ok
05:55:45.0937 2976 w39n51 - ok
05:55:45.0953 2976 w800mdm - ok
05:55:45.0968 2976 W8100PCI - ok
05:55:45.0968 2976 w810mdfl - ok
05:55:45.0984 2976 w810mgmt - ok
05:55:46.0000 2976 WacomVKHid - ok
05:55:46.0000 2976 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
05:55:46.0015 2976 Wanarp - ok
05:55:46.0031 2976 wandrv - ok
05:55:46.0031 2976 wap3gx - ok
05:55:46.0046 2976 WDICA - ok
05:55:46.0078 2976 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
05:55:46.0093 2976 wdmaud - ok
05:55:46.0093 2976 WD_FireWire_HID - ok
05:55:46.0125 2976 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
05:55:46.0125 2976 WebClient - ok
05:55:46.0140 2976 websenseclientdeployservice - ok
05:55:46.0140 2976 websensecommunicationagent - ok
05:55:46.0156 2976 websensecpmcommunicationagent - ok
05:55:46.0171 2976 wfxsvc - ok
05:55:46.0187 2976 wg6n - ok
05:55:46.0187 2976 WimFltr - ok
05:55:46.0203 2976 win32sl - ok
05:55:46.0218 2976 WinFl32 - ok
05:55:46.0234 2976 WINFLASH - ok
05:55:46.0250 2976 WINIO - ok
05:55:46.0281 2976 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
05:55:46.0281 2976 winmgmt - ok
05:55:46.0281 2976 winpowermanager - ok
05:55:46.0296 2976 winpowerrmi - ok
05:55:46.0312 2976 WINUSB - ok
05:55:46.0328 2976 wlancig - ok
05:55:46.0406 2976 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
05:55:46.0500 2976 wlidsvc - ok
05:55:46.0515 2976 wlluc48 - ok
05:55:46.0531 2976 WmBEnum - ok
05:55:46.0578 2976 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
05:55:46.0578 2976 WmdmPmSN - ok
05:55:46.0625 2976 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
05:55:46.0640 2976 Wmi - ok
05:55:46.0640 2976 WmiAcpi - ok
05:55:46.0671 2976 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
05:55:46.0687 2976 WmiApSrv - ok
05:55:46.0937 2976 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
05:55:47.0000 2976 WMPNetworkSvc - ok
05:55:47.0015 2976 WmUsbHid - ok
05:55:47.0015 2976 WmVirHid - ok
05:55:47.0046 2976 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
05:55:47.0062 2976 WpdUsb - ok
05:55:47.0156 2976 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
05:55:47.0203 2976 WPFFontCache_v0400 - ok
05:55:47.0218 2976 wps - ok
05:55:47.0234 2976 WSearch - ok
05:55:47.0265 2976 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
05:55:47.0281 2976 wuauserv - ok
05:55:47.0296 2976 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
05:55:47.0296 2976 WudfPf - ok
05:55:47.0343 2976 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
05:55:47.0359 2976 WudfRd - ok
05:55:47.0375 2976 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
05:55:47.0375 2976 WudfSvc - ok
05:55:47.0390 2976 WUSB54GCSVC - ok
05:55:47.0421 2976 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
05:55:47.0437 2976 WZCSVC - ok
05:55:47.0437 2976 XDva004 - ok
05:55:47.0453 2976 XFX_program - ok
05:55:47.0500 2976 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
05:55:47.0500 2976 xmlprov - ok
05:55:47.0515 2976 xpadminserver - ok
05:55:47.0515 2976 Xponaut_WBD - ok
05:55:47.0531 2976 XUIF - ok
05:55:47.0546 2976 xusb21 - ok
05:55:47.0625 2976 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
05:55:47.0671 2976 YahooAUService - ok
05:55:47.0687 2976 ypcservice - ok
05:55:47.0703 2976 z525mgmt - ok
05:55:47.0703 2976 z800mdm - ok
05:55:47.0718 2976 zd1211u(zydas) - ok
05:55:47.0734 2976 zebrceb - ok
05:55:47.0734 2976 zebrmdmc - ok
05:55:47.0750 2976 zpcollector - ok
05:55:47.0765 2976 ZSMC211 - ok
05:55:47.0765 2976 ZSMC303 - ok
05:55:47.0781 2976 ZTEusbnmea - ok
05:55:47.0796 2976 {d31a0762-0ceb-444e-acff-b049a1f6fe91} - ok
05:55:47.0812 2976 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
05:55:48.0015 2976 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
05:55:48.0015 2976 \Device\Harddisk0\DR0 - detected TDSS File System (1)
05:55:48.0062 2976 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR6
05:55:48.0312 2976 \Device\Harddisk2\DR6 - ok
05:55:48.0328 2976 Boot (0x1200) (f9001ef1cfaa56d7f3bc756f830f2081) \Device\Harddisk0\DR0\Partition0
05:55:48.0328 2976 \Device\Harddisk0\DR0\Partition0 - ok
05:55:48.0328 2976 Boot (0x1200) (be56044c1b27b18b111740a04d1796b0) \Device\Harddisk2\DR6\Partition0
05:55:48.0343 2976 \Device\Harddisk2\DR6\Partition0 - ok
05:55:48.0343 2976 ============================================================
05:55:48.0343 2976 Scan finished
05:55:48.0343 2976 ============================================================
05:55:48.0343 4304 Detected object count: 1
05:55:48.0343 4304 Actual detected object count: 1
05:56:49.0734 4304 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
05:56:49.0734 4304 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

I then installed erunt and backed up my registry. There was no option to download both the registry file, but when I doubleclicked on the NTREGOPT icon, I optimized 11 hives and completed the NT Registry Optimizer.


I downloaded the filedropper to a flash drive successfully and then tried to install it on the affected computer, but it would not download because I cannot connect to the internet. What now? Thanks so much for your help!

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:52 AM

Posted 20 April 2012 - 07:01 AM

I downloaded the filedropper to a flash drive successfully and then tried to install it on the affected computer, but it would not download because I cannot connect to the internet. What now? Thanks so much for your help!

Download the afd.reg from filedropper link,copy the reg file to the USB,transfer it to your PC.Launch it,click YES to import it to registry

Restart the PC and post the new FSS log

good luck

#9 pleasehelpme62

pleasehelpme62
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 20 April 2012 - 07:25 PM

Amazing! It works! Here's the FSS Log:

Farbar Service Scanner Version: 16-04-2012
Ran by Mom (administrator) on 20-04-2012 at 19:21:27
Running from "F:\"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: Attention! Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) SbTis(9) Tcpip(4)
0x09000000080000000500000001000000020000000300000004000000090000000700000006000000


**** End of log ****

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:52 AM

Posted 20 April 2012 - 08:14 PM

:thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users