Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

From: S.M.A.R.T., Happilli, Fake Alert!grb, Zero Access


  • This topic is locked This topic is locked
23 replies to this topic

#1 Annie12

Annie12

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:09 PM

Posted 01 May 2012 - 03:15 PM

As you can see I am in a bit of sorts regarding what I have on my Windows XP Home Edition 2002 version. I run IE.

I have run MBAM, SuperAntiSpy and McAfee, all of which found something and repaired it. I have redirects with computer shutdown when I search online and all of my files and shortcuts are still hidden. I ran Wisefixer but did not do a repair because it wants to repair 50 temp files that I think might be my missing files. I am not sure what direction I should go at this point.

When I am redirected online I get many different ad sites including the Happili one. Please let me know if I should just start from the beginning again and which one to start with. I am posting on a working and non infected computer.

Thanks in advance for any help you can provide me.

I also wanted to mention I ran Unhide, which resulted in my desktop coming back in regular mode but without any actual shortcuts. I don't see my full desktop when I am in Safe Mode.

Edited by Annie12, 01 May 2012 - 04:09 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:09 PM

Posted 01 May 2012 - 04:09 PM

Hello and welcome. I moved this from XP to Am I Infected.

Lets see how it is after these.

Please download the following program to your desktop:

Unhide.exe


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.


>>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.

Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.


>>>>
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal/regular mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, [color="#8B0000"]Post new scan log
and Reboot into normal mode.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Annie12

Annie12
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:09 PM

Posted 01 May 2012 - 04:51 PM

Thanks for the fast response, I downloaded Unhide and saved to my desktop, I then ran and saved Minitoobox to my desktop and ran it. I had a resulttxt report and then I think I screwed up, I read further and the directions said to restart in Safe Mode. I was already in Safe Mode so I deleted that report and restarted my computer in regular mode. I then resaved Unhide to my desktop and also Minitoolbox.

I ran MTB and here is the result, I think I messed this up bad because this report is only called result, not resulttxt. I don't want to restart my computer in safe mode until you say to do so.

MiniToolBox by Farbar Version: 18-01-2012
Ran by Connie's (administrator) on 01-05-2012 at 16:40:41
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================




========================= IP Configuration: ================================

Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
Intel® PRO/Wireless 2200BG Network Connection = Wireless Network Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:09 PM

Posted 01 May 2012 - 06:37 PM

Ok, it did not eun well,not sure why yet..

DO NOT run a Temp file or Registry cleaner.

Are your things UN hidden?

Do the safe mode steps then after posting reboot to NOrmal run MINI and reset the Hosts file.

Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the prompts in the Fix it wizard.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Annie12

Annie12
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:09 PM

Posted 01 May 2012 - 07:28 PM

EDIT DEleted Dupe~~~ boop

DO NOT run a Temp file or Registry cleaner.

I won't do this step.

Are your things UN hidden?

I can see my desktop and click on my shortcuts but the entire MS Office Professional 2003 product file is empty as well as all files under Start/All Programs.


Do the safe mode steps then after posting reboot to NOrmal run MINI and reset the Hosts file.

O.K. I will do this now.


OK, went into safe mode and cannot Exit McAfee. There isn't a way to open it at all on the system tray, the tray is not there.

I looked at the working computer and McAfee under the Security Tab in properties is listed in SYSTEM.

On my computer(the infected one) and clicking on McAfee from the desktop I can see that McAfee is listed under an

"Account Unknown (S-1-5-32-547)"

I wanted to add, it looks like McAfee is disabled and when I try to turn it on it will show enabled for about 2 seconds and then says it's disabled.

Should I remove that one "Account Unknown", and add it to SYSTEM in mine? So still not doing the complete safe mode scheduled instructions, waiting on your response, thank you again.

MBAM also appears to be in the same "Account Unknown"

Edited by boopme, 01 May 2012 - 07:52 PM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:09 PM

Posted 01 May 2012 - 08:29 PM

I think we have a more serious malware. Do not remove anything now as it may be spread to system files.. Better we get a deeper look.
Run this and see if the START issue is fived


This will restore the default start menu that came with Windows
Windows Vista 32-bit US English
http://download.bleepingcomputer.com/grinler/fakehdd/vista-32-sm-reset.exe



NEXT:
Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Include this link back to here..
http://www.bleepingcomputer.com/forums/topic452146.html

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Annie12

Annie12
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:09 PM

Posted 01 May 2012 - 09:00 PM

This will restore the default start menu that came with Windows

Windows Vista 32-bit US English
http://download.bleepingcomputer.com/grinler/fakehdd/vista-32-sm-reset.exe


o.k. Well, I did the restore for the windows vista link but just realized I am XP not Vista, will this cause a problem for me? I have not restarted the computer yet.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:09 PM

Posted 01 May 2012 - 09:32 PM

Windows XP Pro 32-bit US English -
http://download.bleepingcomputer.com/grinler/fakehdd/winxp-pro-32bit-sm-reset.exe
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Annie12

Annie12
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:09 PM

Posted 01 May 2012 - 11:38 PM

Windows XP Pro 32-bit US English -
http://download.bleepingcomputer.com/grinler/fakehdd/winxp-pro-32bit-sm-reset.exe

I did this step

NEXT:
Please go here....Preparation Guide ,do steps 6-9.

step 6 done

step 7 DDS log-My computer keeps freezing up on this step and I have to turn it off and restart it to get back into the game. DDS has been doing it's test for more than 15 minutes again and it doesn't seem like it will finish. I am going to let it do it's thing and post it later and hope that it doesn't freeze up again. I am in no huge hurry and I am very thankful for the help.


Edited this post to update progress; I cannot get the DDS to complete and the computer continues to freeze up resulting in my inability to close the DDS Screen or to click on the start button to restart. I have to turn off the computer manually and restart it.

Another Edit; While waiting for the DDS to complete the screen went completely black, the computer was still on and I could not get the screen to come back on. I restarted the computer again by pressing the on/off button again. The screen is back up with the desktop showing all icons. I ran Rkill again, in safe mode.

Edited by Annie12, 02 May 2012 - 05:30 AM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:09 PM

Posted 02 May 2012 - 09:58 AM

Follow RKill with

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, [color="#8B0000"]Post new scan log
and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Annie12

Annie12
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:09 PM

Posted 02 May 2012 - 04:28 PM

TDSS Killer needed reboot


I actually ran it twice because the first time I skipped the removal of the infection due to my confusion on terminolgy of malware and suspicious items. Once I got my wherewithall on that I reran the scan and the report will show this, I am sure learning alot with this problem. There was success in the removal of the Malware.

15:25:33.0764 1388 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
15:25:34.0986 1388 ============================================================
15:25:34.0986 1388 Current date / time: 2012/05/02 15:25:34.0986
15:25:34.0986 1388 SystemInfo:
15:25:34.0986 1388
15:25:34.0986 1388 OS Version: 5.1.2600 ServicePack: 3.0
15:25:34.0986 1388 Product type: Workstation
15:25:34.0986 1388 ComputerName: CONNIE
15:25:34.0986 1388 UserName: Administrator
15:25:34.0986 1388 Windows directory: C:\WINDOWS
15:25:34.0986 1388 System windows directory: C:\WINDOWS
15:25:34.0986 1388 Processor architecture: Intel x86
15:25:34.0986 1388 Number of processors: 1
15:25:34.0986 1388 Page size: 0x1000
15:25:34.0986 1388 Boot type: Safe boot with network
15:25:34.0986 1388 ============================================================
15:25:36.0919 1388 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:25:37.0019 1388 ============================================================
15:25:37.0019 1388 \Device\Harddisk0\DR0:
15:25:37.0029 1388 MBR partitions:
15:25:37.0029 1388 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
15:25:37.0029 1388 ============================================================
15:25:37.0119 1388 C: <-> \Device\Harddisk0\DR0\Partition0
15:25:37.0129 1388 ============================================================
15:25:37.0129 1388 Initialize success
15:25:37.0129 1388 ============================================================
15:25:39.0603 1400 ============================================================
15:25:39.0603 1400 Scan started
15:25:39.0603 1400 Mode: Manual;
15:25:39.0603 1400 ============================================================
15:25:40.0814 1400 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
15:25:40.0824 1400 !SASCORE - ok
15:25:41.0075 1400 Abiosdsk - ok
15:25:41.0095 1400 abp480n5 - ok
15:25:41.0145 1400 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:25:41.0145 1400 ACPI - ok
15:25:41.0165 1400 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
15:25:41.0165 1400 ACPIEC - ok
15:25:41.0175 1400 adpu160m - ok
15:25:41.0215 1400 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:25:41.0215 1400 aec - ok
15:25:41.0265 1400 AegisP (2c5c22990156a1063e19ad162191dc1d) C:\WINDOWS\system32\DRIVERS\AegisP.sys
15:25:41.0295 1400 AegisP - ok
15:25:41.0335 1400 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:25:41.0345 1400 AFD - ok
15:25:41.0415 1400 AgereSoftModem (b3192376c7a3814b5341efc2202022f8) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
15:25:41.0445 1400 AgereSoftModem - ok
15:25:41.0465 1400 Aha154x - ok
15:25:41.0475 1400 aic78u2 - ok
15:25:41.0495 1400 aic78xx - ok
15:25:41.0556 1400 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
15:25:41.0586 1400 Alerter - ok
15:25:41.0636 1400 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
15:25:41.0636 1400 ALG - ok
15:25:41.0656 1400 AliIde - ok
15:25:41.0666 1400 amsint - ok
15:25:41.0696 1400 apache2 - ok
15:25:41.0706 1400 AppMgmt - ok
15:25:41.0736 1400 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:25:41.0736 1400 Arp1394 - ok
15:25:41.0746 1400 asc - ok
15:25:41.0746 1400 asc3350p - ok
15:25:41.0756 1400 asc3550 - ok
15:25:41.0786 1400 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
15:25:41.0786 1400 ASCTRM - ok
15:25:41.0956 1400 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:25:42.0016 1400 aspnet_state - ok
15:25:42.0086 1400 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:25:42.0086 1400 AsyncMac - ok
15:25:42.0156 1400 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:25:42.0156 1400 atapi - ok
15:25:42.0176 1400 Atdisk - ok
15:25:42.0216 1400 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:25:42.0226 1400 Atmarpc - ok
15:25:42.0277 1400 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
15:25:42.0307 1400 AudioSrv - ok
15:25:42.0347 1400 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:25:42.0377 1400 audstub - ok
15:25:42.0387 1400 avgtdi - ok
15:25:42.0427 1400 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:25:42.0427 1400 Beep - ok
15:25:42.0497 1400 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
15:25:42.0637 1400 BITS - ok
15:25:42.0667 1400 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
15:25:42.0667 1400 Browser - ok
15:25:42.0787 1400 BrYNSvc (ea7e57f87d6fee5fd6c5f813c04e8cd2) C:\Program Files\Browny02\BrYNSvc.exe
15:25:42.0797 1400 BrYNSvc - ok
15:25:42.0827 1400 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:25:42.0837 1400 cbidf2k - ok
15:25:42.0837 1400 cd20xrnt - ok
15:25:42.0867 1400 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:25:42.0867 1400 Cdaudio - ok
15:25:42.0917 1400 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:25:42.0917 1400 Cdfs - ok
15:25:42.0948 1400 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:25:42.0948 1400 Cdrom - ok
15:25:43.0048 1400 CFSvcs (3cb0cc8879956c187e87e18634ee5164) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
15:25:43.0078 1400 CFSvcs - ok
15:25:43.0118 1400 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\WINDOWS\system32\drivers\cfwids.sys
15:25:43.0128 1400 cfwids - ok
15:25:43.0138 1400 Changer - ok
15:25:43.0158 1400 cics.region1 - ok
15:25:43.0218 1400 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
15:25:43.0218 1400 CiSvc - ok
15:25:43.0248 1400 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
15:25:43.0248 1400 ClipSrv - ok
15:25:43.0398 1400 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:25:43.0448 1400 clr_optimization_v2.0.50727_32 - ok
15:25:43.0488 1400 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:25:43.0488 1400 CmBatt - ok
15:25:43.0508 1400 CmdIde - ok
15:25:43.0528 1400 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:25:43.0528 1400 Compbatt - ok
15:25:43.0548 1400 COMSysApp - ok
15:25:43.0578 1400 Cpqarray - ok
15:25:43.0588 1400 cpuidlep - ok
15:25:43.0638 1400 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
15:25:43.0638 1400 CryptSvc - ok
15:25:43.0649 1400 dac2w2k - ok
15:25:43.0669 1400 dac960nt - ok
15:25:43.0719 1400 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
15:25:43.0739 1400 DcomLaunch - ok
15:25:43.0799 1400 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
15:25:43.0799 1400 Dhcp - ok
15:25:43.0819 1400 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:25:43.0819 1400 Disk - ok
15:25:43.0829 1400 dmadmin - ok
15:25:43.0899 1400 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
15:25:43.0919 1400 dmboot - ok
15:25:43.0959 1400 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
15:25:43.0959 1400 dmio - ok
15:25:43.0999 1400 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:25:44.0009 1400 dmload - ok
15:25:44.0049 1400 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
15:25:44.0049 1400 dmserver - ok
15:25:44.0089 1400 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:25:44.0099 1400 DMusic - ok
15:25:44.0159 1400 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
15:25:44.0159 1400 Dnscache - ok
15:25:44.0229 1400 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
15:25:44.0239 1400 Dot3svc - ok
15:25:44.0259 1400 dpti2o - ok
15:25:44.0309 1400 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:25:44.0319 1400 drmkaud - ok
15:25:44.0400 1400 DVD-RAM_Service (c9ffbd6b8edc46cd3d13e3c6db914fb7) C:\WINDOWS\system32\DVDRAMSV.exe
15:25:44.0460 1400 DVD-RAM_Service - ok
15:25:44.0510 1400 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
15:25:44.0510 1400 EapHost - ok
15:25:44.0540 1400 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
15:25:44.0550 1400 ERSvc - ok
15:25:44.0600 1400 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
15:25:44.0620 1400 Eventlog - ok
15:25:44.0710 1400 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
15:25:44.0720 1400 EventSystem - ok
15:25:44.0840 1400 EvtEng (aa1d9c4a2f997fea8a4fb0929212eda2) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
15:25:44.0840 1400 EvtEng - ok
15:25:44.0900 1400 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:25:44.0900 1400 Fastfat - ok
15:25:44.0930 1400 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:25:44.0950 1400 FastUserSwitchingCompatibility - ok
15:25:45.0010 1400 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
15:25:45.0081 1400 Fax - ok
15:25:45.0121 1400 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
15:25:45.0121 1400 Fdc - ok
15:25:45.0151 1400 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
15:25:45.0151 1400 Fips - ok
15:25:45.0171 1400 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:25:45.0171 1400 Flpydisk - ok
15:25:45.0241 1400 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:25:45.0241 1400 FltMgr - ok
15:25:45.0391 1400 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:25:45.0401 1400 FontCache3.0.0.0 - ok
15:25:45.0431 1400 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:25:45.0431 1400 Fs_Rec - ok
15:25:45.0471 1400 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:25:45.0471 1400 Ftdisk - ok
15:25:45.0511 1400 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:25:45.0511 1400 Gpc - ok
15:25:45.0541 1400 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:25:45.0541 1400 HDAudBus - ok
15:25:45.0611 1400 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:25:45.0611 1400 helpsvc - ok
15:25:45.0621 1400 HidServ - ok
15:25:45.0681 1400 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:25:45.0681 1400 HidUsb - ok
15:25:45.0732 1400 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
15:25:45.0732 1400 hkmsvc - ok
15:25:45.0752 1400 HPFXBULK - ok
15:25:45.0762 1400 hpn - ok
15:25:45.0812 1400 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:25:45.0822 1400 HTTP - ok
15:25:45.0882 1400 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
15:25:45.0922 1400 HTTPFilter - ok
15:25:45.0942 1400 i2omgmt - ok
15:25:45.0952 1400 i2omp - ok
15:25:45.0982 1400 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:25:45.0982 1400 i8042prt - ok
15:25:46.0092 1400 ialm (4007984827e19e6a5b6faf8532eaefba) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
15:25:46.0132 1400 ialm - ok
15:25:46.0272 1400 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:25:46.0312 1400 idsvc - ok
15:25:46.0473 1400 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:25:46.0473 1400 Imapi - ok
15:25:46.0543 1400 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
15:25:46.0563 1400 ImapiService - ok
15:25:46.0593 1400 ini910u - ok
15:25:46.0823 1400 IntcAzAudAddService (1a5b97b5bffde5742f4209f734c4faf0) C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:25:46.0953 1400 IntcAzAudAddService - ok
15:25:47.0154 1400 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
15:25:47.0154 1400 IntelIde - ok
15:25:47.0184 1400 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:25:47.0184 1400 intelppm - ok
15:25:47.0214 1400 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:25:47.0214 1400 Ip6Fw - ok
15:25:47.0244 1400 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:25:47.0244 1400 IpFilterDriver - ok
15:25:47.0254 1400 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:25:47.0264 1400 IpInIp - ok
15:25:47.0314 1400 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:25:47.0324 1400 IpNat - ok
15:25:47.0344 1400 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:25:47.0344 1400 IPSec - ok
15:25:47.0384 1400 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:25:47.0394 1400 IRENUM - ok
15:25:47.0424 1400 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:25:47.0424 1400 isapnp - ok
15:25:47.0444 1400 Iviaspi (f59c3569a2f2c464bb78cb1bdcdca55e) C:\WINDOWS\system32\drivers\iviaspi.sys
15:25:47.0444 1400 Iviaspi - ok
15:25:47.0504 1400 IWCA (872d090ca5c306f62d1982bce6302376) C:\WINDOWS\system32\DRIVERS\iwca.sys
15:25:47.0504 1400 IWCA - ok
15:25:47.0614 1400 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
15:25:47.0644 1400 JavaQuickStarterService - ok
15:25:47.0694 1400 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:25:47.0704 1400 Kbdclass - ok
15:25:47.0764 1400 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:25:47.0774 1400 kmixer - ok
15:25:47.0804 1400 KR10N (00c1ea8decf810b8eccb5c5a8186a96e) C:\WINDOWS\system32\drivers\KR10N.sys
15:25:47.0825 1400 KR10N - ok
15:25:47.0845 1400 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:25:47.0855 1400 KSecDD - ok
15:25:47.0915 1400 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
15:25:47.0925 1400 lanmanserver - ok
15:25:47.0995 1400 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
15:25:48.0035 1400 lanmanworkstation - ok
15:25:48.0055 1400 lbrtfdc - ok
15:25:48.0135 1400 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
15:25:48.0135 1400 LmHosts - ok
15:25:48.0175 1400 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
15:25:48.0175 1400 MBAMProtector - ok
15:25:48.0285 1400 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:25:48.0335 1400 MBAMService - ok
15:25:48.0465 1400 McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:25:48.0465 1400 McAfee SiteAdvisor Service - ok
15:25:48.0485 1400 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:25:48.0485 1400 McMPFSvc - ok
15:25:48.0495 1400 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:25:48.0495 1400 mcmscsvc - ok
15:25:48.0516 1400 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:25:48.0516 1400 McNaiAnn - ok
15:25:48.0536 1400 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:25:48.0536 1400 McNASvc - ok
15:25:48.0596 1400 McODS (e8c5aae17e8332f5f4f57935238cd5eb) C:\Program Files\McAfee\VirusScan\mcods.exe
15:25:48.0606 1400 McODS - ok
15:25:48.0616 1400 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:25:48.0616 1400 McProxy - ok
15:25:48.0666 1400 McShield (151f3ca25b739b9cb0066abd1523f064) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
15:25:48.0676 1400 McShield - ok
15:25:48.0746 1400 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
15:25:48.0806 1400 MDM - ok
15:25:49.0036 1400 meiudf (7efac183a25b30fb5d64cc9d484b1eb6) C:\WINDOWS\system32\Drivers\meiudf.sys
15:25:49.0036 1400 meiudf - ok
15:25:49.0076 1400 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
15:25:49.0086 1400 Messenger - ok
15:25:49.0146 1400 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\WINDOWS\system32\drivers\mfeapfk.sys
15:25:49.0146 1400 mfeapfk - ok
15:25:49.0227 1400 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\WINDOWS\system32\drivers\mfeavfk.sys
15:25:49.0257 1400 mfeavfk - ok
15:25:49.0317 1400 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\WINDOWS\system32\drivers\mfebopk.sys
15:25:49.0317 1400 mfebopk - ok
15:25:49.0377 1400 mfefire (26ba2eebcff16f611ce1118fa0850810) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
15:25:49.0377 1400 mfefire - ok
15:25:49.0437 1400 mfefirek (215666a8a85023ef019b510cbb67f678) C:\WINDOWS\system32\drivers\mfefirek.sys
15:25:49.0437 1400 mfefirek - ok
15:25:49.0537 1400 mfehidk (37800fbb68d88e3c3e49bb9c97233e87) C:\WINDOWS\system32\drivers\mfehidk.sys
15:25:49.0557 1400 mfehidk - ok
15:25:49.0617 1400 mfendisk (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
15:25:49.0627 1400 mfendisk - ok
15:25:49.0637 1400 mfendiskmp (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
15:25:49.0637 1400 mfendiskmp - ok
15:25:49.0677 1400 mferkdet (47c91e229b129047f0138011ddf9f92f) C:\WINDOWS\system32\drivers\mferkdet.sys
15:25:49.0687 1400 mferkdet - ok
15:25:49.0727 1400 mfetdi2k (922e64ca38e38106498fb3435a8e399d) C:\WINDOWS\system32\drivers\mfetdi2k.sys
15:25:49.0727 1400 mfetdi2k - ok
15:25:49.0757 1400 mfevtp (9f09caa8dc12fc1626f82a5c212f6f9c) C:\WINDOWS\system32\mfevtps.exe
15:25:49.0757 1400 mfevtp - ok
15:25:49.0817 1400 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:25:49.0817 1400 mnmdd - ok
15:25:49.0887 1400 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
15:25:49.0887 1400 mnmsrvc - ok
15:25:49.0928 1400 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
15:25:49.0938 1400 Modem - ok
15:25:49.0958 1400 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:25:49.0958 1400 Mouclass - ok
15:25:49.0978 1400 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:25:49.0978 1400 mouhid - ok
15:25:49.0998 1400 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:25:49.0998 1400 MountMgr - ok
15:25:50.0008 1400 mraid35x - ok
15:25:50.0038 1400 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:25:50.0048 1400 MRxDAV - ok
15:25:50.0118 1400 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:25:50.0128 1400 MRxSmb - ok
15:25:50.0148 1400 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
15:25:50.0148 1400 MSDTC - ok
15:25:50.0208 1400 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:25:50.0208 1400 Msfs - ok
15:25:50.0218 1400 MSIServer - ok
15:25:50.0258 1400 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:25:50.0258 1400 MSKSSRV - ok
15:25:50.0308 1400 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:25:50.0318 1400 MSPCLOCK - ok
15:25:50.0338 1400 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:25:50.0338 1400 MSPQM - ok
15:25:50.0378 1400 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:25:50.0378 1400 mssmbios - ok
15:25:50.0448 1400 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:25:50.0468 1400 Mup - ok
15:25:50.0538 1400 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
15:25:50.0558 1400 napagent - ok
15:25:50.0599 1400 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:25:50.0609 1400 NDIS - ok
15:25:50.0659 1400 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:25:50.0659 1400 NdisTapi - ok
15:25:50.0699 1400 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:25:50.0699 1400 Ndisuio - ok
15:25:50.0729 1400 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:25:50.0729 1400 NdisWan - ok
15:25:50.0749 1400 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:25:50.0759 1400 NDProxy - ok
15:25:50.0769 1400 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:25:50.0779 1400 NetBIOS - ok
15:25:50.0829 1400 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:25:50.0829 1400 NetBT - ok
15:25:50.0869 1400 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
15:25:50.0869 1400 NetDDE - ok
15:25:50.0879 1400 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
15:25:50.0889 1400 NetDDEdsdm - ok
15:25:50.0919 1400 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys
15:25:50.0919 1400 Netdevio - ok
15:25:50.0959 1400 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:25:50.0959 1400 Netlogon - ok
15:25:51.0039 1400 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
15:25:51.0039 1400 Netman - ok
15:25:51.0199 1400 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:25:51.0199 1400 NetTcpPortSharing - ok
15:25:51.0269 1400 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:25:51.0269 1400 NIC1394 - ok
15:25:51.0390 1400 NitroReaderDriverReadSpool2 (f089b4036b2c88931b81b760ddeb8074) C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
15:25:51.0400 1400 NitroReaderDriverReadSpool2 - ok
15:25:51.0470 1400 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
15:25:51.0480 1400 Nla - ok
15:25:51.0530 1400 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:25:51.0540 1400 Npfs - ok
15:25:51.0620 1400 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:25:51.0640 1400 Ntfs - ok
15:25:51.0720 1400 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:25:51.0720 1400 NtLmSsp - ok
15:25:51.0790 1400 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
15:25:51.0830 1400 NtmsSvc - ok
15:25:51.0880 1400 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:25:51.0880 1400 Null - ok
15:25:51.0930 1400 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:25:51.0930 1400 NwlnkFlt - ok
15:25:51.0960 1400 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:25:51.0960 1400 NwlnkFwd - ok
15:25:51.0980 1400 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:25:51.0991 1400 ohci1394 - ok
15:25:52.0091 1400 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:25:52.0091 1400 ose - ok
15:25:52.0111 1400 ovt519 - ok
15:25:52.0291 1400 PACSPTISVR-Sound_Organizer (34a947acb48b2085d0fbf2d025169962) C:\Program Files\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe
15:25:52.0301 1400 PACSPTISVR-Sound_Organizer - ok
15:25:52.0341 1400 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
15:25:52.0341 1400 Parport - ok
15:25:52.0361 1400 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:25:52.0371 1400 PartMgr - ok
15:25:52.0391 1400 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
15:25:52.0391 1400 ParVdm - ok
15:25:52.0401 1400 pavfnsvr - ok
15:25:52.0431 1400 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
15:25:52.0431 1400 PCI - ok
15:25:52.0451 1400 PCIDump - ok
15:25:52.0471 1400 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:25:52.0471 1400 PCIIde - ok
15:25:52.0501 1400 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
15:25:52.0511 1400 Pcmcia - ok
15:25:52.0521 1400 PDCOMP - ok
15:25:52.0541 1400 PDFRAME - ok
15:25:52.0551 1400 PDRELI - ok
15:25:52.0571 1400 PDRFRAME - ok
15:25:52.0591 1400 perc2 - ok
15:25:52.0611 1400 perc2hib - ok
15:25:52.0661 1400 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
15:25:52.0661 1400 Pfc - ok
15:25:52.0732 1400 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
15:25:52.0732 1400 PlugPlay - ok
15:25:52.0772 1400 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:25:52.0772 1400 PolicyAgent - ok
15:25:52.0782 1400 portio - ok
15:25:52.0822 1400 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:25:52.0832 1400 PptpMiniport - ok
15:25:52.0842 1400 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:25:52.0842 1400 ProtectedStorage - ok
15:25:52.0862 1400 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:25:52.0872 1400 PSched - ok
15:25:52.0882 1400 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:25:52.0892 1400 Ptilink - ok
15:25:52.0902 1400 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:25:52.0912 1400 PxHelp20 - ok
15:25:52.0922 1400 ql1080 - ok
15:25:52.0932 1400 Ql10wnt - ok
15:25:52.0952 1400 ql12160 - ok
15:25:52.0962 1400 ql1240 - ok
15:25:52.0972 1400 ql1280 - ok
15:25:53.0002 1400 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:25:53.0002 1400 RasAcd - ok
15:25:53.0042 1400 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
15:25:53.0042 1400 RasAuto - ok
15:25:53.0082 1400 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:25:53.0082 1400 Rasl2tp - ok
15:25:53.0152 1400 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
15:25:53.0152 1400 RasMan - ok
15:25:53.0172 1400 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:25:53.0182 1400 RasPppoe - ok
15:25:53.0192 1400 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:25:53.0192 1400 Raspti - ok
15:25:53.0232 1400 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:25:53.0242 1400 Rdbss - ok
15:25:53.0262 1400 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:25:53.0262 1400 RDPCDD - ok
15:25:53.0342 1400 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
15:25:53.0342 1400 RDPWD - ok
15:25:53.0403 1400 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
15:25:53.0413 1400 RDSessMgr - ok
15:25:53.0463 1400 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:25:53.0493 1400 redbook - ok
15:25:53.0603 1400 RegSrvc (e6cd560a4a16feee5503cb59a3e30a84) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
15:25:53.0613 1400 RegSrvc - ok
15:25:53.0663 1400 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
15:25:53.0663 1400 RemoteAccess - ok
15:25:53.0723 1400 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
15:25:53.0743 1400 RpcLocator - ok
15:25:53.0803 1400 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
15:25:53.0813 1400 RpcSs - ok
15:25:53.0883 1400 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
15:25:53.0893 1400 RSVP - ok
15:25:53.0953 1400 S24EventMonitor (a57b20bb52b7c504b7a9fb4c82b639ba) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
15:25:53.0973 1400 S24EventMonitor - ok
15:25:54.0043 1400 s24trans (9c40cb317400f2cf643b8706147dd06d) C:\WINDOWS\system32\DRIVERS\s24trans.sys
15:25:54.0043 1400 s24trans - ok
15:25:54.0104 1400 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:25:54.0104 1400 SamSs - ok
15:25:54.0164 1400 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:25:54.0174 1400 SASDIFSV - ok
15:25:54.0194 1400 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:25:54.0194 1400 SASKUTIL - ok
15:25:54.0254 1400 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
15:25:54.0264 1400 SCardSvr - ok
15:25:54.0334 1400 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
15:25:54.0334 1400 Schedule - ok
15:25:54.0424 1400 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
15:25:54.0444 1400 sdbus - ok
15:25:54.0484 1400 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:25:54.0494 1400 Secdrv - ok
15:25:54.0524 1400 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
15:25:54.0524 1400 seclogon - ok
15:25:54.0554 1400 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
15:25:54.0554 1400 SENS - ok
15:25:54.0614 1400 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
15:25:54.0614 1400 Serial - ok
15:25:54.0704 1400 SetupSys - ok
15:25:54.0734 1400 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
15:25:54.0744 1400 Sfloppy - ok
15:25:54.0795 1400 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
15:25:54.0805 1400 SharedAccess - ok
15:25:54.0855 1400 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:25:54.0855 1400 ShellHWDetection - ok
15:25:54.0865 1400 Simbad - ok
15:25:54.0895 1400 Sparrow - ok
15:25:54.0945 1400 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:25:54.0945 1400 splitter - ok
15:25:54.0995 1400 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:25:54.0995 1400 Spooler - ok
15:25:55.0045 1400 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
15:25:55.0045 1400 sr - ok
15:25:55.0095 1400 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
15:25:55.0125 1400 srservice - ok
15:25:55.0175 1400 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:25:55.0195 1400 Srv - ok
15:25:55.0215 1400 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
15:25:55.0215 1400 SSDPSRV - ok
15:25:55.0285 1400 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
15:25:55.0295 1400 stisvc - ok
15:25:55.0315 1400 streamloadservice - ok
15:25:55.0355 1400 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:25:55.0355 1400 swenum - ok
15:25:55.0375 1400 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:25:55.0385 1400 swmidi - ok
15:25:55.0395 1400 SwPrv - ok
15:25:55.0415 1400 symc810 - ok
15:25:55.0435 1400 symc8xx - ok
15:25:55.0455 1400 sym_hi - ok
15:25:55.0466 1400 sym_u3 - ok
15:25:55.0536 1400 SynTP (919ae4fc78bf666083105b6e2b6f4a1a) C:\WINDOWS\system32\DRIVERS\SynTP.sys
15:25:55.0566 1400 SynTP - ok
15:25:55.0596 1400 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:25:55.0596 1400 sysaudio - ok
15:25:55.0656 1400 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
15:25:55.0656 1400 SysmonLog - ok
15:25:55.0716 1400 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
15:25:55.0716 1400 TapiSrv - ok
15:25:55.0826 1400 TAPPSRV (7001c83d3633ff16dea9f7ade1c0f309) C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
15:25:55.0836 1400 TAPPSRV - ok
15:25:55.0876 1400 tbiosdrv (7147b0575bcc93a6ab7d5c90f47c0b9f) C:\WINDOWS\system32\DRIVERS\tbiosdrv.sys
15:25:55.0886 1400 tbiosdrv - ok
15:25:55.0916 1400 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:25:55.0936 1400 Tcpip - ok
15:25:55.0976 1400 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:25:55.0976 1400 TDPIPE - ok
15:25:55.0996 1400 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:25:56.0006 1400 TDTCP - ok
15:25:56.0036 1400 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:25:56.0036 1400 TermDD - ok
15:25:56.0076 1400 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
15:25:56.0086 1400 TermService - ok
15:25:56.0146 1400 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:25:56.0146 1400 Themes - ok
15:25:56.0227 1400 tifm21 (244cfbffdefb77f3df571a8cd108fc06) C:\WINDOWS\system32\drivers\tifm21.sys
15:25:56.0237 1400 tifm21 - ok
15:25:56.0287 1400 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys
15:25:56.0287 1400 toshidpt - ok
15:25:56.0307 1400 TosIde - ok
15:25:56.0397 1400 tosporte (0f89321a4bc43cd2641153b262c9338c) C:\WINDOWS\system32\DRIVERS\tosporte.sys
15:25:56.0397 1400 tosporte - ok
15:25:56.0437 1400 Tosrfbd (9584b102a0a0528090916c7e88b39f21) C:\WINDOWS\system32\Drivers\tosrfbd.sys
15:25:56.0447 1400 Tosrfbd - ok
15:25:56.0467 1400 Tosrfbnp (ce63e991e7f638a16c6aaecf59648c71) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
15:25:56.0467 1400 Tosrfbnp - ok
15:25:56.0497 1400 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys
15:25:56.0497 1400 Tosrfcom - ok
15:25:56.0527 1400 tosrfec (cc42fdbe9760ca1639e23158ab995f98) C:\WINDOWS\system32\DRIVERS\tosrfec.sys
15:25:56.0527 1400 tosrfec - ok
15:25:56.0547 1400 Tosrfhid (ad5766254a25de9f4d6d311153e4d447) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
15:25:56.0557 1400 Tosrfhid - ok
15:25:56.0587 1400 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
15:25:56.0587 1400 tosrfnds - ok
15:25:56.0617 1400 TosRfSnd (b5518adb2b0029ff95d22e8e7336f49f) C:\WINDOWS\system32\drivers\TosRfSnd.sys
15:25:56.0617 1400 TosRfSnd - ok
15:25:56.0637 1400 Tosrfusb (d537b63c0c70629ace62192cd2ae6429) C:\WINDOWS\system32\Drivers\tosrfusb.sys
15:25:56.0657 1400 Tosrfusb - ok
15:25:56.0697 1400 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
15:25:56.0697 1400 TrkWks - ok
15:25:56.0767 1400 TVALD (c51bfed6c2d9d6512e346f25d92ad8d9) C:\WINDOWS\system32\DRIVERS\NBSMI.sys
15:25:56.0767 1400 TVALD - ok
15:25:56.0797 1400 Tvs (12c836c7fe526d7b3239af82e4083be2) C:\WINDOWS\system32\DRIVERS\Tvs.sys
15:25:56.0797 1400 Tvs - ok
15:25:56.0858 1400 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:25:56.0868 1400 Udfs - ok
15:25:56.0878 1400 ultra - ok
15:25:56.0918 1400 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:25:56.0938 1400 Update - ok
15:25:56.0998 1400 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
15:25:57.0008 1400 upnphost - ok
15:25:57.0038 1400 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
15:25:57.0038 1400 UPS - ok
15:25:57.0068 1400 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:25:57.0068 1400 usbccgp - ok
15:25:57.0128 1400 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:25:57.0138 1400 usbehci - ok
15:25:57.0158 1400 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:25:57.0158 1400 usbhub - ok
15:25:57.0178 1400 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:25:57.0188 1400 usbprint - ok
15:25:57.0208 1400 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:25:57.0208 1400 usbscan - ok
15:25:57.0238 1400 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:25:57.0238 1400 USBSTOR - ok
15:25:57.0258 1400 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:25:57.0258 1400 usbuhci - ok
15:25:57.0298 1400 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:25:57.0298 1400 VgaSave - ok
15:25:57.0318 1400 ViaIde - ok
15:25:57.0338 1400 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
15:25:57.0338 1400 VolSnap - ok
15:25:57.0388 1400 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
15:25:57.0388 1400 VSS - ok
15:25:57.0639 1400 w29n51 (adb2f5af36155c9f1fbfd66a3acacbe6) C:\WINDOWS\system32\DRIVERS\w29n51.sys
15:25:57.0719 1400 w29n51 - ok
15:25:57.0909 1400 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
15:25:57.0909 1400 W32Time - ok
15:25:57.0989 1400 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:25:57.0989 1400 Wanarp - ok
15:25:58.0019 1400 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
15:25:58.0019 1400 wanatw - ok
15:25:58.0049 1400 WDICA - ok
15:25:58.0079 1400 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:25:58.0079 1400 wdmaud - ok
15:25:58.0139 1400 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
15:25:58.0149 1400 WebClient - ok
15:25:58.0239 1400 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:25:58.0239 1400 winmgmt - ok
15:25:58.0310 1400 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:25:58.0310 1400 WmdmPmSN - ok
15:25:58.0390 1400 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:25:58.0390 1400 WmiApSrv - ok
15:25:58.0420 1400 Wtcls2k - ok
15:25:58.0470 1400 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
15:25:58.0480 1400 wuauserv - ok
15:25:58.0560 1400 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
15:25:58.0580 1400 WZCSVC - ok
15:25:58.0630 1400 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
15:25:58.0640 1400 xmlprov - ok
15:25:58.0700 1400 yukonwxp (7d1def979b4e536e12882ee84f7c719a) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
15:25:58.0710 1400 yukonwxp - ok
15:25:58.0760 1400 MBR (0x1B8) (09ce7397af23d4c0b331b89d0297cc7e) \Device\Harddisk0\DR0
15:25:58.0800 1400 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
15:25:58.0800 1400 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
15:25:58.0820 1400 Boot (0x1200) (d53d046963c30e305adcdbb2d437a806) \Device\Harddisk0\DR0\Partition0
15:25:58.0820 1400 \Device\Harddisk0\DR0\Partition0 - ok
15:25:58.0820 1400 ============================================================
15:25:58.0820 1400 Scan finished
15:25:58.0820 1400 ============================================================
15:25:58.0850 0784 Detected object count: 1
15:25:58.0850 0784 Actual detected object count: 1
15:31:25.0790 0784 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - skipped by user
15:31:25.0790 0784 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Skip
15:32:54.0298 0636 ============================================================
15:32:54.0298 0636 Scan started
15:32:54.0298 0636 Mode: Manual;
15:32:54.0298 0636 ============================================================
15:32:54.0788 0636 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
15:32:54.0788 0636 !SASCORE - ok
15:32:54.0839 0636 Abiosdsk - ok
15:32:54.0849 0636 abp480n5 - ok
15:32:54.0919 0636 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:32:54.0919 0636 ACPI - ok
15:32:54.0939 0636 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
15:32:54.0939 0636 ACPIEC - ok
15:32:54.0949 0636 adpu160m - ok
15:32:54.0979 0636 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:32:54.0979 0636 aec - ok
15:32:55.0039 0636 AegisP (2c5c22990156a1063e19ad162191dc1d) C:\WINDOWS\system32\DRIVERS\AegisP.sys
15:32:55.0039 0636 AegisP - ok
15:32:55.0069 0636 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:32:55.0079 0636 AFD - ok
15:32:55.0179 0636 AgereSoftModem (b3192376c7a3814b5341efc2202022f8) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
15:32:55.0189 0636 AgereSoftModem - ok
15:32:55.0209 0636 Aha154x - ok
15:32:55.0219 0636 aic78u2 - ok
15:32:55.0239 0636 aic78xx - ok
15:32:55.0299 0636 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
15:32:55.0299 0636 Alerter - ok
15:32:55.0369 0636 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
15:32:55.0369 0636 ALG - ok
15:32:55.0379 0636 AliIde - ok
15:32:55.0399 0636 amsint - ok
15:32:55.0419 0636 apache2 - ok
15:32:55.0429 0636 AppMgmt - ok
15:32:55.0459 0636 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:32:55.0459 0636 Arp1394 - ok
15:32:55.0469 0636 asc - ok
15:32:55.0479 0636 asc3350p - ok
15:32:55.0499 0636 asc3550 - ok
15:32:55.0520 0636 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
15:32:55.0520 0636 ASCTRM - ok
15:32:55.0690 0636 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:32:55.0690 0636 aspnet_state - ok
15:32:55.0720 0636 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:32:55.0720 0636 AsyncMac - ok
15:32:55.0770 0636 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:32:55.0770 0636 atapi - ok
15:32:55.0790 0636 Atdisk - ok
15:32:55.0830 0636 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:32:55.0830 0636 Atmarpc - ok
15:32:55.0890 0636 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
15:32:55.0890 0636 AudioSrv - ok
15:32:55.0910 0636 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:32:55.0910 0636 audstub - ok
15:32:55.0920 0636 avgtdi - ok
15:32:55.0950 0636 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:32:55.0950 0636 Beep - ok
15:32:56.0040 0636 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
15:32:56.0040 0636 BITS - ok
15:32:56.0100 0636 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
15:32:56.0100 0636 Browser - ok
15:32:56.0221 0636 BrYNSvc (ea7e57f87d6fee5fd6c5f813c04e8cd2) C:\Program Files\Browny02\BrYNSvc.exe
15:32:56.0221 0636 BrYNSvc - ok
15:32:56.0261 0636 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:32:56.0261 0636 cbidf2k - ok
15:32:56.0281 0636 cd20xrnt - ok
15:32:56.0291 0636 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:32:56.0301 0636 Cdaudio - ok
15:32:56.0371 0636 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:32:56.0371 0636 Cdfs - ok
15:32:56.0391 0636 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:32:56.0391 0636 Cdrom - ok
15:32:56.0481 0636 CFSvcs (3cb0cc8879956c187e87e18634ee5164) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
15:32:56.0481 0636 CFSvcs - ok
15:32:56.0531 0636 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\WINDOWS\system32\drivers\cfwids.sys
15:32:56.0541 0636 cfwids - ok
15:32:56.0551 0636 Changer - ok
15:32:56.0571 0636 cics.region1 - ok
15:32:56.0641 0636 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
15:32:56.0641 0636 CiSvc - ok
15:32:56.0681 0636 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
15:32:56.0681 0636 ClipSrv - ok
15:32:56.0831 0636 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:32:56.0831 0636 clr_optimization_v2.0.50727_32 - ok
15:32:56.0861 0636 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:32:56.0861 0636 CmBatt - ok
15:32:56.0881 0636 CmdIde - ok
15:32:56.0901 0636 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:32:56.0901 0636 Compbatt - ok
15:32:56.0922 0636 COMSysApp - ok
15:32:56.0942 0636 Cpqarray - ok
15:32:56.0962 0636 cpuidlep - ok
15:32:57.0002 0636 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
15:32:57.0012 0636 CryptSvc - ok
15:32:57.0012 0636 dac2w2k - ok
15:32:57.0032 0636 dac960nt - ok
15:32:57.0092 0636 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
15:32:57.0102 0636 DcomLaunch - ok
15:32:57.0162 0636 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
15:32:57.0162 0636 Dhcp - ok
15:32:57.0182 0636 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:32:57.0182 0636 Disk - ok
15:32:57.0202 0636 dmadmin - ok
15:32:57.0272 0636 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
15:32:57.0282 0636 dmboot - ok
15:32:57.0302 0636 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
15:32:57.0312 0636 dmio - ok
15:32:57.0362 0636 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:32:57.0362 0636 dmload - ok
15:32:57.0412 0636 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
15:32:57.0412 0636 dmserver - ok
15:32:57.0462 0636 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:32:57.0462 0636 DMusic - ok
15:32:57.0502 0636 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
15:32:57.0502 0636 Dnscache - ok
15:32:57.0552 0636 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
15:32:57.0552 0636 Dot3svc - ok
15:32:57.0572 0636 dpti2o - ok
15:32:57.0613 0636 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:32:57.0613 0636 drmkaud - ok
15:32:57.0683 0636 DVD-RAM_Service (c9ffbd6b8edc46cd3d13e3c6db914fb7) C:\WINDOWS\system32\DVDRAMSV.exe
15:32:57.0683 0636 DVD-RAM_Service - ok
15:32:57.0743 0636 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
15:32:57.0743 0636 EapHost - ok
15:32:57.0773 0636 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
15:32:57.0773 0636 ERSvc - ok
15:32:57.0823 0636 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
15:32:57.0823 0636 Eventlog - ok
15:32:57.0893 0636 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
15:32:57.0893 0636 EventSystem - ok
15:32:58.0013 0636 EvtEng (aa1d9c4a2f997fea8a4fb0929212eda2) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
15:32:58.0013 0636 EvtEng - ok
15:32:58.0083 0636 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:32:58.0093 0636 Fastfat - ok
15:32:58.0143 0636 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:32:58.0153 0636 FastUserSwitchingCompatibility - ok
15:32:58.0223 0636 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
15:32:58.0233 0636 Fax - ok
15:32:58.0253 0636 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
15:32:58.0253 0636 Fdc - ok
15:32:58.0283 0636 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
15:32:58.0283 0636 Fips - ok
15:32:58.0304 0636 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:32:58.0304 0636 Flpydisk - ok
15:32:58.0354 0636 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:32:58.0354 0636 FltMgr - ok
15:32:58.0494 0636 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:32:58.0494 0636 FontCache3.0.0.0 - ok
15:32:58.0534 0636 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:32:58.0534 0636 Fs_Rec - ok
15:32:58.0564 0636 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:32:58.0564 0636 Ftdisk - ok
15:32:58.0604 0636 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:32:58.0614 0636 Gpc - ok
15:32:58.0634 0636 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:32:58.0634 0636 HDAudBus - ok
15:32:58.0714 0636 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:32:58.0714 0636 helpsvc - ok
15:32:58.0724 0636 HidServ - ok
15:32:58.0784 0636 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:32:58.0784 0636 HidUsb - ok
15:32:58.0824 0636 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
15:32:58.0834 0636 hkmsvc - ok
15:32:58.0844 0636 HPFXBULK - ok
15:32:58.0864 0636 hpn - ok
15:32:58.0904 0636 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:32:58.0904 0636 HTTP - ok
15:32:58.0964 0636 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
15:32:58.0964 0636 HTTPFilter - ok
15:32:58.0974 0636 i2omgmt - ok
15:32:58.0995 0636 i2omp - ok
15:32:59.0025 0636 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:32:59.0025 0636 i8042prt - ok
15:32:59.0125 0636 ialm (4007984827e19e6a5b6faf8532eaefba) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
15:32:59.0135 0636 ialm - ok
15:32:59.0285 0636 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:32:59.0285 0636 idsvc - ok
15:32:59.0445 0636 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:32:59.0445 0636 Imapi - ok
15:32:59.0545 0636 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
15:32:59.0545 0636 ImapiService - ok
15:32:59.0565 0636 ini910u - ok
15:32:59.0816 0636 IntcAzAudAddService (1a5b97b5bffde5742f4209f734c4faf0) C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:32:59.0856 0636 IntcAzAudAddService - ok
15:33:00.0006 0636 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
15:33:00.0006 0636 IntelIde - ok
15:33:00.0036 0636 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:33:00.0036 0636 intelppm - ok
15:33:00.0066 0636 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:33:00.0066 0636 Ip6Fw - ok
15:33:00.0096 0636 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:33:00.0096 0636 IpFilterDriver - ok
15:33:00.0116 0636 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:33:00.0116 0636 IpInIp - ok
15:33:00.0166 0636 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:33:00.0166 0636 IpNat - ok
15:33:00.0196 0636 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:33:00.0196 0636 IPSec - ok
15:33:00.0236 0636 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:33:00.0236 0636 IRENUM - ok
15:33:00.0266 0636 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:33:00.0276 0636 isapnp - ok
15:33:00.0316 0636 Iviaspi (f59c3569a2f2c464bb78cb1bdcdca55e) C:\WINDOWS\system32\drivers\iviaspi.sys
15:33:00.0316 0636 Iviaspi - ok
15:33:00.0387 0636 IWCA (872d090ca5c306f62d1982bce6302376) C:\WINDOWS\system32\DRIVERS\iwca.sys
15:33:00.0387 0636 IWCA - ok
15:33:00.0547 0636 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
15:33:00.0547 0636 JavaQuickStarterService - ok
15:33:00.0597 0636 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:33:00.0597 0636 Kbdclass - ok
15:33:00.0637 0636 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:33:00.0637 0636 kmixer - ok
15:33:00.0677 0636 KR10N (00c1ea8decf810b8eccb5c5a8186a96e) C:\WINDOWS\system32\drivers\KR10N.sys
15:33:00.0677 0636 KR10N - ok
15:33:00.0707 0636 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:33:00.0707 0636 KSecDD - ok
15:33:00.0767 0636 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
15:33:00.0777 0636 lanmanserver - ok
15:33:00.0847 0636 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
15:33:00.0847 0636 lanmanworkstation - ok
15:33:00.0867 0636 lbrtfdc - ok
15:33:00.0947 0636 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
15:33:00.0947 0636 LmHosts - ok
15:33:00.0987 0636 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
15:33:00.0987 0636 MBAMProtector - ok
15:33:01.0098 0636 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:33:01.0108 0636 MBAMService - ok
15:33:01.0238 0636 McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:33:01.0238 0636 McAfee SiteAdvisor Service - ok
15:33:01.0248 0636 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:33:01.0248 0636 McMPFSvc - ok
15:33:01.0268 0636 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:33:01.0268 0636 mcmscsvc - ok
15:33:01.0288 0636 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:33:01.0288 0636 McNaiAnn - ok
15:33:01.0298 0636 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:33:01.0298 0636 McNASvc - ok
15:33:01.0378 0636 McODS (e8c5aae17e8332f5f4f57935238cd5eb) C:\Program Files\McAfee\VirusScan\mcods.exe
15:33:01.0378 0636 McODS - ok
15:33:01.0388 0636 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:33:01.0388 0636 McProxy - ok
15:33:01.0458 0636 McShield (151f3ca25b739b9cb0066abd1523f064) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
15:33:01.0458 0636 McShield - ok
15:33:01.0538 0636 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
15:33:01.0538 0636 MDM - ok
15:33:01.0758 0636 meiudf (7efac183a25b30fb5d64cc9d484b1eb6) C:\WINDOWS\system32\Drivers\meiudf.sys
15:33:01.0758 0636 meiudf - ok
15:33:01.0809 0636 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
15:33:01.0809 0636 Messenger - ok
15:33:01.0869 0636 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\WINDOWS\system32\drivers\mfeapfk.sys
15:33:01.0869 0636 mfeapfk - ok
15:33:01.0929 0636 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\WINDOWS\system32\drivers\mfeavfk.sys
15:33:01.0929 0636 mfeavfk - ok
15:33:01.0949 0636 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\WINDOWS\system32\drivers\mfebopk.sys
15:33:01.0949 0636 mfebopk - ok
15:33:02.0009 0636 mfefire (26ba2eebcff16f611ce1118fa0850810) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
15:33:02.0009 0636 mfefire - ok
15:33:02.0059 0636 mfefirek (215666a8a85023ef019b510cbb67f678) C:\WINDOWS\system32\drivers\mfefirek.sys
15:33:02.0059 0636 mfefirek - ok
15:33:02.0179 0636 mfehidk (37800fbb68d88e3c3e49bb9c97233e87) C:\WINDOWS\system32\drivers\mfehidk.sys
15:33:02.0179 0636 mfehidk - ok
15:33:02.0229 0636 mfendisk (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
15:33:02.0239 0636 mfendisk - ok
15:33:02.0249 0636 mfendiskmp (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
15:33:02.0249 0636 mfendiskmp - ok
15:33:02.0299 0636 mferkdet (47c91e229b129047f0138011ddf9f92f) C:\WINDOWS\system32\drivers\mferkdet.sys
15:33:02.0299 0636 mferkdet - ok
15:33:02.0339 0636 mfetdi2k (922e64ca38e38106498fb3435a8e399d) C:\WINDOWS\system32\drivers\mfetdi2k.sys
15:33:02.0339 0636 mfetdi2k - ok
15:33:02.0369 0636 mfevtp (9f09caa8dc12fc1626f82a5c212f6f9c) C:\WINDOWS\system32\mfevtps.exe
15:33:02.0369 0636 mfevtp - ok
15:33:02.0449 0636 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:33:02.0449 0636 mnmdd - ok
15:33:02.0500 0636 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
15:33:02.0510 0636 mnmsrvc - ok
15:33:02.0570 0636 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
15:33:02.0570 0636 Modem - ok
15:33:02.0590 0636 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:33:02.0590 0636 Mouclass - ok
15:33:02.0620 0636 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:33:02.0620 0636 mouhid - ok
15:33:02.0640 0636 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:33:02.0640 0636 MountMgr - ok
15:33:02.0650 0636 mraid35x - ok
15:33:02.0690 0636 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:33:02.0690 0636 MRxDAV - ok
15:33:02.0770 0636 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:33:02.0770 0636 MRxSmb - ok
15:33:02.0780 0636 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
15:33:02.0780 0636 MSDTC - ok
15:33:02.0820 0636 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:33:02.0820 0636 Msfs - ok
15:33:02.0830 0636 MSIServer - ok
15:33:02.0860 0636 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:33:02.0860 0636 MSKSSRV - ok
15:33:02.0880 0636 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:33:02.0880 0636 MSPCLOCK - ok
15:33:02.0910 0636 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:33:02.0910 0636 MSPQM - ok
15:33:02.0950 0636 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:33:02.0950 0636 mssmbios - ok
15:33:02.0970 0636 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:33:02.0970 0636 Mup - ok
15:33:03.0040 0636 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
15:33:03.0040 0636 napagent - ok
15:33:03.0070 0636 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:33:03.0080 0636 NDIS - ok
15:33:03.0110 0636 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:33:03.0110 0636 NdisTapi - ok
15:33:03.0130 0636 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:33:03.0130 0636 Ndisuio - ok
15:33:03.0171 0636 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:33:03.0171 0636 NdisWan - ok
15:33:03.0191 0636 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:33:03.0191 0636 NDProxy - ok
15:33:03.0201 0636 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:33:03.0201 0636 NetBIOS - ok
15:33:03.0221 0636 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:33:03.0231 0636 NetBT - ok
15:33:03.0291 0636 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
15:33:03.0291 0636 NetDDE - ok
15:33:03.0301 0636 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
15:33:03.0311 0636 NetDDEdsdm - ok
15:33:03.0341 0636 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys
15:33:03.0341 0636 Netdevio - ok
15:33:03.0411 0636 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:33:03.0411 0636 Netlogon - ok
15:33:03.0471 0636 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
15:33:03.0471 0636 Netman - ok
15:33:03.0621 0636 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:33:03.0621 0636 NetTcpPortSharing - ok
15:33:03.0681 0636 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:33:03.0681 0636 NIC1394 - ok
15:33:03.0801 0636 NitroReaderDriverReadSpool2 (f089b4036b2c88931b81b760ddeb8074) C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
15:33:03.0811 0636 NitroReaderDriverReadSpool2 - ok
15:33:03.0882 0636 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
15:33:03.0882 0636 Nla - ok
15:33:03.0912 0636 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:33:03.0912 0636 Npfs - ok
15:33:03.0952 0636 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:33:03.0962 0636 Ntfs - ok
15:33:03.0982 0636 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:33:03.0982 0636 NtLmSsp - ok
15:33:04.0062 0636 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
15:33:04.0062 0636 NtmsSvc - ok
15:33:04.0112 0636 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:33:04.0112 0636 Null - ok
15:33:04.0152 0636 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:33:04.0152 0636 NwlnkFlt - ok
15:33:04.0182 0636 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:33:04.0192 0636 NwlnkFwd - ok
15:33:04.0212 0636 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:33:04.0212 0636 ohci1394 - ok
15:33:04.0302 0636 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:33:04.0302 0636 ose - ok
15:33:04.0322 0636 ovt519 - ok
15:33:04.0522 0636 PACSPTISVR-Sound_Organizer (34a947acb48b2085d0fbf2d025169962) C:\Program Files\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe
15:33:04.0522 0636 PACSPTISVR-Sound_Organizer - ok
15:33:04.0563 0636 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
15:33:04.0563 0636 Parport - ok
15:33:04.0583 0636 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:33:04.0583 0636 PartMgr - ok
15:33:04.0633 0636 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
15:33:04.0633 0636 ParVdm - ok
15:33:04.0643 0636 pavfnsvr - ok
15:33:04.0683 0636 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
15:33:04.0683 0636 PCI - ok
15:33:04.0703 0636 PCIDump - ok
15:33:04.0723 0636 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:33:04.0723 0636 PCIIde - ok
15:33:04.0753 0636 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
15:33:04.0753 0636 Pcmcia - ok
15:33:04.0763 0636 PDCOMP - ok
15:33:04.0773 0636 PDFRAME - ok
15:33:04.0793 0636 PDRELI - ok
15:33:04.0803 0636 PDRFRAME - ok
15:33:04.0823 0636 perc2 - ok
15:33:04.0833 0636 perc2hib - ok
15:33:04.0903 0636 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
15:33:04.0903 0636 Pfc - ok
15:33:04.0963 0636 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
15:33:04.0973 0636 PlugPlay - ok
15:33:05.0003 0636 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:33:05.0003 0636 PolicyAgent - ok
15:33:05.0023 0636 portio - ok
15:33:05.0063 0636 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:33:05.0063 0636 PptpMiniport - ok
15:33:05.0073 0636 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:33:05.0073 0636 ProtectedStorage - ok
15:33:05.0093 0636 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:33:05.0093 0636 PSched - ok
15:33:05.0113 0636 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:33:05.0113 0636 Ptilink - ok
15:33:05.0133 0636 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:33:05.0133 0636 PxHelp20 - ok
15:33:05.0143 0636 ql1080 - ok
15:33:05.0153 0636 Ql10wnt - ok
15:33:05.0173 0636 ql12160 - ok
15:33:05.0183 0636 ql1240 - ok
15:33:05.0193 0636 ql1280 - ok
15:33:05.0223 0636 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:33:05.0223 0636 RasAcd - ok
15:33:05.0284 0636 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
15:33:05.0284 0636 RasAuto - ok
15:33:05.0324 0636 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:33:05.0334 0636 Rasl2tp - ok
15:33:05.0404 0636 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
15:33:05.0414 0636 RasMan - ok
15:33:05.0434 0636 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:33:05.0434 0636 RasPppoe - ok
15:33:05.0474 0636 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:33:05.0474 0636 Raspti - ok
15:33:05.0504 0636 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:33:05.0504 0636 Rdbss - ok
15:33:05.0524 0636 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:33:05.0524 0636 RDPCDD - ok
15:33:05.0584 0636 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
15:33:05.0584 0636 RDPWD - ok
15:33:05.0624 0636 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
15:33:05.0624 0636 RDSessMgr - ok
15:33:05.0654 0636 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:33:05.0654 0636 redbook - ok
15:33:05.0774 0636 RegSrvc (e6cd560a4a16feee5503cb59a3e30a84) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
15:33:05.0774 0636 RegSrvc - ok
15:33:05.0814 0636 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
15:33:05.0824 0636 RemoteAccess - ok
15:33:05.0874 0636 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
15:33:05.0884 0636 RpcLocator - ok
15:33:05.0955 0636 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
15:33:05.0955 0636 RpcSs - ok
15:33:06.0025 0636 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
15:33:06.0025 0636 RSVP - ok
15:33:06.0065 0636 S24EventMonitor (a57b20bb52b7c504b7a9fb4c82b639ba) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
15:33:06.0065 0636 S24EventMonitor - ok
15:33:06.0135 0636 s24trans (9c40cb317400f2cf643b8706147dd06d) C:\WINDOWS\system32\DRIVERS\s24trans.sys
15:33:06.0145 0636 s24trans - ok
15:33:06.0205 0636 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:33:06.0205 0636 SamSs - ok
15:33:06.0265 0636 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:33:06.0265 0636 SASDIFSV - ok
15:33:06.0295 0636 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:33:06.0295 0636 SASKUTIL - ok
15:33:06.0355 0636 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
15:33:06.0355 0636 SCardSvr - ok
15:33:06.0435 0636 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
15:33:06.0435 0636 Schedule - ok
15:33:06.0505 0636 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
15:33:06.0505 0636 sdbus - ok
15:33:06.0545 0636 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:33:06.0545 0636 Secdrv - ok
15:33:06.0585 0636 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
15:33:06.0585 0636 seclogon - ok
15:33:06.0605 0636 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
15:33:06.0605 0636 SENS - ok
15:33:06.0625 0636 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
15:33:06.0635 0636 Serial - ok
15:33:06.0666 0636 SetupSys - ok
15:33:06.0706 0636 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
15:33:06.0706 0636 Sfloppy - ok
15:33:06.0766 0636 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
15:33:06.0766 0636 SharedAccess - ok
15:33:06.0826 0636 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:33:06.0826 0636 ShellHWDetection - ok
15:33:06.0846 0636 Simbad - ok
15:33:06.0866 0636 Sparrow - ok
15:33:06.0896 0636 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:33:06.0896 0636 splitter - ok
15:33:06.0936 0636 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:33:06.0936 0636 Spooler - ok
15:33:06.0986 0636 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
15:33:06.0986 0636 sr - ok
15:33:07.0016 0636 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
15:33:07.0026 0636 srservice - ok
15:33:07.0056 0636 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:33:07.0056 0636 Srv - ok
15:33:07.0076 0636 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
15:33:07.0076 0636 SSDPSRV - ok
15:33:07.0146 0636 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
15:33:07.0156 0636 stisvc - ok
15:33:07.0166 0636 streamloadservice - ok
15:33:07.0196 0636 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:33:07.0196 0636 swenum - ok
15:33:07.0226 0636 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:33:07.0226 0636 swmidi - ok
15:33:07.0246 0636 SwPrv - ok
15:33:07.0266 0636 symc810 - ok
15:33:07.0286 0636 symc8xx - ok
15:33:07.0296 0636 sym_hi - ok
15:33:07.0316 0636 sym_u3 - ok
15:33:07.0377 0636 SynTP (919ae4fc78bf666083105b6e2b6f4a1a) C:\WINDOWS\system32\DRIVERS\SynTP.sys
15:33:07.0387 0636 SynTP - ok
15:33:07.0407 0636 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:33:07.0407 0636 sysaudio - ok
15:33:07.0467 0636 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
15:33:07.0467 0636 SysmonLog - ok
15:33:07.0507 0636 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
15:33:07.0507 0636 TapiSrv - ok
15:33:07.0647 0636 TAPPSRV (7001c83d3633ff16dea9f7ade1c0f309) C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
15:33:07.0647 0636 TAPPSRV - ok
15:33:07.0677 0636 tbiosdrv (7147b0575bcc93a6ab7d5c90f47c0b9f) C:\WINDOWS\system32\DRIVERS\tbiosdrv.sys
15:33:07.0677 0636 tbiosdrv - ok
15:33:07.0737 0636 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:33:07.0737 0636 Tcpip - ok
15:33:07.0777 0636 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:33:07.0777 0636 TDPIPE - ok
15:33:07.0807 0636 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:33:07.0807 0636 TDTCP - ok
15:33:07.0837 0636 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:33:07.0847 0636 TermDD - ok
15:33:07.0917 0636 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
15:33:07.0917 0636 TermService - ok
15:33:07.0977 0636 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:33:07.0977 0636 Themes - ok
15:33:08.0048 0636 tifm21 (244cfbffdefb77f3df571a8cd108fc06) C:\WINDOWS\system32\drivers\tifm21.sys
15:33:08.0058 0636 tifm21 - ok
15:33:08.0098 0636 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys
15:33:08.0098 0636 toshidpt - ok
15:33:08.0118 0636 TosIde - ok
15:33:08.0148 0636 tosporte (0f89321a4bc43cd2641153b262c9338c) C:\WINDOWS\system32\DRIVERS\tosporte.sys
15:33:08.0158 0636 tosporte - ok
15:33:08.0198 0636 Tosrfbd (9584b102a0a0528090916c7e88b39f21) C:\WINDOWS\system32\Drivers\tosrfbd.sys
15:33:08.0198 0636 Tosrfbd - ok
15:33:08.0218 0636 Tosrfbnp (ce63e991e7f638a16c6aaecf59648c71) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
15:33:08.0218 0636 Tosrfbnp - ok
15:33:08.0248 0636 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys
15:33:08.0248 0636 Tosrfcom - ok
15:33:08.0278 0636 tosrfec (cc42fdbe9760ca1639e23158ab995f98) C:\WINDOWS\system32\DRIVERS\tosrfec.sys
15:33:08.0278 0636 tosrfec - ok
15:33:08.0308 0636 Tosrfhid (ad5766254a25de9f4d6d311153e4d447) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
15:33:08.0308 0636 Tosrfhid - ok
15:33:08.0338 0636 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
15:33:08.0338 0636 tosrfnds - ok
15:33:08.0358 0636 TosRfSnd (b5518adb2b0029ff95d22e8e7336f49f) C:\WINDOWS\system32\drivers\TosRfSnd.sys
15:33:08.0358 0636 TosRfSnd - ok
15:33:08.0378 0636 Tosrfusb (d537b63c0c70629ace62192cd2ae6429) C:\WINDOWS\system32\Drivers\tosrfusb.sys
15:33:08.0378 0636 Tosrfusb - ok
15:33:08.0418 0636 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
15:33:08.0418 0636 TrkWks - ok
15:33:08.0488 0636 TVALD (c51bfed6c2d9d6512e346f25d92ad8d9) C:\WINDOWS\system32\DRIVERS\NBSMI.sys
15:33:08.0488 0636 TVALD - ok
15:33:08.0518 0636 Tvs (12c836c7fe526d7b3239af82e4083be2) C:\WINDOWS\system32\DRIVERS\Tvs.sys
15:33:08.0518 0636 Tvs - ok
15:33:08.0618 0636 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:33:08.0618 0636 Udfs - ok
15:33:08.0628 0636 ultra - ok
15:33:08.0678 0636 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:33:08.0678 0636 Update - ok
15:33:08.0749 0636 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
15:33:08.0749 0636 upnphost - ok
15:33:08.0779 0636 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
15:33:08.0789 0636 UPS - ok
15:33:08.0819 0636 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:33:08.0819 0636 usbccgp - ok
15:33:08.0879 0636 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:33:08.0879 0636 usbehci - ok
15:33:08.0899 0636 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:33:08.0899 0636 usbhub - ok
15:33:08.0919 0636 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:33:08.0919 0636 usbprint - ok
15:33:08.0939 0636 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:33:08.0939 0636 usbscan - ok
15:33:08.0949 0636 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:33:08.0959 0636 USBSTOR - ok
15:33:08.0989 0636 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:33:08.0989 0636 usbuhci - ok
15:33:09.0009 0636 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:33:09.0009 0636 VgaSave - ok
15:33:09.0019 0636 ViaIde - ok
15:33:09.0039 0636 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
15:33:09.0049 0636 VolSnap - ok
15:33:09.0089 0636 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
15:33:09.0089 0636 VSS - ok
15:33:09.0430 0636 w29n51 (adb2f5af36155c9f1fbfd66a3acacbe6) C:\WINDOWS\system32\DRIVERS\w29n51.sys
15:33:09.0460 0636 w29n51 - ok
15:33:09.0650 0636 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
15:33:09.0650 0636 W32Time - ok
15:33:09.0730 0636 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:33:09.0730 0636 Wanarp - ok
15:33:09.0760 0636 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
15:33:09.0760 0636 wanatw - ok
15:33:09.0770 0636 WDICA - ok
15:33:09.0800 0636 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:33:09.0810 0636 wdmaud - ok
15:33:09.0870 0636 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
15:33:09.0870 0636 WebClient - ok
15:33:09.0950 0636 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:33:09.0960 0636 winmgmt - ok
15:33:10.0030 0636 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:33:10.0030 0636 WmdmPmSN - ok
15:33:10.0090 0636 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:33:10.0090 0636 WmiApSrv - ok
15:33:10.0110 0636 Wtcls2k - ok
15:33:10.0151 0636 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
15:33:10.0151 0636 wuauserv - ok
15:33:10.0211 0636 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
15:33:10.0221 0636 WZCSVC - ok
15:33:10.0271 0636 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
15:33:10.0271 0636 xmlprov - ok
15:33:10.0331 0636 yukonwxp (7d1def979b4e536e12882ee84f7c719a) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
15:33:10.0331 0636 yukonwxp - ok
15:33:10.0391 0636 MBR (0x1B8) (09ce7397af23d4c0b331b89d0297cc7e) \Device\Harddisk0\DR0
15:33:10.0441 0636 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
15:33:10.0441 0636 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
15:33:10.0451 0636 Boot (0x1200) (d53d046963c30e305adcdbb2d437a806) \Device\Harddisk0\DR0\Partition0
15:33:10.0451 0636 \Device\Harddisk0\DR0\Partition0 - ok
15:33:10.0461 0636 ============================================================
15:33:10.0461 0636 Scan finished
15:33:10.0461 0636 ============================================================
15:33:10.0481 0612 Detected object count: 1
15:33:10.0481 0612 Actual detected object count: 1
15:33:17.0792 0612 \Device\Harddisk0\DR0\# - copied to quarantine
15:33:17.0792 0612 \Device\Harddisk0\DR0 - copied to quarantine
15:33:17.0902 0612 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
15:33:17.0902 0612 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
15:33:17.0902 0612 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
15:33:17.0912 0612 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
15:33:17.0912 0612 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
15:33:17.0912 0612 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
15:33:17.0912 0612 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
15:33:17.0912 0612 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
15:33:17.0912 0612 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
15:33:17.0952 0612 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
15:33:17.0952 0612 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
15:33:17.0952 0612 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
15:33:17.0962 0612 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
15:33:17.0962 0612 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
15:33:17.0962 0612 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
15:33:17.0962 0612 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
15:33:17.0962 0612 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
15:33:18.0002 0612 \Device\Harddisk0\DR0\TDLFS\com32 - copied to quarantine
15:33:18.0072 0612 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
15:33:18.0082 0612 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
15:33:18.0082 0612 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
15:33:18.0222 0612 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
15:33:18.0232 0612 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
15:33:18.0232 0612 \Device\Harddisk0\DR0 - ok
15:33:18.0573 0612 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
15:33:28.0697 1880 Deinitialize success



Started MBAM and followed instructions, during MBAM scan the McAfee popped up and said it had found a trojan and to restart the computer so it could be fixed, I chose to Restart Later. McAfee has since removed two trojans from my computer without my prompting and while MBAM has been scanning.

MBAM is still running and I must leave for a while so I will post the resulting report when I get back. Thanks for the help.

MBAM Scan complete and found no problems

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.02.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Connie's :: CONNIE [administrator]

Protection: Enabled

5/2/2012 4:06:30 PM
mbam-log-2012-05-02 (16-06-30).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 283619
Time elapsed: 50 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


I have restarted my computer in Normal Mode to check on it's operations.

1. Desktop is a light grey(never mentioned that before)like the screen saver is hidden.
2. Desktop shortcuts are there and working
3. Using Start/All Programs-My printers and drivers are missing as well as entire MS Office Pro 2003 edition is empty and any other item that should have something in the file.
4. All redirects are fixed, I am not having that problem on Yahoo or Bing.

Finally, my external hard drive was connected to the computer when this problem occurred and it seems that the files on that are also hidden. I can do a search for things like Photos, or My Documents and can see them, but cannot see anything on the drive when I open it to look at it. Same for Drive C:

Edited by Annie12, 02 May 2012 - 07:21 PM.


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:09 PM

Posted 02 May 2012 - 08:03 PM

Hello, first some info on these infections that you should knoew.
Rootkits, backdoor Trojans, Botnets, and IRC Bots are very dangerous because they compromise system integrity by making changes that allow it to by used by the attacker for malicious purposes. Rootkits are used by Trojans to conceal its presence (hide from view) in order to prevent detection of an attacker's software and make removal more difficult. Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. They can disable your anti-virus and security tools to prevent detection and removal. Remote attackers use backdoors as a means of accessing and taking control of a computer that bypasses security mechanisms. This type of exploit allows them to steal sensitive information like passwords, personal and financial data which is send back to the hacker. To learn more about these types of infections, you can refer to:

What danger is presented by rootkits?
Rootkits and how to combat them
r00tkit Analysis: What Is A Rootkit

If your computer was used for online banking, has credit card information or other sensitive data on it, you should disconnect from the Internet until your system is cleaned. All passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums. You should consider them to be compromised and change each password using a clean computer, not the infected one. If not, an attacker may get the new passwords and transaction information. If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connect again. Banking and credit card institutions should be notified of the possible security breach. Because your computer was compromised please read:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

>>>>>>
Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the prompts in the Fix it wizard.

>>>>>>

Now we want to be certain there are no more so please run these next. Disabling McAfee for this would be better.
See,,, http://www.bleepingcomputer.com/forums/topic114351.html


Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

AND

Please download mbr.exe and save it to the root directory, usually C:\ <- (Important!).
  • Go to Start > Run and type: cmd.exe
  • press Ok.
  • At the command prompt type: c:\mbr.exe >>"C:\mbr.log"
  • press Enter.
  • The process is automatic...a black DOS window will open and quickly disappear. This is normal.
  • A log file named mbr.log will be created and saved to the root of the system drive (usually C:\).
  • Copy and paste the results of the mbr.log in your next reply.
If you have a problem using the command prompt, you can just double-click on mbr.exe to run the tool.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Annie12

Annie12
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:09 PM

Posted 02 May 2012 - 08:31 PM

So first I need to change all this password info and then on to fixing this? Do I also disconnect the internet first then download the fixes to the good computer and save on a external flash drive?

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:09 PM

Posted 02 May 2012 - 08:43 PM

Hi Annie, I would disconnect the internet and change passwords wherever you can or change them from the clean comp )2nd choice is better).

Then you can connect and run these directly by downloading off the net on the infected machine..

Edited by boopme, 02 May 2012 - 08:43 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Annie12

Annie12
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:09 PM

Posted 02 May 2012 - 10:03 PM

Thanks, I am working on changing things and I talked to my bank so I will let you know when I complete the process, probably tomorrow or next before I am back on track here. My computer is disconnected from the internet and we changed everything with that.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users