Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HDD Scan--Need Help


  • Please log in to reply
5 replies to this topic

#1 sansamer

sansamer

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:28 PM

Posted 11 May 2012 - 11:48 PM

I contracted the HDD Scan Virus. I followed the instructions for removal here:

http://www.bleepingcomputer.com/virus-removal/remove-hdd-rescue

I ran Rkill with no problem and then installed Malware bytes per the instructions. 6 files were found and I removed them. I rebooted and the virus was still there, e.g., the desktop was black and I got HDD error messages. So I tried to run the process again. This time, after downloading Rkill again, I ran it and got access denied. The same think happened when I tried to install and run a new version of Malware bytes.

Any help would be much appreciated!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:28 PM

Posted 12 May 2012 - 12:09 AM

Boot the PC into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 sansamer

sansamer
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:28 PM

Posted 12 May 2012 - 10:17 PM

Thanks for your help. Below is the requested information. The computer no longer has the black desktop and no longer has he'd error messages. But my programs and files appear to be missing.

Boot the PC into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

20:46:23.0734 1092 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
20:46:24.0171 1092 ============================================================
20:46:24.0171 1092 Current date / time: 2012/05/12 20:46:24.0171
20:46:24.0171 1092 SystemInfo:
20:46:24.0171 1092
20:46:24.0171 1092 OS Version: 5.1.2600 ServicePack: 3.0
20:46:24.0171 1092 Product type: Workstation
20:46:24.0171 1092 ComputerName:
20:46:24.0171 1092 UserName:
20:46:24.0171 1092 Windows directory: C:\WINDOWS
20:46:24.0171 1092 System windows directory: C:\WINDOWS
20:46:24.0171 1092 Processor architecture: Intel x86
20:46:24.0171 1092 Number of processors: 2
20:46:24.0171 1092 Page size: 0x1000
20:46:24.0171 1092 Boot type: Safe boot with network
20:46:24.0171 1092 ============================================================
20:46:25.0296 1092 Drive \Device\Harddisk0\DR0 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x204E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
20:46:25.0296 1092 ============================================================
20:46:25.0296 1092 \Device\Harddisk0\DR0:
20:46:25.0296 1092 MBR partitions:
20:46:25.0296 1092 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6E28800
20:46:25.0296 1092 ============================================================
20:46:25.0312 1092 C: <-> \Device\Harddisk0\DR0\Partition0
20:46:25.0312 1092 ============================================================
20:46:25.0312 1092 Initialize success
20:46:25.0312 1092 ============================================================
20:46:45.0328 0556 ============================================================
20:46:45.0328 0556 Scan started
20:46:45.0328 0556 Mode: Manual; TDLFS;
20:46:45.0328 0556 ============================================================
20:46:46.0093 0556 5U875UVC (37e62b1d2ba075e3ad7ab30c873cefa6) C:\WINDOWS\system32\DRIVERS\5U875.sys
20:46:46.0093 0556 5U875UVC - ok
20:46:46.0125 0556 Abiosdsk - ok
20:46:46.0140 0556 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
20:46:46.0140 0556 abp480n5 - ok
20:46:46.0171 0556 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
20:46:46.0187 0556 ac97intc - ok
20:46:46.0218 0556 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:46:46.0218 0556 ACPI - ok
20:46:46.0234 0556 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:46:46.0234 0556 ACPIEC - ok
20:46:46.0265 0556 AcPrfMgrSvc (41345b701d2921052c3ae4416496f796) C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
20:46:46.0265 0556 AcPrfMgrSvc - ok
20:46:46.0296 0556 AcSvc (406376d3a1dece1db1ba59bb54a2f925) C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
20:46:46.0296 0556 AcSvc - ok
20:46:46.0328 0556 ADMonitor (0379df1c02009d8a56a77ff7e5c7c477) C:\WINDOWS\system32\ADMonitor.exe
20:46:46.0328 0556 ADMonitor - ok
20:46:46.0343 0556 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:46:46.0359 0556 adpu160m - ok
20:46:46.0375 0556 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:46:46.0390 0556 aec - ok
20:46:46.0406 0556 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:46:46.0406 0556 AFD - ok
20:46:46.0437 0556 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
20:46:46.0437 0556 agp440 - ok
20:46:46.0468 0556 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
20:46:46.0468 0556 agpCPQ - ok
20:46:46.0484 0556 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
20:46:46.0484 0556 Aha154x - ok
20:46:46.0515 0556 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:46:46.0515 0556 aic78u2 - ok
20:46:46.0546 0556 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:46:46.0546 0556 aic78xx - ok
20:46:46.0578 0556 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
20:46:46.0578 0556 Alerter - ok
20:46:46.0609 0556 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
20:46:46.0609 0556 ALG - ok
20:46:46.0625 0556 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
20:46:46.0625 0556 AliIde - ok
20:46:46.0656 0556 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
20:46:46.0656 0556 alim1541 - ok
20:46:46.0687 0556 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
20:46:46.0687 0556 amdagp - ok
20:46:46.0718 0556 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
20:46:46.0718 0556 amsint - ok
20:46:46.0750 0556 ANC (11ab185a7af224800bbfb5b836974a17) C:\WINDOWS\system32\drivers\ANC.SYS
20:46:46.0750 0556 ANC - ok
20:46:46.0781 0556 ApfiltrService (14660206dc539db62f37b4a75a984578) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
20:46:46.0781 0556 ApfiltrService - ok
20:46:46.0796 0556 Apple Mobile Device (367592efca7ff8b4ce11ab6b0744e1e2) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
20:46:46.0812 0556 Apple Mobile Device - ok
20:46:46.0828 0556 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
20:46:46.0843 0556 AppMgmt - ok
20:46:46.0859 0556 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
20:46:46.0859 0556 asc - ok
20:46:46.0890 0556 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
20:46:46.0890 0556 asc3350p - ok
20:46:46.0921 0556 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
20:46:46.0921 0556 asc3550 - ok
20:46:46.0984 0556 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:46:46.0984 0556 aspnet_state - ok
20:46:47.0015 0556 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:46:47.0015 0556 AsyncMac - ok
20:46:47.0046 0556 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:46:47.0046 0556 atapi - ok
20:46:47.0062 0556 Atdisk - ok
20:46:47.0093 0556 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:46:47.0093 0556 Atmarpc - ok
20:46:47.0125 0556 ATMFBUS (07cac813cdc45dbf8696d0e02b06f622) C:\WINDOWS\system32\DRIVERS\ATMFBUS.sys
20:46:47.0125 0556 ATMFBUS - ok
20:46:47.0156 0556 ATMFCVsp (00541bd4b04c68e3882ec2da104ef301) C:\WINDOWS\system32\DRIVERS\ATMFCVsp.sys
20:46:47.0156 0556 ATMFCVsp - ok
20:46:47.0187 0556 ATMFFLT (a93c25ecc84872eff7b9f23843b9e22f) C:\WINDOWS\system32\DRIVERS\ATMFFLT.sys
20:46:47.0187 0556 ATMFFLT - ok
20:46:47.0218 0556 ATMFMdm (ad613953334d98e98af4101d951d0b3a) C:\WINDOWS\system32\DRIVERS\ATMFMdm.sys
20:46:47.0218 0556 ATMFMdm - ok
20:46:47.0250 0556 ATMFNET (a73c4dfa3a5e21c5f2ae695b7df7883b) C:\WINDOWS\system32\DRIVERS\ATMFNET.sys
20:46:47.0250 0556 ATMFNET - ok
20:46:47.0281 0556 ATMFNVsp (88bf42cd1efe78eb411a01b0114641d8) C:\WINDOWS\system32\DRIVERS\ATMFNVsp.sys
20:46:47.0281 0556 ATMFNVsp - ok
20:46:47.0296 0556 ATMFVsp (217c7c09dfb0726dd957536f5feec208) C:\WINDOWS\system32\DRIVERS\ATMFVsp.sys
20:46:47.0312 0556 ATMFVsp - ok
20:46:47.0406 0556 ATService (adb776b59bd9b56c6c196796729c6e56) C:\WINDOWS\system32\AtService.exe
20:46:47.0437 0556 ATService - ok
20:46:47.0484 0556 ATSwpWDF (bf8b459b63022165d4cbfe06f8cb0ebb) C:\WINDOWS\system32\Drivers\ATSwpWDF.sys
20:46:47.0500 0556 ATSwpWDF - ok
20:46:47.0515 0556 ATTRcAppSvc (4eb5adf22ac7b2b7721ba361b8d6603f) C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe
20:46:47.0531 0556 ATTRcAppSvc - ok
20:46:47.0546 0556 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
20:46:47.0546 0556 AudioSrv - ok
20:46:47.0578 0556 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:46:47.0578 0556 audstub - ok
20:46:47.0625 0556 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
20:46:47.0625 0556 BBSvc - ok
20:46:47.0656 0556 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
20:46:47.0656 0556 BBUpdate - ok
20:46:47.0671 0556 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
20:46:47.0687 0556 BcmSqlStartupSvc - ok
20:46:47.0703 0556 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:46:47.0703 0556 Beep - ok
20:46:47.0750 0556 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
20:46:47.0765 0556 BITS - ok
20:46:47.0796 0556 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe
20:46:47.0796 0556 Bonjour Service - ok
20:46:47.0812 0556 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
20:46:47.0812 0556 Browser - ok
20:46:47.0859 0556 btaudio (ddefeec7e06adbbcf4a270bc297a3199) C:\WINDOWS\system32\drivers\btaudio.sys
20:46:47.0875 0556 btaudio - ok
20:46:47.0890 0556 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
20:46:47.0890 0556 BTDriver - ok
20:46:47.0968 0556 BTKRNL (c845ea0e2a968f4a954c780cf2155452) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
20:46:47.0984 0556 BTKRNL - ok
20:46:48.0015 0556 btwdins (5032935483b572b5294995d7083b4bc5) C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
20:46:48.0031 0556 btwdins - ok
20:46:48.0078 0556 BTWDNDIS (80f61de965c116051614ac2f04222ff7) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
20:46:48.0078 0556 BTWDNDIS - ok
20:46:48.0093 0556 BTWUSB (179a37c86fd2b9cc28eb93d093d394c7) C:\WINDOWS\system32\Drivers\btwusb.sys
20:46:48.0093 0556 BTWUSB - ok
20:46:48.0125 0556 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
20:46:48.0125 0556 cbidf - ok
20:46:48.0156 0556 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:46:48.0156 0556 cbidf2k - ok
20:46:48.0187 0556 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:46:48.0187 0556 CCDECODE - ok
20:46:48.0203 0556 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
20:46:48.0203 0556 cd20xrnt - ok
20:46:48.0234 0556 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:46:48.0234 0556 Cdaudio - ok
20:46:48.0265 0556 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:46:48.0265 0556 Cdfs - ok
20:46:48.0296 0556 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:46:48.0296 0556 Cdrom - ok
20:46:48.0328 0556 Changer - ok
20:46:48.0343 0556 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
20:46:48.0343 0556 CiSvc - ok
20:46:48.0375 0556 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
20:46:48.0375 0556 ClipSrv - ok
20:46:48.0406 0556 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:46:48.0421 0556 clr_optimization_v2.0.50727_32 - ok
20:46:48.0437 0556 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:46:48.0437 0556 CmBatt - ok
20:46:48.0468 0556 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
20:46:48.0468 0556 CmdIde - ok
20:46:48.0531 0556 CnxtHdAudService (74d5c90052e936622e077d94121ec2c9) C:\WINDOWS\system32\drivers\CHDAU32.sys
20:46:48.0546 0556 CnxtHdAudService - ok
20:46:48.0562 0556 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:46:48.0562 0556 Compbatt - ok
20:46:48.0578 0556 COMSysApp - ok
20:46:48.0640 0556 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
20:46:48.0640 0556 Cpqarray - ok
20:46:48.0671 0556 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
20:46:48.0671 0556 CryptSvc - ok
20:46:48.0703 0556 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
20:46:48.0703 0556 dac2w2k - ok
20:46:48.0718 0556 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
20:46:48.0718 0556 dac960nt - ok
20:46:48.0765 0556 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
20:46:48.0781 0556 DcomLaunch - ok
20:46:48.0796 0556 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
20:46:48.0796 0556 Dhcp - ok
20:46:48.0828 0556 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:46:48.0828 0556 Disk - ok
20:46:48.0859 0556 DLABMFSM (5b149ccfe275f4de0b4b8ec6b9f6821e) C:\WINDOWS\system32\DLA\DLABMFSM.SYS
20:46:48.0859 0556 DLABMFSM - ok
20:46:48.0875 0556 DLABOIOM (ad4cb3d783634c90a9d0ce360933a63c) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
20:46:48.0875 0556 DLABOIOM - ok
20:46:48.0906 0556 DLACDBHM (5230cdb7e715f3a3b4a882e254cdd35d) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
20:46:48.0906 0556 DLACDBHM - ok
20:46:48.0937 0556 DLADResM (93d03238cc3f0ee3c0b3985d110ec575) C:\WINDOWS\system32\DLA\DLADResM.SYS
20:46:48.0937 0556 DLADResM - ok
20:46:48.0968 0556 DLAIFS_M (6a82f77c4a6f5235bf352f0028e2ef52) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
20:46:48.0968 0556 DLAIFS_M - ok
20:46:49.0000 0556 DLAOPIOM (0e6052c0ada37504896a847231a3907d) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
20:46:49.0000 0556 DLAOPIOM - ok
20:46:49.0015 0556 DLAPoolM (29670bb4e2b973c5b55a76107d4910b2) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
20:46:49.0015 0556 DLAPoolM - ok
20:46:49.0046 0556 DLARTL_M (77fe51f0f8d86804cb81f6ef6bfb86dd) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
20:46:49.0046 0556 DLARTL_M - ok
20:46:49.0078 0556 DLAUDFAM (6b087732b86c1d866d69dbbe463ea90a) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
20:46:49.0078 0556 DLAUDFAM - ok
20:46:49.0109 0556 DLAUDF_M (bbeecb95f2841ae4a3e3690d46d7153d) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
20:46:49.0109 0556 DLAUDF_M - ok
20:46:49.0125 0556 dmadmin - ok
20:46:49.0203 0556 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
20:46:49.0218 0556 dmboot - ok
20:46:49.0234 0556 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
20:46:49.0234 0556 dmio - ok
20:46:49.0250 0556 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:46:49.0250 0556 dmload - ok
20:46:49.0281 0556 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
20:46:49.0281 0556 dmserver - ok
20:46:49.0312 0556 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:46:49.0312 0556 DMusic - ok
20:46:49.0343 0556 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
20:46:49.0343 0556 Dnscache - ok
20:46:49.0375 0556 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
20:46:49.0375 0556 Dot3svc - ok
20:46:49.0390 0556 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20:46:49.0406 0556 dpti2o - ok
20:46:49.0421 0556 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:46:49.0421 0556 drmkaud - ok
20:46:49.0453 0556 DRVMCDB (83106585494d5eb96f59187200c144bd) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
20:46:49.0453 0556 DRVMCDB - ok
20:46:49.0484 0556 DRVNDDM (ffc371525aa55d1bae18715ebcb8797c) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
20:46:49.0484 0556 DRVNDDM - ok
20:46:49.0515 0556 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
20:46:49.0515 0556 E100B - ok
20:46:49.0546 0556 e1yexpress (d725bb377754ca2bfedf9b3047f67782) C:\WINDOWS\system32\DRIVERS\e1y5132.sys
20:46:49.0546 0556 e1yexpress - ok
20:46:49.0562 0556 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
20:46:49.0562 0556 EapHost - ok
20:46:49.0593 0556 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
20:46:49.0593 0556 ERSvc - ok
20:46:49.0625 0556 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
20:46:49.0625 0556 Eventlog - ok
20:46:49.0656 0556 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
20:46:49.0671 0556 EventSystem - ok
20:46:49.0718 0556 EvtEng (ba6063e3375f9bc11a9c8450a7f61e70) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:46:49.0734 0556 EvtEng - ok
20:46:49.0765 0556 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:46:49.0765 0556 Fastfat - ok
20:46:49.0781 0556 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:46:49.0796 0556 FastUserSwitchingCompatibility - ok
20:46:49.0812 0556 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:46:49.0812 0556 Fdc - ok
20:46:49.0843 0556 FingerprintServer (287e06e85b2d4d4bb82913b172ff4517) C:\WINDOWS\system32\FpLogonServ.exe
20:46:49.0843 0556 FingerprintServer - ok
20:46:49.0875 0556 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
20:46:49.0875 0556 Fips - ok
20:46:49.0890 0556 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:46:49.0890 0556 Flpydisk - ok
20:46:49.0937 0556 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:46:49.0937 0556 FltMgr - ok
20:46:49.0953 0556 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:46:49.0953 0556 FontCache3.0.0.0 - ok
20:46:49.0984 0556 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:46:49.0984 0556 Fs_Rec - ok
20:46:50.0015 0556 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:46:50.0015 0556 Ftdisk - ok
20:46:50.0031 0556 GEARAspiWDM (df6e37b27a9a1a498c6d9f29995b7a03) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:46:50.0031 0556 GEARAspiWDM - ok
20:46:50.0062 0556 getPlusHelper (1dd4bb8f2110a8aeb1466a2805ae57bb) C:\Program Files\NOS\bin\getPlus_Helper.dll
20:46:50.0062 0556 getPlusHelper - ok
20:46:50.0093 0556 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:46:50.0093 0556 Gpc - ok
20:46:50.0125 0556 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
20:46:50.0125 0556 gupdate - ok
20:46:50.0156 0556 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
20:46:50.0156 0556 gupdatem - ok
20:46:50.0187 0556 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:46:50.0187 0556 gusvc - ok
20:46:50.0218 0556 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:46:50.0218 0556 HDAudBus - ok
20:46:50.0234 0556 HECI (2df64415a28ce036ac6acec7645a996f) C:\WINDOWS\system32\DRIVERS\HECI.sys
20:46:50.0234 0556 HECI - ok
20:46:50.0265 0556 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:46:50.0265 0556 helpsvc - ok
20:46:50.0296 0556 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
20:46:50.0296 0556 HidServ - ok
20:46:50.0312 0556 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:46:50.0312 0556 HidUsb - ok
20:46:50.0343 0556 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
20:46:50.0343 0556 hkmsvc - ok
20:46:50.0375 0556 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
20:46:50.0375 0556 hpn - ok
20:46:50.0406 0556 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
20:46:50.0421 0556 hpqcxs08 - ok
20:46:50.0437 0556 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
20:46:50.0437 0556 hpqddsvc - ok
20:46:50.0500 0556 HPSLPSVC (a04f4ac48895774a2cf9d1c9eaaacef0) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
20:46:50.0515 0556 HPSLPSVC - ok
20:46:50.0531 0556 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:46:50.0546 0556 HTTP - ok
20:46:50.0562 0556 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
20:46:50.0562 0556 HTTPFilter - ok
20:46:50.0593 0556 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
20:46:50.0593 0556 i2omgmt - ok
20:46:50.0609 0556 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
20:46:50.0625 0556 i2omp - ok
20:46:50.0640 0556 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:46:50.0640 0556 i8042prt - ok
20:46:50.0953 0556 ialm (b2768350bb50469aeb1afe694372b613) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
20:46:51.0062 0556 ialm - ok
20:46:51.0125 0556 iaStor (abfebc5f846c71afebd7f8f6ba740c03) C:\WINDOWS\system32\DRIVERS\iaStor.sys
20:46:51.0125 0556 iaStor - ok
20:46:51.0140 0556 IBMPMDRV (ff2dbf3b183516eec87dad241ec50e7a) C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
20:46:51.0140 0556 IBMPMDRV - ok
20:46:51.0171 0556 IBMPMSVC (41328443d34c1e4d680d9d2766b94354) C:\WINDOWS\system32\ibmpmsvc.exe
20:46:51.0171 0556 IBMPMSVC - ok
20:46:51.0187 0556 IBMTPCHK (3a7dbe81ec5edb96a0a61c7d4af3198d) C:\WINDOWS\system32\Drivers\IBMBLDID.sys
20:46:51.0187 0556 IBMTPCHK - ok
20:46:51.0218 0556 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:46:51.0234 0556 IDriverT - ok
20:46:51.0296 0556 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:46:51.0312 0556 idsvc - ok
20:46:51.0343 0556 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:46:51.0343 0556 Imapi - ok
20:46:51.0375 0556 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
20:46:51.0375 0556 ImapiService - ok
20:46:51.0406 0556 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
20:46:51.0406 0556 ini910u - ok
20:46:51.0453 0556 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
20:46:51.0453 0556 IntelIde - ok
20:46:51.0468 0556 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:46:51.0484 0556 intelppm - ok
20:46:51.0500 0556 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:46:51.0500 0556 Ip6Fw - ok
20:46:51.0531 0556 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:46:51.0531 0556 IpFilterDriver - ok
20:46:51.0562 0556 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:46:51.0562 0556 IpInIp - ok
20:46:51.0593 0556 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:46:51.0593 0556 IpNat - ok
20:46:51.0640 0556 iPod Service (5c7538b244e439df39388da28e0a18d1) C:\Program Files\iPod\bin\iPodService.exe
20:46:51.0656 0556 iPod Service - ok
20:46:51.0671 0556 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:46:51.0671 0556 IPSec - ok
20:46:51.0703 0556 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:46:51.0703 0556 IRENUM - ok
20:46:51.0750 0556 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:46:51.0750 0556 isapnp - ok
20:46:51.0781 0556 IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
20:46:51.0781 0556 IviRegMgr - ok
20:46:51.0812 0556 JavaQuickStarterService (5e06a9d23727daf96faa796f1135fdcd) C:\Program Files\Java\jre6\bin\jqs.exe
20:46:51.0812 0556 JavaQuickStarterService - ok
20:46:51.0828 0556 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:46:51.0828 0556 Kbdclass - ok
20:46:51.0859 0556 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:46:51.0859 0556 kbdhid - ok
20:46:51.0890 0556 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:46:51.0890 0556 kmixer - ok
20:46:51.0921 0556 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:46:51.0921 0556 KSecDD - ok
20:46:51.0953 0556 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
20:46:51.0953 0556 lanmanserver - ok
20:46:51.0984 0556 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
20:46:51.0984 0556 lanmanworkstation - ok
20:46:52.0000 0556 lbrtfdc - ok
20:46:52.0062 0556 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
20:46:52.0062 0556 LmHosts - ok
20:46:52.0093 0556 LMS (dfcdb6c952e0394a6d7e4efbcc916839) C:\Program Files\Intel\AMT\LMS.exe
20:46:52.0093 0556 LMS - ok
20:46:52.0109 0556 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
20:46:52.0109 0556 Messenger - ok
20:46:52.0140 0556 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:46:52.0140 0556 mnmdd - ok
20:46:52.0171 0556 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
20:46:52.0171 0556 mnmsrvc - ok
20:46:52.0203 0556 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
20:46:52.0203 0556 Modem - ok
20:46:52.0218 0556 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:46:52.0218 0556 Mouclass - ok
20:46:52.0250 0556 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:46:52.0250 0556 mouhid - ok
20:46:52.0281 0556 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:46:52.0281 0556 MountMgr - ok
20:46:52.0312 0556 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
20:46:52.0312 0556 mraid35x - ok
20:46:52.0343 0556 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:46:52.0343 0556 MRxDAV - ok
20:46:52.0390 0556 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:46:52.0390 0556 MRxSmb - ok
20:46:52.0406 0556 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
20:46:52.0406 0556 MSDTC - ok
20:46:52.0468 0556 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:46:52.0468 0556 Msfs - ok
20:46:52.0484 0556 MSIServer - ok
20:46:52.0515 0556 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:46:52.0515 0556 MSKSSRV - ok
20:46:52.0546 0556 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:46:52.0546 0556 MSPCLOCK - ok
20:46:52.0578 0556 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:46:52.0578 0556 MSPQM - ok
20:46:52.0609 0556 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:46:52.0609 0556 mssmbios - ok
20:46:52.0625 0556 MSSQL$MSSMLBIZ - ok
20:46:52.0656 0556 MSSQL$QSRNVIVO8 - ok
20:46:52.0687 0556 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
20:46:52.0687 0556 MSSQLServerADHelper - ok
20:46:52.0718 0556 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
20:46:52.0718 0556 MSTEE - ok
20:46:52.0750 0556 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:46:52.0750 0556 Mup - ok
20:46:52.0765 0556 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:46:52.0781 0556 NABTSFEC - ok
20:46:52.0812 0556 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
20:46:52.0812 0556 napagent - ok
20:46:52.0843 0556 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:46:52.0859 0556 NDIS - ok
20:46:52.0875 0556 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:46:52.0875 0556 NdisIP - ok
20:46:52.0890 0556 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:46:52.0890 0556 NdisTapi - ok
20:46:52.0921 0556 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:46:52.0921 0556 Ndisuio - ok
20:46:52.0953 0556 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:46:52.0953 0556 NdisWan - ok
20:46:52.0984 0556 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:46:52.0984 0556 NDProxy - ok
20:46:53.0015 0556 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll
20:46:53.0015 0556 Net Driver HPZ12 - ok
20:46:53.0031 0556 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:46:53.0046 0556 NetBIOS - ok
20:46:53.0078 0556 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:46:53.0078 0556 NetBT - ok
20:46:53.0093 0556 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
20:46:53.0109 0556 NetDDE - ok
20:46:53.0125 0556 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
20:46:53.0125 0556 NetDDEdsdm - ok
20:46:53.0156 0556 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:46:53.0156 0556 Netlogon - ok
20:46:53.0187 0556 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
20:46:53.0187 0556 Netman - ok
20:46:53.0218 0556 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:46:53.0218 0556 NetTcpPortSharing - ok
20:46:53.0406 0556 NETw5x32 (aa88346ab7849a1cb34bd3424febfece) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
20:46:53.0468 0556 NETw5x32 - ok
20:46:53.0515 0556 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
20:46:53.0531 0556 Nla - ok
20:46:53.0546 0556 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:46:53.0546 0556 Npfs - ok
20:46:53.0593 0556 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:46:53.0609 0556 Ntfs - ok
20:46:53.0625 0556 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:46:53.0625 0556 NtLmSsp - ok
20:46:53.0671 0556 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
20:46:53.0687 0556 NtmsSvc - ok
20:46:53.0734 0556 ntrtscan (3a100055ef69ad41c968fe714b4b4947) C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
20:46:53.0750 0556 ntrtscan - ok
20:46:53.0765 0556 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:46:53.0765 0556 Null - ok
20:46:53.0875 0556 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:46:53.0921 0556 nv - ok
20:46:53.0953 0556 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:46:53.0953 0556 NwlnkFlt - ok
20:46:53.0984 0556 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:46:53.0984 0556 NwlnkFwd - ok
20:46:54.0031 0556 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:46:54.0046 0556 odserv - ok
20:46:54.0062 0556 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:46:54.0062 0556 ose - ok
20:46:54.0093 0556 PalmUSBD (dc450992eba6f914080c1f7fbeeed72c) C:\WINDOWS\system32\drivers\PalmUSBD.sys
20:46:54.0093 0556 PalmUSBD - ok
20:46:54.0125 0556 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
20:46:54.0125 0556 Parport - ok
20:46:54.0156 0556 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:46:54.0156 0556 PartMgr - ok
20:46:54.0187 0556 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
20:46:54.0187 0556 ParVdm - ok
20:46:54.0218 0556 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\WINDOWS\system32\Drivers\PCASp50.sys
20:46:54.0218 0556 PCASp50 - ok
20:46:54.0234 0556 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
20:46:54.0250 0556 PCI - ok
20:46:54.0265 0556 PCIDump - ok
20:46:54.0296 0556 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:46:54.0296 0556 PCIIde - ok
20:46:54.0328 0556 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:46:54.0328 0556 Pcmcia - ok
20:46:54.0359 0556 PCTINDIS5 (1e715247efffdda938c085913045d599) C:\WINDOWS\system32\PCTINDIS5.SYS
20:46:54.0359 0556 PCTINDIS5 - ok
20:46:54.0375 0556 PDCOMP - ok
20:46:54.0406 0556 PDFRAME - ok
20:46:54.0437 0556 PDRELI - ok
20:46:54.0453 0556 PDRFRAME - ok
20:46:54.0484 0556 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
20:46:54.0484 0556 perc2 - ok
20:46:54.0515 0556 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
20:46:54.0515 0556 perc2hib - ok
20:46:54.0609 0556 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
20:46:54.0609 0556 PlugPlay - ok
20:46:54.0625 0556 pmem (dedef40e1d05842639491365cb2c069e) C:\WINDOWS\System32\drivers\pmemnt.sys
20:46:54.0625 0556 pmem - ok
20:46:54.0656 0556 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll
20:46:54.0656 0556 Pml Driver HPZ12 - ok
20:46:54.0687 0556 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:46:54.0687 0556 PolicyAgent - ok
20:46:54.0718 0556 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:46:54.0718 0556 PptpMiniport - ok
20:46:54.0734 0556 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
20:46:54.0734 0556 Processor - ok
20:46:54.0765 0556 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:46:54.0765 0556 ProtectedStorage - ok
20:46:54.0796 0556 psadd (f8a25f1dd8b2c332cbc663e3579566e7) C:\WINDOWS\system32\DRIVERS\psadd.sys
20:46:54.0796 0556 psadd - ok
20:46:54.0828 0556 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:46:54.0828 0556 PSched - ok
20:46:54.0859 0556 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:46:54.0859 0556 Ptilink - ok
20:46:54.0875 0556 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:46:54.0875 0556 PxHelp20 - ok
20:46:54.0906 0556 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
20:46:54.0906 0556 ql1080 - ok
20:46:54.0937 0556 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
20:46:54.0937 0556 Ql10wnt - ok
20:46:54.0968 0556 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
20:46:54.0968 0556 ql12160 - ok
20:46:55.0000 0556 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
20:46:55.0000 0556 ql1240 - ok
20:46:55.0015 0556 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
20:46:55.0015 0556 ql1280 - ok
20:46:55.0046 0556 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:46:55.0046 0556 RasAcd - ok
20:46:55.0078 0556 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
20:46:55.0078 0556 RasAuto - ok
20:46:55.0109 0556 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:46:55.0109 0556 Rasl2tp - ok
20:46:55.0140 0556 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
20:46:55.0140 0556 RasMan - ok
20:46:55.0156 0556 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:46:55.0156 0556 RasPppoe - ok
20:46:55.0187 0556 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:46:55.0187 0556 Raspti - ok
20:46:55.0218 0556 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:46:55.0234 0556 Rdbss - ok
20:46:55.0250 0556 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:46:55.0250 0556 RDPCDD - ok
20:46:55.0296 0556 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:46:55.0296 0556 rdpdr - ok
20:46:55.0343 0556 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
20:46:55.0343 0556 RDPWD - ok
20:46:55.0359 0556 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
20:46:55.0375 0556 RDSessMgr - ok
20:46:55.0390 0556 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:46:55.0390 0556 redbook - ok
20:46:55.0437 0556 RegSrvc (7eeeec28a34516e66137f355dcc15bdb) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:46:55.0453 0556 RegSrvc - ok
20:46:55.0468 0556 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
20:46:55.0468 0556 RemoteAccess - ok
20:46:55.0500 0556 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
20:46:55.0500 0556 RemoteRegistry - ok
20:46:55.0515 0556 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
20:46:55.0515 0556 RimVSerPort - ok
20:46:55.0546 0556 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
20:46:55.0546 0556 ROOTMODEM - ok
20:46:55.0625 0556 RoxMediaDB10 (eb9eeb379848f356797eb9ef31114ca5) C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
20:46:55.0656 0556 RoxMediaDB10 - ok
20:46:55.0671 0556 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
20:46:55.0671 0556 RpcLocator - ok
20:46:55.0718 0556 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
20:46:55.0718 0556 RpcSs - ok
20:46:55.0734 0556 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
20:46:55.0750 0556 RSVP - ok
20:46:55.0796 0556 S24EventMonitor (8b09ff15d36b1d5108f6f3249ea16f5f) C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
20:46:55.0828 0556 S24EventMonitor - ok
20:46:55.0843 0556 s24trans (87940243ea2ad3ebe274f5409c5e9072) C:\WINDOWS\system32\DRIVERS\s24trans.sys
20:46:55.0843 0556 s24trans - ok
20:46:55.0859 0556 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:46:55.0875 0556 SamSs - ok
20:46:55.0890 0556 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
20:46:55.0906 0556 SCardSvr - ok
20:46:55.0937 0556 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
20:46:55.0937 0556 Schedule - ok
20:46:55.0984 0556 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:46:55.0984 0556 Secdrv - ok
20:46:56.0000 0556 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
20:46:56.0015 0556 seclogon - ok
20:46:56.0031 0556 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
20:46:56.0046 0556 SENS - ok
20:46:56.0062 0556 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:46:56.0062 0556 serenum - ok
20:46:56.0093 0556 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
20:46:56.0093 0556 Serial - ok
20:46:56.0156 0556 SessionLauncher - ok
20:46:56.0187 0556 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:46:56.0187 0556 Sfloppy - ok
20:46:56.0234 0556 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
20:46:56.0234 0556 SharedAccess - ok
20:46:56.0265 0556 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:46:56.0265 0556 ShellHWDetection - ok
20:46:56.0281 0556 Shockprf (1310c5e81966e86b2ced7ae8ce3d74f1) C:\WINDOWS\system32\DRIVERS\Apsx86.sys
20:46:56.0296 0556 Shockprf - ok
20:46:56.0312 0556 Simbad - ok
20:46:56.0343 0556 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
20:46:56.0343 0556 sisagp - ok
20:46:56.0359 0556 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:46:56.0359 0556 SLIP - ok
20:46:56.0406 0556 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
20:46:56.0406 0556 Sparrow - ok
20:46:56.0437 0556 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:46:56.0437 0556 splitter - ok
20:46:56.0468 0556 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:46:56.0468 0556 Spooler - ok
20:46:56.0500 0556 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:46:56.0500 0556 SQLBrowser - ok
20:46:56.0531 0556 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:46:56.0531 0556 SQLWriter - ok
20:46:56.0546 0556 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
20:46:56.0562 0556 sr - ok
20:46:56.0593 0556 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
20:46:56.0593 0556 srservice - ok
20:46:56.0625 0556 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:46:56.0625 0556 Srv - ok
20:46:56.0656 0556 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
20:46:56.0656 0556 SSDPSRV - ok
20:46:56.0671 0556 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
20:46:56.0671 0556 StillCam - ok
20:46:56.0718 0556 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
20:46:56.0734 0556 stisvc - ok
20:46:56.0750 0556 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
20:46:56.0750 0556 stllssvr - ok
20:46:56.0765 0556 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:46:56.0781 0556 streamip - ok
20:46:56.0796 0556 SUService (b384a999c5326ba7bc940347a26fc0b9) c:\program files\lenovo\system update\suservice.exe
20:46:56.0796 0556 SUService - ok
20:46:56.0843 0556 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:46:56.0843 0556 swenum - ok
20:46:56.0890 0556 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:46:56.0890 0556 swmidi - ok
20:46:56.0906 0556 swmsflt (57bbaef27dc790160245b43eb6dcd576) C:\WINDOWS\System32\drivers\swmsflt.sys
20:46:56.0906 0556 swmsflt - ok
20:46:56.0953 0556 SWNC8U80 (ca27e8ce559a9c0acc4f9ea468acf414) C:\WINDOWS\system32\DRIVERS\swnc8u80.sys
20:46:56.0953 0556 SWNC8U80 - ok
20:46:56.0968 0556 SwPrv - ok
20:46:57.0140 0556 SWUMX80 (e0042a561eeed484b5c831c2a50b7e8b) C:\WINDOWS\system32\DRIVERS\swumx80.sys
20:46:57.0140 0556 SWUMX80 - ok
20:46:57.0171 0556 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
20:46:57.0171 0556 symc810 - ok
20:46:57.0203 0556 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:46:57.0203 0556 symc8xx - ok
20:46:57.0234 0556 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
20:46:57.0234 0556 sym_hi - ok
20:46:57.0250 0556 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:46:57.0265 0556 sym_u3 - ok
20:46:57.0281 0556 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:46:57.0281 0556 sysaudio - ok
20:46:57.0312 0556 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
20:46:57.0328 0556 SysmonLog - ok
20:46:57.0343 0556 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
20:46:57.0359 0556 TapiSrv - ok
20:46:57.0390 0556 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:46:57.0406 0556 Tcpip - ok
20:46:57.0421 0556 tcpipBM (9b05aa8089f4ea1bc31208ede33969f3) C:\WINDOWS\system32\drivers\tcpipBM.sys
20:46:57.0421 0556 tcpipBM - ok
20:46:57.0437 0556 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:46:57.0453 0556 TDPIPE - ok
20:46:57.0468 0556 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:46:57.0468 0556 TDTCP - ok
20:46:57.0500 0556 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:46:57.0500 0556 TermDD - ok
20:46:57.0546 0556 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
20:46:57.0546 0556 TermService - ok
20:46:57.0578 0556 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:46:57.0578 0556 Themes - ok
20:46:57.0625 0556 ThinkVantage Registry Monitor Service (eb90a37aabaefd7b4f4f92befea8c2e2) c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
20:46:57.0640 0556 ThinkVantage Registry Monitor Service - ok
20:46:57.0656 0556 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
20:46:57.0671 0556 TlntSvr - ok
20:46:57.0687 0556 tmcomm (eb2283c0a4dfbd2e53d14f2c4d5a1e89) C:\WINDOWS\system32\drivers\tmcomm.sys
20:46:57.0703 0556 tmcomm - ok
20:46:57.0734 0556 TmFilter (717e406972bbc07f8fb2a989416cab73) C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys
20:46:57.0734 0556 TmFilter - ok
20:46:57.0781 0556 tmlisten (e2ab37132d4c099259b22587bebd6060) C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
20:46:57.0796 0556 tmlisten - ok
20:46:57.0812 0556 TmPreFilter (379c4f99994a56b66e11d1e32bb22a1c) C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys
20:46:57.0828 0556 TmPreFilter - ok
20:46:57.0875 0556 TmProxy (b12a86329bfb0f04f7a5fc30f31608f5) C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe
20:46:57.0890 0556 TmProxy - ok
20:46:57.0921 0556 tmtdi (d321ca0de388d94d88dff22461ae7baa) C:\WINDOWS\system32\DRIVERS\tmtdi.sys
20:46:57.0921 0556 tmtdi - ok
20:46:57.0953 0556 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
20:46:57.0953 0556 TosIde - ok
20:46:57.0984 0556 TPDIGIMN (d7a29e343632e2fc5f7ebfc886f12675) C:\WINDOWS\system32\DRIVERS\ApsHM86.sys
20:46:57.0984 0556 TPDIGIMN - ok
20:46:58.0000 0556 TPHDEXLGSVC (51b679f627a43a25ef9444ad23bbff9a) C:\WINDOWS\system32\TPHDEXLG.exe
20:46:58.0015 0556 TPHDEXLGSVC - ok
20:46:58.0031 0556 TPHKDRV (8aef2188630f5ecd79ad9abba630630b) C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys
20:46:58.0031 0556 TPHKDRV - ok
20:46:58.0062 0556 tpm (3724dff72b0f5307cf761cc91c2bb9f7) C:\WINDOWS\system32\DRIVERS\tpm.sys
20:46:58.0062 0556 tpm - ok
20:46:58.0093 0556 TPPWRIF (44672de6cea9569c21c4b7a8d2560750) C:\WINDOWS\system32\drivers\Tppwrif.sys
20:46:58.0093 0556 TPPWRIF - ok
20:46:58.0125 0556 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
20:46:58.0125 0556 TrkWks - ok
20:46:58.0156 0556 TSMAPIP (f10f36e20448a5500a5f83f67ee4aad4) C:\WINDOWS\system32\drivers\TSMAPIP.SYS
20:46:58.0156 0556 TSMAPIP - ok
20:46:58.0218 0556 TSSCoreService (4a4ffdeb90a151b734a0bea3d420fd3b) C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
20:46:58.0234 0556 TSSCoreService - ok
20:46:58.0281 0556 TVT Backup Protection Service (d6ee5dcb3ec401baa10395809047935e) C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
20:46:58.0281 0556 TVT Backup Protection Service - ok
20:46:58.0343 0556 TVT Backup Service (0db73f3fb565cf028c7458c70fa59121) C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
20:46:58.0359 0556 TVT Backup Service - ok
20:46:58.0437 0556 TVT Scheduler (6c69fe90f0cc12ef0638ae10dfa4db4e) c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
20:46:58.0453 0556 TVT Scheduler - ok
20:46:58.0500 0556 tvtfilter (49258a02a1e8d304ed88b0f1c56b1738) C:\WINDOWS\system32\DRIVERS\tvtfilter.sys
20:46:58.0500 0556 tvtfilter - ok
20:46:58.0515 0556 TVTI2C (7e66dda1ef146bfc3a6e36e08e036602) C:\WINDOWS\system32\DRIVERS\Tvti2c.sys
20:46:58.0531 0556 TVTI2C - ok
20:46:58.0546 0556 tvtumon (930b8b8ef659a714cf1c755928b8850c) C:\WINDOWS\system32\DRIVERS\tvtumon.sys
20:46:58.0546 0556 tvtumon - ok
20:46:58.0593 0556 TVT_UpdateMonitor (22a001f3fbb92e3811c3bfd8fdad3ed3) C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
20:46:58.0593 0556 TVT_UpdateMonitor - ok
20:46:58.0625 0556 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:46:58.0625 0556 Udfs - ok
20:46:58.0640 0556 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
20:46:58.0640 0556 ultra - ok
20:46:58.0765 0556 UNS (a056ec8654cc5e767be552c4e38c08ac) C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
20:46:58.0812 0556 UNS - ok
20:46:58.0875 0556 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:46:58.0875 0556 Update - ok
20:46:58.0906 0556 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
20:46:58.0906 0556 upnphost - ok
20:46:58.0921 0556 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
20:46:58.0921 0556 UPS - ok
20:46:58.0968 0556 USBAAPL (026f7f224f088ee11e383bca448fff81) C:\WINDOWS\system32\Drivers\usbaapl.sys
20:46:58.0968 0556 USBAAPL - ok
20:46:59.0000 0556 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:46:59.0000 0556 usbccgp - ok
20:46:59.0031 0556 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:46:59.0031 0556 usbehci - ok
20:46:59.0046 0556 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:46:59.0046 0556 usbhub - ok
20:46:59.0078 0556 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:46:59.0078 0556 usbprint - ok
20:46:59.0109 0556 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:46:59.0109 0556 usbscan - ok
20:46:59.0140 0556 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:46:59.0140 0556 USBSTOR - ok
20:46:59.0171 0556 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:46:59.0171 0556 usbuhci - ok
20:46:59.0203 0556 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
20:46:59.0203 0556 usbvideo - ok
20:46:59.0218 0556 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:46:59.0218 0556 VgaSave - ok
20:46:59.0250 0556 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
20:46:59.0250 0556 viaagp - ok
20:46:59.0281 0556 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
20:46:59.0281 0556 ViaIde - ok
20:46:59.0312 0556 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
20:46:59.0312 0556 VolSnap - ok
20:46:59.0390 0556 VSApiNt (642eb152cb980ad9181b2161066be629) C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys
20:46:59.0421 0556 VSApiNt - ok
20:46:59.0468 0556 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
20:46:59.0484 0556 VSS - ok
20:46:59.0500 0556 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
20:46:59.0500 0556 W32Time - ok
20:46:59.0531 0556 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:46:59.0531 0556 Wanarp - ok
20:46:59.0593 0556 Wdf01000 (8b35229d2761bc8ed526cb69e4f6685e) C:\WINDOWS\system32\Drivers\wdf01000.sys
20:46:59.0593 0556 Wdf01000 - ok
20:46:59.0609 0556 WDICA - ok
20:46:59.0640 0556 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:46:59.0640 0556 wdmaud - ok
20:46:59.0671 0556 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
20:46:59.0671 0556 WebClient - ok
20:46:59.0718 0556 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:46:59.0718 0556 winmgmt - ok
20:46:59.0843 0556 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:46:59.0875 0556 wlidsvc - ok
20:46:59.0906 0556 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
20:46:59.0906 0556 WmdmPmSN - ok
20:46:59.0968 0556 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
20:46:59.0984 0556 Wmi - ok
20:47:00.0000 0556 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
20:47:00.0000 0556 WmiAcpi - ok
20:47:00.0046 0556 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:47:00.0046 0556 WmiApSrv - ok
20:47:00.0109 0556 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
20:47:00.0125 0556 WMPNetworkSvc - ok
20:47:00.0140 0556 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:47:00.0140 0556 WS2IFSL - ok
20:47:00.0171 0556 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
20:47:00.0171 0556 wscsvc - ok
20:47:00.0203 0556 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:47:00.0203 0556 WSTCODEC - ok
20:47:00.0218 0556 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
20:47:00.0234 0556 wuauserv - ok
20:47:00.0250 0556 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:47:00.0265 0556 WudfPf - ok
20:47:00.0281 0556 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:47:00.0281 0556 WudfRd - ok
20:47:00.0312 0556 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:47:00.0312 0556 WudfSvc - ok
20:47:00.0359 0556 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
20:47:00.0375 0556 WZCSVC - ok
20:47:00.0390 0556 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
20:47:00.0390 0556 xmlprov - ok
20:47:00.0515 0556 MBR (0x1B8) (d5dce9784b1398357236992be091fd04) \Device\Harddisk0\DR0
20:47:00.0546 0556 \Device\Harddisk0\DR0 - ok
20:47:00.0562 0556 Boot (0x1200) (1679a9f248ac0854a669366e4f528adb) \Device\Harddisk0\DR0\Partition0
20:47:00.0562 0556 \Device\Harddisk0\DR0\Partition0 - ok
20:47:00.0578 0556 ============================================================
20:47:00.0578 0556 Scan finished
20:47:00.0578 0556 ============================================================
20:47:00.0625 0252 Detected object count: 0
20:47:00.0625 0252 Actual detected object count: 0




Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

C:\Documents and Settings\All Users\Application Data\dhWpWLrHmsphLmp.exe a variant of Win32/Kryptik.AFEI trojan cleaned by deleting - quarantined
C:\Documents and Settings\useranon\Local Settings\Temp\Main.class a variant of Java/Exploit.CVE-2011-3544.BK trojan cleaned by deleting - quarantined
C:\Documents and Settings\useranon\Local Settings\Temporary Internet Files\Content.IE5\0JJ3E2WX\ea77f[1].pdf PDF/Exploit.Pidief.PHM.Gen trojan cleaned by deleting - quarantined
C:\Documents and Settings\useranon\Local Settings\Temporary Internet Files\Content.IE5\0JJ3E2WX\index2[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Documents and Settings\useranon\Local Settings\Temporary Internet Files\Content.IE5\0JJ3E2WX\main[1].htm JS/Kryptik.MK trojan cleaned by deleting - quarantined
C:\Documents and Settings\useranon\Local Settings\Temporary Internet Files\Content.IE5\JCUJ9QI1\index[1].htm JS/Kryptik.NJ trojan cleaned by deleting - quarantined





Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-12 21:34:15
-----------------------------
21:34:15.843 OS Version: Windows 5.1.2600 Service Pack 3
21:34:15.843 Number of processors: 2 586 0x1706
21:34:15.843 ComputerName: LENOVO-11007F55 UserName:
21:34:16.906 Initialize success
21:36:03.234 AVAST engine defs: 12051201
21:36:14.906 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:36:14.921 Disk 0 Vendor: SAMSUNG_ VAM0 Size: 61057MB BusType: 3
21:36:14.937 Disk 0 MBR read successfully
21:36:14.968 Disk 0 MBR scan
21:36:14.984 Disk 0 unknown MBR code
21:36:15.000 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 56401 MB offset 2048
21:36:15.031 Disk 0 Partition 2 00 12 Compaq diag MSDOS5.0 4654 MB offset 115511296
21:36:15.046 Disk 0 scanning sectors +125042688
21:36:15.078 Disk 0 scanning C:\WINDOWS\system32\drivers
21:36:25.156 Service scanning
21:36:53.062 Modules scanning
21:37:15.828 Disk 0 trace - called modules:
21:37:15.875 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
21:37:15.890 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a430030]
21:37:15.953 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000081[0x8adb1340]
21:37:16.000 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8adc4028]
21:37:16.437 AVAST engine scan C:\WINDOWS
21:37:18.187 AVAST engine scan C:\WINDOWS\system32
21:40:21.359 AVAST engine scan C:\WINDOWS\system32\drivers
21:40:37.171 AVAST engine scan C:\Documents and Settings\anon
22:01:51.531 AVAST engine scan C:\Documents and Settings\All Users
22:04:41.453 Scan finished successfully
22:13:42.656 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\anon\Desktop\MBR.dat"
22:13:42.671 The log file has been saved successfully to "C:\Documents and Settings\anon\Desktop\aswMBR.txt"

Edited by sansamer, 12 May 2012 - 10:37 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:28 PM

Posted 12 May 2012 - 10:49 PM

Press Windows+R key and type

%temp% and click ok

If you find a folder called SMTMP,copy it to a safe location

Download UNHIDE

http://download.bleepingcomputer.com/grinler/unhide.exe

Run it,this should UNHIDE your files


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Edited by narenxp, 12 May 2012 - 10:49 PM.


#5 sansamer

sansamer
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:28 PM

Posted 13 May 2012 - 05:24 PM

Press Windows+R key and type

%temp% and click ok

If you find a folder called SMTMP,copy it to a safe location

Download UNHIDE

http://download.bleepingcomputer.com/grinler/unhide.exe

Run it,this should UNHIDE your files


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.


Everything seems to be working fine now! Thanks for your help. Do you still want the log minitoolbox?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:28 PM

Posted 13 May 2012 - 05:50 PM

Mini toolbox log alone is enough. :thumbup2:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users