Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with "Live Security Platinum"


  • Please log in to reply
10 replies to this topic

#1 BT.P

BT.P

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:49 AM

Posted 13 June 2012 - 10:37 PM

Hello, and thanks in advance. My mother's computer has been infected with a virus which included the program Live Security Platinum. I attempted to follow the applicable removal guide (http://www.bleepingcomputer.com/virus-removal/remove-live-security-platinum). However, there are two issues I have run into.

1) I cannot connect to the internet. I understand this is covered in the guide, however, my "Use a proxy" was not checked. Is there another common issue I should check?

2) When I attempt to remove Live Security Platinum from the Add/Remove Software list, nothing happens. I can double-click it, or click the Change/Remove button, and the computer brings up an hourglass for a few seconds and then just... nothing.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:49 AM

Posted 13 June 2012 - 11:08 PM

Boot the PC into safemode with networking

Download

Farbar Service Scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

#3 BT.P

BT.P
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:49 AM

Posted 14 June 2012 - 12:54 AM

Farbar Service Scanner Version: 09-06-2012
Ran by Helen (administrator) on 14-06-2012 at 01:46:32
Running from "C:\Documents and Settings\Helen\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Nerwork
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error: Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error: Yahoo IP is unreachable
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS: "C:\WINDOWS\system32\qmgr.dll".

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit


**** End of log ****

01:47:05.0687 1488 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
01:47:05.0687 1488 ============================================================
01:47:05.0687 1488 Current date / time: 2012/06/14 01:47:05.0687
01:47:05.0687 1488 SystemInfo:
01:47:05.0687 1488
01:47:05.0687 1488 OS Version: 5.1.2600 ServicePack: 3.0
01:47:05.0687 1488 Product type: Workstation
01:47:05.0687 1488 ComputerName: HELENSDELL
01:47:05.0687 1488 UserName: Helen
01:47:05.0687 1488 Windows directory: C:\WINDOWS
01:47:05.0687 1488 System windows directory: C:\WINDOWS
01:47:05.0687 1488 Processor architecture: Intel x86
01:47:05.0687 1488 Number of processors: 2
01:47:05.0687 1488 Page size: 0x1000
01:47:05.0687 1488 Boot type: Safe boot with network
01:47:05.0687 1488 ============================================================
01:47:07.0375 1488 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
01:47:07.0375 1488 Drive \Device\Harddisk1\DR3 - Size: 0x3C200000 (0.94 Gb), SectorSize: 0x200, Cylinders: 0x7A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
01:47:07.0375 1488 ============================================================
01:47:07.0375 1488 \Device\Harddisk0\DR0:
01:47:07.0375 1488 MBR partitions:
01:47:07.0375 1488 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2B24B, BlocksNum 0xDF646B5
01:47:07.0375 1488 \Device\Harddisk1\DR3:
01:47:07.0375 1488 MBR partitions:
01:47:07.0375 1488 \Device\Harddisk1\DR3\Partition0: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x1E0FE0
01:47:07.0375 1488 ============================================================
01:47:07.0421 1488 C: <-> \Device\Harddisk0\DR0\Partition0
01:47:07.0421 1488 ============================================================
01:47:07.0421 1488 Initialize success
01:47:07.0421 1488 ============================================================
01:47:11.0171 1092 ============================================================
01:47:11.0171 1092 Scan started
01:47:11.0171 1092 Mode: Manual;
01:47:11.0171 1092 ============================================================
01:47:12.0250 1092 Abiosdsk - ok
01:47:12.0328 1092 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
01:47:12.0328 1092 abp480n5 - ok
01:47:12.0375 1092 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:47:12.0375 1092 ACPI - ok
01:47:12.0406 1092 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
01:47:12.0406 1092 ACPIEC - ok
01:47:12.0562 1092 AdobeActiveFileMonitor6.0 (e8fe4fce23d2809bd88bcc1d0f8408ce) C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
01:47:12.0562 1092 AdobeActiveFileMonitor6.0 - ok
01:47:12.0687 1092 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
01:47:12.0687 1092 AdobeFlashPlayerUpdateSvc - ok
01:47:12.0734 1092 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
01:47:12.0734 1092 adpu160m - ok
01:47:12.0765 1092 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
01:47:12.0781 1092 aec - ok
01:47:12.0812 1092 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
01:47:12.0812 1092 AFD - ok
01:47:12.0843 1092 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
01:47:12.0843 1092 agp440 - ok
01:47:12.0890 1092 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
01:47:12.0890 1092 agpCPQ - ok
01:47:12.0906 1092 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
01:47:12.0906 1092 Aha154x - ok
01:47:12.0937 1092 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
01:47:12.0937 1092 aic78u2 - ok
01:47:12.0968 1092 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
01:47:12.0968 1092 aic78xx - ok
01:47:13.0000 1092 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
01:47:13.0000 1092 Alerter - ok
01:47:13.0031 1092 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
01:47:13.0031 1092 ALG - ok
01:47:13.0062 1092 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
01:47:13.0062 1092 AliIde - ok
01:47:13.0109 1092 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
01:47:13.0109 1092 alim1541 - ok
01:47:13.0125 1092 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
01:47:13.0125 1092 amdagp - ok
01:47:13.0140 1092 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
01:47:13.0140 1092 amsint - ok
01:47:13.0187 1092 ApfiltrService (b8d65da679a4a8d048783ede2691b5d4) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
01:47:13.0187 1092 ApfiltrService - ok
01:47:13.0203 1092 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
01:47:13.0203 1092 APPDRV - ok
01:47:13.0359 1092 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:47:13.0359 1092 Apple Mobile Device - ok
01:47:13.0406 1092 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
01:47:13.0406 1092 AppMgmt - ok
01:47:13.0437 1092 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
01:47:13.0453 1092 Arp1394 - ok
01:47:13.0484 1092 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
01:47:13.0484 1092 asc - ok
01:47:13.0500 1092 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
01:47:13.0500 1092 asc3350p - ok
01:47:13.0515 1092 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
01:47:13.0515 1092 asc3550 - ok
01:47:13.0562 1092 ASFIPmon (7591238ebf7dd1fd13b353c382227dc3) C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
01:47:13.0562 1092 ASFIPmon - ok
01:47:13.0703 1092 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
01:47:13.0734 1092 aspnet_state - ok
01:47:13.0750 1092 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:47:13.0750 1092 AsyncMac - ok
01:47:13.0781 1092 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
01:47:13.0781 1092 atapi - ok
01:47:13.0781 1092 Atdisk - ok
01:47:13.0828 1092 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:47:13.0828 1092 Atmarpc - ok
01:47:13.0875 1092 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
01:47:13.0875 1092 AudioSrv - ok
01:47:13.0906 1092 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
01:47:13.0906 1092 audstub - ok
01:47:13.0953 1092 b57w2k (f96038aa1ec4013a93d2420fc689d1e9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
01:47:13.0953 1092 b57w2k - ok
01:47:13.0984 1092 BASFND (5c68ac6f3e5b3e6d6a78e97d05e42c3a) C:\Program Files\Broadcom\ASFIPMon\BASFND.sys
01:47:13.0984 1092 BASFND - ok
01:47:14.0062 1092 BCM43XX (e9ea635b8432d68f0005b3f6cebab837) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
01:47:14.0078 1092 BCM43XX - ok
01:47:14.0125 1092 BCMWLNPF (8c31c9db77ed6143ad09dc5fd2c9d9cc) C:\WINDOWS\system32\drivers\bcmwlnpf.sys
01:47:14.0125 1092 BCMWLNPF - ok
01:47:14.0140 1092 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
01:47:14.0140 1092 Beep - ok
01:47:14.0203 1092 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
01:47:14.0265 1092 BITS - ok
01:47:14.0437 1092 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
01:47:14.0437 1092 Bonjour Service - ok
01:47:14.0484 1092 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
01:47:14.0484 1092 Browser - ok
01:47:14.0515 1092 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
01:47:14.0515 1092 cbidf - ok
01:47:14.0531 1092 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
01:47:14.0531 1092 cbidf2k - ok
01:47:14.0578 1092 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
01:47:14.0578 1092 CCDECODE - ok
01:47:14.0593 1092 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
01:47:14.0593 1092 cd20xrnt - ok
01:47:14.0625 1092 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
01:47:14.0625 1092 Cdaudio - ok
01:47:14.0640 1092 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
01:47:14.0640 1092 Cdfs - ok
01:47:14.0671 1092 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:47:14.0671 1092 Cdrom - ok
01:47:14.0703 1092 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\WINDOWS\system32\drivers\cfwids.sys
01:47:14.0703 1092 cfwids - ok
01:47:14.0718 1092 Changer - ok
01:47:14.0765 1092 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
01:47:14.0765 1092 CiSvc - ok
01:47:14.0765 1092 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
01:47:14.0781 1092 ClipSrv - ok
01:47:14.0875 1092 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:47:14.0906 1092 clr_optimization_v2.0.50727_32 - ok
01:47:14.0937 1092 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
01:47:14.0937 1092 CmBatt - ok
01:47:14.0968 1092 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
01:47:14.0968 1092 CmdIde - ok
01:47:14.0984 1092 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
01:47:14.0984 1092 Compbatt - ok
01:47:15.0000 1092 COMSysApp - ok
01:47:15.0031 1092 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
01:47:15.0031 1092 Cpqarray - ok
01:47:15.0078 1092 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
01:47:15.0078 1092 CryptSvc - ok
01:47:15.0109 1092 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
01:47:15.0109 1092 CVirtA - ok
01:47:15.0296 1092 CVPND (98b1b70e250ebca7b7a0a56ad2a7e62f) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
01:47:15.0312 1092 CVPND - ok
01:47:15.0515 1092 CVPNDRVA (465ced77e7c4f9d71b81ba600edafac1) C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
01:47:15.0515 1092 CVPNDRVA - ok
01:47:15.0546 1092 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
01:47:15.0546 1092 dac2w2k - ok
01:47:15.0593 1092 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
01:47:15.0593 1092 dac960nt - ok
01:47:15.0656 1092 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
01:47:15.0656 1092 DcomLaunch - ok
01:47:15.0687 1092 DgiVecp (1ec27a51a2f9df052bc2b4c8376c8fea) C:\WINDOWS\system32\Drivers\DgiVecp.sys
01:47:15.0687 1092 DgiVecp - ok
01:47:15.0734 1092 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
01:47:15.0734 1092 Dhcp - ok
01:47:15.0750 1092 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
01:47:15.0750 1092 Disk - ok
01:47:15.0781 1092 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
01:47:15.0781 1092 DLABMFSM - ok
01:47:15.0812 1092 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
01:47:15.0812 1092 DLABOIOM - ok
01:47:15.0828 1092 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
01:47:15.0828 1092 DLACDBHM - ok
01:47:15.0843 1092 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS
01:47:15.0843 1092 DLADResM - ok
01:47:15.0859 1092 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
01:47:15.0875 1092 DLAIFS_M - ok
01:47:15.0890 1092 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
01:47:15.0890 1092 DLAOPIOM - ok
01:47:15.0906 1092 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
01:47:15.0906 1092 DLAPoolM - ok
01:47:15.0921 1092 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
01:47:15.0921 1092 DLARTL_M - ok
01:47:15.0937 1092 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
01:47:15.0937 1092 DLAUDFAM - ok
01:47:15.0953 1092 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
01:47:15.0953 1092 DLAUDF_M - ok
01:47:15.0968 1092 dmadmin - ok
01:47:16.0031 1092 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
01:47:16.0046 1092 dmboot - ok
01:47:16.0062 1092 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
01:47:16.0062 1092 dmio - ok
01:47:16.0093 1092 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
01:47:16.0093 1092 dmload - ok
01:47:16.0140 1092 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
01:47:16.0140 1092 dmserver - ok
01:47:16.0171 1092 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
01:47:16.0171 1092 DMusic - ok
01:47:16.0218 1092 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\WINDOWS\system32\DRIVERS\dne2000.sys
01:47:16.0218 1092 DNE - ok
01:47:16.0265 1092 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
01:47:16.0265 1092 Dnscache - ok
01:47:16.0312 1092 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
01:47:16.0312 1092 Dot3svc - ok
01:47:16.0375 1092 Dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
01:47:16.0375 1092 Dot4 - ok
01:47:16.0406 1092 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
01:47:16.0406 1092 Dot4Print - ok
01:47:16.0453 1092 dot4ufd (2ebac67dad0da30bccd0e838bc98db5b) C:\WINDOWS\system32\DRIVERS\hppaufd0.sys
01:47:16.0453 1092 dot4ufd - ok
01:47:16.0484 1092 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
01:47:16.0484 1092 dot4usb - ok
01:47:16.0515 1092 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
01:47:16.0515 1092 dpti2o - ok
01:47:16.0546 1092 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
01:47:16.0546 1092 drmkaud - ok
01:47:16.0593 1092 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
01:47:16.0593 1092 DRVMCDB - ok
01:47:16.0640 1092 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
01:47:16.0640 1092 DRVNDDM - ok
01:47:16.0656 1092 DXEC01 (549734664886d91222969845e4311d1b) C:\WINDOWS\system32\drivers\dxec01.sys
01:47:16.0656 1092 DXEC01 - ok
01:47:16.0718 1092 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
01:47:16.0718 1092 E100B - ok
01:47:16.0734 1092 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
01:47:16.0734 1092 EapHost - ok
01:47:16.0765 1092 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
01:47:16.0781 1092 ERSvc - ok
01:47:16.0812 1092 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
01:47:16.0828 1092 Eventlog - ok
01:47:16.0875 1092 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
01:47:16.0875 1092 EventSystem - ok
01:47:16.0890 1092 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
01:47:16.0890 1092 Fastfat - ok
01:47:16.0937 1092 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
01:47:16.0937 1092 FastUserSwitchingCompatibility - ok
01:47:16.0984 1092 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
01:47:17.0000 1092 Fax - ok
01:47:17.0031 1092 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
01:47:17.0031 1092 Fdc - ok
01:47:17.0078 1092 FilterService (f83c0fd028dd37be4a337b138eba6b7b) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
01:47:17.0093 1092 FilterService - ok
01:47:17.0109 1092 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
01:47:17.0109 1092 Fips - ok
01:47:17.0234 1092 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
01:47:17.0250 1092 FLEXnet Licensing Service - ok
01:47:17.0281 1092 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
01:47:17.0281 1092 Flpydisk - ok
01:47:17.0328 1092 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
01:47:17.0328 1092 FltMgr - ok
01:47:17.0484 1092 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
01:47:17.0484 1092 FontCache3.0.0.0 - ok
01:47:17.0515 1092 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:47:17.0515 1092 Fs_Rec - ok
01:47:17.0531 1092 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:47:17.0546 1092 Ftdisk - ok
01:47:17.0593 1092 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
01:47:17.0593 1092 GEARAspiWDM - ok
01:47:17.0609 1092 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:47:17.0609 1092 Gpc - ok
01:47:17.0656 1092 guardian2 (7031a936832967a93b0e5d5f1c76745a) C:\WINDOWS\system32\Drivers\oz776.sys
01:47:17.0656 1092 guardian2 - ok
01:47:17.0750 1092 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
01:47:17.0750 1092 gusvc - ok
01:47:17.0781 1092 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
01:47:17.0781 1092 HDAudBus - ok
01:47:17.0859 1092 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
01:47:17.0859 1092 helpsvc - ok
01:47:17.0906 1092 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
01:47:17.0906 1092 HidServ - ok
01:47:17.0921 1092 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:47:17.0921 1092 HidUsb - ok
01:47:17.0968 1092 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
01:47:17.0968 1092 hkmsvc - ok
01:47:18.0015 1092 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
01:47:18.0015 1092 hpn - ok
01:47:18.0062 1092 HSFHWAZL (290cdbb05903742ea06b7203c5a662f5) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
01:47:18.0062 1092 HSFHWAZL - ok
01:47:18.0156 1092 HSF_DPV (7ab812355f98858b9ecdd46e6fcc221f) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
01:47:18.0171 1092 HSF_DPV - ok
01:47:18.0218 1092 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
01:47:18.0218 1092 HTTP - ok
01:47:18.0250 1092 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
01:47:18.0250 1092 HTTPFilter - ok
01:47:18.0265 1092 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
01:47:18.0265 1092 i2omgmt - ok
01:47:18.0296 1092 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
01:47:18.0296 1092 i2omp - ok
01:47:18.0328 1092 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
01:47:18.0328 1092 i8042prt - ok
01:47:18.0671 1092 ialm (200cca76cd0e0f7eec78fa56c29b4d67) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
01:47:18.0734 1092 ialm - ok
01:47:18.0921 1092 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
01:47:18.0937 1092 IDriverT - ok
01:47:19.0140 1092 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:47:19.0156 1092 idsvc - ok
01:47:19.0250 1092 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
01:47:19.0250 1092 Imapi - ok
01:47:19.0296 1092 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
01:47:19.0296 1092 ImapiService - ok
01:47:19.0359 1092 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
01:47:19.0359 1092 ini910u - ok
01:47:19.0406 1092 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
01:47:19.0406 1092 IntelIde - ok
01:47:19.0437 1092 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:47:19.0437 1092 intelppm - ok
01:47:19.0468 1092 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
01:47:19.0468 1092 Ip6Fw - ok
01:47:19.0484 1092 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:47:19.0484 1092 IpFilterDriver - ok
01:47:19.0500 1092 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:47:19.0500 1092 IpInIp - ok
01:47:19.0531 1092 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:47:19.0531 1092 IpNat - ok
01:47:19.0687 1092 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
01:47:19.0703 1092 iPod Service - ok
01:47:19.0750 1092 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:47:19.0750 1092 IPSec - ok
01:47:19.0750 1092 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
01:47:19.0750 1092 IRENUM - ok
01:47:19.0781 1092 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:47:19.0781 1092 isapnp - ok
01:47:19.0921 1092 JavaQuickStarterService (9ae07549a0d691a103faf8946554bdb7) C:\Program Files\Java\jre6\bin\jqs.exe
01:47:19.0921 1092 JavaQuickStarterService - ok
01:47:19.0953 1092 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:47:19.0953 1092 Kbdclass - ok
01:47:19.0968 1092 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:47:19.0968 1092 kbdhid - ok
01:47:20.0000 1092 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
01:47:20.0000 1092 kmixer - ok
01:47:20.0046 1092 KMW_SYS (624fda9ffa42b16f3f91861b462d69ae) C:\WINDOWS\system32\DRIVERS\KMW_SYS.sys
01:47:20.0046 1092 KMW_SYS - ok
01:47:20.0078 1092 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
01:47:20.0078 1092 KSecDD - ok
01:47:20.0109 1092 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
01:47:20.0109 1092 lanmanserver - ok
01:47:20.0156 1092 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
01:47:20.0156 1092 lanmanworkstation - ok
01:47:20.0156 1092 lbrtfdc - ok
01:47:20.0234 1092 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
01:47:20.0234 1092 LmHosts - ok
01:47:20.0296 1092 LVcKap (9ce361764c5dd5fa5506510fe5d2297b) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
01:47:20.0296 1092 LVcKap - ok
01:47:20.0484 1092 LVCOMSer (1d28b53c50cc57062692862b8e083020) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
01:47:20.0484 1092 LVCOMSer - ok
01:47:20.0531 1092 LVPr2Mon (94d03b31f36bb362fa5713470fcf1c79) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
01:47:20.0531 1092 LVPr2Mon - ok
01:47:20.0546 1092 LVPrcSrv (5a9679d184a408982d5f0bd79874b44f) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
01:47:20.0546 1092 LVPrcSrv - ok
01:47:20.0640 1092 LVRS (a198cd8a1c813d9ceba29a29d45fc94c) C:\WINDOWS\system32\DRIVERS\lvrs.sys
01:47:20.0656 1092 LVRS - ok
01:47:20.0703 1092 LVSrvLauncher (a87baa316538e526760353ff52742756) C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
01:47:20.0703 1092 LVSrvLauncher - ok
01:47:20.0734 1092 LVUSBSta (8b79a50360fc31df6b7b979b686b4aa2) C:\WINDOWS\system32\drivers\LVUSBSta.sys
01:47:20.0734 1092 LVUSBSta - ok
01:47:21.0031 1092 LVUVC (5c20c4be679842cbee729b0cff5928bd) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
01:47:21.0078 1092 LVUVC - ok
01:47:21.0265 1092 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
01:47:21.0265 1092 MBAMProtector - ok
01:47:21.0390 1092 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
01:47:21.0390 1092 MBAMService - ok
01:47:21.0484 1092 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
01:47:21.0484 1092 McAfee SiteAdvisor Service - ok
01:47:21.0593 1092 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
01:47:21.0593 1092 McMPFSvc - ok
01:47:21.0593 1092 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
01:47:21.0593 1092 mcmscsvc - ok
01:47:21.0609 1092 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
01:47:21.0625 1092 McNaiAnn - ok
01:47:21.0625 1092 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
01:47:21.0640 1092 McNASvc - ok
01:47:21.0734 1092 McODS (135aa9e9e7047b7dc1f753205d421a26) C:\Program Files\McAfee\VirusScan\mcods.exe
01:47:21.0750 1092 McODS - ok
01:47:21.0750 1092 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
01:47:21.0750 1092 McProxy - ok
01:47:21.0843 1092 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
01:47:21.0843 1092 McShield - ok
01:47:21.0937 1092 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
01:47:21.0937 1092 mdmxsdk - ok
01:47:21.0968 1092 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
01:47:21.0968 1092 Messenger - ok
01:47:22.0015 1092 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\WINDOWS\system32\drivers\mfeapfk.sys
01:47:22.0015 1092 mfeapfk - ok
01:47:22.0046 1092 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\WINDOWS\system32\drivers\mfeavfk.sys
01:47:22.0046 1092 mfeavfk - ok
01:47:22.0093 1092 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\WINDOWS\system32\drivers\mfebopk.sys
01:47:22.0093 1092 mfebopk - ok
01:47:22.0125 1092 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
01:47:22.0125 1092 mfefire - ok
01:47:22.0187 1092 mfefirek (4ea6ff90015424517843e931448e00f1) C:\WINDOWS\system32\drivers\mfefirek.sys
01:47:22.0187 1092 mfefirek - ok
01:47:22.0265 1092 mfehidk (d1e998748ba24a731106611d535c6bbf) C:\WINDOWS\system32\drivers\mfehidk.sys
01:47:22.0281 1092 mfehidk - ok
01:47:22.0328 1092 mfendisk (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
01:47:22.0328 1092 mfendisk - ok
01:47:22.0328 1092 mfendiskmp (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
01:47:22.0328 1092 mfendiskmp - ok
01:47:22.0359 1092 mferkdet (f454a13377f0a006d20a8c14a753c432) C:\WINDOWS\system32\drivers\mferkdet.sys
01:47:22.0359 1092 mferkdet - ok
01:47:22.0406 1092 mfetdi2k (070d3faf2eac417c59d8674a8752f7a6) C:\WINDOWS\system32\drivers\mfetdi2k.sys
01:47:22.0406 1092 mfetdi2k - ok
01:47:22.0453 1092 mfevtp (b10c4efd40810c08f4b44df2efcb54f7) C:\WINDOWS\system32\mfevtps.exe
01:47:22.0453 1092 mfevtp - ok
01:47:22.0500 1092 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
01:47:22.0500 1092 mnmdd - ok
01:47:22.0515 1092 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
01:47:22.0531 1092 mnmsrvc - ok
01:47:22.0546 1092 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
01:47:22.0546 1092 Modem - ok
01:47:22.0578 1092 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:47:22.0578 1092 Mouclass - ok
01:47:22.0609 1092 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:47:22.0609 1092 mouhid - ok
01:47:22.0609 1092 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
01:47:22.0625 1092 MountMgr - ok
01:47:22.0640 1092 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
01:47:22.0656 1092 mraid35x - ok
01:47:22.0656 1092 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:47:22.0656 1092 MRxDAV - ok
01:47:22.0734 1092 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:47:22.0734 1092 MRxSmb - ok
01:47:22.0765 1092 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
01:47:22.0765 1092 MSDTC - ok
01:47:22.0781 1092 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
01:47:22.0781 1092 Msfs - ok
01:47:22.0781 1092 MSIServer - ok
01:47:22.0812 1092 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:47:22.0812 1092 MSKSSRV - ok
01:47:22.0828 1092 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:47:22.0828 1092 MSPCLOCK - ok
01:47:22.0859 1092 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
01:47:22.0859 1092 MSPQM - ok
01:47:22.0875 1092 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:47:22.0875 1092 mssmbios - ok
01:47:22.0953 1092 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
01:47:22.0953 1092 MSTEE - ok
01:47:22.0984 1092 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
01:47:22.0984 1092 Mup - ok
01:47:23.0031 1092 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
01:47:23.0031 1092 NABTSFEC - ok
01:47:23.0078 1092 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
01:47:23.0078 1092 napagent - ok
01:47:23.0125 1092 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
01:47:23.0125 1092 NDIS - ok
01:47:23.0140 1092 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
01:47:23.0140 1092 NdisIP - ok
01:47:23.0171 1092 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:47:23.0171 1092 NdisTapi - ok
01:47:23.0187 1092 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:47:23.0187 1092 Ndisuio - ok
01:47:23.0234 1092 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:47:23.0234 1092 NdisWan - ok
01:47:23.0250 1092 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
01:47:23.0250 1092 NDProxy - ok
01:47:23.0281 1092 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\WINDOWS\system32\HPZinw12.dll
01:47:23.0281 1092 Net Driver HPZ12 - ok
01:47:23.0296 1092 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
01:47:23.0296 1092 NetBIOS - ok
01:47:23.0312 1092 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
01:47:23.0328 1092 NetBT - ok
01:47:23.0359 1092 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
01:47:23.0359 1092 NetDDE - ok
01:47:23.0359 1092 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
01:47:23.0375 1092 NetDDEdsdm - ok
01:47:23.0406 1092 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
01:47:23.0406 1092 Netlogon - ok
01:47:23.0421 1092 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
01:47:23.0421 1092 Netman - ok
01:47:23.0562 1092 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:47:23.0562 1092 NetTcpPortSharing - ok
01:47:23.0578 1092 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
01:47:23.0593 1092 NIC1394 - ok
01:47:23.0734 1092 NICCONFIGSVC (27d38b7d646283d98d65e3435b1e6197) C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
01:47:23.0750 1092 NICCONFIGSVC - ok
01:47:23.0796 1092 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
01:47:23.0796 1092 Nla - ok
01:47:23.0796 1092 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
01:47:23.0796 1092 Npfs - ok
01:47:23.0843 1092 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
01:47:23.0859 1092 Ntfs - ok
01:47:23.0859 1092 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
01:47:23.0859 1092 NtLmSsp - ok
01:47:23.0921 1092 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
01:47:23.0921 1092 NtmsSvc - ok
01:47:23.0968 1092 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
01:47:23.0968 1092 Null - ok
01:47:24.0140 1092 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
01:47:24.0171 1092 nv - ok
01:47:24.0265 1092 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:47:24.0265 1092 NwlnkFlt - ok
01:47:24.0281 1092 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:47:24.0281 1092 NwlnkFwd - ok
01:47:24.0484 1092 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
01:47:24.0500 1092 odserv - ok
01:47:24.0546 1092 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
01:47:24.0546 1092 ohci1394 - ok
01:47:24.0593 1092 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:47:24.0593 1092 ose - ok
01:47:24.0640 1092 PalmUSBD (803cf09c795290825607505d37819135) C:\WINDOWS\system32\drivers\PalmUSBD.sys
01:47:24.0640 1092 PalmUSBD - ok
01:47:24.0671 1092 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
01:47:24.0671 1092 Parport - ok
01:47:24.0687 1092 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
01:47:24.0687 1092 PartMgr - ok
01:47:24.0718 1092 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
01:47:24.0718 1092 ParVdm - ok
01:47:24.0765 1092 PBADRV (9ec004140e1b675acdeb07f66ee797a4) C:\WINDOWS\system32\DRIVERS\PBADRV.sys
01:47:24.0765 1092 PBADRV - ok
01:47:24.0828 1092 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
01:47:24.0843 1092 PCI - ok
01:47:24.0843 1092 PCIDump - ok
01:47:24.0875 1092 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
01:47:24.0875 1092 PCIIde - ok
01:47:24.0890 1092 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
01:47:24.0890 1092 Pcmcia - ok
01:47:24.0906 1092 PDCOMP - ok
01:47:24.0921 1092 PDFRAME - ok
01:47:24.0937 1092 PDRELI - ok
01:47:24.0953 1092 PDRFRAME - ok
01:47:24.0984 1092 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
01:47:24.0984 1092 perc2 - ok
01:47:25.0000 1092 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
01:47:25.0000 1092 perc2hib - ok
01:47:25.0078 1092 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
01:47:25.0078 1092 PlugPlay - ok
01:47:25.0125 1092 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\WINDOWS\system32\HPZipm12.dll
01:47:25.0125 1092 Pml Driver HPZ12 - ok
01:47:25.0156 1092 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
01:47:25.0156 1092 PolicyAgent - ok
01:47:25.0171 1092 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:47:25.0171 1092 PptpMiniport - ok
01:47:25.0187 1092 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
01:47:25.0187 1092 ProtectedStorage - ok
01:47:25.0234 1092 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
01:47:25.0234 1092 PSched - ok
01:47:25.0281 1092 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:47:25.0281 1092 Ptilink - ok
01:47:25.0296 1092 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
01:47:25.0312 1092 PxHelp20 - ok
01:47:25.0343 1092 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
01:47:25.0343 1092 ql1080 - ok
01:47:25.0359 1092 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
01:47:25.0359 1092 Ql10wnt - ok
01:47:25.0390 1092 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
01:47:25.0406 1092 ql12160 - ok
01:47:25.0437 1092 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
01:47:25.0437 1092 ql1240 - ok
01:47:25.0484 1092 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
01:47:25.0484 1092 ql1280 - ok
01:47:25.0515 1092 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:47:25.0515 1092 RasAcd - ok
01:47:25.0546 1092 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
01:47:25.0546 1092 RasAuto - ok
01:47:25.0578 1092 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:47:25.0578 1092 Rasl2tp - ok
01:47:25.0625 1092 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
01:47:25.0625 1092 RasMan - ok
01:47:25.0671 1092 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:47:25.0671 1092 RasPppoe - ok
01:47:25.0687 1092 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
01:47:25.0687 1092 Raspti - ok
01:47:25.0718 1092 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:47:25.0718 1092 Rdbss - ok
01:47:25.0750 1092 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:47:25.0750 1092 RDPCDD - ok
01:47:25.0812 1092 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
01:47:25.0812 1092 rdpdr - ok
01:47:25.0859 1092 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
01:47:25.0859 1092 RDPWD - ok
01:47:25.0890 1092 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
01:47:25.0906 1092 RDSessMgr - ok
01:47:25.0921 1092 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
01:47:25.0921 1092 redbook - ok
01:47:25.0984 1092 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
01:47:25.0984 1092 RemoteAccess - ok
01:47:26.0015 1092 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
01:47:26.0015 1092 RemoteRegistry - ok
01:47:26.0046 1092 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
01:47:26.0046 1092 RpcLocator - ok
01:47:26.0140 1092 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
01:47:26.0140 1092 RpcSs - ok
01:47:26.0171 1092 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
01:47:26.0171 1092 RSVP - ok
01:47:26.0218 1092 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
01:47:26.0218 1092 SamSs - ok
01:47:26.0234 1092 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
01:47:26.0234 1092 SCardSvr - ok
01:47:26.0281 1092 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
01:47:26.0296 1092 Schedule - ok
01:47:26.0343 1092 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:47:26.0343 1092 Secdrv - ok
01:47:26.0375 1092 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
01:47:26.0375 1092 seclogon - ok
01:47:26.0546 1092 SecureStorageService (472946edebf85c1f0b44b6eba01ac9b6) C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
01:47:26.0562 1092 SecureStorageService - ok
01:47:26.0578 1092 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
01:47:26.0578 1092 SENS - ok
01:47:26.0609 1092 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
01:47:26.0609 1092 serenum - ok
01:47:26.0625 1092 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
01:47:26.0625 1092 Serial - ok
01:47:26.0671 1092 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
01:47:26.0671 1092 Sfloppy - ok
01:47:26.0718 1092 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
01:47:26.0718 1092 ShellHWDetection - ok
01:47:26.0718 1092 Simbad - ok
01:47:26.0734 1092 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
01:47:26.0750 1092 sisagp - ok
01:47:27.0031 1092 Skype C2C Service (4ca43b85f22c7739311788b651a779cb) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
01:47:27.0078 1092 Skype C2C Service - ok
01:47:27.0203 1092 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
01:47:27.0203 1092 SkypeUpdate - ok
01:47:27.0406 1092 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
01:47:27.0406 1092 SLIP - ok
01:47:27.0453 1092 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
01:47:27.0453 1092 Sparrow - ok
01:47:27.0484 1092 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
01:47:27.0484 1092 splitter - ok
01:47:27.0531 1092 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
01:47:27.0531 1092 Spooler - ok
01:47:27.0546 1092 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
01:47:27.0546 1092 sr - ok
01:47:27.0578 1092 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
01:47:27.0593 1092 srservice - ok
01:47:27.0656 1092 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
01:47:27.0656 1092 Srv - ok
01:47:27.0687 1092 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
01:47:27.0687 1092 SSDPSRV - ok
01:47:27.0765 1092 STacSV (6f855b5625a47f3ac731a262fdc379a6) C:\WINDOWS\system32\StacSV.exe
01:47:27.0765 1092 STacSV - ok
01:47:27.0890 1092 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
01:47:27.0906 1092 STHDA - ok
01:47:27.0921 1092 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
01:47:27.0921 1092 StillCam - ok
01:47:27.0953 1092 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
01:47:27.0953 1092 stisvc - ok
01:47:28.0093 1092 stllssvr (de3e7a2345ebaa3ce8e6957dfb55fb15) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
01:47:28.0093 1092 stllssvr - ok
01:47:28.0125 1092 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
01:47:28.0125 1092 streamip - ok
01:47:28.0156 1092 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
01:47:28.0156 1092 swenum - ok
01:47:28.0171 1092 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
01:47:28.0171 1092 swmidi - ok
01:47:28.0171 1092 SwPrv - ok
01:47:28.0234 1092 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
01:47:28.0234 1092 symc810 - ok
01:47:28.0265 1092 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
01:47:28.0265 1092 symc8xx - ok
01:47:28.0296 1092 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
01:47:28.0296 1092 sym_hi - ok
01:47:28.0312 1092 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
01:47:28.0312 1092 sym_u3 - ok
01:47:28.0359 1092 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
01:47:28.0359 1092 sysaudio - ok
01:47:28.0390 1092 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
01:47:28.0390 1092 SysmonLog - ok
01:47:28.0437 1092 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
01:47:28.0453 1092 TapiSrv - ok
01:47:28.0500 1092 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:47:28.0500 1092 Tcpip - ok
01:47:28.0625 1092 tcsd_win32.exe (23b506262493f1a521683ee88c5fbf60) C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
01:47:28.0640 1092 tcsd_win32.exe - ok
01:47:28.0750 1092 TdmService (a27d803b21f24a5cfb775944ea4cb130) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
01:47:28.0765 1092 TdmService - ok
01:47:28.0921 1092 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
01:47:28.0921 1092 TDPIPE - ok
01:47:28.0937 1092 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
01:47:28.0937 1092 TDTCP - ok
01:47:28.0968 1092 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
01:47:28.0968 1092 TermDD - ok
01:47:29.0015 1092 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
01:47:29.0015 1092 TermService - ok
01:47:29.0062 1092 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
01:47:29.0062 1092 Themes - ok
01:47:29.0109 1092 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
01:47:29.0109 1092 TlntSvr - ok
01:47:29.0171 1092 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
01:47:29.0171 1092 TosIde - ok
01:47:29.0218 1092 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
01:47:29.0218 1092 TrkWks - ok
01:47:29.0250 1092 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
01:47:29.0250 1092 Udfs - ok
01:47:29.0281 1092 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
01:47:29.0281 1092 ultra - ok
01:47:29.0343 1092 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
01:47:29.0343 1092 Update - ok
01:47:29.0375 1092 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
01:47:29.0390 1092 upnphost - ok
01:47:29.0406 1092 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
01:47:29.0421 1092 UPS - ok
01:47:29.0453 1092 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
01:47:29.0468 1092 USBAAPL - ok
01:47:29.0515 1092 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
01:47:29.0515 1092 usbaudio - ok
01:47:29.0546 1092 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:47:29.0546 1092 usbccgp - ok
01:47:29.0562 1092 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:47:29.0562 1092 usbehci - ok
01:47:29.0578 1092 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:47:29.0578 1092 usbhub - ok
01:47:29.0609 1092 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
01:47:29.0609 1092 usbprint - ok
01:47:29.0671 1092 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:47:29.0671 1092 usbscan - ok
01:47:29.0703 1092 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:47:29.0703 1092 USBSTOR - ok
01:47:29.0718 1092 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
01:47:29.0734 1092 usbuhci - ok
01:47:29.0765 1092 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
01:47:29.0765 1092 usbvideo - ok
01:47:29.0812 1092 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
01:47:29.0812 1092 VgaSave - ok
01:47:29.0843 1092 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
01:47:29.0843 1092 viaagp - ok
01:47:29.0859 1092 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
01:47:29.0859 1092 ViaIde - ok
01:47:29.0890 1092 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
01:47:29.0906 1092 VolSnap - ok
01:47:29.0968 1092 vsdatant (27b3dd12a19eec50220df15b64913dda) C:\WINDOWS\system32\vsdatant.sys
01:47:29.0968 1092 vsdatant - ok
01:47:30.0015 1092 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
01:47:30.0015 1092 VSS - ok
01:47:30.0062 1092 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
01:47:30.0062 1092 w32time - ok
01:47:30.0093 1092 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:47:30.0093 1092 Wanarp - ok
01:47:30.0109 1092 Wave UCSPlus - ok
01:47:30.0281 1092 WaveEnrollmentService (796fda916625be7e5f6cfece15a81c3a) C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe
01:47:30.0281 1092 WaveEnrollmentService - ok
01:47:30.0312 1092 WaveFDE (db626c46997c2430d4958da5c7ffb969) C:\WINDOWS\system32\DRIVERS\WaveFDE.sys
01:47:30.0312 1092 WaveFDE - ok
01:47:30.0343 1092 WavxDMgr (51e756f2bfb5e3adcb15f966ad293231) C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
01:47:30.0343 1092 WavxDMgr - ok
01:47:30.0343 1092 WDICA - ok
01:47:30.0390 1092 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
01:47:30.0390 1092 wdmaud - ok
01:47:30.0406 1092 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
01:47:30.0406 1092 WebClient - ok
01:47:30.0468 1092 winachsf (a8596cf86d445269a42ecc08b7066a4c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
01:47:30.0468 1092 winachsf - ok
01:47:30.0562 1092 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
01:47:30.0562 1092 winmgmt - ok
01:47:30.0562 1092 wltrysvc - ok
01:47:30.0609 1092 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
01:47:30.0609 1092 WmdmPmSN - ok
01:47:30.0671 1092 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
01:47:30.0687 1092 Wmi - ok
01:47:30.0734 1092 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
01:47:30.0734 1092 WmiAcpi - ok
01:47:30.0765 1092 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
01:47:30.0765 1092 WmiApSrv - ok
01:47:30.0953 1092 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
01:47:30.0968 1092 WMPNetworkSvc - ok
01:47:31.0015 1092 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
01:47:31.0015 1092 WSTCODEC - ok
01:47:31.0046 1092 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
01:47:31.0062 1092 wuauserv - ok
01:47:31.0093 1092 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
01:47:31.0093 1092 WudfPf - ok
01:47:31.0093 1092 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
01:47:31.0093 1092 WudfRd - ok
01:47:31.0125 1092 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
01:47:31.0125 1092 WudfSvc - ok
01:47:31.0203 1092 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
01:47:31.0218 1092 WZCSVC - ok
01:47:31.0265 1092 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
01:47:31.0265 1092 xmlprov - ok
01:47:31.0343 1092 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
01:47:31.0687 1092 \Device\Harddisk0\DR0 - ok
01:47:31.0703 1092 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk1\DR3
01:47:32.0156 1092 \Device\Harddisk1\DR3 - ok
01:47:32.0171 1092 Boot (0x1200) (9e4f573a8214dc59af4ca63566c4c6b9) \Device\Harddisk0\DR0\Partition0
01:47:32.0171 1092 \Device\Harddisk0\DR0\Partition0 - ok
01:47:32.0187 1092 Boot (0x1200) (80e44ad7b0e564bb0a1bcc304f2f2ccf) \Device\Harddisk1\DR3\Partition0
01:47:32.0187 1092 \Device\Harddisk1\DR3\Partition0 - ok
01:47:32.0187 1092 ============================================================
01:47:32.0187 1092 Scan finished
01:47:32.0187 1092 ============================================================
01:47:32.0218 1564 Detected object count: 0
01:47:32.0218 1564 Actual detected object count: 0
01:50:48.0515 1224 Deinitialize success

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:49 AM

Posted 14 June 2012 - 01:07 AM

Download

Winsock fix

Launch it ,Click on FIX

Restart your PC after it gets completed

Check your browser.If that doesnt work try this


PLEASE create a restore point before trying this

Please copy the entire contents of the codebox below into Notepad:


REGEDIT4

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock]

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2]





Open a notepad ,copy the script,save it as

Filename:winsock.reg
save as type:All files


Launch it and click YES to add it to registry

After that, Reboot your computer.

After the restart,

Go to Network Connections
Right click on your normal connection icon, and choose Properties
Click the Install button
Choose Protocol then click Add
Click Have disk
In the drop down box, type in: C:\WINDOWS\INF and click OK
In the next dialog, click Internet Protocol (TCP/IP) then click OK
Click Close to leave the properties box

After that, restart your computer and see if you can browse now.

Post the NEW FSS log

Good luck

#5 BT.P

BT.P
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:49 AM

Posted 14 June 2012 - 01:19 AM

I assume this should also be done in Safe Mode w/ Networking?

Also - any clue as to #2, not being able to remove the program?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:49 AM

Posted 14 June 2012 - 01:20 AM

Thats a rogue.We need to use other tools to remove it.

Lets try to restore internet connection and then use them

#7 BT.P

BT.P
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:49 AM

Posted 14 June 2012 - 01:20 AM

Great. Thanks for the prompt responses, too.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:49 AM

Posted 14 June 2012 - 01:21 AM

:thumbup2:

#9 BT.P

BT.P
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:49 AM

Posted 14 June 2012 - 02:56 AM

Download

Winsock fix

Launch it ,Click on FIX

Restart your PC after it gets completed


Alright, results were curious. Downloaded + ran Winsock Fix, and proceeded to restart (into Safe Mode w/ Network as User). At this point, the browser worked. Logged off + switched to Admin. Browser was no longer working. Switched back to User, also not working. New FSS log:

Farbar Service Scanner Version: 09-06-2012
Ran by Administrator (administrator) on 14-06-2012 at 03:47:29
Running from "C:\Documents and Settings\Administrator\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Nerwork
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error: Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error: Yahoo IP is unreachable
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS: "C:\WINDOWS\system32\qmgr.dll".

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit


**** End of log ****

#10 BT.P

BT.P
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:49 AM

Posted 14 June 2012 - 05:16 AM

So, what I did is this:

Put the Malwarebytes installer onto a USB drive, dropped it onto the infected computer.
Re-ran Winsock Fix. Before allowing the restart, used the temporarily-working internet to update Malwarebytes' definitions.
Restarted the computer. Internet was now no longer working, but I didn't need it.
Ran Malwarebytes, cleared out 6 detections. Restarted again.
Re-ran Winsock Fix. Restarted.
This time it stuck.

Now the virus is gone (re-scanned with MWB and security essentials), and internet is working consistently.
Thanks for the tools. Cheers.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:49 AM

Posted 14 June 2012 - 07:04 AM

Grt wrk :thumbup2:

Please post the malwarebytes log

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users