Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search Engine Redirect Virus


  • Please log in to reply
18 replies to this topic

#1 richabr09

richabr09

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 22 June 2012 - 11:16 AM

I am pretty sure my computer is infected with a search engine redirect virus. About half the time I click on links from search engine results, I am redirected to some advertisement or other website. This is the main issue. Another minor and possibly unrelated issue is that I now have to manually end a program (rundll32.exe) every time I shut down. I am not sure if this is related to the virus issue, but it started happening at about the same time.

Apart from the above, I do not have any other problems. If you could tell me how to remove the virus, that would be wonderful. I am not the best with computer literacy, so detailed steps would be much appreciated.

BC AdBot (Login to Remove)

 


#2 richabr09

richabr09
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 22 June 2012 - 11:34 AM

Sorry--I forgot to mention that I am running Windows XP and primarily use Internet Explorer.

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:35 AM

Posted 22 June 2012 - 01:06 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 richabr09

richabr09
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 22 June 2012 - 07:52 PM

TDSSkiller log:

19:28:28.0375 2664 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
19:28:28.0640 2664 ============================================================
19:28:28.0640 2664 Current date / time: 2012/06/22 19:28:28.0640
19:28:28.0640 2664 SystemInfo:
19:28:28.0640 2664
19:28:28.0640 2664 OS Version: 5.1.2600 ServicePack: 3.0
19:28:28.0640 2664 Product type: Workstation
19:28:28.0640 2664 ComputerName: D2B09KK1
19:28:28.0640 2664 UserName: Barrett
19:28:28.0640 2664 Windows directory: C:\WINDOWS
19:28:28.0640 2664 System windows directory: C:\WINDOWS
19:28:28.0640 2664 Processor architecture: Intel x86
19:28:28.0640 2664 Number of processors: 2
19:28:28.0640 2664 Page size: 0x1000
19:28:28.0640 2664 Boot type: Normal boot
19:28:28.0640 2664 ============================================================
19:28:29.0375 2664 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:28:29.0390 2664 ============================================================
19:28:29.0390 2664 \Device\Harddisk0\DR0:
19:28:29.0390 2664 MBR partitions:
19:28:29.0390 2664 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x5E218, BlocksNum 0x129BA8A9
19:28:29.0390 2664 ============================================================
19:28:29.0437 2664 C: <-> \Device\Harddisk0\DR0\Partition0
19:28:29.0437 2664 ============================================================
19:28:29.0437 2664 Initialize success
19:28:29.0437 2664 ============================================================
19:29:05.0890 5280 ============================================================
19:29:05.0890 5280 Scan started
19:29:05.0890 5280 Mode: Manual; TDLFS;
19:29:05.0890 5280 ============================================================
19:29:06.0546 5280 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
19:29:06.0546 5280 Aavmker4 - ok
19:29:06.0562 5280 Abiosdsk - ok
19:29:06.0625 5280 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
19:29:06.0625 5280 abp480n5 - ok
19:29:06.0640 5280 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:29:06.0656 5280 ACPI - ok
19:29:06.0656 5280 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:29:06.0671 5280 ACPIEC - ok
19:29:06.0859 5280 Ad-Aware Service (09e61047b0cef21559cfcedf4f14d216) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
19:29:06.0875 5280 Ad-Aware Service - ok
19:29:06.0921 5280 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
19:29:06.0937 5280 adpu160m - ok
19:29:07.0000 5280 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:29:07.0000 5280 aec - ok
19:29:07.0062 5280 AESTAud (f21d5e93a94514be9f5b6ebf74a696b2) C:\WINDOWS\system32\drivers\AESTAud.sys
19:29:07.0062 5280 AESTAud - ok
19:29:07.0140 5280 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:29:07.0140 5280 AFD - ok
19:29:07.0140 5280 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
19:29:07.0156 5280 agp440 - ok
19:29:07.0156 5280 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
19:29:07.0156 5280 agpCPQ - ok
19:29:07.0156 5280 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
19:29:07.0156 5280 Aha154x - ok
19:29:07.0171 5280 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
19:29:07.0187 5280 aic78u2 - ok
19:29:07.0203 5280 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
19:29:07.0203 5280 aic78xx - ok
19:29:07.0250 5280 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
19:29:07.0250 5280 Alerter - ok
19:29:07.0281 5280 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
19:29:07.0296 5280 ALG - ok
19:29:07.0312 5280 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
19:29:07.0312 5280 AliIde - ok
19:29:07.0328 5280 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
19:29:07.0328 5280 alim1541 - ok
19:29:07.0343 5280 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
19:29:07.0343 5280 amdagp - ok
19:29:07.0375 5280 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
19:29:07.0375 5280 amsint - ok
19:29:07.0437 5280 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
19:29:07.0437 5280 ApfiltrService - ok
19:29:07.0531 5280 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
19:29:07.0562 5280 AppMgmt - ok
19:29:07.0593 5280 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:29:07.0593 5280 Arp1394 - ok
19:29:07.0609 5280 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
19:29:07.0625 5280 asc - ok
19:29:07.0656 5280 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
19:29:07.0656 5280 asc3350p - ok
19:29:07.0656 5280 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
19:29:07.0656 5280 asc3550 - ok
19:29:07.0812 5280 ASFAgent (9ad6ef4d591211a93848103368125b41) C:\Program Files\Intel\ASF Agent\ASFAgent.exe
19:29:07.0828 5280 ASFAgent - ok
19:29:08.0031 5280 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:29:08.0031 5280 aspnet_state - ok
19:29:08.0078 5280 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
19:29:08.0078 5280 aswFsBlk - ok
19:29:08.0093 5280 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
19:29:08.0093 5280 aswMon2 - ok
19:29:08.0109 5280 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
19:29:08.0109 5280 aswRdr - ok
19:29:08.0250 5280 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
19:29:08.0250 5280 aswSnx - ok
19:29:08.0296 5280 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
19:29:08.0296 5280 aswSP - ok
19:29:08.0359 5280 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
19:29:08.0375 5280 aswTdi - ok
19:29:08.0421 5280 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:29:08.0421 5280 AsyncMac - ok
19:29:08.0468 5280 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:29:08.0468 5280 atapi - ok
19:29:08.0484 5280 Atdisk - ok
19:29:08.0484 5280 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:29:08.0484 5280 Atmarpc - ok
19:29:08.0531 5280 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
19:29:08.0531 5280 AudioSrv - ok
19:29:08.0546 5280 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:29:08.0546 5280 audstub - ok
19:29:08.0703 5280 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
19:29:08.0703 5280 avast! Antivirus - ok
19:29:08.0859 5280 BBSvc (2ed050291bc1d7f9e322e328db3aaecf) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
19:29:08.0859 5280 BBSvc - ok
19:29:08.0937 5280 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
19:29:08.0953 5280 BBUpdate - ok
19:29:09.0093 5280 BCM43XX (9208c78bd9283f79a30252ad954c77a2) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
19:29:09.0171 5280 BCM43XX - ok
19:29:09.0203 5280 BCMWLNPF (8c31c9db77ed6143ad09dc5fd2c9d9cc) C:\WINDOWS\system32\drivers\bcmwlnpf.sys
19:29:09.0203 5280 BCMWLNPF - ok
19:29:09.0265 5280 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:29:09.0265 5280 Beep - ok
19:29:09.0312 5280 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
19:29:09.0359 5280 BITS - ok
19:29:09.0593 5280 BNPagent (57f169b48f86d9ec3bc5f8bf1952b959) C:\Program Files\Bradford Networks\Persistent Agent\bndaemon.exe
19:29:09.0609 5280 BNPagent - ok
19:29:09.0859 5280 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
19:29:09.0859 5280 Browser - ok
19:29:10.0000 5280 buttonsvc32 (81a395aab3c606d5f1667cc5fc02b3d2) C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
19:29:10.0000 5280 buttonsvc32 - ok
19:29:10.0156 5280 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
19:29:10.0156 5280 cbidf - ok
19:29:10.0156 5280 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:29:10.0156 5280 cbidf2k - ok
19:29:10.0171 5280 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
19:29:10.0171 5280 cd20xrnt - ok
19:29:10.0234 5280 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:29:10.0234 5280 Cdaudio - ok
19:29:10.0250 5280 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:29:10.0250 5280 Cdfs - ok
19:29:10.0265 5280 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:29:10.0265 5280 Cdrom - ok
19:29:10.0265 5280 Changer - ok
19:29:10.0328 5280 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
19:29:10.0328 5280 CiSvc - ok
19:29:10.0343 5280 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
19:29:10.0359 5280 ClipSrv - ok
19:29:10.0484 5280 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:29:10.0546 5280 clr_optimization_v2.0.50727_32 - ok
19:29:10.0593 5280 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:29:10.0593 5280 CmBatt - ok
19:29:10.0609 5280 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
19:29:10.0625 5280 CmdIde - ok
19:29:10.0640 5280 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:29:10.0640 5280 Compbatt - ok
19:29:10.0656 5280 COMSysApp - ok
19:29:10.0687 5280 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
19:29:10.0687 5280 Cpqarray - ok
19:29:10.0843 5280 Credential Vault Host Control Service (85d37efa93b2267ab6abf8a54735ab22) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
19:29:10.0890 5280 Credential Vault Host Control Service - ok
19:29:10.0890 5280 Credential Vault Host Storage (97ccce5d6e54a044636a6c7552fa59e5) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
19:29:10.0906 5280 Credential Vault Host Storage - ok
19:29:10.0968 5280 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
19:29:10.0968 5280 CryptSvc - ok
19:29:10.0984 5280 cvusbdrv (a95d9b8d882adf93ef40d7dc9b9bb508) C:\WINDOWS\system32\Drivers\cvusbdrv.sys
19:29:10.0984 5280 cvusbdrv - ok
19:29:11.0000 5280 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
19:29:11.0015 5280 dac2w2k - ok
19:29:11.0031 5280 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
19:29:11.0031 5280 dac960nt - ok
19:29:11.0109 5280 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
19:29:11.0109 5280 DcomLaunch - ok
19:29:11.0296 5280 dcpsysmgrsvc (eb8c5e4996f91808fb7ca297b903208b) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
19:29:11.0312 5280 dcpsysmgrsvc - ok
19:29:11.0390 5280 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
19:29:11.0406 5280 Dhcp - ok
19:29:11.0468 5280 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:29:11.0468 5280 Disk - ok
19:29:11.0546 5280 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
19:29:11.0546 5280 DLABMFSM - ok
19:29:11.0593 5280 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
19:29:11.0593 5280 DLABOIOM - ok
19:29:11.0609 5280 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
19:29:11.0609 5280 DLACDBHM - ok
19:29:11.0625 5280 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS
19:29:11.0625 5280 DLADResM - ok
19:29:11.0640 5280 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
19:29:11.0640 5280 DLAIFS_M - ok
19:29:11.0656 5280 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
19:29:11.0656 5280 DLAOPIOM - ok
19:29:11.0671 5280 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
19:29:11.0671 5280 DLAPoolM - ok
19:29:11.0687 5280 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
19:29:11.0687 5280 DLARTL_M - ok
19:29:11.0703 5280 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
19:29:11.0703 5280 DLAUDFAM - ok
19:29:11.0718 5280 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
19:29:11.0718 5280 DLAUDF_M - ok
19:29:11.0718 5280 dmadmin - ok
19:29:11.0781 5280 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
19:29:11.0828 5280 dmboot - ok
19:29:11.0875 5280 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
19:29:11.0921 5280 dmio - ok
19:29:11.0921 5280 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:29:11.0921 5280 dmload - ok
19:29:11.0968 5280 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
19:29:11.0968 5280 dmserver - ok
19:29:12.0015 5280 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:29:12.0015 5280 DMusic - ok
19:29:12.0078 5280 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
19:29:12.0078 5280 Dnscache - ok
19:29:12.0109 5280 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
19:29:12.0125 5280 Dot3svc - ok
19:29:12.0140 5280 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
19:29:12.0140 5280 dpti2o - ok
19:29:12.0140 5280 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:29:12.0156 5280 drmkaud - ok
19:29:12.0171 5280 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
19:29:12.0171 5280 DRVMCDB - ok
19:29:12.0218 5280 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
19:29:12.0218 5280 DRVNDDM - ok
19:29:12.0250 5280 e1yexpress (10cbd2b278ce365b41de378632cb5ddb) C:\WINDOWS\system32\DRIVERS\e1y5132.sys
19:29:12.0250 5280 e1yexpress - ok
19:29:12.0296 5280 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
19:29:12.0296 5280 EapHost - ok
19:29:12.0328 5280 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
19:29:12.0328 5280 ERSvc - ok
19:29:12.0390 5280 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
19:29:12.0406 5280 Eventlog - ok
19:29:12.0468 5280 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
19:29:12.0484 5280 EventSystem - ok
19:29:12.0531 5280 f5ipfw (efdd7cf7007b629c6db414ac9c7c2f26) C:\WINDOWS\system32\drivers\urfltw2k.sys
19:29:12.0546 5280 f5ipfw - ok
19:29:12.0593 5280 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:29:12.0593 5280 Fastfat - ok
19:29:12.0640 5280 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:29:12.0656 5280 FastUserSwitchingCompatibility - ok
19:29:12.0734 5280 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
19:29:12.0750 5280 Fax - ok
19:29:12.0765 5280 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
19:29:12.0765 5280 Fdc - ok
19:29:12.0796 5280 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
19:29:12.0796 5280 Fips - ok
19:29:12.0828 5280 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
19:29:12.0843 5280 Flpydisk - ok
19:29:12.0906 5280 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:29:12.0906 5280 FltMgr - ok
19:29:13.0031 5280 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:29:13.0031 5280 FontCache3.0.0.0 - ok
19:29:13.0046 5280 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:29:13.0046 5280 Fs_Rec - ok
19:29:13.0093 5280 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:29:13.0093 5280 Ftdisk - ok
19:29:13.0109 5280 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:29:13.0109 5280 Gpc - ok
19:29:13.0296 5280 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
19:29:13.0296 5280 gupdate - ok
19:29:13.0296 5280 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
19:29:13.0296 5280 gupdatem - ok
19:29:13.0312 5280 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:29:13.0312 5280 gusvc - ok
19:29:13.0328 5280 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:29:13.0328 5280 HDAudBus - ok
19:29:13.0453 5280 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:29:13.0468 5280 helpsvc - ok
19:29:13.0531 5280 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
19:29:13.0531 5280 HidServ - ok
19:29:13.0562 5280 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:29:13.0562 5280 hidusb - ok
19:29:13.0578 5280 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
19:29:13.0578 5280 hkmsvc - ok
19:29:13.0578 5280 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
19:29:13.0578 5280 hpn - ok
19:29:13.0703 5280 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
19:29:13.0718 5280 hpqcxs08 - ok
19:29:13.0781 5280 hpqddsvc (7da3211ac63edd90b8eca1ca1abfd43b) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
19:29:13.0796 5280 hpqddsvc - ok
19:29:13.0812 5280 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:29:13.0812 5280 HPZid412 - ok
19:29:13.0828 5280 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:29:13.0828 5280 HPZipr12 - ok
19:29:13.0843 5280 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:29:13.0843 5280 HPZius12 - ok
19:29:13.0921 5280 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:29:13.0921 5280 HTTP - ok
19:29:13.0968 5280 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
19:29:13.0984 5280 HTTPFilter - ok
19:29:14.0031 5280 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
19:29:14.0031 5280 i2omgmt - ok
19:29:14.0062 5280 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
19:29:14.0078 5280 i2omp - ok
19:29:14.0125 5280 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:29:14.0125 5280 i8042prt - ok
19:29:14.0234 5280 IAANTMON (52e8a3cc8269adb27d25182284c5e650) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
19:29:14.0250 5280 IAANTMON - ok
19:29:14.0484 5280 ialm (3b743262b6456167888d15f1121b3bf7) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
19:29:14.0671 5280 ialm - ok
19:29:14.0843 5280 iaStor (71ecc07bc7c5e24c3dd01d8a29a24054) C:\WINDOWS\system32\drivers\iaStor.sys
19:29:14.0843 5280 iaStor - ok
19:29:14.0984 5280 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:29:15.0015 5280 idsvc - ok
19:29:15.0078 5280 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:29:15.0078 5280 Imapi - ok
19:29:15.0156 5280 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
19:29:15.0156 5280 ImapiService - ok
19:29:15.0203 5280 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
19:29:15.0203 5280 ini910u - ok
19:29:15.0265 5280 IntcHdmiAddService (f32a62c765885bd8e4352a1565f702a6) C:\WINDOWS\system32\drivers\IntcHdmi.sys
19:29:15.0265 5280 IntcHdmiAddService - ok
19:29:15.0281 5280 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
19:29:15.0281 5280 IntelIde - ok
19:29:15.0296 5280 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:29:15.0296 5280 intelppm - ok
19:29:15.0312 5280 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:29:15.0312 5280 Ip6Fw - ok
19:29:15.0312 5280 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:29:15.0312 5280 IpFilterDriver - ok
19:29:15.0359 5280 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:29:15.0359 5280 IpInIp - ok
19:29:15.0421 5280 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:29:15.0421 5280 IpNat - ok
19:29:15.0453 5280 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:29:15.0515 5280 IPSec - ok
19:29:15.0515 5280 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:29:15.0515 5280 IRENUM - ok
19:29:15.0593 5280 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:29:15.0593 5280 isapnp - ok
19:29:15.0765 5280 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
19:29:15.0765 5280 JavaQuickStarterService - ok
19:29:15.0812 5280 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:29:15.0812 5280 Kbdclass - ok
19:29:15.0875 5280 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:29:15.0875 5280 kbdhid - ok
19:29:15.0953 5280 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:29:15.0953 5280 kmixer - ok
19:29:16.0000 5280 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:29:16.0000 5280 KSecDD - ok
19:29:16.0046 5280 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
19:29:16.0046 5280 LanmanServer - ok
19:29:16.0140 5280 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
19:29:16.0140 5280 lanmanworkstation - ok
19:29:16.0171 5280 Lavasoft Kernexplorer - ok
19:29:16.0171 5280 Lbd - ok
19:29:16.0187 5280 lbrtfdc - ok
19:29:16.0234 5280 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
19:29:16.0250 5280 LmHosts - ok
19:29:16.0296 5280 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
19:29:16.0296 5280 MBAMProtector - ok
19:29:16.0375 5280 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:29:16.0375 5280 MBAMService - ok
19:29:16.0437 5280 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
19:29:16.0453 5280 Messenger - ok
19:29:16.0578 5280 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:29:16.0578 5280 Microsoft Office Groove Audit Service - ok
19:29:16.0640 5280 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:29:16.0640 5280 mnmdd - ok
19:29:16.0687 5280 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
19:29:16.0703 5280 mnmsrvc - ok
19:29:16.0734 5280 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
19:29:16.0750 5280 Modem - ok
19:29:16.0812 5280 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:29:16.0812 5280 Mouclass - ok
19:29:16.0812 5280 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:29:16.0812 5280 mouhid - ok
19:29:16.0828 5280 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:29:16.0828 5280 MountMgr - ok
19:29:16.0859 5280 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
19:29:16.0859 5280 mraid35x - ok
19:29:16.0906 5280 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:29:16.0937 5280 MRxDAV - ok
19:29:17.0015 5280 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:29:17.0015 5280 MRxSmb - ok
19:29:17.0031 5280 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
19:29:17.0046 5280 MSDTC - ok
19:29:17.0046 5280 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:29:17.0046 5280 Msfs - ok
19:29:17.0046 5280 MSIServer - ok
19:29:17.0093 5280 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:29:17.0093 5280 MSKSSRV - ok
19:29:17.0093 5280 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:29:17.0093 5280 MSPCLOCK - ok
19:29:17.0109 5280 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:29:17.0109 5280 MSPQM - ok
19:29:17.0125 5280 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:29:17.0125 5280 mssmbios - ok
19:29:17.0171 5280 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:29:17.0171 5280 Mup - ok
19:29:17.0203 5280 NAL (a467e1deb3bb2b57426c8a5993ba933e) C:\WINDOWS\system32\Drivers\iqvw32.sys
19:29:17.0203 5280 NAL - ok
19:29:17.0265 5280 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
19:29:17.0281 5280 napagent - ok
19:29:17.0343 5280 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:29:17.0343 5280 NDIS - ok
19:29:17.0406 5280 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:29:17.0406 5280 NdisTapi - ok
19:29:17.0421 5280 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:29:17.0421 5280 Ndisuio - ok
19:29:17.0437 5280 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:29:17.0437 5280 NdisWan - ok
19:29:17.0500 5280 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:29:17.0500 5280 NDProxy - ok
19:29:17.0578 5280 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll
19:29:17.0578 5280 Net Driver HPZ12 - ok
19:29:17.0609 5280 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:29:17.0609 5280 NetBIOS - ok
19:29:17.0640 5280 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:29:17.0640 5280 NetBT - ok
19:29:17.0703 5280 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
19:29:17.0703 5280 NetDDE - ok
19:29:17.0703 5280 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
19:29:17.0718 5280 NetDDEdsdm - ok
19:29:17.0765 5280 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:29:17.0765 5280 Netlogon - ok
19:29:17.0796 5280 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
19:29:17.0812 5280 Netman - ok
19:29:17.0937 5280 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:29:17.0937 5280 NetTcpPortSharing - ok
19:29:17.0984 5280 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:29:17.0984 5280 NIC1394 - ok
19:29:18.0062 5280 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
19:29:18.0062 5280 Nla - ok
19:29:18.0125 5280 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:29:18.0140 5280 Npfs - ok
19:29:18.0234 5280 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:29:18.0281 5280 Ntfs - ok
19:29:18.0375 5280 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:29:18.0375 5280 NtLmSsp - ok
19:29:18.0421 5280 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
19:29:18.0437 5280 NtmsSvc - ok
19:29:18.0468 5280 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:29:18.0468 5280 Null - ok
19:29:18.0468 5280 NvtSp50 - ok
19:29:18.0500 5280 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:29:18.0500 5280 NwlnkFlt - ok
19:29:18.0500 5280 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:29:18.0500 5280 NwlnkFwd - ok
19:29:18.0875 5280 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:29:18.0906 5280 odserv - ok
19:29:18.0968 5280 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:29:18.0968 5280 ohci1394 - ok
19:29:19.0015 5280 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:29:19.0015 5280 ose - ok
19:29:19.0062 5280 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
19:29:19.0078 5280 Parport - ok
19:29:19.0078 5280 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:29:19.0078 5280 PartMgr - ok
19:29:19.0078 5280 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:29:19.0078 5280 ParVdm - ok
19:29:19.0125 5280 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\WINDOWS\system32\DRIVERS\PBADRV.sys
19:29:19.0125 5280 PBADRV - ok
19:29:19.0156 5280 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\WINDOWS\system32\Drivers\PCASp50.sys
19:29:19.0156 5280 PCASp50 - ok
19:29:19.0203 5280 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
19:29:19.0203 5280 PCI - ok
19:29:19.0203 5280 PCIDump - ok
19:29:19.0234 5280 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:29:19.0234 5280 PCIIde - ok
19:29:19.0265 5280 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
19:29:19.0265 5280 Pcmcia - ok
19:29:19.0265 5280 PDCOMP - ok
19:29:19.0265 5280 PDFRAME - ok
19:29:19.0281 5280 PDRELI - ok
19:29:19.0281 5280 PDRFRAME - ok
19:29:19.0296 5280 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
19:29:19.0296 5280 perc2 - ok
19:29:19.0296 5280 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
19:29:19.0296 5280 perc2hib - ok
19:29:19.0359 5280 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
19:29:19.0359 5280 PlugPlay - ok
19:29:19.0421 5280 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll
19:29:19.0421 5280 Pml Driver HPZ12 - ok
19:29:19.0468 5280 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:29:19.0468 5280 PolicyAgent - ok
19:29:19.0531 5280 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:29:19.0531 5280 PptpMiniport - ok
19:29:19.0546 5280 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:29:19.0546 5280 ProtectedStorage - ok
19:29:19.0546 5280 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:29:19.0546 5280 PSched - ok
19:29:19.0562 5280 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:29:19.0562 5280 Ptilink - ok
19:29:19.0656 5280 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:29:19.0656 5280 PxHelp20 - ok
19:29:19.0687 5280 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
19:29:19.0687 5280 ql1080 - ok
19:29:19.0687 5280 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
19:29:19.0687 5280 Ql10wnt - ok
19:29:19.0703 5280 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
19:29:19.0703 5280 ql12160 - ok
19:29:19.0703 5280 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
19:29:19.0718 5280 ql1240 - ok
19:29:19.0718 5280 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
19:29:19.0718 5280 ql1280 - ok
19:29:19.0750 5280 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:29:19.0750 5280 RasAcd - ok
19:29:19.0812 5280 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
19:29:19.0828 5280 RasAuto - ok
19:29:19.0859 5280 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:29:19.0859 5280 Rasl2tp - ok
19:29:19.0875 5280 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
19:29:19.0875 5280 RasMan - ok
19:29:19.0890 5280 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:29:19.0890 5280 RasPppoe - ok
19:29:19.0953 5280 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:29:19.0953 5280 Raspti - ok
19:29:20.0000 5280 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:29:20.0000 5280 Rdbss - ok
19:29:20.0000 5280 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:29:20.0000 5280 RDPCDD - ok
19:29:20.0015 5280 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:29:20.0031 5280 rdpdr - ok
19:29:20.0078 5280 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
19:29:20.0078 5280 RDPWD - ok
19:29:20.0109 5280 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
19:29:20.0109 5280 RDSessMgr - ok
19:29:20.0140 5280 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:29:20.0156 5280 redbook - ok
19:29:20.0187 5280 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
19:29:20.0187 5280 RemoteAccess - ok
19:29:20.0234 5280 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
19:29:20.0234 5280 RemoteRegistry - ok
19:29:20.0312 5280 rimmptsk (ea885e7a56f1be1f14c372337c42fe48) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
19:29:20.0312 5280 rimmptsk - ok
19:29:20.0359 5280 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
19:29:20.0375 5280 RpcLocator - ok
19:29:20.0421 5280 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
19:29:20.0437 5280 RpcSs - ok
19:29:20.0484 5280 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
19:29:20.0484 5280 RSVP - ok
19:29:20.0515 5280 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:29:20.0531 5280 SamSs - ok
19:29:21.0000 5280 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
19:29:21.0062 5280 SBAMSvc - ok
19:29:21.0984 5280 sbaphd (62ba65cc0b4a4bd1eaff5fed6e2b5069) C:\WINDOWS\system32\drivers\sbaphd.sys
19:29:21.0984 5280 sbaphd - ok
19:29:22.0046 5280 sbapifs (3fff8cda4d2f29ca06f1557e85163c30) C:\WINDOWS\system32\drivers\sbapifs.sys
19:29:22.0046 5280 sbapifs - ok
19:29:22.0125 5280 SbFw (dc19ff9879775ac86baa9c9282573e87) C:\WINDOWS\system32\drivers\SbFw.sys
19:29:22.0125 5280 SbFw - ok
19:29:22.0140 5280 SBFWIMCL (1dcad90cc9c0ddc7d060fd97854f8518) C:\WINDOWS\system32\DRIVERS\sbfwim.sys
19:29:22.0140 5280 SBFWIMCL - ok
19:29:22.0140 5280 SBFWIMCLMP (1dcad90cc9c0ddc7d060fd97854f8518) C:\WINDOWS\system32\DRIVERS\SBFWIM.sys
19:29:22.0140 5280 SBFWIMCLMP - ok
19:29:22.0187 5280 sbhips (1afd7178ab9c4fce2d332da7aa474fa6) C:\WINDOWS\system32\drivers\sbhips.sys
19:29:22.0187 5280 sbhips - ok
19:29:22.0234 5280 SBRE (1fd538c4feb36b793d2121f20bbdc16f) C:\WINDOWS\system32\drivers\SBREdrv.sys
19:29:22.0234 5280 SBRE - ok
19:29:22.0250 5280 sbtis (3ccb4c5686d23033fd01835bed868b4b) C:\WINDOWS\system32\drivers\sbtis.sys
19:29:22.0250 5280 sbtis - ok
19:29:22.0359 5280 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
19:29:22.0359 5280 SCardSvr - ok
19:29:22.0453 5280 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
19:29:22.0453 5280 Schedule - ok
19:29:22.0515 5280 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
19:29:22.0515 5280 sdbus - ok
19:29:22.0546 5280 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:29:22.0546 5280 Secdrv - ok
19:29:22.0593 5280 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
19:29:22.0593 5280 seclogon - ok
19:29:22.0875 5280 SecureStorageService (27d53cd650cc77123faf2f07023dabc7) C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
19:29:22.0906 5280 SecureStorageService - ok
19:29:22.0953 5280 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
19:29:22.0953 5280 SENS - ok
19:29:22.0984 5280 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
19:29:22.0984 5280 Serial - ok
19:29:23.0062 5280 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:29:23.0078 5280 Sfloppy - ok
19:29:23.0156 5280 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:29:23.0156 5280 ShellHWDetection - ok
19:29:23.0156 5280 Simbad - ok
19:29:23.0187 5280 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
19:29:23.0187 5280 sisagp - ok
19:29:23.0312 5280 SMManager (2946f121562dfa6d3372472a79e8a9f3) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
19:29:23.0312 5280 SMManager - ok
19:29:23.0343 5280 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
19:29:23.0359 5280 Sparrow - ok
19:29:23.0390 5280 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:29:23.0390 5280 splitter - ok
19:29:23.0453 5280 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
19:29:23.0468 5280 Spooler - ok
19:29:23.0484 5280 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
19:29:23.0484 5280 sr - ok
19:29:23.0562 5280 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
19:29:23.0562 5280 srservice - ok
19:29:23.0640 5280 SRS_PremiumSound_Service (584477fdfa731af4635f5875c6b52531) C:\WINDOWS\system32\drivers\srs_PremiumSound_i386.sys
19:29:23.0640 5280 SRS_PremiumSound_Service - ok
19:29:23.0718 5280 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:29:23.0750 5280 Srv - ok
19:29:23.0781 5280 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
19:29:23.0796 5280 SSDPSRV - ok
19:29:23.0890 5280 STacSV (3603f3db9fba2a8fa91829681ba25afa) c:\drivers\audio\r213367\stacsv.exe
19:29:23.0890 5280 STacSV - ok
19:29:24.0046 5280 STHDA (1b76479b80ff0f6e245ba590a64102be) C:\WINDOWS\system32\drivers\sthda.sys
19:29:24.0062 5280 STHDA - ok
19:29:24.0281 5280 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
19:29:24.0343 5280 stisvc - ok
19:29:24.0468 5280 stllssvr (de3e7a2345ebaa3ce8e6957dfb55fb15) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
19:29:24.0468 5280 stllssvr - ok
19:29:24.0562 5280 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:29:24.0562 5280 swenum - ok
19:29:24.0625 5280 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:29:24.0625 5280 swmidi - ok
19:29:24.0625 5280 SwPrv - ok
19:29:24.0656 5280 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
19:29:24.0671 5280 symc810 - ok
19:29:24.0671 5280 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
19:29:24.0671 5280 symc8xx - ok
19:29:24.0687 5280 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
19:29:24.0687 5280 sym_hi - ok
19:29:24.0687 5280 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
19:29:24.0687 5280 sym_u3 - ok
19:29:24.0734 5280 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:29:24.0734 5280 sysaudio - ok
19:29:24.0781 5280 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
19:29:24.0796 5280 SysmonLog - ok
19:29:24.0828 5280 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
19:29:24.0843 5280 TapiSrv - ok
19:29:24.0937 5280 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:29:24.0953 5280 Tcpip - ok
19:29:25.0125 5280 tcsd_win32.exe (69f1a38a6dbfe682491cb61a596662e3) C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
19:29:25.0203 5280 tcsd_win32.exe - ok
19:29:25.0406 5280 TdmService (d228907c9623888bbcfd94617385e3c4) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
19:29:25.0468 5280 TdmService - ok
19:29:25.0703 5280 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:29:25.0703 5280 TDPIPE - ok
19:29:25.0718 5280 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:29:25.0718 5280 TDTCP - ok
19:29:25.0750 5280 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:29:25.0750 5280 TermDD - ok
19:29:25.0828 5280 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
19:29:25.0828 5280 TermService - ok
19:29:25.0890 5280 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:29:25.0890 5280 Themes - ok
19:29:25.0921 5280 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
19:29:25.0937 5280 TlntSvr - ok
19:29:25.0937 5280 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
19:29:25.0937 5280 TosIde - ok
19:29:25.0953 5280 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
19:29:25.0953 5280 TrkWks - ok
19:29:25.0984 5280 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:29:26.0000 5280 Udfs - ok
19:29:26.0031 5280 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
19:29:26.0031 5280 ultra - ok
19:29:26.0078 5280 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:29:26.0078 5280 Update - ok
19:29:26.0109 5280 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
19:29:26.0109 5280 upnphost - ok
19:29:26.0140 5280 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
19:29:26.0156 5280 UPS - ok
19:29:26.0187 5280 urvpndrv (aba9383dfb3777301420f256d0397c54) C:\WINDOWS\system32\DRIVERS\covpndrv.sys
19:29:26.0187 5280 urvpndrv - ok
19:29:26.0250 5280 usbccgp (c18d6c74953621346df6b0a11f80c1cc) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:29:26.0250 5280 usbccgp - ok
19:29:26.0296 5280 USBCCID (2825e0e294686a26506690059e1f437a) C:\WINDOWS\system32\DRIVERS\usbccid.sys
19:29:26.0296 5280 USBCCID - ok
19:29:26.0328 5280 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:29:26.0343 5280 usbehci - ok
19:29:26.0406 5280 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:29:26.0406 5280 usbhub - ok
19:29:26.0468 5280 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:29:26.0468 5280 usbprint - ok
19:29:26.0484 5280 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:29:26.0484 5280 usbscan - ok
19:29:26.0515 5280 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:29:26.0515 5280 USBSTOR - ok
19:29:26.0546 5280 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:29:26.0546 5280 usbuhci - ok
19:29:26.0562 5280 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:29:26.0562 5280 VgaSave - ok
19:29:26.0609 5280 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
19:29:26.0609 5280 viaagp - ok
19:29:26.0625 5280 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
19:29:26.0625 5280 ViaIde - ok
19:29:26.0671 5280 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
19:29:26.0671 5280 VolSnap - ok
19:29:26.0750 5280 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
19:29:26.0781 5280 VSS - ok
19:29:26.0828 5280 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
19:29:26.0843 5280 w32time - ok
19:29:26.0875 5280 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:29:26.0875 5280 Wanarp - ok
19:29:26.0937 5280 WavxDMgr (f9cea286b0f8311be823d071eabdf6e0) C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
19:29:26.0953 5280 WavxDMgr - ok
19:29:27.0015 5280 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
19:29:27.0015 5280 Wdf01000 - ok
19:29:27.0015 5280 WDICA - ok
19:29:27.0046 5280 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:29:27.0046 5280 wdmaud - ok
19:29:27.0109 5280 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
19:29:27.0125 5280 WebClient - ok
19:29:27.0234 5280 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:29:27.0250 5280 winmgmt - ok
19:29:27.0250 5280 wltrysvc - ok
19:29:27.0312 5280 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
19:29:27.0312 5280 WmdmPmSN - ok
19:29:27.0390 5280 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
19:29:27.0390 5280 Wmi - ok
19:29:27.0468 5280 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
19:29:27.0468 5280 WmiAcpi - ok
19:29:27.0515 5280 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:29:27.0531 5280 WmiApSrv - ok
19:29:27.0687 5280 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
19:29:27.0750 5280 WMPNetworkSvc - ok
19:29:27.0750 5280 WSearch - ok
19:29:27.0812 5280 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
19:29:27.0828 5280 wuauserv - ok
19:29:27.0890 5280 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:29:27.0890 5280 WudfPf - ok
19:29:27.0906 5280 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:29:27.0906 5280 WudfRd - ok
19:29:27.0984 5280 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
19:29:28.0000 5280 WudfSvc - ok
19:29:28.0078 5280 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
19:29:28.0093 5280 WZCSVC - ok
19:29:28.0140 5280 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
19:29:28.0171 5280 xmlprov - ok
19:29:28.0187 5280 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:29:28.0734 5280 \Device\Harddisk0\DR0 - ok
19:29:28.0734 5280 Boot (0x1200) (1723f27cc5a86931f118c81f5481601c) \Device\Harddisk0\DR0\Partition0
19:29:28.0750 5280 \Device\Harddisk0\DR0\Partition0 - ok
19:29:28.0750 5280 ============================================================
19:29:28.0750 5280 Scan finished
19:29:28.0750 5280 ============================================================
19:29:28.0765 5404 Detected object count: 0
19:29:28.0765 5404 Actual detected object count: 0
19:32:54.0765 5616 Deinitialize success



aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-22 19:34:04
-----------------------------
19:34:04.312 OS Version: Windows 5.1.2600 Service Pack 3
19:34:04.312 Number of processors: 2 586 0x170A
19:34:04.312 ComputerName: D2B09KK1 UserName: Barrett
19:34:05.312 Initialize success
19:34:08.328 AVAST engine defs: 12062201
19:34:26.062 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:34:26.062 Disk 0 Vendor: ST916031 0003 Size: 152627MB BusType: 8
19:34:26.062 Disk 0 MBR read successfully
19:34:26.062 Disk 0 MBR scan
19:34:26.078 Disk 0 Windows VISTA default MBR code
19:34:26.078 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 188 MB offset 63
19:34:26.078 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 152437 MB offset 385560
19:34:26.078 Disk 0 scanning sectors +312576705
19:34:26.171 Disk 0 scanning C:\WINDOWS\system32\drivers
19:34:36.593 Service scanning
19:34:58.671 Modules scanning
19:35:06.812 Disk 0 trace - called modules:
19:35:06.843 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
19:35:07.203 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a495030]
19:35:07.203 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8a4e7028]
19:35:07.906 AVAST engine scan C:\WINDOWS
19:35:30.828 AVAST engine scan C:\WINDOWS\system32
19:38:05.906 AVAST engine scan C:\WINDOWS\system32\drivers
19:38:21.968 AVAST engine scan C:\Documents and Settings\Barrett
19:49:49.859 File: C:\Documents and Settings\Barrett\Local Settings\Application Data\{9b7c990c-ca89-cf1e-1225-50a81d0299a4}\n **INFECTED** Win32:Rootkit-gen [Rtk]
19:49:55.140 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Barrett\My Documents\MBR.dat"
19:49:55.156 The log file has been saved successfully to "C:\Documents and Settings\Barrett\My Documents\aswMBR.txt"



ESET Online Scanner log:

C:\Documents and Settings\Barrett\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\aadagcgddjdbgedfgfdgggdadedbgbgd\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Documents and Settings\Barrett\Local Settings\Application Data\{9b7c990c-ca89-cf1e-1225-50a81d0299a4}\n Win32/Sirefef.EV trojan cleaned by deleting - quarantined



Thanks for the quick reply. What should I do next?

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:35 AM

Posted 22 June 2012 - 08:37 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

MiniToolBox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.


Download

System look

Launch it and copy the script in search BOX
:filefind
services.exe
:folderfind
{9b7c990c-ca89-cf1e-1225-50a81d0299a4}

Click on LOOK,post the generated log

#6 richabr09

richabr09
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 23 June 2012 - 03:34 PM

MBAM log:

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.23.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Barrett :: D2B09KK1 [administrator]

Protection: Enabled

6/23/2012 2:57:54 PM
mbam-log-2012-06-23 (14-57-54).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 304573
Time elapsed: 1 hour(s), 26 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



MiniToolBox log:

MiniToolBox by Farbar Version: 09-06-2012
Ran by Barrett (administrator) on 23-06-2012 at 16:27:50
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
Intel® 82567LM Gigabit Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : D2B09KK1

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : hsd1.ma.comcast.net.



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . : hsd1.ma.comcast.net.

Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card

Physical Address. . . . . . . . . : 00-25-56-A0-F7-41

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 10.0.0.4

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 10.0.0.1

DHCP Server . . . . . . . . . . . : 10.0.0.1

DNS Servers . . . . . . . . . . . : 75.75.75.75

75.75.76.76

Lease Obtained. . . . . . . . . . : Saturday, June 23, 2012 3:25:43 PM

Lease Expires . . . . . . . . . . : Saturday, June 30, 2012 3:25:43 PM



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Intel® 82567LM Gigabit Network Connection

Physical Address. . . . . . . . . : 00-24-E8-A6-95-AA

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 173.194.43.37, 173.194.43.38, 173.194.43.40, 173.194.43.39
173.194.43.35, 173.194.43.41, 173.194.43.36, 173.194.43.34, 173.194.43.32
173.194.43.33, 173.194.43.46



Pinging google.com [173.194.43.39] with 32 bytes of data:



Reply from 173.194.43.39: bytes=32 time=22ms TTL=54

Reply from 173.194.43.39: bytes=32 time=22ms TTL=54



Ping statistics for 173.194.43.39:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 22ms, Maximum = 22ms, Average = 22ms

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=131ms TTL=51

Reply from 98.139.183.24: bytes=32 time=359ms TTL=50



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 131ms, Maximum = 359ms, Average = 245ms

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 25 56 a0 f7 41 ...... Dell Wireless 1397 WLAN Mini-Card - Packet Scheduler Miniport
0x3 ...00 24 e8 a6 95 aa ...... Intel® 82567LM Gigabit Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.4 25
10.0.0.0 255.255.255.0 10.0.0.4 10.0.0.4 25
10.0.0.4 255.255.255.255 127.0.0.1 127.0.0.1 25
10.255.255.255 255.255.255.255 10.0.0.4 10.0.0.4 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.0.0.4 10.0.0.4 25
255.255.255.255 255.255.255.255 10.0.0.4 10.0.0.4 1
255.255.255.255 255.255.255.255 10.0.0.4 3 1
Default Gateway: 10.0.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/23/2012 02:27:12 PM) (Source: CNET TechTracker) (User: Barrett)Barrett
Description: result: Scan Failed - General scan failure
computer: D2B09KK1
scanned on: 6/22/2012 6:49 PM

Error: (06/23/2012 02:27:10 PM) (Source: CNET TechTracker) (User: Barrett)Barrett
Description: Unable to complete request due to error:

The server was busy and could not check for updates.

Error: (06/23/2012 02:27:10 PM) (Source: CNET TechTracker) (User: Barrett)Barrett
Description: Unable to complete request due to error:

A connection with the server could not be established

Error: (06/23/2012 02:22:43 PM) (Source: Wave TCG Client Services) (User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM

Error: (06/23/2012 02:22:42 PM) (Source: Wave TCG Client Services) (User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM

Error: (06/22/2012 07:46:42 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (06/22/2012 06:43:54 PM) (Source: Wave TCG Client Services) (User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM

Error: (06/22/2012 06:43:50 PM) (Source: Wave TCG Client Services) (User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM

Error: (06/21/2012 11:14:31 PM) (Source: Wave TCG Client Services) (User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM

Error: (06/21/2012 11:14:27 PM) (Source: Wave TCG Client Services) (User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM


System errors:
=============
Error: (06/23/2012 02:24:07 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (06/23/2012 02:23:08 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (06/22/2012 06:54:43 PM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (06/22/2012 06:45:14 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (06/22/2012 06:44:33 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (06/22/2012 06:44:33 PM) (Source: Service Control Manager) (User: )
Description: The TdmService service failed to start due to the following error:
%%1053

Error: (06/22/2012 06:44:33 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the TdmService service to connect.

Error: (06/21/2012 11:14:03 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (06/21/2012 11:13:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (06/21/2012 10:29:40 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd


Microsoft Office Sessions:
=========================
Error: (03/08/2012 04:41:01 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2571 seconds with 2460 seconds of active time. This session ended with a crash.

Error: (11/04/2011 08:49:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.

Error: (08/12/2011 11:46:58 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 100 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 7.1.8)
Acrobat.com (Version: 1.7.186)
Ad-Aware Antivirus (Version: 10.1.211.3382)
Ad-Aware Browsing Protection (Version: 0.9.0.2)
Ad-Aware Security Toolbar (Version: 0.9.1.8)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.20)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
All Day Battery Life Configuration (Version: 1.1.0)
Amazon MP3 Downloader 1.0.15 (Version: 1.0.15)
ASPCA Tri Reminder by We-Care.com v4.0.13.5 (Version: 4.0.13.5)
avast! Free Antivirus (Version: 7.0.1426.0)
BIG-IP Edge Client Components (All Users) (Version: 70.2011.0622.1118)
Bing Bar (Version: 7.0.822.0)
BioAPI Framework (Version: 1.0.1)
biolsp patch (Version: 01.00.02.0005)
Bradford Persistent Agent (Version: 2.2.1.4)
Broadcom USH Host Components (Version: 1.7.208.6)
BufferChm (Version: 120.0.194.000)
C4600 (Version: 120.0.235.000)
CambridgeSoft Activation Client (Version: 12.0)
CambridgeSoft ChemDraw Pro 12.0 (Version: 12.0)
Choice Guard (Version: 1.2.87.0)
CNET TechTracker (Version: 2.0.4)
Coby Media Manager (Version: 1.0.4313)
DCP32MMWrapper (Version: 1.6.211.25)
Dell Control Point (Version: 1.6.211.25)
Dell ControlPoint Connection Manager (Version: 1.2.3)
Dell ControlPoint Security Manager (Version: 1.6.211.25)
Dell ControlPoint System Manager (Version: 1.2.01000)
Dell Embassy Trust Suite by Wave Systems (Version: 03.03.02.007)
Dell Security Device Driver Pack (Version: 1.02.35)
Dell Touchpad (Version: 7.2.101.216)
Dell Wireless WLAN Card Utility (Version: 4.170.77.16)
Destination Component (Version: 110.0.0.0)
DeviceDiscovery (Version: 120.0.194.000)
Document Manager Lite (Version: 06.09.00.082)
EMBASSY Security Center (Version: 03.09.00.075)
EMBASSY Security Setup (Version: 03.09.00.077)
eMusic Download Manager 4.1.4 (Version: 4.1.4)
ESC Home Page Plugin (Version: 03.04.00.023)
ESET Online Scanner v3
Gemalto (Version: 01.01.00.0000)
Google Chrome (Version: 19.0.1084.56)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
GPBaseService2 (Version: 130.0.371.000)
HP Customer Participation Program 12.0 (Version: 12.0)
HP Imaging Device Functions 12.0 (Version: 12.0)
HP Photosmart C4600 All-In-One Driver Software 12.0 Rel .5 (Version: 12.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
Intel® Graphics Media Accelerator Driver
Intel® Network Connections 13.0.42.0 (Version: 13.0.42.0)
Intel® PRO Alerting Agent (Version: 12.0.3)
Intel® Matrix Storage Manager
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 14.0.8050.1202)
Magical Jelly Bean KeyFinder (Version: 2.0.8.2)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MarketResearch (Version: 120.0.226.000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSVCRT (Version: 14.0.1468.721)
MSVCSetup (Version: 1.00.0000)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
NTRU TCG Software Stack (Version: 2.1.29)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PowerDVD DX (Version: 8.2.5024)
Preboot Manager (Version: 02.09.00.028)
Private Information Manager (Version: 06.04.00.042)
PS_AIO_05_C4600_Software_Min (Version: 120.0.235.000)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.5.0)
Roxio Creator BDAV Plugin (Version: 3.5.0)
Roxio Creator Copy (Version: 3.5.0)
Roxio Creator Data (Version: 3.5.0)
Roxio Creator DE (Version: 3.5.0)
Roxio Creator Tools (Version: 3.5.0)
Roxio Drag-to-Disc (Version: 9.1)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Scan (Version: 12.0.0.0)
Secure Update (Version: 05.07.00.017)
Security Wizards (Version: 01.07.00.014)
Segoe UI (Version: 14.0.4327.805)
SmartWebPrinting (Version: 140.0.186.000)
SO32MMWrapper (Version: 1.6.211.25)
SolutionCenter (Version: 130.0.373.000)
Sonic CinePlayer Decoder Pack (Version: 4.2.0)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
SRS Premium Sound (Version: 1.08.1400)
Status (Version: 120.0.194.000)
swMSM (Version: 12.0.0.1)
Toolbox (Version: 120.0.194.000)
TrayApp (Version: 120.0.194.000)
Trusted Drive Manager (Version: 3.0.1.16)
tsp patch (Version: 01.00.00.0000)
UnloadSupport (Version: 11.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951618-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Wave Infrastructure Installer (Version: 06.01.52.0025)
Wave Support Software (Version: 05.10.00.032)
WebEx
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 120.0.194.000)
Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5) (Version: 01/07/2008 1.0.1.5)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Photo Gallery (Version: 14.0.8051.1204)
Windows Live Sign-in Assistant (Version: 5.000.818.6)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8050.1202)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell™ 1.0 (Version: 2)
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows Search 4.0 (Version: 04.00.6001.503)
XML Paper Specification Shared Components Pack 1.0

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 3023.83 MB
Available physical RAM: 1764.26 MB
Total Pagefile: 4909.08 MB
Available Pagefile: 3691.64 MB
Total Virtual: 2047.88 MB
Available Virtual: 1968.24 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:148.86 GB) (Free:116.02 GB) NTFS

========================= Users: ========================================

User accounts for \\D2B09KK1

Administrator Barrett Guest
HelpAssistant SUPPORT_388945a0


**** End of log ****



System look log:

SystemLook 30.07.11 by jpshortstuff
Log created at 16:32 on 23/06/2012 by Barrett
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe --a---- 110592 bytes [04:06 10/07/2009] [11:06 06/02/2009] 020CEAAEDC8EB655B6506B8C70D53BB6
C:\WINDOWS\system32\services.exe --a---- 110592 bytes [16:16 25/04/2008] [11:11 06/02/2009] 65DF52F5B8B6E9BBD183505225C37315
C:\WINDOWS\system32\dllcache\services.exe -----c- 110592 bytes [04:06 10/07/2009] [11:11 06/02/2009] 65DF52F5B8B6E9BBD183505225C37315

========== folderfind ==========

Searching for "{9b7c990c-ca89-cf1e-1225-50a81d0299a4}"
C:\Documents and Settings\Barrett\Local Settings\Application Data\{9b7c990c-ca89-cf1e-1225-50a81d0299a4} d--hs-- [16:16 25/04/2008]
C:\WINDOWS\Installer\{9b7c990c-ca89-cf1e-1225-50a81d0299a4} d--hs-- [16:16 25/04/2008]

-= EOF =-



What is the next step?

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:35 AM

Posted 23 June 2012 - 03:51 PM

Open your C drive

On top,click on Tools-folder options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Documents and Settings\Barrett\Local Settings\Application Data\{9b7c990c-ca89-cf1e-1225-50a81d0299a4}
C:\WINDOWS\Installer\{9b7c990c-ca89-cf1e-1225-50a81d0299a4}

delete the both the folders

Now ,launch system look again copy this script and paste in the BOX

:folderfind 
{9b7c990c-ca89-cf1e-1225-50a81d0299a4}

Click on LOOK,post the generated log

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#8 richabr09

richabr09
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 23 June 2012 - 10:48 PM

SystemLook log:

SystemLook 30.07.11 by jpshortstuff
Log created at 23:44 on 23/06/2012 by Barrett
Administrator - Elevation successful

========== folderfind ==========

Searching for "{9b7c990c-ca89-cf1e-1225-50a81d0299a4}"
No folders found.

-= EOF =-



FSS log:

Farbar Service Scanner Version: 23-06-2012
Ran by Barrett (administrator) on 23-06-2012 at 23:47:05
Running from "C:\Documents and Settings\Barrett\Local Settings\Temporary Internet Files\Content.IE5\O3OJPJQY"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open sharedaccess registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit


**** End of log ****

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:35 AM

Posted 24 June 2012 - 03:27 AM

Create a restore point before trying this

Download

Shared access
WSCSVC

Launch both the registry keys,click YES

Restart the PC,post the new FSS log

How is PC running now?

#10 richabr09

richabr09
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 24 June 2012 - 12:01 PM

I attempted to do those steps. I have clicked several search engine links without any problems, so the issue may be resolved. However, I cannot post a new FSS log because it will not allow me to run the program again. I tried to run it twice, but both times a blue error screen came up followed by an automatic restart.

Hopefully this is not required because the problem seems to have been resolved. If I need to do anything else, please let me know. Otherwise, I would like to thank you sincerely for your help. You have been helpful, quick, and easy to understand. If I have any future problems, I will be sure to come back to Bleeping Computer. Thanks again so much for your help.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:35 AM

Posted 24 June 2012 - 12:03 PM

Thats ok

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#12 richabr09

richabr09
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 24 June 2012 - 01:39 PM

I am also getting the blue error screen and automatic restart trying to download TFC. Is this a problem I will have to address? I was able to do everything else, and my problems seem to be fixed. Thanks again for all your help.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:35 AM

Posted 24 June 2012 - 02:13 PM

Boot into safemode with networking and run TFC

good luck

#14 richabr09

richabr09
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 08 July 2012 - 03:27 PM

Now I am having another problem. I made a new topic, but an advisor told me to continue in this topic since everything from last time is already here.

For the last two days, my computer has been extremely slow and unresponsive. Sometimes it never responds to anything upon start up. Sometimes I can use it for a while without problems, but eventually it becomes completely unresponsive. I cannot run any programs or even shut it down normally. The only things I remember downloading/installing in the last few days are an Avast update and Malwarebytes. I am running Windows XP and primarily use Internet Explorer. Is there anything I can do to correct this problem?

#15 richabr09

richabr09
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 08 July 2012 - 06:55 PM

I have recently come across another issue. The search bar on the Bing toolbar does not allow me to open links from the drop down menu. This is not a big deal, but I wanted to let you know in case it is related to my other problems.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users