Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows XP Pro: Missing System Tools and more


  • This topic is locked This topic is locked
4 replies to this topic

#1 MeNaty

MeNaty

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:01 PM

Posted 26 June 2012 - 10:50 AM

Hello. I am new to this site and was told by my office tech specialist to try ComboFix. Recently, several problems have started to occur on my computer:

-all of my System Tools are gone or disabled including Help & Support and System Restore. This includes trying to run System Restore in Safe Mode.
-My Network Connections window is now blank and refuses to detect networks.
-I am able to connect to the internet, but it takes effort by logging into the wireless network multiple times using the program for my modem.
-When I do connect, after a few minutes, the internet connection slows to a crawl then stops responding. The other 2 computers in the household do not have such issues.

This might not be enough information and I can try to provide more data. I have run Malware Bytes, McAfee, and Microsoft Security Essentials but it seems nothing is detected. Apparently I have AVG running but I removed the program a long time ago, so I'm not sure why it still exists. I went through the steps for ComboFix and I have attached the end report. Any help would be appreciated!!!!

Nate M

Attached File  ComboFix.txt   23.7KB   4 downloads

BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:01 PM

Posted 01 July 2012 - 10:55 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/458399 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,223 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:01 PM

Posted 03 July 2012 - 08:39 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===
Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
Please note: You may have to disable any script protection running if the scan fails to run.

Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.


Please post the logs for my review and let me know what problem persists.

#4 MeNaty

MeNaty
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:01 PM

Posted 04 July 2012 - 04:45 AM

Attached File  MBR.zip   577bytes   0 downloads

As requested.....

Step 1, TDSSkiller Scan

16:57:58.0218 2708 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
16:58:00.0218 2708 ============================================================
16:58:00.0218 2708 Current date / time: 2012/07/03 16:58:00.0218
16:58:00.0218 2708 SystemInfo:
16:58:00.0218 2708
16:58:00.0218 2708 OS Version: 5.1.2600 ServicePack: 3.0
16:58:00.0218 2708 Product type: Workstation
16:58:00.0218 2708 ComputerName: NATE
16:58:00.0218 2708 UserName: Natty
16:58:00.0218 2708 Windows directory: C:\WINDOWS
16:58:00.0218 2708 System windows directory: C:\WINDOWS
16:58:00.0218 2708 Processor architecture: Intel x86
16:58:00.0218 2708 Number of processors: 2
16:58:00.0218 2708 Page size: 0x1000
16:58:00.0218 2708 Boot type: Normal boot
16:58:00.0218 2708 ============================================================
16:58:03.0234 2708 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:58:03.0234 2708 Drive \Device\Harddisk1\DR4 - Size: 0xEE979000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:58:03.0296 2708 ============================================================
16:58:03.0296 2708 \Device\Harddisk0\DR0:
16:58:03.0296 2708 MBR partitions:
16:58:03.0296 2708 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x1CAEF143
16:58:03.0296 2708 \Device\Harddisk1\DR4:
16:58:03.0296 2708 MBR partitions:
16:58:03.0296 2708 \Device\Harddisk1\DR4\Partition0: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x774B01
16:58:03.0296 2708 ============================================================
16:58:03.0359 2708 C: <-> \Device\Harddisk0\DR0\Partition0
16:58:03.0359 2708 ============================================================
16:58:03.0359 2708 Initialize success
16:58:03.0359 2708 ============================================================
16:58:15.0234 2732 ============================================================
16:58:15.0234 2732 Scan started
16:58:15.0234 2732 Mode: Manual;
16:58:15.0234 2732 ============================================================
16:58:15.0593 2732 Abiosdsk - ok
16:58:15.0625 2732 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
16:58:15.0671 2732 abp480n5 - ok
16:58:15.0796 2732 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:58:15.0875 2732 ACDaemon - ok
16:58:15.0921 2732 ACEDRV08 (da06d89cdfdd0d24de75165cf6d4270b) C:\WINDOWS\system32\drivers\ACEDRV08.sys
16:58:16.0109 2732 ACEDRV08 - ok
16:58:16.0156 2732 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:58:16.0156 2732 ACPI - ok
16:58:16.0218 2732 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
16:58:16.0218 2732 ACPIEC - ok
16:58:16.0312 2732 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:58:16.0312 2732 AdobeFlashPlayerUpdateSvc - ok
16:58:16.0343 2732 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
16:58:16.0390 2732 adpu160m - ok
16:58:16.0406 2732 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:58:16.0421 2732 aec - ok
16:58:16.0468 2732 AegisP (15e655baa989444f56787ef558823643) C:\WINDOWS\system32\DRIVERS\AegisP.sys
16:58:16.0515 2732 AegisP - ok
16:58:16.0578 2732 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
16:58:16.0640 2732 AFD - ok
16:58:16.0671 2732 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
16:58:16.0687 2732 agp440 - ok
16:58:16.0703 2732 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
16:58:16.0703 2732 agpCPQ - ok
16:58:16.0734 2732 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
16:58:16.0796 2732 Aha154x - ok
16:58:16.0796 2732 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
16:58:16.0843 2732 aic78u2 - ok
16:58:16.0859 2732 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
16:58:16.0906 2732 aic78xx - ok
16:58:16.0937 2732 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
16:58:16.0937 2732 Alerter - ok
16:58:16.0968 2732 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
16:58:16.0968 2732 ALG - ok
16:58:16.0968 2732 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
16:58:17.0015 2732 AliIde - ok
16:58:17.0031 2732 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
16:58:17.0031 2732 alim1541 - ok
16:58:17.0062 2732 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
16:58:17.0062 2732 amdagp - ok
16:58:17.0093 2732 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
16:58:17.0156 2732 amsint - ok
16:58:17.0250 2732 AntUpdaterService (c710b5d634dccf966661939193175de4) C:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe
16:58:17.0343 2732 AntUpdaterService - ok
16:58:17.0421 2732 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
16:58:17.0531 2732 AOL ACS - ok
16:58:17.0593 2732 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:58:17.0703 2732 Apple Mobile Device - ok
16:58:17.0734 2732 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
16:58:17.0750 2732 AppMgmt - ok
16:58:17.0781 2732 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
16:58:17.0875 2732 asc - ok
16:58:17.0875 2732 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
16:58:17.0953 2732 asc3350p - ok
16:58:17.0984 2732 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
16:58:18.0031 2732 asc3550 - ok
16:58:18.0156 2732 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:58:18.0265 2732 aspnet_state - ok
16:58:18.0296 2732 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:58:18.0296 2732 AsyncMac - ok
16:58:18.0328 2732 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:58:18.0328 2732 atapi - ok
16:58:18.0328 2732 Atdisk - ok
16:58:18.0343 2732 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:58:18.0359 2732 Atmarpc - ok
16:58:18.0390 2732 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
16:58:18.0390 2732 AudioSrv - ok
16:58:18.0453 2732 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:58:18.0453 2732 audstub - ok
16:58:18.0500 2732 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:58:18.0515 2732 Beep - ok
16:58:18.0562 2732 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
16:58:18.0625 2732 BITS - ok
16:58:18.0718 2732 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
16:58:18.0828 2732 Bonjour Service - ok
16:58:18.0875 2732 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
16:58:18.0875 2732 Browser - ok
16:58:18.0890 2732 catchme - ok
16:58:18.0921 2732 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
16:58:18.0937 2732 cbidf - ok
16:58:18.0937 2732 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:58:18.0937 2732 cbidf2k - ok
16:58:18.0953 2732 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
16:58:19.0046 2732 cd20xrnt - ok
16:58:19.0078 2732 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:58:19.0078 2732 Cdaudio - ok
16:58:19.0125 2732 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:58:19.0125 2732 Cdfs - ok
16:58:19.0171 2732 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:58:19.0187 2732 Cdrom - ok
16:58:19.0218 2732 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\WINDOWS\system32\drivers\cfwids.sys
16:58:19.0312 2732 cfwids - ok
16:58:19.0312 2732 Changer - ok
16:58:19.0343 2732 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
16:58:19.0359 2732 CiSvc - ok
16:58:19.0375 2732 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
16:58:19.0390 2732 ClipSrv - ok
16:58:19.0468 2732 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:58:19.0609 2732 clr_optimization_v2.0.50727_32 - ok
16:58:19.0640 2732 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
16:58:19.0640 2732 CmdIde - ok
16:58:19.0656 2732 COMSysApp - ok
16:58:19.0718 2732 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
16:58:19.0718 2732 Cpqarray - ok
16:58:19.0765 2732 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
16:58:19.0781 2732 CryptSvc - ok
16:58:19.0812 2732 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
16:58:19.0843 2732 dac2w2k - ok
16:58:19.0875 2732 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
16:58:19.0953 2732 dac960nt - ok
16:58:20.0015 2732 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
16:58:20.0031 2732 DcomLaunch - ok
16:58:20.0078 2732 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
16:58:20.0093 2732 Dhcp - ok
16:58:20.0109 2732 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:58:20.0109 2732 Disk - ok
16:58:20.0109 2732 dmadmin - ok
16:58:20.0171 2732 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
16:58:20.0218 2732 dmboot - ok
16:58:20.0234 2732 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
16:58:20.0250 2732 dmio - ok
16:58:20.0265 2732 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:58:20.0265 2732 dmload - ok
16:58:20.0296 2732 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
16:58:20.0312 2732 dmserver - ok
16:58:20.0328 2732 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:58:20.0328 2732 DMusic - ok
16:58:20.0375 2732 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
16:58:20.0390 2732 Dot3svc - ok
16:58:20.0406 2732 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
16:58:20.0421 2732 dpti2o - ok
16:58:20.0468 2732 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:58:20.0468 2732 drmkaud - ok
16:58:20.0500 2732 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
16:58:20.0578 2732 E100B - ok
16:58:20.0625 2732 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
16:58:20.0734 2732 e1express - ok
16:58:20.0765 2732 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
16:58:20.0781 2732 EapHost - ok
16:58:20.0828 2732 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
16:58:20.0843 2732 ERSvc - ok
16:58:20.0875 2732 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
16:58:20.0890 2732 Eventlog - ok
16:58:20.0906 2732 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:58:20.0906 2732 Fastfat - ok
16:58:20.0953 2732 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
16:58:20.0953 2732 FastUserSwitchingCompatibility - ok
16:58:21.0000 2732 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
16:58:21.0000 2732 Fdc - ok
16:58:21.0015 2732 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
16:58:21.0015 2732 Fips - ok
16:58:21.0203 2732 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
16:58:21.0468 2732 FirebirdServerMAGIXInstance - ok
16:58:21.0593 2732 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:58:21.0593 2732 Flpydisk - ok
16:58:21.0640 2732 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
16:58:21.0656 2732 FltMgr - ok
16:58:21.0781 2732 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:58:21.0781 2732 FontCache3.0.0.0 - ok
16:58:21.0828 2732 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:58:21.0828 2732 Fs_Rec - ok
16:58:21.0890 2732 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:58:21.0890 2732 Ftdisk - ok
16:58:21.0921 2732 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
16:58:22.0015 2732 GEARAspiWDM - ok
16:58:22.0140 2732 GoogleDesktopManager-010708-104812 (ff0e0e6e5768b82bead44bfbcb9bdfe6) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
16:58:22.0234 2732 GoogleDesktopManager-010708-104812 - ok
16:58:22.0265 2732 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:58:22.0265 2732 Gpc - ok
16:58:22.0359 2732 gupdate1c9af33d297c748 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
16:58:22.0359 2732 gupdate1c9af33d297c748 - ok
16:58:22.0375 2732 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
16:58:22.0375 2732 gupdatem - ok
16:58:22.0421 2732 gusvc (1bf044e23206fddc16891a32922d571b) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:58:22.0546 2732 gusvc - ok
16:58:22.0593 2732 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:58:22.0609 2732 HDAudBus - ok
16:58:22.0640 2732 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
16:58:22.0656 2732 HidServ - ok
16:58:22.0656 2732 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:58:22.0671 2732 HidUsb - ok
16:58:22.0703 2732 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
16:58:22.0718 2732 hkmsvc - ok
16:58:22.0734 2732 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
16:58:22.0828 2732 hpn - ok
16:58:22.0859 2732 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
16:58:22.0953 2732 HSFHWBS2 - ok
16:58:23.0015 2732 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
16:58:23.0140 2732 HSF_DP - ok
16:58:23.0187 2732 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:58:23.0203 2732 HTTP - ok
16:58:23.0234 2732 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
16:58:23.0250 2732 HTTPFilter - ok
16:58:23.0281 2732 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
16:58:23.0281 2732 i2omgmt - ok
16:58:23.0312 2732 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
16:58:23.0328 2732 i2omp - ok
16:58:23.0328 2732 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:58:23.0328 2732 i8042prt - ok
16:58:23.0562 2732 ialm (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
16:58:23.0796 2732 ialm - ok
16:58:23.0921 2732 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\WINDOWS\system32\drivers\iaStor.sys
16:58:23.0921 2732 iaStor - ok
16:58:24.0093 2732 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
16:58:24.0109 2732 IDriverT - ok
16:58:24.0265 2732 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:58:24.0406 2732 idsvc - ok
16:58:24.0453 2732 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:58:24.0453 2732 Imapi - ok
16:58:24.0500 2732 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
16:58:24.0500 2732 ImapiService - ok
16:58:24.0546 2732 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
16:58:24.0625 2732 ini910u - ok
16:58:24.0812 2732 IntcAzAudAddService (17bbbabb21f86b650b2626045a9d016c) C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:58:24.0953 2732 IntcAzAudAddService - ok
16:58:25.0078 2732 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
16:58:25.0093 2732 IntelIde - ok
16:58:25.0140 2732 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:58:25.0140 2732 intelppm - ok
16:58:25.0171 2732 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
16:58:25.0171 2732 Ip6Fw - ok
16:58:25.0203 2732 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:58:25.0218 2732 IpFilterDriver - ok
16:58:25.0234 2732 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:58:25.0250 2732 IpInIp - ok
16:58:25.0281 2732 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:58:25.0296 2732 IpNat - ok
16:58:25.0421 2732 iPod Service (ce004777b92dea56fe14ec900d20baa4) C:\Program Files\iPod\bin\iPodService.exe
16:58:25.0515 2732 iPod Service - ok
16:58:25.0531 2732 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:58:25.0546 2732 IPSec - ok
16:58:25.0562 2732 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:58:25.0578 2732 IRENUM - ok
16:58:25.0593 2732 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:58:25.0593 2732 isapnp - ok
16:58:25.0640 2732 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:58:25.0640 2732 Kbdclass - ok
16:58:25.0656 2732 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:58:25.0656 2732 kbdhid - ok
16:58:25.0671 2732 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:58:25.0671 2732 kmixer - ok
16:58:25.0687 2732 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
16:58:25.0687 2732 KSecDD - ok
16:58:25.0750 2732 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
16:58:25.0750 2732 lanmanserver - ok
16:58:25.0796 2732 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
16:58:25.0796 2732 lanmanworkstation - ok
16:58:25.0812 2732 lbrtfdc - ok
16:58:25.0859 2732 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
16:58:25.0875 2732 LmHosts - ok
16:58:25.0906 2732 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
16:58:25.0953 2732 MBAMSwissArmy - ok
16:58:26.0109 2732 McAfee SiteAdvisor Service (19d95f16cdc256078ea45d4e566ea1db) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
16:58:26.0218 2732 McAfee SiteAdvisor Service - ok
16:58:26.0281 2732 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
16:58:26.0343 2732 McMPFSvc - ok
16:58:26.0359 2732 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:58:26.0359 2732 mcmscsvc - ok
16:58:26.0359 2732 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:58:26.0359 2732 McNaiAnn - ok
16:58:26.0359 2732 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:58:26.0375 2732 McNASvc - ok
16:58:26.0453 2732 McODS (135aa9e9e7047b7dc1f753205d421a26) C:\Program Files\McAfee\VirusScan\mcods.exe
16:58:26.0468 2732 McODS - ok
16:58:26.0484 2732 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:58:26.0484 2732 McProxy - ok
16:58:26.0531 2732 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
16:58:26.0593 2732 McShield - ok
16:58:26.0640 2732 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
16:58:26.0656 2732 MDM - ok
16:58:26.0687 2732 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
16:58:26.0734 2732 mdmxsdk - ok
16:58:26.0781 2732 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
16:58:26.0781 2732 Messenger - ok
16:58:26.0843 2732 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\WINDOWS\system32\drivers\mfeapfk.sys
16:58:26.0890 2732 mfeapfk - ok
16:58:26.0921 2732 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\WINDOWS\system32\drivers\mfeavfk.sys
16:58:26.0984 2732 mfeavfk - ok
16:58:26.0984 2732 mfeavfk01 - ok
16:58:27.0000 2732 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\WINDOWS\system32\drivers\mfebopk.sys
16:58:27.0062 2732 mfebopk - ok
16:58:27.0093 2732 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:58:27.0156 2732 mfefire - ok
16:58:27.0203 2732 mfefirek (4ea6ff90015424517843e931448e00f1) C:\WINDOWS\system32\drivers\mfefirek.sys
16:58:27.0281 2732 mfefirek - ok
16:58:27.0296 2732 mfehidk (d1e998748ba24a731106611d535c6bbf) C:\WINDOWS\system32\drivers\mfehidk.sys
16:58:27.0312 2732 mfehidk - ok
16:58:27.0328 2732 mfendisk (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
16:58:27.0390 2732 mfendisk - ok
16:58:27.0390 2732 mfendiskmp (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
16:58:27.0390 2732 mfendiskmp - ok
16:58:27.0406 2732 mferkdet (f454a13377f0a006d20a8c14a753c432) C:\WINDOWS\system32\drivers\mferkdet.sys
16:58:27.0468 2732 mferkdet - ok
16:58:27.0468 2732 mfetdi2k (070d3faf2eac417c59d8674a8752f7a6) C:\WINDOWS\system32\drivers\mfetdi2k.sys
16:58:27.0531 2732 mfetdi2k - ok
16:58:27.0593 2732 mfevtp (b10c4efd40810c08f4b44df2efcb54f7) C:\WINDOWS\system32\mfevtps.exe
16:58:27.0640 2732 mfevtp - ok
16:58:27.0687 2732 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:58:27.0687 2732 mnmdd - ok
16:58:27.0718 2732 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
16:58:27.0734 2732 mnmsrvc - ok
16:58:27.0765 2732 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
16:58:27.0765 2732 Modem - ok
16:58:27.0812 2732 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
16:58:27.0875 2732 MODEMCSA - ok
16:58:27.0890 2732 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:58:27.0890 2732 Mouclass - ok
16:58:27.0953 2732 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:58:27.0953 2732 mouhid - ok
16:58:27.0968 2732 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:58:27.0968 2732 MountMgr - ok
16:58:28.0062 2732 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:58:28.0125 2732 MozillaMaintenance - ok
16:58:28.0171 2732 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
16:58:28.0171 2732 MpFilter - ok
16:58:28.0218 2732 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
16:58:28.0265 2732 mraid35x - ok
16:58:28.0281 2732 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:58:28.0281 2732 MRxDAV - ok
16:58:28.0359 2732 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:58:28.0359 2732 MRxSmb - ok
16:58:28.0390 2732 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
16:58:28.0406 2732 MSDTC - ok
16:58:28.0406 2732 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:58:28.0421 2732 Msfs - ok
16:58:28.0421 2732 MSIServer - ok
16:58:28.0453 2732 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:58:28.0453 2732 MSKSSRV - ok
16:58:28.0531 2732 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:58:28.0593 2732 MsMpSvc - ok
16:58:28.0609 2732 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:58:28.0625 2732 MSPCLOCK - ok
16:58:28.0625 2732 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:58:28.0640 2732 MSPQM - ok
16:58:28.0671 2732 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:58:28.0687 2732 mssmbios - ok
16:58:28.0718 2732 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:58:28.0718 2732 Mup - ok
16:58:28.0734 2732 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:58:28.0750 2732 NDIS - ok
16:58:28.0781 2732 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:58:28.0843 2732 NdisTapi - ok
16:58:28.0859 2732 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:58:28.0859 2732 Ndisuio - ok
16:58:28.0875 2732 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:58:28.0875 2732 NdisWan - ok
16:58:28.0921 2732 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:58:28.0968 2732 NDProxy - ok
16:58:28.0984 2732 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:58:28.0984 2732 NetBIOS - ok
16:58:29.0000 2732 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:58:29.0015 2732 NetBT - ok
16:58:29.0062 2732 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
16:58:29.0062 2732 NetDDE - ok
16:58:29.0078 2732 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
16:58:29.0078 2732 NetDDEdsdm - ok
16:58:29.0125 2732 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
16:58:29.0125 2732 Netlogon - ok
16:58:29.0234 2732 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:58:29.0250 2732 NetTcpPortSharing - ok
16:58:29.0343 2732 NitroReaderDriverReadSpool (f970fc3d94f3948bd89f105bb8f2f4c4) C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
16:58:29.0421 2732 NitroReaderDriverReadSpool - ok
16:58:29.0468 2732 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
16:58:29.0484 2732 Nla - ok
16:58:29.0515 2732 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:58:29.0515 2732 Npfs - ok
16:58:29.0546 2732 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:58:29.0546 2732 Ntfs - ok
16:58:29.0546 2732 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
16:58:29.0546 2732 NtLmSsp - ok
16:58:29.0609 2732 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
16:58:29.0625 2732 NtmsSvc - ok
16:58:29.0656 2732 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:58:29.0671 2732 Null - ok
16:58:29.0765 2732 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:58:29.0843 2732 nv - ok
16:58:29.0921 2732 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:58:29.0921 2732 NwlnkFlt - ok
16:58:29.0937 2732 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:58:29.0937 2732 NwlnkFwd - ok
16:58:30.0062 2732 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:58:30.0156 2732 odserv - ok
16:58:30.0187 2732 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:58:30.0250 2732 ose - ok
16:58:30.0296 2732 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
16:58:30.0296 2732 Parport - ok
16:58:30.0328 2732 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:58:30.0328 2732 PartMgr - ok
16:58:30.0359 2732 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
16:58:30.0359 2732 ParVdm - ok
16:58:30.0375 2732 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
16:58:30.0375 2732 PCI - ok
16:58:30.0375 2732 PCIDump - ok
16:58:30.0421 2732 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:58:30.0421 2732 PCIIde - ok
16:58:30.0437 2732 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:58:30.0453 2732 Pcmcia - ok
16:58:30.0453 2732 PDCOMP - ok
16:58:30.0453 2732 PDFRAME - ok
16:58:30.0468 2732 PDRELI - ok
16:58:30.0468 2732 PDRFRAME - ok
16:58:30.0484 2732 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
16:58:30.0531 2732 perc2 - ok
16:58:30.0546 2732 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
16:58:30.0546 2732 perc2hib - ok
16:58:30.0593 2732 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
16:58:30.0609 2732 PlugPlay - ok
16:58:30.0625 2732 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
16:58:30.0625 2732 PolicyAgent - ok
16:58:30.0640 2732 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:58:30.0656 2732 PptpMiniport - ok
16:58:30.0656 2732 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
16:58:30.0656 2732 ProtectedStorage - ok
16:58:30.0656 2732 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
16:58:30.0671 2732 PSched - ok
16:58:30.0703 2732 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:58:30.0703 2732 Ptilink - ok
16:58:30.0781 2732 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:58:30.0781 2732 PxHelp20 - ok
16:58:30.0812 2732 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
16:58:30.0812 2732 ql1080 - ok
16:58:30.0828 2732 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
16:58:30.0843 2732 Ql10wnt - ok
16:58:30.0859 2732 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
16:58:30.0875 2732 ql12160 - ok
16:58:30.0890 2732 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
16:58:30.0890 2732 ql1240 - ok
16:58:30.0921 2732 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
16:58:30.0937 2732 ql1280 - ok
16:58:30.0968 2732 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:58:30.0968 2732 RasAcd - ok
16:58:31.0000 2732 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
16:58:31.0015 2732 RasAuto - ok
16:58:31.0046 2732 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:58:31.0046 2732 Rasl2tp - ok
16:58:31.0093 2732 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
16:58:31.0109 2732 RasMan - ok
16:58:31.0109 2732 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:58:31.0125 2732 RasPppoe - ok
16:58:31.0125 2732 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:58:31.0140 2732 Raspti - ok
16:58:31.0140 2732 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:58:31.0156 2732 Rdbss - ok
16:58:31.0156 2732 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:58:31.0156 2732 RDPCDD - ok
16:58:31.0171 2732 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:58:31.0187 2732 rdpdr - ok
16:58:31.0218 2732 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
16:58:31.0343 2732 RDPWD - ok
16:58:31.0375 2732 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
16:58:31.0390 2732 RDSessMgr - ok
16:58:31.0406 2732 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:58:31.0406 2732 redbook - ok
16:58:31.0453 2732 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
16:58:31.0453 2732 RemoteAccess - ok
16:58:31.0484 2732 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
16:58:31.0500 2732 RemoteRegistry - ok
16:58:31.0531 2732 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
16:58:31.0578 2732 RimUsb - ok
16:58:31.0625 2732 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
16:58:31.0718 2732 RimVSerPort - ok
16:58:31.0765 2732 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
16:58:31.0781 2732 ROOTMODEM - ok
16:58:31.0921 2732 Roxio UPnP Renderer 9 (afd61a7c48a3e15c86a6fadf0b69a2e4) C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
16:58:31.0984 2732 Roxio UPnP Renderer 9 - ok
16:58:32.0015 2732 Roxio Upnp Server 9 (efbb36e2bb02169d26e9980778fc20d3) C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
16:58:32.0125 2732 Roxio Upnp Server 9 - ok
16:58:32.0265 2732 RoxLiveShare9 (78e680a105f47b6aa0003bd23ed9fa51) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
16:58:32.0343 2732 RoxLiveShare9 - ok
16:58:32.0421 2732 RoxMediaDB9 (9d5c024170c376d7cc66ed853fda9068) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
16:58:32.0562 2732 RoxMediaDB9 - ok
16:58:32.0609 2732 RoxWatch9 (87f175539dbba297018aa7fcdd563ff7) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
16:58:32.0687 2732 RoxWatch9 - ok
16:58:32.0796 2732 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
16:58:32.0796 2732 RpcLocator - ok
16:58:32.0859 2732 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
16:58:32.0875 2732 RpcSs - ok
16:58:32.0906 2732 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
16:58:32.0906 2732 RSVP - ok
16:58:32.0984 2732 rt2870 (c2a6f7f35e617744a65dbfb0c0a64adc) C:\WINDOWS\system32\DRIVERS\rt2870.sys
16:58:33.0062 2732 rt2870 - ok
16:58:33.0109 2732 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
16:58:33.0109 2732 SamSs - ok
16:58:33.0156 2732 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
16:58:33.0156 2732 SCardSvr - ok
16:58:33.0203 2732 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
16:58:33.0218 2732 Schedule - ok
16:58:33.0250 2732 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:58:33.0265 2732 Secdrv - ok
16:58:33.0281 2732 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
16:58:33.0296 2732 seclogon - ok
16:58:33.0328 2732 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:58:33.0343 2732 serenum - ok
16:58:33.0375 2732 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
16:58:33.0375 2732 Serial - ok
16:58:33.0421 2732 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:58:33.0437 2732 Sfloppy - ok
16:58:33.0484 2732 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
16:58:33.0500 2732 SharedAccess - ok
16:58:33.0546 2732 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
16:58:33.0546 2732 ShellHWDetection - ok
16:58:33.0546 2732 Simbad - ok
16:58:33.0593 2732 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
16:58:33.0593 2732 sisagp - ok
16:58:33.0625 2732 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
16:58:33.0625 2732 Sparrow - ok
16:58:33.0656 2732 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:58:33.0671 2732 splitter - ok
16:58:33.0703 2732 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
16:58:33.0765 2732 Spooler - ok
16:58:33.0796 2732 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
16:58:33.0812 2732 sr - ok
16:58:33.0859 2732 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
16:58:33.0875 2732 srservice - ok
16:58:33.0937 2732 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
16:58:33.0953 2732 Srv - ok
16:58:33.0984 2732 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
16:58:33.0984 2732 SSDPSRV - ok
16:58:34.0031 2732 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
16:58:34.0062 2732 stisvc - ok
16:58:34.0156 2732 stllssvr (7489520e98a119b5a9a00857f4f87d16) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
16:58:34.0218 2732 stllssvr - ok
16:58:34.0250 2732 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:58:34.0250 2732 swenum - ok
16:58:34.0281 2732 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:58:34.0281 2732 swmidi - ok
16:58:34.0296 2732 SwPrv - ok
16:58:34.0328 2732 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
16:58:34.0390 2732 symc810 - ok
16:58:34.0390 2732 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
16:58:34.0453 2732 symc8xx - ok
16:58:34.0453 2732 SymIM - ok
16:58:34.0453 2732 SymIMMP - ok
16:58:34.0468 2732 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
16:58:34.0484 2732 sym_hi - ok
16:58:34.0484 2732 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
16:58:34.0546 2732 sym_u3 - ok
16:58:34.0562 2732 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:58:34.0578 2732 sysaudio - ok
16:58:34.0609 2732 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
16:58:34.0609 2732 SysmonLog - ok
16:58:34.0640 2732 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
16:58:34.0656 2732 TapiSrv - ok
16:58:34.0703 2732 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:58:34.0718 2732 Tcpip - ok
16:58:34.0750 2732 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:58:34.0750 2732 TDPIPE - ok
16:58:34.0765 2732 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:58:34.0765 2732 TDTCP - ok
16:58:34.0796 2732 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:58:34.0812 2732 TermDD - ok
16:58:34.0859 2732 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
16:58:34.0875 2732 TermService - ok
16:58:34.0921 2732 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
16:58:34.0921 2732 Themes - ok
16:58:34.0968 2732 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
16:58:34.0968 2732 TlntSvr - ok
16:58:35.0062 2732 TomTomHOMEService (efef22b9577e5051057fde1ae381b50c) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
16:58:35.0171 2732 TomTomHOMEService - ok
16:58:35.0218 2732 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
16:58:35.0218 2732 TosIde - ok
16:58:35.0265 2732 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
16:58:35.0296 2732 TrkWks - ok
16:58:35.0312 2732 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:58:35.0328 2732 Udfs - ok
16:58:35.0359 2732 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
16:58:35.0437 2732 ultra - ok
16:58:35.0484 2732 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:58:35.0515 2732 Update - ok
16:58:35.0625 2732 UPnPService (7ce0fe34fd8fb7f52d1e503b0c1e4fa9) C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
16:58:35.0984 2732 UPnPService - ok
16:58:36.0015 2732 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
16:58:36.0031 2732 UPS - ok
16:58:36.0046 2732 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
16:58:36.0140 2732 USBAAPL - ok
16:58:36.0156 2732 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:58:36.0156 2732 usbccgp - ok
16:58:36.0203 2732 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:58:36.0203 2732 usbehci - ok
16:58:36.0218 2732 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:58:36.0218 2732 usbhub - ok
16:58:36.0250 2732 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:58:36.0265 2732 usbscan - ok
16:58:36.0296 2732 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:58:36.0296 2732 USBSTOR - ok
16:58:36.0312 2732 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:58:36.0312 2732 usbuhci - ok
16:58:36.0328 2732 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
16:58:36.0328 2732 usb_rndisx - ok
16:58:36.0359 2732 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:58:36.0359 2732 VgaSave - ok
16:58:36.0390 2732 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
16:58:36.0390 2732 viaagp - ok
16:58:36.0406 2732 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
16:58:36.0406 2732 ViaIde - ok
16:58:36.0453 2732 Viewpoint Manager Service (5f974fde801c73952770736becde11e7) C:\Program Files\Viewpoint\Common\ViewpointService.exe
16:58:36.0562 2732 Viewpoint Manager Service - ok
16:58:36.0593 2732 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
16:58:36.0593 2732 VolSnap - ok
16:58:36.0656 2732 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
16:58:36.0671 2732 VSS - ok
16:58:36.0703 2732 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
16:58:36.0718 2732 w32time - ok
16:58:36.0734 2732 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:58:36.0734 2732 Wanarp - ok
16:58:36.0781 2732 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
16:58:36.0796 2732 wanatw - ok
16:58:36.0812 2732 WDICA - ok
16:58:36.0843 2732 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:58:36.0859 2732 wdmaud - ok
16:58:36.0937 2732 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
16:58:37.0031 2732 winachsf - ok
16:58:37.0125 2732 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
16:58:37.0140 2732 winmgmt - ok
16:58:37.0218 2732 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
16:58:37.0234 2732 Wmi - ok
16:58:37.0265 2732 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:58:37.0281 2732 WmiApSrv - ok
16:58:37.0437 2732 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
16:58:37.0515 2732 WMPNetworkSvc - ok
16:58:37.0593 2732 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
16:58:37.0593 2732 WpdUsb - ok
16:58:37.0640 2732 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
16:58:37.0640 2732 WS2IFSL - ok
16:58:37.0687 2732 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
16:58:37.0703 2732 wscsvc - ok
16:58:37.0734 2732 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
16:58:37.0765 2732 wuauserv - ok
16:58:37.0796 2732 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:58:37.0796 2732 WudfPf - ok
16:58:37.0828 2732 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:58:37.0843 2732 WudfRd - ok
16:58:37.0890 2732 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
16:58:37.0906 2732 WudfSvc - ok
16:58:37.0968 2732 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
16:58:38.0015 2732 WZCSVC - ok
16:58:38.0046 2732 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
16:58:38.0093 2732 xmlprov - ok
16:58:38.0218 2732 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
16:58:38.0406 2732 YahooAUService - ok
16:58:38.0437 2732 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
16:58:38.0781 2732 \Device\Harddisk0\DR0 - ok
16:58:38.0796 2732 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk1\DR4
16:58:38.0796 2732 \Device\Harddisk1\DR4 - ok
16:58:38.0796 2732 Boot (0x1200) (1a7eace476f481b40ec8d433fc1e4827) \Device\Harddisk0\DR0\Partition0
16:58:38.0796 2732 \Device\Harddisk0\DR0\Partition0 - ok
16:58:38.0812 2732 Boot (0x1200) (cfa14a97ab7d95ac6b7a05c1c151fd03) \Device\Harddisk1\DR4\Partition0
16:58:38.0812 2732 \Device\Harddisk1\DR4\Partition0 - ok
16:58:38.0812 2732 ============================================================
16:58:38.0812 2732 Scan finished
16:58:38.0812 2732 ============================================================
16:58:38.0812 3704 Detected object count: 0
16:58:38.0812 3704 Actual detected object count: 0

Step 2

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-03 17:05:56
-----------------------------
17:05:56.703 OS Version: Windows 5.1.2600 Service Pack 3
17:05:56.703 Number of processors: 2 586 0xF0D
17:05:56.703 ComputerName: NATE UserName:
17:05:58.046 Initialize success
17:07:25.703 AVAST engine defs: 12070301
17:08:01.609 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
17:08:01.609 Disk 0 Vendor: ST3250310AS 3.ADA Size: 238418MB BusType: 3
17:08:01.609 Disk 1 \Device\Harddisk1\DR4 -> \Device\0000008c
17:08:01.625 Disk 1 Vendor: Size: 238418MB BusType: 0
17:08:01.625 Disk 0 MBR read successfully
17:08:01.625 Disk 0 MBR scan
17:08:01.687 Disk 0 unknown MBR code
17:08:01.687 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
17:08:01.718 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 234974 MB offset 112455
17:08:01.781 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3380 MB offset 481339530
17:08:01.828 Disk 0 scanning sectors +488263545
17:08:01.937 Disk 0 scanning C:\WINDOWS\system32\drivers
17:08:30.578 Service scanning
17:09:14.890 Modules scanning
17:09:25.203 Disk 0 trace - called modules:
17:09:25.218
17:09:26.000 AVAST engine scan C:\
21:08:29.531 Scan finished successfully
21:32:45.453 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Natty\Desktop\MBR.dat"
21:32:45.593 The log file has been saved successfully to "C:\Documents and Settings\Natty\Desktop\Nate aswMBR.txt"

Step 3

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Natty at 21:47:01 on 2012-07-03
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3061.1794 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Orbit Downloader\orbitdm.exe
C:\Program Files\Orbit Downloader\orbitnet.exe
C:\Program Files\LevelOne\Common\RaUI.exe
C:\Program Files\AOL Desktop 9.7\waol.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\AOL Desktop 9.7\shellmon.exe
C:\Program Files\Common Files\aol\1220063686\ee\aolsoftware.exe
c:\program files\real\realplayer\update\realsched.exe
C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Ant.com\IE add-on\antmaintainer.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Program Files\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe
C:\DOCUME~1\Natty\LOCALS~1\Temp\Rar$EX20.696\TDSSKiller.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Natty\Desktop\aswMBR.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\internet explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
uURLSearchHooks: H - No File
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - c:\program files\orbit downloader\orbitcth.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Ant.com browser helper (video detector): {346fde31-dff9-418a-90c8-ba31dc9ff2ef} - c:\program files\ant.com\ie add-on\download.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120623135306.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: CutePDF Editor Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - c:\program files\orbit downloader\GrabPro.dll
TB: Ant.com Video Downloader toolbar: {2e924f4f-67f0-4bd8-9560-49f468e843d2} - c:\program files\ant.com\ie add-on\anttoolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: CutePDF Editor Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil11f_Plugin.exe -update plugin
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\orbit.lnk - c:\program files\orbit downloader\orbitdm.exe
IE: &Download by Orbit - c:\program files\orbit downloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\orbit downloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\orbit downloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\orbit downloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - c:\program files\ant.com\ie add-on\download.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {1FA44E01-A60B-4449-BF97-66CDAA200433} - hxxps://ampf.ez-data.com/java/downloads/SOConfig6.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www2.snapfish.com/SnapfishActivia.cab
DPF: {75AA409D-05F9-4F27-BD53-C7339D4B1D0A} - hxxps://webmail1.advisorcompass.com/dwa85W.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} - hxxp://ak.imgag.com/imgag/cp/install/Crusher.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {D22621D3-E219-4B03-AF3E-5E8AEF7CC70B} - hxxps://ampf.ez-data.com/java/downloads/SmartOfficeLink6.cab
DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxps://webmail.advisorcompass.com/whalecom3edc1568260bc9221b9eda9391f6f19e3e/whalecom0/dwa7W.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{4B095617-0EB0-4487-A865-110E53013B50} : DhcpNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\natty\application data\mozilla\firefox\profiles\dqoxfth4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=mkg030&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/?ilc=8
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mkg030&p=
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\natty\application data\electronic arts\game face\npGameFacePlugin.dll
FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\mcafee\supportability\mvt\NPMVTPlugin.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-1-27 464304]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2011-1-27 89792]
R2 ACEDRV08;ACEDRV08;c:\windows\system32\drivers\ACEDRV08.sys [2008-11-3 108768]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-11-20 93320]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 214904]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 214904]
R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-1-27 166288]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-1-27 161632]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-1-27 151880]
R2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\nitro pdf\reader\NitroPDFReaderDriverService.exe [2010-12-3 196912]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-10-12 24652]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-1-27 57600]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-1-27 180848]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-1-27 59456]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-1-27 340920]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2011-1-27 83856]
R3 rt2870;LevelOne WUA-0600 N_Max Wireless USB Adapter Driver;c:\windows\system32\drivers\rt2870.sys [2009-1-27 517632]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-6-25 40776]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2011-1-27 83856]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-1-27 87656]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-7 253600]
S4 AntUpdaterService;Ant Toolbar updater service;c:\program files\ant.com\ie add-on\AntUpdaterService.exe [2011-6-29 520216]
S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\magix\common\database\bin\fbserver.exe [2008-11-3 1527900]
S4 gupdate1c9af33d297c748;Google Update Service (gupdate1c9af33d297c748);c:\program files\google\update\GoogleUpdate.exe [2009-3-27 133104]
S4 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-3-27 133104]
S4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-1 113120]
S4 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2011-4-22 92592]
S4 UPnPService;UPnPService;c:\program files\common files\magix shared\upnpservice\UPnPService.exe [2008-11-3 544768]
.
=============== Created Last 30 ================
.
2012-07-03 22:35:28 6762896 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5805f228-6778-4f28-b492-22c3aef0436c}\mpengine.dll
2012-06-27 12:12:29 6762896 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-06-26 02:09:14 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-06-26 00:54:40 521728 ------w- c:\windows\system32\dllcache\jsdbgui.dll
2012-06-26 00:24:24 -------- d-sha-r- C:\cmdcons
2012-06-26 00:22:27 98816 ----a-w- c:\windows\sed.exe
2012-06-26 00:22:27 518144 ----a-w- c:\windows\SWREG.exe
2012-06-26 00:22:27 256000 ----a-w- c:\windows\PEV.exe
2012-06-26 00:22:27 208896 ----a-w- c:\windows\MBR.exe
2012-06-25 23:49:09 -------- d-----w- c:\windows\system32\1033
2012-06-18 03:41:08 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
2012-06-18 03:41:08 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
2012-06-14 22:22:35 -------- d-----w- c:\program files\GPLGS
2012-06-14 22:14:20 88656 ----a-w- c:\windows\system32\cpwmon2k.dll
2012-06-14 22:14:18 -------- d-----w- c:\program files\Acro Software
2012-06-14 22:13:08 -------- d-----w- c:\program files\Ask.com
2012-06-14 22:12:59 -------- d-----w- c:\documents and settings\natty\local settings\application data\AskToolbar
2012-06-14 22:12:47 -------- d-----w- c:\documents and settings\natty\local settings\application data\APN
2012-06-11 22:53:09 -------- d-----w- c:\documents and settings\all users\application data\PCPitstop
2012-06-10 00:31:49 -------- d-----w- c:\documents and settings\natty\local settings\application data\PCHealth
2012-06-10 00:23:54 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-06-10 00:23:54 -------- d-----w- c:\windows\system32\wbem\Repository
2012-06-09 20:43:35 -------- d-----w- c:\program files\Microsoft Security Client
.
==================== Find3M ====================
.
2012-06-02 19:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 19:18:58 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 19:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-30 12:07:14 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-05-30 12:07:13 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 14:42:33 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38:02 385024 ----a-w- c:\windows\system32\html.iec
2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-07 17:45:51 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-07 17:45:50 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2010-02-11 19:34:10 203776 --sh--w- c:\windows\system32\unrar.exe
.
============= FINISH: 21:48:27.90 ===============

Thanks. Seems rather minor, but it had gotten to the point where just trying to use the web was a struggle. Problems that exist still include:

-most of my System Tools are gone or disabled including Help & Support and System Restore. This includes trying to run System Restore in Safe Mode.
-My Network Connections window is now blank and refuses to detect networks.
-I am able to connect to the internet, but it takes effort by logging into the wireless network multiple times using the program for my modem.

#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,223 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:01 PM

Posted 04 July 2012 - 08:42 AM

Your logs are clean.

-all of my System Tools are gone or disabled including Help & Support and System Restore


Download and run the AccRestore program from this site.
Restore shortcuts to the Accessories group
http://windowsxp.mvps.org/Accessories.htm
===


-My Network Connections window is now blank and refuses to detect networks.
-I am able to connect to the internet, but it takes effort by logging into the wireless network multiple times using the program for my modem.


A number of issues are covered in this Microsoft article.

How to troubleshoot missing network connections icons in Windows Server 2003 and in Windows XP
http://support.microsoft.com/?kbid=825826

If at any time you need instructions before proceeding with a fix please ask.
===

Keep me posted.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users