Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I am unable to open programs normally


  • This topic is locked This topic is locked
14 replies to this topic

#1 richajx09

richajx09

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:59 AM

Posted 23 July 2012 - 12:50 PM

Yesterday, I downloaded Xpadder 5.3. The only way I can run programs is by right clicking, clicking "Run as..." and deselecting "Protect my computer and data from unauthorized program activity." However, even doing this, I cannot run Internet Explorer and I have to use Google Chrome. Normally, when I am connected to the internet, I have four green bars. Now, these bars are blue. I have already tried System Restore to two different prior points in time, both of which did nothing. Is this a virus or something else? I appreciate any help.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:59 AM

Posted 23 July 2012 - 08:35 PM

Hello, what is you Operating system and browser?
Can you run these?

Please download exeHelper to your desktop.
Double-click on exeHelper.com to run the fix.
A black window should pop up, press any key to close once the fix is completed.
Post the contents of exehelperlog.txt (Will be created in the directory where you ran exeHelper.com, and should open at the end of the scan)
Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).


Then.....

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 richajx09

richajx09
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:59 AM

Posted 24 July 2012 - 12:17 AM

I have Windows XP Professional Service Pack 3. I normally use Internet Explorer, but am now using Google Chrome because I cannot use Internet Explorer due to this problem.

This is the exehelper log:

exeHelper by Raktor
Build 20100414
Run at 23:16:30 on 07/23/12
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--


This is the MiniToolBox result:


MiniToolBox by Farbar Version: 23-07-2012
Ran by Jared Richard (administrator) on 23-07-2012 at 23:19:08
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: :0

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
Intel® 82567LM Gigabit Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : DH909KK1

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : hsd1.pa.comcast.net.



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . : hsd1.pa.comcast.net.

Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card

Physical Address. . . . . . . . . : 00-25-56-A0-F7-49

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.101

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 75.75.76.76

75.75.75.75

Lease Obtained. . . . . . . . . . : Monday, July 23, 2012 3:03:59 PM

Lease Expires . . . . . . . . . . : Tuesday, July 24, 2012 3:03:59 PM



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Intel® 82567LM Gigabit Network Connection

Physical Address. . . . . . . . . : 00-24-E8-A6-92-90

Server: cdns02.comcast.net
Address: 75.75.76.76

Name: google.com
Addresses: 74.125.226.225, 74.125.226.233, 74.125.226.238, 74.125.226.226
74.125.226.228, 74.125.226.230, 74.125.226.231, 74.125.226.227, 74.125.226.224
74.125.226.232, 74.125.226.229



Pinging google.com [74.125.226.226] with 32 bytes of data:



Reply from 74.125.226.226: bytes=32 time=30ms TTL=54

Reply from 74.125.226.226: bytes=32 time=29ms TTL=54



Ping statistics for 74.125.226.226:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 29ms, Maximum = 30ms, Average = 29ms

Server: cdns02.comcast.net
Address: 75.75.76.76

Name: yahoo.com
Addresses: 72.30.38.140, 98.139.183.24, 209.191.122.70



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=77ms TTL=49

Reply from 209.191.122.70: bytes=32 time=74ms TTL=49



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 74ms, Maximum = 77ms, Average = 75ms

Server: cdns02.comcast.net
Address: 75.75.76.76

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 25 56 a0 f7 49 ...... Dell Wireless 1397 WLAN Mini-Card - Packet Scheduler Miniport
0x3 ...00 24 e8 a6 92 90 ...... Intel® 82567LM Gigabit Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.101 192.168.1.101 25
192.168.1.101 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.101 192.168.1.101 25
224.0.0.0 240.0.0.0 192.168.1.101 192.168.1.101 25
255.255.255.255 255.255.255.255 192.168.1.101 192.168.1.101 1
255.255.255.255 255.255.255.255 192.168.1.101 3 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/23/2012 04:37:43 AM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.

Error: (07/23/2012 04:37:39 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (07/22/2012 11:19:57 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (07/22/2012 11:06:04 PM) (Source: Wave TCG Client Services) (User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM

Error: (07/22/2012 11:05:21 PM) (Source: STacSV) (User: NT AUTHORITY)NT AUTHORITY
Description: Connection to the Storage interface failed

Error: (07/22/2012 10:54:23 PM) (Source: Wave TCG Client Services) (User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM

Error: (07/22/2012 10:53:34 PM) (Source: STacSV) (User: NT AUTHORITY)NT AUTHORITY
Description: Connection to the Storage interface failed

Error: (07/22/2012 10:50:09 PM) (Source: Wave TCG Client Services) (User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM

Error: (07/22/2012 10:49:15 PM) (Source: STacSV) (User: NT AUTHORITY)NT AUTHORITY
Description: Connection to the Storage interface failed

Error: (07/22/2012 10:33:51 PM) (Source: Wave TCG Client Services) (User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM


System errors:
=============
Error: (07/22/2012 11:04:27 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (07/22/2012 11:01:58 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (07/22/2012 11:01:20 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Avgldx86
Avgmfx86
Fips
intelppm

Error: (07/22/2012 10:09:17 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).

Error: (07/22/2012 09:14:56 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (07/22/2012 09:14:31 PM) (Source: Service Control Manager) (User: )
Description: The Smith Micro Connection Manager Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/22/2012 09:14:12 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (07/22/2012 09:13:20 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:
%%1056

Error: (07/22/2012 08:37:03 PM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (07/21/2012 10:43:17 PM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 6.1.1)
Acrobat.com (Version: 1.7.186)
Ad-Aware (Version: 9.0.6)
Ad-Aware (Version: 9.5.0)
Adobe AIR (Version: 1.5.2.8870)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Reader 9.1 (Version: 9.1.0)
All Day Battery Life Configuration (Version: 1.1.0)
Ask Toolbar (Version: 1.12.5.0)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
AVG PC Tuneup 2011 (Version: 10.0.0.22)
B209a-m (Version: 130.0.373.000)
BIG-IP Edge Client Components (All Users) (Version: 70.2011.0622.1118)
Bing Bar (Version: 7.0.614.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
BioAPI Framework (Version: 1.0.1)
biolsp patch (Version: 01.00.02.0005)
Bradford Persistent Agent (Version: 2.2.1.4)
Breath of Death VII
Broadcom USH Host Components (Version: 1.7.208.6)
BufferChm (Version: 130.0.331.000)
C4600 (Version: 120.0.235.000)
CambridgeSoft Activation Client (Version: 12.0)
CambridgeSoft ChemDraw Pro 12.0 (Version: 12.0)
Choice Guard (Version: 1.2.87.0)
Crack DAT PAT 2011-2012 (Version: 2011-2012)
Crack DAT Reading 2011-2012 (Version: 2011-2012)
Cthulhu Saves the World
DCP32MMWrapper (Version: 1.6.211.25)
Dell Control Point (Version: 1.6.211.25)
Dell ControlPoint Connection Manager (Version: 1.2.3)
Dell ControlPoint Security Manager (Version: 1.6.211.25)
Dell ControlPoint System Manager (Version: 1.2.01000)
Dell Embassy Trust Suite by Wave Systems (Version: 03.03.02.007)
Dell Security Device Driver Pack (Version: 1.02.35)
Dell Touchpad (Version: 7.2.101.216)
Dell Wireless WLAN Card Utility (Version: 4.170.77.16)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.372.000)
Document Manager Lite (Version: 06.09.00.082)
DriverAgent by eSupport.com
EA SPORTS online 2006
EMBASSY Security Center (Version: 03.09.00.075)
EMBASSY Security Setup (Version: 03.09.00.077)
ESC Home Page Plugin (Version: 03.04.00.023)
Far Cry (Version: 1.00.0000)
Gemalto (Version: 01.01.00.0000)
Google Chrome (Version: 20.0.1132.57)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
GPBaseService2 (Version: 130.0.371.000)
Grand Theft Auto: San Andreas
Hitman 2: Silent Assassin
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart C4600 All-In-One Driver Software 12.0 Rel .5 (Version: 12.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Plus B209a-m All-In-One Driver Software 13.0 Rel .6 (Version: 13.0)
HP Print Projects 1.0 (Version: 1.0)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
hpPrintProjects (Version: 130.0.303.000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
hpWLPGInstaller (Version: 130.0.303.000)
Intel® Graphics Media Accelerator Driver
Intel® Network Connections 13.0.42.0 (Version: 13.0.42.0)
Intel® PRO Alerting Agent (Version: 12.0.3)
Intel® Matrix Storage Manager
Japanese Fonts Support For Adobe Reader 9 (Version: 9.0.0)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 14.0.8050.1202)
Madden NFL 06
Mafia
MarketResearch (Version: 130.0.374.000)
Medal of Honor Allied Assault
Medal of Honor Allied Assault™ Breakthrough
Medal of Honor Allied Assault™ Spearhead
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Runtime (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
NBA Live 2003
Network (Version: 130.0.572.000)
NTRU TCG Software Stack (Version: 2.1.29)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PC Speed Maximizer v3.0 (Version: 3.0)
PowerDVD DX (Version: 8.2.5024)
Preboot Manager (Version: 02.09.00.028)
Private Information Manager (Version: 06.04.00.042)
PS_AIO_05_C4600_Software_Min (Version: 120.0.235.000)
PS_AIO_06_B209a-m_SW_Min (Version: 130.0.373.000)
Psychonauts
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.5.0)
Roxio Creator BDAV Plugin (Version: 3.5.0)
Roxio Creator Copy (Version: 3.5.0)
Roxio Creator Data (Version: 3.5.0)
Roxio Creator DE (Version: 3.5.0)
Roxio Creator Tools (Version: 3.5.0)
Roxio Drag-to-Disc (Version: 9.1)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Scan (Version: 13.0.0.0)
Secure Update (Version: 05.07.00.017)
Security Wizards (Version: 01.07.00.014)
Segoe UI (Version: 14.0.4327.805)
Shop for HP Supplies (Version: 13.0)
SmartWebPrinting (Version: 130.0.373.000)
SO32MMWrapper (Version: 1.6.211.25)
SolutionCenter (Version: 130.0.373.000)
Sonic CinePlayer Decoder Pack (Version: 4.2.0)
SRS Premium Sound (Version: 1.08.1400)
Status (Version: 130.0.373.000)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
The Binding of Isaac
Tom Clancy's Splinter Cell Chaos Theory (Version: 1.05.157)
Tomb Raider: Anniversary
Tomb Raider: Legend
Toolbox (Version: 130.0.648.000)
TopScore Pro for the DAT (Version: 07.20.19)
TrayApp (Version: 130.0.376.000)
Trusted Drive Manager (Version: 3.0.1.16)
tsp patch (Version: 01.00.00.0000)
UnloadSupport (Version: 11.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB972636) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Vampire: The Masquerade - Bloodlines
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Wave Infrastructure Installer (Version: 06.01.52.0025)
Wave Support Software (Version: 05.10.00.032)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 130.0.132.017)
Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5) (Version: 01/07/2008 1.0.1.5)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Photo Gallery (Version: 14.0.8051.1204)
Windows Live Sign-in Assistant (Version: 5.000.818.6)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8050.1202)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation (Version: 3.0.6920.0)
XML Paper Specification Shared Components Pack 1.0
Yahoo! Toolbar

========================= Devices: ================================

Name: Plus B209a-m,192.168.1.107
Description: Photosmart Plus B209a-m
Class Guid: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 3023.83 MB
Available physical RAM: 1458.34 MB
Total Pagefile: 4908.97 MB
Available Pagefile: 3233.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.78 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:148.86 GB) (Free:34.74 GB) NTFS
2 Drive d: (MADDEN06) (CDROM) (Total:0.68 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\DH909KK1

Administrator ASPNET Guest
HelpAssistant Jared Richard SUPPORT_388945a0


**** End of log ****


Here is the Malwarebytes log:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.24.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jared Richard :: DH909KK1 [administrator]

Protection: Enabled

7/23/2012 11:31:59 PM
mbam-log-2012-07-23 (23-31-59).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 254604
Time elapsed: 54 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 39
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CLSID\{22222222-2222-2222-2222-220022222258} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CLSID\{33333333-3333-3333-3333-330033223358} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CLSID\{7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} (PUP.BlekkoSearchBar) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D9E1ADC-7DB1-4EAF-B6C7-7E062074E6BE} (PUP.BlekkoSearchBar) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7D9E1ADC-7DB1-4EAF-B6C7-7E062074E6BE} (PUP.BlekkoSearchBar) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D9E1ADC-7DB1-4EAF-B6C7-7E062074E6BE} (PUP.BlekkoSearchBar) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D9E1ADC-7DB1-4EAF-B6C7-7E062074E6BE} (PUP.BlekkoSearchBar) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.FBApi (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.FBApi.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.Sandbox (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.Sandbox.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCU\Software\Cr_Installer\2258 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\I WANT THIS (PUP.GamesPlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.

Registry Values Detected: 4
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{7D9E1ADC-7DB1-4EAF-B6C7-7E062074E6BE} (PUP.BlekkoSearchBar) -> Data: Blekko search bar -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} (PUP.BlekkoSearchBar) -> Data: -> Quarantined and deleted successfully.
HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 5910e21c57b21c5cf929f228e2e3c3cb -> Quarantined and deleted successfully.
HKCU\Software\I Want This|HelperRunningVersion (PUP.GamesPlayLab) -> Data: 149 -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 2
C:\Documents and Settings\Jared Richard\Local Settings\Application Data\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jared Richard\Local Settings\Application Data\I Want This\Chrome (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Files Detected: 3
C:\Documents and Settings\Jared Richard\Local Settings\Temp\air6FE.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jared Richard\Local Settings\Temporary Internet Files\Content.IE5\KZ9AB933\IWantThis_new[1].exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jared Richard\Local Settings\Application Data\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.

(end)



Thanks very much for your help.

#4 richajx09

richajx09
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:59 AM

Posted 24 July 2012 - 12:29 AM

I restarted my computer and I still have the problem.

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:59 AM

Posted 24 July 2012 - 01:25 PM

Lets use ...
Download FixExec.exe to your desktop.
Double click on the downloaded file to run the fix.
When the program has finished, it will generate a log on the desktop called FixExec.exe.
Post the log in your next reply.

NOTE: If for any reason you're not able to execute FixExec.exe rename it to FixExec.com, FixExec.pif or FixExec.scr.




Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 richajx09

richajx09
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:59 AM

Posted 24 July 2012 - 08:13 PM

Here is the FixExec log:


FixExec by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about FixExec can be found at this link:
http://www.bleepingcomputer.com/download/windows/utilities/fixexec

Program started at: 07/24/2012 09:07:05 PM in x86 mode.
Windows Version: Windows XP

Checking for processes to terminate before fixing executable associations.
* C:\Documents and Settings\Jared Richard\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (5952) [Terminated].
* C:\Documents and Settings\Jared Richard\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (1776) [Terminated].
* C:\Documents and Settings\Jared Richard\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (5140) [Terminated].
* C:\Documents and Settings\Jared Richard\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (484) [Terminated].
* C:\Documents and Settings\Jared Richard\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (1152) [Terminated].
* C:\Documents and Settings\Jared Richard\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (5640) [Terminated].

6 proccesses terminated!

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.


Program finished at: 07/24/2012 09:07:19 PM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)



Here is the TDSSkiller report:


21:10:12.0156 5684 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
21:10:12.0421 5684 ============================================================
21:10:12.0421 5684 Current date / time: 2012/07/24 21:10:12.0421
21:10:12.0421 5684 SystemInfo:
21:10:12.0421 5684
21:10:12.0421 5684 OS Version: 5.1.2600 ServicePack: 3.0
21:10:12.0421 5684 Product type: Workstation
21:10:12.0421 5684 ComputerName: DH909KK1
21:10:12.0421 5684 UserName: Jared Richard
21:10:12.0421 5684 Windows directory: C:\WINDOWS
21:10:12.0421 5684 System windows directory: C:\WINDOWS
21:10:12.0421 5684 Processor architecture: Intel x86
21:10:12.0421 5684 Number of processors: 2
21:10:12.0421 5684 Page size: 0x1000
21:10:12.0421 5684 Boot type: Normal boot
21:10:12.0421 5684 ============================================================
21:10:12.0859 5684 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:10:12.0859 5684 ============================================================
21:10:12.0859 5684 \Device\Harddisk0\DR0:
21:10:12.0859 5684 MBR partitions:
21:10:12.0859 5684 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x5E218, BlocksNum 0x129BA8A9
21:10:12.0859 5684 ============================================================
21:10:12.0906 5684 C: <-> \Device\Harddisk0\DR0\Partition0
21:10:12.0906 5684 ============================================================
21:10:12.0906 5684 Initialize success
21:10:12.0906 5684 ============================================================
21:10:32.0093 5400 ============================================================
21:10:32.0093 5400 Scan started
21:10:32.0093 5400 Mode: Manual; TDLFS;
21:10:32.0093 5400 ============================================================
21:10:33.0937 5400 Abiosdsk - ok
21:10:34.0000 5400 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
21:10:34.0000 5400 abp480n5 - ok
21:10:34.0031 5400 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:10:34.0031 5400 ACPI - ok
21:10:34.0046 5400 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
21:10:34.0046 5400 ACPIEC - ok
21:10:34.0093 5400 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:10:34.0109 5400 AdobeFlashPlayerUpdateSvc - ok
21:10:34.0156 5400 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
21:10:34.0156 5400 adpu160m - ok
21:10:34.0218 5400 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:10:34.0218 5400 aec - ok
21:10:34.0265 5400 AESTAud (f21d5e93a94514be9f5b6ebf74a696b2) C:\WINDOWS\system32\drivers\AESTAud.sys
21:10:34.0265 5400 AESTAud - ok
21:10:34.0328 5400 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:10:34.0328 5400 AFD - ok
21:10:34.0343 5400 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
21:10:34.0343 5400 agp440 - ok
21:10:34.0343 5400 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
21:10:34.0343 5400 agpCPQ - ok
21:10:34.0359 5400 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
21:10:34.0359 5400 Aha154x - ok
21:10:34.0359 5400 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
21:10:34.0375 5400 aic78u2 - ok
21:10:34.0375 5400 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
21:10:34.0375 5400 aic78xx - ok
21:10:34.0421 5400 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
21:10:34.0421 5400 Alerter - ok
21:10:34.0437 5400 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
21:10:34.0437 5400 ALG - ok
21:10:34.0453 5400 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
21:10:34.0453 5400 AliIde - ok
21:10:34.0453 5400 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
21:10:34.0453 5400 alim1541 - ok
21:10:34.0468 5400 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
21:10:34.0468 5400 amdagp - ok
21:10:34.0500 5400 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
21:10:34.0515 5400 amsint - ok
21:10:34.0578 5400 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
21:10:34.0578 5400 ApfiltrService - ok
21:10:34.0609 5400 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
21:10:34.0625 5400 AppMgmt - ok
21:10:34.0656 5400 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:10:34.0656 5400 Arp1394 - ok
21:10:34.0656 5400 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
21:10:34.0656 5400 asc - ok
21:10:34.0671 5400 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
21:10:34.0671 5400 asc3350p - ok
21:10:34.0671 5400 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
21:10:34.0671 5400 asc3550 - ok
21:10:34.0843 5400 ASFAgent (9ad6ef4d591211a93848103368125b41) C:\Program Files\Intel\ASF Agent\ASFAgent.exe
21:10:34.0843 5400 ASFAgent - ok
21:10:34.0953 5400 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:10:34.0984 5400 aspnet_state - ok
21:10:35.0015 5400 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:10:35.0015 5400 AsyncMac - ok
21:10:35.0062 5400 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:10:35.0062 5400 atapi - ok
21:10:35.0062 5400 Atdisk - ok
21:10:35.0078 5400 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:10:35.0078 5400 Atmarpc - ok
21:10:35.0125 5400 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
21:10:35.0140 5400 AudioSrv - ok
21:10:35.0187 5400 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:10:35.0187 5400 audstub - ok
21:10:35.0390 5400 AVG Security Toolbar Service (3a457c2f798cad79cd30224e723e01fb) C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
21:10:35.0437 5400 AVG Security Toolbar Service - ok
21:10:36.0156 5400 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
21:10:36.0187 5400 AVGIDSAgent - ok
21:10:36.0359 5400 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
21:10:36.0359 5400 AVGIDSDriver - ok
21:10:36.0390 5400 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
21:10:36.0390 5400 AVGIDSFilter - ok
21:10:36.0421 5400 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\WINDOWS\system32\DRIVERS\avgidshx.sys
21:10:36.0421 5400 AVGIDSHX - ok
21:10:36.0437 5400 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
21:10:36.0437 5400 AVGIDSShim - ok
21:10:36.0468 5400 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
21:10:36.0484 5400 Avgldx86 - ok
21:10:36.0484 5400 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
21:10:36.0484 5400 Avgmfx86 - ok
21:10:36.0500 5400 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
21:10:36.0546 5400 Avgrkx86 - ok
21:10:36.0562 5400 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
21:10:36.0578 5400 Avgtdix - ok
21:10:36.0703 5400 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
21:10:36.0718 5400 avgwd - ok
21:10:36.0796 5400 BBSvc (dbf43db0c648db9101d61041e00df5c4) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
21:10:36.0796 5400 BBSvc - ok
21:10:36.0937 5400 BCM43XX (9208c78bd9283f79a30252ad954c77a2) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
21:10:37.0000 5400 BCM43XX - ok
21:10:37.0046 5400 BCMWLNPF (8c31c9db77ed6143ad09dc5fd2c9d9cc) C:\WINDOWS\system32\drivers\bcmwlnpf.sys
21:10:37.0046 5400 BCMWLNPF - ok
21:10:37.0109 5400 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:10:37.0109 5400 Beep - ok
21:10:37.0203 5400 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
21:10:37.0218 5400 BITS - ok
21:10:37.0468 5400 BNPagent (57f169b48f86d9ec3bc5f8bf1952b959) C:\Program Files\Bradford Networks\Persistent Agent\bndaemon.exe
21:10:37.0484 5400 BNPagent - ok
21:10:39.0062 5400 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
21:10:39.0078 5400 Browser - ok
21:10:39.0187 5400 buttonsvc32 (81a395aab3c606d5f1667cc5fc02b3d2) C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
21:10:39.0203 5400 buttonsvc32 - ok
21:10:39.0265 5400 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
21:10:39.0265 5400 cbidf - ok
21:10:39.0265 5400 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:10:39.0265 5400 cbidf2k - ok
21:10:39.0281 5400 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
21:10:39.0281 5400 cd20xrnt - ok
21:10:39.0328 5400 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:10:39.0328 5400 Cdaudio - ok
21:10:39.0343 5400 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:10:39.0343 5400 Cdfs - ok
21:10:39.0375 5400 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:10:39.0390 5400 Cdrom - ok
21:10:39.0390 5400 Changer - ok
21:10:39.0437 5400 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
21:10:39.0437 5400 CiSvc - ok
21:10:39.0453 5400 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
21:10:39.0453 5400 ClipSrv - ok
21:10:39.0796 5400 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:10:39.0843 5400 clr_optimization_v2.0.50727_32 - ok
21:10:40.0203 5400 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:10:40.0234 5400 clr_optimization_v4.0.30319_32 - ok
21:10:40.0281 5400 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
21:10:40.0296 5400 CmBatt - ok
21:10:40.0312 5400 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
21:10:40.0312 5400 CmdIde - ok
21:10:40.0343 5400 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
21:10:40.0359 5400 Compbatt - ok
21:10:40.0359 5400 COMSysApp - ok
21:10:40.0390 5400 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
21:10:40.0390 5400 Cpqarray - ok
21:10:40.0500 5400 Credential Vault Host Control Service (85d37efa93b2267ab6abf8a54735ab22) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
21:10:40.0515 5400 Credential Vault Host Control Service - ok
21:10:40.0531 5400 Credential Vault Host Storage (97ccce5d6e54a044636a6c7552fa59e5) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
21:10:40.0531 5400 Credential Vault Host Storage - ok
21:10:40.0593 5400 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
21:10:40.0593 5400 CryptSvc - ok
21:10:40.0656 5400 cvusbdrv (a95d9b8d882adf93ef40d7dc9b9bb508) C:\WINDOWS\system32\Drivers\cvusbdrv.sys
21:10:40.0656 5400 cvusbdrv - ok
21:10:40.0687 5400 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
21:10:40.0703 5400 dac2w2k - ok
21:10:40.0703 5400 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
21:10:40.0718 5400 dac960nt - ok
21:10:40.0781 5400 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
21:10:40.0781 5400 DcomLaunch - ok
21:10:40.0953 5400 dcpsysmgrsvc (eb8c5e4996f91808fb7ca297b903208b) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
21:10:40.0953 5400 dcpsysmgrsvc - ok
21:10:41.0031 5400 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
21:10:41.0031 5400 Dhcp - ok
21:10:41.0093 5400 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:10:41.0093 5400 Disk - ok
21:10:41.0125 5400 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
21:10:41.0125 5400 DLABMFSM - ok
21:10:41.0171 5400 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
21:10:41.0171 5400 DLABOIOM - ok
21:10:41.0171 5400 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
21:10:41.0218 5400 DLACDBHM - ok
21:10:41.0218 5400 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS
21:10:41.0218 5400 DLADResM - ok
21:10:41.0234 5400 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
21:10:41.0234 5400 DLAIFS_M - ok
21:10:41.0250 5400 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
21:10:41.0250 5400 DLAOPIOM - ok
21:10:41.0250 5400 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
21:10:41.0250 5400 DLAPoolM - ok
21:10:41.0250 5400 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
21:10:41.0265 5400 DLARTL_M - ok
21:10:41.0265 5400 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
21:10:41.0265 5400 DLAUDFAM - ok
21:10:41.0281 5400 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
21:10:41.0281 5400 DLAUDF_M - ok
21:10:41.0281 5400 dmadmin - ok
21:10:41.0359 5400 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
21:10:41.0406 5400 dmboot - ok
21:10:41.0437 5400 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
21:10:41.0437 5400 dmio - ok
21:10:41.0437 5400 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:10:41.0437 5400 dmload - ok
21:10:41.0453 5400 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
21:10:41.0453 5400 dmserver - ok
21:10:41.0500 5400 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:10:41.0500 5400 DMusic - ok
21:10:41.0562 5400 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
21:10:41.0562 5400 Dnscache - ok
21:10:41.0593 5400 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
21:10:41.0593 5400 Dot3svc - ok
21:10:41.0625 5400 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
21:10:41.0625 5400 dpti2o - ok
21:10:41.0656 5400 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:10:41.0656 5400 drmkaud - ok
21:10:41.0687 5400 DrvAgent32 (651554e483712b708ede864d0ca1aa73) C:\WINDOWS\system32\Drivers\DrvAgent32.sys
21:10:41.0687 5400 DrvAgent32 - ok
21:10:41.0734 5400 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
21:10:41.0734 5400 DRVMCDB - ok
21:10:41.0765 5400 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
21:10:41.0765 5400 DRVNDDM - ok
21:10:41.0812 5400 e1yexpress (10cbd2b278ce365b41de378632cb5ddb) C:\WINDOWS\system32\DRIVERS\e1y5132.sys
21:10:41.0828 5400 e1yexpress - ok
21:10:41.0859 5400 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
21:10:41.0859 5400 EapHost - ok
21:10:41.0906 5400 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
21:10:41.0906 5400 ERSvc - ok
21:10:41.0968 5400 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
21:10:41.0968 5400 Eventlog - ok
21:10:42.0156 5400 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
21:10:42.0156 5400 EventSystem - ok
21:10:42.0203 5400 f5ipfw (c0b3a7198357d2e09b4b6130d45a0f71) C:\WINDOWS\system32\drivers\urfltw2k.sys
21:10:42.0203 5400 f5ipfw - ok
21:10:42.0234 5400 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:10:42.0250 5400 Fastfat - ok
21:10:42.0296 5400 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
21:10:42.0296 5400 FastUserSwitchingCompatibility - ok
21:10:42.0375 5400 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
21:10:42.0390 5400 Fax - ok
21:10:42.0406 5400 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
21:10:42.0421 5400 Fdc - ok
21:10:42.0437 5400 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
21:10:42.0437 5400 Fips - ok
21:10:42.0453 5400 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
21:10:42.0453 5400 Flpydisk - ok
21:10:42.0468 5400 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:10:42.0468 5400 FltMgr - ok
21:10:42.0609 5400 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:10:42.0609 5400 FontCache3.0.0.0 - ok
21:10:42.0609 5400 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:10:42.0609 5400 Fs_Rec - ok
21:10:42.0671 5400 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:10:42.0671 5400 Ftdisk - ok
21:10:42.0687 5400 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:10:42.0687 5400 Gpc - ok
21:10:42.0859 5400 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
21:10:42.0859 5400 gupdate - ok
21:10:42.0859 5400 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
21:10:42.0859 5400 gupdatem - ok
21:10:42.0937 5400 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
21:10:42.0937 5400 gusvc - ok
21:10:43.0000 5400 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:10:43.0000 5400 HDAudBus - ok
21:10:43.0093 5400 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:10:43.0093 5400 helpsvc - ok
21:10:43.0140 5400 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
21:10:43.0140 5400 HidServ - ok
21:10:43.0187 5400 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:10:43.0187 5400 hidusb - ok
21:10:43.0218 5400 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
21:10:43.0218 5400 hkmsvc - ok
21:10:43.0234 5400 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
21:10:43.0234 5400 hpn - ok
21:10:43.0312 5400 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
21:10:43.0328 5400 hpqcxs08 - ok
21:10:43.0375 5400 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
21:10:43.0375 5400 hpqddsvc - ok
21:10:43.0453 5400 HPSLPSVC (79737e0f7d25de8405cb34d4c9882253) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
21:10:43.0468 5400 HPSLPSVC - ok
21:10:43.0515 5400 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
21:10:43.0515 5400 HPZid412 - ok
21:10:43.0531 5400 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
21:10:43.0531 5400 HPZipr12 - ok
21:10:43.0546 5400 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:10:43.0546 5400 HPZius12 - ok
21:10:43.0609 5400 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:10:43.0609 5400 HTTP - ok
21:10:43.0656 5400 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
21:10:43.0656 5400 HTTPFilter - ok
21:10:43.0687 5400 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
21:10:43.0687 5400 i2omgmt - ok
21:10:43.0734 5400 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
21:10:43.0734 5400 i2omp - ok
21:10:43.0781 5400 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:10:43.0781 5400 i8042prt - ok
21:10:43.0906 5400 IAANTMON (52e8a3cc8269adb27d25182284c5e650) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:10:43.0906 5400 IAANTMON - ok
21:10:44.0203 5400 ialm (3b743262b6456167888d15f1121b3bf7) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
21:10:44.0359 5400 ialm - ok
21:10:44.0531 5400 iaStor (71ecc07bc7c5e24c3dd01d8a29a24054) C:\WINDOWS\system32\drivers\iaStor.sys
21:10:44.0531 5400 iaStor - ok
21:10:44.0734 5400 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:10:44.0765 5400 idsvc - ok
21:10:44.0796 5400 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:10:44.0796 5400 Imapi - ok
21:10:44.0843 5400 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
21:10:44.0843 5400 ImapiService - ok
21:10:44.0875 5400 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
21:10:44.0875 5400 ini910u - ok
21:10:44.0921 5400 IntcHdmiAddService (f32a62c765885bd8e4352a1565f702a6) C:\WINDOWS\system32\drivers\IntcHdmi.sys
21:10:44.0921 5400 IntcHdmiAddService - ok
21:10:44.0921 5400 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
21:10:44.0937 5400 IntelIde - ok
21:10:44.0953 5400 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:10:44.0953 5400 intelppm - ok
21:10:44.0984 5400 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:10:44.0984 5400 Ip6Fw - ok
21:10:44.0984 5400 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:10:44.0984 5400 IpFilterDriver - ok
21:10:45.0000 5400 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:10:45.0000 5400 IpInIp - ok
21:10:45.0031 5400 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:10:45.0031 5400 IpNat - ok
21:10:45.0046 5400 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:10:45.0078 5400 IPSec - ok
21:10:45.0109 5400 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:10:45.0125 5400 IRENUM - ok
21:10:45.0171 5400 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:10:45.0171 5400 isapnp - ok
21:10:45.0343 5400 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
21:10:45.0343 5400 JavaQuickStarterService - ok
21:10:45.0406 5400 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:10:45.0406 5400 Kbdclass - ok
21:10:45.0468 5400 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:10:45.0484 5400 kbdhid - ok
21:10:45.0546 5400 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:10:45.0546 5400 kmixer - ok
21:10:45.0609 5400 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:10:45.0609 5400 KSecDD - ok
21:10:45.0671 5400 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
21:10:45.0671 5400 LanmanServer - ok
21:10:45.0734 5400 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
21:10:45.0750 5400 lanmanworkstation - ok
21:10:45.0984 5400 Lavasoft Ad-Aware Service (ed60ffd305ac0424920d146db9f9ed78) C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
21:10:46.0000 5400 Lavasoft Ad-Aware Service - ok
21:10:46.0125 5400 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
21:10:46.0125 5400 Lavasoft Kernexplorer - ok
21:10:46.0250 5400 lbrtfdc - ok
21:10:46.0312 5400 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
21:10:46.0312 5400 LmHosts - ok
21:10:46.0343 5400 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
21:10:46.0343 5400 MBAMProtector - ok
21:10:46.0406 5400 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:10:46.0406 5400 MBAMService - ok
21:10:46.0453 5400 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
21:10:46.0468 5400 Messenger - ok
21:10:46.0546 5400 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:10:46.0546 5400 Microsoft Office Groove Audit Service - ok
21:10:46.0593 5400 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:10:46.0593 5400 mnmdd - ok
21:10:46.0656 5400 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
21:10:46.0656 5400 mnmsrvc - ok
21:10:46.0671 5400 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
21:10:46.0671 5400 Modem - ok
21:10:46.0718 5400 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:10:46.0718 5400 Mouclass - ok
21:10:46.0734 5400 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:10:46.0734 5400 mouhid - ok
21:10:46.0750 5400 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:10:46.0750 5400 MountMgr - ok
21:10:46.0796 5400 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
21:10:46.0812 5400 mraid35x - ok
21:10:46.0828 5400 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:10:46.0843 5400 MRxDAV - ok
21:10:46.0921 5400 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:10:46.0984 5400 MRxSmb - ok
21:10:47.0015 5400 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
21:10:47.0031 5400 MSDTC - ok
21:10:47.0062 5400 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:10:47.0078 5400 Msfs - ok
21:10:47.0093 5400 MSIServer - ok
21:10:47.0140 5400 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:10:47.0140 5400 MSKSSRV - ok
21:10:47.0171 5400 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:10:47.0171 5400 MSPCLOCK - ok
21:10:47.0187 5400 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:10:47.0187 5400 MSPQM - ok
21:10:47.0218 5400 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:10:47.0218 5400 mssmbios - ok
21:10:47.0250 5400 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:10:47.0250 5400 Mup - ok
21:10:47.0296 5400 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
21:10:47.0296 5400 napagent - ok
21:10:47.0343 5400 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:10:47.0343 5400 NDIS - ok
21:10:47.0406 5400 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:10:47.0406 5400 NdisTapi - ok
21:10:47.0421 5400 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:10:47.0421 5400 Ndisuio - ok
21:10:47.0437 5400 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:10:47.0437 5400 NdisWan - ok
21:10:47.0484 5400 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:10:47.0484 5400 NDProxy - ok
21:10:47.0546 5400 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\WINDOWS\system32\HPZinw12.dll
21:10:47.0546 5400 Net Driver HPZ12 - ok
21:10:47.0562 5400 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:10:47.0562 5400 NetBIOS - ok
21:10:47.0578 5400 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:10:47.0578 5400 NetBT - ok
21:10:47.0640 5400 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
21:10:47.0640 5400 NetDDE - ok
21:10:47.0640 5400 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
21:10:47.0640 5400 NetDDEdsdm - ok
21:10:47.0687 5400 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:10:47.0687 5400 Netlogon - ok
21:10:47.0703 5400 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
21:10:47.0703 5400 Netman - ok
21:10:47.0859 5400 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:10:47.0859 5400 NetTcpPortSharing - ok
21:10:47.0890 5400 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:10:47.0890 5400 NIC1394 - ok
21:10:47.0953 5400 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
21:10:47.0968 5400 Nla - ok
21:10:48.0031 5400 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:10:48.0031 5400 Npfs - ok
21:10:48.0140 5400 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:10:48.0171 5400 Ntfs - ok
21:10:48.0234 5400 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:10:48.0234 5400 NtLmSsp - ok
21:10:48.0312 5400 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
21:10:48.0343 5400 NtmsSvc - ok
21:10:48.0375 5400 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:10:48.0375 5400 Null - ok
21:10:48.0390 5400 NvtSp50 - ok
21:10:48.0437 5400 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:10:48.0437 5400 NwlnkFlt - ok
21:10:48.0453 5400 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:10:48.0453 5400 NwlnkFwd - ok
21:10:48.0578 5400 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:10:48.0609 5400 odserv - ok
21:10:48.0656 5400 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:10:48.0656 5400 ohci1394 - ok
21:10:48.0718 5400 ose (99bf0b1bcadf83102cbbbea4d0d22732) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:10:48.0718 5400 ose - ok
21:10:48.0750 5400 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
21:10:48.0750 5400 Parport - ok
21:10:48.0750 5400 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:10:48.0750 5400 PartMgr - ok
21:10:48.0765 5400 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:10:48.0765 5400 ParVdm - ok
21:10:48.0781 5400 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\WINDOWS\system32\DRIVERS\PBADRV.sys
21:10:48.0781 5400 PBADRV - ok
21:10:48.0828 5400 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\WINDOWS\system32\Drivers\PCASp50.sys
21:10:48.0828 5400 PCASp50 - ok
21:10:48.0859 5400 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
21:10:48.0859 5400 PCI - ok
21:10:48.0859 5400 PCIDump - ok
21:10:48.0875 5400 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:10:48.0875 5400 PCIIde - ok
21:10:48.0906 5400 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
21:10:48.0937 5400 Pcmcia - ok
21:10:48.0937 5400 PDCOMP - ok
21:10:48.0937 5400 PDFRAME - ok
21:10:48.0953 5400 PDRELI - ok
21:10:48.0953 5400 PDRFRAME - ok
21:10:48.0984 5400 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
21:10:49.0000 5400 perc2 - ok
21:10:49.0015 5400 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
21:10:49.0015 5400 perc2hib - ok
21:10:49.0062 5400 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
21:10:49.0078 5400 PlugPlay - ok
21:10:49.0125 5400 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\WINDOWS\system32\HPZipm12.dll
21:10:49.0125 5400 Pml Driver HPZ12 - ok
21:10:49.0171 5400 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:10:49.0187 5400 PolicyAgent - ok
21:10:49.0234 5400 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:10:49.0234 5400 PptpMiniport - ok
21:10:49.0250 5400 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:10:49.0250 5400 ProtectedStorage - ok
21:10:49.0265 5400 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:10:49.0265 5400 PSched - ok
21:10:49.0328 5400 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:10:49.0328 5400 Ptilink - ok
21:10:49.0375 5400 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:10:49.0390 5400 PxHelp20 - ok
21:10:49.0421 5400 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
21:10:49.0421 5400 ql1080 - ok
21:10:49.0437 5400 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
21:10:49.0437 5400 Ql10wnt - ok
21:10:49.0468 5400 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
21:10:49.0468 5400 ql12160 - ok
21:10:49.0484 5400 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
21:10:49.0484 5400 ql1240 - ok
21:10:49.0500 5400 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
21:10:49.0515 5400 ql1280 - ok
21:10:49.0562 5400 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:10:49.0578 5400 RasAcd - ok
21:10:49.0640 5400 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
21:10:49.0640 5400 RasAuto - ok
21:10:49.0671 5400 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:10:49.0671 5400 Rasl2tp - ok
21:10:49.0734 5400 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
21:10:49.0734 5400 RasMan - ok
21:10:49.0750 5400 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:10:49.0781 5400 RasPppoe - ok
21:10:49.0812 5400 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:10:49.0812 5400 Raspti - ok
21:10:49.0859 5400 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:10:49.0859 5400 Rdbss - ok
21:10:49.0859 5400 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:10:49.0859 5400 RDPCDD - ok
21:10:49.0890 5400 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:10:49.0890 5400 rdpdr - ok
21:10:49.0968 5400 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
21:10:49.0968 5400 RDPWD - ok
21:10:50.0000 5400 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
21:10:50.0015 5400 RDSessMgr - ok
21:10:50.0031 5400 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:10:50.0031 5400 redbook - ok
21:10:50.0078 5400 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
21:10:50.0078 5400 RemoteAccess - ok
21:10:50.0109 5400 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
21:10:50.0109 5400 RemoteRegistry - ok
21:10:50.0171 5400 rimmptsk (ea885e7a56f1be1f14c372337c42fe48) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
21:10:50.0171 5400 rimmptsk - ok
21:10:50.0203 5400 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
21:10:50.0203 5400 RpcLocator - ok
21:10:50.0250 5400 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
21:10:50.0265 5400 RpcSs - ok
21:10:50.0281 5400 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
21:10:50.0296 5400 RSVP - ok
21:10:50.0328 5400 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:10:50.0328 5400 SamSs - ok
21:10:50.0359 5400 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
21:10:50.0359 5400 SCardSvr - ok
21:10:50.0390 5400 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
21:10:50.0406 5400 Schedule - ok
21:10:50.0453 5400 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
21:10:50.0468 5400 sdbus - ok
21:10:50.0609 5400 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
21:10:50.0625 5400 SeaPort - ok
21:10:50.0656 5400 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:10:50.0656 5400 Secdrv - ok
21:10:50.0703 5400 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
21:10:50.0703 5400 seclogon - ok
21:10:50.0859 5400 SecureStorageService (27d53cd650cc77123faf2f07023dabc7) C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
21:10:50.0921 5400 SecureStorageService - ok
21:10:50.0953 5400 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
21:10:50.0953 5400 SENS - ok
21:10:50.0984 5400 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
21:10:50.0984 5400 Serial - ok
21:10:51.0046 5400 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:10:51.0046 5400 Sfloppy - ok
21:10:51.0109 5400 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
21:10:51.0109 5400 SharedAccess - ok
21:10:51.0171 5400 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
21:10:51.0187 5400 ShellHWDetection - ok
21:10:51.0187 5400 Simbad - ok
21:10:51.0218 5400 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
21:10:51.0218 5400 sisagp - ok
21:10:51.0328 5400 SMManager (2946f121562dfa6d3372472a79e8a9f3) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
21:10:51.0328 5400 SMManager - ok
21:10:51.0359 5400 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
21:10:51.0359 5400 Sparrow - ok
21:10:51.0390 5400 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:10:51.0406 5400 splitter - ok
21:10:51.0453 5400 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
21:10:51.0453 5400 Spooler - ok
21:10:51.0468 5400 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
21:10:51.0468 5400 sr - ok
21:10:51.0531 5400 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
21:10:51.0546 5400 srservice - ok
21:10:51.0625 5400 SRS_PremiumSound_Service (584477fdfa731af4635f5875c6b52531) C:\WINDOWS\system32\drivers\srs_PremiumSound_i386.sys
21:10:51.0625 5400 SRS_PremiumSound_Service - ok
21:10:51.0734 5400 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:10:51.0750 5400 Srv - ok
21:10:51.0812 5400 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
21:10:51.0812 5400 SSDPSRV - ok
21:10:51.0875 5400 STacSV (3603f3db9fba2a8fa91829681ba25afa) c:\drivers\audio\r213367\stacsv.exe
21:10:51.0875 5400 STacSV - ok
21:10:51.0937 5400 Steam Client Service - ok
21:10:52.0078 5400 STHDA (1b76479b80ff0f6e245ba590a64102be) C:\WINDOWS\system32\drivers\sthda.sys
21:10:52.0140 5400 STHDA - ok
21:10:53.0468 5400 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
21:10:53.0468 5400 StillCam - ok
21:10:53.0531 5400 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
21:10:53.0531 5400 stisvc - ok
21:10:53.0593 5400 stllssvr (de3e7a2345ebaa3ce8e6957dfb55fb15) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
21:10:53.0593 5400 stllssvr - ok
21:10:53.0640 5400 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:10:53.0640 5400 swenum - ok
21:10:53.0687 5400 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:10:53.0687 5400 swmidi - ok
21:10:53.0703 5400 SwPrv - ok
21:10:53.0734 5400 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
21:10:53.0734 5400 symc810 - ok
21:10:53.0750 5400 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
21:10:53.0750 5400 symc8xx - ok
21:10:53.0765 5400 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
21:10:53.0765 5400 sym_hi - ok
21:10:53.0765 5400 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
21:10:53.0765 5400 sym_u3 - ok
21:10:53.0781 5400 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:10:53.0796 5400 sysaudio - ok
21:10:53.0812 5400 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
21:10:53.0812 5400 SysmonLog - ok
21:10:53.0859 5400 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
21:10:53.0859 5400 TapiSrv - ok
21:10:53.0937 5400 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:10:53.0937 5400 Tcpip - ok
21:10:54.0109 5400 tcsd_win32.exe (69f1a38a6dbfe682491cb61a596662e3) C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
21:10:54.0125 5400 tcsd_win32.exe - ok
21:10:54.0390 5400 TdmService (d228907c9623888bbcfd94617385e3c4) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
21:10:54.0406 5400 TdmService - ok
21:10:54.0765 5400 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:10:54.0781 5400 TDPIPE - ok
21:10:54.0781 5400 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:10:54.0781 5400 TDTCP - ok
21:10:54.0828 5400 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:10:54.0828 5400 TermDD - ok
21:10:54.0890 5400 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
21:10:54.0890 5400 TermService - ok
21:10:54.0937 5400 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
21:10:54.0937 5400 Themes - ok
21:10:54.0968 5400 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
21:10:54.0984 5400 TlntSvr - ok
21:10:55.0015 5400 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
21:10:55.0015 5400 TosIde - ok
21:10:55.0062 5400 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
21:10:55.0062 5400 TrkWks - ok
21:10:55.0265 5400 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:10:55.0265 5400 Udfs - ok
21:10:55.0312 5400 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
21:10:55.0328 5400 ultra - ok
21:10:55.0375 5400 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:10:55.0390 5400 Update - ok
21:10:55.0453 5400 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
21:10:55.0484 5400 upnphost - ok
21:10:55.0515 5400 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
21:10:55.0515 5400 UPS - ok
21:10:55.0562 5400 urvpndrv (31f420b33463590ccbeb8d43ad9ddc11) C:\WINDOWS\system32\DRIVERS\covpndrv.sys
21:10:55.0562 5400 urvpndrv - ok
21:10:55.0609 5400 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
21:10:55.0609 5400 usbaudio - ok
21:10:55.0656 5400 usbccgp (c18d6c74953621346df6b0a11f80c1cc) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:10:55.0671 5400 usbccgp - ok
21:10:55.0687 5400 USBCCID (2825e0e294686a26506690059e1f437a) C:\WINDOWS\system32\DRIVERS\usbccid.sys
21:10:55.0687 5400 USBCCID - ok
21:10:55.0750 5400 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:10:55.0750 5400 usbehci - ok
21:10:55.0812 5400 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:10:55.0812 5400 usbhub - ok
21:10:55.0875 5400 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:10:55.0875 5400 usbprint - ok
21:10:55.0875 5400 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:10:55.0875 5400 usbscan - ok
21:10:55.0906 5400 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:10:55.0906 5400 USBSTOR - ok
21:10:55.0937 5400 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:10:55.0937 5400 usbuhci - ok
21:10:55.0953 5400 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:10:55.0953 5400 VgaSave - ok
21:10:55.0984 5400 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
21:10:55.0984 5400 viaagp - ok
21:10:56.0000 5400 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
21:10:56.0000 5400 ViaIde - ok
21:10:56.0031 5400 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
21:10:56.0031 5400 VolSnap - ok
21:10:56.0093 5400 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
21:10:56.0109 5400 VSS - ok
21:10:56.0312 5400 vToolbarUpdater11.2.0 (8ed347bad8d1fb7c40b593bfb01786d2) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
21:10:56.0312 5400 vToolbarUpdater11.2.0 - ok
21:10:56.0359 5400 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
21:10:56.0359 5400 w32time - ok
21:10:56.0468 5400 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:10:56.0468 5400 Wanarp - ok
21:10:56.0546 5400 WavxDMgr (f9cea286b0f8311be823d071eabdf6e0) C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
21:10:56.0546 5400 WavxDMgr - ok
21:10:56.0625 5400 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
21:10:56.0656 5400 Wdf01000 - ok
21:10:56.0671 5400 WDICA - ok
21:10:56.0734 5400 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:10:56.0734 5400 wdmaud - ok
21:10:56.0812 5400 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
21:10:56.0828 5400 WebClient - ok
21:10:56.0953 5400 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
21:10:56.0953 5400 winmgmt - ok
21:10:56.0968 5400 wltrysvc - ok
21:10:57.0031 5400 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
21:10:57.0031 5400 WmdmPmSN - ok
21:10:57.0093 5400 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
21:10:57.0093 5400 Wmi - ok
21:10:57.0156 5400 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
21:10:57.0156 5400 WmiAcpi - ok
21:10:57.0187 5400 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:10:57.0203 5400 WmiApSrv - ok
21:10:57.0359 5400 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
21:10:57.0406 5400 WMPNetworkSvc - ok
21:10:57.0437 5400 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
21:10:57.0437 5400 WpdUsb - ok
21:10:57.0640 5400 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:10:57.0687 5400 WPFFontCache_v0400 - ok
21:10:57.0734 5400 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
21:10:57.0750 5400 wscsvc - ok
21:10:57.0750 5400 WSearch - ok
21:10:57.0765 5400 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
21:10:57.0781 5400 wuauserv - ok
21:10:57.0828 5400 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:10:57.0828 5400 WudfPf - ok
21:10:57.0875 5400 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:10:57.0875 5400 WudfRd - ok
21:10:57.0906 5400 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
21:10:57.0921 5400 WudfSvc - ok
21:10:58.0015 5400 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
21:10:58.0031 5400 WZCSVC - ok
21:10:58.0093 5400 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
21:10:58.0125 5400 xmlprov - ok
21:10:58.0203 5400 xusb21 (09e5340bd9b2cb730bf4dc6be7721291) C:\WINDOWS\system32\DRIVERS\xusb21.sys
21:10:58.0203 5400 xusb21 - ok
21:10:58.0234 5400 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:10:58.0812 5400 \Device\Harddisk0\DR0 - ok
21:10:58.0828 5400 Boot (0x1200) (94bd6535fa524fadda2a7b8328dfbb2c) \Device\Harddisk0\DR0\Partition0
21:10:58.0828 5400 \Device\Harddisk0\DR0\Partition0 - ok
21:10:58.0828 5400 ============================================================
21:10:58.0828 5400 Scan finished
21:10:58.0828 5400 ============================================================
21:10:58.0828 0976 Detected object count: 0
21:10:58.0828 0976 Actual detected object count: 0

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:59 AM

Posted 24 July 2012 - 08:30 PM

OK, ... programs are opening now?

Lets see if there is any malware left and then we will update a few things.


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.

Edited by boopme, 24 July 2012 - 08:30 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 richajx09

richajx09
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:59 AM

Posted 25 July 2012 - 11:23 AM

No, programs still do not open normally. However, I have not restarted my computer yet.

Here is the ESET report:

C:\Documents and Settings\Jared Richard\Local Settings\Temporary Internet Files\Content.IE5\3SJ92GJ4\7zip_installer_1650[1].exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Documents and Settings\Jared Richard\Local Settings\Temporary Internet Files\Content.IE5\3SJ92GJ4\7zip_installer_1650[2].exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined

#9 richajx09

richajx09
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:59 AM

Posted 25 July 2012 - 12:38 PM

I have now restarted my computer. I am still unable to open programs normally. I am having the same issues that I mentioned in my first post.

Edited by richajx09, 25 July 2012 - 12:38 PM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:59 AM

Posted 25 July 2012 - 03:59 PM

Appears we need a deeper look. You have to start a new topic,, You can use the same title.

Include this link back here
http://www.bleepingcomputer.com/forums/topic462102.html/page__pid__2779315#top

Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 richajx09

richajx09
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:59 AM

Posted 26 July 2012 - 02:30 PM

I know that you said to start a new topic, but I am unable to complete step 7 in the Preparation Guide. The link does not do anything. I have tried it several times.

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:59 AM

Posted 26 July 2012 - 02:40 PM

OK, just go to that forum,start a topic and state you cannot run the tools in the guide..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 richajx09

richajx09
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:59 AM

Posted 26 July 2012 - 04:05 PM

I had a topic recently that was not solved. I was told to start a new topic. Here is the link to the old topic:
http://www.bleepingcomputer.com/forums/topic462102.html/page__pid__2779315#top

I was told to do steps 6-9 in the Preparation Guide, but the link to download DDS in step 7 did not work, so I stopped after step 6.

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:59 AM

Posted 26 July 2012 - 08:03 PM

Hello you need to post here Virus, Trojan, Spyware, and Malware Removal Logs

So that you will get a reply from the malware team to fix this.




Merging this with original topic.

Edited by boopme, 26 July 2012 - 08:03 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,962 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:08:59 AM

Posted 27 July 2012 - 08:03 AM

Hello,

Now that you have posted here: http://www.bleepingcomputer.com/forums/topic462638.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users