Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search Result Redirect


  • Please log in to reply
3 replies to this topic

#1 zmoffice

zmoffice

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:21 AM

Posted 13 September 2012 - 02:34 PM

I need help please.

When I perform a search via Google, Bing Etc., and click on a result I get redirected to weird websites. If I open a link in a new tab from the search results it works fine.

I have scanned with AdAware(no help) and Malwarebytes (found two items but no help).

Please advise and help it would be appreciated.

Thank you in advance.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:21 AM

Posted 13 September 2012 - 07:27 PM

Hello,let's also do this.
Are you on a router? Are other machines on it,if so are they redirecting?

Do you use the Firefox or Chrome browser?


Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

>>>>

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.

Edited by boopme, 13 September 2012 - 07:28 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 zmoffice

zmoffice
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:21 AM

Posted 17 September 2012 - 11:05 AM

Ran RKILL and the log is as follows:

Rkill 2.3.14 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/17/2012 09:46:19 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* (AFD) is not Running.
Startup Type set to:

* (CryptSvc) is not Running.
Startup Type set to:

* (Dhcp) is not Running.
Startup Type set to:

* (Dnscache) is not Running.
Startup Type set to:

* (EventSystem) is not Running.
Startup Type set to:

* (Netman) is not Running.
Startup Type set to:

* (PlugPlay) is not Running.
Startup Type set to:

* (RpcSs) is not Running.
Startup Type set to:

* (srservice) is not Running.
Startup Type set to:

* (winmgmt) is not Running.
Startup Type set to:

* (wscsvc) is not Running.
Startup Type set to:

* (wuauserv) is not Running.
Startup Type set to:

* (AFD) is not Running.
Startup Type set to:

* (IPSec) is not Running.
Startup Type set to:

* (NetBT) is not Running.
Startup Type set to:

* (sr) is not Running.
Startup Type set to:

* (Tcpip) is not Running.
Startup Type set to:

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/17/2012 09:46:47 AM
Execution time: 0 hours(s), 0 minute(s), and 28 seconds(s)


TDSSKiller log:

09:55:19.0359 4372 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
09:55:21.0250 4372 ============================================================
09:55:21.0250 4372 Current date / time: 2012/09/17 09:55:21.0250
09:55:21.0250 4372 SystemInfo:
09:55:21.0250 4372
09:55:21.0250 4372 OS Version: 5.1.2600 ServicePack: 3.0
09:55:21.0250 4372 Product type: Workstation
09:55:21.0250 4372 ComputerName: RDENKER
09:55:21.0250 4372 UserName: Administrator
09:55:21.0250 4372 Windows directory: C:\WINDOWS
09:55:21.0250 4372 System windows directory: C:\WINDOWS
09:55:21.0250 4372 Processor architecture: Intel x86
09:55:21.0250 4372 Number of processors: 2
09:55:21.0250 4372 Page size: 0x1000
09:55:21.0250 4372 Boot type: Normal boot
09:55:21.0250 4372 ============================================================
09:55:22.0921 4372 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:55:22.0921 4372 ============================================================
09:55:22.0921 4372 \Device\Harddisk0\DR0:
09:55:22.0921 4372 MBR partitions:
09:55:22.0921 4372 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x1D18D6F3
09:55:22.0921 4372 ============================================================
09:55:22.0953 4372 C: <-> \Device\Harddisk0\DR0\Partition1
09:55:22.0953 4372 ============================================================
09:55:22.0953 4372 Initialize success
09:55:22.0953 4372 ============================================================
09:55:26.0343 4112 ============================================================
09:55:26.0343 4112 Scan started
09:55:26.0343 4112 Mode: Manual; TDLFS;
09:55:26.0343 4112 ============================================================
09:55:29.0468 4112 ================ Scan system memory ========================
09:55:29.0468 4112 System memory - ok
09:55:29.0468 4112 ================ Scan services =============================
09:55:29.0687 4112 Abiosdsk - ok
09:55:29.0703 4112 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
09:55:29.0718 4112 abp480n5 - ok
09:55:29.0734 4112 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:55:29.0734 4112 ACPI - ok
09:55:29.0734 4112 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
09:55:29.0734 4112 ACPIEC - ok
09:55:29.0781 4112 [ 0F0A69496989912351284BB1BAA2CE57 ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
09:55:29.0781 4112 ADIHdAudAddService - ok
09:55:29.0828 4112 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
09:55:29.0828 4112 adpu160m - ok
09:55:29.0859 4112 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:55:29.0859 4112 aec - ok
09:55:29.0906 4112 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:55:29.0906 4112 AFD - ok
09:55:29.0921 4112 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
09:55:29.0921 4112 agp440 - ok
09:55:29.0921 4112 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
09:55:29.0921 4112 agpCPQ - ok
09:55:29.0937 4112 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
09:55:29.0937 4112 Aha154x - ok
09:55:29.0937 4112 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
09:55:29.0937 4112 aic78u2 - ok
09:55:29.0953 4112 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
09:55:29.0953 4112 aic78xx - ok
09:55:29.0968 4112 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:55:29.0968 4112 Alerter - ok
09:55:30.0000 4112 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
09:55:30.0000 4112 ALG - ok
09:55:30.0015 4112 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
09:55:30.0015 4112 AliIde - ok
09:55:30.0031 4112 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
09:55:30.0031 4112 alim1541 - ok
09:55:30.0031 4112 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
09:55:30.0031 4112 amdagp - ok
09:55:30.0046 4112 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
09:55:30.0046 4112 amsint - ok
09:55:30.0078 4112 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
09:55:30.0078 4112 AppMgmt - ok
09:55:30.0078 4112 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
09:55:30.0078 4112 asc - ok
09:55:30.0078 4112 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
09:55:30.0078 4112 asc3350p - ok
09:55:30.0078 4112 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
09:55:30.0078 4112 asc3550 - ok
09:55:30.0156 4112 [ 6295DD28D0ECBC4E6E450C279FEF5ED9 ] ASFIPmon C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
09:55:30.0156 4112 ASFIPmon - ok
09:55:30.0234 4112 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:55:30.0281 4112 aspnet_state - ok
09:55:30.0296 4112 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:55:30.0296 4112 AsyncMac - ok
09:55:30.0343 4112 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:55:30.0343 4112 atapi - ok
09:55:30.0343 4112 Atdisk - ok
09:55:30.0390 4112 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:55:30.0390 4112 Atmarpc - ok
09:55:30.0406 4112 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:55:30.0406 4112 AudioSrv - ok
09:55:30.0453 4112 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:55:30.0453 4112 audstub - ok
09:55:30.0484 4112 [ EA2D28BBE98256654397CD1F6EAEBDD8 ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
09:55:30.0500 4112 Autodesk Licensing Service - ok
09:55:30.0625 4112 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
09:55:30.0765 4112 AVGIDSAgent - ok
09:55:30.0796 4112 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
09:55:30.0812 4112 AVGIDSDriver - ok
09:55:30.0843 4112 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
09:55:30.0859 4112 AVGIDSFilter - ok
09:55:30.0890 4112 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
09:55:30.0890 4112 AVGIDSHX - ok
09:55:30.0937 4112 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
09:55:30.0937 4112 AVGIDSShim - ok
09:55:30.0984 4112 [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
09:55:30.0984 4112 Avgldx86 - ok
09:55:30.0984 4112 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
09:55:30.0984 4112 Avgmfx86 - ok
09:55:31.0031 4112 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
09:55:31.0031 4112 Avgrkx86 - ok
09:55:31.0078 4112 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
09:55:31.0078 4112 Avgtdix - ok
09:55:31.0125 4112 [ 6F76908F065C3C151C4BFCA7DFD86979 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
09:55:31.0125 4112 avgtp - ok
09:55:31.0203 4112 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
09:55:31.0312 4112 avgwd - ok
09:55:31.0390 4112 [ D0692F7B8217E3B82D2BFAC535816117 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:55:31.0437 4112 b57w2k - ok
09:55:31.0437 4112 [ 5C68AC6F3E5B3E6D6A78E97D05E42C3A ] BASFND C:\Program Files\Broadcom\ASFIPMon\BASFND.sys
09:55:31.0437 4112 BASFND - ok
09:55:31.0484 4112 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:55:31.0484 4112 Beep - ok
09:55:31.0515 4112 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
09:55:31.0531 4112 BITS - ok
09:55:31.0562 4112 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
09:55:31.0562 4112 Browser - ok
09:55:31.0593 4112 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
09:55:31.0593 4112 cbidf - ok
09:55:31.0593 4112 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:55:31.0609 4112 cbidf2k - ok
09:55:31.0625 4112 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:55:31.0625 4112 CCDECODE - ok
09:55:31.0640 4112 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
09:55:31.0640 4112 cd20xrnt - ok
09:55:31.0640 4112 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:55:31.0640 4112 Cdaudio - ok
09:55:31.0656 4112 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:55:31.0656 4112 Cdfs - ok
09:55:31.0703 4112 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:55:31.0703 4112 Cdrom - ok
09:55:31.0703 4112 Changer - ok
09:55:31.0734 4112 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:55:31.0734 4112 CiSvc - ok
09:55:31.0734 4112 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:55:31.0734 4112 ClipSrv - ok
09:55:31.0750 4112 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:55:31.0859 4112 clr_optimization_v2.0.50727_32 - ok
09:55:31.0859 4112 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
09:55:31.0859 4112 CmdIde - ok
09:55:31.0875 4112 COMSysApp - ok
09:55:31.0890 4112 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
09:55:31.0890 4112 Cpqarray - ok
09:55:31.0921 4112 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:55:31.0921 4112 CryptSvc - ok
09:55:31.0937 4112 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
09:55:31.0937 4112 dac2w2k - ok
09:55:31.0968 4112 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
09:55:31.0968 4112 dac960nt - ok
09:55:32.0015 4112 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:55:32.0015 4112 DcomLaunch - ok
09:55:32.0109 4112 [ 4B36F7F6968C394FBC330CE4F4C2E010 ] dell_power_nap_service C:\Program Files\Dell\PowerNap\PowerNap.Service.exe
09:55:32.0109 4112 dell_power_nap_service - ok
09:55:32.0140 4112 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:55:32.0140 4112 Dhcp - ok
09:55:32.0171 4112 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:55:32.0171 4112 Disk - ok
09:55:32.0203 4112 [ A0500678A33802D8954153839301D539 ] DLABMFSM C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
09:55:32.0203 4112 DLABMFSM - ok
09:55:32.0203 4112 [ B8D2F68CAC54D46281399F9092644794 ] DLABOIOM C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
09:55:32.0218 4112 DLABOIOM - ok
09:55:32.0234 4112 [ 0EE93AB799D1CB4EC90B36F3612FE907 ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
09:55:32.0234 4112 DLACDBHM - ok
09:55:32.0250 4112 [ 87413B94AE1FABC117C4E8AE6725134E ] DLADResM C:\WINDOWS\system32\Drivers\DLADResM.SYS
09:55:32.0250 4112 DLADResM - ok
09:55:32.0250 4112 [ 766A148235BE1C0039C974446E4C0EDC ] DLAIFS_M C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
09:55:32.0250 4112 DLAIFS_M - ok
09:55:32.0250 4112 [ 38267CCA177354F1C64450A43A4F7627 ] DLAOPIOM C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
09:55:32.0265 4112 DLAOPIOM - ok
09:55:32.0265 4112 [ FD363369FD313B46B5AEAB1A688B52E9 ] DLAPoolM C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
09:55:32.0265 4112 DLAPoolM - ok
09:55:32.0265 4112 [ 336AE18F0912EF4FBE5518849E004D74 ] DLARTL_M C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
09:55:32.0265 4112 DLARTL_M - ok
09:55:32.0265 4112 [ FD85F682C1CC2A7CA878C7A448E6D87E ] DLAUDFAM C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
09:55:32.0281 4112 DLAUDFAM - ok
09:55:32.0281 4112 [ AF389CE587B6BF5BBDCD6F6ABE5EABC0 ] DLAUDF_M C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
09:55:32.0281 4112 DLAUDF_M - ok
09:55:32.0281 4112 dmadmin - ok
09:55:32.0312 4112 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:55:32.0328 4112 dmboot - ok
09:55:32.0328 4112 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:55:32.0328 4112 dmio - ok
09:55:32.0328 4112 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:55:32.0328 4112 dmload - ok
09:55:32.0359 4112 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:55:32.0359 4112 dmserver - ok
09:55:32.0390 4112 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:55:32.0390 4112 DMusic - ok
09:55:32.0421 4112 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:55:32.0421 4112 Dnscache - ok
09:55:32.0437 4112 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
09:55:32.0453 4112 Dot3svc - ok
09:55:32.0468 4112 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
09:55:32.0484 4112 dpti2o - ok
09:55:32.0500 4112 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:55:32.0500 4112 drmkaud - ok
09:55:32.0515 4112 [ 5D3B71BB2BB0009D65D290E2EF374BD3 ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
09:55:32.0515 4112 DRVMCDB - ok
09:55:32.0562 4112 [ C591BA9F96F40A1FD6494DAFDCD17185 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
09:55:32.0562 4112 DRVNDDM - ok
09:55:32.0593 4112 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:55:32.0593 4112 EapHost - ok
09:55:32.0625 4112 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:55:32.0625 4112 ERSvc - ok
09:55:32.0656 4112 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
09:55:32.0671 4112 Eventlog - ok
09:55:32.0703 4112 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
09:55:32.0703 4112 EventSystem - ok
09:55:32.0750 4112 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:55:32.0750 4112 Fastfat - ok
09:55:32.0796 4112 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:55:32.0796 4112 FastUserSwitchingCompatibility - ok
09:55:32.0843 4112 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
09:55:32.0843 4112 Fax - ok
09:55:32.0875 4112 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
09:55:32.0875 4112 Fdc - ok
09:55:32.0890 4112 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:55:32.0890 4112 Fips - ok
09:55:32.0937 4112 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:55:32.0953 4112 FLEXnet Licensing Service - ok
09:55:32.0968 4112 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
09:55:32.0968 4112 Flpydisk - ok
09:55:32.0984 4112 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
09:55:32.0984 4112 FltMgr - ok
09:55:33.0062 4112 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:55:33.0078 4112 FontCache3.0.0.0 - ok
09:55:33.0093 4112 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:55:33.0093 4112 Fs_Rec - ok
09:55:33.0125 4112 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:55:33.0140 4112 Ftdisk - ok
09:55:33.0218 4112 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
09:55:33.0218 4112 GoogleDesktopManager-051210-111108 - ok
09:55:33.0250 4112 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:55:33.0250 4112 Gpc - ok
09:55:33.0281 4112 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:55:33.0281 4112 gupdate - ok
09:55:33.0281 4112 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:55:33.0281 4112 gupdatem - ok
09:55:33.0343 4112 [ 408DDD80EEDE47175F6844817B90213E ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:55:33.0343 4112 gusvc - ok
09:55:33.0359 4112 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:55:33.0359 4112 HDAudBus - ok
09:55:33.0437 4112 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:55:33.0437 4112 helpsvc - ok
09:55:33.0468 4112 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
09:55:33.0468 4112 HidServ - ok
09:55:33.0484 4112 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:55:33.0484 4112 hidusb - ok
09:55:33.0500 4112 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
09:55:33.0515 4112 hkmsvc - ok
09:55:33.0515 4112 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
09:55:33.0515 4112 hpn - ok
09:55:33.0546 4112 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:55:33.0546 4112 HTTP - ok
09:55:33.0593 4112 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:55:33.0593 4112 HTTPFilter - ok
09:55:33.0609 4112 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
09:55:33.0609 4112 i2omgmt - ok
09:55:33.0640 4112 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
09:55:33.0640 4112 i2omp - ok
09:55:33.0640 4112 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:55:33.0656 4112 i8042prt - ok
09:55:33.0687 4112 [ 72B53E9C8924949DEC8F3799BCBA2251 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
09:55:33.0687 4112 IAANTMON - ok
09:55:33.0843 4112 [ 12C7F8D581C4A9F126F5F8F5683A1C29 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
09:55:33.0984 4112 ialm - ok
09:55:34.0015 4112 [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
09:55:34.0015 4112 iaStor - ok
09:55:34.0078 4112 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:55:34.0093 4112 idsvc - ok
09:55:34.0125 4112 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:55:34.0125 4112 Imapi - ok
09:55:34.0171 4112 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
09:55:34.0171 4112 ImapiService - ok
09:55:34.0203 4112 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
09:55:34.0203 4112 ini910u - ok
09:55:34.0218 4112 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
09:55:34.0218 4112 IntelIde - ok
09:55:34.0234 4112 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:55:34.0234 4112 intelppm - ok
09:55:34.0250 4112 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
09:55:34.0265 4112 Ip6Fw - ok
09:55:34.0265 4112 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:55:34.0265 4112 IpFilterDriver - ok
09:55:34.0265 4112 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:55:34.0265 4112 IpInIp - ok
09:55:34.0296 4112 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:55:34.0296 4112 IpNat - ok
09:55:34.0312 4112 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:55:34.0312 4112 IPSec - ok
09:55:34.0312 4112 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:55:34.0312 4112 IRENUM - ok
09:55:34.0359 4112 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:55:34.0359 4112 isapnp - ok
09:55:34.0468 4112 [ 126A16F569122AE00AD3D12EF831D651 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
09:55:34.0468 4112 JavaQuickStarterService - ok
09:55:34.0515 4112 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:55:34.0515 4112 Kbdclass - ok
09:55:34.0562 4112 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:55:34.0562 4112 kbdhid - ok
09:55:34.0578 4112 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:55:34.0578 4112 kmixer - ok
09:55:34.0593 4112 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:55:34.0593 4112 KSecDD - ok
09:55:34.0609 4112 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
09:55:34.0625 4112 LanmanServer - ok
09:55:34.0656 4112 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:55:34.0656 4112 lanmanworkstation - ok
09:55:34.0765 4112 [ 6DF2BE94D712753FB8D87495469B5262 ] Lavasoft Ad-Aware Service C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
09:55:34.0828 4112 Lavasoft Ad-Aware Service - ok
09:55:34.0875 4112 [ B7C19EC8B0DD7EFA58AD41FFEB8B8CDA ] Lbd C:\WINDOWS\system32\DRIVERS\Lbd.sys
09:55:34.0875 4112 Lbd - ok
09:55:34.0875 4112 lbrtfdc - ok
09:55:34.0921 4112 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:55:34.0921 4112 LmHosts - ok
09:55:34.0953 4112 [ B309912717C29FC67E1BA4730A82B6DD ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
09:55:34.0953 4112 MBAMSwissArmy - ok
09:55:34.0984 4112 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:55:34.0984 4112 Messenger - ok
09:55:35.0031 4112 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:55:35.0031 4112 mnmdd - ok
09:55:35.0062 4112 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
09:55:35.0062 4112 mnmsrvc - ok
09:55:35.0062 4112 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
09:55:35.0078 4112 Modem - ok
09:55:35.0140 4112 [ 2443B978E80F8A3D1F39855AA25882AF ] MotoHelper C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
09:55:35.0156 4112 MotoHelper - ok
09:55:35.0156 4112 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:55:35.0156 4112 Mouclass - ok
09:55:35.0171 4112 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:55:35.0171 4112 mouhid - ok
09:55:35.0187 4112 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
09:55:35.0187 4112 MountMgr - ok
09:55:35.0218 4112 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
09:55:35.0218 4112 mraid35x - ok
09:55:35.0234 4112 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:55:35.0234 4112 MRxDAV - ok
09:55:35.0281 4112 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:55:35.0296 4112 MRxSmb - ok
09:55:35.0328 4112 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
09:55:35.0328 4112 MSDTC - ok
09:55:35.0328 4112 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:55:35.0328 4112 Msfs - ok
09:55:35.0375 4112 [ 01446556C149BBA152E2FF79E296889F ] MSHUSBVideo C:\WINDOWS\system32\Drivers\nx6000.sys
09:55:35.0375 4112 MSHUSBVideo - ok
09:55:35.0375 4112 MSIServer - ok
09:55:35.0406 4112 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:55:35.0406 4112 MSKSSRV - ok
09:55:35.0437 4112 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:55:35.0437 4112 MSPCLOCK - ok
09:55:35.0437 4112 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:55:35.0437 4112 MSPQM - ok
09:55:35.0453 4112 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:55:35.0453 4112 mssmbios - ok
09:55:35.0468 4112 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
09:55:35.0484 4112 MSTEE - ok
09:55:35.0500 4112 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
09:55:35.0500 4112 Mup - ok
09:55:35.0546 4112 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:55:35.0546 4112 NABTSFEC - ok
09:55:35.0593 4112 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
09:55:35.0609 4112 napagent - ok
09:55:35.0625 4112 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
09:55:35.0625 4112 NDIS - ok
09:55:35.0640 4112 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:55:35.0640 4112 NdisIP - ok
09:55:35.0671 4112 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:55:35.0687 4112 NdisTapi - ok
09:55:35.0718 4112 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:55:35.0718 4112 Ndisuio - ok
09:55:35.0734 4112 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:55:35.0734 4112 NdisWan - ok
09:55:35.0765 4112 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:55:35.0765 4112 NDProxy - ok
09:55:35.0781 4112 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:55:35.0781 4112 NetBIOS - ok
09:55:35.0796 4112 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:55:35.0796 4112 NetBT - ok
09:55:35.0859 4112 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
09:55:35.0859 4112 NetDDE - ok
09:55:35.0859 4112 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
09:55:35.0859 4112 NetDDEdsdm - ok
09:55:35.0906 4112 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:55:35.0906 4112 Netlogon - ok
09:55:35.0921 4112 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
09:55:35.0921 4112 Netman - ok
09:55:35.0984 4112 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:55:35.0984 4112 NetTcpPortSharing - ok
09:55:36.0031 4112 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
09:55:36.0031 4112 Nla - ok
09:55:36.0062 4112 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:55:36.0062 4112 Npfs - ok
09:55:36.0109 4112 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:55:36.0125 4112 Ntfs - ok
09:55:36.0156 4112 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
09:55:36.0156 4112 NtLmSsp - ok
09:55:36.0328 4112 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
09:55:36.0328 4112 NtmsSvc - ok
09:55:36.0343 4112 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
09:55:36.0343 4112 Null - ok
09:55:36.0375 4112 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:55:36.0375 4112 NwlnkFlt - ok
09:55:36.0406 4112 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:55:36.0406 4112 NwlnkFwd - ok
09:55:36.0578 4112 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:55:36.0625 4112 odserv - ok
09:55:36.0656 4112 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:55:36.0671 4112 ose - ok
09:55:36.0718 4112 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
09:55:36.0734 4112 Parport - ok
09:55:36.0734 4112 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
09:55:36.0734 4112 PartMgr - ok
09:55:36.0750 4112 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
09:55:36.0750 4112 ParVdm - ok
09:55:36.0781 4112 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
09:55:36.0781 4112 PCI - ok
09:55:36.0781 4112 PCIDump - ok
09:55:36.0921 4112 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
09:55:36.0921 4112 PCIIde - ok
09:55:36.0937 4112 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
09:55:36.0953 4112 Pcmcia - ok
09:55:36.0953 4112 PDCOMP - ok
09:55:36.0953 4112 PDFRAME - ok
09:55:36.0953 4112 PDRELI - ok
09:55:36.0968 4112 PDRFRAME - ok
09:55:36.0984 4112 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
09:55:36.0984 4112 perc2 - ok
09:55:37.0000 4112 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
09:55:37.0000 4112 perc2hib - ok
09:55:37.0046 4112 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
09:55:37.0046 4112 PlugPlay - ok
09:55:37.0078 4112 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
09:55:37.0078 4112 PolicyAgent - ok
09:55:37.0125 4112 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:55:37.0125 4112 PptpMiniport - ok
09:55:37.0125 4112 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:55:37.0125 4112 ProtectedStorage - ok
09:55:37.0125 4112 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
09:55:37.0125 4112 PSched - ok
09:55:37.0125 4112 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:55:37.0140 4112 Ptilink - ok
09:55:37.0171 4112 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:55:37.0171 4112 PxHelp20 - ok
09:55:37.0203 4112 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
09:55:37.0203 4112 ql1080 - ok
09:55:37.0203 4112 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
09:55:37.0203 4112 Ql10wnt - ok
09:55:37.0218 4112 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
09:55:37.0218 4112 ql12160 - ok
09:55:37.0218 4112 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
09:55:37.0218 4112 ql1240 - ok
09:55:37.0234 4112 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
09:55:37.0234 4112 ql1280 - ok
09:55:37.0250 4112 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:55:37.0250 4112 RasAcd - ok
09:55:37.0281 4112 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:55:37.0281 4112 RasAuto - ok
09:55:37.0312 4112 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:55:37.0312 4112 Rasl2tp - ok
09:55:37.0328 4112 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:55:37.0328 4112 RasMan - ok
09:55:37.0343 4112 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:55:37.0343 4112 RasPppoe - ok
09:55:37.0359 4112 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
09:55:37.0359 4112 Raspti - ok
09:55:37.0390 4112 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:55:37.0390 4112 Rdbss - ok
09:55:37.0390 4112 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:55:37.0390 4112 RDPCDD - ok
09:55:37.0421 4112 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:55:37.0421 4112 rdpdr - ok
09:55:37.0453 4112 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:55:37.0453 4112 RDPWD - ok
09:55:37.0500 4112 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
09:55:37.0500 4112 RDSessMgr - ok
09:55:37.0515 4112 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
09:55:37.0515 4112 redbook - ok
09:55:37.0546 4112 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:55:37.0546 4112 RemoteAccess - ok
09:55:37.0578 4112 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:55:37.0578 4112 RemoteRegistry - ok
09:55:37.0593 4112 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
09:55:37.0593 4112 RpcLocator - ok
09:55:37.0625 4112 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:55:37.0625 4112 RpcSs - ok
09:55:37.0671 4112 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
09:55:37.0671 4112 RSVP - ok
09:55:37.0687 4112 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
09:55:37.0687 4112 SamSs - ok
09:55:37.0718 4112 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
09:55:37.0718 4112 SCardSvr - ok
09:55:37.0750 4112 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:55:37.0750 4112 Schedule - ok
09:55:37.0796 4112 [ 695745CCE49C346DAB9620519B3E1970 ] se32 C:\WINDOWS\system32\Drivers\se32.sys
09:55:37.0812 4112 se32 - ok
09:55:37.0828 4112 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:55:37.0828 4112 Secdrv - ok
09:55:37.0843 4112 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
09:55:37.0859 4112 seclogon - ok
09:55:37.0859 4112 [ B6A6B409FDA9D9EBD3AADB838D3D7173 ] SenFiltService C:\WINDOWS\system32\drivers\Senfilt.sys
09:55:37.0875 4112 SenFiltService - ok
09:55:37.0875 4112 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
09:55:37.0890 4112 SENS - ok
09:55:37.0906 4112 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
09:55:37.0906 4112 Serenum - ok
09:55:37.0906 4112 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
09:55:37.0906 4112 Serial - ok
09:55:37.0937 4112 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
09:55:37.0937 4112 Sfloppy - ok
09:55:37.0968 4112 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:55:37.0984 4112 SharedAccess - ok
09:55:38.0015 4112 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:55:38.0015 4112 ShellHWDetection - ok
09:55:38.0015 4112 Simbad - ok
09:55:38.0046 4112 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
09:55:38.0046 4112 sisagp - ok
09:55:38.0078 4112 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
09:55:38.0078 4112 SkypeUpdate - ok
09:55:38.0125 4112 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:55:38.0125 4112 SLIP - ok
09:55:38.0171 4112 [ CAFD8337F594F341A18BD82545122469 ] softOSD C:\Program Files\softOSD\softOSD.exe
09:55:38.0171 4112 softOSD - ok
09:55:38.0203 4112 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
09:55:38.0203 4112 SONYPVU1 - ok
09:55:38.0234 4112 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
09:55:38.0234 4112 Sparrow - ok
09:55:38.0250 4112 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09:55:38.0250 4112 splitter - ok
09:55:38.0296 4112 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
09:55:38.0296 4112 Spooler - ok
09:55:38.0343 4112 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09:55:38.0343 4112 sr - ok
09:55:38.0375 4112 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
09:55:38.0375 4112 srservice - ok
09:55:38.0406 4112 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:55:38.0406 4112 Srv - ok
09:55:38.0437 4112 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:55:38.0437 4112 SSDPSRV - ok
09:55:38.0468 4112 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09:55:38.0468 4112 stisvc - ok
09:55:38.0515 4112 [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
09:55:38.0531 4112 stllssvr - ok
09:55:38.0562 4112 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:55:38.0562 4112 streamip - ok
09:55:38.0578 4112 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09:55:38.0578 4112 swenum - ok
09:55:38.0593 4112 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
09:55:38.0593 4112 swmidi - ok
09:55:38.0593 4112 SwPrv - ok
09:55:38.0625 4112 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
09:55:38.0625 4112 symc810 - ok
09:55:38.0640 4112 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
09:55:38.0640 4112 symc8xx - ok
09:55:38.0640 4112 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
09:55:38.0640 4112 sym_hi - ok
09:55:38.0656 4112 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
09:55:38.0656 4112 sym_u3 - ok
09:55:38.0687 4112 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
09:55:38.0687 4112 sysaudio - ok
09:55:38.0734 4112 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
09:55:38.0734 4112 SysmonLog - ok
09:55:38.0781 4112 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:55:38.0796 4112 TapiSrv - ok
09:55:38.0843 4112 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:55:38.0843 4112 Tcpip - ok
09:55:38.0875 4112 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
09:55:38.0875 4112 TDPIPE - ok
09:55:38.0875 4112 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
09:55:38.0875 4112 TDTCP - ok
09:55:38.0906 4112 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
09:55:38.0906 4112 TermDD - ok
09:55:38.0921 4112 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
09:55:38.0921 4112 TermService - ok
09:55:38.0953 4112 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
09:55:38.0968 4112 Themes - ok
09:55:39.0000 4112 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
09:55:39.0000 4112 TlntSvr - ok
09:55:39.0000 4112 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
09:55:39.0015 4112 TosIde - ok
09:55:39.0046 4112 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
09:55:39.0046 4112 TrkWks - ok
09:55:39.0093 4112 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
09:55:39.0093 4112 Udfs - ok
09:55:39.0109 4112 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
09:55:39.0109 4112 ultra - ok
09:55:39.0140 4112 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
09:55:39.0156 4112 Update - ok
09:55:39.0187 4112 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
09:55:39.0187 4112 upnphost - ok
09:55:39.0203 4112 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
09:55:39.0203 4112 UPS - ok
09:55:39.0250 4112 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
09:55:39.0250 4112 usbaudio - ok
09:55:39.0281 4112 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:55:39.0281 4112 usbccgp - ok
09:55:39.0328 4112 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:55:39.0328 4112 usbehci - ok
09:55:39.0375 4112 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:55:39.0375 4112 usbhub - ok
09:55:39.0421 4112 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:55:39.0437 4112 usbscan - ok
09:55:39.0484 4112 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:55:39.0484 4112 USBSTOR - ok
09:55:39.0515 4112 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:55:39.0515 4112 usbuhci - ok
09:55:39.0546 4112 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
09:55:39.0562 4112 usbvideo - ok
09:55:39.0640 4112 [ 9D19B042A4FD5C02195071EA2FE0C821 ] usnjsvc C:\Program Files\Windows Live\Messenger\usnsvc.exe
09:55:39.0640 4112 usnjsvc - ok
09:55:39.0687 4112 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
09:55:39.0687 4112 VgaSave - ok
09:55:39.0703 4112 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
09:55:39.0703 4112 viaagp - ok
09:55:39.0718 4112 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
09:55:39.0718 4112 ViaIde - ok
09:55:39.0750 4112 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
09:55:39.0750 4112 VolSnap - ok
09:55:39.0781 4112 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
09:55:39.0796 4112 VSS - ok
09:55:39.0906 4112 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
09:55:39.0937 4112 vToolbarUpdater12.2.6 - ok
09:55:39.0937 4112 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
09:55:39.0953 4112 w32time - ok
09:55:39.0953 4112 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:55:39.0968 4112 Wanarp - ok
09:55:39.0968 4112 WDICA - ok
09:55:39.0984 4112 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
09:55:39.0984 4112 wdmaud - ok
09:55:40.0015 4112 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:55:40.0015 4112 WebClient - ok
09:55:40.0093 4112 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:55:40.0093 4112 winmgmt - ok
09:55:40.0171 4112 [ 94A85E956A065E23E0010A6A7826243B ] WLSetupSvc C:\Program Files\Windows Live\installer\WLSetupSvc.exe
09:55:40.0171 4112 WLSetupSvc - ok
09:55:40.0203 4112 [ 482069CDA24AA0E94B1351E30EB3D01F ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
09:55:40.0218 4112 WmdmPmSN - ok
09:55:40.0250 4112 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
09:55:40.0265 4112 Wmi - ok
09:55:40.0296 4112 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:55:40.0296 4112 WmiApSrv - ok
09:55:40.0343 4112 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
09:55:40.0343 4112 wscsvc - ok
09:55:40.0343 4112 WSearch - ok
09:55:40.0375 4112 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:55:40.0375 4112 WSTCODEC - ok
09:55:40.0390 4112 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
09:55:40.0390 4112 wuauserv - ok
09:55:40.0406 4112 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
09:55:40.0421 4112 WZCSVC - ok
09:55:40.0453 4112 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
09:55:40.0468 4112 xmlprov - ok
09:55:40.0468 4112 ================ Scan global ===============================
09:55:40.0500 4112 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
09:55:40.0531 4112 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
09:55:40.0546 4112 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
09:55:40.0578 4112 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
09:55:40.0593 4112 [Global] - ok
09:55:40.0593 4112 ================ Scan MBR ==================================
09:55:40.0609 4112 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:55:40.0859 4112 \Device\Harddisk0\DR0 - ok
09:55:40.0859 4112 ================ Scan VBR ==================================
09:55:40.0859 4112 [ 68BF8F9E75088E0494C483249A4DB324 ] \Device\Harddisk0\DR0\Partition1
09:55:40.0859 4112 \Device\Harddisk0\DR0\Partition1 - ok
09:55:40.0859 4112 ============================================================
09:55:40.0859 4112 Scan finished
09:55:40.0859 4112 ============================================================
09:55:40.0859 1948 Detected object count: 0
09:55:40.0859 1948 Actual detected object count: 0
09:56:08.0484 4140 Deinitialize success

I also ran the SUPERAntiSpyware program. It found one trojan and one malware and a bunch of tracking cookies. I had them removed and rebooted. No log was created, at least that I can locate. It seems that the programs interface has changed a bit from the instructions you provided.

I did a Google search, and the problem seems to have been resolved.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:21 AM

Posted 17 September 2012 - 02:31 PM

OK great news!
If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users