Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox and Applications Freeeeeeezing on XP, But Malware Programs Not Finding Much


  • Please log in to reply
97 replies to this topic

#1 runtotorun121

runtotorun121

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:27 PM

Posted 02 February 2013 - 11:37 PM

Two+ years ago I had fantastic help for bleepingcomputer.com, and now I am back with another bleeping problem. :( Unfortunately, last time I had some detailed information to provided that pointed us to a rootkit infection. This time I am not sure what/if there is an infection or another issue effecting my computer because the problem is a v.e.r.y. slow computer with lots of freezing up, which results in me waiting forEVER to do anything.

I am running XP Home, and here is some additional information:

1. I have a 144GB notebook that is running with 65.9GB free on my C Drive.

2. I have updated Firefox, my primary browser, and all my antivirus/malware programs and run them.

3. I have run Malwarebytes Anti-Malware, and found nothing significant or that improved the situation (removed a few tracking cookies).

4. I have run TDSS Killer, and found nothing.

5. I have run Super Anti-Spyware, and found nothing significant.

6. I have run Adaware, and quarantined a couple of things, but that has not improved the situation.

7. I (think I remember. . .) have run ESET and found nothing.

8. I have Microsoft Security Essentials running real time as my anti-virus.

9. I ran AVAST some weeks/months ago and found nothing, but AVAST really bogged down my computer so I tried removing it and have had some problems with it being completely gone.

The freezing and slowness with my computer is across everything (i.e. browser, applications, opening Control Panel, My Computer, etc.).


I apologize in advance for my ignorance, but please be aware that I am very detail-oriented and can follow direction very well, but I need clear, detailed, step-by-step instructions (without skipping steps or assuming I understand the shortcuts) because I don't have a skill set for maneuvering around fixing computer things on my own.

Because of my limited aptitude for all-things-computer, I am uncertain whether or not this freezing and slowness is a result of an infection or something else. I do have a lot of things that load when my computer boots up, and I would love help eliminating that problem; however, I have always had that with this computer, and it is just within the last few months that I have been having real problems. Differently from my last post in bleepingcomputer.com, I do not have any specific symptoms such as redirecting browsers or rogue icons in my sys tray so that I can take a stab at what is happening. :( My mental health is now in your hands. Please help me stop the anguish! :blink:

Thank you for your time and reply,
Kristie

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:27 PM

Posted 03 February 2013 - 10:18 PM

Hello it may not be malware,but lets check a bit.

Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.




Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.



MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 runtotorun121

runtotorun121
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:27 PM

Posted 04 February 2013 - 10:15 AM

Thanks for the speedy reply! :)

I have run Rkill and MiniToolBox with the results I am going to post below, and I am running aswMBR right now, but while it is running I wanted to let you know a couple of things:

I tried running aswMBR four times yesterday. I attempted to run it three times in regular bootup mode and once in safe mode. Each time I tried, it froze at one point and then I received a pop-up message window saying aswMBR had encountered a problem and needed to be closed (the typical crash window message). The first time it happened I was able to save a copy of where I was at in the process when it stopped running, but there doesn't look to be any information about what happened just prior to the freeze, other than a very general LARGE area it was scanning. Then the other times, including in Safe Mode, when I tried to save the information, to see if I could catch anything different to review, I just ended up with blank notepad pages.

So, again, I am running aswMBR now to see what happens, but I wanted to let you know in advance because it can take some time for it to go through the process.

Also, yesterday I ran some other tools so I could save the logs for review in case anyone wanted to see them. I will run them in the order you direct me to run them and give you the new results, but if you would like to see the logs from yesterday, please let me know. I have the following:

aswMBR X4

MiniToolBox

TDSS

FSS

ESET X2


***Now, importantly, I am afraid I may have made a mistake that I hope does not complicate things. . . :orange:

Yesterday when I ran ESET the first time I forgot to uncheck the box on the first page that removes found threats. :( I apologize if I have done something horrible; however, removing those threats did not seem to magically fix the problem (If, in fact they are truly gone and not hiding or metamorphasizing :( )I did save the log. I can post that for you if you would like to see it, but 11 of 13 found threats were a temp folder variation of this:

C:\Documents and Settings\Kristie\Local Settings\Temporary Internet Files\Content.IE5\OYSS3XNG\finish[1].aspx HTML/ScrInject.B.Gen virus deleted - quarantined

So here are the current Rkill and MiniToolBox results from this morning after I began your instructions, and I will come back to either post the aswMBR if it works this time or let you know it didn't work again:

Rkill

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/04/2013 08:37:15 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\system32\ico.EXE (PID: 2824) [WD-HEUR]
* C:\WINDOWS\system32\FSRremoS.EXE (PID: 2932) [WD-HEUR]
* C:\WINDOWS\system32\Pelmiced.exe (PID: 3080) [WD-HEUR]
* C:\DOCUME~1\Kristie\LOCALS~1\Temp\RtkBtMnt.exe (PID: 3292) [SUP-HEUR]

4 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* System Restore Disabled

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = dword:00000001

Checking Windows Service Integrity:

* System Restore Service (srservice) is not Running.
Startup Type set to: Automatic

* System Restore Filter Driver (sr) is not Running.
Startup Type set to: Disabled

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 02/04/2013 08:38:30 AM
Execution time: 0 hours(s), 1 minute(s), and 15 seconds(s)


MiniToolBox


MiniToolBox by Farbar Version:10-01-2013
Ran by Kristie (administrator) on 04-02-2013 at 08:42:16
Running from "C:\Documents and Settings\Kristie\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR5007EG Wireless Network Adapter = Wireless Network Connection (Connected)
Realtek RTL8102E Family PCI-E Fast Ethernet NIC = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : MyBdayGift

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : kc.rr.com



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . : kc.rr.com

Description . . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter

Physical Address. . . . . . . . . : 00-23-4E-54-10-63

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.107

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 209.18.47.61

209.18.47.62

Lease Obtained. . . . . . . . . . : Monday, February 04, 2013 8:33:05 AM

Lease Expires . . . . . . . . . . : Tuesday, February 05, 2013 8:33:05 AM



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Realtek RTL8102E Family PCI-E Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-23-8B-25-37-AC

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 74.125.227.102, 74.125.227.103, 74.125.227.104, 74.125.227.105
74.125.227.110, 74.125.227.96, 74.125.227.97, 74.125.227.98, 74.125.227.99
74.125.227.100, 74.125.227.101



Pinging google.com [173.194.46.0] with 32 bytes of data:



Reply from 173.194.46.0: bytes=32 time=25ms TTL=53

Reply from 173.194.46.0: bytes=32 time=75ms TTL=53



Ping statistics for 173.194.46.0:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 25ms, Maximum = 75ms, Average = 50ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.139.183.24, 206.190.36.45, 98.138.253.109



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=513ms TTL=49

Reply from 98.139.183.24: bytes=32 time=397ms TTL=49



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 397ms, Maximum = 513ms, Average = 455ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 23 4e 54 10 63 ...... Atheros AR5007EG Wireless Network Adapter - Packet Scheduler Miniport
0x3 ...00 23 8b 25 37 ac ...... Realtek RTL8102E Family PCI-E Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.107 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.107 192.168.1.107 20
192.168.1.0 255.255.255.0 192.168.1.107 192.168.1.107 25
192.168.1.107 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.107 192.168.1.107 25
224.0.0.0 240.0.0.0 192.168.1.107 192.168.1.107 25
255.255.255.255 255.255.255.255 192.168.1.107 3 1
255.255.255.255 255.255.255.255 192.168.1.107 192.168.1.107 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/04/2013 08:37:29 AM) (Source: LoadPerf) (User: )
Description: Unable to read the performance counter strings of the 009 language ID.
The Win32 status returned by the call is the first DWORD in Data section.

Error: (02/04/2013 08:37:26 AM) (Source: LoadPerf) (User: )
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The
Error code is the first DWORD in Data section.

Error: (02/04/2013 08:35:37 AM) (Source: LoadPerf) (User: )
Description: Unable to read the performance counter strings of the 009 language ID.
The Win32 status returned by the call is the first DWORD in Data section.

Error: (02/04/2013 08:35:34 AM) (Source: LoadPerf) (User: )
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The
Error code is the first DWORD in Data section.

Error: (02/03/2013 11:56:27 PM) (Source: Application Error) (User: )
Description: Fault bucket -1016300564.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (02/03/2013 11:55:19 PM) (Source: Application Error) (User: )
Description: Faulting application aswmbr.exe, version 0.9.9.1707, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x0001168b.
Processing media-specific event for [aswmbr.exe!ws!]

Error: (02/03/2013 10:20:41 PM) (Source: LoadPerf) (User: )
Description: Unable to read the performance counter strings of the 009 language ID.
The Win32 status returned by the call is the first DWORD in Data section.

Error: (02/03/2013 10:20:38 PM) (Source: LoadPerf) (User: )
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The
Error code is the first DWORD in Data section.

Error: (02/03/2013 10:00:42 PM) (Source: LoadPerf) (User: )
Description: Unable to read the performance counter strings of the 009 language ID.
The Win32 status returned by the call is the first DWORD in Data section.

Error: (02/03/2013 10:00:39 PM) (Source: LoadPerf) (User: )
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The
Error code is the first DWORD in Data section.


System errors:
=============
Error: (02/04/2013 08:33:02 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Real-time Scanner service failed to start due to the following error:
%%3

Error: (02/04/2013 08:33:02 AM) (Source: Service Control Manager) (User: )
Description: The wntpport service failed to start due to the following error:
%%2

Error: (02/04/2013 08:31:47 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (02/04/2013 08:26:03 AM) (Source: DCOM) (User: MYBDAYGIFT)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (02/04/2013 00:08:57 AM) (Source: DCOM) (User: MYBDAYGIFT)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (02/03/2013 11:55:54 PM) (Source: DCOM) (User: MYBDAYGIFT)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (02/03/2013 10:17:51 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Fips
intelppm
MpFilter
SASDIFSV
SASKUTIL

Error: (02/03/2013 10:16:52 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (02/03/2013 09:57:48 PM) (Source: System Error) (User: )
Description: Error code 1000000a, parameter1 00037a08, parameter2 0000001c, parameter3 00000000, parameter4 804dc511.

Error: (02/03/2013 09:56:12 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Real-time Scanner service failed to start due to the following error:
%%3


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Acer Crystal Eye webcam
Acer Crystal Eye Webcam (Version: 1.0.1.5)
Acer ScreenSaver (Version: 1.11.0613)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Ad-Aware Antivirus (Version: 10.4.49.4168)
Ad-Aware Browsing Protection (Version: 1.0.1.82)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Reader XI (11.0.01) (Version: 11.0.01)
Advertising Center (Version: 0.0.0.1)
Amazon Kindle
Amazon MP3 Downloader 1.0.12 (Version: 1.0.12)
Ambassador
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
ArcSoft MediaImpression Codec (Version: 1.0.0.0)
ArcSoft MediaImpression for Kodak (Version: 2.0.24.1127)
Atheros for Acer Driver v7.6.0.224_Foxconn Installation Program (Version: 7.6.0.224)
Audacity 1.2.6
Audible Download Manager (Version: 6.6.0.12)
BitTorrent
Bluetooth by hp (Version: 5.1.0.3300)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.21)
Click to Call with Skype (Version: 5.6.8153)
Compucon EOS Viewer (Version: 1.00.0000)
Corel Applications
Corel Graphics - Windows Shell Extension (Version: 15.2.0.686)
Corel Graphics - Windows Shell Extension (Version: 15.2.686)
CorelDRAW Graphics Suite X5 - Capture (Version: 15.3)
CorelDRAW Graphics Suite X5 - Common (Version: 15.3)
CorelDRAW Graphics Suite X5 - Connect (Version: 15.3)
CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.3)
CorelDRAW Graphics Suite X5 - Draw (Version: 15.3)
CorelDRAW Graphics Suite X5 - EN (Version: 15.3)
CorelDRAW Graphics Suite X5 - Filters (Version: 15.3)
CorelDRAW Graphics Suite X5 - FontNav (Version: 15.3)
CorelDRAW Graphics Suite X5 - IPM (Version: 15.3)
CorelDRAW Graphics Suite X5 - KPT Collection
CorelDRAW Graphics Suite X5 - KPT Collection (Version: 1.00.0000)
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.3)
CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.3)
CorelDRAW Graphics Suite X5 - Redist (Version: 15.3)
CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.3)
CorelDRAW Graphics Suite X5 - VBA (Version: 15.3)
CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.3)
CorelDRAW Graphics Suite X5 - VSTA (Version: 15.3)
CorelDRAW Graphics Suite X5 - WT (Version: 15.3)
CorelDRAW Graphics Suite X5 (Version: 15.3)
CorelDRAW® Graphics Suite X5 (Version: 15.2.0.686)
COTM Reminder by We-Care.com v5.0.7.2 (Version: 5.0.7.2)
Coupon Printer for Windows (Version: 5.0.0.0)
DNA (Version: 2.2.4 (16502))
DolbyFiles (Version: 0.1)
Embroidery Magic 2
Embroidery Magic 2 Updater
ERUNT 1.1j
ESET Online Scanner v3
Free File Opener v2011.7.0.1 (Version: 2011.7.0.1)
Free M4a to MP3 Converter 7.2
Free Picture Resize Starter 4.5 (Version: 5.5.18)
Free RAR Extract Frog (Version: 4.70)
Free WMA to MP3 Converter 1.16
Freemake Youtube Mp3 Converter (Version: 3.2.0)
Gimp 2.6.2 Debug
Google Desktop (Version: 5.8.0809.23506)
Google Toolbar for Internet Explorer
GoToMeeting 4.8.0.723 (Version: 4.8.0.723)
Greeting Card Creator 32
HP USB Disk Storage Format Tool
ImagXpress (Version: 7.0.74.0)
InCD Help (Version: 6.4.0.0)
IncrediMail (Version: 5.8.6.4332)
Intel® Graphics Media Accelerator Driver
InterVideo Register Manager (Version: 1.0.4.0)
InterVideo WinDVD (Version: 5.0-B11.1255)
iTunes (Version: 11.0.1.12)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
JMicron JMB38X Flash Media Controller (Version: 1.00.16.01)
Kid Pix Deluxe 3
KODAK Share Button App (Version: 4.00.0000.0000)
Launch Manager
Lernout & Hauspie TruVoice American English TTS Engine
Lexmark 5400 Series
MAD Punch V6R2 (Version: 6.2)
Magentic (Version: 1.3.1.837)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office XP Small Business (Version: 10.0.2627.01)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (Version: 9.0.30729)
Microsoft Works (Version: 08.05.0818)
Mozilla Firefox 18.0.1 (x86 en-US) (Version: 18.0.1)
Mozilla Maintenance Service (Version: 18.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
myFairTunes v.7.0.2
Nero 9 Essentials
Nero BurnRights (Version: 3.4.10.100)
Nero BurnRights Help (Version: 3.4.4.100)
Nero ControlCenter (Version: 9.0.0.1)
Nero CoverDesigner (Version: 4.4.9.203)
Nero CoverDesigner Help (Version: 4.4.9.100)
Nero DiscSpeed (Version: 5.4.12.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.10.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.4.14.100)
Nero InfoTool (Version: 6.4.10.100)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero PhotoSnap (Version: 1.53.2.0)
Nero PhotoSnap Help (Version: 1.53.2.0)
Nero Recode (Version: 4.4.22.54)
Nero Recode Help (Version: 4.4.22.0)
Nero ShowTime (Version: 5.4.0.100)
Nero ShowTime (Version: 5.4.13.202)
Nero StartSmart (Version: 9.4.11.210)
Nero StartSmart Help (Version: 9.4.11.100)
Nero StartSmart OEM (Version: 9.4.10.100)
Nero Vision (Version: 6.4.10.205)
Nero Vision Help (Version: 6.4.8.100)
NeroExpress (Version: 9.4.10.506)
neroxml (Version: 1.0.0)
Omron Health Management Software (Version: 1.30.0010)
Palm Desktop by ACCESS (Version: 6.4.0.0)
Picasa 3 (Version: 3.6)
QuickTime (Version: 7.71.80.42)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (Version: 1.17.0000)
Realtek High Definition Audio Driver (Version: 5.10.0.5628)
Rocketfish Apple Bluetooth Driver
Shockwave
Skype™ 5.5 (Version: 5.5.117)
SnagIt 8 (Version: 8.1.0)
SophieSew version 1.13 build 42 (Version: 1.013)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
SpywareBlaster 4.6 (Version: 4.6.1)
Stitch Era Universal (Version: 11.22)
SUPERAntiSpyware (Version: 5.5.1012)
Synaptics Pointing Device Driver (Version: 11.1.4.0)
The Print Shop 12
TomTom HOME 2.7.6.2056 (Version: 2.7.6.2056)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB975364) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB942763) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Visual Basic for Applications ® Core - English (Version: 6.4.99.69)
Visual Basic for Applications ® Core (Version: 6.4.99.69)
WebFldrs XP (Version: 9.50.7523)
Wilcom TrueSizer (Version: 13.0.0198)
Wilcom TrueSizer (Version: 15.0.0196)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 11
Windows Resource Kit Tools - SubInAcl.exe (Version: 5.2.3790.1164)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR archiver
Yahoo! Messenger
Yontoo 1.10.03 (Version: 1.10.03)

========================= Memory info: ===================================

Percentage of memory in use: 57%
Total physical RAM: 1011.88 MB
Available physical RAM: 427.21 MB
Total Pagefile: 2431.34 MB
Available Pagefile: 1910.23 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.77 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:144.17 GB) (Free:65.86 GB) NTFS
2 Drive z: (Storage) (Network) (Total:71.3 GB) (Free:42.49 GB) NTFS

========================= Users: ========================================

User accounts for \\MYBDAYGIFT

Administrator ASPNET Guest
HelpAssistant Kristie SUPPORT_388945a0


**** End of log ****


Thanks so very much for your help!!!
Kristie

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:27 PM

Posted 04 February 2013 - 11:37 AM

Hello I would like to see the ESET log..

Please Rerun RKILL,then run these before rebooting.
Run TDSS again..

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 runtotorun121

runtotorun121
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:27 PM

Posted 04 February 2013 - 12:28 PM

Okay, very good. :)

To update you, I was running back and forth watching aswMBR, and it appeared to get further than it has before, but I still received the notice that it "encountered a problem" and had to be shut down. I took a screen shot of this and pasted it into Word just in case you wanted to see anything. I believe you can read the tiny print from the screen shot if you squint. :wink:

After I post this reply to you I will follow your next instructions. It typically takes Malwarebytes HOURS to run on my computer, so I will let you know what happens after it is finished or crashes. I did see your instructions on how to save it and then try Chameleon if need be. I may go ahead and post TDSS for you before disposition about Malwarebytes since TDSS is pretty quick.

Here is the ESET log from yesterday (I see I also ran one last night in Safe Mode with different results so I will paste both here. I don't know if scanning in Safe MOde is informative or helpful, but just in case you would like to see it.), and just let me know if/when you would like me to rescan with ESET:

First ESET

C:\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Documents and Settings\Kristie\Application Data\Mozilla\Firefox\Profiles\vkbsu0rz.default\extensions\plugin@yontoo.com\content\overlay.js Win32/Adware.Yontoo application cleaned by deleting - quarantined
C:\Documents and Settings\Kristie\Local Settings\Temporary Internet Files\Content.IE5\48LE2XIE\CreativeHandler[1].ashx HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Documents and Settings\Kristie\Local Settings\Temporary Internet Files\Content.IE5\48LE2XIE\finish[1].aspx HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Documents and Settings\Kristie\Local Settings\Temporary Internet Files\Content.IE5\4VYUVNY0\CreativeHandler[1].ashx HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Documents and Settings\Kristie\Local Settings\Temporary Internet Files\Content.IE5\4VYUVNY0\CreativeHandler[2].ashx HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Documents and Settings\Kristie\Local Settings\Temporary Internet Files\Content.IE5\4VYUVNY0\offer[1].aspx HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Documents and Settings\Kristie\Local Settings\Temporary Internet Files\Content.IE5\75LW8AWD\CreativeHandler[1].ashx HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Documents and Settings\Kristie\Local Settings\Temporary Internet Files\Content.IE5\75LW8AWD\CreativeHandler[2].ashx HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Documents and Settings\Kristie\Local Settings\Temporary Internet Files\Content.IE5\IEGV1996\finish[1].aspx HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Documents and Settings\Kristie\Local Settings\Temporary Internet Files\Content.IE5\IEGV1996\offer[1].aspx HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Documents and Settings\Kristie\Local Settings\Temporary Internet Files\Content.IE5\IEGV1996\offer[2].aspx HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Documents and Settings\Kristie\Local Settings\Temporary Internet Files\Content.IE5\OYSS3XNG\finish[1].aspx HTML/ScrInject.B.Gen virus deleted - quarantined

and Safe Mode ESET from last night

C:\Documents and Settings\Kristie\Desktop\m4a-to-mp3-converter.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Documents and Settings\Kristie\Local Settings\Temp\AskSLib.dll a variant of Win32/Bundled.Toolbar.Ask application
C:\Documents and Settings\Kristie\Local Settings\Temp\FreemakeYoutubeMp3Converter_3.2.0.1.exe Win32/OpenCandy application
C:\Documents and Settings\Kristie\My Documents\Downloads\BestVideoDownloader.exe a variant of Win32/KBM.A application
C:\Documents and Settings\Kristie\My Documents\Downloads\FreemakeYoutubeMp3ConverterSetup.exe Win32/OpenCandy application
C:\Documents and Settings\Kristie\My Documents\Virus Stuff\Adaware_Installer.exe Win32/OpenCandy application
C:\RECYCLER\S-1-5-21-2508212050-588791912-289167517-1006\Dc404.exe a variant of Win32/CNETInstaller.A application

See you after Malwarebytes runs!

Kristie

#6 runtotorun121

runtotorun121
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:27 PM

Posted 04 February 2013 - 12:35 PM

Here is the current TDSS:

TDSSKiller

11:29:06.0609 3744 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:29:07.0265 3744 ============================================================
11:29:07.0265 3744 Current date / time: 2013/02/04 11:29:07.0265
11:29:07.0265 3744 SystemInfo:
11:29:07.0265 3744
11:29:07.0265 3744 OS Version: 5.1.2600 ServicePack: 3.0
11:29:07.0265 3744 Product type: Workstation
11:29:07.0265 3744 ComputerName: MYBDAYGIFT
11:29:07.0265 3744 UserName: Kristie
11:29:07.0265 3744 Windows directory: C:\WINDOWS
11:29:07.0265 3744 System windows directory: C:\WINDOWS
11:29:07.0265 3744 Processor architecture: Intel x86
11:29:07.0265 3744 Number of processors: 2
11:29:07.0265 3744 Page size: 0x1000
11:29:07.0265 3744 Boot type: Normal boot
11:29:07.0265 3744 ============================================================
11:29:09.0859 3744 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:29:09.0859 3744 ============================================================
11:29:09.0859 3744 \Device\Harddisk0\DR0:
11:29:09.0859 3744 MBR partitions:
11:29:09.0859 3744 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x9C263D, BlocksNum 0x12056484
11:29:09.0859 3744 ============================================================
11:29:09.0953 3744 C: <-> \Device\Harddisk0\DR0\Partition1
11:29:09.0984 3744 ============================================================
11:29:09.0984 3744 Initialize success
11:29:09.0984 3744 ============================================================
11:29:49.0937 0584 ============================================================
11:29:49.0937 0584 Scan started
11:29:49.0937 0584 Mode: Manual; TDLFS;
11:29:49.0937 0584 ============================================================
11:29:52.0593 0584 ================ Scan system memory ========================
11:29:52.0593 0584 System memory - ok
11:29:52.0593 0584 ================ Scan services =============================
11:29:52.0750 0584 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
11:29:52.0750 0584 !SASCORE - ok
11:29:53.0015 0584 96215798 - ok
11:29:53.0031 0584 Abiosdsk - ok
11:29:53.0078 0584 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
11:29:53.0078 0584 abp480n5 - ok
11:29:53.0203 0584 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
11:29:53.0218 0584 ACDaemon - ok
11:29:53.0234 0584 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:29:53.0250 0584 ACPI - ok
11:29:53.0265 0584 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
11:29:53.0265 0584 ACPIEC - ok
11:29:53.0390 0584 [ A09A61CFDE15E5A67701EA812CE3F43F ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
11:29:53.0468 0584 Ad-Aware Service - ok
11:29:53.0500 0584 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
11:29:53.0500 0584 adpu160m - ok
11:29:53.0578 0584 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:29:53.0593 0584 aec - ok
11:29:53.0640 0584 [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc C:\WINDOWS\system32\drivers\Afc.sys
11:29:53.0656 0584 Afc - ok
11:29:53.0718 0584 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:29:53.0718 0584 AFD - ok
11:29:53.0750 0584 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
11:29:53.0750 0584 agp440 - ok
11:29:53.0765 0584 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
11:29:53.0765 0584 agpCPQ - ok
11:29:53.0781 0584 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
11:29:53.0796 0584 Aha154x - ok
11:29:53.0812 0584 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
11:29:53.0828 0584 aic78u2 - ok
11:29:53.0843 0584 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
11:29:53.0859 0584 aic78xx - ok
11:29:53.0921 0584 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:29:53.0921 0584 Alerter - ok
11:29:53.0953 0584 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
11:29:53.0953 0584 ALG - ok
11:29:53.0968 0584 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
11:29:53.0968 0584 AliIde - ok
11:29:53.0984 0584 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
11:29:53.0984 0584 alim1541 - ok
11:29:54.0000 0584 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
11:29:54.0000 0584 amdagp - ok
11:29:54.0000 0584 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
11:29:54.0015 0584 amsint - ok
11:29:54.0125 0584 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:29:54.0125 0584 Apple Mobile Device - ok
11:29:54.0140 0584 AppMgmt - ok
11:29:54.0250 0584 [ 7CAE93FE5511D0C0688CFA56CF241E31 ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
11:29:54.0281 0584 AR5416 - ok
11:29:54.0343 0584 [ A82F1A1B09593C73EFD02A59DC94920C ] ArcCD C:\WINDOWS\system32\drivers\ArcCD.sys
11:29:54.0343 0584 ArcCD - ok
11:29:54.0375 0584 [ 1AF9061B61741A912368AB4DC309D25E ] ArcRec C:\WINDOWS\system32\drivers\ArcRec.sys
11:29:54.0375 0584 ArcRec - ok
11:29:54.0421 0584 [ 3EE9E41102A2C6B8F7DBAD5D44ABDA05 ] ArcUdfs C:\WINDOWS\system32\drivers\ArcUdfs.sys
11:29:54.0421 0584 ArcUdfs - ok
11:29:54.0453 0584 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
11:29:54.0453 0584 asc - ok
11:29:54.0468 0584 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
11:29:54.0468 0584 asc3350p - ok
11:29:54.0484 0584 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
11:29:54.0500 0584 asc3550 - ok
11:29:54.0656 0584 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:29:54.0671 0584 aspnet_state - ok
11:29:54.0687 0584 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:29:54.0687 0584 AsyncMac - ok
11:29:54.0718 0584 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:29:54.0718 0584 atapi - ok
11:29:54.0734 0584 Atdisk - ok
11:29:54.0781 0584 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:29:54.0781 0584 Atmarpc - ok
11:29:54.0843 0584 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:29:54.0843 0584 AudioSrv - ok
11:29:54.0875 0584 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:29:54.0875 0584 audstub - ok
11:29:54.0906 0584 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:29:54.0906 0584 Beep - ok
11:29:54.0984 0584 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
11:29:55.0000 0584 BITS - ok
11:29:55.0140 0584 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:29:55.0140 0584 Bonjour Service - ok
11:29:55.0218 0584 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
11:29:55.0218 0584 Browser - ok
11:29:55.0312 0584 [ ECDC40CC54603C711E1A7A1C9255184A ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
11:29:55.0328 0584 btaudio - ok
11:29:55.0375 0584 [ 58A49BD10E08D3D4333A60DEDCB1CED8 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
11:29:55.0375 0584 BTDriver - ok
11:29:55.0468 0584 [ 885B6D0F826A216EEE4C3AD883809012 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
11:29:55.0484 0584 BTKRNL - ok
11:29:55.0625 0584 [ 49E9ED37FAEC5E8C03E81FD73D3884D6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
11:29:55.0640 0584 btwdins - ok
11:29:55.0703 0584 [ B1D350F3F13CF340FCE93912D2BA1EBF ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
11:29:55.0703 0584 BTWDNDIS - ok
11:29:55.0750 0584 [ E48668B4A6A5CF68B33AECAD18EE8E1E ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
11:29:55.0750 0584 btwhid - ok
11:29:55.0812 0584 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
11:29:55.0812 0584 BTWUSB - ok
11:29:55.0859 0584 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
11:29:55.0859 0584 cbidf - ok
11:29:55.0875 0584 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:29:55.0875 0584 cbidf2k - ok
11:29:55.0937 0584 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:29:55.0937 0584 CCDECODE - ok
11:29:55.0953 0584 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
11:29:55.0953 0584 cd20xrnt - ok
11:29:56.0000 0584 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:29:56.0000 0584 Cdaudio - ok
11:29:56.0062 0584 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:29:56.0062 0584 Cdfs - ok
11:29:56.0078 0584 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:29:56.0093 0584 Cdrom - ok
11:29:56.0109 0584 Changer - ok
11:29:56.0156 0584 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:29:56.0156 0584 CiSvc - ok
11:29:56.0203 0584 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:29:56.0203 0584 ClipSrv - ok
11:29:56.0250 0584 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:29:56.0312 0584 clr_optimization_v2.0.50727_32 - ok
11:29:56.0421 0584 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:29:56.0421 0584 clr_optimization_v4.0.30319_32 - ok
11:29:56.0484 0584 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:29:56.0484 0584 CmBatt - ok
11:29:56.0562 0584 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
11:29:56.0562 0584 CmdIde - ok
11:29:56.0578 0584 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:29:56.0578 0584 Compbatt - ok
11:29:56.0609 0584 COMSysApp - ok
11:29:56.0656 0584 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
11:29:56.0656 0584 Cpqarray - ok
11:29:56.0718 0584 [ E08AC114B931DACAFBDD9D5E0B93815C ] crlscsi C:\WINDOWS\system32\drivers\crlscsi.sys
11:29:56.0718 0584 crlscsi - ok
11:29:56.0781 0584 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:29:56.0796 0584 CryptSvc - ok
11:29:56.0812 0584 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
11:29:56.0828 0584 dac2w2k - ok
11:29:56.0843 0584 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
11:29:56.0843 0584 dac960nt - ok
11:29:56.0937 0584 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:29:56.0953 0584 DcomLaunch - ok
11:29:57.0015 0584 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:29:57.0031 0584 Dhcp - ok
11:29:57.0093 0584 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:29:57.0093 0584 Disk - ok
11:29:57.0156 0584 [ 08D30AF92C270F2E76787C81589DBAD6 ] DKbFltr C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
11:29:57.0156 0584 DKbFltr - ok
11:29:57.0171 0584 dmadmin - ok
11:29:57.0250 0584 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:29:57.0281 0584 dmboot - ok
11:29:57.0312 0584 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:29:57.0328 0584 dmio - ok
11:29:57.0359 0584 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:29:57.0390 0584 dmload - ok
11:29:57.0437 0584 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:29:57.0437 0584 dmserver - ok
11:29:57.0484 0584 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:29:57.0484 0584 DMusic - ok
11:29:57.0562 0584 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:29:57.0562 0584 Dnscache - ok
11:29:57.0609 0584 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:29:57.0625 0584 Dot3svc - ok
11:29:57.0656 0584 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
11:29:57.0656 0584 dpti2o - ok
11:29:57.0703 0584 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:29:57.0703 0584 drmkaud - ok
11:29:57.0750 0584 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:29:57.0765 0584 EapHost - ok
11:29:57.0796 0584 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:29:57.0812 0584 ERSvc - ok
11:29:57.0875 0584 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
11:29:57.0890 0584 Eventlog - ok
11:29:57.0937 0584 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
11:29:57.0953 0584 EventSystem - ok
11:29:57.0968 0584 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:29:57.0984 0584 Fastfat - ok
11:29:58.0046 0584 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:29:58.0046 0584 FastUserSwitchingCompatibility - ok
11:29:58.0093 0584 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
11:29:58.0109 0584 Fax - ok
11:29:58.0125 0584 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
11:29:58.0125 0584 Fdc - ok
11:29:58.0156 0584 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:29:58.0156 0584 Fips - ok
11:29:58.0171 0584 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
11:29:58.0171 0584 Flpydisk - ok
11:29:58.0250 0584 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:29:58.0250 0584 FltMgr - ok
11:29:58.0375 0584 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:29:58.0406 0584 FontCache3.0.0.0 - ok
11:29:58.0500 0584 [ 8D3B3AD7F9B6EE8AC96B1AD293BB0FB0 ] FreemakeVideoCapture C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
11:29:58.0500 0584 FreemakeVideoCapture - ok
11:29:58.0562 0584 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:29:58.0578 0584 Fs_Rec - ok
11:29:58.0593 0584 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:29:58.0593 0584 Ftdisk - ok
11:29:58.0656 0584 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:29:58.0656 0584 GEARAspiWDM - ok
11:29:58.0734 0584 [ 483924F92E55A5F9423201EC635E2CED ] gfibto C:\WINDOWS\system32\drivers\gfibto.sys
11:29:58.0734 0584 gfibto - ok
11:29:58.0859 0584 [ 9E37E0C528E1E3A79E215B6A4EEA2143 ] GoogleDesktopManager-092308-165331 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
11:29:58.0875 0584 GoogleDesktopManager-092308-165331 - ok
11:29:58.0953 0584 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:29:58.0953 0584 Gpc - ok
11:29:59.0031 0584 [ 1BF044E23206FDDC16891A32922D571B ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:29:59.0031 0584 gusvc - ok
11:29:59.0062 0584 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:29:59.0078 0584 HDAudBus - ok
11:29:59.0156 0584 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:29:59.0156 0584 helpsvc - ok
11:29:59.0218 0584 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
11:29:59.0234 0584 HidServ - ok
11:29:59.0281 0584 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:29:59.0296 0584 HidUsb - ok
11:29:59.0343 0584 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:29:59.0343 0584 hkmsvc - ok
11:29:59.0390 0584 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
11:29:59.0406 0584 hpn - ok
11:29:59.0484 0584 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:29:59.0484 0584 HTTP - ok
11:29:59.0562 0584 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:29:59.0562 0584 HTTPFilter - ok
11:29:59.0625 0584 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
11:29:59.0625 0584 i2omgmt - ok
11:29:59.0656 0584 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
11:29:59.0656 0584 i2omp - ok
11:29:59.0687 0584 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:29:59.0687 0584 i8042prt - ok
11:30:00.0031 0584 [ 48846B31BE5A4FA662CCFDE7A1BA86B9 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
11:30:00.0328 0584 ialm - ok
11:30:00.0421 0584 [ B4CFE83F1AA235141A62CF4D715C354D ] iComp C:\WINDOWS\system32\DRIVERS\HCWUSB2.sys
11:30:00.0468 0584 iComp - ok
11:30:00.0515 0584 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:30:00.0515 0584 IDriverT - ok
11:30:00.0625 0584 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:30:00.0671 0584 idsvc - ok
11:30:00.0718 0584 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:30:00.0718 0584 Imapi - ok
11:30:00.0796 0584 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:30:00.0812 0584 ImapiService - ok
11:30:00.0875 0584 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
11:30:00.0875 0584 ini910u - ok
11:30:00.0968 0584 [ 4D8D5B1C895EA0F2A721B98A7CE198F1 ] int15.sys C:\Acer\Empowering Technology\eRecovery\int15.sys
11:30:00.0968 0584 int15.sys - ok
11:30:01.0234 0584 [ 19AFBB8427CE65042599555E578170DF ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:30:01.0515 0584 IntcAzAudAddService - ok
11:30:01.0562 0584 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
11:30:01.0562 0584 IntelIde - ok
11:30:01.0625 0584 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:30:01.0625 0584 intelppm - ok
11:30:01.0671 0584 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:30:01.0671 0584 Ip6Fw - ok
11:30:01.0734 0584 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:30:01.0734 0584 IpFilterDriver - ok
11:30:01.0781 0584 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:30:01.0781 0584 IpInIp - ok
11:30:01.0828 0584 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:30:01.0828 0584 IpNat - ok
11:30:01.0937 0584 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:30:01.0953 0584 iPod Service - ok
11:30:01.0984 0584 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:30:01.0984 0584 IPSec - ok
11:30:02.0031 0584 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:30:02.0031 0584 IRENUM - ok
11:30:02.0078 0584 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:30:02.0078 0584 isapnp - ok
11:30:02.0140 0584 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
11:30:02.0140 0584 IviRegMgr - ok
11:30:02.0203 0584 [ 5472D771C0197355C1D347F20392B982 ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
11:30:02.0203 0584 JavaQuickStarterService - ok
11:30:02.0265 0584 [ DA971CFC625D13636E04C405948E9D62 ] JMCR C:\WINDOWS\system32\DRIVERS\jmcr.sys
11:30:02.0281 0584 JMCR - ok
11:30:02.0328 0584 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:30:02.0328 0584 Kbdclass - ok
11:30:02.0390 0584 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:30:02.0390 0584 kbdhid - ok
11:30:02.0437 0584 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:30:02.0437 0584 kmixer - ok
11:30:02.0515 0584 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:30:02.0515 0584 KSecDD - ok
11:30:02.0593 0584 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
11:30:02.0609 0584 LanmanServer - ok
11:30:02.0687 0584 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:30:02.0687 0584 lanmanworkstation - ok
11:30:02.0718 0584 lbrtfdc - ok
11:30:02.0796 0584 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:30:02.0796 0584 LmHosts - ok
11:30:02.0812 0584 lxct_device - ok
11:30:02.0890 0584 [ 29ED05C1DAFD2E830DFE48DE212DD34F ] M3000Srv C:\WINDOWS\system32\Drivers\M3000KNT.sys
11:30:02.0890 0584 M3000Srv - ok
11:30:02.0906 0584 McShield - ok
11:30:02.0921 0584 McSysmon - ok
11:30:02.0984 0584 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:30:02.0984 0584 Messenger - ok
11:30:03.0000 0584 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:30:03.0015 0584 mnmdd - ok
11:30:03.0046 0584 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:30:03.0046 0584 mnmsrvc - ok
11:30:03.0093 0584 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:30:03.0093 0584 Modem - ok
11:30:03.0171 0584 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:30:03.0171 0584 Mouclass - ok
11:30:03.0203 0584 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:30:03.0203 0584 mouhid - ok
11:30:03.0250 0584 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:30:03.0250 0584 MountMgr - ok
11:30:03.0312 0584 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:30:03.0328 0584 MozillaMaintenance - ok
11:30:03.0359 0584 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
11:30:03.0375 0584 MpFilter - ok
11:30:03.0390 0584 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
11:30:03.0390 0584 mraid35x - ok
11:30:03.0421 0584 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:30:03.0421 0584 MRxDAV - ok
11:30:03.0500 0584 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:30:03.0515 0584 MRxSmb - ok
11:30:03.0578 0584 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:30:03.0578 0584 MSDTC - ok
11:30:03.0609 0584 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:30:03.0625 0584 Msfs - ok
11:30:03.0640 0584 MSIServer - ok
11:30:03.0671 0584 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:30:03.0687 0584 MSKSSRV - ok
11:30:03.0781 0584 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:30:03.0781 0584 MsMpSvc - ok
11:30:03.0828 0584 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:30:03.0828 0584 MSPCLOCK - ok
11:30:03.0843 0584 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:30:03.0859 0584 MSPQM - ok
11:30:03.0890 0584 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:30:03.0906 0584 mssmbios - ok
11:30:03.0953 0584 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
11:30:03.0953 0584 MSTEE - ok
11:30:04.0000 0584 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:30:04.0015 0584 Mup - ok
11:30:04.0078 0584 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:30:04.0093 0584 NABTSFEC - ok
11:30:04.0156 0584 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
11:30:04.0171 0584 napagent - ok
11:30:04.0250 0584 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:30:04.0250 0584 NDIS - ok
11:30:04.0296 0584 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:30:04.0296 0584 NdisIP - ok
11:30:04.0343 0584 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:30:04.0343 0584 NdisTapi - ok
11:30:04.0375 0584 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:30:04.0375 0584 Ndisuio - ok
11:30:04.0390 0584 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:30:04.0390 0584 NdisWan - ok
11:30:04.0468 0584 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:30:04.0468 0584 NDProxy - ok
11:30:04.0640 0584 [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
11:30:04.0671 0584 Nero BackItUp Scheduler 4.0 - ok
11:30:04.0750 0584 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:30:04.0750 0584 NetBIOS - ok
11:30:04.0812 0584 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:30:04.0812 0584 NetBT - ok
11:30:04.0875 0584 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
11:30:04.0890 0584 NetDDE - ok
11:30:04.0906 0584 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:30:04.0906 0584 NetDDEdsdm - ok
11:30:04.0968 0584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:30:04.0968 0584 Netlogon - ok
11:30:05.0000 0584 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
11:30:05.0015 0584 Netman - ok
11:30:05.0062 0584 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:30:05.0078 0584 NetTcpPortSharing - ok
11:30:05.0140 0584 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
11:30:05.0156 0584 Nla - ok
11:30:05.0203 0584 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] npf C:\WINDOWS\system32\drivers\npf.sys
11:30:05.0218 0584 npf - ok
11:30:05.0281 0584 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:30:05.0281 0584 Npfs - ok
11:30:05.0312 0584 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:30:05.0328 0584 Ntfs - ok
11:30:05.0359 0584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:30:05.0359 0584 NtLmSsp - ok
11:30:05.0421 0584 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:30:05.0437 0584 NtmsSvc - ok
11:30:05.0484 0584 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:30:05.0500 0584 Null - ok
11:30:05.0546 0584 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:30:05.0546 0584 NwlnkFlt - ok
11:30:05.0578 0584 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:30:05.0578 0584 NwlnkFwd - ok
11:30:05.0765 0584 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:30:05.0781 0584 odserv - ok
11:30:05.0828 0584 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:30:05.0843 0584 ose - ok
11:30:05.0890 0584 [ DC450992EBA6F914080C1F7FBEEED72C ] PalmUSBD C:\WINDOWS\system32\drivers\PalmUSBD.sys
11:30:05.0890 0584 PalmUSBD - ok
11:30:05.0937 0584 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
11:30:05.0937 0584 Parport - ok
11:30:05.0984 0584 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:30:05.0984 0584 PartMgr - ok
11:30:06.0031 0584 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:30:06.0031 0584 ParVdm - ok
11:30:06.0046 0584 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:30:06.0062 0584 PCI - ok
11:30:06.0078 0584 PCIDump - ok
11:30:06.0093 0584 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:30:06.0093 0584 PCIIde - ok
11:30:06.0125 0584 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:30:06.0125 0584 Pcmcia - ok
11:30:06.0140 0584 PDCOMP - ok
11:30:06.0156 0584 PDFRAME - ok
11:30:06.0171 0584 PDRELI - ok
11:30:06.0171 0584 PDRFRAME - ok
11:30:06.0234 0584 [ 95B64E97C0B618B90D87A8FF4AC0B53D ] pelmouse C:\WINDOWS\system32\DRIVERS\pelmouse.sys
11:30:06.0234 0584 pelmouse - ok
11:30:06.0265 0584 [ 6109A990D5832E0A93D1E4948CFA2AE2 ] pelusblf C:\WINDOWS\system32\DRIVERS\pelusblf.sys
11:30:06.0265 0584 pelusblf - ok
11:30:06.0281 0584 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
11:30:06.0281 0584 perc2 - ok
11:30:06.0296 0584 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
11:30:06.0296 0584 perc2hib - ok
11:30:06.0359 0584 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
11:30:06.0359 0584 PlugPlay - ok
11:30:06.0375 0584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:30:06.0375 0584 PolicyAgent - ok
11:30:06.0437 0584 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:30:06.0437 0584 PptpMiniport - ok
11:30:06.0453 0584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:30:06.0453 0584 ProtectedStorage - ok
11:30:06.0468 0584 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:30:06.0468 0584 PSched - ok
11:30:06.0515 0584 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
11:30:06.0515 0584 PSI_SVC_2 - ok
11:30:06.0531 0584 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:30:06.0531 0584 Ptilink - ok
11:30:06.0578 0584 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
11:30:06.0593 0584 ql1080 - ok
11:30:06.0593 0584 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
11:30:06.0593 0584 Ql10wnt - ok
11:30:06.0609 0584 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
11:30:06.0609 0584 ql12160 - ok
11:30:06.0625 0584 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
11:30:06.0625 0584 ql1240 - ok
11:30:06.0640 0584 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
11:30:06.0640 0584 ql1280 - ok
11:30:06.0656 0584 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:30:06.0656 0584 RasAcd - ok
11:30:06.0703 0584 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:30:06.0718 0584 RasAuto - ok
11:30:06.0750 0584 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:30:06.0750 0584 Rasl2tp - ok
11:30:06.0781 0584 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:30:06.0781 0584 RasMan - ok
11:30:06.0796 0584 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:30:06.0796 0584 RasPppoe - ok
11:30:06.0812 0584 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:30:06.0812 0584 Raspti - ok
11:30:06.0843 0584 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:30:06.0843 0584 Rdbss - ok
11:30:06.0890 0584 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:30:06.0890 0584 RDPCDD - ok
11:30:06.0937 0584 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:30:06.0953 0584 rdpdr - ok
11:30:07.0000 0584 [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:30:07.0000 0584 RDPWD - ok
11:30:07.0062 0584 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:30:07.0062 0584 RDSessMgr - ok
11:30:07.0109 0584 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:30:07.0109 0584 redbook - ok
11:30:07.0156 0584 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:30:07.0171 0584 RemoteAccess - ok
11:30:07.0218 0584 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
11:30:07.0218 0584 ROOTMODEM - ok
11:30:07.0250 0584 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
11:30:07.0265 0584 RpcLocator - ok
11:30:07.0328 0584 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
11:30:07.0343 0584 RpcSs - ok
11:30:07.0390 0584 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:30:07.0390 0584 RSVP - ok
11:30:07.0453 0584 [ F0A21C62B9B835E1C96268EAAE31D239 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
11:30:07.0468 0584 RTLE8023xp - ok
11:30:07.0484 0584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
11:30:07.0500 0584 SamSs - ok
11:30:07.0578 0584 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
11:30:07.0578 0584 SASDIFSV - ok
11:30:07.0593 0584 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
11:30:07.0593 0584 SASKUTIL - ok
11:30:07.0843 0584 [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
11:30:08.0031 0584 SBAMSvc - ok
11:30:08.0109 0584 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:30:08.0125 0584 SCardSvr - ok
11:30:08.0171 0584 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:30:08.0187 0584 Schedule - ok
11:30:08.0234 0584 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:30:08.0234 0584 Secdrv - ok
11:30:08.0250 0584 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:30:08.0265 0584 seclogon - ok
11:30:08.0281 0584 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
11:30:08.0296 0584 SENS - ok
11:30:08.0343 0584 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
11:30:08.0343 0584 Serial - ok
11:30:08.0437 0584 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
11:30:08.0437 0584 Sfloppy - ok
11:30:08.0515 0584 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:30:08.0531 0584 SharedAccess - ok
11:30:08.0562 0584 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:30:08.0578 0584 ShellHWDetection - ok
11:30:08.0593 0584 Simbad - ok
11:30:08.0656 0584 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
11:30:08.0656 0584 sisagp - ok
11:30:08.0718 0584 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:30:08.0734 0584 SLIP - ok
11:30:08.0765 0584 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
11:30:08.0765 0584 Sparrow - ok
11:30:08.0812 0584 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:30:08.0812 0584 splitter - ok
11:30:08.0875 0584 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:30:08.0890 0584 Spooler - ok
11:30:08.0921 0584 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:30:08.0937 0584 sr - ok
11:30:09.0000 0584 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
11:30:09.0000 0584 srservice - ok
11:30:09.0093 0584 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:30:09.0093 0584 Srv - ok
11:30:09.0140 0584 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:30:09.0140 0584 SSDPSRV - ok
11:30:09.0234 0584 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:30:09.0265 0584 stisvc - ok
11:30:09.0328 0584 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:30:09.0328 0584 streamip - ok
11:30:09.0390 0584 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:30:09.0390 0584 swenum - ok
11:30:09.0453 0584 [ EBEEE5B1ECAD1DAD0BABC60F82CB96CF ] swiwdmbus C:\WINDOWS\system32\DRIVERS\swiwdmbus.sys
11:30:09.0453 0584 swiwdmbus - ok
11:30:09.0500 0584 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:30:09.0515 0584 swmidi - ok
11:30:09.0562 0584 [ D1AD925DAC20520D019281D03334F50B ] SWNC8UA3 C:\WINDOWS\system32\DRIVERS\swnc8ua3.sys
11:30:09.0578 0584 SWNC8UA3 - ok
11:30:09.0593 0584 SwPrv - ok
11:30:09.0640 0584 [ ACC595933992488B5DE0A5AE17019F75 ] SWUMXA3 C:\WINDOWS\system32\DRIVERS\swumxa3.sys
11:30:09.0640 0584 SWUMXA3 - ok
11:30:09.0703 0584 [ 9B2BDD7A8629A9C5A55CD5635DDF136F ] SydexFDD C:\WINDOWS\system32\Drivers\sydexfdd.sys
11:30:09.0703 0584 SydexFDD - ok
11:30:09.0765 0584 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
11:30:09.0765 0584 symc810 - ok
11:30:09.0781 0584 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
11:30:09.0781 0584 symc8xx - ok
11:30:09.0796 0584 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
11:30:09.0812 0584 sym_hi - ok
11:30:09.0828 0584 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
11:30:09.0828 0584 sym_u3 - ok
11:30:09.0875 0584 [ 409F7EEB079D6154CCB26A02E6E27844 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
11:30:09.0890 0584 SynTP - ok
11:30:09.0921 0584 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:30:09.0921 0584 sysaudio - ok
11:30:09.0984 0584 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:30:09.0984 0584 SysmonLog - ok
11:30:10.0031 0584 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:30:10.0046 0584 TapiSrv - ok
11:30:10.0140 0584 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:30:10.0156 0584 Tcpip - ok
11:30:10.0218 0584 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:30:10.0218 0584 TDPIPE - ok
11:30:10.0250 0584 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:30:10.0250 0584 TDTCP - ok
11:30:10.0296 0584 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:30:10.0296 0584 TermDD - ok
11:30:10.0375 0584 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
11:30:10.0390 0584 TermService - ok
11:30:10.0421 0584 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
11:30:10.0437 0584 Themes - ok
11:30:10.0578 0584 [ 747E60B773E95F6C93D5621B550D6865 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
11:30:10.0593 0584 TomTomHOMEService - ok
11:30:10.0656 0584 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
11:30:10.0656 0584 TosIde - ok
11:30:10.0734 0584 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:30:10.0750 0584 TrkWks - ok
11:30:10.0781 0584 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:30:10.0796 0584 Udfs - ok
11:30:10.0812 0584 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
11:30:10.0812 0584 ultra - ok
11:30:10.0859 0584 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:30:10.0875 0584 Update - ok
11:30:10.0906 0584 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:30:10.0921 0584 upnphost - ok
11:30:10.0968 0584 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
11:30:10.0968 0584 UPS - ok
11:30:11.0031 0584 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
11:30:11.0031 0584 USBAAPL - ok
11:30:11.0093 0584 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:30:11.0093 0584 usbccgp - ok
11:30:11.0156 0584 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:30:11.0156 0584 usbehci - ok
11:30:11.0171 0584 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:30:11.0187 0584 usbhub - ok
11:30:11.0234 0584 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:30:11.0234 0584 usbprint - ok
11:30:11.0281 0584 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:30:11.0281 0584 usbscan - ok
11:30:11.0328 0584 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:30:11.0328 0584 USBSTOR - ok
11:30:11.0343 0584 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:30:11.0359 0584 usbuhci - ok
11:30:11.0375 0584 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:30:11.0375 0584 VgaSave - ok
11:30:11.0406 0584 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
11:30:11.0406 0584 viaagp - ok
11:30:11.0421 0584 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
11:30:11.0437 0584 ViaIde - ok
11:30:11.0468 0584 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:30:11.0484 0584 VolSnap - ok
11:30:11.0515 0584 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
11:30:11.0531 0584 VSS - ok
11:30:11.0578 0584 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
11:30:11.0578 0584 W32Time - ok
11:30:11.0640 0584 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:30:11.0640 0584 Wanarp - ok
11:30:11.0656 0584 WDICA - ok
11:30:11.0703 0584 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:30:11.0703 0584 wdmaud - ok
11:30:11.0718 0584 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:30:11.0734 0584 WebClient - ok
11:30:11.0859 0584 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:30:11.0875 0584 winmgmt - ok
11:30:11.0937 0584 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
11:30:11.0953 0584 WmdmPmSN - ok
11:30:12.0000 0584 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
11:30:12.0000 0584 WmiAcpi - ok
11:30:12.0062 0584 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:30:12.0062 0584 WmiApSrv - ok
11:30:12.0171 0584 [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
11:30:12.0187 0584 WMPNetworkSvc - ok
11:30:12.0203 0584 wntpport - ok
11:30:12.0359 0584 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:30:12.0421 0584 WPFFontCache_v0400 - ok
11:30:12.0484 0584 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:30:12.0484 0584 wscsvc - ok
11:30:12.0562 0584 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:30:12.0562 0584 WSTCODEC - ok
11:30:12.0593 0584 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:30:12.0609 0584 wuauserv - ok
11:30:12.0656 0584 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:30:12.0656 0584 WudfPf - ok
11:30:12.0703 0584 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:30:12.0703 0584 WudfRd - ok
11:30:12.0718 0584 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
11:30:12.0718 0584 WudfSvc - ok
11:30:12.0765 0584 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:30:12.0781 0584 WZCSVC - ok
11:30:12.0843 0584 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:30:12.0843 0584 xmlprov - ok
11:30:12.0875 0584 ================ Scan global ===============================
11:30:12.0921 0584 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
11:30:12.0984 0584 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:30:13.0015 0584 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:30:13.0031 0584 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
11:30:13.0031 0584 [Global] - ok
11:30:13.0046 0584 ================ Scan MBR ==================================
11:30:13.0062 0584 [ 99852D5C3A78447C3D6D82B6155FE848 ] \Device\Harddisk0\DR0
11:30:21.0078 0584 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:30:21.0078 0584 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:30:21.0078 0584 ================ Scan VBR ==================================
11:30:21.0093 0584 [ FE839D9C5F95B59E06F1799C58BCEE0C ] \Device\Harddisk0\DR0\Partition1
11:30:21.0093 0584 \Device\Harddisk0\DR0\Partition1 - ok
11:30:21.0093 0584 ============================================================
11:30:21.0093 0584 Scan finished
11:30:21.0093 0584 ============================================================
11:30:21.0125 0688 Detected object count: 1
11:30:21.0125 0688 Actual detected object count: 1
11:30:46.0000 0688 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:30:46.0000 0688 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:27 PM

Posted 04 February 2013 - 12:55 PM

Go into Control Panel //Add/Remove and uninstall these.. They are older and exploitable by malware.

Java™ 6 Update 22 (Version: 6.0.220)
Java™ 7 Update 4 (Version: 7.0.40)



Rerun TDSS and change the option on these to Cure or Delete
11:30:46.0000 0688 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:30:46.0000 0688 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 runtotorun121

runtotorun121
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:27 PM

Posted 04 February 2013 - 05:08 PM

Had to run some errands this afternoon, but ran Malwarebytes once before I left and then again as I was heading out the door because I am skeptical of the Quick Scan result that said nothing malicious was found the first time I scanned; however, second scan said the same thing. Does that seem strange since the aswMBR just won't finish scanning before freezing? I had guessed the freezing was caused by a virus shutting it down. . .

I will post the results below and then go make the Java and TDSS changes you instructed.

Malwarebytes

(I think this is the second one, based on time, but I can't locate the other saved document. :( I thought I saved them both to my desktop, but only one is there right now, and I am guessing this is the second one because it was placed on my desktop after I should have left the house. . .)

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.04.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Kristie :: MYBDAYGIFT [administrator]

2/4/2013 11:53:17 AM
mbam-log-2013-02-04 (11-53-17).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 248219
Time elapsed: 15 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#9 runtotorun121

runtotorun121
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:27 PM

Posted 04 February 2013 - 05:20 PM

Okay, next steps completed:

1. Removed the Java 6 and 7 updates. Will I need to update Java then later? Seems I get little pop-ups telling me to do this. :huh:

2. Ran TDSSKiller again, and changed the options to "Delete". I am pasting the scan report below, but it appears to me that it "delete"d only partially and "copied to quarantine"d the rest. Is that okay?

TDSSKiller


16:12:02.0765 3088 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:12:03.0312 3088 ============================================================
16:12:03.0312 3088 Current date / time: 2013/02/04 16:12:03.0312
16:12:03.0312 3088 SystemInfo:
16:12:03.0312 3088
16:12:03.0312 3088 OS Version: 5.1.2600 ServicePack: 3.0
16:12:03.0312 3088 Product type: Workstation
16:12:03.0312 3088 ComputerName: MYBDAYGIFT
16:12:03.0312 3088 UserName: Kristie
16:12:03.0312 3088 Windows directory: C:\WINDOWS
16:12:03.0312 3088 System windows directory: C:\WINDOWS
16:12:03.0312 3088 Processor architecture: Intel x86
16:12:03.0312 3088 Number of processors: 2
16:12:03.0312 3088 Page size: 0x1000
16:12:03.0312 3088 Boot type: Normal boot
16:12:03.0312 3088 ============================================================
16:12:05.0203 3088 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:12:05.0203 3088 ============================================================
16:12:05.0203 3088 \Device\Harddisk0\DR0:
16:12:05.0203 3088 MBR partitions:
16:12:05.0203 3088 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x9C263D, BlocksNum 0x12056484
16:12:05.0203 3088 ============================================================
16:12:05.0265 3088 C: <-> \Device\Harddisk0\DR0\Partition1
16:12:05.0265 3088 ============================================================
16:12:05.0265 3088 Initialize success
16:12:05.0265 3088 ============================================================
16:12:27.0906 2448 ============================================================
16:12:27.0906 2448 Scan started
16:12:27.0906 2448 Mode: Manual; TDLFS;
16:12:27.0906 2448 ============================================================
16:12:29.0843 2448 ================ Scan system memory ========================
16:12:29.0843 2448 System memory - ok
16:12:29.0843 2448 ================ Scan services =============================
16:12:30.0000 2448 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
16:12:30.0015 2448 !SASCORE - ok
16:12:30.0250 2448 96215798 - ok
16:12:30.0265 2448 Abiosdsk - ok
16:12:30.0312 2448 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
16:12:30.0312 2448 abp480n5 - ok
16:12:30.0437 2448 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:12:30.0453 2448 ACDaemon - ok
16:12:30.0468 2448 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:12:30.0484 2448 ACPI - ok
16:12:30.0500 2448 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
16:12:30.0500 2448 ACPIEC - ok
16:12:30.0609 2448 [ A09A61CFDE15E5A67701EA812CE3F43F ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
16:12:30.0671 2448 Ad-Aware Service - ok
16:12:30.0718 2448 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
16:12:30.0718 2448 adpu160m - ok
16:12:30.0796 2448 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:12:30.0796 2448 aec - ok
16:12:30.0859 2448 [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc C:\WINDOWS\system32\drivers\Afc.sys
16:12:30.0859 2448 Afc - ok
16:12:30.0937 2448 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:12:30.0937 2448 AFD - ok
16:12:30.0953 2448 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
16:12:30.0953 2448 agp440 - ok
16:12:30.0968 2448 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
16:12:30.0984 2448 agpCPQ - ok
16:12:31.0000 2448 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
16:12:31.0000 2448 Aha154x - ok
16:12:31.0015 2448 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
16:12:31.0031 2448 aic78u2 - ok
16:12:31.0046 2448 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
16:12:31.0046 2448 aic78xx - ok
16:12:31.0109 2448 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:12:31.0109 2448 Alerter - ok
16:12:31.0156 2448 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
16:12:31.0156 2448 ALG - ok
16:12:31.0171 2448 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
16:12:31.0171 2448 AliIde - ok
16:12:31.0203 2448 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
16:12:31.0218 2448 alim1541 - ok
16:12:31.0234 2448 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
16:12:31.0234 2448 amdagp - ok
16:12:31.0250 2448 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
16:12:31.0250 2448 amsint - ok
16:12:31.0375 2448 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:12:31.0375 2448 Apple Mobile Device - ok
16:12:31.0390 2448 AppMgmt - ok
16:12:31.0515 2448 [ 7CAE93FE5511D0C0688CFA56CF241E31 ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
16:12:31.0562 2448 AR5416 - ok
16:12:31.0609 2448 [ A82F1A1B09593C73EFD02A59DC94920C ] ArcCD C:\WINDOWS\system32\drivers\ArcCD.sys
16:12:31.0625 2448 ArcCD - ok
16:12:31.0671 2448 [ 1AF9061B61741A912368AB4DC309D25E ] ArcRec C:\WINDOWS\system32\drivers\ArcRec.sys
16:12:31.0687 2448 ArcRec - ok
16:12:31.0750 2448 [ 3EE9E41102A2C6B8F7DBAD5D44ABDA05 ] ArcUdfs C:\WINDOWS\system32\drivers\ArcUdfs.sys
16:12:31.0750 2448 ArcUdfs - ok
16:12:31.0796 2448 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
16:12:31.0796 2448 asc - ok
16:12:31.0812 2448 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
16:12:31.0812 2448 asc3350p - ok
16:12:31.0828 2448 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
16:12:31.0843 2448 asc3550 - ok
16:12:32.0015 2448 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:12:32.0046 2448 aspnet_state - ok
16:12:32.0062 2448 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:12:32.0062 2448 AsyncMac - ok
16:12:32.0078 2448 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:12:32.0093 2448 atapi - ok
16:12:32.0109 2448 Atdisk - ok
16:12:32.0156 2448 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:12:32.0156 2448 Atmarpc - ok
16:12:32.0218 2448 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:12:32.0218 2448 AudioSrv - ok
16:12:32.0250 2448 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:12:32.0250 2448 audstub - ok
16:12:32.0296 2448 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:12:32.0296 2448 Beep - ok
16:12:32.0375 2448 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
16:12:32.0406 2448 BITS - ok
16:12:32.0531 2448 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:12:32.0546 2448 Bonjour Service - ok
16:12:32.0609 2448 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
16:12:32.0609 2448 Browser - ok
16:12:32.0703 2448 [ ECDC40CC54603C711E1A7A1C9255184A ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
16:12:32.0718 2448 btaudio - ok
16:12:32.0765 2448 [ 58A49BD10E08D3D4333A60DEDCB1CED8 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
16:12:32.0781 2448 BTDriver - ok
16:12:32.0859 2448 [ 885B6D0F826A216EEE4C3AD883809012 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
16:12:32.0890 2448 BTKRNL - ok
16:12:33.0015 2448 [ 49E9ED37FAEC5E8C03E81FD73D3884D6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
16:12:33.0031 2448 btwdins - ok
16:12:33.0093 2448 [ B1D350F3F13CF340FCE93912D2BA1EBF ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
16:12:33.0093 2448 BTWDNDIS - ok
16:12:33.0140 2448 [ E48668B4A6A5CF68B33AECAD18EE8E1E ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
16:12:33.0140 2448 btwhid - ok
16:12:33.0187 2448 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
16:12:33.0187 2448 BTWUSB - ok
16:12:33.0234 2448 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
16:12:33.0250 2448 cbidf - ok
16:12:33.0265 2448 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:12:33.0265 2448 cbidf2k - ok
16:12:33.0343 2448 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:12:33.0343 2448 CCDECODE - ok
16:12:33.0359 2448 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
16:12:33.0359 2448 cd20xrnt - ok
16:12:33.0390 2448 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:12:33.0390 2448 Cdaudio - ok
16:12:33.0437 2448 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:12:33.0453 2448 Cdfs - ok
16:12:33.0484 2448 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:12:33.0484 2448 Cdrom - ok
16:12:33.0500 2448 Changer - ok
16:12:33.0546 2448 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:12:33.0562 2448 CiSvc - ok
16:12:33.0578 2448 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:12:33.0593 2448 ClipSrv - ok
16:12:33.0625 2448 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:12:33.0656 2448 clr_optimization_v2.0.50727_32 - ok
16:12:33.0765 2448 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:12:33.0781 2448 clr_optimization_v4.0.30319_32 - ok
16:12:33.0843 2448 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
16:12:33.0843 2448 CmBatt - ok
16:12:33.0921 2448 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
16:12:33.0921 2448 CmdIde - ok
16:12:33.0937 2448 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
16:12:33.0937 2448 Compbatt - ok
16:12:33.0968 2448 COMSysApp - ok
16:12:34.0015 2448 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
16:12:34.0015 2448 Cpqarray - ok
16:12:34.0078 2448 [ E08AC114B931DACAFBDD9D5E0B93815C ] crlscsi C:\WINDOWS\system32\drivers\crlscsi.sys
16:12:34.0078 2448 crlscsi - ok
16:12:34.0156 2448 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:12:34.0156 2448 CryptSvc - ok
16:12:34.0187 2448 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
16:12:34.0203 2448 dac2w2k - ok
16:12:34.0234 2448 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
16:12:34.0234 2448 dac960nt - ok
16:12:34.0312 2448 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:12:34.0328 2448 DcomLaunch - ok
16:12:34.0406 2448 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:12:34.0406 2448 Dhcp - ok
16:12:34.0468 2448 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:12:34.0468 2448 Disk - ok
16:12:34.0531 2448 [ 08D30AF92C270F2E76787C81589DBAD6 ] DKbFltr C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
16:12:34.0546 2448 DKbFltr - ok
16:12:34.0562 2448 dmadmin - ok
16:12:34.0625 2448 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:12:34.0656 2448 dmboot - ok
16:12:34.0703 2448 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:12:34.0703 2448 dmio - ok
16:12:34.0750 2448 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:12:34.0765 2448 dmload - ok
16:12:34.0796 2448 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:12:34.0796 2448 dmserver - ok
16:12:34.0843 2448 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:12:34.0843 2448 DMusic - ok
16:12:34.0906 2448 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:12:34.0906 2448 Dnscache - ok
16:12:34.0953 2448 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:12:34.0968 2448 Dot3svc - ok
16:12:35.0000 2448 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
16:12:35.0015 2448 dpti2o - ok
16:12:35.0046 2448 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:12:35.0062 2448 drmkaud - ok
16:12:35.0093 2448 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:12:35.0093 2448 EapHost - ok
16:12:35.0156 2448 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:12:35.0171 2448 ERSvc - ok
16:12:35.0234 2448 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
16:12:35.0250 2448 Eventlog - ok
16:12:35.0296 2448 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
16:12:35.0312 2448 EventSystem - ok
16:12:35.0328 2448 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:12:35.0343 2448 Fastfat - ok
16:12:35.0390 2448 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:12:35.0406 2448 FastUserSwitchingCompatibility - ok
16:12:35.0453 2448 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
16:12:35.0468 2448 Fax - ok
16:12:35.0484 2448 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
16:12:35.0484 2448 Fdc - ok
16:12:35.0515 2448 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:12:35.0515 2448 Fips - ok
16:12:35.0531 2448 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
16:12:35.0531 2448 Flpydisk - ok
16:12:35.0609 2448 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
16:12:35.0609 2448 FltMgr - ok
16:12:35.0734 2448 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:12:35.0734 2448 FontCache3.0.0.0 - ok
16:12:35.0828 2448 [ 8D3B3AD7F9B6EE8AC96B1AD293BB0FB0 ] FreemakeVideoCapture C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
16:12:35.0843 2448 FreemakeVideoCapture - ok
16:12:35.0859 2448 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:12:35.0859 2448 Fs_Rec - ok
16:12:35.0875 2448 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:12:35.0890 2448 Ftdisk - ok
16:12:35.0937 2448 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
16:12:35.0937 2448 GEARAspiWDM - ok
16:12:35.0984 2448 [ 483924F92E55A5F9423201EC635E2CED ] gfibto C:\WINDOWS\system32\drivers\gfibto.sys
16:12:35.0984 2448 gfibto - ok
16:12:36.0109 2448 [ 9E37E0C528E1E3A79E215B6A4EEA2143 ] GoogleDesktopManager-092308-165331 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
16:12:36.0109 2448 GoogleDesktopManager-092308-165331 - ok
16:12:36.0187 2448 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:12:36.0187 2448 Gpc - ok
16:12:36.0250 2448 [ 1BF044E23206FDDC16891A32922D571B ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:12:36.0250 2448 gusvc - ok
16:12:36.0296 2448 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:12:36.0296 2448 HDAudBus - ok
16:12:36.0375 2448 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:12:36.0375 2448 helpsvc - ok
16:12:36.0453 2448 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
16:12:36.0453 2448 HidServ - ok
16:12:36.0515 2448 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:12:36.0515 2448 HidUsb - ok
16:12:36.0562 2448 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:12:36.0578 2448 hkmsvc - ok
16:12:36.0625 2448 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
16:12:36.0625 2448 hpn - ok
16:12:36.0718 2448 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:12:36.0718 2448 HTTP - ok
16:12:36.0796 2448 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:12:36.0796 2448 HTTPFilter - ok
16:12:36.0859 2448 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
16:12:36.0859 2448 i2omgmt - ok
16:12:36.0875 2448 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
16:12:36.0875 2448 i2omp - ok
16:12:36.0937 2448 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:12:36.0937 2448 i8042prt - ok
16:12:37.0296 2448 [ 48846B31BE5A4FA662CCFDE7A1BA86B9 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
16:12:37.0593 2448 ialm - ok
16:12:37.0718 2448 [ B4CFE83F1AA235141A62CF4D715C354D ] iComp C:\WINDOWS\system32\DRIVERS\HCWUSB2.sys
16:12:37.0765 2448 iComp - ok
16:12:37.0812 2448 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:12:37.0812 2448 IDriverT - ok
16:12:37.0890 2448 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:12:37.0937 2448 idsvc - ok
16:12:37.0984 2448 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:12:37.0984 2448 Imapi - ok
16:12:38.0046 2448 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
16:12:38.0046 2448 ImapiService - ok
16:12:38.0125 2448 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
16:12:38.0125 2448 ini910u - ok
16:12:38.0218 2448 [ 4D8D5B1C895EA0F2A721B98A7CE198F1 ] int15.sys C:\Acer\Empowering Technology\eRecovery\int15.sys
16:12:38.0218 2448 int15.sys - ok
16:12:38.0546 2448 [ 19AFBB8427CE65042599555E578170DF ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:12:38.0812 2448 IntcAzAudAddService - ok
16:12:38.0875 2448 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
16:12:38.0875 2448 IntelIde - ok
16:12:38.0937 2448 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:12:38.0937 2448 intelppm - ok
16:12:39.0000 2448 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
16:12:39.0000 2448 Ip6Fw - ok
16:12:39.0046 2448 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:12:39.0046 2448 IpFilterDriver - ok
16:12:39.0078 2448 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:12:39.0078 2448 IpInIp - ok
16:12:39.0140 2448 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:12:39.0140 2448 IpNat - ok
16:12:39.0250 2448 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:12:39.0265 2448 iPod Service - ok
16:12:39.0296 2448 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:12:39.0312 2448 IPSec - ok
16:12:39.0343 2448 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:12:39.0359 2448 IRENUM - ok
16:12:39.0406 2448 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:12:39.0406 2448 isapnp - ok
16:12:39.0468 2448 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
16:12:39.0468 2448 IviRegMgr - ok
16:12:39.0546 2448 [ DA971CFC625D13636E04C405948E9D62 ] JMCR C:\WINDOWS\system32\DRIVERS\jmcr.sys
16:12:39.0546 2448 JMCR - ok
16:12:39.0578 2448 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:12:39.0578 2448 Kbdclass - ok
16:12:39.0656 2448 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:12:39.0656 2448 kbdhid - ok
16:12:39.0718 2448 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:12:39.0734 2448 kmixer - ok
16:12:39.0796 2448 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:12:39.0812 2448 KSecDD - ok
16:12:39.0890 2448 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
16:12:39.0906 2448 LanmanServer - ok
16:12:39.0968 2448 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:12:39.0984 2448 lanmanworkstation - ok
16:12:40.0000 2448 lbrtfdc - ok
16:12:40.0062 2448 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:12:40.0078 2448 LmHosts - ok
16:12:40.0093 2448 lxct_device - ok
16:12:40.0171 2448 [ 29ED05C1DAFD2E830DFE48DE212DD34F ] M3000Srv C:\WINDOWS\system32\Drivers\M3000KNT.sys
16:12:40.0187 2448 M3000Srv - ok
16:12:40.0187 2448 McShield - ok
16:12:40.0218 2448 McSysmon - ok
16:12:40.0265 2448 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:12:40.0281 2448 Messenger - ok
16:12:40.0296 2448 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:12:40.0296 2448 mnmdd - ok
16:12:40.0328 2448 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:12:40.0328 2448 mnmsrvc - ok
16:12:40.0375 2448 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:12:40.0375 2448 Modem - ok
16:12:40.0453 2448 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:12:40.0453 2448 Mouclass - ok
16:12:40.0484 2448 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:12:40.0484 2448 mouhid - ok
16:12:40.0515 2448 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:12:40.0515 2448 MountMgr - ok
16:12:40.0593 2448 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:12:40.0609 2448 MozillaMaintenance - ok
16:12:40.0640 2448 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
16:12:40.0656 2448 MpFilter - ok
16:12:40.0671 2448 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
16:12:40.0671 2448 mraid35x - ok
16:12:40.0687 2448 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:12:40.0703 2448 MRxDAV - ok
16:12:40.0781 2448 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:12:40.0796 2448 MRxSmb - ok
16:12:40.0843 2448 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:12:40.0843 2448 MSDTC - ok
16:12:40.0875 2448 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:12:40.0890 2448 Msfs - ok
16:12:40.0906 2448 MSIServer - ok
16:12:40.0953 2448 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:12:40.0953 2448 MSKSSRV - ok
16:12:41.0046 2448 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:12:41.0062 2448 MsMpSvc - ok
16:12:41.0093 2448 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:12:41.0093 2448 MSPCLOCK - ok
16:12:41.0109 2448 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:12:41.0125 2448 MSPQM - ok
16:12:41.0171 2448 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:12:41.0171 2448 mssmbios - ok
16:12:41.0218 2448 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
16:12:41.0218 2448 MSTEE - ok
16:12:41.0281 2448 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:12:41.0296 2448 Mup - ok
16:12:41.0359 2448 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:12:41.0375 2448 NABTSFEC - ok
16:12:41.0437 2448 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
16:12:41.0453 2448 napagent - ok
16:12:41.0531 2448 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:12:41.0531 2448 NDIS - ok
16:12:41.0578 2448 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:12:41.0578 2448 NdisIP - ok
16:12:41.0625 2448 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:12:41.0625 2448 NdisTapi - ok
16:12:41.0703 2448 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:12:41.0703 2448 Ndisuio - ok
16:12:41.0718 2448 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:12:41.0718 2448 NdisWan - ok
16:12:41.0765 2448 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:12:41.0765 2448 NDProxy - ok
16:12:41.0921 2448 [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
16:12:41.0953 2448 Nero BackItUp Scheduler 4.0 - ok
16:12:42.0015 2448 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:12:42.0031 2448 NetBIOS - ok
16:12:42.0062 2448 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:12:42.0078 2448 NetBT - ok
16:12:42.0125 2448 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
16:12:42.0140 2448 NetDDE - ok
16:12:42.0156 2448 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:12:42.0171 2448 NetDDEdsdm - ok
16:12:42.0234 2448 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:12:42.0250 2448 Netlogon - ok
16:12:42.0281 2448 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
16:12:42.0296 2448 Netman - ok
16:12:42.0343 2448 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:12:42.0343 2448 NetTcpPortSharing - ok
16:12:42.0406 2448 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
16:12:42.0421 2448 Nla - ok
16:12:42.0484 2448 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] npf C:\WINDOWS\system32\drivers\npf.sys
16:12:42.0484 2448 npf - ok
16:12:42.0546 2448 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:12:42.0546 2448 Npfs - ok
16:12:42.0578 2448 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:12:42.0609 2448 Ntfs - ok
16:12:42.0625 2448 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:12:42.0625 2448 NtLmSsp - ok
16:12:42.0718 2448 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:12:42.0750 2448 NtmsSvc - ok
16:12:42.0796 2448 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
16:12:42.0796 2448 Null - ok
16:12:42.0859 2448 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:12:42.0859 2448 NwlnkFlt - ok
16:12:42.0906 2448 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:12:42.0906 2448 NwlnkFwd - ok
16:12:43.0062 2448 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:12:43.0078 2448 odserv - ok
16:12:43.0140 2448 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:12:43.0140 2448 ose - ok
16:12:43.0187 2448 [ DC450992EBA6F914080C1F7FBEEED72C ] PalmUSBD C:\WINDOWS\system32\drivers\PalmUSBD.sys
16:12:43.0187 2448 PalmUSBD - ok
16:12:43.0250 2448 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
16:12:43.0250 2448 Parport - ok
16:12:43.0296 2448 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:12:43.0296 2448 PartMgr - ok
16:12:43.0343 2448 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:12:43.0343 2448 ParVdm - ok
16:12:43.0359 2448 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:12:43.0359 2448 PCI - ok
16:12:43.0375 2448 PCIDump - ok
16:12:43.0406 2448 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:12:43.0406 2448 PCIIde - ok
16:12:43.0437 2448 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:12:43.0453 2448 Pcmcia - ok
16:12:43.0468 2448 PDCOMP - ok
16:12:43.0484 2448 PDFRAME - ok
16:12:43.0500 2448 PDRELI - ok
16:12:43.0515 2448 PDRFRAME - ok
16:12:43.0578 2448 [ 95B64E97C0B618B90D87A8FF4AC0B53D ] pelmouse C:\WINDOWS\system32\DRIVERS\pelmouse.sys
16:12:43.0578 2448 pelmouse - ok
16:12:43.0609 2448 [ 6109A990D5832E0A93D1E4948CFA2AE2 ] pelusblf C:\WINDOWS\system32\DRIVERS\pelusblf.sys
16:12:43.0625 2448 pelusblf - ok
16:12:43.0640 2448 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
16:12:43.0640 2448 perc2 - ok
16:12:43.0656 2448 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
16:12:43.0656 2448 perc2hib - ok
16:12:43.0750 2448 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
16:12:43.0765 2448 PlugPlay - ok
16:12:43.0781 2448 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:12:43.0781 2448 PolicyAgent - ok
16:12:43.0843 2448 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:12:43.0843 2448 PptpMiniport - ok
16:12:43.0875 2448 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:12:43.0875 2448 ProtectedStorage - ok
16:12:43.0890 2448 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:12:43.0890 2448 PSched - ok
16:12:43.0953 2448 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
16:12:43.0953 2448 PSI_SVC_2 - ok
16:12:43.0968 2448 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:12:43.0984 2448 Ptilink - ok
16:12:44.0015 2448 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
16:12:44.0015 2448 ql1080 - ok
16:12:44.0031 2448 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
16:12:44.0031 2448 Ql10wnt - ok
16:12:44.0046 2448 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
16:12:44.0062 2448 ql12160 - ok
16:12:44.0078 2448 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
16:12:44.0078 2448 ql1240 - ok
16:12:44.0093 2448 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
16:12:44.0109 2448 ql1280 - ok
16:12:44.0125 2448 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:12:44.0125 2448 RasAcd - ok
16:12:44.0203 2448 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:12:44.0203 2448 RasAuto - ok
16:12:44.0250 2448 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:12:44.0250 2448 Rasl2tp - ok
16:12:44.0296 2448 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:12:44.0312 2448 RasMan - ok
16:12:44.0328 2448 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:12:44.0328 2448 RasPppoe - ok
16:12:44.0343 2448 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:12:44.0359 2448 Raspti - ok
16:12:44.0406 2448 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:12:44.0421 2448 Rdbss - ok
16:12:44.0484 2448 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:12:44.0484 2448 RDPCDD - ok
16:12:44.0531 2448 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:12:44.0546 2448 rdpdr - ok
16:12:44.0609 2448 [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:12:44.0609 2448 RDPWD - ok
16:12:44.0671 2448 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:12:44.0687 2448 RDSessMgr - ok
16:12:44.0734 2448 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:12:44.0734 2448 redbook - ok
16:12:44.0796 2448 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:12:44.0812 2448 RemoteAccess - ok
16:12:44.0859 2448 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
16:12:44.0859 2448 ROOTMODEM - ok
16:12:44.0906 2448 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
16:12:44.0906 2448 RpcLocator - ok
16:12:44.0968 2448 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
16:12:44.0984 2448 RpcSs - ok
16:12:45.0046 2448 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:12:45.0062 2448 RSVP - ok
16:12:45.0109 2448 [ F0A21C62B9B835E1C96268EAAE31D239 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
16:12:45.0125 2448 RTLE8023xp - ok
16:12:45.0140 2448 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
16:12:45.0156 2448 SamSs - ok
16:12:45.0218 2448 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
16:12:45.0218 2448 SASDIFSV - ok
16:12:45.0234 2448 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
16:12:45.0234 2448 SASKUTIL - ok
16:12:45.0484 2448 [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
16:12:45.0671 2448 SBAMSvc - ok
16:12:45.0750 2448 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:12:45.0765 2448 SCardSvr - ok
16:12:45.0828 2448 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:12:45.0843 2448 Schedule - ok
16:12:45.0921 2448 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:12:45.0937 2448 Secdrv - ok
16:12:45.0953 2448 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
16:12:45.0953 2448 seclogon - ok
16:12:45.0968 2448 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
16:12:45.0984 2448 SENS - ok
16:12:46.0031 2448 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
16:12:46.0031 2448 Serial - ok
16:12:46.0109 2448 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
16:12:46.0109 2448 Sfloppy - ok
16:12:46.0187 2448 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:12:46.0203 2448 SharedAccess - ok
16:12:46.0250 2448 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:12:46.0250 2448 ShellHWDetection - ok
16:12:46.0265 2448 Simbad - ok
16:12:46.0343 2448 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
16:12:46.0343 2448 sisagp - ok
16:12:46.0406 2448 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:12:46.0406 2448 SLIP - ok
16:12:46.0437 2448 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
16:12:46.0453 2448 Sparrow - ok
16:12:46.0468 2448 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:12:46.0484 2448 splitter - ok
16:12:46.0546 2448 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:12:46.0546 2448 Spooler - ok
16:12:46.0593 2448 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:12:46.0609 2448 sr - ok
16:12:46.0656 2448 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
16:12:46.0687 2448 srservice - ok
16:12:46.0750 2448 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:12:46.0765 2448 Srv - ok
16:12:46.0796 2448 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:12:46.0812 2448 SSDPSRV - ok
16:12:46.0890 2448 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:12:46.0921 2448 stisvc - ok
16:12:46.0984 2448 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:12:46.0984 2448 streamip - ok
16:12:47.0046 2448 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:12:47.0046 2448 swenum - ok
16:12:47.0093 2448 [ EBEEE5B1ECAD1DAD0BABC60F82CB96CF ] swiwdmbus C:\WINDOWS\system32\DRIVERS\swiwdmbus.sys
16:12:47.0109 2448 swiwdmbus - ok
16:12:47.0156 2448 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:12:47.0156 2448 swmidi - ok
16:12:47.0203 2448 [ D1AD925DAC20520D019281D03334F50B ] SWNC8UA3 C:\WINDOWS\system32\DRIVERS\swnc8ua3.sys
16:12:47.0203 2448 SWNC8UA3 - ok
16:12:47.0218 2448 SwPrv - ok
16:12:47.0265 2448 [ ACC595933992488B5DE0A5AE17019F75 ] SWUMXA3 C:\WINDOWS\system32\DRIVERS\swumxa3.sys
16:12:47.0281 2448 SWUMXA3 - ok
16:12:47.0328 2448 [ 9B2BDD7A8629A9C5A55CD5635DDF136F ] SydexFDD C:\WINDOWS\system32\Drivers\sydexfdd.sys
16:12:47.0328 2448 SydexFDD - ok
16:12:47.0343 2448 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
16:12:47.0359 2448 symc810 - ok
16:12:47.0375 2448 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
16:12:47.0375 2448 symc8xx - ok
16:12:47.0406 2448 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
16:12:47.0421 2448 sym_hi - ok
16:12:47.0437 2448 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
16:12:47.0437 2448 sym_u3 - ok
16:12:47.0500 2448 [ 409F7EEB079D6154CCB26A02E6E27844 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
16:12:47.0500 2448 SynTP - ok
16:12:47.0531 2448 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:12:47.0531 2448 sysaudio - ok
16:12:47.0578 2448 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:12:47.0593 2448 SysmonLog - ok
16:12:47.0656 2448 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:12:47.0671 2448 TapiSrv - ok
16:12:47.0750 2448 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:12:47.0765 2448 Tcpip - ok
16:12:47.0828 2448 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:12:47.0828 2448 TDPIPE - ok
16:12:47.0890 2448 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:12:47.0890 2448 TDTCP - ok
16:12:47.0937 2448 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:12:47.0937 2448 TermDD - ok
16:12:48.0031 2448 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
16:12:48.0046 2448 TermService - ok
16:12:48.0093 2448 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
16:12:48.0093 2448 Themes - ok
16:12:48.0203 2448 [ 747E60B773E95F6C93D5621B550D6865 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
16:12:48.0218 2448 TomTomHOMEService - ok
16:12:48.0281 2448 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
16:12:48.0296 2448 TosIde - ok
16:12:48.0359 2448 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:12:48.0375 2448 TrkWks - ok
16:12:48.0406 2448 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:12:48.0421 2448 Udfs - ok
16:12:48.0437 2448 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
16:12:48.0437 2448 ultra - ok
16:12:48.0500 2448 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:12:48.0515 2448 Update - ok
16:12:48.0578 2448 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:12:48.0593 2448 upnphost - ok
16:12:48.0625 2448 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
16:12:48.0640 2448 UPS - ok
16:12:48.0687 2448 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
16:12:48.0687 2448 USBAAPL - ok
16:12:48.0750 2448 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:12:48.0750 2448 usbccgp - ok
16:12:48.0812 2448 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:12:48.0812 2448 usbehci - ok
16:12:48.0828 2448 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:12:48.0843 2448 usbhub - ok
16:12:48.0890 2448 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:12:48.0890 2448 usbprint - ok
16:12:48.0937 2448 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:12:48.0937 2448 usbscan - ok
16:12:49.0000 2448 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:12:49.0000 2448 USBSTOR - ok
16:12:49.0062 2448 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:12:49.0062 2448 usbuhci - ok
16:12:49.0125 2448 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:12:49.0125 2448 VgaSave - ok
16:12:49.0156 2448 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
16:12:49.0156 2448 viaagp - ok
16:12:49.0187 2448 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
16:12:49.0187 2448 ViaIde - ok
16:12:49.0218 2448 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:12:49.0234 2448 VolSnap - ok
16:12:49.0281 2448 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
16:12:49.0296 2448 VSS - ok
16:12:49.0343 2448 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
16:12:49.0359 2448 W32Time - ok
16:12:49.0406 2448 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:12:49.0406 2448 Wanarp - ok
16:12:49.0421 2448 WDICA - ok
16:12:49.0468 2448 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:12:49.0468 2448 wdmaud - ok
16:12:49.0531 2448 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:12:49.0546 2448 WebClient - ok
16:12:49.0687 2448 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:12:49.0687 2448 winmgmt - ok
16:12:49.0781 2448 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
16:12:49.0781 2448 WmdmPmSN - ok
16:12:49.0828 2448 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
16:12:49.0843 2448 WmiAcpi - ok
16:12:49.0890 2448 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:12:49.0906 2448 WmiApSrv - ok
16:12:50.0031 2448 [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
16:12:50.0062 2448 WMPNetworkSvc - ok
16:12:50.0078 2448 wntpport - ok
16:12:50.0218 2448 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:12:50.0234 2448 WPFFontCache_v0400 - ok
16:12:50.0312 2448 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
16:12:50.0328 2448 wscsvc - ok
16:12:50.0390 2448 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:12:50.0390 2448 WSTCODEC - ok
16:12:50.0437 2448 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
16:12:50.0453 2448 wuauserv - ok
16:12:50.0500 2448 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:12:50.0515 2448 WudfPf - ok
16:12:50.0546 2448 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:12:50.0546 2448 WudfRd - ok
16:12:50.0562 2448 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
16:12:50.0578 2448 WudfSvc - ok
16:12:50.0640 2448 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:12:50.0656 2448 WZCSVC - ok
16:12:50.0703 2448 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:12:50.0718 2448 xmlprov - ok
16:12:50.0765 2448 ================ Scan global ===============================
16:12:50.0828 2448 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
16:12:50.0875 2448 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:12:50.0906 2448 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:12:50.0953 2448 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
16:12:50.0968 2448 [Global] - ok
16:12:50.0968 2448 ================ Scan MBR ==================================
16:12:51.0000 2448 [ 99852D5C3A78447C3D6D82B6155FE848 ] \Device\Harddisk0\DR0
16:12:58.0968 2448 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:12:58.0968 2448 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:12:58.0968 2448 ================ Scan VBR ==================================
16:12:59.0000 2448 [ FE839D9C5F95B59E06F1799C58BCEE0C ] \Device\Harddisk0\DR0\Partition1
16:12:59.0000 2448 \Device\Harddisk0\DR0\Partition1 - ok
16:12:59.0000 2448 ============================================================
16:12:59.0000 2448 Scan finished
16:12:59.0000 2448 ============================================================
16:12:59.0109 3224 Detected object count: 1
16:12:59.0109 3224 Actual detected object count: 1
16:13:32.0984 3224 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
16:13:33.0000 3224 \Device\Harddisk0\DR0\TDLFS\tdl - copied to quarantine
16:13:33.0000 3224 \Device\Harddisk0\DR0\TDLFS\rsrc.dat - copied to quarantine
16:13:33.0015 3224 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
16:13:33.0015 3224 \Device\Harddisk0\DR0\TDLFS\tdlcmd.dll - copied to quarantine
16:13:33.0015 3224 \Device\Harddisk0\DR0\TDLFS - deleted
16:13:33.0015 3224 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:27 PM

Posted 04 February 2013 - 07:57 PM

OK that TDSS log is good it worked fine.
If you have not done so Reboot the PC.

You may be able to run aswMBR now.

You can install this Java,,, Windows x86 Offline 30.05 MB jre-7u13-windows-i586.exe
Download that version from here L@@K
4th up from bottom of list.
Choose that and save the file to your desktop.
•Close any programs you may have running - especially your web browser.
•Then from your desktop double-click on jre-7u13-windows-i586.exe to install the newest version.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 runtotorun121

runtotorun121
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:27 PM

Posted 04 February 2013 - 11:35 PM

I have now rebooted and updated Java. Then I launched aswMBR again, and it still shuts down. :(

#12 runtotorun121

runtotorun121
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:27 PM

Posted 05 February 2013 - 12:08 AM

While I am waiting for my next steps, I have four questions that I want to make sure I remember to ask you. I know your time is valuable so please feel free to wait until this process is completed to answer, but I thought if I posted them now I would remember to revisit them before you closed the topic. :)

1. Regarding updates, how should I handle those? For example, when I installed the Java update it informed me that Java would let me know when there are new updates that I should install. I also get that little yellow update shield down in my system tray, and iTunes is always asking me about updating Quicktime. Is it okay to click on the update links and update online, or do I need to know how to do it alternately offline like we did with my Java update you instructed?

2. This laptop is part of our home network, which includes several desktops and another one or two laptops. I plan to run some scans on my primary desktop computer with the tools you have instructed me to use here. I do not plan to fix anything myself since I have no clue what any of those logs say. :blink: So should I post a new topic for that computer in this forum after I run them tonight or tomorrow-ish?

3. I currently have MSE running as my anti-virus program. I have tried AVAST and others in the past and have had a terrible time with high CPU hogging (i.e. slowing things down!), and MSE does that some but doesn't seem quite as horrible. Is MSE okay, or what do you suggest to use for good anti-virus program and ongoing scans to periodically run for preventive care?

4. And now I have forgotten question number four. :whistle: Okay, I will think on it, and then let you know if I remember. . .

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:27 PM

Posted 05 February 2013 - 01:13 PM

Lets run MBAR while I look at your questions.
Download Malwarebytes Anti-Rootkit from HERE
  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txt

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:27 PM

Posted 05 February 2013 - 01:31 PM

1. Regarding updates, how should I handle those? For example, when I installed the Java update it informed me that Java would let me know when there are new updates that I should install. I also get that little yellow update shield down in my system tray, and iTunes is always asking me about updating Quicktime. Is it okay to click on the update links and update online, or do I need to know how to do it alternately offline like we did with my Java update you instructed?

I would install those others as offered. They do not have an offline app.
I too have the Java updater installed. And YES it does fail. So monthly when I do major maintenance.. I go to the Java link I posted(I bookmarked it)
Another handy tool is,Personal Software Inspector (PSI)
http://secunia.com/vulnerability_scanning/personal/

2. This laptop is part of our home network, which includes several desktops and another one or two laptops. I plan to run some scans on my primary desktop computer with the tools you have instructed me to use here. I do not plan to fix anything myself since I have no clue what any of those logs say. So should I post a new topic for that computer in this forum after I run them tonight or tomorrow-ish?

We can just do them one PC at a time in this topic.

3. I currently have MSE running as my anti-virus program. I have tried AVAST and others in the past and have had a terrible time with high CPU hogging (i.e. slowing things down!), and MSE does that some but doesn't seem quite as horrible. Is MSE okay, or what do you suggest to use for good anti-virus program and ongoing scans to periodically run for preventive care?

MSE is good, I prefer Avira free,even with the nag screen, uses little resources.
I also scan weekly with (MBAM) •Malwarebytes' Anti-Malware and (SAS)•SuperAntiSpyware .. look here under Malware removal
http://www.bleepingcomputer.com/forums/topic366982.html
Avira is on that page also

4. And now I have forgotten question number four. Okay, I will think on it, and then let you know if I remember. .

You are not alone :hysterical:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 runtotorun121

runtotorun121
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:27 PM

Posted 05 February 2013 - 01:32 PM

Okay, scanning the first time right now. I have to go out and run a few errands so I am going to let it run, and it may be later this afternoon or this evening before I get back with you. If it hurries before I make it out the door I will post before I leave. :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users