Jump to content

The specified service does not exist as an installed service - Win.Rogue.Antivirus


Recommended Posts

I have a Toshiba laptop that all of a sudden is not connecting to the network. On the wireless network connection it says The specified service does not exist as an installed service. I'm also getting this message when looking at event viewer, control panel, trying to install new programs, etc.... Computer seems unusable. I tried a system restore, but did not have a restore point.

In safe mode, I am able to access all of these. I have McAfee Internet security installed and it will not let me uninstall in safe mode (was going to install Avira or Avast instead). I have Malware bytes, and it found Win.Rogue Antivirus. I removed it, but still have this The specified service does not exist as an installed service problem.

The problem started when my mcafee anti virus removed ZEROACCESS trojans from my system.

After the scan was completed, my system rebooted and I lost control of all Administrator permissions.

I can open user files but cannot access any of the Windows system functions. Whenever I try to execute a program with a shield icon (run as administrator) I get the message "The specified service does not exist as an installed service."

I tried the system file scan in safe mode but it didn't show any errors. The message it returned was "Windows Resource protection did not find any integrity violations." I tried system restore in safe mode but there were no restore points.

I also ran anti virus scan one more time (with newly updated protection files) but there were no viruses reported.

Can only run programs in safe mode, have tried running "fsc" also "msconfig" to disable all startup items, but unable to do so.

Link to post
Share on other sites

  • Replies 61
  • Created
  • Last Reply

Top Posters In This Topic

Hello Allan,

You need to (at minimum) tell us your version of Windows (Win7, Vista, or XP ??).

You very well may need to be in Windows Safe Mode with Networking instead of just Normal mode.

Tap & re-tap F8-function key as soon as pc is restarting. Select Safe Mode With Networking.

IF you can not download with this system, you will need to use another system and do & save downloads to a new/clean USB-flash drive or burn to CD/DVD. and take tools to problem pc, and copy onto the Desktop.

Do as much as you can of the following.

Step 1

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.


Link 2
Link 3
Link 4
Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.
If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL

IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

Step 2

Please download the following program to your Desktop >> Unhide <<

Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives.

Step 3

Download DDS and save it to your desktop from http://www.techsupportforum.com/sectools/sUBs/dds here or http://download.bleepingcomputer.com/sUBs/dds.scr or

http://www.forospyware.com/sUBs/dds

Disable any script blocker if your antivirus/antimalware has it.

Then double click dds.scr to run the tool.

DDS will run in a command prompt window and will take 3 to 4 minutes or so.

  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
  • Save both reports to your desktop.

Please Copy & Paste contents of the following logs in your next reply:

DDS.txt

Attach.txt

Link to post
Share on other sites

Use Windows Explorer, and drill down (expand) the Computer icon, so you can see the USB drive.

If need be, you can start Windows Explorer this way ---> press Windows-key on keyboard and Hold it, then press E key

P.S.S. When you get back to this topic, look on the upper-RIGHT corner of forum screen, and click on "Follow this topic" icon.

That way you are sure to get notified of each reply by me.

Edited by Maurice Naggar
Link to post
Share on other sites

when i opened windows explorer to look for the USB Drive there was only (C:), however i found a shortcut to the USB and Flash Drive, in "Recent." when i tried to open the shortcut here are my two responses:

Problem with Shortcut

The item 'E:\' that this shortcut refers to has been changed or moved, so this shortcut will no longer work properly.

Do you want to delete this shortcut? Yes No

and when i try the only other shortcut to the drive this is the response

Problem with Shortcut

The drive or network connection that the shortcut 'AL'S(D).Lnk' refers to is unavailable. Make sure that the disk is properly inserted or the network is available, and then try again. OK

All of the hardware is properly inserted. This is the only instance where the USB ports are even acknowledge however, the links dont work.

Is there some way i can get the rkill script from somewhere open my own txt., duplicate script and save properly to desktop?

Link to post
Share on other sites

Sanity check for both of us:

Vista is running in Safe Mode with Networking ? yes/no

Bring up Task Manager (CTRL+Shift+ESCape keys ) and then select Files >> New Task (run)

type in D:\rkill.com or E:\rkill.com to start RKILL

You can use Task Manager that way to start each of the tools I had you get

Link to post
Share on other sites

Ok, after running rkill.com and unhide.exe, my USB ports and Run options have returned. i just ran dds and am attaching the logs.

.

DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26

Run by Morgan at 8:57:51 on 2012-06-21

Microsoft Windows Vista Home Premium 6.0.6002.2.1252.1.1033.18.2038.1442 [GMT -4:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\mfevtps.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\Windows\system32\Taskmgr.exe

C:\Windows\explorer.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uSearch Page = hxxp://www.google.com

uStart Page = hxxp://www.google.com/

uSearch Bar = hxxp://www.google.com/ie

uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart

mStart Page = hxxp://www.yahoo.com

mDefault_Page_URL = hxxp://www.yahoo.com

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll

mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll

mWinlogon: Userinit=userinit.exe,

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120511101658.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"

TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll

TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [EasyTether] "c:\program files\mobile stream\easytether\easytthr.exe"

uRun: [Google] rundll32.exe "c:\users\morgan\appdata\local\installer4896\google\plxwjuaeh.dll",DllRegisterServer

uRun: [uoxyp] rundll32.exe "c:\users\morgan\appdata\local\temp\uoxyp.dll",SteamGameServerStats

mRun: [igfxTray] DOWS\SYSTEM32\IGFXTRAY.EXE

mRun: [HotKeysCmds] DOWS\SYSTEM32\HKCMD.EXE

mRun: [Persistence] DOWS\SYSTEM32\IGFXPERS.EXE

mRun: [TPwrMain] .EXE

mRun: [HSON] .EXE

mRun: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe

mRun: [00TCrdMain] .EXE

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [synTPStart] TPSTART.EXE

mRun: [NDSTray.exe] DSTRAY.EXE

mRun: [Windows Mobile-based device management] C.EXE

mRun: [sSBkgdUpdate] G -BOOT

mRun: [OpwareSE4] IPAGESE4\OPWARESE4.EXE"

mRun: [sunJavaUpdateSched] FILES\JAVA\JAVA UPDATE\JUSCHED.EXE"

mRun: [skytel] Skytel.exe

mRun: [mcui_exe] KEY

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] FILES\ADOBE\ARM\1.0\ADOBEARM.EXE"

mRun: [QuickTime Task] DOWS\SYSTEM32\QTTASK.EXE" -ATBOOTTIME

mRun: [synTPEnh] H.EXE

mRun: [PAP7501_Monitor] DOWS\PIXART\PAP7501\GUCI_AVS.EXE

mRun: [Malwarebytes' Anti-Malware] TI-MALWARE\MBAMGUI.EXE" /STARTTRAY

mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "c:\programdata\malwarebytes\malwarebytes' anti-malware\cleanup.dll",ProcessCleanupScript

dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

StartupFolder: c:\users\morgan\appdata\roaming\micros~1\windows\startm~1\programs\startup\yahoo!~1.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe

uPolicies-explorer: HideSCAHealth = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

LSP: mswsock.dll

Trusted Zone: army.mil\www.us

Trusted Zone: skillport.com\usarmy

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{2DF5FBE4-6F55-487A-BF89-15C11808A577} : DhcpNameServer = 8.8.8.8 8.8.4.4

TCP: Interfaces\{93D83984-3E93-4E80-9188-4ED7B5CCE2EF} : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{E6F7788F-B0B5-47D0-B97D-343CC00A8EE5} : DhcpNameServer = 192.168.1.254

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\morgan\appdata\roaming\mozilla\firefox\profiles\en3x5wim.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=

FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll

FF - plugin: c:\program files\ace mega codecs pack\systems\realmedia\browser\plugins\nppl3260.dll

FF - plugin: c:\program files\ace mega codecs pack\systems\realmedia\browser\plugins\nprpjplug.dll

FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll

FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll

FF - plugin: c:\users\morgan\appdata\roaming\mozilla\firefox\profiles\en3x5wim.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp07076007.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

FF - Ext: Move Media Player: moveplayer@movenetworks.com - %profile%\extensions\moveplayer@movenetworks.com

FF - Ext: Newgrounds Classic: NG_Classic@snakehole.net - %profile%\extensions\NG_Classic@snakehole.net

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: XUL Cache: {cd2baad2-2b51-42b4-ae74-9ea78ecdc130} - %profile%\extensions\{cd2baad2-2b51-42b4-ae74-9ea78ecdc130}

FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com

FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\mcafee\SiteAdvisor

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: XULRunner: {BE5EAB9A-E159-4D63-8F52-368D9585CB5A} - c:\users\morgan\appdata\local\{BE5EAB9A-E159-4D63-8F52-368D9585CB5A}

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-7-10 464304]

R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2011-7-10 64912]

R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-7-10 169608]

R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-7-10 214904]

R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-7-10 161632]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-7-10 151880]

R3 easytether;easytether;c:\windows\system32\drivers\easytthr.sys [2011-9-27 17296]

R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2007-11-6 7168]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-7-10 340920]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate1c9872b7d755da3;Google Update Service (gupdate1c9872b7d755da3);c:\program files\google\update\GoogleUpdate.exe [2009-2-4 133104]

S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-7 654408]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-4-7 210216]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-7-10 214904]

S2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-7-10 214904]

S2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-7-10 166288]

S2 napagent32;Network Access Protection Agent ;c:\windows\system32\ddraw32.exe --> c:\windows\system32\ddraw32.exe [?]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-30 257696]

S3 ATTRcAppSvc;AT&T RcAppSvc;"c:\program files\at&t\communication manager\rcappsvc.exe" /n "attrcappsvc" --> c:\program files\at&t\communication manager\RcAppSvc.exe [?]

S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-4-1 183560]

S3 CAATT;AT&T Con App Svc;"c:\program files\at&t\communication manager\conappssvc.exe" /n "caatt" --> c:\program files\at&t\communication manager\ConAppsSvc.exe [?]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-7-10 57600]

S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-7-11 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2011-5-13 1492840]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-2-4 133104]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-7 22344]

S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-9-13 180848]

S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-7-10 59456]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-7-10 87656]

S3 NMgamingmsFltr;USB Optical Mouse;c:\windows\system32\drivers\NMgamingms.sys [2009-7-24 9472]

S3 SWNC8U56;Sierra Wireless MUX NDIS Driver (UMTS56);c:\windows\system32\drivers\swnc8u56.sys [2007-6-27 101248]

S3 SWUMX56;Sierra Wireless USB MUX Driver (UMTS56);c:\windows\system32\drivers\swumx56.sys [2007-6-27 73856]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

.

=============== Created Last 30 ================

.

.

==================== Find3M ====================

.

2012-05-11 14:35:03 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-05-11 14:35:03 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-04-04 19:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-04-03 08:16:12 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-04-03 08:16:11 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-04-02 13:36:21 2044928 ----a-w- c:\windows\system32\win32k.sys

2012-03-30 12:39:11 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys

2008-12-13 13:17:12 51622242 ----a-w- c:\program files\ACEMCP603PRO.exe

.

============= FINISH: 8:58:34.17 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows Vista Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 12/26/2007 8:15:51 PM

System Uptime: 6/20/2012 2:18:13 PM (18 hours ago)

.

Motherboard: Intel Corporation | | SANTA ROSA CRB

Processor: Intel® Pentium® Dual CPU T2330 @ 1.60GHz | U2E1 | 1596/mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 185 GiB total, 20.53 GiB free.

E: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Leawo AVI Converter version 5.0.0.0

Update for Microsoft Office 2007 (KB2508958)

Torrent

ACE Mega CoDecS Pack

Activation Assistant for the 2007 Microsoft Office suites

Adobe Anchor Service CS3

Adobe Asset Services CS3

Adobe Bridge CS3

Adobe Bridge Start Meeting

Adobe Camera Raw 4.0

Adobe CMaps

Adobe Color - Photoshop Specific

Adobe Color Common Settings

Adobe Color EU Extra Settings

Adobe Color JA Extra Settings

Adobe Color NA Recommended Settings

Adobe Default Language CS3

Adobe Device Central CS3

Adobe ExtendScript Toolkit 2

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Fonts All

Adobe Help Viewer CS3

Adobe Linguistics CS3

Adobe PDF Library Files

Adobe Photoshop CS3

Adobe Reader 8.3.1

Adobe Setup

Adobe Shockwave Player 11.6

Adobe Stock Photos CS3

Adobe Type Support

Adobe Update Manager CS3

Adobe Version Cue CS3 Client

Adobe WinSoft Linguistics Plugin

Adobe XMP Panels CS3

Apple Software Update

Atheros Driver Installation Program

Bing Bar

Canon Utilities PhotoStitch

Command & Conquer Generals

Compatibility Pack for the 2007 Office system

Conduit Engine

CopyTrans Suite Remove Only

D3DX10

Driver Installer

DVD MovieFactory for TOSHIBA

EasyTether

EPSON Scan

Google Toolbar for Internet Explorer

Google Update Helper

Google Updater

Groundspeak Wherigo Builder

Highlight Viewer (Windows Live Toolbar)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Intel® Graphics Media Accelerator Driver

Java Auto Updater

Java™ 6 Update 2

Java™ 6 Update 26

Junk Mail filter update

K-Lite Codec Pack 7.6.0 (Basic)

LADSPA_plugins-win-0.4.15

LG USB Modem driver

LiveUpdate 3.3 (Symantec Corporation)

Malwarebytes Anti-Malware version 1.61.0.1400

Map Button (Windows Live Toolbar)

Marvell Miniport Driver

McAfee AntiVirus Plus

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Standard 2007

Microsoft Office Word MUI (English) 2007

Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

Microsoft XML Parser

Microsoft XNA Framework Redistributable 2.0

Mozilla Firefox (3.0.15)

MSVCRT

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

PDF Settings

Picture Package Music Transfer

PS3 Theme Builder 3.0

Realtek High Definition Audio Driver

SAMSUNG USB Driver for Mobile Phones

ScanSoft OmniPage SE 4

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Security Update for Windows Media Encoder (KB2447961)

Security Update for Windows Media Encoder (KB954156)

Segoe UI

Smart Menus (Windows Live Toolbar)

SupportSoft Assisted Service

swMSM

Synaptics Pointing Device Driver

TBS WMP Plug-in

Texas Instruments PCIxx21/x515/xx12 drivers.

TIPCI

TOSHIBA Assist

TOSHIBA ConfigFree

TOSHIBA Disc Creator

TOSHIBA DVD PLAYER

TOSHIBA Extended Tiles for Windows Mobility Center

TOSHIBA Hardware Setup

Toshiba Registration

TOSHIBA SD Memory Utilities

TOSHIBA Software Modem

TOSHIBA Software Upgrades

TOSHIBA Speech System Applications

TOSHIBA Speech System SR Engine(U.S.) Version1.0

TOSHIBA Speech System TTS Engine(U.S.) Version1.0

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

USB2.0 UVC VGA

uTorrentBar Toolbar

VideoCam Suite

VLC media player 1.1.11

VZAccess Manager

WD Diagnostics

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Favorites for Windows Live Toolbar

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Toolbar Extension (Windows Live Toolbar)

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Encoder 9 Series

Windows Media Player Firefox Plugin

Xross Media Simulator 1.0

Yahoo! Install Manager

Yahoo! Messenger

Yahoo! Software Update

Yahoo! Widgets

.

==== Event Viewer Messages From Past Week ========

.

6/21/2012 8:55:12 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

6/20/2012 3:47:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B68-F52A-11D8-B9A5-505054503030}

6/20/2012 2:25:16 PM, Error: Service Control Manager [7003] - The Telephony service depends the following service: PlugPlay. This service might not be installed.

6/20/2012 2:23:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

6/20/2012 2:21:24 PM, Error: Microsoft-Windows-TBS [16392] - An error occurred while starting the TBS. The error code was 0x8007000d.

6/20/2012 2:20:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

6/20/2012 2:20:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

6/20/2012 2:20:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

6/20/2012 2:20:15 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom spldr Wanarpv6

6/20/2012 2:20:15 PM, Error: Service Control Manager [7003] - The Workstation service depends the following service: NSI. This service might not be installed.

6/20/2012 2:20:15 PM, Error: Service Control Manager [7003] - The Windows Driver Foundation - User-mode Driver Framework service depends the following service: PlugPlay. This service might not be installed.

6/20/2012 2:20:15 PM, Error: Service Control Manager [7003] - The Windows Audio Endpoint Builder service depends the following service: PlugPlay. This service might not be installed.

6/20/2012 2:20:15 PM, Error: Service Control Manager [7003] - The Tablet PC Input Service service depends the following service: PlugPlay. This service might not be installed.

6/20/2012 2:20:15 PM, Error: Service Control Manager [7003] - The Network Location Awareness service depends the following service: NSI. This service might not be installed.

6/20/2012 2:20:15 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

6/20/2012 2:20:15 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

6/20/2012 2:20:15 PM, Error: Service Control Manager [7003] - The DHCP Client service depends the following service: NSI. This service might not be installed.

6/20/2012 2:20:15 PM, Error: Service Control Manager [7001] - The Windows Audio service depends on the Windows Audio Endpoint Builder service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.

6/20/2012 2:20:15 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

6/20/2012 2:17:06 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.

6/20/2012 2:16:48 PM, Error: Service Control Manager [7024] - The ReadyBoost service terminated with service-specific error 0 (0x0).

6/20/2012 2:16:48 PM, Error: Service Control Manager [7023] - The WebClient service terminated with the following error: The system cannot find the file specified.

6/20/2012 2:16:48 PM, Error: Service Control Manager [7023] - The Portable Device Enumerator Service service terminated with the following error: The system cannot find the file specified.

6/20/2012 2:16:48 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: Operation aborted

6/20/2012 2:16:48 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Workstation service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.

6/20/2012 2:16:48 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

6/20/2012 2:16:48 PM, Error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.

6/20/2012 2:06:02 PM, Error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.

6/19/2012 3:52:09 PM, Error: Service Control Manager [7022] - The Human Interface Device Access service hung on starting.

6/14/2012 7:19:34 PM, Error: EventLog [6008] - The previous system shutdown at 2:40:40 PM on 6/8/2012 was unexpected.

.

==== End Of File ===========================

unhide.txtrkill.log

Edited by Maurice Naggar
DDS logs put In-line
Link to post
Share on other sites

Do not do any websurfing, online games, online transactions of any sort. Only go to this forum and the websites I guide you to.

Please follow my guidance. Ask if you have questions.

I am going to ask you to read very carefully. I am asking you to download to unique folder !!

Step 1. Close and save any open documents, and exit programs that you started.

Step 2. Download TDSSKiller.exe and SAVE it to a special folder

http://support.kaspe.../tdsskiller.exe

and be sure to SAVE it in this folder --> C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon

Step 3. Install the Chameleon driver by doing the following:

Press the Windows key + R and in the Run box, copy and paste the following command then press Enter. Copy All of the line from beginning to end {from the double-quote ...all the way to the last o ......ALL

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe" /o

A black DOS prompt will appear with a prompt to press any key to continue, please do.

Step 4

Please read carefully and follow these steps.

  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please Copy & Paste that log in reply.

Edited by Maurice Naggar
Tweaked for Vista folders location
Link to post
Share on other sites

Warning:

Again, do not go to any websites other than this forum and the sites I guide you to for tools or scans.

Be aware that we have a long road to cure your infections. Amongst other things, some needed Windows services appear to be either disabled or gone due to infection.

This is only one snippet from your log

6/20/2012 2:20:15 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
Will cover the latter in a next round.

Also, please do NOT attach logs. Copy and Paste their contents into main-body of reply.

Link to post
Share on other sites

I read your last post late but here is the log

09:51:10.0453 1148 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32

09:51:10.0500 1148 ============================================================

09:51:10.0500 1148 Current date / time: 2012/06/21 09:51:10.0500

09:51:10.0500 1148 SystemInfo:

09:51:10.0500 1148

09:51:10.0500 1148 OS Version: 6.0.6002 ServicePack: 2.0

09:51:10.0500 1148 Product type: Workstation

09:51:10.0500 1148 ComputerName: NONPAREIL

09:51:10.0500 1148 UserName: Morgan

09:51:10.0500 1148 Windows directory: C:\Windows

09:51:10.0500 1148 System windows directory: C:\Windows

09:51:10.0500 1148 Processor architecture: Intel x86

09:51:10.0500 1148 Number of processors: 2

09:51:10.0500 1148 Page size: 0x1000

09:51:10.0500 1148 Boot type: Safe boot with network

09:51:10.0500 1148 ============================================================

09:51:12.0138 1148 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

09:51:12.0138 1148 Drive \Device\Harddisk1\DR1 - Size: 0xEF000000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

09:51:12.0138 1148 ============================================================

09:51:12.0138 1148 \Device\Harddisk0\DR0:

09:51:12.0138 1148 MBR partitions:

09:51:12.0138 1148 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x171AF000

09:51:12.0138 1148 \Device\Harddisk1\DR1:

09:51:12.0138 1148 MBR partitions:

09:51:12.0138 1148 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x776080

09:51:12.0138 1148 ============================================================

09:51:12.0169 1148 C: <-> \Device\Harddisk0\DR0\Partition0

09:51:12.0169 1148 ============================================================

09:51:12.0169 1148 Initialize success

09:51:12.0169 1148 ============================================================

09:51:16.0053 1384 ============================================================

09:51:16.0053 1384 Scan started

09:51:16.0053 1384 Mode: Manual;

09:51:16.0053 1384 ============================================================

09:51:17.0972 1384 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

09:51:17.0972 1384 ACPI - ok

09:51:18.0113 1384 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

09:51:18.0128 1384 AdobeFlashPlayerUpdateSvc - ok

09:51:18.0237 1384 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

09:51:18.0253 1384 adp94xx - ok

09:51:18.0315 1384 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

09:51:18.0331 1384 adpahci - ok

09:51:18.0362 1384 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

09:51:18.0378 1384 adpu160m - ok

09:51:18.0409 1384 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

09:51:18.0425 1384 adpu320 - ok

09:51:18.0471 1384 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll

09:51:18.0471 1384 AeLookupSvc - ok

09:51:18.0581 1384 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

09:51:18.0581 1384 AFD - ok

09:51:18.0659 1384 AgereModemAudio (39e435c90c9c4f780fa0ed05ca3c3a1b) C:\Windows\system32\agrsmsvc.exe

09:51:18.0659 1384 AgereModemAudio - ok

09:51:18.0861 1384 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys

09:51:18.0924 1384 AgereSoftModem - ok

09:51:18.0955 1384 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

09:51:18.0971 1384 agp440 - ok

09:51:19.0033 1384 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

09:51:19.0033 1384 aic78xx - ok

09:51:19.0080 1384 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe

09:51:19.0080 1384 ALG - ok

09:51:19.0095 1384 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys

09:51:19.0095 1384 aliide - ok

09:51:19.0127 1384 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

09:51:19.0127 1384 amdagp - ok

09:51:19.0142 1384 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys

09:51:19.0158 1384 amdide - ok

09:51:19.0173 1384 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

09:51:19.0173 1384 AmdK7 - ok

09:51:19.0205 1384 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys

09:51:19.0205 1384 AmdK8 - ok

09:51:19.0267 1384 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

09:51:19.0267 1384 arc - ok

09:51:19.0345 1384 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

09:51:19.0345 1384 arcsas - ok

09:51:19.0392 1384 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

09:51:19.0407 1384 AsyncMac - ok

09:51:19.0454 1384 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

09:51:19.0454 1384 atapi - ok

09:51:19.0657 1384 athr (8be56f8300e1c37b578da23c71816b7a) C:\Windows\system32\DRIVERS\athr.sys

09:51:19.0673 1384 athr - ok

09:51:19.0704 1384 ATTRcAppSvc - ok

09:51:19.0797 1384 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll

09:51:19.0813 1384 AudioEndpointBuilder - ok

09:51:19.0813 1384 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll

09:51:19.0813 1384 Audiosrv - ok

09:51:19.0938 1384 BBSvc (0d1ea7509f394d8b705b239ee71f5118) C:\Program Files\Microsoft\BingBar\BBSvc.EXE

09:51:19.0953 1384 BBSvc - ok

09:51:20.0047 1384 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

09:51:20.0047 1384 Beep - ok

09:51:20.0250 1384 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll

09:51:20.0343 1384 BITS - ok

09:51:20.0343 1384 blbdrive - ok

09:51:20.0453 1384 Bonjour Service (9efe4236f8670846b6e7c5b0eff6e715) C:\Program Files\Bonjour\mDNSResponder.exe

09:51:20.0468 1384 Bonjour Service - ok

09:51:20.0515 1384 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

09:51:20.0515 1384 bowser - ok

09:51:20.0562 1384 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

09:51:20.0562 1384 BrFiltLo - ok

09:51:20.0593 1384 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

09:51:20.0593 1384 BrFiltUp - ok

09:51:20.0640 1384 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll

09:51:20.0640 1384 Browser - ok

09:51:20.0687 1384 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

09:51:20.0687 1384 Brserid - ok

09:51:20.0718 1384 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

09:51:20.0733 1384 BrSerWdm - ok

09:51:20.0749 1384 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

09:51:20.0749 1384 BrUsbMdm - ok

09:51:20.0780 1384 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

09:51:20.0780 1384 BrUsbSer - ok

09:51:20.0827 1384 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

09:51:20.0843 1384 BTHMODEM - ok

09:51:20.0889 1384 CAATT - ok

09:51:20.0936 1384 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

09:51:20.0936 1384 cdfs - ok

09:51:21.0014 1384 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

09:51:21.0014 1384 cdrom - ok

09:51:21.0077 1384 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll

09:51:21.0077 1384 CertPropSvc - ok

09:51:21.0139 1384 CFSvcs (c82162949bba6cc5d006c7bd008f3cf1) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

09:51:21.0139 1384 CFSvcs - ok

09:51:21.0201 1384 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\Windows\system32\drivers\cfwids.sys

09:51:21.0201 1384 cfwids - ok

09:51:21.0233 1384 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys

09:51:21.0233 1384 circlass - ok

09:51:21.0311 1384 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

09:51:21.0326 1384 CLFS - ok

09:51:21.0451 1384 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:51:21.0451 1384 clr_optimization_v2.0.50727_32 - ok

09:51:21.0607 1384 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

09:51:21.0732 1384 clr_optimization_v4.0.30319_32 - ok

09:51:21.0763 1384 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

09:51:21.0779 1384 CmBatt - ok

09:51:21.0825 1384 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys

09:51:21.0825 1384 cmdide - ok

09:51:21.0857 1384 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

09:51:21.0857 1384 Compbatt - ok

09:51:21.0872 1384 COMSysApp - ok

09:51:21.0888 1384 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

09:51:21.0888 1384 crcdisk - ok

09:51:21.0919 1384 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

09:51:21.0919 1384 Crusoe - ok

09:51:22.0028 1384 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll

09:51:22.0028 1384 CryptSvc - ok

09:51:22.0091 1384 CWMonitor - ok

09:51:22.0215 1384 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll

09:51:22.0231 1384 DcomLaunch - ok

09:51:22.0278 1384 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

09:51:22.0278 1384 DfsC - ok

09:51:22.0652 1384 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe

09:51:22.0715 1384 DFSR - ok

09:51:23.0011 1384 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll

09:51:23.0011 1384 Dhcp - ok

09:51:23.0089 1384 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

09:51:23.0089 1384 disk - ok

09:51:23.0167 1384 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll

09:51:23.0167 1384 dot3svc - ok

09:51:23.0229 1384 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll

09:51:23.0229 1384 DPS - ok

09:51:23.0276 1384 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

09:51:23.0276 1384 drmkaud - ok

09:51:23.0432 1384 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

09:51:23.0463 1384 DXGKrnl - ok

09:51:23.0526 1384 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

09:51:23.0526 1384 E1G60 - ok

09:51:23.0573 1384 EagleNT - ok

09:51:23.0635 1384 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll

09:51:23.0635 1384 EapHost - ok

09:51:23.0697 1384 easytether (5d67e5f2ca692f7dba2568182b394541) C:\Windows\system32\DRIVERS\easytthr.sys

09:51:23.0697 1384 easytether - ok

09:51:23.0775 1384 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

09:51:23.0775 1384 Ecache - ok

09:51:23.0869 1384 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe

09:51:23.0885 1384 ehRecvr - ok

09:51:23.0916 1384 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe

09:51:23.0931 1384 ehSched - ok

09:51:23.0947 1384 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll

09:51:23.0947 1384 ehstart - ok

09:51:24.0025 1384 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

09:51:24.0041 1384 elxstor - ok

09:51:24.0165 1384 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll

09:51:24.0181 1384 EMDMgmt - ok

09:51:24.0290 1384 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll

09:51:24.0290 1384 EventSystem - ok

09:51:24.0368 1384 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

09:51:24.0368 1384 exfat - ok

09:51:24.0431 1384 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

09:51:24.0431 1384 fastfat - ok

09:51:24.0477 1384 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

09:51:24.0477 1384 fdc - ok

09:51:24.0509 1384 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll

09:51:24.0509 1384 fdPHost - ok

09:51:24.0555 1384 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll

09:51:24.0555 1384 FDResPub - ok

09:51:24.0587 1384 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

09:51:24.0587 1384 FileInfo - ok

09:51:24.0618 1384 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

09:51:24.0633 1384 Filetrace - ok

09:51:24.0836 1384 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

09:51:24.0852 1384 FLEXnet Licensing Service - ok

09:51:24.0899 1384 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

09:51:24.0899 1384 flpydisk - ok

09:51:24.0992 1384 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

09:51:24.0992 1384 FltMgr - ok

09:51:25.0101 1384 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

09:51:25.0117 1384 FontCache3.0.0.0 - ok

09:51:25.0195 1384 fssfltr (bfaaa92861526bb0adcd01e964ab6609) C:\Windows\system32\DRIVERS\fssfltr.sys

09:51:25.0195 1384 fssfltr - ok

09:51:25.0554 1384 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files\Windows Live\Family Safety\fsssvc.exe

09:51:25.0585 1384 fsssvc - ok

09:51:25.0850 1384 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys

09:51:25.0866 1384 Fs_Rec - ok

09:51:25.0897 1384 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys

09:51:25.0897 1384 FwLnk - ok

09:51:25.0944 1384 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

09:51:25.0944 1384 gagp30kx - ok

09:51:25.0944 1384 GEARAspiWDM - ok

09:51:26.0069 1384 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll

09:51:26.0084 1384 gpsvc - ok

09:51:26.0271 1384 gupdate1c9872b7d755da3 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe

09:51:26.0271 1384 gupdate1c9872b7d755da3 - ok

09:51:26.0318 1384 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe

09:51:26.0318 1384 gupdatem - ok

09:51:26.0427 1384 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

09:51:26.0427 1384 gusvc - ok

09:51:26.0521 1384 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

09:51:26.0537 1384 HdAudAddService - ok

09:51:26.0646 1384 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

09:51:26.0661 1384 HDAudBus - ok

09:51:26.0693 1384 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

09:51:26.0693 1384 HidBth - ok

09:51:26.0708 1384 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

09:51:26.0708 1384 HidIr - ok

09:51:26.0786 1384 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll

09:51:26.0786 1384 hidserv - ok

09:51:26.0833 1384 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

09:51:26.0833 1384 HidUsb - ok

09:51:26.0864 1384 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll

09:51:26.0880 1384 hkmsvc - ok

09:51:26.0911 1384 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

09:51:26.0911 1384 HpCISSs - ok

09:51:27.0020 1384 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

09:51:27.0020 1384 HTTP - ok

09:51:27.0051 1384 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

09:51:27.0051 1384 i2omp - ok

09:51:27.0129 1384 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

09:51:27.0129 1384 i8042prt - ok

09:51:27.0223 1384 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

09:51:27.0239 1384 iaStorV - ok

09:51:27.0348 1384 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

09:51:27.0363 1384 IDriverT - ok

09:51:27.0582 1384 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

09:51:27.0613 1384 idsvc - ok

09:51:28.0143 1384 igfx (038815297078d236d8cc064c295a74c6) C:\Windows\system32\DRIVERS\igdkmd32.sys

09:51:28.0190 1384 igfx - ok

09:51:28.0471 1384 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

09:51:28.0471 1384 iirsp - ok

09:51:28.0596 1384 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll

09:51:28.0611 1384 IKEEXT - ok

09:51:28.0955 1384 IntcAzAudAddService (b84732d9f8459abf6323d28a3270dc19) C:\Windows\system32\drivers\RTKVHDA.sys

09:51:29.0064 1384 IntcAzAudAddService - ok

09:51:29.0282 1384 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

09:51:29.0282 1384 intelide - ok

09:51:29.0329 1384 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

09:51:29.0329 1384 intelppm - ok

09:51:29.0376 1384 IO_Memory - ok

09:51:29.0423 1384 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

09:51:29.0438 1384 IpFilterDriver - ok

09:51:29.0438 1384 IpInIp - ok

09:51:29.0501 1384 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

09:51:29.0516 1384 IPMIDRV - ok

09:51:29.0547 1384 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

09:51:29.0563 1384 IPNAT - ok

09:51:29.0579 1384 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

09:51:29.0579 1384 IRENUM - ok

09:51:29.0610 1384 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys

09:51:29.0610 1384 isapnp - ok

09:51:29.0688 1384 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

09:51:29.0688 1384 iScsiPrt - ok

09:51:29.0719 1384 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

09:51:29.0719 1384 iteatapi - ok

09:51:29.0797 1384 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

09:51:29.0797 1384 iteraid - ok

09:51:29.0844 1384 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

09:51:29.0844 1384 kbdclass - ok

09:51:29.0891 1384 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

09:51:29.0891 1384 kbdhid - ok

09:51:29.0922 1384 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

09:51:29.0922 1384 KeyIso - ok

09:51:29.0969 1384 KR10I (e8ca038f51f7761bd6e3a3b0b8014263) C:\Windows\system32\drivers\kr10i.sys

09:51:29.0984 1384 KR10I - ok

09:51:30.0031 1384 KR10N (6a4adb9186dd0e114e623daf57e42b31) C:\Windows\system32\drivers\kr10n.sys

09:51:30.0047 1384 KR10N - ok

09:51:30.0140 1384 KR3NPXP (485e005cd51ff502fb16483eb4b69c17) C:\Windows\system32\drivers\kr3npxp.sys

09:51:30.0156 1384 KR3NPXP - ok

09:51:30.0296 1384 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys

09:51:30.0312 1384 KSecDD - ok

09:51:30.0421 1384 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll

09:51:30.0421 1384 KtmRm - ok

09:51:30.0515 1384 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll

09:51:30.0515 1384 LanmanServer - ok

09:51:30.0577 1384 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll

09:51:30.0608 1384 LanmanWorkstation - ok

09:51:31.0232 1384 LiveUpdate (e553c4b4b7b4b86cd71a2dfee1b58131) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

09:51:31.0404 1384 LiveUpdate - ok

09:51:31.0653 1384 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

09:51:31.0669 1384 lltdio - ok

09:51:31.0716 1384 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll

09:51:31.0731 1384 lltdsvc - ok

09:51:31.0763 1384 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll

09:51:31.0763 1384 lmhosts - ok

09:51:31.0809 1384 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

09:51:31.0825 1384 LSI_FC - ok

09:51:31.0856 1384 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

09:51:31.0856 1384 LSI_SAS - ok

09:51:31.0903 1384 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

09:51:31.0903 1384 LSI_SCSI - ok

09:51:31.0981 1384 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

09:51:31.0997 1384 luafv - ok

09:51:32.0012 1384 lvpopflt - ok

09:51:32.0012 1384 LVUSBSta - ok

09:51:32.0043 1384 LVUVC - ok

09:51:32.0121 1384 mbamchameleon (5dc35c6ecff38c91db3511c63d0000d9) C:\Windows\system32\drivers\mbamchameleon.sys

09:51:32.0121 1384 mbamchameleon - ok

09:51:32.0184 1384 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys

09:51:32.0184 1384 MBAMProtector - ok

09:51:32.0387 1384 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

09:51:32.0402 1384 MBAMService - ok

09:51:32.0527 1384 McAfee SiteAdvisor Service (2ed44415685945d691f5089cc33dd237) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

09:51:32.0527 1384 McAfee SiteAdvisor Service - ok

09:51:32.0652 1384 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

09:51:32.0652 1384 McMPFSvc - ok

09:51:32.0667 1384 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

09:51:32.0667 1384 mcmscsvc - ok

09:51:32.0667 1384 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

09:51:32.0667 1384 McNaiAnn - ok

09:51:32.0683 1384 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

09:51:32.0683 1384 McNASvc - ok

09:51:32.0808 1384 McODS (42117cbc4849a5cf11129912dabbdeca) C:\Program Files\McAfee\VirusScan\mcods.exe

09:51:32.0808 1384 McODS - ok

09:51:32.0839 1384 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

09:51:32.0839 1384 McProxy - ok

09:51:32.0933 1384 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

09:51:32.0948 1384 McShield - ok

09:51:33.0182 1384 MCSTRM - ok

09:51:33.0229 1384 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll

09:51:33.0229 1384 Mcx2Svc - ok

09:51:33.0276 1384 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

09:51:33.0276 1384 megasas - ok

09:51:33.0338 1384 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\Windows\system32\drivers\mfeapfk.sys

09:51:33.0338 1384 mfeapfk - ok

09:51:33.0416 1384 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\Windows\system32\drivers\mfeavfk.sys

09:51:33.0432 1384 mfeavfk - ok

09:51:33.0447 1384 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\Windows\system32\drivers\mfebopk.sys

09:51:33.0447 1384 mfebopk - ok

09:51:33.0510 1384 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

09:51:33.0510 1384 mfefire - ok

09:51:33.0603 1384 mfefirek (4ea6ff90015424517843e931448e00f1) C:\Windows\system32\drivers\mfefirek.sys

09:51:33.0603 1384 mfefirek - ok

09:51:33.0697 1384 mfehidk (d1e998748ba24a731106611d535c6bbf) C:\Windows\system32\drivers\mfehidk.sys

09:51:33.0713 1384 mfehidk - ok

09:51:33.0744 1384 mfenlfk (ac04a618aef3de0fce91c766f9e069da) C:\Windows\system32\DRIVERS\mfenlfk.sys

09:51:33.0744 1384 mfenlfk - ok

09:51:33.0822 1384 mferkdet (f454a13377f0a006d20a8c14a753c432) C:\Windows\system32\drivers\mferkdet.sys

09:51:33.0822 1384 mferkdet - ok

09:51:33.0900 1384 mfevtp (b10c4efd40810c08f4b44df2efcb54f7) C:\Windows\system32\mfevtps.exe

09:51:33.0900 1384 mfevtp - ok

09:51:33.0993 1384 mfewfpk (f284337aedb7483df8a5fa840647e2b0) C:\Windows\system32\drivers\mfewfpk.sys

09:51:33.0993 1384 mfewfpk - ok

09:51:34.0025 1384 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll

09:51:34.0040 1384 MMCSS - ok

09:51:34.0056 1384 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

09:51:34.0056 1384 Modem - ok

09:51:34.0103 1384 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

09:51:34.0103 1384 monitor - ok

09:51:34.0181 1384 motmodem (49bc2ea84db5320b880a222e6e11b28b) C:\Windows\system32\DRIVERS\motmodem.sys

09:51:34.0181 1384 motmodem - ok

09:51:34.0212 1384 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

09:51:34.0227 1384 mouclass - ok

09:51:34.0227 1384 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

09:51:34.0227 1384 mouhid - ok

09:51:34.0274 1384 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

09:51:34.0274 1384 MountMgr - ok

09:51:34.0337 1384 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

09:51:34.0337 1384 mpio - ok

09:51:34.0368 1384 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

09:51:34.0368 1384 mpsdrv - ok

09:51:34.0399 1384 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

09:51:34.0399 1384 Mraid35x - ok

09:51:34.0461 1384 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

09:51:34.0461 1384 MRxDAV - ok

09:51:34.0508 1384 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

09:51:34.0508 1384 mrxsmb - ok

09:51:34.0586 1384 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

09:51:34.0586 1384 mrxsmb10 - ok

09:51:34.0617 1384 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

09:51:34.0617 1384 mrxsmb20 - ok

09:51:34.0680 1384 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys

09:51:34.0680 1384 msahci - ok

09:51:34.0711 1384 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

09:51:34.0727 1384 msdsm - ok

09:51:34.0773 1384 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe

09:51:34.0773 1384 MSDTC - ok

09:51:34.0836 1384 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

09:51:34.0836 1384 Msfs - ok

09:51:34.0883 1384 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

09:51:34.0883 1384 msisadrv - ok

09:51:34.0929 1384 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll

09:51:34.0945 1384 MSiSCSI - ok

09:51:34.0945 1384 msiserver - ok

09:51:34.0992 1384 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

09:51:34.0992 1384 MSKSSRV - ok

09:51:35.0054 1384 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

09:51:35.0054 1384 MSPCLOCK - ok

09:51:35.0070 1384 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

09:51:35.0085 1384 MSPQM - ok

09:51:35.0163 1384 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

09:51:35.0163 1384 MsRPC - ok

09:51:35.0195 1384 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

09:51:35.0195 1384 mssmbios - ok

09:51:35.0226 1384 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

09:51:35.0226 1384 MSTEE - ok

09:51:35.0273 1384 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

09:51:35.0273 1384 Mup - ok

09:51:35.0366 1384 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll

09:51:35.0382 1384 napagent - ok

09:51:35.0397 1384 napagent32 - ok

09:51:35.0475 1384 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

09:51:35.0491 1384 NativeWifiP - ok

09:51:35.0600 1384 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

09:51:35.0616 1384 NDIS - ok

09:51:35.0647 1384 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

09:51:35.0647 1384 NdisTapi - ok

09:51:35.0678 1384 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

09:51:35.0678 1384 Ndisuio - ok

09:51:35.0725 1384 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

09:51:35.0725 1384 NdisWan - ok

09:51:35.0756 1384 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

09:51:35.0756 1384 NDProxy - ok

09:51:35.0787 1384 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

09:51:35.0787 1384 NetBIOS - ok

09:51:35.0865 1384 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

09:51:35.0865 1384 netbt - ok

09:51:35.0928 1384 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

09:51:35.0928 1384 Netlogon - ok

09:51:36.0006 1384 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

09:51:36.0006 1384 NetTcpPortSharing - ok

09:51:36.0068 1384 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

09:51:36.0068 1384 nfrd960 - ok

09:51:36.0131 1384 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll

09:51:36.0146 1384 NlaSvc - ok

09:51:36.0224 1384 NMgamingmsFltr (dd0216110ae219f333d0f99079a4be42) C:\Windows\system32\drivers\NMgamingms.sys

09:51:36.0224 1384 NMgamingmsFltr - ok

09:51:36.0271 1384 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

09:51:36.0271 1384 Npfs - ok

09:51:36.0302 1384 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

09:51:36.0302 1384 nsiproxy - ok

09:51:36.0536 1384 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

09:51:36.0567 1384 Ntfs - ok

09:51:36.0599 1384 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

09:51:36.0599 1384 ntrigdigi - ok

09:51:36.0614 1384 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

09:51:36.0614 1384 Null - ok

09:51:36.0661 1384 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

09:51:36.0661 1384 nvraid - ok

09:51:36.0692 1384 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

09:51:36.0692 1384 nvstor - ok

09:51:36.0723 1384 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys

09:51:36.0723 1384 nv_agp - ok

09:51:36.0723 1384 NwlnkFlt - ok

09:51:36.0739 1384 NwlnkFwd - ok

09:51:37.0004 1384 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

09:51:37.0020 1384 odserv - ok

09:51:37.0098 1384 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

09:51:37.0098 1384 ohci1394 - ok

09:51:37.0191 1384 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:51:37.0191 1384 ose - ok

09:51:37.0363 1384 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

09:51:37.0379 1384 p2pimsvc - ok

09:51:37.0394 1384 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

09:51:37.0394 1384 p2psvc - ok

09:51:37.0457 1384 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

09:51:37.0457 1384 Parport - ok

09:51:37.0503 1384 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys

09:51:37.0503 1384 partmgr - ok

09:51:37.0597 1384 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

09:51:37.0597 1384 Parvdm - ok

09:51:37.0628 1384 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll

09:51:37.0644 1384 PcaSvc - ok

09:51:37.0706 1384 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

09:51:37.0706 1384 pci - ok

09:51:37.0737 1384 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys

09:51:37.0737 1384 pciide - ok

09:51:37.0800 1384 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys

09:51:37.0800 1384 pcmcia - ok

09:51:37.0815 1384 PCTINDIS5 - ok

09:51:38.0003 1384 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

09:51:38.0018 1384 PEAUTH - ok

09:51:38.0127 1384 pinger (6dbf2ac2bdaff355995ab25eccc4cfe1) C:\TOSHIBA\IVP\ISM\pinger.exe

09:51:38.0143 1384 pinger - ok

09:51:38.0408 1384 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll

09:51:38.0439 1384 pla - ok

09:51:38.0767 1384 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

09:51:38.0783 1384 PNRPAutoReg - ok

09:51:38.0798 1384 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll

09:51:38.0798 1384 PNRPsvc - ok

09:51:38.0907 1384 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll

09:51:38.0923 1384 PolicyAgent - ok

09:51:39.0001 1384 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

09:51:39.0001 1384 PptpMiniport - ok

09:51:39.0032 1384 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

09:51:39.0032 1384 Processor - ok

09:51:39.0110 1384 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll

09:51:39.0110 1384 ProfSvc - ok

09:51:39.0157 1384 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

09:51:39.0157 1384 ProtectedStorage - ok

09:51:39.0204 1384 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

09:51:39.0204 1384 PSched - ok

09:51:39.0251 1384 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\Windows\system32\Drivers\PxHelp20.sys

09:51:39.0251 1384 PxHelp20 - ok

09:51:39.0438 1384 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

09:51:39.0469 1384 ql2300 - ok

09:51:39.0516 1384 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

09:51:39.0516 1384 ql40xx - ok

09:51:39.0547 1384 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

09:51:39.0547 1384 QWAVEdrv - ok

09:51:39.0563 1384 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

09:51:39.0578 1384 RasAcd - ok

09:51:39.0609 1384 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll

09:51:39.0609 1384 RasAuto - ok

09:51:39.0641 1384 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

09:51:39.0656 1384 Rasl2tp - ok

09:51:39.0734 1384 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll

09:51:39.0734 1384 RasMan - ok

09:51:39.0781 1384 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

09:51:39.0797 1384 RasPppoe - ok

09:51:39.0843 1384 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

09:51:39.0843 1384 RasSstp - ok

09:51:39.0921 1384 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

09:51:39.0921 1384 rdbss - ok

09:51:39.0984 1384 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

09:51:39.0984 1384 RDPCDD - ok

09:51:40.0062 1384 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys

09:51:40.0077 1384 rdpdr - ok

09:51:40.0093 1384 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

09:51:40.0093 1384 RDPENCDD - ok

09:51:40.0155 1384 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys

09:51:40.0171 1384 RDPWD - ok

09:51:40.0202 1384 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll

09:51:40.0202 1384 RemoteAccess - ok

09:51:40.0265 1384 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll

09:51:40.0265 1384 RemoteRegistry - ok

09:51:40.0327 1384 RimVSerPort (12a2fd77e334b223531f1e2918480d49) C:\Windows\system32\DRIVERS\RimSerial.sys

09:51:40.0327 1384 RimVSerPort - ok

09:51:40.0389 1384 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys

09:51:40.0389 1384 ROOTMODEM - ok

09:51:40.0421 1384 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe

09:51:40.0421 1384 RpcLocator - ok

09:51:40.0561 1384 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll

09:51:40.0561 1384 RpcSs - ok

09:51:40.0592 1384 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

09:51:40.0592 1384 rspndr - ok

09:51:40.0623 1384 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe

09:51:40.0623 1384 SamSs - ok

09:51:40.0670 1384 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

09:51:40.0670 1384 sbp2port - ok

09:51:40.0733 1384 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll

09:51:40.0733 1384 SCardSvr - ok

09:51:40.0873 1384 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll

09:51:40.0889 1384 Schedule - ok

09:51:40.0951 1384 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll

09:51:40.0951 1384 SCPolicySvc - ok

09:51:41.0013 1384 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys

09:51:41.0013 1384 sdbus - ok

09:51:41.0076 1384 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll

09:51:41.0076 1384 SDRSVC - ok

09:51:41.0263 1384 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files\Microsoft\BingBar\SeaPort.EXE

09:51:41.0263 1384 SeaPort - ok

09:51:41.0294 1384 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

09:51:41.0294 1384 secdrv - ok

09:51:41.0310 1384 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

09:51:41.0310 1384 Serenum - ok

09:51:41.0357 1384 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

09:51:41.0372 1384 Serial - ok

09:51:41.0419 1384 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

09:51:41.0419 1384 sermouse - ok

09:51:41.0466 1384 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys

09:51:41.0466 1384 sffdisk - ok

09:51:41.0497 1384 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys

09:51:41.0497 1384 sffp_mmc - ok

09:51:41.0544 1384 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys

09:51:41.0544 1384 sffp_sd - ok

09:51:41.0575 1384 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

09:51:41.0591 1384 sfloppy - ok

09:51:41.0669 1384 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll

09:51:41.0684 1384 SharedAccess - ok

09:51:41.0747 1384 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll

09:51:41.0762 1384 ShellHWDetection - ok

09:51:41.0793 1384 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys

09:51:41.0793 1384 sisagp - ok

09:51:41.0825 1384 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

09:51:41.0825 1384 SiSRaid2 - ok

09:51:41.0856 1384 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

09:51:41.0856 1384 SiSRaid4 - ok

09:51:42.0433 1384 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe

09:51:42.0527 1384 slsvc - ok

09:51:42.0792 1384 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

09:51:42.0807 1384 Smb - ok

09:51:42.0870 1384 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe

09:51:42.0870 1384 SNMPTRAP - ok

09:51:42.0901 1384 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

09:51:42.0901 1384 spldr - ok

09:51:42.0979 1384 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe

09:51:42.0979 1384 Spooler - ok

09:51:43.0073 1384 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

09:51:43.0073 1384 srv - ok

09:51:43.0135 1384 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

09:51:43.0135 1384 srv2 - ok

09:51:43.0166 1384 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

09:51:43.0166 1384 srvnet - ok

09:51:43.0213 1384 sscdbus (069351a1d7d291013177a90ae6edccbc) C:\Windows\system32\DRIVERS\sscdbus.sys

09:51:43.0213 1384 sscdbus - ok

09:51:43.0260 1384 sscdmdfl (1c925be223a5c0f9f469252292a48df6) C:\Windows\system32\DRIVERS\sscdmdfl.sys

09:51:43.0260 1384 sscdmdfl - ok

09:51:43.0307 1384 sscdmdm (ae3e77ae0fbdb07eb1ac3fed74a0695e) C:\Windows\system32\DRIVERS\sscdmdm.sys

09:51:43.0307 1384 sscdmdm - ok

09:51:43.0353 1384 sscdserd (6c239402a3303c66016f5f915e0e8698) C:\Windows\system32\DRIVERS\sscdserd.sys

09:51:43.0353 1384 sscdserd - ok

09:51:43.0431 1384 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll

09:51:43.0431 1384 SSDPSRV - ok

09:51:43.0494 1384 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll

09:51:43.0494 1384 SstpSvc - ok

09:51:43.0634 1384 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll

09:51:43.0650 1384 stisvc - ok

09:51:43.0681 1384 SVRPEDRV - ok

09:51:43.0728 1384 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

09:51:43.0728 1384 swenum - ok

09:51:43.0946 1384 swmsflt (1e36ae445e4da83b82d51feb2d4f8772) C:\Windows\System32\drivers\swmsflt.sys

09:51:43.0977 1384 swmsflt - ok

09:51:44.0040 1384 SWNC8U56 (2f6f8b7f821c994de3d1caf399bf9cd3) C:\Windows\system32\DRIVERS\swnc8u56.sys

09:51:44.0055 1384 SWNC8U56 - ok

09:51:44.0133 1384 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll

09:51:44.0149 1384 swprv - ok

09:51:44.0211 1384 SWUMX56 (903a5e596a3910cebfa33f3bd7d9c174) C:\Windows\system32\DRIVERS\swumx56.sys

09:51:44.0211 1384 SWUMX56 - ok

09:51:44.0243 1384 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

09:51:44.0243 1384 Symc8xx - ok

09:51:44.0274 1384 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

09:51:44.0289 1384 Sym_hi - ok

09:51:44.0321 1384 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

09:51:44.0321 1384 Sym_u3 - ok

09:51:44.0445 1384 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys

09:51:44.0445 1384 SynTP - ok

09:51:44.0492 1384 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll

09:51:44.0492 1384 TabletInputService - ok

09:51:44.0570 1384 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll

09:51:44.0570 1384 TapiSrv - ok

09:51:44.0617 1384 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll

09:51:44.0617 1384 TBS - ok

09:51:44.0804 1384 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys

09:51:44.0835 1384 Tcpip - ok

09:51:44.0851 1384 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys

09:51:44.0851 1384 Tcpip6 - ok

09:51:44.0882 1384 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

09:51:44.0882 1384 tcpipreg - ok

09:51:44.0913 1384 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys

09:51:44.0913 1384 tdcmdpst - ok

09:51:44.0945 1384 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

09:51:44.0976 1384 TDPIPE - ok

09:51:45.0023 1384 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

09:51:45.0023 1384 TDTCP - ok

09:51:45.0069 1384 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

09:51:45.0069 1384 tdx - ok

09:51:45.0116 1384 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

09:51:45.0132 1384 TermDD - ok

09:51:45.0257 1384 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll

09:51:45.0257 1384 TermService - ok

09:51:45.0335 1384 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll

09:51:45.0350 1384 Themes - ok

09:51:45.0381 1384 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll

09:51:45.0381 1384 THREADORDER - ok

09:51:45.0459 1384 tifm21 (e4c85c291ddb3dc5e4a2f227ca465ba6) C:\Windows\system32\drivers\tifm21.sys

09:51:45.0459 1384 tifm21 - ok

09:51:45.0584 1384 TNaviSrv (b351aa72eae95c4447a3c5329977f064) C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe

09:51:45.0584 1384 TNaviSrv - ok

09:51:45.0631 1384 TODDSrv (d540858e65bfa6fded41ad2495ece344) C:\Windows\system32\TODDSrv.exe

09:51:45.0647 1384 TODDSrv - ok

09:51:45.0725 1384 TosCoSrv (6a54c28b53c6b50d333c8ee974c6b208) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

09:51:45.0740 1384 TosCoSrv - ok

09:51:45.0756 1384 tosporte - ok

09:51:45.0771 1384 Tosrfcom - ok

09:51:45.0834 1384 tos_sps32 (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys

09:51:45.0834 1384 tos_sps32 - ok

09:51:45.0881 1384 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll

09:51:45.0881 1384 TrkWks - ok

09:51:45.0943 1384 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe

09:51:45.0943 1384 TrustedInstaller - ok

09:51:45.0974 1384 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

09:51:45.0990 1384 tssecsrv - ok

09:51:46.0052 1384 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

09:51:46.0052 1384 tunmp - ok

09:51:46.0099 1384 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

09:51:46.0099 1384 tunnel - ok

09:51:46.0130 1384 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS

09:51:46.0130 1384 TVALZ - ok

09:51:46.0177 1384 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

09:51:46.0177 1384 uagp35 - ok

09:51:46.0239 1384 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

09:51:46.0271 1384 udfs - ok

09:51:46.0302 1384 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe

09:51:46.0302 1384 UI0Detect - ok

09:51:46.0427 1384 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

09:51:46.0427 1384 UleadBurningHelper - ok

09:51:46.0473 1384 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys

09:51:46.0473 1384 uliagpkx - ok

09:51:46.0551 1384 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

09:51:46.0551 1384 uliahci - ok

09:51:46.0598 1384 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

09:51:46.0614 1384 UlSata - ok

09:51:46.0645 1384 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

09:51:46.0661 1384 ulsata2 - ok

09:51:46.0692 1384 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

09:51:46.0692 1384 umbus - ok

09:51:46.0723 1384 USBAAPL - ok

09:51:46.0770 1384 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys

09:51:46.0770 1384 usbaudio - ok

09:51:46.0817 1384 usbbus (9419faac6552a51542dbba02971c841c) C:\Windows\system32\DRIVERS\lgusbbus.sys

09:51:46.0832 1384 usbbus - ok

09:51:46.0879 1384 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

09:51:46.0895 1384 usbccgp - ok

09:51:46.0941 1384 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

09:51:46.0957 1384 usbcir - ok

09:51:47.0004 1384 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\Windows\system32\DRIVERS\lgusbdiag.sys

09:51:47.0004 1384 UsbDiag - ok

09:51:47.0082 1384 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

09:51:47.0082 1384 usbehci - ok

09:51:47.0160 1384 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

09:51:47.0160 1384 usbhub - ok

09:51:47.0191 1384 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\Windows\system32\DRIVERS\lgusbmodem.sys

09:51:47.0191 1384 USBModem - ok

09:51:47.0207 1384 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

09:51:47.0238 1384 usbohci - ok

09:51:47.0285 1384 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

09:51:47.0285 1384 usbprint - ok

09:51:47.0347 1384 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

09:51:47.0347 1384 usbscan - ok

09:51:47.0378 1384 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

09:51:47.0394 1384 USBSTOR - ok

09:51:47.0425 1384 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

09:51:47.0425 1384 usbuhci - ok

09:51:47.0519 1384 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

09:51:47.0519 1384 usbvideo - ok

09:51:47.0628 1384 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll

09:51:47.0628 1384 UxSms - ok

09:51:47.0737 1384 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe

09:51:47.0753 1384 vds - ok

09:51:47.0784 1384 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys

09:51:47.0784 1384 vga - ok

09:51:47.0831 1384 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

09:51:47.0831 1384 VgaSave - ok

09:51:47.0877 1384 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys

09:51:47.0877 1384 viaagp - ok

09:51:47.0909 1384 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

09:51:47.0909 1384 ViaC7 - ok

09:51:47.0940 1384 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys

09:51:47.0940 1384 viaide - ok

09:51:47.0987 1384 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

09:51:47.0987 1384 volmgr - ok

09:51:48.0096 1384 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

09:51:48.0096 1384 volmgrx - ok

09:51:48.0174 1384 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

09:51:48.0189 1384 volsnap - ok

09:51:48.0252 1384 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

09:51:48.0267 1384 vsmraid - ok

09:51:48.0455 1384 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe

09:51:48.0486 1384 VSS - ok

09:51:48.0564 1384 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll

09:51:48.0579 1384 W32Time - ok

09:51:48.0657 1384 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

09:51:48.0657 1384 WacomPen - ok

09:51:48.0704 1384 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

09:51:48.0704 1384 Wanarp - ok

09:51:48.0720 1384 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

09:51:48.0720 1384 Wanarpv6 - ok

09:51:48.0735 1384 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

09:51:48.0735 1384 Wd - ok

09:51:48.0860 1384 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

09:51:48.0907 1384 Wdf01000 - ok

09:51:48.0938 1384 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll

09:51:48.0954 1384 WdiServiceHost - ok

09:51:48.0954 1384 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll

09:51:48.0954 1384 WdiSystemHost - ok

09:51:49.0032 1384 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll

09:51:49.0047 1384 Wecsvc - ok

09:51:49.0079 1384 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll

09:51:49.0094 1384 wercplsupport - ok

09:51:49.0141 1384 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll

09:51:49.0157 1384 WerSvc - ok

09:51:49.0250 1384 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll

09:51:49.0266 1384 Winmgmt - ok

09:51:49.0484 1384 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll

09:51:49.0515 1384 WinRM - ok

09:51:49.0640 1384 winusb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\winusb.sys

09:51:49.0640 1384 winusb - ok

09:51:49.0749 1384 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll

09:51:49.0765 1384 Wlansvc - ok

09:51:49.0937 1384 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

09:51:49.0937 1384 wlcrasvc - ok

09:51:50.0311 1384 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

09:51:50.0389 1384 wlidsvc - ok

09:51:50.0639 1384 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys

09:51:50.0639 1384 WmiAcpi - ok

09:51:50.0763 1384 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe

09:51:50.0779 1384 wmiApSrv - ok

09:51:50.0997 1384 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe

09:51:51.0029 1384 WMPNetworkSvc - ok

09:51:51.0060 1384 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll

09:51:51.0075 1384 WPCSvc - ok

09:51:51.0200 1384 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

09:51:51.0200 1384 WpdUsb - ok

09:51:51.0465 1384 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

09:51:51.0481 1384 WPFFontCache_v0400 - ok

09:51:51.0512 1384 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

09:51:51.0512 1384 ws2ifsl - ok

09:51:51.0528 1384 WSearch - ok

09:51:51.0590 1384 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

09:51:51.0590 1384 WUDFRd - ok

09:51:51.0621 1384 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll

09:51:51.0637 1384 wudfsvc - ok

09:51:51.0855 1384 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

09:51:51.0871 1384 YahooAUService - ok

09:51:51.0949 1384 yukonwlh (1dd951cf8a69fa2bea82f3e3a811fa95) C:\Windows\system32\DRIVERS\yk60x86.sys

09:51:51.0949 1384 yukonwlh - ok

09:51:52.0027 1384 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0

09:51:52.0760 1384 \Device\Harddisk0\DR0 - ok

09:51:52.0760 1384 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk1\DR1

09:51:53.0447 1384 \Device\Harddisk1\DR1 - ok

09:51:53.0493 1384 Boot (0x1200) (1e56299812b204e435a7d11b32df5901) \Device\Harddisk0\DR0\Partition0

09:51:53.0493 1384 \Device\Harddisk0\DR0\Partition0 - ok

09:51:53.0509 1384 Boot (0x1200) (b00ccba021324f5fbd884505a3a6bb8e) \Device\Harddisk1\DR1\Partition0

09:51:53.0509 1384 \Device\Harddisk1\DR1\Partition0 - ok

09:51:53.0509 1384 ============================================================

09:51:53.0509 1384 Scan finished

09:51:53.0509 1384 ============================================================

09:51:53.0525 0556 Detected object count: 0

09:51:53.0525 0556 Actual detected object count: 0

Link to post
Share on other sites

OK, the TDSSKILLER result is good. You've made some good headway & have regained use of the Start function.

But we still have more checks to do.

Logoff and Restart Vista in Normal (regular) mode. And do as much as possible of the following. There is more to do later.

So still consider this pc as if it were in quarantine.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT by doing a Right-Click on it & select Run As Admisnistrator

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

Show all files:

  • Click the Start button, and then click Computer.
  • On the Organize menu, click Folder and Search Options.
  • Click the View tab.
  • Locate and uncheck Hide file extensions for known file types.
  • Locate and uncheck Hide protected operating system files (Recommended).
  • Locate and click Show hidden files and folders.
  • Click Apply > OK.

Step 3

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Download aswMBR.exe ( 511KB ) to your desktop.

On Windows 7 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.

On Windows XP, double click the exe to start.

change the a-v scan to None.

uncheck trace disk IO calls

Click the "Scan" button to start scan

On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Step 4

RE-Enable your antivirus program. :excl:

Download Security Check by screen317 and save it to your Desktop: here or here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

eusa_hand.gifIf one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.

Step 5

Download >> Farbar's Service Scanner utility << and Save to your Desktop.

If using Windows 7 or Vista, Right-Click on fss.exe and select Run As Admisnitrator.

If using XP, double-click to start.

Answer Yes to ok when prompted.

If your firewall then puts out a prompt, again, allow it to run.

Once FSS is on-screen:

Keep the checkmark on Internet Services.

Checkmark Windows firewall

Checkmark Security Center.

Click on "Scan".

It will create a log (FSS.txt) in the same directory the tool is run.

Copy & Paste FSS.txt with your reply.

Then copy/paste the following into your post (in order):

  • the contents of aswMBR report;
  • the contents of checkup.txt
  • the contents of FSS.txt

Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

Link to post
Share on other sites

humh.

Please download ExeFix.reg by farbar and save it to a flashdrive or on the root of the system drive (usually C:).

  • Important: Boot your computer into the account that has trouble running exe files.
  • Right-click it and select Merge.

Do the EXEFix and try running the tools one more time.

IF still cannot do that, Restart system & use Safe Mode with Networking. and then run each tool.

Link to post
Share on other sites

aswMBR report

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-06-21 13:04:06

-----------------------------

13:04:06.312 OS Version: Windows 6.0.6002 Service Pack 2

13:04:06.312 Number of processors: 2 586 0xF0D

13:04:06.312 ComputerName: NONPAREIL UserName: Morgan

13:04:30.117 Initialize success

13:05:36.324 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4

13:05:36.324 Disk 0 Vendor: TOSHIBA_MK2035GSS DK020M Size: 190782MB BusType: 3

13:05:36.339 Disk 0 MBR read successfully

13:05:36.355 Disk 0 MBR scan

13:05:36.355 Disk 0 Windows VISTA default MBR code

13:05:36.371 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048

13:05:36.402 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 189278 MB offset 3074048

13:05:36.402 Disk 0 scanning sectors +390715392

13:05:36.464 Disk 0 scanning C:\Windows\system32\drivers

13:05:47.915 Service scanning

13:06:16.244 Modules scanning

13:06:24.450 Scan finished successfully

13:14:53.571 Disk 0 MBR has been saved successfully to "C:\Users\Morgan\Desktop\MBR.dat"

13:14:53.587 The log file has been saved successfully to "C:\Users\Morgan\Desktop\aswMBR.txt"

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.