Jump to content

google redirect


Recommended Posts

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.1.0

Run by rich at 22:50:30 on 2012-03-29

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3070.2259 [GMT -5:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\rundll32.exe

C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\PostgreSQL\9.0\bin\postgres.exe

C:\Windows\system32\conhost.exe

C:\Program Files\PostgreSQL\9.0\bin\postgres.exe

C:\Program Files\PostgreSQL\9.0\bin\postgres.exe

C:\Program Files\PostgreSQL\9.0\bin\postgres.exe

C:\Program Files\PostgreSQL\9.0\bin\postgres.exe

C:\Program Files\PostgreSQL\9.0\bin\postgres.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\System32\M-AudioTaskBarIcon.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [M-Audio Taskbar Icon] c:\windows\system32\M-AudioTaskBarIcon.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{855A61B4-F3AB-4273-AA7C-3A9801B994B6} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{96E1D7E3-0FF9-4000-AC2A-8104715BC0B7} : DhcpNameServer = 192.168.0.1

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\rich\appdata\roaming\mozilla\firefox\profiles\kvtcmbdk.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll

.

============= SERVICES / DRIVERS ===============

.

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]

R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-18 176128]

R2 postgresql-9.0;postgresql-9.0 - PostgreSQL Server 9.0;C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w --> C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N postgresql-9.0 [?]

R3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2009-7-13 229888]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 MAUSBFASTTRACK;Service for M-Audio FastTrack;c:\windows\system32\drivers\MAudioFastTrack.sys [2010-12-7 158344]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-7-27 15872]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-27 52224]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-11-20 1343400]

.

=============== Created Last 30 ================

.

2012-03-14 18:23:27 -------- d-----w- c:\program files\M-Audio

2012-03-11 00:15:01 68068 ----a-w- c:\windows\system32\bassmididrvuninstall.exe

2012-03-11 00:15:01 -------- d-----w- c:\windows\system32\bassmididrv

2012-03-10 22:39:58 -------- d-----w- c:\users\rich\TruePianos Settings

2012-03-10 22:39:31 -------- d-----w- c:\users\rich\appdata\roaming\Cakewalk

2012-03-10 22:35:17 -------- d-----w- c:\program files\common files\Native Instruments

2012-03-10 22:35:14 -------- d-----w- c:\program files\common files\Digidesign

2012-03-10 22:34:29 -------- d-----w- c:\program files\Native Instruments

2012-03-10 22:27:21 499712 ----a-w- c:\windows\system32\msvcp71.dll

2012-03-10 22:27:21 487424 ----a-w- c:\windows\system32\msvcp70.dll

2012-03-10 22:27:21 368640 ----a-w- c:\windows\system32\ReWire.dll

2012-03-10 22:27:21 348160 ----a-w- c:\windows\system32\msvcr71.dll

2012-03-10 22:27:21 344064 ----a-w- c:\windows\system32\msvcr70.dll

2012-03-10 22:27:21 1047552 ----a-w- c:\windows\system32\mfc71u.dll

2012-03-10 22:27:18 1060864 ----a-w- c:\windows\system32\mfc71.dll

2012-03-10 22:26:45 -------- d-----w- c:\programdata\Cakewalk

2012-03-10 22:26:45 -------- d-----w- c:\program files\Cakewalk

2012-03-10 22:26:45 -------- d-----w- C:\Cakewalk Projects

.

==================== Find3M ====================

.

2012-01-14 03:35:54 2343424 ----a-w- c:\windows\system32\win32k.sys

.

============= FINISH: 22:50:57.75 ===============

Attach.txt

Link to post
Share on other sites

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system (don't run any other options)

Post back the report.

MrC

Link to post
Share on other sites

RogueKiller V7.3.2 [03/20/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version

Started in : Normal mode

User: rich [Admin rights]

Mode: Scan -- Date: 04/03/2012 08:26:11

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 5 ¤¤¤

[bLACKLIST DLL] HKUS\S-1-5-21-1128884737-855229167-1334141587-1001[...]\Run : Update (rundll32.exe "C:\Users\rich\AppData\Roaming\Cakewalk\Cakewalk\buhjtfc.dll",DllRegisterServer) -> FOUND

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEVT-75ZCT2 ATA Device +++++

--- User ---

[MBR] a98ce58c0140bae4bbc9f1c3d419755e

[bSP] 4b59f11fc371874d53edb2cda998bf92 : Windows 7 MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 141 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 290816 | Size: 10240 Mo

2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21262336 | Size: 294862 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites

Please make sure you have system restore running and create a new restore point before proceeding.

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

tdss_1.jpg

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

tdss_2.jpg

------------------------

Click the Start Scan button.

tdss_3.jpg

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

tdss_4.jpg

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

tdss_5.jpg

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

MrC

Link to post
Share on other sites

08:38:54.0701 2828 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32

08:38:55.0091 2828 ============================================================

08:38:55.0091 2828 Current date / time: 2012/04/03 08:38:55.0091

08:38:55.0091 2828 SystemInfo:

08:38:55.0091 2828

08:38:55.0091 2828 OS Version: 6.1.7601 ServicePack: 1.0

08:38:55.0091 2828 Product type: Workstation

08:38:55.0091 2828 ComputerName: RICH-PC

08:38:55.0091 2828 UserName: rich

08:38:55.0091 2828 Windows directory: C:\Windows

08:38:55.0091 2828 System windows directory: C:\Windows

08:38:55.0091 2828 Processor architecture: Intel x86

08:38:55.0091 2828 Number of processors: 2

08:38:55.0091 2828 Page size: 0x1000

08:38:55.0091 2828 Boot type: Normal boot

08:38:55.0091 2828 ============================================================

08:38:56.0136 2828 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

08:38:56.0136 2828 \Device\Harddisk0\DR0:

08:38:56.0136 2828 MBR used

08:38:56.0136 2828 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x47000, BlocksNum 0x1400000

08:38:56.0136 2828 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1447000, BlocksNum 0x23FE7000

08:38:56.0183 2828 Initialize success

08:38:56.0183 2828 ============================================================

08:39:20.0409 2328 ============================================================

08:39:20.0409 2328 Scan started

08:39:20.0409 2328 Mode: Manual; SigCheck; TDLFS;

08:39:20.0409 2328 ============================================================

08:39:21.0267 2328 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys

08:39:21.0470 2328 1394ohci - ok

08:39:21.0533 2328 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys

08:39:21.0564 2328 ACPI - ok

08:39:21.0595 2328 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys

08:39:21.0704 2328 AcpiPmi - ok

08:39:21.0798 2328 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

08:39:21.0829 2328 adp94xx - ok

08:39:21.0845 2328 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

08:39:21.0860 2328 adpahci - ok

08:39:21.0876 2328 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

08:39:21.0891 2328 adpu320 - ok

08:39:21.0938 2328 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll

08:39:22.0016 2328 AeLookupSvc - ok

08:39:22.0063 2328 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys

08:39:22.0141 2328 AFD - ok

08:39:22.0188 2328 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys

08:39:22.0219 2328 agp440 - ok

08:39:22.0297 2328 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

08:39:22.0313 2328 aic78xx - ok

08:39:22.0375 2328 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe

08:39:22.0453 2328 ALG - ok

08:39:22.0469 2328 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys

08:39:22.0484 2328 aliide - ok

08:39:22.0531 2328 AMD External Events Utility (b19505648f033393e907e2e419fde8b3) C:\Windows\system32\atiesrxx.exe

08:39:22.0609 2328 AMD External Events Utility - ok

08:39:22.0640 2328 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys

08:39:22.0656 2328 amdagp - ok

08:39:22.0687 2328 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys

08:39:22.0703 2328 amdide - ok

08:39:22.0749 2328 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

08:39:22.0827 2328 AmdK8 - ok

08:39:22.0827 2328 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

08:39:22.0890 2328 AmdPPM - ok

08:39:22.0952 2328 amdsata (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys

08:39:22.0968 2328 amdsata - ok

08:39:22.0999 2328 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

08:39:22.0999 2328 amdsbs - ok

08:39:23.0030 2328 amdxata (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys

08:39:23.0046 2328 amdxata - ok

08:39:23.0093 2328 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys

08:39:23.0249 2328 AppID - ok

08:39:23.0311 2328 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll

08:39:23.0389 2328 AppIDSvc - ok

08:39:23.0436 2328 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll

08:39:23.0514 2328 Appinfo - ok

08:39:23.0576 2328 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll

08:39:23.0639 2328 AppMgmt - ok

08:39:23.0701 2328 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

08:39:23.0717 2328 arc - ok

08:39:23.0732 2328 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

08:39:23.0748 2328 arcsas - ok

08:39:23.0779 2328 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

08:39:23.0966 2328 AsyncMac - ok

08:39:24.0107 2328 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys

08:39:24.0122 2328 atapi - ok

08:39:24.0294 2328 atikmdag (04f09923a393e4e0e8453a8f78361e73) C:\Windows\system32\DRIVERS\atikmdag.sys

08:39:24.0450 2328 atikmdag - ok

08:39:24.0512 2328 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll

08:39:24.0559 2328 AudioEndpointBuilder - ok

08:39:24.0606 2328 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll

08:39:24.0653 2328 Audiosrv - ok

08:39:24.0715 2328 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll

08:39:24.0824 2328 AxInstSV - ok

08:39:24.0887 2328 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

08:39:24.0965 2328 b06bdrv - ok

08:39:25.0011 2328 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys

08:39:25.0043 2328 b57nd60x - ok

08:39:25.0121 2328 BCM43XX (eb7c2dadf52f50f69f198c14c3556dc1) C:\Windows\system32\DRIVERS\bcmwl6.sys

08:39:25.0261 2328 BCM43XX - ok

08:39:25.0292 2328 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll

08:39:25.0370 2328 BDESVC - ok

08:39:25.0417 2328 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

08:39:25.0495 2328 Beep - ok

08:39:25.0573 2328 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll

08:39:25.0651 2328 BFE - ok

08:39:25.0698 2328 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll

08:39:25.0792 2328 BITS - ok

08:39:25.0823 2328 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

08:39:25.0870 2328 blbdrive - ok

08:39:25.0916 2328 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys

08:39:25.0948 2328 bowser - ok

08:39:25.0948 2328 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

08:39:25.0994 2328 BrFiltLo - ok

08:39:26.0010 2328 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

08:39:26.0057 2328 BrFiltUp - ok

08:39:26.0119 2328 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys

08:39:26.0182 2328 BridgeMP - ok

08:39:26.0228 2328 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll

08:39:26.0306 2328 Browser - ok

08:39:26.0322 2328 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

08:39:26.0353 2328 Brserid - ok

08:39:26.0384 2328 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

08:39:26.0416 2328 BrSerWdm - ok

08:39:26.0431 2328 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

08:39:26.0447 2328 BrUsbMdm - ok

08:39:26.0462 2328 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

08:39:26.0494 2328 BrUsbSer - ok

08:39:26.0509 2328 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

08:39:26.0540 2328 BTHMODEM - ok

08:39:26.0603 2328 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll

08:39:26.0634 2328 bthserv - ok

08:39:26.0743 2328 catchme - ok

08:39:26.0790 2328 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

08:39:26.0852 2328 cdfs - ok

08:39:26.0915 2328 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys

08:39:26.0962 2328 cdrom - ok

08:39:27.0008 2328 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll

08:39:27.0211 2328 CertPropSvc - ok

08:39:27.0242 2328 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

08:39:27.0274 2328 circlass - ok

08:39:27.0320 2328 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

08:39:27.0336 2328 CLFS - ok

08:39:27.0414 2328 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

08:39:27.0414 2328 clr_optimization_v2.0.50727_32 - ok

08:39:27.0461 2328 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

08:39:27.0508 2328 CmBatt - ok

08:39:27.0554 2328 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys

08:39:27.0570 2328 cmdide - ok

08:39:27.0617 2328 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys

08:39:27.0648 2328 CNG - ok

08:39:27.0679 2328 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

08:39:27.0695 2328 Compbatt - ok

08:39:27.0726 2328 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys

08:39:27.0788 2328 CompositeBus - ok

08:39:27.0820 2328 COMSysApp - ok

08:39:27.0851 2328 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

08:39:27.0851 2328 crcdisk - ok

08:39:27.0913 2328 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll

08:39:27.0960 2328 CryptSvc - ok

08:39:28.0022 2328 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys

08:39:28.0085 2328 CSC - ok

08:39:28.0132 2328 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll

08:39:28.0194 2328 CscService - ok

08:39:28.0256 2328 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll

08:39:28.0490 2328 DcomLaunch - ok

08:39:28.0537 2328 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll

08:39:28.0584 2328 defragsvc - ok

08:39:28.0646 2328 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys

08:39:28.0709 2328 DfsC - ok

08:39:28.0771 2328 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll

08:39:28.0834 2328 Dhcp - ok

08:39:28.0865 2328 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

08:39:28.0927 2328 discache - ok

08:39:28.0974 2328 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

08:39:28.0990 2328 Disk - ok

08:39:29.0036 2328 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll

08:39:29.0114 2328 Dnscache - ok

08:39:29.0161 2328 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll

08:39:29.0239 2328 dot3svc - ok

08:39:29.0270 2328 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll

08:39:29.0333 2328 DPS - ok

08:39:29.0395 2328 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

08:39:29.0442 2328 drmkaud - ok

08:39:29.0504 2328 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys

08:39:29.0551 2328 DXGKrnl - ok

08:39:29.0582 2328 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll

08:39:29.0629 2328 EapHost - ok

08:39:29.0770 2328 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

08:39:29.0863 2328 ebdrv - ok

08:39:29.0894 2328 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe

08:39:29.0926 2328 EFS - ok

08:39:30.0019 2328 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe

08:39:30.0113 2328 ehRecvr - ok

08:39:30.0144 2328 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe

08:39:30.0222 2328 ehSched - ok

08:39:30.0284 2328 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

08:39:30.0300 2328 elxstor - ok

08:39:30.0331 2328 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys

08:39:30.0362 2328 ErrDev - ok

08:39:30.0440 2328 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll

08:39:30.0503 2328 EventSystem - ok

08:39:30.0550 2328 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

08:39:30.0581 2328 exfat - ok

08:39:30.0628 2328 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

08:39:30.0690 2328 fastfat - ok

08:39:30.0784 2328 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe

08:39:30.0846 2328 Fax - ok

08:39:30.0877 2328 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

08:39:30.0924 2328 fdc - ok

08:39:30.0971 2328 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll

08:39:31.0018 2328 fdPHost - ok

08:39:31.0064 2328 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll

08:39:31.0111 2328 FDResPub - ok

08:39:31.0142 2328 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

08:39:31.0158 2328 FileInfo - ok

08:39:31.0174 2328 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

08:39:31.0220 2328 Filetrace - ok

08:39:31.0236 2328 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

08:39:31.0252 2328 flpydisk - ok

08:39:31.0283 2328 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

08:39:31.0298 2328 FltMgr - ok

08:39:31.0361 2328 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll

08:39:31.0439 2328 FontCache - ok

08:39:31.0532 2328 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

08:39:31.0548 2328 FontCache3.0.0.0 - ok

08:39:31.0564 2328 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

08:39:31.0579 2328 FsDepends - ok

08:39:31.0595 2328 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys

08:39:31.0595 2328 Fs_Rec - ok

08:39:31.0657 2328 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys

08:39:31.0673 2328 fvevol - ok

08:39:31.0704 2328 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

08:39:31.0720 2328 gagp30kx - ok

08:39:31.0766 2328 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll

08:39:31.0829 2328 gpsvc - ok

08:39:31.0860 2328 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

08:39:31.0922 2328 hcw85cir - ok

08:39:32.0000 2328 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys

08:39:32.0047 2328 HdAudAddService - ok

08:39:32.0110 2328 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys

08:39:32.0156 2328 HDAudBus - ok

08:39:32.0203 2328 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

08:39:32.0234 2328 HidBatt - ok

08:39:32.0266 2328 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

08:39:32.0312 2328 HidBth - ok

08:39:32.0344 2328 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

08:39:32.0390 2328 HidIr - ok

08:39:32.0437 2328 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll

08:39:32.0484 2328 hidserv - ok

08:39:32.0546 2328 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys

08:39:32.0593 2328 HidUsb - ok

08:39:32.0640 2328 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll

08:39:32.0718 2328 hkmsvc - ok

08:39:32.0765 2328 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll

08:39:32.0843 2328 HomeGroupListener - ok

08:39:32.0890 2328 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll

08:39:32.0936 2328 HomeGroupProvider - ok

08:39:32.0999 2328 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys

08:39:33.0030 2328 HpSAMD - ok

08:39:33.0092 2328 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys

08:39:33.0124 2328 HTTP - ok

08:39:33.0155 2328 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys

08:39:33.0155 2328 hwpolicy - ok

08:39:33.0233 2328 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys

08:39:33.0280 2328 i8042prt - ok

08:39:33.0342 2328 iaStorV (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys

08:39:33.0373 2328 iaStorV - ok

08:39:33.0498 2328 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

08:39:33.0560 2328 idsvc - ok

08:39:33.0607 2328 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

08:39:33.0623 2328 iirsp - ok

08:39:33.0685 2328 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll

08:39:33.0779 2328 IKEEXT - ok

08:39:33.0826 2328 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys

08:39:33.0841 2328 intelide - ok

08:39:33.0872 2328 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

08:39:33.0904 2328 intelppm - ok

08:39:33.0950 2328 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll

08:39:34.0028 2328 IPBusEnum - ok

08:39:34.0060 2328 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

08:39:34.0091 2328 IpFilterDriver - ok

08:39:34.0200 2328 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll

08:39:34.0262 2328 iphlpsvc - ok

08:39:34.0356 2328 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys

08:39:34.0403 2328 IPMIDRV - ok

08:39:34.0450 2328 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

08:39:34.0496 2328 IPNAT - ok

08:39:34.0528 2328 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

08:39:34.0606 2328 IRENUM - ok

08:39:34.0637 2328 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys

08:39:34.0652 2328 isapnp - ok

08:39:34.0699 2328 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys

08:39:34.0730 2328 iScsiPrt - ok

08:39:34.0793 2328 k57nd60x (c4c95805b85bce1eb9d20f4a02fc5f9b) C:\Windows\system32\DRIVERS\k57nd60x.sys

08:39:34.0855 2328 k57nd60x - ok

08:39:34.0933 2328 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys

08:39:34.0933 2328 kbdclass - ok

08:39:34.0996 2328 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys

08:39:35.0011 2328 kbdhid - ok

08:39:35.0058 2328 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

08:39:35.0074 2328 KeyIso - ok

08:39:35.0120 2328 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys

08:39:35.0120 2328 KSecDD - ok

08:39:35.0167 2328 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys

08:39:35.0183 2328 KSecPkg - ok

08:39:35.0245 2328 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll

08:39:35.0292 2328 KtmRm - ok

08:39:35.0354 2328 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll

08:39:35.0417 2328 LanmanServer - ok

08:39:35.0464 2328 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll

08:39:35.0542 2328 LanmanWorkstation - ok

08:39:35.0604 2328 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

08:39:35.0635 2328 lltdio - ok

08:39:35.0682 2328 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll

08:39:35.0729 2328 lltdsvc - ok

08:39:35.0760 2328 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll

08:39:35.0776 2328 lmhosts - ok

08:39:35.0822 2328 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

08:39:35.0854 2328 LSI_FC - ok

08:39:35.0885 2328 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

08:39:35.0900 2328 LSI_SAS - ok

08:39:35.0916 2328 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

08:39:35.0916 2328 LSI_SAS2 - ok

08:39:35.0947 2328 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

08:39:35.0963 2328 LSI_SCSI - ok

08:39:35.0978 2328 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

08:39:36.0025 2328 luafv - ok

08:39:36.0119 2328 MAUSBFASTTRACK (862d7bd3be3399670a7e3358ce7e6344) C:\Windows\system32\DRIVERS\MAudioFastTrack.sys

08:39:36.0634 2328 MAUSBFASTTRACK - ok

08:39:36.0680 2328 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll

08:39:36.0696 2328 Mcx2Svc - ok

08:39:36.0743 2328 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

08:39:36.0758 2328 megasas - ok

08:39:36.0790 2328 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

08:39:36.0805 2328 MegaSR - ok

08:39:36.0836 2328 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll

08:39:36.0883 2328 MMCSS - ok

08:39:36.0914 2328 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

08:39:36.0992 2328 Modem - ok

08:39:37.0039 2328 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

08:39:37.0086 2328 monitor - ok

08:39:37.0164 2328 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys

08:39:37.0180 2328 mouclass - ok

08:39:37.0195 2328 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

08:39:37.0258 2328 mouhid - ok

08:39:37.0304 2328 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys

08:39:37.0320 2328 mountmgr - ok

08:39:37.0367 2328 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys

08:39:37.0398 2328 mpio - ok

08:39:37.0398 2328 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

08:39:37.0460 2328 mpsdrv - ok

08:39:37.0523 2328 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll

08:39:37.0616 2328 MpsSvc - ok

08:39:37.0663 2328 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys

08:39:37.0710 2328 MRxDAV - ok

08:39:37.0772 2328 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys

08:39:37.0835 2328 mrxsmb - ok

08:39:37.0882 2328 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys

08:39:37.0913 2328 mrxsmb10 - ok

08:39:37.0944 2328 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys

08:39:37.0975 2328 mrxsmb20 - ok

08:39:38.0022 2328 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys

08:39:38.0038 2328 msahci - ok

08:39:38.0100 2328 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys

08:39:38.0100 2328 msdsm - ok

08:39:38.0162 2328 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe

08:39:38.0194 2328 MSDTC - ok

08:39:38.0225 2328 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

08:39:38.0272 2328 Msfs - ok

08:39:38.0303 2328 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

08:39:38.0318 2328 mshidkmdf - ok

08:39:38.0350 2328 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys

08:39:38.0365 2328 msisadrv - ok

08:39:38.0412 2328 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll

08:39:38.0490 2328 MSiSCSI - ok

08:39:38.0490 2328 msiserver - ok

08:39:38.0537 2328 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

08:39:38.0599 2328 MSKSSRV - ok

08:39:38.0630 2328 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

08:39:38.0693 2328 MSPCLOCK - ok

08:39:38.0724 2328 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

08:39:38.0786 2328 MSPQM - ok

08:39:38.0833 2328 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

08:39:38.0833 2328 MsRPC - ok

08:39:38.0880 2328 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys

08:39:38.0896 2328 mssmbios - ok

08:39:38.0911 2328 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

08:39:38.0927 2328 MSTEE - ok

08:39:38.0958 2328 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

08:39:38.0989 2328 MTConfig - ok

08:39:38.0989 2328 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

08:39:39.0005 2328 Mup - ok

08:39:39.0052 2328 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll

08:39:39.0130 2328 napagent - ok

08:39:39.0192 2328 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

08:39:39.0239 2328 NativeWifiP - ok

08:39:39.0301 2328 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys

08:39:39.0332 2328 NDIS - ok

08:39:39.0520 2328 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

08:39:39.0598 2328 NdisCap - ok

08:39:39.0644 2328 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

08:39:39.0707 2328 NdisTapi - ok

08:39:39.0754 2328 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys

08:39:39.0832 2328 Ndisuio - ok

08:39:39.0910 2328 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys

08:39:39.0988 2328 NdisWan - ok

08:39:40.0034 2328 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys

08:39:40.0050 2328 NDProxy - ok

08:39:40.0097 2328 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

08:39:40.0159 2328 NetBIOS - ok

08:39:40.0206 2328 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys

08:39:40.0222 2328 NetBT - ok

08:39:40.0268 2328 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

08:39:40.0284 2328 Netlogon - ok

08:39:40.0362 2328 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll

08:39:40.0440 2328 Netman - ok

08:39:40.0456 2328 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll

08:39:40.0487 2328 netprofm - ok

08:39:40.0596 2328 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

08:39:40.0612 2328 NetTcpPortSharing - ok

08:39:40.0674 2328 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

08:39:40.0674 2328 nfrd960 - ok

08:39:40.0705 2328 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll

08:39:40.0768 2328 NlaSvc - ok

08:39:40.0814 2328 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

08:39:40.0892 2328 Npfs - ok

08:39:40.0924 2328 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll

08:39:41.0002 2328 nsi - ok

08:39:41.0033 2328 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

08:39:41.0095 2328 nsiproxy - ok

08:39:41.0173 2328 Ntfs (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys

08:39:41.0220 2328 Ntfs - ok

08:39:41.0236 2328 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

08:39:41.0267 2328 Null - ok

08:39:41.0314 2328 nvraid (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys

08:39:41.0329 2328 nvraid - ok

08:39:41.0345 2328 nvstor (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys

08:39:41.0360 2328 nvstor - ok

08:39:41.0392 2328 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys

08:39:41.0407 2328 nv_agp - ok

08:39:41.0454 2328 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys

08:39:41.0501 2328 ohci1394 - ok

08:39:41.0610 2328 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

08:39:41.0626 2328 ose - ok

08:39:41.0672 2328 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll

08:39:41.0719 2328 p2pimsvc - ok

08:39:41.0766 2328 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll

08:39:41.0828 2328 p2psvc - ok

08:39:41.0875 2328 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

08:39:41.0906 2328 Parport - ok

08:39:41.0938 2328 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys

08:39:41.0953 2328 partmgr - ok

08:39:41.0984 2328 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

08:39:42.0016 2328 Parvdm - ok

08:39:42.0047 2328 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll

08:39:42.0078 2328 PcaSvc - ok

08:39:42.0125 2328 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys

08:39:42.0125 2328 pci - ok

08:39:42.0156 2328 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys

08:39:42.0172 2328 pciide - ok

08:39:42.0187 2328 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

08:39:42.0203 2328 pcmcia - ok

08:39:42.0203 2328 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

08:39:42.0218 2328 pcw - ok

08:39:42.0265 2328 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

08:39:42.0296 2328 PEAUTH - ok

08:39:42.0343 2328 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll

08:39:42.0452 2328 PeerDistSvc - ok

08:39:42.0546 2328 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll

08:39:42.0624 2328 pla - ok

08:39:42.0671 2328 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll

08:39:42.0749 2328 PlugPlay - ok

08:39:42.0780 2328 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll

08:39:42.0827 2328 PNRPAutoReg - ok

08:39:42.0874 2328 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll

08:39:42.0905 2328 PNRPsvc - ok

08:39:42.0936 2328 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll

08:39:42.0998 2328 PolicyAgent - ok

08:39:43.0108 2328 postgresql-9.0 - ok

08:39:43.0154 2328 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll

08:39:43.0217 2328 Power - ok

08:39:43.0279 2328 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

08:39:43.0326 2328 PptpMiniport - ok

08:39:43.0357 2328 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

08:39:43.0404 2328 Processor - ok

08:39:43.0466 2328 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll

08:39:43.0498 2328 ProfSvc - ok

08:39:43.0544 2328 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

08:39:43.0560 2328 ProtectedStorage - ok

08:39:43.0607 2328 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

08:39:43.0669 2328 Psched - ok

08:39:43.0732 2328 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

08:39:43.0763 2328 ql2300 - ok

08:39:43.0778 2328 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

08:39:43.0794 2328 ql40xx - ok

08:39:43.0825 2328 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll

08:39:43.0872 2328 QWAVE - ok

08:39:43.0903 2328 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

08:39:43.0919 2328 QWAVEdrv - ok

08:39:43.0934 2328 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

08:39:43.0981 2328 RasAcd - ok

08:39:44.0044 2328 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

08:39:44.0075 2328 RasAgileVpn - ok

08:39:44.0090 2328 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll

08:39:44.0122 2328 RasAuto - ok

08:39:44.0153 2328 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

08:39:44.0215 2328 Rasl2tp - ok

08:39:44.0278 2328 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll

08:39:44.0356 2328 RasMan - ok

08:39:44.0387 2328 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

08:39:44.0449 2328 RasPppoe - ok

08:39:44.0480 2328 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

08:39:44.0543 2328 RasSstp - ok

08:39:44.0699 2328 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys

08:39:44.0761 2328 rdbss - ok

08:39:44.0792 2328 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

08:39:44.0808 2328 rdpbus - ok

08:39:44.0839 2328 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys

08:39:44.0886 2328 RDPCDD - ok

08:39:44.0933 2328 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys

08:39:44.0964 2328 RDPDR - ok

08:39:44.0995 2328 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

08:39:45.0058 2328 RDPENCDD - ok

08:39:45.0089 2328 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

08:39:45.0120 2328 RDPREFMP - ok

08:39:45.0167 2328 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys

08:39:45.0229 2328 RdpVideoMiniport - ok

08:39:45.0260 2328 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys

08:39:45.0338 2328 RDPWD - ok

08:39:45.0385 2328 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys

08:39:45.0416 2328 rdyboost - ok

08:39:45.0448 2328 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll

08:39:45.0526 2328 RemoteAccess - ok

08:39:45.0572 2328 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll

08:39:45.0650 2328 RemoteRegistry - ok

08:39:45.0682 2328 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll

08:39:45.0744 2328 RpcEptMapper - ok

08:39:45.0791 2328 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe

08:39:45.0822 2328 RpcLocator - ok

08:39:45.0869 2328 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\System32\rpcss.dll

08:39:45.0916 2328 RpcSs - ok

08:39:45.0962 2328 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

08:39:46.0009 2328 rspndr - ok

08:39:46.0056 2328 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys

08:39:46.0118 2328 s3cap - ok

08:39:46.0165 2328 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

08:39:46.0181 2328 SamSs - ok

08:39:46.0243 2328 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys

08:39:46.0274 2328 sbp2port - ok

08:39:46.0306 2328 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll

08:39:46.0352 2328 SCardSvr - ok

08:39:46.0399 2328 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys

08:39:46.0446 2328 scfilter - ok

08:39:46.0493 2328 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll

08:39:46.0586 2328 Schedule - ok

08:39:46.0633 2328 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll

08:39:46.0649 2328 SCPolicySvc - ok

08:39:46.0696 2328 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys

08:39:46.0742 2328 sdbus - ok

08:39:46.0789 2328 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll

08:39:46.0867 2328 SDRSVC - ok

08:39:46.0914 2328 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

08:39:46.0976 2328 secdrv - ok

08:39:47.0023 2328 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll

08:39:47.0101 2328 seclogon - ok

08:39:47.0148 2328 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll

08:39:47.0210 2328 SENS - ok

08:39:47.0257 2328 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll

08:39:47.0335 2328 SensrSvc - ok

08:39:47.0351 2328 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

08:39:47.0382 2328 Serenum - ok

08:39:47.0398 2328 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

08:39:47.0413 2328 Serial - ok

08:39:47.0460 2328 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

08:39:47.0507 2328 sermouse - ok

08:39:47.0569 2328 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll

08:39:47.0647 2328 SessionEnv - ok

08:39:47.0678 2328 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys

08:39:47.0741 2328 sffdisk - ok

08:39:47.0772 2328 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys

08:39:47.0803 2328 sffp_mmc - ok

08:39:47.0819 2328 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys

08:39:47.0850 2328 sffp_sd - ok

08:39:47.0881 2328 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

08:39:47.0912 2328 sfloppy - ok

08:39:47.0990 2328 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll

08:39:48.0037 2328 SharedAccess - ok

08:39:48.0068 2328 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll

08:39:48.0131 2328 ShellHWDetection - ok

08:39:48.0178 2328 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys

08:39:48.0193 2328 sisagp - ok

08:39:48.0256 2328 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

08:39:48.0271 2328 SiSRaid2 - ok

08:39:48.0302 2328 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

08:39:48.0302 2328 SiSRaid4 - ok

08:39:48.0334 2328 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

08:39:48.0365 2328 Smb - ok

08:39:48.0396 2328 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe

08:39:48.0427 2328 SNMPTRAP - ok

08:39:48.0443 2328 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

08:39:48.0458 2328 spldr - ok

08:39:48.0505 2328 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe

08:39:48.0583 2328 Spooler - ok

08:39:48.0708 2328 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe

08:39:48.0848 2328 sppsvc - ok

08:39:48.0895 2328 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll

08:39:48.0973 2328 sppuinotify - ok

08:39:49.0020 2328 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys

08:39:49.0098 2328 srv - ok

08:39:49.0129 2328 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys

08:39:49.0160 2328 srv2 - ok

08:39:49.0207 2328 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys

08:39:49.0254 2328 srvnet - ok

08:39:49.0301 2328 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll

08:39:49.0332 2328 SSDPSRV - ok

08:39:49.0348 2328 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll

08:39:49.0394 2328 SstpSvc - ok

08:39:49.0426 2328 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

08:39:49.0441 2328 stexstor - ok

08:39:49.0488 2328 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll

08:39:49.0566 2328 StiSvc - ok

08:39:49.0628 2328 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys

08:39:49.0644 2328 storflt - ok

08:39:49.0675 2328 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys

08:39:49.0691 2328 storvsc - ok

08:39:49.0784 2328 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys

08:39:49.0800 2328 swenum - ok

08:39:49.0878 2328 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll

08:39:49.0940 2328 swprv - ok

08:39:49.0972 2328 Synth3dVsc - ok

08:39:50.0050 2328 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll

08:39:50.0112 2328 SysMain - ok

08:39:50.0143 2328 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll

08:39:50.0174 2328 TabletInputService - ok

08:39:50.0221 2328 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll

08:39:50.0284 2328 TapiSrv - ok

08:39:50.0315 2328 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll

08:39:50.0362 2328 TBS - ok

08:39:50.0440 2328 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys

08:39:50.0471 2328 Tcpip - ok

08:39:50.0533 2328 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys

08:39:50.0564 2328 TCPIP6 - ok

08:39:50.0611 2328 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys

08:39:50.0658 2328 tcpipreg - ok

08:39:50.0705 2328 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys

08:39:50.0752 2328 TDPIPE - ok

08:39:50.0767 2328 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys

08:39:50.0798 2328 TDTCP - ok

08:39:50.0845 2328 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys

08:39:50.0908 2328 tdx - ok

08:39:50.0954 2328 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys

08:39:50.0970 2328 TermDD - ok

08:39:51.0017 2328 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll

08:39:51.0110 2328 TermService - ok

08:39:51.0142 2328 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll

08:39:51.0188 2328 Themes - ok

08:39:51.0235 2328 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll

08:39:51.0266 2328 THREADORDER - ok

08:39:51.0282 2328 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll

08:39:51.0329 2328 TrkWks - ok

08:39:51.0407 2328 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe

08:39:51.0469 2328 TrustedInstaller - ok

08:39:51.0516 2328 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys

08:39:51.0563 2328 tssecsrv - ok

08:39:51.0641 2328 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys

08:39:51.0688 2328 TsUsbFlt - ok

08:39:51.0703 2328 tsusbhub - ok

08:39:51.0781 2328 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys

08:39:51.0828 2328 tunnel - ok

08:39:51.0875 2328 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

08:39:51.0890 2328 uagp35 - ok

08:39:51.0937 2328 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys

08:39:51.0984 2328 udfs - ok

08:39:52.0031 2328 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe

08:39:52.0078 2328 UI0Detect - ok

08:39:52.0124 2328 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys

08:39:52.0156 2328 uliagpkx - ok

08:39:52.0187 2328 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys

08:39:52.0218 2328 umbus - ok

08:39:52.0249 2328 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

08:39:52.0296 2328 UmPass - ok

08:39:52.0358 2328 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll

08:39:52.0405 2328 UmRdpService - ok

08:39:52.0468 2328 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll

08:39:52.0546 2328 upnphost - ok

08:39:52.0608 2328 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys

08:39:52.0639 2328 usbaudio - ok

08:39:52.0686 2328 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys

08:39:52.0717 2328 usbccgp - ok

08:39:52.0748 2328 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys

08:39:52.0780 2328 usbcir - ok

08:39:52.0795 2328 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys

08:39:52.0811 2328 usbehci - ok

08:39:52.0858 2328 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys

08:39:52.0889 2328 usbhub - ok

08:39:52.0904 2328 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys

08:39:52.0951 2328 usbohci - ok

08:39:52.0998 2328 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

08:39:53.0029 2328 usbprint - ok

08:39:53.0045 2328 USBSTOR (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS

08:39:53.0060 2328 USBSTOR - ok

08:39:53.0076 2328 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys

08:39:53.0092 2328 usbuhci - ok

08:39:53.0123 2328 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys

08:39:53.0170 2328 usbvideo - ok

08:39:53.0216 2328 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll

08:39:53.0279 2328 UxSms - ok

08:39:53.0310 2328 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

08:39:53.0341 2328 VaultSvc - ok

08:39:53.0404 2328 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys

08:39:53.0419 2328 vdrvroot - ok

08:39:53.0482 2328 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe

08:39:53.0528 2328 vds - ok

08:39:53.0575 2328 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

08:39:53.0622 2328 vga - ok

08:39:53.0669 2328 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

08:39:53.0731 2328 VgaSave - ok

08:39:53.0731 2328 VGPU - ok

08:39:53.0778 2328 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys

08:39:53.0794 2328 vhdmp - ok

08:39:53.0825 2328 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys

08:39:53.0840 2328 viaagp - ok

08:39:53.0856 2328 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

08:39:53.0887 2328 ViaC7 - ok

08:39:53.0934 2328 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys

08:39:53.0950 2328 viaide - ok

08:39:53.0996 2328 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys

08:39:54.0012 2328 vmbus - ok

08:39:54.0043 2328 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys

08:39:54.0059 2328 VMBusHID - ok

08:39:54.0074 2328 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys

08:39:54.0090 2328 volmgr - ok

08:39:54.0121 2328 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

08:39:54.0137 2328 volmgrx - ok

08:39:54.0152 2328 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys

08:39:54.0168 2328 volsnap - ok

08:39:54.0199 2328 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

08:39:54.0215 2328 vsmraid - ok

08:39:54.0277 2328 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe

08:39:54.0386 2328 VSS - ok

08:39:54.0418 2328 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys

08:39:54.0464 2328 vwifibus - ok

08:39:54.0511 2328 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys

08:39:54.0542 2328 vwififlt - ok

08:39:54.0574 2328 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys

08:39:54.0589 2328 vwifimp - ok

08:39:54.0652 2328 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll

08:39:54.0714 2328 W32Time - ok

08:39:54.0745 2328 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

08:39:54.0792 2328 WacomPen - ok

08:39:54.0854 2328 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

08:39:54.0917 2328 WANARP - ok

08:39:54.0932 2328 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

08:39:54.0948 2328 Wanarpv6 - ok

08:39:55.0042 2328 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe

08:39:55.0135 2328 WatAdminSvc - ok

08:39:55.0198 2328 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe

08:39:55.0244 2328 wbengine - ok

08:39:55.0291 2328 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll

08:39:55.0354 2328 WbioSrvc - ok

08:39:55.0400 2328 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll

08:39:55.0432 2328 wcncsvc - ok

08:39:55.0447 2328 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll

08:39:55.0525 2328 WcsPlugInService - ok

08:39:55.0556 2328 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

08:39:55.0588 2328 Wd - ok

08:39:55.0603 2328 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

08:39:55.0634 2328 Wdf01000 - ok

08:39:55.0650 2328 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll

08:39:55.0759 2328 WdiServiceHost - ok

08:39:55.0759 2328 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll

08:39:55.0790 2328 WdiSystemHost - ok

08:39:55.0822 2328 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll

08:39:55.0853 2328 WebClient - ok

08:39:55.0900 2328 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll

08:39:55.0931 2328 Wecsvc - ok

08:39:55.0946 2328 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll

08:39:55.0978 2328 wercplsupport - ok

08:39:56.0009 2328 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll

08:39:56.0024 2328 WerSvc - ok

08:39:56.0071 2328 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

08:39:56.0118 2328 WfpLwf - ok

08:39:56.0134 2328 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

08:39:56.0134 2328 WIMMount - ok

08:39:56.0258 2328 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll

08:39:56.0352 2328 WinDefend - ok

08:39:56.0368 2328 WinHttpAutoProxySvc - ok

08:39:56.0430 2328 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll

08:39:56.0492 2328 Winmgmt - ok

08:39:56.0586 2328 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll

08:39:56.0680 2328 WinRM - ok

08:39:56.0742 2328 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll

08:39:56.0789 2328 Wlansvc - ok

08:39:56.0820 2328 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys

08:39:56.0836 2328 WmiAcpi - ok

08:39:56.0898 2328 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe

08:39:56.0945 2328 wmiApSrv - ok

08:39:57.0070 2328 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe

08:39:57.0194 2328 WMPNetworkSvc - ok

08:39:57.0241 2328 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll

08:39:57.0304 2328 WPCSvc - ok

08:39:57.0335 2328 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll

08:39:57.0382 2328 WPDBusEnum - ok

08:39:57.0413 2328 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

08:39:57.0475 2328 ws2ifsl - ok

08:39:57.0522 2328 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll

08:39:57.0553 2328 wscsvc - ok

08:39:57.0569 2328 WSearch - ok

08:39:57.0662 2328 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll

08:39:57.0756 2328 wuauserv - ok

08:39:57.0803 2328 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys

08:39:57.0834 2328 WudfPf - ok

08:39:57.0881 2328 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys

08:39:57.0912 2328 WUDFRd - ok

08:39:57.0959 2328 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll

08:39:58.0021 2328 wudfsvc - ok

08:39:58.0068 2328 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll

08:39:58.0115 2328 WwanSvc - ok

08:39:58.0162 2328 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

08:39:58.0286 2328 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

08:39:58.0286 2328 \Device\Harddisk0\DR0 - detected TDSS File System (1)

08:39:58.0318 2328 Boot (0x1200) (7ef4f5ffa007777457f9170bf81cc197) \Device\Harddisk0\DR0\Partition0

08:39:58.0318 2328 \Device\Harddisk0\DR0\Partition0 - ok

08:39:58.0333 2328 Boot (0x1200) (d1f645201fcabad361e29e5c1fb9b7e2) \Device\Harddisk0\DR0\Partition1

08:39:58.0333 2328 \Device\Harddisk0\DR0\Partition1 - ok

08:39:58.0333 2328 ============================================================

08:39:58.0333 2328 Scan finished

08:39:58.0333 2328 ============================================================

08:39:58.0349 3716 Detected object count: 1

08:39:58.0349 3716 Actual detected object count: 1

08:40:21.0109 3716 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

08:40:21.0109 3716 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Link to post
Share on other sites

08:40:21.0109 3716 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
08:40:21.0109 3716 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Run TDSSKiller again and delete these two.

-----------------------------------------

Then.......

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

MrC

Link to post
Share on other sites

ComboFix 12-04-03.02 - rich 04/03/2012 10:30:42.4.2 - x86

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3070.2258 [GMT -5:00]

Running from: c:\users\rich\Desktop\ComboFix.exe

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((( Files Created from 2012-03-03 to 2012-04-03 )))))))))))))))))))))))))))))))

.

.

2012-04-03 15:37 . 2012-04-03 15:37 -------- d-----w- c:\users\Public\AppData\Local\temp

2012-04-03 15:37 . 2012-04-03 15:37 -------- d-----w- c:\users\postgres\AppData\Local\temp

2012-04-03 15:37 . 2012-04-03 15:37 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-04-03 15:27 . 2012-04-03 15:27 -------- d-----w- C:\TDSSKiller_Quarantine

2012-03-30 23:33 . 2012-04-03 15:37 -------- d-----w- c:\users\rich\AppData\Local\temp

2012-03-14 18:23 . 2012-03-14 18:23 -------- d-----w- c:\program files\M-Audio

2012-03-11 00:15 . 2012-03-11 00:15 -------- d-----w- c:\windows\system32\bassmididrv

2012-03-10 22:39 . 2012-03-10 22:39 -------- d-----w- c:\users\rich\TruePianos Settings

2012-03-10 22:39 . 2012-03-30 22:55 -------- d-----w- c:\users\rich\AppData\Roaming\Cakewalk

2012-03-10 22:35 . 2012-03-10 22:36 -------- d-----w- c:\program files\Common Files\Native Instruments

2012-03-10 22:35 . 2012-03-10 22:35 -------- d-----w- c:\program files\Common Files\Digidesign

2012-03-10 22:34 . 2012-03-10 22:35 -------- d-----w- c:\program files\Native Instruments

2012-03-10 22:27 . 2006-11-30 21:49 368640 ----a-w- c:\windows\system32\ReWire.dll

2012-03-10 22:27 . 2006-02-24 16:00 499712 ----a-w- c:\windows\system32\msvcp71.dll

2012-03-10 22:27 . 2006-02-24 16:00 487424 ----a-w- c:\windows\system32\msvcp70.dll

2012-03-10 22:27 . 2006-02-24 16:00 348160 ----a-w- c:\windows\system32\msvcr71.dll

2012-03-10 22:27 . 2006-02-24 16:00 344064 ----a-w- c:\windows\system32\msvcr70.dll

2012-03-10 22:27 . 2006-02-24 16:00 1047552 ----a-w- c:\windows\system32\mfc71u.dll

2012-03-10 22:27 . 2006-02-24 16:00 1060864 ----a-w- c:\windows\system32\mfc71.dll

2012-03-10 22:26 . 2012-03-16 18:36 -------- d-----w- C:\Cakewalk Projects

2012-03-10 22:26 . 2012-03-10 22:33 -------- d-----w- c:\programdata\Cakewalk

2012-03-10 22:26 . 2012-03-10 22:33 -------- d-----w- c:\program files\Cakewalk

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-04-14 16:26 . 2011-05-16 02:03 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-10 35736]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]

"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2010-12-07 644104]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

R3 MAUSBFASTTRACK;Service for M-Audio FastTrack;c:\windows\system32\DRIVERS\MAudioFastTrack.sys [2010-12-07 158344]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-20 1343400]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128]

S2 postgresql-9.0;postgresql-9.0 - PostgreSQL Server 9.0;C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N postgresql-9.0 -D C:/Program Files/PostgreSQL/9.0/data -w [x]

S3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 12925704

*NewlyCreated* - 22474933

*NewlyCreated* - 28969053

*NewlyCreated* - TRUESIGHT

*NewlyCreated* - WS2IFSL

*Deregistered* - 12925704

*Deregistered* - 22474933

*Deregistered* - 28969053

*Deregistered* - TrueSight

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\rich\AppData\Roaming\Mozilla\Firefox\Profiles\kvtcmbdk.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-9.0]

"ImagePath"="C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N \"postgresql-9.0\" -D \"C:/Program Files/PostgreSQL/9.0/data\" -w"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-9.0]

"ImagePath"="C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N \"postgresql-9.0\" -D \"C:/Program Files/PostgreSQL/9.0/data\" -w"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-04-03 10:38:50

ComboFix-quarantined-files.txt 2012-04-03 15:38

ComboFix2.txt 2011-08-22 16:32

ComboFix3.txt 2011-08-21 14:53

.

Pre-Run: 233,459,658,752 bytes free

Post-Run: 233,417,146,368 bytes free

.

- - End Of File - - 6C0CF25ACE71D0F8D27E23E906B1D8C5

Link to post
Share on other sites

After running ComboFix, I had to restart my computer. Firefox wouldn't start because a registry entry was marked for deletion and my computer no longer recognized its wireless card. After shutting it down and restarting it, it's running normally again. The redirect from google is still happening, though.

Link to post
Share on other sites

After running ComboFix, I had to restart my computer. Firefox wouldn't start because a registry entry was marked for deletion and my computer no longer recognized its wireless card. After shutting it down and restarting it, it's running normally again. The redirect from google is still happening, though.

This sometimes happens after running ComboFix, you did the correct thing by rebooting.....that will clear out the problem.

------------------------------------

I see you ran ComboFix several times before, can you post those logs if possible.

When you ran it this last time, did you download a fresh copy?

--------------------------------------

I'm not seeing much so far as the redirects, does it happen just in Internet Explorer?

Are you using a router?

Please do this:

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com (<---renamed version)

Save it to your desktop.

Run OTL

Under the Custom Scans/Fixes

Copy and paste this in: netsvcs

Click the None button on top

Now click on the blue Run Scan button

Post the log it creates.

MrC

Link to post
Share on other sites

Yes, I downloaded fresh copies of all the programs. I don't have the old logs, unfortunately. It happens in both firefox and IE. I rarely run IE, though. I do have a wireless router that I'm using. Netgear N300.

OTL log

-------------------------

OTL logfile created on: 4/3/2012 11:18:27 AM - Run 1

OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\rich\Downloads\anti-virus

Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.24 Gb Available Physical Memory | 74.65% Memory free

5.99 Gb Paging File | 5.16 Gb Available in Paging File | 86.02% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 287.95 Gb Total Space | 217.66 Gb Free Space | 75.59% Space Free | Partition Type: NTFS

Drive D: | 10.00 Gb Total Space | 5.35 Gb Free Space | 53.48% Space Free | Partition Type: NTFS

Computer Name: RICH-PC | User Name: rich | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

< End of report >

Link to post
Share on other sites

That file is OK.

Lets reset your router:

Shut down the computer and reset the router:

http://www.online-te...fault-settings/

There should be a reset button that you push or hole that you stick a pin to reset the router (usually 10 seconds)

It's usually located on the back of the router, check your owners manual.

If you can't find one, just disconnect the power from the router for about a minute, then reconnect it, let it reset then turn the computer back on and see how it is.

Let me know, MrC

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.