Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

firefox and IE8 hijacked


  • Please log in to reply
5 replies to this topic

#1 leo1969

leo1969

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:03 PM

Posted 24 March 2012 - 10:45 PM

Need help please. Being redirected to sites like Hapilli, no malware found using superantispyware, avast, Norton. Downloaded hijackthis and scanned. Attached is logfile. Thank you in advance.

Log removed and topic moved to AII for initial assistance. If it is determined that specialized malware removal assistance is needed, instructions will be provided at that time. We rarely use HijackThis these days. ~ OB

Edited by Orange Blossom, 25 March 2012 - 02:06 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:03 PM

Posted 25 March 2012 - 08:58 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 leo1969

leo1969
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:03 PM

Posted 25 March 2012 - 05:53 PM

Thank you for the info. I did as you suggested, however GMER will not complete. It re-boots my pc about a minute into the scan (I have Avast free installed but temp. disabled). I don't see an option for attaching logs, so I will cut and paste.


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-25 18:39:16
-----------------------------
18:39:16.921 OS Version: Windows 5.1.2600 Service Pack 3
18:39:16.921 Number of processors: 1 586 0xA00
18:39:16.921 ComputerName: PWD UserName:
18:39:33.509 Initialize success
18:39:34.197 AVAST engine defs: 12032501
18:40:06.733 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
18:40:06.733 Disk 0 Vendor: WDC_WD800JB-00FMA0 13.03G13 Size: 76319MB BusType: 3
18:40:06.733 Device \Driver\atapi -> DriverStartIo 8767a2c6
18:40:06.795 Disk 0 MBR read successfully
18:40:06.795 Disk 0 MBR scan
18:40:06.795 Disk 0 MBR:Alureon-M [Rtk]
18:40:06.795 Disk 0 TDL4@MBR code has been found
18:40:06.795 Disk 0 Windows XP default MBR code found via API
18:40:06.795 Disk 0 MBR hidden
18:40:06.811 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76316 MB offset 63
18:40:06.827 Disk 0 MBR [TDL4] **ROOTKIT**
18:40:06.827 Disk 0 trace - called modules:
18:40:06.827 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8767a49f]<<
18:40:06.827 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x876f6ab8]
18:40:06.827 3 CLASSPNP.SYS[f77affd7] -> nt!IofCallDriver -> \Device\0000005f[0x876e5f18]
18:40:06.827 5 ACPI.sys[f7726620] -> nt!IofCallDriver -> [0x877e4820]
18:40:06.827 \Driver\atapi[0x876f6808] -> IRP_MJ_CREATE -> 0x8767a49f
18:40:11.591 AVAST engine scan C:\WINNT
18:40:41.706 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\LogFiles\MBR.dat"
18:40:41.721 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\LogFiles\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-25 18:39:16
-----------------------------
18:39:16.921 OS Version: Windows 5.1.2600 Service Pack 3
18:39:16.921 Number of processors: 1 586 0xA00
18:39:16.921 ComputerName: PWD UserName:
18:39:33.509 Initialize success
18:39:34.197 AVAST engine defs: 12032501
18:40:06.733 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
18:40:06.733 Disk 0 Vendor: WDC_WD800JB-00FMA0 13.03G13 Size: 76319MB BusType: 3
18:40:06.733 Device \Driver\atapi -> DriverStartIo 8767a2c6
18:40:06.795 Disk 0 MBR read successfully
18:40:06.795 Disk 0 MBR scan
18:40:06.795 Disk 0 MBR:Alureon-M [Rtk]
18:40:06.795 Disk 0 TDL4@MBR code has been found
18:40:06.795 Disk 0 Windows XP default MBR code found via API
18:40:06.795 Disk 0 MBR hidden
18:40:06.811 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76316 MB offset 63
18:40:06.827 Disk 0 MBR [TDL4] **ROOTKIT**
18:40:06.827 Disk 0 trace - called modules:
18:40:06.827 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8767a49f]<<
18:40:06.827 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x876f6ab8]
18:40:06.827 3 CLASSPNP.SYS[f77affd7] -> nt!IofCallDriver -> \Device\0000005f[0x876e5f18]
18:40:06.827 5 ACPI.sys[f7726620] -> nt!IofCallDriver -> [0x877e4820]
18:40:06.827 \Driver\atapi[0x876f6808] -> IRP_MJ_CREATE -> 0x8767a49f
18:40:11.591 AVAST engine scan C:\WINNT
18:40:41.706 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\LogFiles\MBR.dat"
18:40:41.721 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\LogFiles\aswMBR.txt"
18:40:48.906 AVAST engine scan C:\WINNT\system32
18:42:44.946 AVAST engine scan C:\WINNT\system32\drivers
18:42:55.270 AVAST engine scan C:\Documents and Settings\Administrator
18:43:13.608 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\LogFiles\MBR.dat"
18:43:13.608 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\LogFiles\aswMBR.txt"








18:22:08.0486 2096 TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00
18:22:08.0939 2096 ============================================================
18:22:08.0939 2096 Current date / time: 2012/03/25 18:22:08.0939
18:22:08.0939 2096 SystemInfo:
18:22:08.0939 2096
18:22:08.0939 2096 OS Version: 5.1.2600 ServicePack: 3.0
18:22:08.0939 2096 Product type: Workstation
18:22:08.0939 2096 ComputerName: PWD
18:22:08.0939 2096 UserName: Administrator
18:22:08.0939 2096 Windows directory: C:\WINNT
18:22:08.0939 2096 System windows directory: C:\WINNT
18:22:08.0939 2096 Processor architecture: Intel x86
18:22:08.0939 2096 Number of processors: 1
18:22:08.0939 2096 Page size: 0x1000
18:22:08.0939 2096 Boot type: Normal boot
18:22:08.0939 2096 ============================================================
18:22:10.0517 2096 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:22:10.0532 2096 \Device\Harddisk0\DR0:
18:22:10.0532 2096 MBR used
18:22:10.0532 2096 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
18:22:10.0548 2096 Initialize success
18:22:10.0548 2096 ============================================================
18:22:14.0407 2060 ============================================================
18:22:14.0407 2060 Scan started
18:22:14.0407 2060 Mode: Manual;
18:22:14.0407 2060 ============================================================
18:22:15.0439 2060 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
18:22:15.0439 2060 !SASCORE - ok
18:22:15.0579 2060 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINNT\system32\drivers\Aavmker4.sys
18:22:15.0579 2060 Aavmker4 - ok
18:22:15.0626 2060 Abiosdsk - ok
18:22:15.0657 2060 abp480n5 - ok
18:22:15.0704 2060 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINNT\system32\DRIVERS\ACPI.sys
18:22:15.0704 2060 ACPI - ok
18:22:15.0751 2060 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINNT\system32\drivers\ACPIEC.sys
18:22:15.0751 2060 ACPIEC - ok
18:22:16.0111 2060 Adobe Version Cue CS3 (14c23516c990dcd6052152cf034dde40) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
18:22:16.0126 2060 Adobe Version Cue CS3 - ok
18:22:16.0142 2060 adpu160m - ok
18:22:16.0204 2060 aec (8bed39e3c35d6a489438b8141717a557) C:\WINNT\system32\drivers\aec.sys
18:22:16.0204 2060 aec - ok
18:22:16.0282 2060 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINNT\System32\drivers\afd.sys
18:22:16.0282 2060 AFD - ok
18:22:16.0298 2060 Aha154x - ok
18:22:16.0329 2060 aic116x - ok
18:22:16.0345 2060 aic78u2 - ok
18:22:16.0376 2060 aic78xx - ok
18:22:16.0423 2060 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINNT\system32\alrsvc.dll
18:22:16.0423 2060 Alerter - ok
18:22:16.0470 2060 ALG (8c515081584a38aa007909cd02020b3d) C:\WINNT\System32\alg.exe
18:22:16.0470 2060 ALG - ok
18:22:16.0501 2060 AliIde - ok
18:22:16.0532 2060 AmdK7 (8fce268cdbdd83b23419d1f35f42c7b1) C:\WINNT\system32\DRIVERS\amdk7.sys
18:22:16.0532 2060 AmdK7 - ok
18:22:16.0611 2060 ami0nt - ok
18:22:16.0657 2060 amsint - ok
18:22:16.0736 2060 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:22:16.0736 2060 Apple Mobile Device - ok
18:22:16.0782 2060 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINNT\System32\appmgmts.dll
18:22:16.0782 2060 AppMgmt - ok
18:22:16.0814 2060 asc - ok
18:22:16.0845 2060 asc3350p - ok
18:22:16.0861 2060 asc3550 - ok
18:22:16.0970 2060 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:22:17.0017 2060 aspnet_state - ok
18:22:17.0079 2060 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINNT\system32\drivers\aswFsBlk.sys
18:22:17.0079 2060 aswFsBlk - ok
18:22:17.0142 2060 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINNT\system32\drivers\aswMon2.sys
18:22:17.0157 2060 aswMon2 - ok
18:22:17.0189 2060 AswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINNT\system32\drivers\AswRdr.sys
18:22:17.0204 2060 AswRdr - ok
18:22:17.0251 2060 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINNT\system32\drivers\aswSnx.sys
18:22:17.0267 2060 aswSnx - ok
18:22:17.0376 2060 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINNT\system32\drivers\aswSP.sys
18:22:17.0392 2060 aswSP - ok
18:22:17.0454 2060 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINNT\system32\drivers\aswTdi.sys
18:22:17.0454 2060 aswTdi - ok
18:22:17.0501 2060 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINNT\system32\DRIVERS\asyncmac.sys
18:22:17.0501 2060 AsyncMac - ok
18:22:17.0548 2060 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINNT\system32\DRIVERS\atapi.sys
18:22:17.0548 2060 atapi - ok
18:22:17.0579 2060 Atdisk - ok
18:22:17.0626 2060 Ati HotKey Poller (91fa52a79c87d1cd141c59844506a02b) C:\WINNT\system32\Ati2evxx.exe
18:22:17.0657 2060 Ati HotKey Poller - ok
18:22:17.0720 2060 ATI Smart (fe5b849d62f19feffa04bf3eb39291cb) C:\WINNT\system32\ati2sgag.exe
18:22:17.0736 2060 ATI Smart - ok
18:22:17.0861 2060 ati2mtag (956c7ec3a9de96f785b829beb41e3c3e) C:\WINNT\system32\DRIVERS\ati2mtag.sys
18:22:17.0892 2060 ati2mtag - ok
18:22:17.0939 2060 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINNT\system32\DRIVERS\atmarpc.sys
18:22:17.0939 2060 Atmarpc - ok
18:22:18.0032 2060 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINNT\System32\audiosrv.dll
18:22:18.0032 2060 AudioSrv - ok
18:22:18.0095 2060 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINNT\system32\DRIVERS\audstub.sys
18:22:18.0095 2060 audstub - ok
18:22:18.0204 2060 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:22:18.0204 2060 avast! Antivirus - ok
18:22:18.0282 2060 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINNT\system32\drivers\Beep.sys
18:22:18.0282 2060 Beep - ok
18:22:18.0345 2060 BITS (574738f61fca2935f5265dc4e5691314) C:\WINNT\System32\qmgr.dll
18:22:18.0423 2060 BITS - ok
18:22:18.0486 2060 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files\Bonjour\mDNSResponder.exe
18:22:18.0517 2060 Bonjour Service - ok
18:22:18.0579 2060 Brother XP spl Service (d3facb34fff5db91adb70987838f8ba7) C:\WINNT\System32\brsvc01a.exe
18:22:18.0595 2060 Brother XP spl Service - ok
18:22:18.0673 2060 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINNT\System32\browser.dll
18:22:18.0673 2060 Browser - ok
18:22:18.0736 2060 BrScnUsb (6cf3aed19c2185c60de2ae50ee37a342) C:\WINNT\system32\Drivers\BrScnUsb.sys
18:22:18.0736 2060 BrScnUsb - ok
18:22:18.0782 2060 BrSerial (228c0b9467f0b502952c07e458d9a83e) C:\WINNT\system32\drivers\BrSerial.sys
18:22:18.0798 2060 BrSerial - ok
18:22:18.0814 2060 BusLogic - ok
18:22:18.0845 2060 c2scsi - ok
18:22:18.0892 2060 CaCCProvSP (fa4ca440db72e0a0b3d00dd830439de8) C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
18:22:18.0907 2060 CaCCProvSP - ok
18:22:18.0970 2060 Cap7134 (cdd70bf480385425dbdd33a9093957c2) C:\WINNT\system32\DRIVERS\Cap7134.sys
18:22:18.0986 2060 Cap7134 - ok
18:22:19.0032 2060 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINNT\system32\drivers\cbidf2k.sys
18:22:19.0032 2060 cbidf2k - ok
18:22:19.0064 2060 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINNT\system32\DRIVERS\CCDECODE.sys
18:22:19.0079 2060 CCDECODE - ok
18:22:19.0126 2060 cd20xrnt - ok
18:22:19.0204 2060 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINNT\system32\drivers\Cdaudio.sys
18:22:19.0204 2060 Cdaudio - ok
18:22:19.0251 2060 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINNT\system32\drivers\Cdfs.sys
18:22:19.0251 2060 Cdfs - ok
18:22:19.0376 2060 Cdr4_2K (bf79e659c506674c0497cc9c61f1a165) C:\WINNT\system32\drivers\Cdr4_2K.sys
18:22:19.0376 2060 Cdr4_2K - ok
18:22:19.0517 2060 Cdralw2k (2c41cd49d82d5fd85c72d57b6ca25471) C:\WINNT\system32\drivers\Cdralw2k.sys
18:22:19.0626 2060 Cdralw2k - ok
18:22:19.0704 2060 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINNT\system32\DRIVERS\cdrom.sys
18:22:19.0704 2060 Cdrom - ok
18:22:19.0814 2060 cdudf_xp (78e46ff4ea745d9024745a29d7b89394) C:\WINNT\system32\drivers\cdudf_xp.sys
18:22:19.0829 2060 cdudf_xp - ok
18:22:19.0845 2060 Changer - ok
18:22:19.0892 2060 cisvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINNT\system32\cisvc.exe
18:22:19.0907 2060 cisvc - ok
18:22:19.0954 2060 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINNT\system32\clipsrv.exe
18:22:19.0970 2060 ClipSrv - ok
18:22:20.0064 2060 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:22:20.0142 2060 clr_optimization_v2.0.50727_32 - ok
18:22:20.0157 2060 CmdIde - ok
18:22:20.0189 2060 COMSysApp - ok
18:22:20.0236 2060 Cpqarray - ok
18:22:20.0251 2060 cpqarry2 - ok
18:22:20.0282 2060 cpqfcalm - ok
18:22:20.0314 2060 cpqfws2e - ok
18:22:20.0392 2060 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINNT\System32\cryptsvc.dll
18:22:20.0407 2060 CryptSvc - ok
18:22:20.0439 2060 dac2w2k - ok
18:22:20.0470 2060 dac960nt - ok
18:22:20.0548 2060 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINNT\system32\rpcss.dll
18:22:20.0595 2060 DcomLaunch - ok
18:22:20.0673 2060 deckzpsx - ok
18:22:20.0751 2060 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINNT\System32\dhcpcsvc.dll
18:22:20.0767 2060 Dhcp - ok
18:22:20.0814 2060 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINNT\system32\DRIVERS\disk.sys
18:22:20.0829 2060 Disk - ok
18:22:20.0876 2060 DisplayLinkmirror (b1d85ea325c796374bdb4cf59f07bbfd) C:\WINNT\system32\DRIVERS\DisplayLinkmirrorport.sys
18:22:20.0892 2060 DisplayLinkmirror - ok
18:22:20.0939 2060 DisplayLinkService (b3db43d8a8e4a574be1e3f66e5434353) C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe
18:22:20.0954 2060 DisplayLinkService - ok
18:22:20.0986 2060 dmadmin - ok
18:22:21.0064 2060 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINNT\system32\drivers\dmboot.sys
18:22:21.0111 2060 dmboot - ok
18:22:21.0173 2060 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINNT\system32\DRIVERS\dmio.sys
18:22:21.0189 2060 dmio - ok
18:22:21.0282 2060 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINNT\system32\drivers\dmload.sys
18:22:21.0282 2060 dmload - ok
18:22:21.0361 2060 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINNT\System32\dmserver.dll
18:22:21.0376 2060 dmserver - ok
18:22:21.0423 2060 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINNT\system32\drivers\DMusic.sys
18:22:21.0423 2060 DMusic - ok
18:22:21.0486 2060 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINNT\System32\dnsrslvr.dll
18:22:21.0486 2060 Dnscache - ok
18:22:21.0564 2060 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINNT\System32\dot3svc.dll
18:22:21.0564 2060 Dot3svc - ok
18:22:21.0595 2060 dpti2o - ok
18:22:21.0642 2060 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINNT\system32\drivers\drmkaud.sys
18:22:21.0657 2060 drmkaud - ok
18:22:21.0704 2060 drvmcdb (7df2e645fbda7cde94fcabba7f0de4c2) C:\WINNT\system32\drivers\drvmcdb.sys
18:22:21.0704 2060 drvmcdb - ok
18:22:21.0751 2060 dvd_2K (bb23adb69401eb3e86c09a6f986e63d2) C:\WINNT\system32\drivers\dvd_2K.sys
18:22:21.0751 2060 dvd_2K - ok
18:22:21.0798 2060 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINNT\System32\eapsvc.dll
18:22:21.0814 2060 EapHost - ok
18:22:21.0845 2060 EFS - ok
18:22:21.0986 2060 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
18:22:21.0986 2060 EpsonBidirectionalService - ok
18:22:22.0064 2060 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINNT\System32\ersvc.dll
18:22:22.0079 2060 ERSvc - ok
18:22:22.0157 2060 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINNT\system32\services.exe
18:22:22.0204 2060 Eventlog - ok
18:22:22.0267 2060 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINNT\system32\es.dll
18:22:22.0298 2060 EventSystem - ok
18:22:22.0376 2060 Fastfat (38d332a6d56af32635675f132548343e) C:\WINNT\system32\drivers\Fastfat.sys
18:22:22.0392 2060 Fastfat - ok
18:22:22.0439 2060 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINNT\System32\shsvcs.dll
18:22:22.0501 2060 FastUserSwitchingCompatibility - ok
18:22:22.0564 2060 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINNT\system32\fxssvc.exe
18:22:22.0689 2060 Fax - ok
18:22:22.0736 2060 Fd16_700 - ok
18:22:22.0829 2060 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINNT\system32\DRIVERS\fdc.sys
18:22:22.0845 2060 Fdc - ok
18:22:22.0892 2060 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINNT\system32\drivers\Fips.sys
18:22:22.0892 2060 Fips - ok
18:22:22.0954 2060 fireport - ok
18:22:23.0017 2060 flashpnt - ok
18:22:23.0142 2060 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:22:23.0142 2060 FLEXnet Licensing Service - ok
18:22:23.0251 2060 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINNT\system32\DRIVERS\flpydisk.sys
18:22:23.0251 2060 Flpydisk - ok
18:22:23.0298 2060 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINNT\system32\drivers\fltmgr.sys
18:22:23.0298 2060 FltMgr - ok
18:22:23.0454 2060 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINNT\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:22:23.0454 2060 FontCache3.0.0.0 - ok
18:22:23.0517 2060 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINNT\system32\drivers\Fs_Rec.sys
18:22:23.0517 2060 Fs_Rec - ok
18:22:23.0564 2060 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINNT\system32\DRIVERS\ftdisk.sys
18:22:23.0564 2060 Ftdisk - ok
18:22:23.0626 2060 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINNT\system32\DRIVERS\gameenum.sys
18:22:23.0626 2060 gameenum - ok
18:22:23.0720 2060 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINNT\system32\Drivers\GEARAspiWDM.sys
18:22:23.0720 2060 GEARAspiWDM - ok
18:22:23.0782 2060 gmer (b56eb0a2210980e76390bd670bcb618b) C:\WINNT\system32\DRIVERS\gmer.sys
18:22:23.0782 2060 gmer - ok
18:22:23.0829 2060 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINNT\system32\DRIVERS\msgpc.sys
18:22:23.0829 2060 Gpc - ok
18:22:23.0907 2060 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\WINNT\system32\drivers\grmnusb.sys
18:22:23.0907 2060 grmnusb - ok
18:22:24.0032 2060 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
18:22:24.0032 2060 gupdate - ok
18:22:24.0048 2060 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
18:22:24.0048 2060 gupdatem - ok
18:22:24.0079 2060 gusvc (5467f1ff0af264566740f67e8b810735) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:22:24.0079 2060 gusvc - ok
18:22:24.0157 2060 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINNT\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:22:24.0157 2060 helpsvc - ok
18:22:24.0236 2060 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINNT\System32\hidserv.dll
18:22:24.0236 2060 HidServ - ok
18:22:24.0314 2060 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINNT\system32\DRIVERS\hidusb.sys
18:22:24.0314 2060 hidusb - ok
18:22:24.0407 2060 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINNT\System32\kmsvc.dll
18:22:24.0423 2060 hkmsvc - ok
18:22:24.0470 2060 hpn - ok
18:22:24.0501 2060 hpt3xx - ok
18:22:24.0564 2060 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINNT\system32\DRIVERS\HPZid412.sys
18:22:24.0564 2060 HPZid412 - ok
18:22:24.0595 2060 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINNT\system32\DRIVERS\HPZipr12.sys
18:22:24.0595 2060 HPZipr12 - ok
18:22:24.0626 2060 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINNT\system32\DRIVERS\HPZius12.sys
18:22:24.0626 2060 HPZius12 - ok
18:22:24.0689 2060 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINNT\system32\Drivers\HTTP.sys
18:22:24.0720 2060 HTTP - ok
18:22:24.0782 2060 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINNT\System32\w3ssl.dll
18:22:24.0782 2060 HTTPFilter - ok
18:22:24.0814 2060 i2omgmt - ok
18:22:24.0845 2060 i2omp - ok
18:22:24.0876 2060 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINNT\system32\DRIVERS\i8042prt.sys
18:22:24.0876 2060 i8042prt - ok
18:22:25.0001 2060 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:22:25.0001 2060 IDriverT - ok
18:22:25.0126 2060 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:22:25.0157 2060 idsvc - ok
18:22:25.0236 2060 IISADMIN (db3c22745c0da4666f3be31f1af36b2f) C:\WINNT\System32\inetsrv\inetinfo.exe
18:22:25.0236 2060 IISADMIN - ok
18:22:25.0345 2060 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINNT\system32\DRIVERS\imapi.sys
18:22:25.0345 2060 Imapi - ok
18:22:25.0407 2060 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINNT\system32\imapi.exe
18:22:25.0423 2060 ImapiService - ok
18:22:25.0470 2060 ini910u - ok
18:22:25.0501 2060 IntelIde - ok
18:22:25.0657 2060 IntuitUpdateService (7bdb4e00e1cb174b56e5b2c31dde68a7) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
18:22:25.0657 2060 IntuitUpdateService - ok
18:22:25.0751 2060 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINNT\system32\drivers\ip6fw.sys
18:22:25.0751 2060 ip6fw - ok
18:22:25.0798 2060 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINNT\system32\DRIVERS\ipfltdrv.sys
18:22:25.0798 2060 IpFilterDriver - ok
18:22:25.0845 2060 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINNT\system32\DRIVERS\ipinip.sys
18:22:25.0845 2060 IpInIp - ok
18:22:25.0907 2060 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINNT\system32\DRIVERS\ipnat.sys
18:22:25.0907 2060 IpNat - ok
18:22:25.0970 2060 iPod Service (3a6d4d8abacf64292d060c9e06d2050d) C:\Program Files\iPod\bin\iPodService.exe
18:22:26.0017 2060 iPod Service - ok
18:22:26.0126 2060 IPSEC (23c74d75e36e7158768dd63d92789a91) C:\WINNT\system32\DRIVERS\ipsec.sys
18:22:26.0126 2060 IPSEC - ok
18:22:26.0173 2060 ipsraidn - ok
18:22:26.0220 2060 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINNT\system32\DRIVERS\irenum.sys
18:22:26.0220 2060 IRENUM - ok
18:22:26.0267 2060 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINNT\system32\DRIVERS\isapnp.sys
18:22:26.0267 2060 isapnp - ok
18:22:26.0407 2060 JavaQuickStarterService (9dba73c2f1e76ec4cb837e67c5743596) C:\Program Files\Java\jre6\bin\jqs.exe
18:22:26.0407 2060 JavaQuickStarterService - ok
18:22:26.0486 2060 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINNT\system32\DRIVERS\kbdclass.sys
18:22:26.0486 2060 Kbdclass - ok
18:22:26.0564 2060 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINNT\system32\DRIVERS\kbdhid.sys
18:22:26.0564 2060 kbdhid - ok
18:22:26.0626 2060 kmixer (692bcf44383d056aed41b045a323d378) C:\WINNT\system32\drivers\kmixer.sys
18:22:26.0626 2060 kmixer - ok
18:22:26.0689 2060 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINNT\system32\drivers\KSecDD.sys
18:22:26.0689 2060 KSecDD - ok
18:22:26.0751 2060 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINNT\System32\srvsvc.dll
18:22:26.0767 2060 lanmanserver - ok
18:22:26.0876 2060 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINNT\System32\wkssvc.dll
18:22:26.0907 2060 lanmanworkstation - ok
18:22:26.0923 2060 Lavasoft Kernexplorer - ok
18:22:26.0970 2060 Lbd - ok
18:22:27.0001 2060 lbrtfdc - ok
18:22:27.0048 2060 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINNT\System32\lmhsvc.dll
18:22:27.0064 2060 LmHosts - ok
18:22:27.0079 2060 lp6nds35 - ok
18:22:27.0126 2060 LPDSVC (32933b07fc16d9f778bee12545fa1b1a) C:\WINNT\System32\tcpsvcs.exe
18:22:27.0126 2060 LPDSVC - ok
18:22:27.0173 2060 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINNT\System32\msgsvc.dll
18:22:27.0189 2060 Messenger - ok
18:22:27.0220 2060 mmc_2K (783f9ffe9cbfa9727b8a6d53ef1ebba5) C:\WINNT\system32\drivers\mmc_2K.sys
18:22:27.0236 2060 mmc_2K - ok
18:22:27.0298 2060 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINNT\system32\drivers\mnmdd.sys
18:22:27.0298 2060 mnmdd - ok
18:22:27.0361 2060 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINNT\System32\mnmsrvc.exe
18:22:27.0376 2060 mnmsrvc - ok
18:22:27.0423 2060 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINNT\system32\drivers\Modem.sys
18:22:27.0439 2060 Modem - ok
18:22:27.0470 2060 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINNT\system32\DRIVERS\mouclass.sys
18:22:27.0470 2060 Mouclass - ok
18:22:27.0532 2060 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINNT\system32\DRIVERS\mouhid.sys
18:22:27.0548 2060 mouhid - ok
18:22:28.0017 2060 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINNT\system32\drivers\MountMgr.sys
18:22:28.0017 2060 MountMgr - ok
18:22:28.0095 2060 MozillaMaintenance (65f455520aeaaccfb1bdf47f8ab308ee) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:22:28.0095 2060 MozillaMaintenance - ok
18:22:28.0173 2060 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINNT\system32\DRIVERS\MPE.sys
18:22:28.0189 2060 MPE - ok
18:22:28.0220 2060 mraid35x - ok
18:22:28.0251 2060 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINNT\system32\DRIVERS\mrxdav.sys
18:22:28.0282 2060 MRxDAV - ok
18:22:28.0345 2060 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINNT\system32\DRIVERS\mrxsmb.sys
18:22:28.0361 2060 MRxSmb - ok
18:22:28.0407 2060 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINNT\System32\msdtc.exe
18:22:28.0407 2060 MSDTC - ok
18:22:28.0486 2060 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINNT\system32\drivers\Msfs.sys
18:22:28.0486 2060 Msfs - ok
18:22:28.0548 2060 MSFTPSVC (db3c22745c0da4666f3be31f1af36b2f) C:\WINNT\System32\inetsrv\inetinfo.exe
18:22:28.0548 2060 MSFTPSVC - ok
18:22:28.0595 2060 MSIServer - ok
18:22:28.0657 2060 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINNT\system32\drivers\MSKSSRV.sys
18:22:28.0657 2060 MSKSSRV - ok
18:22:28.0704 2060 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINNT\system32\drivers\MSPCLOCK.sys
18:22:28.0704 2060 MSPCLOCK - ok
18:22:28.0767 2060 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINNT\system32\drivers\MSPQM.sys
18:22:28.0782 2060 MSPQM - ok
18:22:28.0829 2060 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINNT\system32\DRIVERS\mssmbios.sys
18:22:28.0829 2060 mssmbios - ok
18:22:28.0892 2060 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINNT\system32\drivers\MSTEE.sys
18:22:28.0907 2060 MSTEE - ok
18:22:28.0939 2060 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINNT\system32\drivers\msmpu401.sys
18:22:28.0939 2060 ms_mpu401 - ok
18:22:28.0986 2060 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINNT\system32\drivers\Mup.sys
18:22:29.0001 2060 Mup - ok
18:22:29.0048 2060 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINNT\system32\DRIVERS\NABTSFEC.sys
18:22:29.0048 2060 NABTSFEC - ok
18:22:29.0126 2060 napagent (0102140028fad045756796e1c685d695) C:\WINNT\System32\qagentrt.dll
18:22:29.0142 2060 napagent - ok
18:22:29.0189 2060 narqwe - ok
18:22:29.0251 2060 Ncrc710 - ok
18:22:29.0314 2060 NDIS (1df7f42665c94b825322fae71721130d) C:\WINNT\system32\drivers\NDIS.sys
18:22:29.0314 2060 NDIS - ok
18:22:29.0376 2060 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINNT\system32\DRIVERS\NdisIP.sys
18:22:29.0376 2060 NdisIP - ok
18:22:29.0439 2060 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINNT\system32\DRIVERS\ndistapi.sys
18:22:29.0439 2060 NdisTapi - ok
18:22:29.0486 2060 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINNT\system32\DRIVERS\ndisuio.sys
18:22:29.0501 2060 Ndisuio - ok
18:22:29.0564 2060 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINNT\system32\DRIVERS\ndiswan.sys
18:22:29.0564 2060 NdisWan - ok
18:22:29.0626 2060 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINNT\system32\drivers\NDProxy.sys
18:22:29.0642 2060 NDProxy - ok
18:22:29.0704 2060 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINNT\system32\DRIVERS\netbios.sys
18:22:29.0704 2060 NetBIOS - ok
18:22:29.0751 2060 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINNT\system32\DRIVERS\netbt.sys
18:22:29.0751 2060 NetBT - ok
18:22:29.0798 2060 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINNT\system32\netdde.exe
18:22:29.0798 2060 NetDDE - ok
18:22:29.0814 2060 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINNT\system32\netdde.exe
18:22:29.0829 2060 NetDDEdsdm - ok
18:22:29.0876 2060 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINNT\System32\lsass.exe
18:22:29.0876 2060 Netlogon - ok
18:22:29.0939 2060 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINNT\System32\netman.dll
18:22:29.0954 2060 Netman - ok
18:22:30.0064 2060 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:22:30.0064 2060 NetTcpPortSharing - ok
18:22:30.0142 2060 Nla (943337d786a56729263071623bbb9de5) C:\WINNT\System32\mswsock.dll
18:22:30.0157 2060 Nla - ok
18:22:30.0236 2060 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINNT\system32\drivers\Npfs.sys
18:22:30.0236 2060 Npfs - ok
18:22:30.0329 2060 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINNT\system32\drivers\Ntfs.sys
18:22:30.0361 2060 Ntfs - ok
18:22:30.0439 2060 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINNT\System32\lsass.exe
18:22:30.0454 2060 NtLmSsp - ok
18:22:30.0517 2060 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINNT\system32\ntmssvc.dll
18:22:30.0548 2060 NtmsSvc - ok
18:22:30.0595 2060 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINNT\system32\drivers\Null.sys
18:22:30.0595 2060 Null - ok
18:22:30.0657 2060 nvax (47b3852808dd579a463fce7085b77413) C:\WINNT\system32\drivers\nvax.sys
18:22:30.0673 2060 nvax - ok
18:22:30.0736 2060 NVENET (fbe448efa5484a256528e1d02b959bbc) C:\WINNT\system32\DRIVERS\NVENET.sys
18:22:30.0736 2060 NVENET - ok
18:22:30.0798 2060 nvnforce (adbcba116496229a163193bbe0bb28ce) C:\WINNT\system32\drivers\nvapu.sys
18:22:30.0814 2060 nvnforce - ok
18:22:30.0876 2060 nv_agp (db36442c20793c53b4128eb85f9a3d32) C:\WINNT\system32\DRIVERS\nv_agp.sys
18:22:30.0876 2060 nv_agp - ok
18:22:30.0923 2060 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINNT\system32\DRIVERS\nwlnkflt.sys
18:22:30.0923 2060 NwlnkFlt - ok
18:22:31.0001 2060 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINNT\system32\DRIVERS\nwlnkfwd.sys
18:22:31.0001 2060 NwlnkFwd - ok
18:22:31.0157 2060 odserv (e54aa592a65f317390eee386a8821692) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:22:31.0173 2060 odserv - ok
18:22:31.0220 2060 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:22:31.0236 2060 ose - ok
18:22:31.0314 2060 Parallel - ok
18:22:31.0407 2060 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINNT\system32\DRIVERS\parport.sys
18:22:31.0407 2060 Parport - ok
18:22:31.0454 2060 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINNT\system32\drivers\PartMgr.sys
18:22:31.0470 2060 PartMgr - ok
18:22:31.0532 2060 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINNT\system32\drivers\ParVdm.sys
18:22:31.0532 2060 ParVdm - ok
18:22:31.0579 2060 PCI (a219903ccf74233761d92bef471a07b1) C:\WINNT\system32\DRIVERS\pci.sys
18:22:31.0579 2060 PCI - ok
18:22:31.0626 2060 PCIDump - ok
18:22:31.0657 2060 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINNT\system32\DRIVERS\pciide.sys
18:22:31.0657 2060 PCIIde - ok
18:22:31.0704 2060 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINNT\system32\drivers\Pcmcia.sys
18:22:31.0720 2060 Pcmcia - ok
18:22:31.0782 2060 PDCOMP - ok
18:22:31.0814 2060 PDFRAME - ok
18:22:31.0845 2060 PDRELI - ok
18:22:31.0876 2060 PDRFRAME - ok
18:22:31.0892 2060 perc2 - ok
18:22:31.0923 2060 perc2hib - ok
18:22:32.0001 2060 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINNT\system32\services.exe
18:22:32.0017 2060 PlugPlay - ok
18:22:32.0064 2060 Pml Driver HPZ12 (9d84376931440f3679beef2a414fa493) C:\WINNT\system32\HPZipm12.exe
18:22:32.0079 2060 Pml Driver HPZ12 - ok
18:22:32.0111 2060 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINNT\system32\lsass.exe
18:22:32.0126 2060 PolicyAgent - ok
18:22:32.0142 2060 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINNT\system32\DRIVERS\raspptp.sys
18:22:32.0157 2060 PptpMiniport - ok
18:22:32.0204 2060 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINNT\system32\DRIVERS\processr.sys
18:22:32.0204 2060 Processor - ok
18:22:32.0236 2060 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINNT\system32\lsass.exe
18:22:32.0251 2060 ProtectedStorage - ok
18:22:32.0282 2060 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINNT\system32\DRIVERS\ptilink.sys
18:22:32.0282 2060 Ptilink - ok
18:22:32.0329 2060 pwd_2k (204f26a7511652d26ddae9f17a68add1) C:\WINNT\system32\drivers\pwd_2k.sys
18:22:32.0329 2060 pwd_2k - ok
18:22:32.0423 2060 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINNT\system32\DRIVERS\PxHelp20.sys
18:22:32.0423 2060 PxHelp20 - ok
18:22:32.0454 2060 ql1080 - ok
18:22:32.0486 2060 Ql10wnt - ok
18:22:32.0501 2060 ql12160 - ok
18:22:32.0532 2060 ql1240 - ok
18:22:32.0564 2060 ql1280 - ok
18:22:32.0579 2060 ql2100 - ok
18:22:32.0626 2060 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINNT\system32\DRIVERS\rasacd.sys
18:22:32.0626 2060 RasAcd - ok
18:22:32.0657 2060 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINNT\System32\rasauto.dll
18:22:32.0673 2060 RasAuto - ok
18:22:32.0736 2060 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINNT\system32\DRIVERS\rasl2tp.sys
18:22:32.0736 2060 Rasl2tp - ok
18:22:32.0782 2060 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINNT\System32\rasmans.dll
18:22:32.0814 2060 RasMan - ok
18:22:32.0892 2060 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINNT\system32\DRIVERS\raspppoe.sys
18:22:32.0892 2060 RasPppoe - ok
18:22:32.0923 2060 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINNT\system32\DRIVERS\raspti.sys
18:22:32.0923 2060 Raspti - ok
18:22:32.0986 2060 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINNT\system32\DRIVERS\rdbss.sys
18:22:32.0986 2060 Rdbss - ok
18:22:33.0032 2060 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINNT\system32\DRIVERS\RDPCDD.sys
18:22:33.0032 2060 RDPCDD - ok
18:22:33.0095 2060 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINNT\system32\DRIVERS\rdpdr.sys
18:22:33.0095 2060 rdpdr - ok
18:22:33.0142 2060 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINNT\system32\drivers\RDPWD.sys
18:22:33.0142 2060 RDPWD - ok
18:22:33.0204 2060 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINNT\system32\sessmgr.exe
18:22:33.0236 2060 RDSessMgr - ok
18:22:33.0298 2060 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINNT\system32\DRIVERS\redbook.sys
18:22:33.0298 2060 redbook - ok
18:22:33.0376 2060 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINNT\System32\mprdim.dll
18:22:33.0376 2060 RemoteAccess - ok
18:22:33.0423 2060 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINNT\system32\regsvc.dll
18:22:33.0439 2060 RemoteRegistry - ok
18:22:33.0486 2060 RimUsb (616eac1b0e48b236a5a9b8ae07fdb81c) C:\WINNT\system32\Drivers\RimUsb.sys
18:22:33.0501 2060 RimUsb - ok
18:22:33.0611 2060 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINNT\system32\DRIVERS\RimSerial.sys
18:22:33.0611 2060 RimVSerPort - ok
18:22:33.0657 2060 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINNT\system32\Drivers\RootMdm.sys
18:22:33.0657 2060 ROOTMODEM - ok
18:22:33.0736 2060 Roxio UPnP Renderer 9 (afd61a7c48a3e15c86a6fadf0b69a2e4) C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
18:22:33.0736 2060 Roxio UPnP Renderer 9 - ok
18:22:33.0767 2060 Roxio Upnp Server 9 (efbb36e2bb02169d26e9980778fc20d3) C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
18:22:33.0782 2060 Roxio Upnp Server 9 - ok
18:22:33.0876 2060 RoxLiveShare (c8e8bd83cdcae4e8615b143a1a99e557) C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
18:22:33.0892 2060 RoxLiveShare - ok
18:22:34.0001 2060 RoxLiveShare9 (78e680a105f47b6aa0003bd23ed9fa51) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
18:22:34.0017 2060 RoxLiveShare9 - ok
18:22:34.0079 2060 RoxMediaDB (f8076abda4b2a04983cbfbbc910f5477) C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
18:22:34.0095 2060 RoxMediaDB - ok
18:22:34.0157 2060 RoxMediaDB9 (9d5c024170c376d7cc66ed853fda9068) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
18:22:34.0189 2060 RoxMediaDB9 - ok
18:22:34.0251 2060 RoxUPnPRenderer (ea55292f82d5b3f932d13eae4c84a0b1) C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
18:22:34.0267 2060 RoxUPnPRenderer - ok
18:22:34.0329 2060 RoxUpnpServer (8233134765970aecd4a338fe09d19516) C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
18:22:34.0361 2060 RoxUpnpServer - ok
18:22:34.0439 2060 RoxWatch (99120cd3351d989107daabe735998792) C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
18:22:34.0439 2060 RoxWatch - ok
18:22:34.0532 2060 RoxWatch9 (87f175539dbba297018aa7fcdd563ff7) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
18:22:34.0564 2060 RoxWatch9 - ok
18:22:34.0657 2060 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINNT\System32\locator.exe
18:22:34.0657 2060 RpcLocator - ok
18:22:34.0720 2060 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINNT\system32\rpcss.dll
18:22:34.0736 2060 RpcSs - ok
18:22:34.0782 2060 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINNT\System32\rsvp.exe
18:22:34.0798 2060 RSVP - ok
18:22:34.0845 2060 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINNT\system32\lsass.exe
18:22:34.0861 2060 SamSs - ok
18:22:34.0923 2060 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:22:34.0923 2060 SASDIFSV - ok
18:22:34.0939 2060 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
18:22:34.0939 2060 SASENUM - ok
18:22:34.0970 2060 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
18:22:34.0970 2060 SASKUTIL - ok
18:22:35.0017 2060 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINNT\System32\SCardSvr.exe
18:22:35.0032 2060 SCardSvr - ok
18:22:35.0111 2060 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINNT\system32\DRIVERS\secdrv.sys
18:22:35.0111 2060 Secdrv - ok
18:22:35.0220 2060 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINNT\System32\seclogon.dll
18:22:35.0236 2060 seclogon - ok
18:22:35.0298 2060 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINNT\system32\sens.dll
18:22:35.0314 2060 SENS - ok
18:22:35.0361 2060 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINNT\system32\DRIVERS\serenum.sys
18:22:35.0361 2060 serenum - ok
18:22:35.0392 2060 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINNT\system32\DRIVERS\serial.sys
18:22:35.0392 2060 Serial - ok
18:22:35.0454 2060 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINNT\system32\drivers\Sfloppy.sys
18:22:35.0454 2060 Sfloppy - ok
18:22:35.0517 2060 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINNT\System32\ipnathlp.dll
18:22:35.0532 2060 SharedAccess - ok
18:22:35.0579 2060 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINNT\System32\shsvcs.dll
18:22:35.0595 2060 ShellHWDetection - ok
18:22:35.0611 2060 Simbad - ok
18:22:35.0657 2060 SimpTcp (32933b07fc16d9f778bee12545fa1b1a) C:\WINNT\System32\tcpsvcs.exe
18:22:35.0673 2060 SimpTcp - ok
18:22:35.0704 2060 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINNT\system32\DRIVERS\SLIP.sys
18:22:35.0704 2060 SLIP - ok
18:22:35.0736 2060 SMR200 - ok
18:22:35.0798 2060 SMTPSVC (db3c22745c0da4666f3be31f1af36b2f) C:\WINNT\System32\inetsrv\inetinfo.exe
18:22:35.0798 2060 SMTPSVC - ok
18:22:35.0845 2060 SNMP (60c377be6b3cc83f6a8584934b181d2e) C:\WINNT\System32\snmp.exe
18:22:35.0845 2060 SNMP - ok
18:22:35.0892 2060 SNMPTRAP (80a050795a107a76c2b1cd4cfbe010e6) C:\WINNT\System32\snmptrap.exe
18:22:35.0907 2060 SNMPTRAP - ok
18:22:35.0986 2060 Sparrow - ok
18:22:36.0064 2060 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINNT\system32\drivers\splitter.sys
18:22:36.0064 2060 splitter - ok
18:22:36.0126 2060 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINNT\system32\spoolsv.exe
18:22:36.0142 2060 Spooler - ok
18:22:36.0189 2060 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINNT\System32\DRIVERS\sr.sys
18:22:36.0189 2060 sr - ok
18:22:36.0220 2060 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINNT\system32\srsvc.dll
18:22:36.0251 2060 srservice - ok
18:22:36.0298 2060 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINNT\system32\DRIVERS\srv.sys
18:22:36.0314 2060 Srv - ok
18:22:36.0361 2060 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINNT\System32\ssdpsrv.dll
18:22:36.0376 2060 SSDPSRV - ok
18:22:36.0439 2060 StiSvc (8bad69cbac032d4bbacfce0306174c30) C:\WINNT\system32\wiaservc.dll
18:22:36.0470 2060 StiSvc - ok
18:22:36.0517 2060 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINNT\system32\DRIVERS\StreamIP.sys
18:22:36.0517 2060 streamip - ok
18:22:36.0579 2060 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINNT\system32\DRIVERS\swenum.sys
18:22:36.0579 2060 swenum - ok
18:22:36.0657 2060 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINNT\system32\drivers\swmidi.sys
18:22:36.0657 2060 swmidi - ok
18:22:36.0736 2060 symc810 - ok
18:22:36.0751 2060 symc8xx - ok
18:22:36.0782 2060 sym_hi - ok
18:22:36.0814 2060 sym_u3 - ok
18:22:36.0845 2060 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINNT\system32\drivers\sysaudio.sys
18:22:36.0845 2060 sysaudio - ok
18:22:36.0892 2060 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINNT\system32\smlogsvc.exe
18:22:36.0907 2060 SysmonLog - ok
18:22:36.0954 2060 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINNT\System32\tapisrv.dll
18:22:36.0986 2060 TapiSrv - ok
18:22:37.0048 2060 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINNT\system32\DRIVERS\tcpip.sys
18:22:37.0064 2060 Tcpip - ok
18:22:37.0111 2060 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINNT\system32\drivers\TDPIPE.sys
18:22:37.0111 2060 TDPIPE - ok
18:22:37.0142 2060 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINNT\system32\drivers\TDTCP.sys
18:22:37.0142 2060 TDTCP - ok
18:22:37.0189 2060 TermDD (88155247177638048422893737429d9e) C:\WINNT\system32\DRIVERS\termdd.sys
18:22:37.0189 2060 TermDD - ok
18:22:37.0236 2060 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINNT\System32\termsrv.dll
18:22:37.0267 2060 TermService - ok
18:22:37.0345 2060 tga - ok
18:22:37.0423 2060 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINNT\System32\shsvcs.dll
18:22:37.0439 2060 Themes - ok
18:22:37.0470 2060 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINNT\System32\tlntsvr.exe
18:22:37.0486 2060 TlntSvr - ok
18:22:37.0517 2060 TosIde - ok
18:22:37.0564 2060 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINNT\system32\trkwks.dll
18:22:37.0579 2060 TrkWks - ok
18:22:37.0642 2060 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINNT\system32\drivers\Udfs.sys
18:22:37.0642 2060 Udfs - ok
18:22:37.0673 2060 ultra - ok
18:22:37.0689 2060 ultra66 - ok
18:22:37.0751 2060 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINNT\system32\DRIVERS\update.sys
18:22:37.0767 2060 Update - ok
18:22:37.0829 2060 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINNT\System32\upnphost.dll
18:22:37.0861 2060 upnphost - ok
18:22:37.0892 2060 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINNT\System32\ups.exe
18:22:37.0907 2060 UPS - ok
18:22:37.0954 2060 usbaudio (e919708db44ed8543a7c017953148330) C:\WINNT\system32\drivers\usbaudio.sys
18:22:37.0954 2060 usbaudio - ok
18:22:38.0017 2060 usbbus (5353218b3265e3b8190335059f697a11) C:\WINNT\system32\DRIVERS\lgusbbus.sys
18:22:38.0017 2060 usbbus - ok
18:22:38.0111 2060 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINNT\system32\DRIVERS\usbccgp.sys
18:22:38.0126 2060 usbccgp - ok
18:22:38.0220 2060 UsbDiag (7dd3eefc62a1ef44e5f940fa651ed9ed) C:\WINNT\system32\DRIVERS\lgusbdiag.sys
18:22:38.0220 2060 UsbDiag - ok
18:22:38.0267 2060 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINNT\system32\DRIVERS\usbehci.sys
18:22:38.0267 2060 usbehci - ok
18:22:38.0329 2060 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINNT\system32\DRIVERS\usbhub.sys
18:22:38.0329 2060 usbhub - ok
18:22:38.0376 2060 usbhub20 (b0205d19ba25ca654810d0aed04496a8) C:\WINNT\system32\DRIVERS\usbhub20.sys
18:22:38.0376 2060 usbhub20 - ok
18:22:38.0423 2060 USBModem (083031a78822eccbd7510bccd3e20d4c) C:\WINNT\system32\DRIVERS\lgusbmodem.sys
18:22:38.0423 2060 USBModem - ok
18:22:38.0454 2060 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINNT\system32\DRIVERS\usbohci.sys
18:22:38.0470 2060 usbohci - ok
18:22:38.0517 2060 usbprint (a717c8721046828520c9edf31288fc00) C:\WINNT\system32\DRIVERS\usbprint.sys
18:22:38.0517 2060 usbprint - ok
18:22:38.0564 2060 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINNT\system32\DRIVERS\usbscan.sys
18:22:38.0564 2060 usbscan - ok
18:22:38.0595 2060 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINNT\system32\DRIVERS\USBSTOR.SYS
18:22:38.0611 2060 USBSTOR - ok
18:22:38.0657 2060 UtilMan (0845e936c85ad45b452cbc86a316cf2a) C:\WINNT\System32\UtilMan.exe
18:22:38.0657 2060 UtilMan - ok
18:22:38.0704 2060 VC4CB104 (4372398a6ae42586eb1c6533dd3b575d) C:\WINNT\system32\Drivers\VC4CB104.SYS
18:22:38.0720 2060 VC4CB104 - ok
18:22:38.0829 2060 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINNT\System32\drivers\vga.sys
18:22:38.0829 2060 VgaSave - ok
18:22:38.0892 2060 ViaIde - ok
18:22:38.0954 2060 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINNT\system32\drivers\VolSnap.sys
18:22:38.0954 2060 VolSnap - ok
18:22:39.0001 2060 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINNT\System32\vssvc.exe
18:22:39.0032 2060 VSS - ok
18:22:39.0111 2060 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINNT\system32\w32time.dll
18:22:39.0142 2060 W32Time - ok
18:22:39.0204 2060 W3SVC (db3c22745c0da4666f3be31f1af36b2f) C:\WINNT\System32\inetsrv\inetinfo.exe
18:22:39.0204 2060 W3SVC - ok
18:22:39.0251 2060 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINNT\system32\DRIVERS\wanarp.sys
18:22:39.0251 2060 Wanarp - ok
18:22:39.0314 2060 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINNT\system32\Drivers\wdf01000.sys
18:22:39.0329 2060 Wdf01000 - ok
18:22:39.0423 2060 WDICA - ok
18:22:39.0501 2060 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINNT\system32\drivers\wdmaud.sys
18:22:39.0517 2060 wdmaud - ok
18:22:39.0564 2060 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINNT\System32\webclnt.dll
18:22:39.0579 2060 WebClient - ok
18:22:39.0657 2060 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINNT\system32\wbem\WMIsvc.dll
18:22:39.0657 2060 winmgmt - ok
18:22:39.0736 2060 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINNT\system32\MsPMSNSv.dll
18:22:39.0751 2060 WmdmPmSN - ok
18:22:39.0814 2060 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINNT\System32\advapi32.dll
18:22:39.0845 2060 Wmi - ok
18:22:39.0923 2060 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINNT\System32\wbem\wmiapsrv.exe
18:22:39.0923 2060 WmiApSrv - ok
18:22:40.0048 2060 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
18:22:40.0079 2060 WMPNetworkSvc - ok
18:22:40.0173 2060 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINNT\System32\drivers\ws2ifsl.sys
18:22:40.0173 2060 WS2IFSL - ok
18:22:40.0267 2060 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINNT\system32\wscsvc.dll
18:22:40.0282 2060 wscsvc - ok
18:22:40.0329 2060 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINNT\system32\DRIVERS\WSTCODEC.SYS
18:22:40.0329 2060 WSTCODEC - ok
18:22:40.0345 2060 wuauserv - ok
18:22:40.0407 2060 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINNT\system32\DRIVERS\WudfPf.sys
18:22:40.0407 2060 WudfPf - ok
18:22:40.0454 2060 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINNT\System32\WUDFSvc.dll
18:22:40.0501 2060 WudfSvc - ok
18:22:40.0564 2060 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINNT\System32\wzcsvc.dll
18:22:40.0595 2060 WZCSVC - ok
18:22:40.0689 2060 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINNT\System32\xmlprov.dll
18:22:40.0704 2060 xmlprov - ok
18:22:40.0751 2060 MBR (0x1B8) (faee7e40dfb0440ad2cfc39befa1f4c2) \Device\Harddisk0\DR0
18:22:40.0767 2060 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
18:22:40.0767 2060 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
18:22:40.0782 2060 Boot (0x1200) (d7ea04c902740e05059141c320390351) \Device\Harddisk0\DR0\Partition0
18:22:40.0782 2060 \Device\Harddisk0\DR0\Partition0 - ok
18:22:40.0782 2060 ============================================================
18:22:40.0782 2060 Scan finished
18:22:40.0782 2060 ============================================================

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:03 PM

Posted 25 March 2012 - 05:56 PM

Restart the PC and run aswmbr and GMER once again and post the logs

good luck

#5 leo1969

leo1969
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:03 PM

Posted 26 March 2012 - 09:16 AM

Tried GMER again, also in safe mode (ran longer in safe mode before it reboot), still reboot not giving me the ability to generate a proper log file. Here is what I got so far.

Thanks again for your help.



GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-03-25 19:57:34
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD800JB-00FMA0 rev.13.03G13
Running: j6xd74ce.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ugtdapow.sys


---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 TDL4@MBR code has been found <-- ROOTKIT !!!
Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xBA2BB28E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xBA2BB0F9]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xBA358D92]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T1L0-17 876562C6
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0 876562C6
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP0T0L0-3 876562C6
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1 876562C6
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T0L0-f 876562C6
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- EOF - GMER 1.0.15 ----







aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-25 19:17:18
-----------------------------
19:17:18.302 OS Version: Windows 5.1.2600 Service Pack 3
19:17:18.302 Number of processors: 1 586 0xA00
19:17:18.302 ComputerName: PWD UserName:
19:17:19.614 Initialize success
19:17:20.504 AVAST engine defs: 12032501
19:17:48.542 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
19:17:48.542 Disk 0 Vendor: WDC_WD800JB-00FMA0 13.03G13 Size: 76319MB BusType: 3
19:17:48.542 Device \Driver\atapi -> DriverStartIo 876562c6
19:17:48.557 Disk 0 MBR read successfully
19:17:48.557 Disk 0 MBR scan
19:17:48.588 Disk 0 MBR:Alureon-M [Rtk]
19:17:48.588 Disk 0 TDL4@MBR code has been found
19:17:48.588 Disk 0 Windows XP default MBR code found via API
19:17:48.588 Disk 0 MBR hidden
19:17:48.588 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76316 MB offset 63
19:17:48.588 Disk 0 MBR [TDL4] **ROOTKIT**
19:17:48.588 Disk 0 trace - called modules:
19:17:48.588 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8765649f]<<
19:17:48.588 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x876f6ab8]
19:17:48.588 3 CLASSPNP.SYS[f77affd7] -> nt!IofCallDriver -> \Device\0000005f[0x876e5f18]
19:17:48.588 5 ACPI.sys[f7726620] -> nt!IofCallDriver -> [0x877e4820]
19:17:48.588 \Driver\atapi[0x876e79f8] -> IRP_MJ_CREATE -> 0x8765649f
19:17:48.823 AVAST engine scan C:\WINNT
19:18:09.082 AVAST engine scan C:\WINNT\system32
19:20:21.730 AVAST engine scan C:\WINNT\system32\drivers
19:20:33.852 AVAST engine scan C:\Documents and Settings\Administrator
19:21:58.078 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\LogFiles\MBR.dat"
19:21:58.094 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\LogFiles\aswMBR1.txt"



18:22:08.0486 2096 TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00
18:22:08.0939 2096 ============================================================
18:22:08.0939 2096 Current date / time: 2012/03/25 18:22:08.0939
18:22:08.0939 2096 SystemInfo:
18:22:08.0939 2096
18:22:08.0939 2096 OS Version: 5.1.2600 ServicePack: 3.0
18:22:08.0939 2096 Product type: Workstation
18:22:08.0939 2096 ComputerName: PWD
18:22:08.0939 2096 UserName: Administrator
18:22:08.0939 2096 Windows directory: C:\WINNT
18:22:08.0939 2096 System windows directory: C:\WINNT
18:22:08.0939 2096 Processor architecture: Intel x86
18:22:08.0939 2096 Number of processors: 1
18:22:08.0939 2096 Page size: 0x1000
18:22:08.0939 2096 Boot type: Normal boot
18:22:08.0939 2096 ============================================================
18:22:10.0517 2096 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:22:10.0532 2096 \Device\Harddisk0\DR0:
18:22:10.0532 2096 MBR used
18:22:10.0532 2096 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
18:22:10.0548 2096 Initialize success
18:22:10.0548 2096 ============================================================
18:22:14.0407 2060 ============================================================
18:22:14.0407 2060 Scan started
18:22:14.0407 2060 Mode: Manual;
18:22:14.0407 2060 ============================================================
18:22:15.0439 2060 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
18:22:15.0439 2060 !SASCORE - ok
18:22:15.0579 2060 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINNT\system32\drivers\Aavmker4.sys
18:22:15.0579 2060 Aavmker4 - ok
18:22:15.0626 2060 Abiosdsk - ok
18:22:15.0657 2060 abp480n5 - ok
18:22:15.0704 2060 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINNT\system32\DRIVERS\ACPI.sys
18:22:15.0704 2060 ACPI - ok
18:22:15.0751 2060 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINNT\system32\drivers\ACPIEC.sys
18:22:15.0751 2060 ACPIEC - ok
18:22:16.0111 2060 Adobe Version Cue CS3 (14c23516c990dcd6052152cf034dde40) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
18:22:16.0126 2060 Adobe Version Cue CS3 - ok
18:22:16.0142 2060 adpu160m - ok
18:22:16.0204 2060 aec (8bed39e3c35d6a489438b8141717a557) C:\WINNT\system32\drivers\aec.sys
18:22:16.0204 2060 aec - ok
18:22:16.0282 2060 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINNT\System32\drivers\afd.sys
18:22:16.0282 2060 AFD - ok
18:22:16.0298 2060 Aha154x - ok
18:22:16.0329 2060 aic116x - ok
18:22:16.0345 2060 aic78u2 - ok
18:22:16.0376 2060 aic78xx - ok
18:22:16.0423 2060 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINNT\system32\alrsvc.dll
18:22:16.0423 2060 Alerter - ok
18:22:16.0470 2060 ALG (8c515081584a38aa007909cd02020b3d) C:\WINNT\System32\alg.exe
18:22:16.0470 2060 ALG - ok
18:22:16.0501 2060 AliIde - ok
18:22:16.0532 2060 AmdK7 (8fce268cdbdd83b23419d1f35f42c7b1) C:\WINNT\system32\DRIVERS\amdk7.sys
18:22:16.0532 2060 AmdK7 - ok
18:22:16.0611 2060 ami0nt - ok
18:22:16.0657 2060 amsint - ok
18:22:16.0736 2060 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:22:16.0736 2060 Apple Mobile Device - ok
18:22:16.0782 2060 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINNT\System32\appmgmts.dll
18:22:16.0782 2060 AppMgmt - ok
18:22:16.0814 2060 asc - ok
18:22:16.0845 2060 asc3350p - ok
18:22:16.0861 2060 asc3550 - ok
18:22:16.0970 2060 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:22:17.0017 2060 aspnet_state - ok
18:22:17.0079 2060 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINNT\system32\drivers\aswFsBlk.sys
18:22:17.0079 2060 aswFsBlk - ok
18:22:17.0142 2060 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINNT\system32\drivers\aswMon2.sys
18:22:17.0157 2060 aswMon2 - ok
18:22:17.0189 2060 AswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINNT\system32\drivers\AswRdr.sys
18:22:17.0204 2060 AswRdr - ok
18:22:17.0251 2060 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINNT\system32\drivers\aswSnx.sys
18:22:17.0267 2060 aswSnx - ok
18:22:17.0376 2060 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINNT\system32\drivers\aswSP.sys
18:22:17.0392 2060 aswSP - ok
18:22:17.0454 2060 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINNT\system32\drivers\aswTdi.sys
18:22:17.0454 2060 aswTdi - ok
18:22:17.0501 2060 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINNT\system32\DRIVERS\asyncmac.sys
18:22:17.0501 2060 AsyncMac - ok
18:22:17.0548 2060 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINNT\system32\DRIVERS\atapi.sys
18:22:17.0548 2060 atapi - ok
18:22:17.0579 2060 Atdisk - ok
18:22:17.0626 2060 Ati HotKey Poller (91fa52a79c87d1cd141c59844506a02b) C:\WINNT\system32\Ati2evxx.exe
18:22:17.0657 2060 Ati HotKey Poller - ok
18:22:17.0720 2060 ATI Smart (fe5b849d62f19feffa04bf3eb39291cb) C:\WINNT\system32\ati2sgag.exe
18:22:17.0736 2060 ATI Smart - ok
18:22:17.0861 2060 ati2mtag (956c7ec3a9de96f785b829beb41e3c3e) C:\WINNT\system32\DRIVERS\ati2mtag.sys
18:22:17.0892 2060 ati2mtag - ok
18:22:17.0939 2060 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINNT\system32\DRIVERS\atmarpc.sys
18:22:17.0939 2060 Atmarpc - ok
18:22:18.0032 2060 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINNT\System32\audiosrv.dll
18:22:18.0032 2060 AudioSrv - ok
18:22:18.0095 2060 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINNT\system32\DRIVERS\audstub.sys
18:22:18.0095 2060 audstub - ok
18:22:18.0204 2060 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:22:18.0204 2060 avast! Antivirus - ok
18:22:18.0282 2060 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINNT\system32\drivers\Beep.sys
18:22:18.0282 2060 Beep - ok
18:22:18.0345 2060 BITS (574738f61fca2935f5265dc4e5691314) C:\WINNT\System32\qmgr.dll
18:22:18.0423 2060 BITS - ok
18:22:18.0486 2060 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files\Bonjour\mDNSResponder.exe
18:22:18.0517 2060 Bonjour Service - ok
18:22:18.0579 2060 Brother XP spl Service (d3facb34fff5db91adb70987838f8ba7) C:\WINNT\System32\brsvc01a.exe
18:22:18.0595 2060 Brother XP spl Service - ok
18:22:18.0673 2060 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINNT\System32\browser.dll
18:22:18.0673 2060 Browser - ok
18:22:18.0736 2060 BrScnUsb (6cf3aed19c2185c60de2ae50ee37a342) C:\WINNT\system32\Drivers\BrScnUsb.sys
18:22:18.0736 2060 BrScnUsb - ok
18:22:18.0782 2060 BrSerial (228c0b9467f0b502952c07e458d9a83e) C:\WINNT\system32\drivers\BrSerial.sys
18:22:18.0798 2060 BrSerial - ok
18:22:18.0814 2060 BusLogic - ok
18:22:18.0845 2060 c2scsi - ok
18:22:18.0892 2060 CaCCProvSP (fa4ca440db72e0a0b3d00dd830439de8) C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
18:22:18.0907 2060 CaCCProvSP - ok
18:22:18.0970 2060 Cap7134 (cdd70bf480385425dbdd33a9093957c2) C:\WINNT\system32\DRIVERS\Cap7134.sys
18:22:18.0986 2060 Cap7134 - ok
18:22:19.0032 2060 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINNT\system32\drivers\cbidf2k.sys
18:22:19.0032 2060 cbidf2k - ok
18:22:19.0064 2060 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINNT\system32\DRIVERS\CCDECODE.sys
18:22:19.0079 2060 CCDECODE - ok
18:22:19.0126 2060 cd20xrnt - ok
18:22:19.0204 2060 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINNT\system32\drivers\Cdaudio.sys
18:22:19.0204 2060 Cdaudio - ok
18:22:19.0251 2060 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINNT\system32\drivers\Cdfs.sys
18:22:19.0251 2060 Cdfs - ok
18:22:19.0376 2060 Cdr4_2K (bf79e659c506674c0497cc9c61f1a165) C:\WINNT\system32\drivers\Cdr4_2K.sys
18:22:19.0376 2060 Cdr4_2K - ok
18:22:19.0517 2060 Cdralw2k (2c41cd49d82d5fd85c72d57b6ca25471) C:\WINNT\system32\drivers\Cdralw2k.sys
18:22:19.0626 2060 Cdralw2k - ok
18:22:19.0704 2060 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINNT\system32\DRIVERS\cdrom.sys
18:22:19.0704 2060 Cdrom - ok
18:22:19.0814 2060 cdudf_xp (78e46ff4ea745d9024745a29d7b89394) C:\WINNT\system32\drivers\cdudf_xp.sys
18:22:19.0829 2060 cdudf_xp - ok
18:22:19.0845 2060 Changer - ok
18:22:19.0892 2060 cisvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINNT\system32\cisvc.exe
18:22:19.0907 2060 cisvc - ok
18:22:19.0954 2060 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINNT\system32\clipsrv.exe
18:22:19.0970 2060 ClipSrv - ok
18:22:20.0064 2060 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:22:20.0142 2060 clr_optimization_v2.0.50727_32 - ok
18:22:20.0157 2060 CmdIde - ok
18:22:20.0189 2060 COMSysApp - ok
18:22:20.0236 2060 Cpqarray - ok
18:22:20.0251 2060 cpqarry2 - ok
18:22:20.0282 2060 cpqfcalm - ok
18:22:20.0314 2060 cpqfws2e - ok
18:22:20.0392 2060 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINNT\System32\cryptsvc.dll
18:22:20.0407 2060 CryptSvc - ok
18:22:20.0439 2060 dac2w2k - ok
18:22:20.0470 2060 dac960nt - ok
18:22:20.0548 2060 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINNT\system32\rpcss.dll
18:22:20.0595 2060 DcomLaunch - ok
18:22:20.0673 2060 deckzpsx - ok
18:22:20.0751 2060 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINNT\System32\dhcpcsvc.dll
18:22:20.0767 2060 Dhcp - ok
18:22:20.0814 2060 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINNT\system32\DRIVERS\disk.sys
18:22:20.0829 2060 Disk - ok
18:22:20.0876 2060 DisplayLinkmirror (b1d85ea325c796374bdb4cf59f07bbfd) C:\WINNT\system32\DRIVERS\DisplayLinkmirrorport.sys
18:22:20.0892 2060 DisplayLinkmirror - ok
18:22:20.0939 2060 DisplayLinkService (b3db43d8a8e4a574be1e3f66e5434353) C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe
18:22:20.0954 2060 DisplayLinkService - ok
18:22:20.0986 2060 dmadmin - ok
18:22:21.0064 2060 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINNT\system32\drivers\dmboot.sys
18:22:21.0111 2060 dmboot - ok
18:22:21.0173 2060 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINNT\system32\DRIVERS\dmio.sys
18:22:21.0189 2060 dmio - ok
18:22:21.0282 2060 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINNT\system32\drivers\dmload.sys
18:22:21.0282 2060 dmload - ok
18:22:21.0361 2060 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINNT\System32\dmserver.dll
18:22:21.0376 2060 dmserver - ok
18:22:21.0423 2060 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINNT\system32\drivers\DMusic.sys
18:22:21.0423 2060 DMusic - ok
18:22:21.0486 2060 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINNT\System32\dnsrslvr.dll
18:22:21.0486 2060 Dnscache - ok
18:22:21.0564 2060 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINNT\System32\dot3svc.dll
18:22:21.0564 2060 Dot3svc - ok
18:22:21.0595 2060 dpti2o - ok
18:22:21.0642 2060 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINNT\system32\drivers\drmkaud.sys
18:22:21.0657 2060 drmkaud - ok
18:22:21.0704 2060 drvmcdb (7df2e645fbda7cde94fcabba7f0de4c2) C:\WINNT\system32\drivers\drvmcdb.sys
18:22:21.0704 2060 drvmcdb - ok
18:22:21.0751 2060 dvd_2K (bb23adb69401eb3e86c09a6f986e63d2) C:\WINNT\system32\drivers\dvd_2K.sys
18:22:21.0751 2060 dvd_2K - ok
18:22:21.0798 2060 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINNT\System32\eapsvc.dll
18:22:21.0814 2060 EapHost - ok
18:22:21.0845 2060 EFS - ok
18:22:21.0986 2060 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
18:22:21.0986 2060 EpsonBidirectionalService - ok
18:22:22.0064 2060 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINNT\System32\ersvc.dll
18:22:22.0079 2060 ERSvc - ok
18:22:22.0157 2060 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINNT\system32\services.exe
18:22:22.0204 2060 Eventlog - ok
18:22:22.0267 2060 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINNT\system32\es.dll
18:22:22.0298 2060 EventSystem - ok
18:22:22.0376 2060 Fastfat (38d332a6d56af32635675f132548343e) C:\WINNT\system32\drivers\Fastfat.sys
18:22:22.0392 2060 Fastfat - ok
18:22:22.0439 2060 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINNT\System32\shsvcs.dll
18:22:22.0501 2060 FastUserSwitchingCompatibility - ok
18:22:22.0564 2060 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINNT\system32\fxssvc.exe
18:22:22.0689 2060 Fax - ok
18:22:22.0736 2060 Fd16_700 - ok
18:22:22.0829 2060 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINNT\system32\DRIVERS\fdc.sys
18:22:22.0845 2060 Fdc - ok
18:22:22.0892 2060 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINNT\system32\drivers\Fips.sys
18:22:22.0892 2060 Fips - ok
18:22:22.0954 2060 fireport - ok
18:22:23.0017 2060 flashpnt - ok
18:22:23.0142 2060 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:22:23.0142 2060 FLEXnet Licensing Service - ok
18:22:23.0251 2060 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINNT\system32\DRIVERS\flpydisk.sys
18:22:23.0251 2060 Flpydisk - ok
18:22:23.0298 2060 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINNT\system32\drivers\fltmgr.sys
18:22:23.0298 2060 FltMgr - ok
18:22:23.0454 2060 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINNT\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:22:23.0454 2060 FontCache3.0.0.0 - ok
18:22:23.0517 2060 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINNT\system32\drivers\Fs_Rec.sys
18:22:23.0517 2060 Fs_Rec - ok
18:22:23.0564 2060 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINNT\system32\DRIVERS\ftdisk.sys
18:22:23.0564 2060 Ftdisk - ok
18:22:23.0626 2060 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINNT\system32\DRIVERS\gameenum.sys
18:22:23.0626 2060 gameenum - ok
18:22:23.0720 2060 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINNT\system32\Drivers\GEARAspiWDM.sys
18:22:23.0720 2060 GEARAspiWDM - ok
18:22:23.0782 2060 gmer (b56eb0a2210980e76390bd670bcb618b) C:\WINNT\system32\DRIVERS\gmer.sys
18:22:23.0782 2060 gmer - ok
18:22:23.0829 2060 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINNT\system32\DRIVERS\msgpc.sys
18:22:23.0829 2060 Gpc - ok
18:22:23.0907 2060 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\WINNT\system32\drivers\grmnusb.sys
18:22:23.0907 2060 grmnusb - ok
18:22:24.0032 2060 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
18:22:24.0032 2060 gupdate - ok
18:22:24.0048 2060 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
18:22:24.0048 2060 gupdatem - ok
18:22:24.0079 2060 gusvc (5467f1ff0af264566740f67e8b810735) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:22:24.0079 2060 gusvc - ok
18:22:24.0157 2060 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINNT\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:22:24.0157 2060 helpsvc - ok
18:22:24.0236 2060 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINNT\System32\hidserv.dll
18:22:24.0236 2060 HidServ - ok
18:22:24.0314 2060 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINNT\system32\DRIVERS\hidusb.sys
18:22:24.0314 2060 hidusb - ok
18:22:24.0407 2060 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINNT\System32\kmsvc.dll
18:22:24.0423 2060 hkmsvc - ok
18:22:24.0470 2060 hpn - ok
18:22:24.0501 2060 hpt3xx - ok
18:22:24.0564 2060 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINNT\system32\DRIVERS\HPZid412.sys
18:22:24.0564 2060 HPZid412 - ok
18:22:24.0595 2060 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINNT\system32\DRIVERS\HPZipr12.sys
18:22:24.0595 2060 HPZipr12 - ok
18:22:24.0626 2060 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINNT\system32\DRIVERS\HPZius12.sys
18:22:24.0626 2060 HPZius12 - ok
18:22:24.0689 2060 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINNT\system32\Drivers\HTTP.sys
18:22:24.0720 2060 HTTP - ok
18:22:24.0782 2060 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINNT\System32\w3ssl.dll
18:22:24.0782 2060 HTTPFilter - ok
18:22:24.0814 2060 i2omgmt - ok
18:22:24.0845 2060 i2omp - ok
18:22:24.0876 2060 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINNT\system32\DRIVERS\i8042prt.sys
18:22:24.0876 2060 i8042prt - ok
18:22:25.0001 2060 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:22:25.0001 2060 IDriverT - ok
18:22:25.0126 2060 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:22:25.0157 2060 idsvc - ok
18:22:25.0236 2060 IISADMIN (db3c22745c0da4666f3be31f1af36b2f) C:\WINNT\System32\inetsrv\inetinfo.exe
18:22:25.0236 2060 IISADMIN - ok
18:22:25.0345 2060 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINNT\system32\DRIVERS\imapi.sys
18:22:25.0345 2060 Imapi - ok
18:22:25.0407 2060 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINNT\system32\imapi.exe
18:22:25.0423 2060 ImapiService - ok
18:22:25.0470 2060 ini910u - ok
18:22:25.0501 2060 IntelIde - ok
18:22:25.0657 2060 IntuitUpdateService (7bdb4e00e1cb174b56e5b2c31dde68a7) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
18:22:25.0657 2060 IntuitUpdateService - ok
18:22:25.0751 2060 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINNT\system32\drivers\ip6fw.sys
18:22:25.0751 2060 ip6fw - ok
18:22:25.0798 2060 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINNT\system32\DRIVERS\ipfltdrv.sys
18:22:25.0798 2060 IpFilterDriver - ok
18:22:25.0845 2060 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINNT\system32\DRIVERS\ipinip.sys
18:22:25.0845 2060 IpInIp - ok
18:22:25.0907 2060 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINNT\system32\DRIVERS\ipnat.sys
18:22:25.0907 2060 IpNat - ok
18:22:25.0970 2060 iPod Service (3a6d4d8abacf64292d060c9e06d2050d) C:\Program Files\iPod\bin\iPodService.exe
18:22:26.0017 2060 iPod Service - ok
18:22:26.0126 2060 IPSEC (23c74d75e36e7158768dd63d92789a91) C:\WINNT\system32\DRIVERS\ipsec.sys
18:22:26.0126 2060 IPSEC - ok
18:22:26.0173 2060 ipsraidn - ok
18:22:26.0220 2060 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINNT\system32\DRIVERS\irenum.sys
18:22:26.0220 2060 IRENUM - ok
18:22:26.0267 2060 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINNT\system32\DRIVERS\isapnp.sys
18:22:26.0267 2060 isapnp - ok
18:22:26.0407 2060 JavaQuickStarterService (9dba73c2f1e76ec4cb837e67c5743596) C:\Program Files\Java\jre6\bin\jqs.exe
18:22:26.0407 2060 JavaQuickStarterService - ok
18:22:26.0486 2060 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINNT\system32\DRIVERS\kbdclass.sys
18:22:26.0486 2060 Kbdclass - ok
18:22:26.0564 2060 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINNT\system32\DRIVERS\kbdhid.sys
18:22:26.0564 2060 kbdhid - ok
18:22:26.0626 2060 kmixer (692bcf44383d056aed41b045a323d378) C:\WINNT\system32\drivers\kmixer.sys
18:22:26.0626 2060 kmixer - ok
18:22:26.0689 2060 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINNT\system32\drivers\KSecDD.sys
18:22:26.0689 2060 KSecDD - ok
18:22:26.0751 2060 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINNT\System32\srvsvc.dll
18:22:26.0767 2060 lanmanserver - ok
18:22:26.0876 2060 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINNT\System32\wkssvc.dll
18:22:26.0907 2060 lanmanworkstation - ok
18:22:26.0923 2060 Lavasoft Kernexplorer - ok
18:22:26.0970 2060 Lbd - ok
18:22:27.0001 2060 lbrtfdc - ok
18:22:27.0048 2060 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINNT\System32\lmhsvc.dll
18:22:27.0064 2060 LmHosts - ok
18:22:27.0079 2060 lp6nds35 - ok
18:22:27.0126 2060 LPDSVC (32933b07fc16d9f778bee12545fa1b1a) C:\WINNT\System32\tcpsvcs.exe
18:22:27.0126 2060 LPDSVC - ok
18:22:27.0173 2060 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINNT\System32\msgsvc.dll
18:22:27.0189 2060 Messenger - ok
18:22:27.0220 2060 mmc_2K (783f9ffe9cbfa9727b8a6d53ef1ebba5) C:\WINNT\system32\drivers\mmc_2K.sys
18:22:27.0236 2060 mmc_2K - ok
18:22:27.0298 2060 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINNT\system32\drivers\mnmdd.sys
18:22:27.0298 2060 mnmdd - ok
18:22:27.0361 2060 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINNT\System32\mnmsrvc.exe
18:22:27.0376 2060 mnmsrvc - ok
18:22:27.0423 2060 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINNT\system32\drivers\Modem.sys
18:22:27.0439 2060 Modem - ok
18:22:27.0470 2060 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINNT\system32\DRIVERS\mouclass.sys
18:22:27.0470 2060 Mouclass - ok
18:22:27.0532 2060 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINNT\system32\DRIVERS\mouhid.sys
18:22:27.0548 2060 mouhid - ok
18:22:28.0017 2060 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINNT\system32\drivers\MountMgr.sys
18:22:28.0017 2060 MountMgr - ok
18:22:28.0095 2060 MozillaMaintenance (65f455520aeaaccfb1bdf47f8ab308ee) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:22:28.0095 2060 MozillaMaintenance - ok
18:22:28.0173 2060 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINNT\system32\DRIVERS\MPE.sys
18:22:28.0189 2060 MPE - ok
18:22:28.0220 2060 mraid35x - ok
18:22:28.0251 2060 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINNT\system32\DRIVERS\mrxdav.sys
18:22:28.0282 2060 MRxDAV - ok
18:22:28.0345 2060 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINNT\system32\DRIVERS\mrxsmb.sys
18:22:28.0361 2060 MRxSmb - ok
18:22:28.0407 2060 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINNT\System32\msdtc.exe
18:22:28.0407 2060 MSDTC - ok
18:22:28.0486 2060 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINNT\system32\drivers\Msfs.sys
18:22:28.0486 2060 Msfs - ok
18:22:28.0548 2060 MSFTPSVC (db3c22745c0da4666f3be31f1af36b2f) C:\WINNT\System32\inetsrv\inetinfo.exe
18:22:28.0548 2060 MSFTPSVC - ok
18:22:28.0595 2060 MSIServer - ok
18:22:28.0657 2060 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINNT\system32\drivers\MSKSSRV.sys
18:22:28.0657 2060 MSKSSRV - ok
18:22:28.0704 2060 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINNT\system32\drivers\MSPCLOCK.sys
18:22:28.0704 2060 MSPCLOCK - ok
18:22:28.0767 2060 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINNT\system32\drivers\MSPQM.sys
18:22:28.0782 2060 MSPQM - ok
18:22:28.0829 2060 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINNT\system32\DRIVERS\mssmbios.sys
18:22:28.0829 2060 mssmbios - ok
18:22:28.0892 2060 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINNT\system32\drivers\MSTEE.sys
18:22:28.0907 2060 MSTEE - ok
18:22:28.0939 2060 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINNT\system32\drivers\msmpu401.sys
18:22:28.0939 2060 ms_mpu401 - ok
18:22:28.0986 2060 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINNT\system32\drivers\Mup.sys
18:22:29.0001 2060 Mup - ok
18:22:29.0048 2060 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINNT\system32\DRIVERS\NABTSFEC.sys
18:22:29.0048 2060 NABTSFEC - ok
18:22:29.0126 2060 napagent (0102140028fad045756796e1c685d695) C:\WINNT\System32\qagentrt.dll
18:22:29.0142 2060 napagent - ok
18:22:29.0189 2060 narqwe - ok
18:22:29.0251 2060 Ncrc710 - ok
18:22:29.0314 2060 NDIS (1df7f42665c94b825322fae71721130d) C:\WINNT\system32\drivers\NDIS.sys
18:22:29.0314 2060 NDIS - ok
18:22:29.0376 2060 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINNT\system32\DRIVERS\NdisIP.sys
18:22:29.0376 2060 NdisIP - ok
18:22:29.0439 2060 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINNT\system32\DRIVERS\ndistapi.sys
18:22:29.0439 2060 NdisTapi - ok
18:22:29.0486 2060 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINNT\system32\DRIVERS\ndisuio.sys
18:22:29.0501 2060 Ndisuio - ok
18:22:29.0564 2060 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINNT\system32\DRIVERS\ndiswan.sys
18:22:29.0564 2060 NdisWan - ok
18:22:29.0626 2060 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINNT\system32\drivers\NDProxy.sys
18:22:29.0642 2060 NDProxy - ok
18:22:29.0704 2060 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINNT\system32\DRIVERS\netbios.sys
18:22:29.0704 2060 NetBIOS - ok
18:22:29.0751 2060 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINNT\system32\DRIVERS\netbt.sys
18:22:29.0751 2060 NetBT - ok
18:22:29.0798 2060 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINNT\system32\netdde.exe
18:22:29.0798 2060 NetDDE - ok
18:22:29.0814 2060 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINNT\system32\netdde.exe
18:22:29.0829 2060 NetDDEdsdm - ok
18:22:29.0876 2060 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINNT\System32\lsass.exe
18:22:29.0876 2060 Netlogon - ok
18:22:29.0939 2060 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINNT\System32\netman.dll
18:22:29.0954 2060 Netman - ok
18:22:30.0064 2060 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:22:30.0064 2060 NetTcpPortSharing - ok
18:22:30.0142 2060 Nla (943337d786a56729263071623bbb9de5) C:\WINNT\System32\mswsock.dll
18:22:30.0157 2060 Nla - ok
18:22:30.0236 2060 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINNT\system32\drivers\Npfs.sys
18:22:30.0236 2060 Npfs - ok
18:22:30.0329 2060 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINNT\system32\drivers\Ntfs.sys
18:22:30.0361 2060 Ntfs - ok
18:22:30.0439 2060 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINNT\System32\lsass.exe
18:22:30.0454 2060 NtLmSsp - ok
18:22:30.0517 2060 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINNT\system32\ntmssvc.dll
18:22:30.0548 2060 NtmsSvc - ok
18:22:30.0595 2060 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINNT\system32\drivers\Null.sys
18:22:30.0595 2060 Null - ok
18:22:30.0657 2060 nvax (47b3852808dd579a463fce7085b77413) C:\WINNT\system32\drivers\nvax.sys
18:22:30.0673 2060 nvax - ok
18:22:30.0736 2060 NVENET (fbe448efa5484a256528e1d02b959bbc) C:\WINNT\system32\DRIVERS\NVENET.sys
18:22:30.0736 2060 NVENET - ok
18:22:30.0798 2060 nvnforce (adbcba116496229a163193bbe0bb28ce) C:\WINNT\system32\drivers\nvapu.sys
18:22:30.0814 2060 nvnforce - ok
18:22:30.0876 2060 nv_agp (db36442c20793c53b4128eb85f9a3d32) C:\WINNT\system32\DRIVERS\nv_agp.sys
18:22:30.0876 2060 nv_agp - ok
18:22:30.0923 2060 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINNT\system32\DRIVERS\nwlnkflt.sys
18:22:30.0923 2060 NwlnkFlt - ok
18:22:31.0001 2060 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINNT\system32\DRIVERS\nwlnkfwd.sys
18:22:31.0001 2060 NwlnkFwd - ok
18:22:31.0157 2060 odserv (e54aa592a65f317390eee386a8821692) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:22:31.0173 2060 odserv - ok
18:22:31.0220 2060 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:22:31.0236 2060 ose - ok
18:22:31.0314 2060 Parallel - ok
18:22:31.0407 2060 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINNT\system32\DRIVERS\parport.sys
18:22:31.0407 2060 Parport - ok
18:22:31.0454 2060 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINNT\system32\drivers\PartMgr.sys
18:22:31.0470 2060 PartMgr - ok
18:22:31.0532 2060 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINNT\system32\drivers\ParVdm.sys
18:22:31.0532 2060 ParVdm - ok
18:22:31.0579 2060 PCI (a219903ccf74233761d92bef471a07b1) C:\WINNT\system32\DRIVERS\pci.sys
18:22:31.0579 2060 PCI - ok
18:22:31.0626 2060 PCIDump - ok
18:22:31.0657 2060 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINNT\system32\DRIVERS\pciide.sys
18:22:31.0657 2060 PCIIde - ok
18:22:31.0704 2060 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINNT\system32\drivers\Pcmcia.sys
18:22:31.0720 2060 Pcmcia - ok
18:22:31.0782 2060 PDCOMP - ok
18:22:31.0814 2060 PDFRAME - ok
18:22:31.0845 2060 PDRELI - ok
18:22:31.0876 2060 PDRFRAME - ok
18:22:31.0892 2060 perc2 - ok
18:22:31.0923 2060 perc2hib - ok
18:22:32.0001 2060 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINNT\system32\services.exe
18:22:32.0017 2060 PlugPlay - ok
18:22:32.0064 2060 Pml Driver HPZ12 (9d84376931440f3679beef2a414fa493) C:\WINNT\system32\HPZipm12.exe
18:22:32.0079 2060 Pml Driver HPZ12 - ok
18:22:32.0111 2060 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINNT\system32\lsass.exe
18:22:32.0126 2060 PolicyAgent - ok
18:22:32.0142 2060 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINNT\system32\DRIVERS\raspptp.sys
18:22:32.0157 2060 PptpMiniport - ok
18:22:32.0204 2060 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINNT\system32\DRIVERS\processr.sys
18:22:32.0204 2060 Processor - ok
18:22:32.0236 2060 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINNT\system32\lsass.exe
18:22:32.0251 2060 ProtectedStorage - ok
18:22:32.0282 2060 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINNT\system32\DRIVERS\ptilink.sys
18:22:32.0282 2060 Ptilink - ok
18:22:32.0329 2060 pwd_2k (204f26a7511652d26ddae9f17a68add1) C:\WINNT\system32\drivers\pwd_2k.sys
18:22:32.0329 2060 pwd_2k - ok
18:22:32.0423 2060 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINNT\system32\DRIVERS\PxHelp20.sys
18:22:32.0423 2060 PxHelp20 - ok
18:22:32.0454 2060 ql1080 - ok
18:22:32.0486 2060 Ql10wnt - ok
18:22:32.0501 2060 ql12160 - ok
18:22:32.0532 2060 ql1240 - ok
18:22:32.0564 2060 ql1280 - ok
18:22:32.0579 2060 ql2100 - ok
18:22:32.0626 2060 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINNT\system32\DRIVERS\rasacd.sys
18:22:32.0626 2060 RasAcd - ok
18:22:32.0657 2060 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINNT\System32\rasauto.dll
18:22:32.0673 2060 RasAuto - ok
18:22:32.0736 2060 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINNT\system32\DRIVERS\rasl2tp.sys
18:22:32.0736 2060 Rasl2tp - ok
18:22:32.0782 2060 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINNT\System32\rasmans.dll
18:22:32.0814 2060 RasMan - ok
18:22:32.0892 2060 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINNT\system32\DRIVERS\raspppoe.sys
18:22:32.0892 2060 RasPppoe - ok
18:22:32.0923 2060 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINNT\system32\DRIVERS\raspti.sys
18:22:32.0923 2060 Raspti - ok
18:22:32.0986 2060 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINNT\system32\DRIVERS\rdbss.sys
18:22:32.0986 2060 Rdbss - ok
18:22:33.0032 2060 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINNT\system32\DRIVERS\RDPCDD.sys
18:22:33.0032 2060 RDPCDD - ok
18:22:33.0095 2060 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINNT\system32\DRIVERS\rdpdr.sys
18:22:33.0095 2060 rdpdr - ok
18:22:33.0142 2060 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINNT\system32\drivers\RDPWD.sys
18:22:33.0142 2060 RDPWD - ok
18:22:33.0204 2060 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINNT\system32\sessmgr.exe
18:22:33.0236 2060 RDSessMgr - ok
18:22:33.0298 2060 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINNT\system32\DRIVERS\redbook.sys
18:22:33.0298 2060 redbook - ok
18:22:33.0376 2060 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINNT\System32\mprdim.dll
18:22:33.0376 2060 RemoteAccess - ok
18:22:33.0423 2060 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINNT\system32\regsvc.dll
18:22:33.0439 2060 RemoteRegistry - ok
18:22:33.0486 2060 RimUsb (616eac1b0e48b236a5a9b8ae07fdb81c) C:\WINNT\system32\Drivers\RimUsb.sys
18:22:33.0501 2060 RimUsb - ok
18:22:33.0611 2060 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINNT\system32\DRIVERS\RimSerial.sys
18:22:33.0611 2060 RimVSerPort - ok
18:22:33.0657 2060 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINNT\system32\Drivers\RootMdm.sys
18:22:33.0657 2060 ROOTMODEM - ok
18:22:33.0736 2060 Roxio UPnP Renderer 9 (afd61a7c48a3e15c86a6fadf0b69a2e4) C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
18:22:33.0736 2060 Roxio UPnP Renderer 9 - ok
18:22:33.0767 2060 Roxio Upnp Server 9 (efbb36e2bb02169d26e9980778fc20d3) C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
18:22:33.0782 2060 Roxio Upnp Server 9 - ok
18:22:33.0876 2060 RoxLiveShare (c8e8bd83cdcae4e8615b143a1a99e557) C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
18:22:33.0892 2060 RoxLiveShare - ok
18:22:34.0001 2060 RoxLiveShare9 (78e680a105f47b6aa0003bd23ed9fa51) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
18:22:34.0017 2060 RoxLiveShare9 - ok
18:22:34.0079 2060 RoxMediaDB (f8076abda4b2a04983cbfbbc910f5477) C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
18:22:34.0095 2060 RoxMediaDB - ok
18:22:34.0157 2060 RoxMediaDB9 (9d5c024170c376d7cc66ed853fda9068) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
18:22:34.0189 2060 RoxMediaDB9 - ok
18:22:34.0251 2060 RoxUPnPRenderer (ea55292f82d5b3f932d13eae4c84a0b1) C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
18:22:34.0267 2060 RoxUPnPRenderer - ok
18:22:34.0329 2060 RoxUpnpServer (8233134765970aecd4a338fe09d19516) C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
18:22:34.0361 2060 RoxUpnpServer - ok
18:22:34.0439 2060 RoxWatch (99120cd3351d989107daabe735998792) C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
18:22:34.0439 2060 RoxWatch - ok
18:22:34.0532 2060 RoxWatch9 (87f175539dbba297018aa7fcdd563ff7) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
18:22:34.0564 2060 RoxWatch9 - ok
18:22:34.0657 2060 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINNT\System32\locator.exe
18:22:34.0657 2060 RpcLocator - ok
18:22:34.0720 2060 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINNT\system32\rpcss.dll
18:22:34.0736 2060 RpcSs - ok
18:22:34.0782 2060 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINNT\System32\rsvp.exe
18:22:34.0798 2060 RSVP - ok
18:22:34.0845 2060 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINNT\system32\lsass.exe
18:22:34.0861 2060 SamSs - ok
18:22:34.0923 2060 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:22:34.0923 2060 SASDIFSV - ok
18:22:34.0939 2060 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
18:22:34.0939 2060 SASENUM - ok
18:22:34.0970 2060 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
18:22:34.0970 2060 SASKUTIL - ok
18:22:35.0017 2060 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINNT\System32\SCardSvr.exe
18:22:35.0032 2060 SCardSvr - ok
18:22:35.0111 2060 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINNT\system32\DRIVERS\secdrv.sys
18:22:35.0111 2060 Secdrv - ok
18:22:35.0220 2060 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINNT\System32\seclogon.dll
18:22:35.0236 2060 seclogon - ok
18:22:35.0298 2060 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINNT\system32\sens.dll
18:22:35.0314 2060 SENS - ok
18:22:35.0361 2060 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINNT\system32\DRIVERS\serenum.sys
18:22:35.0361 2060 serenum - ok
18:22:35.0392 2060 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINNT\system32\DRIVERS\serial.sys
18:22:35.0392 2060 Serial - ok
18:22:35.0454 2060 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINNT\system32\drivers\Sfloppy.sys
18:22:35.0454 2060 Sfloppy - ok
18:22:35.0517 2060 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINNT\System32\ipnathlp.dll
18:22:35.0532 2060 SharedAccess - ok
18:22:35.0579 2060 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINNT\System32\shsvcs.dll
18:22:35.0595 2060 ShellHWDetection - ok
18:22:35.0611 2060 Simbad - ok
18:22:35.0657 2060 SimpTcp (32933b07fc16d9f778bee12545fa1b1a) C:\WINNT\System32\tcpsvcs.exe
18:22:35.0673 2060 SimpTcp - ok
18:22:35.0704 2060 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINNT\system32\DRIVERS\SLIP.sys
18:22:35.0704 2060 SLIP - ok
18:22:35.0736 2060 SMR200 - ok
18:22:35.0798 2060 SMTPSVC (db3c22745c0da4666f3be31f1af36b2f) C:\WINNT\System32\inetsrv\inetinfo.exe
18:22:35.0798 2060 SMTPSVC - ok
18:22:35.0845 2060 SNMP (60c377be6b3cc83f6a8584934b181d2e) C:\WINNT\System32\snmp.exe
18:22:35.0845 2060 SNMP - ok
18:22:35.0892 2060 SNMPTRAP (80a050795a107a76c2b1cd4cfbe010e6) C:\WINNT\System32\snmptrap.exe
18:22:35.0907 2060 SNMPTRAP - ok
18:22:35.0986 2060 Sparrow - ok
18:22:36.0064 2060 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINNT\system32\drivers\splitter.sys
18:22:36.0064 2060 splitter - ok
18:22:36.0126 2060 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINNT\system32\spoolsv.exe
18:22:36.0142 2060 Spooler - ok
18:22:36.0189 2060 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINNT\System32\DRIVERS\sr.sys
18:22:36.0189 2060 sr - ok
18:22:36.0220 2060 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINNT\system32\srsvc.dll
18:22:36.0251 2060 srservice - ok
18:22:36.0298 2060 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINNT\system32\DRIVERS\srv.sys
18:22:36.0314 2060 Srv - ok
18:22:36.0361 2060 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINNT\System32\ssdpsrv.dll
18:22:36.0376 2060 SSDPSRV - ok
18:22:36.0439 2060 StiSvc (8bad69cbac032d4bbacfce0306174c30) C:\WINNT\system32\wiaservc.dll
18:22:36.0470 2060 StiSvc - ok
18:22:36.0517 2060 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINNT\system32\DRIVERS\StreamIP.sys
18:22:36.0517 2060 streamip - ok
18:22:36.0579 2060 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINNT\system32\DRIVERS\swenum.sys
18:22:36.0579 2060 swenum - ok
18:22:36.0657 2060 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINNT\system32\drivers\swmidi.sys
18:22:36.0657 2060 swmidi - ok
18:22:36.0736 2060 symc810 - ok
18:22:36.0751 2060 symc8xx - ok
18:22:36.0782 2060 sym_hi - ok
18:22:36.0814 2060 sym_u3 - ok
18:22:36.0845 2060 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINNT\system32\drivers\sysaudio.sys
18:22:36.0845 2060 sysaudio - ok
18:22:36.0892 2060 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINNT\system32\smlogsvc.exe
18:22:36.0907 2060 SysmonLog - ok
18:22:36.0954 2060 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINNT\System32\tapisrv.dll
18:22:36.0986 2060 TapiSrv - ok
18:22:37.0048 2060 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINNT\system32\DRIVERS\tcpip.sys
18:22:37.0064 2060 Tcpip - ok
18:22:37.0111 2060 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINNT\system32\drivers\TDPIPE.sys
18:22:37.0111 2060 TDPIPE - ok
18:22:37.0142 2060 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINNT\system32\drivers\TDTCP.sys
18:22:37.0142 2060 TDTCP - ok
18:22:37.0189 2060 TermDD (88155247177638048422893737429d9e) C:\WINNT\system32\DRIVERS\termdd.sys
18:22:37.0189 2060 TermDD - ok
18:22:37.0236 2060 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINNT\System32\termsrv.dll
18:22:37.0267 2060 TermService - ok
18:22:37.0345 2060 tga - ok
18:22:37.0423 2060 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINNT\System32\shsvcs.dll
18:22:37.0439 2060 Themes - ok
18:22:37.0470 2060 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINNT\System32\tlntsvr.exe
18:22:37.0486 2060 TlntSvr - ok
18:22:37.0517 2060 TosIde - ok
18:22:37.0564 2060 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINNT\system32\trkwks.dll
18:22:37.0579 2060 TrkWks - ok
18:22:37.0642 2060 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINNT\system32\drivers\Udfs.sys
18:22:37.0642 2060 Udfs - ok
18:22:37.0673 2060 ultra - ok
18:22:37.0689 2060 ultra66 - ok
18:22:37.0751 2060 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINNT\system32\DRIVERS\update.sys
18:22:37.0767 2060 Update - ok
18:22:37.0829 2060 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINNT\System32\upnphost.dll
18:22:37.0861 2060 upnphost - ok
18:22:37.0892 2060 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINNT\System32\ups.exe
18:22:37.0907 2060 UPS - ok
18:22:37.0954 2060 usbaudio (e919708db44ed8543a7c017953148330) C:\WINNT\system32\drivers\usbaudio.sys
18:22:37.0954 2060 usbaudio - ok
18:22:38.0017 2060 usbbus (5353218b3265e3b8190335059f697a11) C:\WINNT\system32\DRIVERS\lgusbbus.sys
18:22:38.0017 2060 usbbus - ok
18:22:38.0111 2060 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINNT\system32\DRIVERS\usbccgp.sys
18:22:38.0126 2060 usbccgp - ok
18:22:38.0220 2060 UsbDiag (7dd3eefc62a1ef44e5f940fa651ed9ed) C:\WINNT\system32\DRIVERS\lgusbdiag.sys
18:22:38.0220 2060 UsbDiag - ok
18:22:38.0267 2060 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINNT\system32\DRIVERS\usbehci.sys
18:22:38.0267 2060 usbehci - ok
18:22:38.0329 2060 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINNT\system32\DRIVERS\usbhub.sys
18:22:38.0329 2060 usbhub - ok
18:22:38.0376 2060 usbhub20 (b0205d19ba25ca654810d0aed04496a8) C:\WINNT\system32\DRIVERS\usbhub20.sys
18:22:38.0376 2060 usbhub20 - ok
18:22:38.0423 2060 USBModem (083031a78822eccbd7510bccd3e20d4c) C:\WINNT\system32\DRIVERS\lgusbmodem.sys
18:22:38.0423 2060 USBModem - ok
18:22:38.0454 2060 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINNT\system32\DRIVERS\usbohci.sys
18:22:38.0470 2060 usbohci - ok
18:22:38.0517 2060 usbprint (a717c8721046828520c9edf31288fc00) C:\WINNT\system32\DRIVERS\usbprint.sys
18:22:38.0517 2060 usbprint - ok
18:22:38.0564 2060 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINNT\system32\DRIVERS\usbscan.sys
18:22:38.0564 2060 usbscan - ok
18:22:38.0595 2060 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINNT\system32\DRIVERS\USBSTOR.SYS
18:22:38.0611 2060 USBSTOR - ok
18:22:38.0657 2060 UtilMan (0845e936c85ad45b452cbc86a316cf2a) C:\WINNT\System32\UtilMan.exe
18:22:38.0657 2060 UtilMan - ok
18:22:38.0704 2060 VC4CB104 (4372398a6ae42586eb1c6533dd3b575d) C:\WINNT\system32\Drivers\VC4CB104.SYS
18:22:38.0720 2060 VC4CB104 - ok
18:22:38.0829 2060 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINNT\System32\drivers\vga.sys
18:22:38.0829 2060 VgaSave - ok
18:22:38.0892 2060 ViaIde - ok
18:22:38.0954 2060 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINNT\system32\drivers\VolSnap.sys
18:22:38.0954 2060 VolSnap - ok
18:22:39.0001 2060 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINNT\System32\vssvc.exe
18:22:39.0032 2060 VSS - ok
18:22:39.0111 2060 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINNT\system32\w32time.dll
18:22:39.0142 2060 W32Time - ok
18:22:39.0204 2060 W3SVC (db3c22745c0da4666f3be31f1af36b2f) C:\WINNT\System32\inetsrv\inetinfo.exe
18:22:39.0204 2060 W3SVC - ok
18:22:39.0251 2060 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINNT\system32\DRIVERS\wanarp.sys
18:22:39.0251 2060 Wanarp - ok
18:22:39.0314 2060 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINNT\system32\Drivers\wdf01000.sys
18:22:39.0329 2060 Wdf01000 - ok
18:22:39.0423 2060 WDICA - ok
18:22:39.0501 2060 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINNT\system32\drivers\wdmaud.sys
18:22:39.0517 2060 wdmaud - ok
18:22:39.0564 2060 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINNT\System32\webclnt.dll
18:22:39.0579 2060 WebClient - ok
18:22:39.0657 2060 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINNT\system32\wbem\WMIsvc.dll
18:22:39.0657 2060 winmgmt - ok
18:22:39.0736 2060 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINNT\system32\MsPMSNSv.dll
18:22:39.0751 2060 WmdmPmSN - ok
18:22:39.0814 2060 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINNT\System32\advapi32.dll
18:22:39.0845 2060 Wmi - ok
18:22:39.0923 2060 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINNT\System32\wbem\wmiapsrv.exe
18:22:39.0923 2060 WmiApSrv - ok
18:22:40.0048 2060 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
18:22:40.0079 2060 WMPNetworkSvc - ok
18:22:40.0173 2060 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINNT\System32\drivers\ws2ifsl.sys
18:22:40.0173 2060 WS2IFSL - ok
18:22:40.0267 2060 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINNT\system32\wscsvc.dll
18:22:40.0282 2060 wscsvc - ok
18:22:40.0329 2060 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINNT\system32\DRIVERS\WSTCODEC.SYS
18:22:40.0329 2060 WSTCODEC - ok
18:22:40.0345 2060 wuauserv - ok
18:22:40.0407 2060 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINNT\system32\DRIVERS\WudfPf.sys
18:22:40.0407 2060 WudfPf - ok
18:22:40.0454 2060 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINNT\System32\WUDFSvc.dll
18:22:40.0501 2060 WudfSvc - ok
18:22:40.0564 2060 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINNT\System32\wzcsvc.dll
18:22:40.0595 2060 WZCSVC - ok
18:22:40.0689 2060 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINNT\System32\xmlprov.dll
18:22:40.0704 2060 xmlprov - ok
18:22:40.0751 2060 MBR (0x1B8) (faee7e40dfb0440ad2cfc39befa1f4c2) \Device\Harddisk0\DR0
18:22:40.0767 2060 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
18:22:40.0767 2060 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
18:22:40.0782 2060 Boot (0x1200) (d7ea04c902740e05059141c320390351) \Device\Harddisk0\DR0\Partition0
18:22:40.0782 2060 \Device\Harddisk0\DR0\Partition0 - ok
18:22:40.0782 2060 ============================================================
18:22:40.0782 2060 Scan finished
18:22:40.0782 2060 ============================================================

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:03 PM

Posted 27 March 2012 - 01:49 AM

Please create a restore point ,also back up important datas before running this tool.This is just a small precaution

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot let me know what it finds




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users