Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Got rootkit, need next steps


  • Please log in to reply
6 replies to this topic

#1 dinos4

dinos4

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:55 AM

Posted 29 March 2012 - 12:22 AM

Hello folks, looks like I got pegged by a rootkit since my browser is now periodically redirecting to a Happili website. Based on a recent post, I downloaded TDSSKiller, then MiniToolBox, output below. I'm running Avast and did a boot scan to no avail. I'm also on a home network where one of the computers had Avast that got outdated and/or turned off, so I may need to work my way upstream. I await your kind assistance! Thanks, dinos4

------------- Begin TDSSKiller output ------------------------------

21:59:34.0156 2892 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
21:59:34.0765 2892 ============================================================
21:59:34.0765 2892 Current date / time: 2012/03/28 21:59:34.0765
21:59:34.0765 2892 SystemInfo:
21:59:34.0765 2892
21:59:34.0765 2892 OS Version: 5.1.2600 ServicePack: 3.0
21:59:34.0765 2892 Product type: Workstation
21:59:34.0765 2892 ComputerName: DLB01
21:59:34.0765 2892 UserName: Dana
21:59:34.0765 2892 Windows directory: C:\WINDOWS
21:59:34.0765 2892 System windows directory: C:\WINDOWS
21:59:34.0765 2892 Processor architecture: Intel x86
21:59:34.0765 2892 Number of processors: 2
21:59:34.0765 2892 Page size: 0x1000
21:59:34.0765 2892 Boot type: Normal boot
21:59:34.0765 2892 ============================================================
21:59:35.0406 2892 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:59:35.0406 2892 \Device\Harddisk0\DR0:
21:59:35.0406 2892 MBR used
21:59:35.0406 2892 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D194CA2
21:59:35.0437 2892 Initialize success
21:59:35.0437 2892 ============================================================
21:59:39.0265 2356 ============================================================
21:59:39.0265 2356 Scan started
21:59:39.0265 2356 Mode: Manual;
21:59:39.0265 2356 ============================================================
21:59:39.0765 2356 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
21:59:39.0765 2356 Aavmker4 - ok
21:59:39.0796 2356 Abiosdsk - ok
21:59:39.0828 2356 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
21:59:39.0843 2356 abp480n5 - ok
21:59:39.0875 2356 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:59:39.0875 2356 ACPI - ok
21:59:39.0875 2356 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:59:39.0890 2356 ACPIEC - ok
21:59:39.0953 2356 Adobe LM Service (20faa75ba9c10df032a17dfb30714ee4) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
21:59:39.0953 2356 Adobe LM Service - ok
21:59:40.0031 2356 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
21:59:40.0046 2356 adpu160m - ok
21:59:40.0078 2356 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:59:40.0078 2356 aec - ok
21:59:40.0171 2356 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:59:40.0187 2356 AFD - ok
21:59:40.0265 2356 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
21:59:40.0296 2356 agp440 - ok
21:59:40.0359 2356 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
21:59:40.0375 2356 agpCPQ - ok
21:59:40.0421 2356 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
21:59:40.0437 2356 Aha154x - ok
21:59:40.0484 2356 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
21:59:40.0500 2356 aic78u2 - ok
21:59:40.0546 2356 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
21:59:40.0562 2356 aic78xx - ok
21:59:40.0609 2356 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
21:59:40.0609 2356 Alerter - ok
21:59:40.0640 2356 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
21:59:40.0640 2356 ALG - ok
21:59:40.0687 2356 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
21:59:40.0703 2356 AliIde - ok
21:59:40.0734 2356 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
21:59:40.0734 2356 alim1541 - ok
21:59:40.0734 2356 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
21:59:40.0734 2356 amdagp - ok
21:59:40.0750 2356 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
21:59:40.0750 2356 amsint - ok
21:59:40.0828 2356 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:59:40.0828 2356 Apple Mobile Device - ok
21:59:40.0890 2356 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
21:59:40.0906 2356 AppMgmt - ok
21:59:40.0937 2356 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
21:59:40.0937 2356 asc - ok
21:59:40.0984 2356 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
21:59:40.0984 2356 asc3350p - ok
21:59:40.0984 2356 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
21:59:40.0984 2356 asc3550 - ok
21:59:41.0078 2356 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:59:41.0093 2356 aspnet_state - ok
21:59:41.0156 2356 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
21:59:41.0156 2356 aswFsBlk - ok
21:59:41.0171 2356 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
21:59:41.0187 2356 aswMon2 - ok
21:59:41.0187 2356 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
21:59:41.0187 2356 aswRdr - ok
21:59:41.0234 2356 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
21:59:41.0250 2356 aswSnx - ok
21:59:41.0265 2356 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
21:59:41.0265 2356 aswSP - ok
21:59:41.0296 2356 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
21:59:41.0296 2356 aswTdi - ok
21:59:41.0328 2356 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:59:41.0328 2356 AsyncMac - ok
21:59:41.0390 2356 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:59:41.0406 2356 atapi - ok
21:59:41.0406 2356 Atdisk - ok
21:59:41.0421 2356 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:59:41.0421 2356 Atmarpc - ok
21:59:41.0453 2356 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
21:59:41.0453 2356 AudioSrv - ok
21:59:41.0468 2356 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:59:41.0468 2356 audstub - ok
21:59:41.0546 2356 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
21:59:41.0546 2356 avast! Antivirus - ok
21:59:41.0625 2356 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:59:41.0640 2356 Beep - ok
21:59:41.0687 2356 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
21:59:41.0703 2356 BITS - ok
21:59:41.0750 2356 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
21:59:41.0765 2356 Bonjour Service - ok
21:59:41.0843 2356 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
21:59:41.0843 2356 Browser - ok
21:59:41.0890 2356 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
21:59:41.0890 2356 BVRPMPR5 - ok
21:59:41.0921 2356 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
21:59:41.0921 2356 cbidf - ok
21:59:41.0937 2356 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:59:41.0937 2356 cbidf2k - ok
21:59:41.0953 2356 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
21:59:41.0953 2356 cd20xrnt - ok
21:59:41.0968 2356 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:59:41.0968 2356 Cdaudio - ok
21:59:42.0000 2356 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:59:42.0000 2356 Cdfs - ok
21:59:42.0000 2356 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:59:42.0015 2356 Cdrom - ok
21:59:42.0015 2356 Changer - ok
21:59:42.0062 2356 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
21:59:42.0062 2356 CiSvc - ok
21:59:42.0078 2356 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
21:59:42.0078 2356 ClipSrv - ok
21:59:42.0140 2356 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:59:42.0140 2356 clr_optimization_v2.0.50727_32 - ok
21:59:42.0203 2356 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
21:59:42.0203 2356 CmdIde - ok
21:59:42.0218 2356 COMSysApp - ok
21:59:42.0234 2356 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
21:59:42.0234 2356 Cpqarray - ok
21:59:42.0281 2356 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
21:59:42.0281 2356 CryptSvc - ok
21:59:42.0296 2356 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
21:59:42.0296 2356 dac2w2k - ok
21:59:42.0296 2356 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
21:59:42.0312 2356 dac960nt - ok
21:59:42.0343 2356 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
21:59:42.0359 2356 DcomLaunch - ok
21:59:42.0390 2356 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
21:59:42.0390 2356 Dhcp - ok
21:59:42.0437 2356 Diag69xp (a22d5a027f397e412cbb2d97e8661bff) C:\WINDOWS\system32\Drivers\Diag69xp.sys
21:59:42.0437 2356 Diag69xp - ok
21:59:42.0468 2356 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:59:42.0484 2356 Disk - ok
21:59:42.0500 2356 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
21:59:42.0500 2356 DLABMFSM - ok
21:59:42.0515 2356 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
21:59:42.0515 2356 DLABOIOM - ok
21:59:42.0515 2356 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
21:59:42.0531 2356 DLACDBHM - ok
21:59:42.0531 2356 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS
21:59:42.0531 2356 DLADResM - ok
21:59:42.0546 2356 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
21:59:42.0546 2356 DLAIFS_M - ok
21:59:42.0562 2356 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
21:59:42.0562 2356 DLAOPIOM - ok
21:59:42.0562 2356 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
21:59:42.0562 2356 DLAPoolM - ok
21:59:42.0578 2356 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
21:59:42.0578 2356 DLARTL_M - ok
21:59:42.0593 2356 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
21:59:42.0593 2356 DLAUDFAM - ok
21:59:42.0609 2356 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
21:59:42.0625 2356 DLAUDF_M - ok
21:59:42.0625 2356 dmadmin - ok
21:59:42.0671 2356 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
21:59:42.0687 2356 dmboot - ok
21:59:42.0687 2356 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
21:59:42.0703 2356 dmio - ok
21:59:42.0703 2356 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:59:42.0703 2356 dmload - ok
21:59:42.0750 2356 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
21:59:42.0750 2356 dmserver - ok
21:59:42.0781 2356 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:59:42.0781 2356 DMusic - ok
21:59:42.0828 2356 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
21:59:42.0828 2356 Dnscache - ok
21:59:42.0875 2356 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
21:59:42.0875 2356 Dot3svc - ok
21:59:42.0921 2356 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
21:59:42.0937 2356 dpti2o - ok
21:59:42.0984 2356 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:59:42.0984 2356 drmkaud - ok
21:59:43.0031 2356 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
21:59:43.0031 2356 DRVMCDB - ok
21:59:43.0031 2356 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
21:59:43.0046 2356 DRVNDDM - ok
21:59:43.0093 2356 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
21:59:43.0093 2356 EapHost - ok
21:59:43.0125 2356 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
21:59:43.0125 2356 ERSvc - ok
21:59:43.0171 2356 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
21:59:43.0187 2356 Eventlog - ok
21:59:43.0218 2356 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
21:59:43.0218 2356 EventSystem - ok
21:59:43.0250 2356 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:59:43.0250 2356 Fastfat - ok
21:59:43.0296 2356 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
21:59:43.0312 2356 FastUserSwitchingCompatibility - ok
21:59:43.0359 2356 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
21:59:43.0359 2356 Fax - ok
21:59:43.0390 2356 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
21:59:43.0406 2356 Fdc - ok
21:59:43.0421 2356 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
21:59:43.0421 2356 Fips - ok
21:59:43.0437 2356 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
21:59:43.0437 2356 Flpydisk - ok
21:59:43.0453 2356 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:59:43.0453 2356 FltMgr - ok
21:59:43.0531 2356 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:59:43.0531 2356 FontCache3.0.0.0 - ok
21:59:43.0578 2356 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:59:43.0578 2356 Fs_Rec - ok
21:59:43.0625 2356 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:59:43.0625 2356 Ftdisk - ok
21:59:43.0656 2356 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:59:43.0656 2356 GEARAspiWDM - ok
21:59:43.0671 2356 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:59:43.0687 2356 Gpc - ok
21:59:43.0750 2356 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
21:59:43.0750 2356 gupdate - ok
21:59:43.0750 2356 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
21:59:43.0750 2356 gupdatem - ok
21:59:43.0843 2356 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:59:43.0843 2356 HDAudBus - ok
21:59:43.0890 2356 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:59:43.0890 2356 helpsvc - ok
21:59:43.0906 2356 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
21:59:43.0906 2356 HidServ - ok
21:59:43.0937 2356 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:59:43.0937 2356 hidusb - ok
21:59:43.0968 2356 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
21:59:43.0968 2356 hkmsvc - ok
21:59:44.0000 2356 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
21:59:44.0000 2356 hpn - ok
21:59:44.0046 2356 HPZid412 (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
21:59:44.0062 2356 HPZid412 - ok
21:59:44.0078 2356 HPZipr12 (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
21:59:44.0093 2356 HPZipr12 - ok
21:59:44.0109 2356 HPZius12 (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:59:44.0125 2356 HPZius12 - ok
21:59:44.0171 2356 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:59:44.0171 2356 HTTP - ok
21:59:44.0203 2356 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
21:59:44.0218 2356 HTTPFilter - ok
21:59:44.0265 2356 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
21:59:44.0281 2356 i2omgmt - ok
21:59:44.0312 2356 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
21:59:44.0328 2356 i2omp - ok
21:59:44.0375 2356 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:59:44.0375 2356 i8042prt - ok
21:59:44.0453 2356 IAANTMON (3e42c4691aad4b1e8d0466f9cbf05cbe) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:59:44.0453 2356 IAANTMON - ok
21:59:44.0687 2356 ialm (2da364ee62d4949620b6fae4ffea16a7) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
21:59:44.0843 2356 ialm - ok
21:59:44.0890 2356 iaStor (707c1692214b1c290271067197f075f6) C:\WINDOWS\system32\drivers\iaStor.sys
21:59:44.0890 2356 iaStor - ok
21:59:45.0015 2356 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:59:45.0046 2356 idsvc - ok
21:59:45.0125 2356 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:59:45.0125 2356 Imapi - ok
21:59:45.0140 2356 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
21:59:45.0171 2356 ImapiService - ok
21:59:45.0250 2356 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
21:59:45.0250 2356 ini910u - ok
21:59:45.0421 2356 IntcAzAudAddService (5c8f36cdcb489111b24003af4dfe1fdc) C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:59:45.0468 2356 IntcAzAudAddService - ok
21:59:45.0546 2356 IntcHdmiAddService (c9ef68bee3b1a62f34125a9fbbaac10c) C:\WINDOWS\system32\drivers\IntcHdmi.sys
21:59:45.0546 2356 IntcHdmiAddService - ok
21:59:45.0609 2356 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
21:59:45.0609 2356 IntelIde - ok
21:59:45.0656 2356 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:59:45.0656 2356 intelppm - ok
21:59:45.0656 2356 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:59:45.0671 2356 Ip6Fw - ok
21:59:45.0671 2356 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:59:45.0671 2356 IpFilterDriver - ok
21:59:45.0687 2356 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:59:45.0687 2356 IpInIp - ok
21:59:45.0703 2356 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:59:45.0718 2356 IpNat - ok
21:59:45.0750 2356 iPod Service (ce004777b92dea56fe14ec900d20baa4) C:\Program Files\iPod\bin\iPodService.exe
21:59:45.0765 2356 iPod Service - ok
21:59:45.0843 2356 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:59:45.0843 2356 IPSec - ok
21:59:45.0875 2356 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:59:45.0890 2356 IRENUM - ok
21:59:45.0906 2356 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:59:45.0921 2356 isapnp - ok
21:59:45.0984 2356 JavaQuickStarterService (9dba73c2f1e76ec4cb837e67c5743596) C:\Program Files\Java\jre6\bin\jqs.exe
21:59:45.0984 2356 JavaQuickStarterService - ok
21:59:46.0062 2356 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:59:46.0062 2356 Kbdclass - ok
21:59:46.0109 2356 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:59:46.0109 2356 kbdhid - ok
21:59:46.0171 2356 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:59:46.0171 2356 kmixer - ok
21:59:46.0234 2356 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:59:46.0234 2356 KSecDD - ok
21:59:46.0296 2356 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
21:59:46.0296 2356 LanmanServer - ok
21:59:46.0359 2356 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
21:59:46.0375 2356 lanmanworkstation - ok
21:59:46.0390 2356 LANPkt (8f5795b166cbb50966e29982f8cdb310) C:\WINDOWS\system32\DRIVERS\LANPkt.sys
21:59:46.0406 2356 LANPkt - ok
21:59:46.0406 2356 lbrtfdc - ok
21:59:46.0437 2356 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
21:59:46.0453 2356 LmHosts - ok
21:59:46.0500 2356 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
21:59:46.0515 2356 Messenger - ok
21:59:46.0562 2356 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:59:46.0562 2356 mnmdd - ok
21:59:46.0625 2356 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
21:59:46.0640 2356 mnmsrvc - ok
21:59:46.0671 2356 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
21:59:46.0687 2356 Modem - ok
21:59:46.0734 2356 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:59:46.0734 2356 Mouclass - ok
21:59:46.0812 2356 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:59:46.0812 2356 mouhid - ok
21:59:46.0859 2356 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:59:46.0859 2356 MountMgr - ok
21:59:46.0906 2356 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
21:59:46.0906 2356 mraid35x - ok
21:59:46.0937 2356 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:59:46.0937 2356 MRxDAV - ok
21:59:46.0984 2356 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:59:47.0000 2356 MRxSmb - ok
21:59:47.0031 2356 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
21:59:47.0046 2356 MSDTC - ok
21:59:47.0093 2356 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:59:47.0093 2356 Msfs - ok
21:59:47.0093 2356 MSIServer - ok
21:59:47.0140 2356 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:59:47.0156 2356 MSKSSRV - ok
21:59:47.0171 2356 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:59:47.0171 2356 MSPCLOCK - ok
21:59:47.0171 2356 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:59:47.0187 2356 MSPQM - ok
21:59:47.0218 2356 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:59:47.0218 2356 mssmbios - ok
21:59:47.0265 2356 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:59:47.0265 2356 Mup - ok
21:59:47.0328 2356 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
21:59:47.0343 2356 napagent - ok
21:59:47.0421 2356 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:59:47.0421 2356 NDIS - ok
21:59:47.0468 2356 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:59:47.0468 2356 NdisTapi - ok
21:59:47.0500 2356 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:59:47.0515 2356 Ndisuio - ok
21:59:47.0546 2356 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:59:47.0546 2356 NdisWan - ok
21:59:47.0578 2356 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:59:47.0578 2356 NDProxy - ok
21:59:47.0625 2356 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:59:47.0625 2356 NetBIOS - ok
21:59:47.0640 2356 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:59:47.0640 2356 NetBT - ok
21:59:47.0687 2356 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
21:59:47.0703 2356 NetDDE - ok
21:59:47.0703 2356 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
21:59:47.0718 2356 NetDDEdsdm - ok
21:59:47.0750 2356 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:59:47.0750 2356 Netlogon - ok
21:59:47.0796 2356 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
21:59:47.0812 2356 Netman - ok
21:59:47.0875 2356 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:59:47.0875 2356 NetTcpPortSharing - ok
21:59:47.0921 2356 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
21:59:47.0921 2356 Nla - ok
21:59:47.0984 2356 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:59:47.0984 2356 Npfs - ok
21:59:48.0062 2356 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:59:48.0109 2356 Ntfs - ok
21:59:48.0156 2356 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:59:48.0156 2356 NtLmSsp - ok
21:59:48.0203 2356 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
21:59:48.0234 2356 NtmsSvc - ok
21:59:48.0296 2356 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:59:48.0312 2356 Null - ok
21:59:48.0343 2356 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:59:48.0343 2356 NwlnkFlt - ok
21:59:48.0359 2356 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:59:48.0359 2356 NwlnkFwd - ok
21:59:48.0453 2356 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:59:48.0453 2356 odserv - ok
21:59:48.0484 2356 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:59:48.0484 2356 ose - ok
21:59:48.0562 2356 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
21:59:48.0562 2356 Parport - ok
21:59:48.0593 2356 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:59:48.0593 2356 PartMgr - ok
21:59:48.0593 2356 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:59:48.0593 2356 ParVdm - ok
21:59:48.0625 2356 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
21:59:48.0625 2356 PCI - ok
21:59:48.0640 2356 PCIDump - ok
21:59:48.0656 2356 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:59:48.0656 2356 PCIIde - ok
21:59:48.0687 2356 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:59:48.0703 2356 Pcmcia - ok
21:59:48.0703 2356 PDCOMP - ok
21:59:48.0718 2356 PDFRAME - ok
21:59:48.0718 2356 PDRELI - ok
21:59:48.0734 2356 PDRFRAME - ok
21:59:48.0750 2356 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
21:59:48.0765 2356 perc2 - ok
21:59:48.0765 2356 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
21:59:48.0765 2356 perc2hib - ok
21:59:48.0828 2356 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
21:59:48.0843 2356 PlugPlay - ok
21:59:48.0875 2356 Pml Driver HPZ12 (901c43516504cbe582e4c4193e00876a) C:\WINDOWS\system32\HPZipm12.exe
21:59:48.0890 2356 Pml Driver HPZ12 - ok
21:59:48.0921 2356 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:59:48.0921 2356 PolicyAgent - ok
21:59:48.0953 2356 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:59:48.0953 2356 PptpMiniport - ok
21:59:48.0968 2356 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:59:48.0984 2356 ProtectedStorage - ok
21:59:49.0000 2356 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:59:49.0000 2356 PSched - ok
21:59:49.0000 2356 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:59:49.0015 2356 Ptilink - ok
21:59:49.0031 2356 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:59:49.0046 2356 PxHelp20 - ok
21:59:49.0078 2356 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
21:59:49.0078 2356 ql1080 - ok
21:59:49.0093 2356 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
21:59:49.0093 2356 Ql10wnt - ok
21:59:49.0125 2356 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
21:59:49.0140 2356 ql12160 - ok
21:59:49.0140 2356 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
21:59:49.0156 2356 ql1240 - ok
21:59:49.0218 2356 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
21:59:49.0218 2356 ql1280 - ok
21:59:49.0265 2356 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:59:49.0281 2356 RasAcd - ok
21:59:49.0343 2356 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
21:59:49.0359 2356 RasAuto - ok
21:59:49.0390 2356 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:59:49.0390 2356 Rasl2tp - ok
21:59:49.0437 2356 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
21:59:49.0453 2356 RasMan - ok
21:59:49.0515 2356 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:59:49.0515 2356 RasPppoe - ok
21:59:49.0531 2356 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:59:49.0531 2356 Raspti - ok
21:59:49.0546 2356 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:59:49.0546 2356 Rdbss - ok
21:59:49.0578 2356 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:59:49.0578 2356 RDPCDD - ok
21:59:49.0625 2356 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:59:49.0625 2356 rdpdr - ok
21:59:49.0671 2356 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
21:59:49.0671 2356 RDPWD - ok
21:59:49.0718 2356 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
21:59:49.0734 2356 RDSessMgr - ok
21:59:49.0765 2356 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:59:49.0765 2356 redbook - ok
21:59:49.0812 2356 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
21:59:49.0812 2356 RemoteAccess - ok
21:59:49.0859 2356 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
21:59:49.0875 2356 RemoteRegistry - ok
21:59:49.0890 2356 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
21:59:49.0890 2356 RpcLocator - ok
21:59:49.0937 2356 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
21:59:49.0953 2356 RpcSs - ok
21:59:50.0000 2356 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
21:59:50.0015 2356 RSVP - ok
21:59:50.0125 2356 RTLE8023xp (7174f20ad9b7b7878a51ecca03c499c2) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
21:59:50.0125 2356 RTLE8023xp - ok
21:59:50.0156 2356 RTLVLAN (b9ca69921379ea2931c4450fe975bce7) C:\WINDOWS\system32\DRIVERS\RTLVLAN.SYS
21:59:50.0171 2356 RTLVLAN - ok
21:59:50.0187 2356 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:59:50.0203 2356 SamSs - ok
21:59:50.0250 2356 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
21:59:50.0265 2356 SCardSvr - ok
21:59:50.0296 2356 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
21:59:50.0312 2356 Schedule - ok
21:59:50.0390 2356 SeaPort (58dc20eb15f071804c56fccc796417a2) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
21:59:50.0390 2356 SeaPort - ok
21:59:50.0500 2356 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:59:50.0515 2356 Secdrv - ok
21:59:50.0578 2356 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
21:59:50.0593 2356 seclogon - ok
21:59:50.0593 2356 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
21:59:50.0609 2356 SENS - ok
21:59:50.0640 2356 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:59:50.0640 2356 Serenum - ok
21:59:50.0656 2356 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
21:59:50.0656 2356 Serial - ok
21:59:50.0687 2356 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:59:50.0687 2356 Sfloppy - ok
21:59:50.0734 2356 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
21:59:50.0765 2356 SharedAccess - ok
21:59:50.0875 2356 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
21:59:50.0875 2356 ShellHWDetection - ok
21:59:50.0890 2356 Simbad - ok
21:59:50.0937 2356 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
21:59:50.0937 2356 sisagp - ok
21:59:51.0000 2356 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files\Skype\Updater\Updater.exe
21:59:51.0000 2356 SkypeUpdate - ok
21:59:51.0046 2356 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
21:59:51.0046 2356 Sparrow - ok
21:59:51.0093 2356 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:59:51.0093 2356 splitter - ok
21:59:51.0125 2356 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
21:59:51.0140 2356 Spooler - ok
21:59:51.0187 2356 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
21:59:51.0187 2356 sr - ok
21:59:51.0234 2356 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
21:59:51.0250 2356 srservice - ok
21:59:51.0281 2356 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:59:51.0281 2356 Srv - ok
21:59:51.0312 2356 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
21:59:51.0328 2356 SSDPSRV - ok
21:59:51.0375 2356 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
21:59:51.0437 2356 stisvc - ok
21:59:51.0531 2356 stllssvr (de3e7a2345ebaa3ce8e6957dfb55fb15) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
21:59:51.0531 2356 stllssvr - ok
21:59:51.0625 2356 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:59:51.0625 2356 swenum - ok
21:59:51.0656 2356 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:59:51.0671 2356 swmidi - ok
21:59:51.0671 2356 SwPrv - ok
21:59:51.0718 2356 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
21:59:51.0718 2356 symc810 - ok
21:59:51.0750 2356 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
21:59:51.0750 2356 symc8xx - ok
21:59:51.0765 2356 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
21:59:51.0765 2356 sym_hi - ok
21:59:51.0781 2356 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
21:59:51.0781 2356 sym_u3 - ok
21:59:51.0812 2356 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:59:51.0812 2356 sysaudio - ok
21:59:51.0859 2356 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
21:59:51.0875 2356 SysmonLog - ok
21:59:51.0906 2356 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
21:59:51.0921 2356 TapiSrv - ok
21:59:51.0968 2356 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:59:51.0984 2356 Tcpip - ok
21:59:52.0031 2356 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:59:52.0031 2356 TDPIPE - ok
21:59:52.0046 2356 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:59:52.0046 2356 TDTCP - ok
21:59:52.0078 2356 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:59:52.0093 2356 TermDD - ok
21:59:52.0125 2356 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
21:59:52.0140 2356 TermService - ok
21:59:52.0187 2356 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
21:59:52.0203 2356 Themes - ok
21:59:52.0265 2356 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
21:59:52.0265 2356 TlntSvr - ok
21:59:52.0328 2356 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
21:59:52.0328 2356 TosIde - ok
21:59:52.0359 2356 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
21:59:52.0375 2356 TrkWks - ok
21:59:52.0406 2356 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:59:52.0406 2356 Udfs - ok
21:59:52.0468 2356 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
21:59:52.0468 2356 ultra - ok
21:59:52.0500 2356 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:59:52.0515 2356 Update - ok
21:59:52.0531 2356 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
21:59:52.0546 2356 upnphost - ok
21:59:52.0578 2356 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
21:59:52.0593 2356 UPS - ok
21:59:52.0640 2356 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
21:59:52.0640 2356 USBAAPL - ok
21:59:52.0687 2356 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
21:59:52.0687 2356 usbaudio - ok
21:59:52.0718 2356 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:59:52.0718 2356 usbccgp - ok
21:59:52.0750 2356 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:59:52.0750 2356 usbehci - ok
21:59:52.0765 2356 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:59:52.0765 2356 usbhub - ok
21:59:52.0796 2356 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:59:52.0796 2356 usbprint - ok
21:59:52.0828 2356 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:59:52.0828 2356 usbscan - ok
21:59:52.0859 2356 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:59:52.0859 2356 USBSTOR - ok
21:59:52.0875 2356 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:59:52.0875 2356 usbuhci - ok
21:59:52.0921 2356 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:59:52.0921 2356 VgaSave - ok
21:59:53.0015 2356 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
21:59:53.0015 2356 viaagp - ok
21:59:53.0031 2356 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
21:59:53.0031 2356 ViaIde - ok
21:59:53.0062 2356 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
21:59:53.0062 2356 VolSnap - ok
21:59:53.0093 2356 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
21:59:53.0156 2356 VSS - ok
21:59:53.0187 2356 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
21:59:53.0203 2356 w32time - ok
21:59:53.0218 2356 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:59:53.0218 2356 Wanarp - ok
21:59:53.0234 2356 WDICA - ok
21:59:53.0265 2356 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:59:53.0281 2356 wdmaud - ok
21:59:53.0312 2356 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
21:59:53.0328 2356 WebClient - ok
21:59:53.0390 2356 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
21:59:53.0406 2356 winmgmt - ok
21:59:53.0468 2356 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
21:59:53.0468 2356 WmdmPmSN - ok
21:59:53.0531 2356 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
21:59:53.0531 2356 Wmi - ok
21:59:53.0562 2356 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:59:53.0562 2356 WmiApSrv - ok
21:59:53.0640 2356 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
21:59:53.0703 2356 WMPNetworkSvc - ok
21:59:53.0812 2356 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
21:59:53.0828 2356 wscsvc - ok
21:59:53.0828 2356 WSearch - ok
21:59:53.0859 2356 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
21:59:53.0875 2356 wuauserv - ok
21:59:53.0937 2356 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:59:53.0937 2356 WudfPf - ok
21:59:53.0953 2356 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:59:53.0984 2356 WudfRd - ok
21:59:54.0015 2356 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
21:59:54.0031 2356 WudfSvc - ok
21:59:54.0093 2356 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
21:59:54.0109 2356 WZCSVC - ok
21:59:54.0125 2356 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
21:59:54.0140 2356 xmlprov - ok
21:59:54.0156 2356 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
21:59:54.0218 2356 \Device\Harddisk0\DR0 - ok
21:59:54.0218 2356 Boot (0x1200) (bf0ae4e9afa267a03eb2784a9ebb20ed) \Device\Harddisk0\DR0\Partition0
21:59:54.0218 2356 \Device\Harddisk0\DR0\Partition0 - ok
21:59:54.0218 2356 ============================================================
21:59:54.0218 2356 Scan finished
21:59:54.0218 2356 ============================================================
21:59:54.0234 3000 Detected object count: 0
21:59:54.0234 3000 Actual detected object count: 0
22:00:09.0906 0980 ============================================================
22:00:09.0906 0980 Scan started
22:00:09.0906 0980 Mode: Manual; SigCheck; TDLFS;
22:00:09.0906 0980 ============================================================
22:00:10.0125 0980 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
22:00:10.0281 0980 Aavmker4 - ok
22:00:10.0296 0980 Abiosdsk - ok
22:00:10.0343 0980 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:00:10.0734 0980 abp480n5 - ok
22:00:10.0843 0980 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:00:11.0000 0980 ACPI - ok
22:00:11.0109 0980 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:00:11.0281 0980 ACPIEC - ok
22:00:11.0343 0980 Adobe LM Service (20faa75ba9c10df032a17dfb30714ee4) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
22:00:11.0390 0980 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
22:00:11.0390 0980 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
22:00:11.0468 0980 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:00:11.0640 0980 adpu160m - ok
22:00:11.0687 0980 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:00:11.0828 0980 aec - ok
22:00:11.0921 0980 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:00:11.0937 0980 AFD - ok
22:00:12.0031 0980 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
22:00:12.0203 0980 agp440 - ok
22:00:12.0250 0980 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:00:12.0437 0980 agpCPQ - ok
22:00:12.0453 0980 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:00:12.0531 0980 Aha154x - ok
22:00:12.0562 0980 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:00:12.0718 0980 aic78u2 - ok
22:00:12.0828 0980 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:00:13.0000 0980 aic78xx - ok
22:00:13.0031 0980 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
22:00:13.0203 0980 Alerter - ok
22:00:13.0218 0980 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
22:00:13.0281 0980 ALG - ok
22:00:13.0328 0980 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
22:00:13.0500 0980 AliIde - ok
22:00:13.0515 0980 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:00:13.0703 0980 alim1541 - ok
22:00:13.0703 0980 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:00:13.0890 0980 amdagp - ok
22:00:13.0921 0980 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
22:00:14.0015 0980 amsint - ok
22:00:14.0078 0980 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:00:14.0093 0980 Apple Mobile Device - ok
22:00:14.0171 0980 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
22:00:14.0250 0980 AppMgmt - ok
22:00:14.0343 0980 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
22:00:14.0500 0980 asc - ok
22:00:14.0609 0980 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:00:14.0671 0980 asc3350p - ok
22:00:14.0687 0980 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:00:14.0765 0980 asc3550 - ok
22:00:14.0890 0980 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:00:14.0890 0980 aspnet_state - ok
22:00:14.0953 0980 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
22:00:14.0968 0980 aswFsBlk - ok
22:00:14.0984 0980 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
22:00:15.0000 0980 aswMon2 - ok
22:00:15.0015 0980 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
22:00:15.0031 0980 aswRdr - ok
22:00:15.0078 0980 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
22:00:15.0109 0980 aswSnx - ok
22:00:15.0203 0980 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
22:00:15.0234 0980 aswSP - ok
22:00:15.0234 0980 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
22:00:15.0250 0980 aswTdi - ok
22:00:15.0375 0980 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:00:15.0531 0980 AsyncMac - ok
22:00:15.0593 0980 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:00:15.0750 0980 atapi - ok
22:00:15.0781 0980 Atdisk - ok
22:00:15.0828 0980 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:00:15.0921 0980 Atmarpc - ok
22:00:16.0000 0980 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
22:00:16.0078 0980 AudioSrv - ok
22:00:16.0109 0980 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:00:16.0187 0980 audstub - ok
22:00:16.0250 0980 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
22:00:16.0250 0980 avast! Antivirus - ok
22:00:16.0312 0980 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:00:16.0453 0980 Beep - ok
22:00:16.0515 0980 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
22:00:16.0656 0980 BITS - ok
22:00:16.0734 0980 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:00:16.0765 0980 Bonjour Service - ok
22:00:16.0843 0980 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
22:00:17.0015 0980 Browser - ok
22:00:17.0062 0980 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
22:00:17.0078 0980 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning
22:00:17.0078 0980 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)
22:00:17.0109 0980 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:00:17.0296 0980 cbidf - ok
22:00:17.0375 0980 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:00:17.0515 0980 cbidf2k - ok
22:00:17.0546 0980 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:00:17.0609 0980 cd20xrnt - ok
22:00:17.0703 0980 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:00:17.0843 0980 Cdaudio - ok
22:00:17.0875 0980 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:00:17.0937 0980 Cdfs - ok
22:00:18.0031 0980 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:00:18.0109 0980 Cdrom - ok
22:00:18.0125 0980 Changer - ok
22:00:18.0171 0980 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
22:00:18.0234 0980 CiSvc - ok
22:00:18.0296 0980 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
22:00:18.0375 0980 ClipSrv - ok
22:00:18.0500 0980 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:00:18.0515 0980 clr_optimization_v2.0.50727_32 - ok
22:00:18.0593 0980 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:00:18.0734 0980 CmdIde - ok
22:00:18.0765 0980 COMSysApp - ok
22:00:18.0781 0980 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:00:18.0921 0980 Cpqarray - ok
22:00:18.0968 0980 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
22:00:19.0109 0980 CryptSvc - ok
22:00:19.0156 0980 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:00:19.0328 0980 dac2w2k - ok
22:00:19.0406 0980 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:00:19.0515 0980 dac960nt - ok
22:00:19.0562 0980 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
22:00:19.0593 0980 DcomLaunch - ok
22:00:19.0625 0980 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
22:00:19.0703 0980 Dhcp - ok
22:00:19.0781 0980 Diag69xp (a22d5a027f397e412cbb2d97e8661bff) C:\WINDOWS\system32\Drivers\Diag69xp.sys
22:00:19.0781 0980 Diag69xp ( UnsignedFile.Multi.Generic ) - warning
22:00:19.0781 0980 Diag69xp - detected UnsignedFile.Multi.Generic (1)
22:00:19.0828 0980 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:00:19.0937 0980 Disk - ok
22:00:19.0953 0980 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
22:00:19.0968 0980 DLABMFSM - ok
22:00:20.0000 0980 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
22:00:20.0000 0980 DLABOIOM - ok
22:00:20.0062 0980 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
22:00:20.0062 0980 DLACDBHM - ok
22:00:20.0125 0980 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS
22:00:20.0140 0980 DLADResM - ok
22:00:20.0156 0980 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
22:00:20.0171 0980 DLAIFS_M - ok
22:00:20.0203 0980 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
22:00:20.0203 0980 DLAOPIOM - ok
22:00:20.0218 0980 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
22:00:20.0234 0980 DLAPoolM - ok
22:00:20.0250 0980 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
22:00:20.0265 0980 DLARTL_M - ok
22:00:20.0281 0980 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
22:00:20.0296 0980 DLAUDFAM - ok
22:00:20.0328 0980 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
22:00:20.0343 0980 DLAUDF_M - ok
22:00:20.0375 0980 dmadmin - ok
22:00:20.0437 0980 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:00:20.0609 0980 dmboot - ok
22:00:20.0640 0980 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:00:20.0796 0980 dmio - ok
22:00:20.0843 0980 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:00:20.0937 0980 dmload - ok
22:00:21.0031 0980 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
22:00:21.0109 0980 dmserver - ok
22:00:21.0140 0980 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:00:21.0234 0980 DMusic - ok
22:00:21.0265 0980 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
22:00:21.0281 0980 Dnscache - ok
22:00:21.0328 0980 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
22:00:21.0406 0980 Dot3svc - ok
22:00:21.0468 0980 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:00:21.0578 0980 dpti2o - ok
22:00:21.0656 0980 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:00:21.0765 0980 drmkaud - ok
22:00:21.0828 0980 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
22:00:21.0843 0980 DRVMCDB - ok
22:00:21.0859 0980 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
22:00:21.0875 0980 DRVNDDM - ok
22:00:21.0921 0980 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
22:00:22.0062 0980 EapHost - ok
22:00:22.0140 0980 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
22:00:22.0296 0980 ERSvc - ok
22:00:22.0328 0980 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
22:00:22.0390 0980 Eventlog - ok
22:00:22.0437 0980 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
22:00:22.0468 0980 EventSystem - ok
22:00:22.0515 0980 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:00:22.0656 0980 Fastfat - ok
22:00:22.0703 0980 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
22:00:22.0765 0980 FastUserSwitchingCompatibility - ok
22:00:22.0812 0980 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
22:00:22.0968 0980 Fax - ok
22:00:23.0046 0980 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
22:00:23.0187 0980 Fdc - ok
22:00:23.0265 0980 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:00:23.0421 0980 Fips - ok
22:00:23.0468 0980 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
22:00:23.0625 0980 Flpydisk - ok
22:00:23.0671 0980 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
22:00:23.0750 0980 FltMgr - ok
22:00:23.0812 0980 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:00:23.0828 0980 FontCache3.0.0.0 - ok
22:00:23.0875 0980 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:00:23.0953 0980 Fs_Rec - ok
22:00:24.0046 0980 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:00:24.0125 0980 Ftdisk - ok
22:00:24.0156 0980 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:00:24.0171 0980 GEARAspiWDM - ok
22:00:24.0187 0980 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:00:24.0328 0980 Gpc - ok
22:00:24.0421 0980 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
22:00:24.0437 0980 gupdate - ok
22:00:24.0453 0980 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
22:00:24.0468 0980 gupdatem - ok
22:00:24.0562 0980 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:00:24.0687 0980 HDAudBus - ok
22:00:24.0718 0980 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:00:24.0875 0980 helpsvc - ok
22:00:24.0921 0980 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
22:00:25.0000 0980 HidServ - ok
22:00:25.0109 0980 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:00:25.0203 0980 hidusb - ok
22:00:25.0250 0980 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
22:00:25.0328 0980 hkmsvc - ok
22:00:25.0406 0980 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
22:00:25.0515 0980 hpn - ok
22:00:25.0562 0980 HPZid412 (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:00:25.0609 0980 HPZid412 - ok
22:00:25.0625 0980 HPZipr12 (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:00:25.0656 0980 HPZipr12 - ok
22:00:25.0734 0980 HPZius12 (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:00:25.0765 0980 HPZius12 - ok
22:00:25.0812 0980 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:00:25.0828 0980 HTTP - ok
22:00:25.0859 0980 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
22:00:25.0984 0980 HTTPFilter - ok
22:00:26.0078 0980 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
22:00:26.0234 0980 i2omgmt - ok
22:00:26.0250 0980 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:00:26.0421 0980 i2omp - ok
22:00:26.0453 0980 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:00:26.0609 0980 i8042prt - ok
22:00:26.0703 0980 IAANTMON (3e42c4691aad4b1e8d0466f9cbf05cbe) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
22:00:26.0734 0980 IAANTMON - ok
22:00:26.0968 0980 ialm (2da364ee62d4949620b6fae4ffea16a7) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
22:00:27.0171 0980 ialm - ok
22:00:27.0265 0980 iaStor (707c1692214b1c290271067197f075f6) C:\WINDOWS\system32\drivers\iaStor.sys
22:00:27.0281 0980 iaStor - ok
22:00:27.0375 0980 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:00:27.0421 0980 idsvc - ok
22:00:27.0484 0980 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:00:27.0625 0980 Imapi - ok
22:00:27.0734 0980 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
22:00:27.0843 0980 ImapiService - ok
22:00:27.0906 0980 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:00:27.0984 0980 ini910u - ok
22:00:28.0109 0980 IntcAzAudAddService (5c8f36cdcb489111b24003af4dfe1fdc) C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:00:28.0250 0980 IntcAzAudAddService - ok
22:00:28.0343 0980 IntcHdmiAddService (c9ef68bee3b1a62f34125a9fbbaac10c) C:\WINDOWS\system32\drivers\IntcHdmi.sys
22:00:28.0390 0980 IntcHdmiAddService - ok
22:00:28.0437 0980 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
22:00:28.0546 0980 IntelIde - ok
22:00:28.0578 0980 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:00:28.0703 0980 intelppm - ok
22:00:28.0812 0980 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
22:00:28.0968 0980 Ip6Fw - ok
22:00:28.0984 0980 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:00:29.0156 0980 IpFilterDriver - ok
22:00:29.0156 0980 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:00:29.0250 0980 IpInIp - ok
22:00:29.0265 0980 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:00:29.0359 0980 IpNat - ok
22:00:29.0421 0980 iPod Service (ce004777b92dea56fe14ec900d20baa4) C:\Program Files\iPod\bin\iPodService.exe
22:00:29.0453 0980 iPod Service - ok
22:00:29.0562 0980 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:00:29.0640 0980 IPSec - ok
22:00:29.0671 0980 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:00:29.0718 0980 IRENUM - ok
22:00:29.0765 0980 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:00:29.0843 0980 isapnp - ok
22:00:29.0906 0980 JavaQuickStarterService (9dba73c2f1e76ec4cb837e67c5743596) C:\Program Files\Java\jre6\bin\jqs.exe
22:00:29.0921 0980 JavaQuickStarterService - ok
22:00:30.0000 0980 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:00:30.0109 0980 Kbdclass - ok
22:00:30.0156 0980 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:00:30.0265 0980 kbdhid - ok
22:00:30.0312 0980 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:00:30.0453 0980 kmixer - ok
22:00:30.0515 0980 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:00:30.0546 0980 KSecDD - ok
22:00:30.0609 0980 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
22:00:30.0656 0980 LanmanServer - ok
22:00:30.0718 0980 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
22:00:30.0765 0980 lanmanworkstation - ok
22:00:30.0812 0980 LANPkt (8f5795b166cbb50966e29982f8cdb310) C:\WINDOWS\system32\DRIVERS\LANPkt.sys
22:00:30.0843 0980 LANPkt - ok
22:00:30.0875 0980 lbrtfdc - ok
22:00:30.0921 0980 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
22:00:31.0062 0980 LmHosts - ok
22:00:31.0125 0980 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
22:00:31.0296 0980 Messenger - ok
22:00:31.0343 0980 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:00:31.0406 0980 mnmdd - ok
22:00:31.0468 0980 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
22:00:31.0562 0980 mnmsrvc - ok
22:00:31.0593 0980 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:00:31.0687 0980 Modem - ok
22:00:31.0750 0980 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:00:31.0828 0980 Mouclass - ok
22:00:31.0890 0980 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:00:31.0984 0980 mouhid - ok
22:00:32.0015 0980 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:00:32.0093 0980 MountMgr - ok
22:00:32.0156 0980 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:00:32.0218 0980 mraid35x - ok
22:00:32.0343 0980 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:00:32.0421 0980 MRxDAV - ok
22:00:32.0484 0980 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:00:32.0500 0980 MRxSmb - ok
22:00:32.0546 0980 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
22:00:32.0687 0980 MSDTC - ok
22:00:32.0734 0980 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:00:32.0875 0980 Msfs - ok
22:00:32.0875 0980 MSIServer - ok
22:00:32.0921 0980 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:00:33.0031 0980 MSKSSRV - ok
22:00:33.0109 0980 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:00:33.0203 0980 MSPCLOCK - ok
22:00:33.0281 0980 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:00:33.0375 0980 MSPQM - ok
22:00:33.0406 0980 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:00:33.0500 0980 mssmbios - ok
22:00:33.0531 0980 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:00:33.0546 0980 Mup - ok
22:00:33.0609 0980 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
22:00:33.0750 0980 napagent - ok
22:00:33.0843 0980 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:00:33.0968 0980 NDIS - ok
22:00:34.0000 0980 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:00:34.0015 0980 NdisTapi - ok
22:00:34.0046 0980 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:00:34.0187 0980 Ndisuio - ok
22:00:34.0281 0980 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:00:34.0421 0980 NdisWan - ok
22:00:34.0531 0980 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:00:34.0546 0980 NDProxy - ok
22:00:34.0578 0980 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:00:34.0656 0980 NetBIOS - ok
22:00:34.0750 0980 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:00:34.0843 0980 NetBT - ok
22:00:34.0937 0980 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
22:00:35.0093 0980 NetDDE - ok
22:00:35.0093 0980 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
22:00:35.0187 0980 NetDDEdsdm - ok
22:00:35.0265 0980 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:00:35.0343 0980 Netlogon - ok
22:00:35.0375 0980 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
22:00:35.0453 0980 Netman - ok
22:00:35.0531 0980 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:00:35.0546 0980 NetTcpPortSharing - ok
22:00:35.0593 0980 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
22:00:35.0609 0980 Nla - ok
22:00:35.0656 0980 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:00:35.0718 0980 Npfs - ok
22:00:35.0765 0980 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:00:35.0859 0980 Ntfs - ok
22:00:35.0890 0980 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:00:35.0968 0980 NtLmSsp - ok
22:00:36.0031 0980 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
22:00:36.0156 0980 NtmsSvc - ok
22:00:36.0187 0980 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:00:36.0312 0980 Null - ok
22:00:36.0328 0980 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:00:36.0421 0980 NwlnkFlt - ok
22:00:36.0421 0980 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:00:36.0515 0980 NwlnkFwd - ok
22:00:36.0609 0980 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:00:36.0625 0980 odserv - ok
22:00:36.0656 0980 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:00:36.0671 0980 ose - ok
22:00:36.0781 0980 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
22:00:36.0875 0980 Parport - ok
22:00:36.0921 0980 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:00:37.0000 0980 PartMgr - ok
22:00:37.0015 0980 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:00:37.0093 0980 ParVdm - ok
22:00:37.0187 0980 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:00:37.0281 0980 PCI - ok
22:00:37.0312 0980 PCIDump - ok
22:00:37.0359 0980 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:00:37.0421 0980 PCIIde - ok
22:00:37.0468 0980 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:00:37.0546 0980 Pcmcia - ok
22:00:37.0562 0980 PDCOMP - ok
22:00:37.0578 0980 PDFRAME - ok
22:00:37.0578 0980 PDRELI - ok
22:00:37.0593 0980 PDRFRAME - ok
22:00:37.0640 0980 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
22:00:37.0781 0980 perc2 - ok
22:00:37.0796 0980 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:00:37.0953 0980 perc2hib - ok
22:00:38.0031 0980 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
22:00:38.0046 0980 PlugPlay - ok
22:00:38.0093 0980 Pml Driver HPZ12 (901c43516504cbe582e4c4193e00876a) C:\WINDOWS\system32\HPZipm12.exe
22:00:38.0109 0980 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:00:38.0109 0980 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:00:38.0156 0980 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:00:38.0234 0980 PolicyAgent - ok
22:00:38.0265 0980 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:00:38.0359 0980 PptpMiniport - ok
22:00:38.0375 0980 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:00:38.0453 0980 ProtectedStorage - ok
22:00:38.0484 0980 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:00:38.0609 0980 PSched - ok
22:00:38.0609 0980 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:00:38.0703 0980 Ptilink - ok
22:00:38.0718 0980 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:00:38.0734 0980 PxHelp20 - ok
22:00:38.0781 0980 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:00:38.0859 0980 ql1080 - ok
22:00:38.0875 0980 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:00:38.0953 0980 Ql10wnt - ok
22:00:39.0000 0980 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:00:39.0078 0980 ql12160 - ok
22:00:39.0109 0980 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:00:39.0187 0980 ql1240 - ok
22:00:39.0218 0980 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:00:39.0328 0980 ql1280 - ok
22:00:39.0359 0980 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:00:39.0468 0980 RasAcd - ok
22:00:39.0515 0980 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
22:00:39.0656 0980 RasAuto - ok
22:00:39.0687 0980 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:00:39.0812 0980 Rasl2tp - ok
22:00:39.0906 0980 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
22:00:40.0046 0980 RasMan - ok
22:00:40.0078 0980 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:00:40.0203 0980 RasPppoe - ok
22:00:40.0203 0980 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:00:40.0328 0980 Raspti - ok
22:00:40.0359 0980 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:00:40.0453 0980 Rdbss - ok
22:00:40.0484 0980 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:00:40.0546 0980 RDPCDD - ok
22:00:40.0593 0980 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:00:40.0687 0980 rdpdr - ok
22:00:40.0718 0980 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
22:00:40.0734 0980 RDPWD - ok
22:00:40.0765 0980 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
22:00:40.0859 0980 RDSessMgr - ok
22:00:40.0968 0980 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:00:41.0046 0980 redbook - ok
22:00:41.0140 0980 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
22:00:41.0296 0980 RemoteAccess - ok
22:00:41.0359 0980 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
22:00:41.0515 0980 RemoteRegistry - ok
22:00:41.0562 0980 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
22:00:41.0718 0980 RpcLocator - ok
22:00:41.0750 0980 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
22:00:41.0796 0980 RpcSs - ok
22:00:41.0875 0980 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
22:00:42.0046 0980 RSVP - ok
22:00:42.0093 0980 RTLE8023xp (7174f20ad9b7b7878a51ecca03c499c2) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
22:00:42.0125 0980 RTLE8023xp - ok
22:00:42.0156 0980 RTLVLAN (b9ca69921379ea2931c4450fe975bce7) C:\WINDOWS\system32\DRIVERS\RTLVLAN.SYS
22:00:42.0203 0980 RTLVLAN - ok
22:00:42.0265 0980 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
22:00:42.0406 0980 SamSs - ok
22:00:42.0453 0980 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
22:00:42.0640 0980 SCardSvr - ok
22:00:42.0718 0980 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
22:00:42.0796 0980 Schedule - ok
22:00:42.0859 0980 SeaPort (58dc20eb15f071804c56fccc796417a2) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
22:00:42.0859 0980 SeaPort - ok
22:00:42.0937 0980 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:00:42.0984 0980 Secdrv - ok
22:00:43.0078 0980 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
22:00:43.0171 0980 seclogon - ok
22:00:43.0187 0980 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
22:00:43.0328 0980 SENS - ok
22:00:43.0390 0980 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:00:43.0515 0980 Serenum - ok
22:00:43.0546 0980 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:00:43.0640 0980 Serial - ok
22:00:43.0671 0980 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:00:43.0750 0980 Sfloppy - ok
22:00:43.0796 0980 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
22:00:43.0875 0980 SharedAccess - ok
22:00:43.0984 0980 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
22:00:44.0015 0980 ShellHWDetection - ok
22:00:44.0015 0980 Simbad - ok
22:00:44.0062 0980 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:00:44.0125 0980 sisagp - ok
22:00:44.0171 0980 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files\Skype\Updater\Updater.exe
22:00:44.0171 0980 SkypeUpdate - ok
22:00:44.0250 0980 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:00:44.0328 0980 Sparrow - ok
22:00:44.0390 0980 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:00:44.0562 0980 splitter - ok
22:00:44.0593 0980 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
22:00:44.0640 0980 Spooler - ok
22:00:44.0687 0980 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:00:44.0765 0980 sr - ok
22:00:44.0859 0980 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
22:00:44.0953 0980 srservice - ok
22:00:45.0046 0980 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:00:45.0078 0980 Srv - ok
22:00:45.0156 0980 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
22:00:45.0250 0980 SSDPSRV - ok
22:00:45.0343 0980 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
22:00:45.0500 0980 stisvc - ok
22:00:45.0578 0980 stllssvr (de3e7a2345ebaa3ce8e6957dfb55fb15) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
22:00:45.0593 0980 stllssvr ( UnsignedFile.Multi.Generic ) - warning
22:00:45.0593 0980 stllssvr - detected UnsignedFile.Multi.Generic (1)
22:00:45.0687 0980 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:00:45.0750 0980 swenum - ok
22:00:45.0796 0980 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:00:45.0890 0980 swmidi - ok
22:00:45.0937 0980 SwPrv - ok
22:00:45.0984 0980 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
22:00:46.0093 0980 symc810 - ok
22:00:46.0125 0980 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:00:46.0296 0980 symc8xx - ok
22:00:46.0390 0980 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:00:46.0546 0980 sym_hi - ok
22:00:46.0546 0980 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:00:46.0625 0980 sym_u3 - ok
22:00:46.0671 0980 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:00:46.0750 0980 sysaudio - ok
22:00:46.0843 0980 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
22:00:46.0921 0980 SysmonLog - ok
22:00:46.0953 0980 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
22:00:47.0031 0980 TapiSrv - ok
22:00:47.0078 0980 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:00:47.0093 0980 Tcpip - ok
22:00:47.0156 0980 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:00:47.0281 0980 TDPIPE - ok
22:00:47.0296 0980 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:00:47.0421 0980 TDTCP - ok
22:00:47.0453 0980 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:00:47.0578 0980 TermDD - ok
22:00:47.0625 0980 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
22:00:47.0781 0980 TermService - ok
22:00:47.0828 0980 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
22:00:47.0843 0980 Themes - ok
22:00:47.0906 0980 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
22:00:47.0984 0980 TlntSvr - ok
22:00:48.0078 0980 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
22:00:48.0156 0980 TosIde - ok
22:00:48.0218 0980 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
22:00:48.0312 0980 TrkWks - ok
22:00:48.0359 0980 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:00:48.0453 0980 Udfs - ok
22:00:48.0500 0980 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
22:00:48.0546 0980 ultra - ok
22:00:48.0593 0980 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:00:48.0687 0980 Update - ok
22:00:48.0781 0980 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
22:00:48.0828 0980 upnphost - ok
22:00:48.0859 0980 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
22:00:48.0953 0980 UPS - ok
22:00:49.0015 0980 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:00:49.0015 0980 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
22:00:49.0015 0980 USBAAPL - detected UnsignedFile.Multi.Generic (1)
22:00:49.0046 0980 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:00:49.0140 0980 usbaudio - ok
22:00:49.0156 0980 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:00:49.0250 0980 usbccgp - ok
22:00:49.0265 0980 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:00:49.0343 0980 usbehci - ok
22:00:49.0375 0980 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:00:49.0453 0980 usbhub - ok
22:00:49.0546 0980 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:00:49.0625 0980 usbprint - ok
22:00:49.0703 0980 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:00:49.0796 0980 usbscan - ok
22:00:49.0828 0980 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:00:49.0906 0980 USBSTOR - ok
22:00:49.0937 0980 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:00:50.0015 0980 usbuhci - ok
22:00:50.0109 0980 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:00:50.0187 0980 VgaSave - ok
22:00:50.0234 0980 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:00:50.0312 0980 viaagp - ok
22:00:50.0343 0980 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
22:00:50.0437 0980 ViaIde - ok
22:00:50.0453 0980 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:00:50.0531 0980 VolSnap - ok
22:00:50.0593 0980 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
22:00:50.0625 0980 VSS - ok
22:00:50.0734 0980 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
22:00:50.0828 0980 w32time - ok
22:00:50.0875 0980 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:00:50.0953 0980 Wanarp - ok
22:00:50.0953 0980 WDICA - ok
22:00:51.0000 0980 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:00:51.0078 0980 wdmaud - ok
22:00:51.0171 0980 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
22:00:51.0250 0980 WebClient - ok
22:00:51.0375 0980 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
22:00:51.0453 0980 winmgmt - ok
22:00:51.0546 0980 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
22:00:51.0578 0980 WmdmPmSN - ok
22:00:51.0609 0980 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
22:00:51.0640 0980 Wmi - ok
22:00:51.0718 0980 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:00:51.0812 0980 WmiApSrv - ok
22:00:51.0875 0980 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
22:00:51.0921 0980 WMPNetworkSvc - ok
22:00:52.0015 0980 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
22:00:52.0109 0980 wscsvc - ok
22:00:52.0171 0980 WSearch - ok
22:00:52.0218 0980 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
22:00:52.0328 0980 wuauserv - ok
22:00:52.0421 0980 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:00:52.0437 0980 WudfPf - ok
22:00:52.0468 0980 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:00:52.0484 0980 WudfRd - ok
22:00:52.0531 0980 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
22:00:52.0562 0980 WudfSvc - ok
22:00:52.0625 0980 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
22:00:52.0734 0980 WZCSVC - ok
22:00:52.0812 0980 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
22:00:52.0890 0980 xmlprov - ok
22:00:52.0921 0980 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
22:00:53.0031 0980 \Device\Harddisk0\DR0 - ok
22:00:53.0031 0980 Boot (0x1200) (bf0ae4e9afa267a03eb2784a9ebb20ed) \Device\Harddisk0\DR0\Partition0
22:00:53.0031 0980 \Device\Harddisk0\DR0\Partition0 - ok
22:00:53.0046 0980 ============================================================
22:00:53.0046 0980 Scan finished
22:00:53.0046 0980 ============================================================
22:00:53.0140 3804 Detected object count: 6
22:00:53.0140 3804 Actual detected object count: 6
22:02:58.0437 3804 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:02:58.0437 3804 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:02:58.0437 3804 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
22:02:58.0437 3804 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:02:58.0437 3804 Diag69xp ( UnsignedFile.Multi.Generic ) - skipped by user
22:02:58.0437 3804 Diag69xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:02:58.0437 3804 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:02:58.0437 3804 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:02:58.0437 3804 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
22:02:58.0437 3804 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:02:58.0453 3804 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
22:02:58.0453 3804 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip

------------- End TDSSKiller output ------------------------------



------------- Begin MiniToolTox output ------------------------------

MiniToolBox by Farbar Version: 18-01-2012
Ran by Dana (administrator) on 28-03-2012 at 22:05:51
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : dlb01

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC

Physical Address. . . . . . . . . : 00-24-E8-09-67-6F

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.9

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

Lease Obtained. . . . . . . . . . : Wednesday, March 28, 2012 9:03:39 PM

Lease Expires . . . . . . . . . . : Thursday, March 29, 2012 9:03:39 PM

Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.227.131, 74.125.227.132, 74.125.227.133, 74.125.227.134
74.125.227.135, 74.125.227.136, 74.125.227.137, 74.125.227.142, 74.125.227.128
74.125.227.129, 74.125.227.130



Pinging google.com [74.125.227.134] with 32 bytes of data:



Reply from 74.125.227.134: bytes=32 time=100ms TTL=50

Reply from 74.125.227.134: bytes=32 time=68ms TTL=50



Ping statistics for 74.125.227.134:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 68ms, Maximum = 100ms, Average = 84ms

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140, 98.139.183.24, 209.191.122.70



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=81ms TTL=54

Reply from 72.30.38.140: bytes=32 time=62ms TTL=54



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 62ms, Maximum = 81ms, Average = 71ms

Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 24 e8 09 67 6f ...... Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.9 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.9 192.168.1.9 20
192.168.1.0 255.255.255.0 192.168.1.9 192.168.1.9 20
192.168.1.9 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.9 192.168.1.9 20
224.0.0.0 240.0.0.0 192.168.1.9 192.168.1.9 20
255.255.255.255 255.255.255.255 192.168.1.9 192.168.1.9 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/27/2012 10:11:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15562

Error: (03/27/2012 10:11:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15562

Error: (03/27/2012 10:11:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/27/2012 08:34:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15500

Error: (03/27/2012 08:34:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15500

Error: (03/27/2012 08:34:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/27/2012 07:27:50 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 8.0.0.4325, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/27/2012 08:52:20 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2735843

Error: (03/27/2012 08:52:20 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2735843

Error: (03/27/2012 08:52:20 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/26/2012 08:50:55 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.10 for the Network Card with network address 0024E809676F has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (03/25/2012 04:51:37 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.8 on the
Network Card with network address 0024E809676F.

Error: (03/17/2012 06:29:53 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.16 on the
Network Card with network address 0024E809676F.

Error: (03/15/2012 08:53:35 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverETCNetBT_Tcpip_{6A71BFD7-FF7F-4582-A57D

Error: (03/11/2012 07:05:57 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{6A71BFD7-FF7F-4582-A57D-E5C2B1DA468A}.
The backup browser is stopping.

Error: (03/10/2012 10:52:27 AM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.4 on the
Network Card with network address 0024E809676F.

Error: (03/06/2012 10:14:18 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.4 on the
Network Card with network address 0024E809676F.

Error: (03/01/2012 09:04:11 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.3 on the
Network Card with network address 0024E809676F.

Error: (02/25/2012 02:22:59 AM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.3 on the
Network Card with network address 0024E809676F.

Error: (02/18/2012 09:17:59 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.14 on the
Network Card with network address 0024E809676F.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

23_24_2500Tour (Version: 43.0.217.000)
2400 (Version: 43.0.217.000)
2400_2500Help (Version: 43.0.217.000)
2400_2500trb (Version: 43.0.217.000)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.0.8.4990)
Adobe Bridge 1.0 (Version: 001.000.004)
Adobe Common File Installer (Version: 1.00.0000)
Adobe Flash Player 10 ActiveX (Version: 10.0.12.36)
Adobe Flash Player 11 Plugin (Version: 11.1.102.63)
Adobe FrameMaker v5.5
Adobe Help Center 1.0 (Version: 001.000.000)
Adobe Illustrator CS2 (Version: 12.0.1)
Adobe Illustrator CS2 (Version: 12.000.000)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Photoshop Lightroom 3.2 RC (Version: 3.2.0)
Adobe Reader 9.5.0 (Version: 9.5.0)
Adobe Stock Photos 1.0 (Version: 001.000.000)
Adobe SVG Viewer 3.0 (Version: 3.0)
AiO_Scan (Version: 43.0.217.000)
AiOSoftware (Version: 43.0.217.000)
Amazon MP3 Downloader 1.0.12 (Version: 1.0.12)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.2.6
avast! Free Antivirus (Version: 7.0.1426.0)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 43.1.5.000)
Camtasia Studio 2 (Version: 2.0)
Canon Utilities EOS Utility (Version: 1.1.0.8)
Canon Utilities PhotoStitch (Version: 3.1.20.44)
CCleaner (Version: 3.17)
Choice Guard (Version: 1.2.87.0)
Copy (Version: 43.1.5.000)
CreativeProjects (Version: 43.1.5.000)
CreativeProjectsTemplates (Version: 43.1.5.000)
CueTour (Version: 43.1.5.000)
Dell Support Center (Version: 2.1.08060)
Destinations (Version: 43.1.5.000)
Diagnostics Utility (Version: 1.00.0000)
Diagram Designer
Director (Version: 43.1.5.000)
DocProc (Version: 4.0.0.0)
DocumentViewer (Version: 43.0.217.000)
Dropbox (Version: 1.2.52)
Fax (Version: 43.0.217.000)
Free M4a to MP3 Converter 6.2
Google Chrome (Version: 17.0.963.83)
Google Earth (Version: 6.1.0.5001)
Google SketchUp 8 (Version: 3.0.3117)
Google Update Helper (Version: 1.3.21.111)
HP Diagnostic Assistant (Version: 1.0.1.0)
HP Image Zone 4.2 (Version: 4.2)
HP PSC & OfficeJet 4.2
HP Software Update (Version: 2.0.39.20040212)
HP Unload DLL Patch (Version: 1.00.0000)
HPSystemDiagnostics (Version: 1.5.0.0)
InstantShare (Version: 4.0.0.40)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes (Version: 10.6.0.40)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
Junk Mail filter update (Version: 14.0.8050.1202)
LAME v3.98.2 for Audacity
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office 97, Professional Edition
Microsoft Office Basic 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Search Enhancement Pack (Version: 1.2.121.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.4518.1014)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Mozilla Firefox 8.0 (x86 en-US) (Version: 8.0)
Mozilla Thunderbird 10.0.2 (x86 en-US) (Version: 10.0.2)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (KB927977) (Version: 6.00.3890.0)
Nero OEM
Open Contacts v5.3.8
Overland (Version: 2.1.5)
PhotoGallery (Version: 43.1.5.000)
PowerDVD DX (Version: 8.2.5202)
PrintScreen (Version: 43.1.5.000)
ProductContext (Version: 43.0.217.000)
QFolder (Version: 1.00.0000)
QuickProjects (Version: 43.1.5.000)
QuickTime (Version: 7.71.80.42)
Readme (Version: 43.0.217.000)
Realtek High Definition Audio Driver
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.5.0)
Roxio Creator BDAV Plugin (Version: 3.5.0)
Roxio Creator Copy (Version: 3.5.0)
Roxio Creator Data (Version: 3.5.0)
Roxio Creator DE (Version: 3.5.0)
Roxio Creator Tools (Version: 3.5.0)
Roxio Drag-to-Disc (Version: 9.1)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Scan (Version: 4.1.0.0)
Segoe UI (Version: 14.0.4327.805)
SkinsHP1 (Version: 43.1.5.000)
Skype™ 5.8 (Version: 5.8.156)
Sonic CinePlayer Decoder Pack (Version: 4.2.0)
Tiff Splitter (Version: 1.0.0)
TrayApp (Version: 43.1.5.000)
Uniblue RegistryBooster (Version: 6.0.10.7)
Uniblue SystemTweaker
Unload (Version: 4.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951618-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update for Windows XP (KB976749) (Version: 1)
Update for Windows XP (KB978207) (Version: 1)
Update for Windows XP (KB980182) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 43.1.5.000)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Photo Gallery (Version: 14.0.8051.1204)
Windows Live Sign-in Assistant (Version: 5.000.817.1)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Toolbar (Version: 14.0.8052.1208)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8050.1202)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows Search 4.0 (Version: 04.00.6001.503)
XML Paper Specification Shared Components Pack 1.0

========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 3036.91 MB
Available physical RAM: 2269.73 MB
Total Pagefile: 4922.32 MB
Available Pagefile: 4321.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1983.08 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:232.79 GB) (Free:130.14 GB) NTFS

========================= Users: ========================================

User accounts for \\DLB01

Administrator Dana Guest
HelpAssistant SUPPORT_388945a0


**** End of log ****


------------- End MiniToolTox output ------------------------------

BC AdBot (Login to Remove)

 


#2 PD!

PD!

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:55 AM

Posted 29 March 2012 - 01:05 AM

I was having browser redirects starting today, to that happili site and others as well. I was trying all kinds of virus and anti-malware scans and none of them found the rootkit. I just used Norton's Power Eraser (http://security.symantec.com/nbrt/npe.aspx) and it worked (I think the process took about three restarts of my computer in the process).

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:55 AM

Posted 29 March 2012 - 10:29 AM

Hello,no rootkits in that log.. Are you having PC issues?
Your Java and Adobe Reader are outdated...
Lets run these....

Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).



Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 dinos4

dinos4
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:55 AM

Posted 29 March 2012 - 10:53 PM

Interesting, I'm getting about 20-30% of my PC browser searches (Win XP SP3 running firefox) redirecting to this site:

hxxp://www.happili.com/ss_rnvii/innerxy.php?q=test+search&xy=65285-8911_1234

I just replicated it multiple times, so it's still hiding in there somewhere.

Ok, downloading malwarebytes and trying to change the name during the download: firefox just lets me download it without a rename option. Malwarebyes forum offers a randomized filename work-around here: http://forums.malwarebytes.org/index.php?showtopic=29028

The Malwarebytes scan ran with no threats detected.

Here's the aswMBR log. Time for Norton Power Eraser?

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-29 20:14:48
-----------------------------
20:14:48.796 OS Version: Windows 5.1.2600 Service Pack 3
20:14:48.796 Number of processors: 2 586 0x170A
20:14:48.796 ComputerName: DLB01 UserName: Dana
20:14:51.484 Initialize success
20:14:55.171 AVAST engine defs: 12032901
20:15:07.312 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:15:07.312 Disk 0 Vendor: ST325031 4.AD Size: 238418MB BusType: 3
20:15:07.343 Disk 0 MBR read successfully
20:15:07.343 Disk 0 MBR scan
20:15:07.343 Disk 0 Windows VISTA default MBR code
20:15:07.343 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
20:15:07.359 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 238377 MB offset 81920
20:15:07.359 Disk 0 scanning sectors +488279202
20:15:07.453 Disk 0 scanning C:\WINDOWS\system32\drivers
20:15:15.984 Service scanning
20:15:31.796 Modules scanning
20:15:39.218 Disk 0 trace - called modules:
20:15:39.234
20:15:40.453 AVAST engine scan C:\WINDOWS
20:15:46.515 AVAST engine scan C:\WINDOWS\system32
20:17:42.140 AVAST engine scan C:\WINDOWS\system32\drivers
20:17:56.218 AVAST engine scan C:\Documents and Settings\Dana
20:51:07.015 AVAST engine scan C:\Documents and Settings\All Users
20:51:58.796 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Dana\Desktop\MBR.dat"
20:51:58.796 The log file has been saved successfully to "C:\Documents and Settings\Dana\Desktop\aswMBR_log.txt"

Edited by Orange Blossom, 31 March 2012 - 12:37 AM.
Deactivated link. ~ OB


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:55 AM

Posted 30 March 2012 - 09:24 AM

What about aswMBR as it may be a diiferent rootkit?

Delete your YDSS killer off the desktop and run this.
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 dinos4

dinos4
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:55 AM

Posted 31 March 2012 - 11:39 AM

Ok, all is well again. The problem was an add-on in Firefox called "performance cache" that had the redirect virus hiding in it. Here are some suggestions that would have been good early and simple steps to isolate this issue:

1) Test multiple browsers to see if it is an application-specific or system-level problem.
2) If just one browser is affected, disable all extensions, test, then restore add-ons one at a time until issue arises.

Thanks to all for their ideas, I now have a much better toolkit for chasing down these issues. By the way, the NortonLive antispyware and rootkit service, while costing $99, did manage to save me hours of learning enough advanced system poking that I would have killed it for sure. Happy computing!

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:55 AM

Posted 01 April 2012 - 07:09 PM

Ok, great news!
Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u3-windows-i586.exe (or jre-7u3-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users