Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ZeroAccess and other viruses


  • Please log in to reply
13 replies to this topic

#1 reedncg

reedncg

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 05 May 2012 - 11:27 PM

I am running Windows XP Home edition Sp3 on a Dell Dimension 3000 Desktop computer. I am unable to connect to the internet. Network Status says: "This problem occurred because the network did not assign a network address to the computer." Tried to do a REPAIR and it says "cannot be completed: Renewing your IP address." Problem started about two weeks ago when I started getting randomly redirected to other sites. I ran a McAfee scan and it found some problems but could not fix all of them. Still had redirecting. I downloaded MSE and ran a scan with that application. I think after that and a reboot, I was no longer able to get my internet connection. I tried resetting my cable modem and wireless router but nothing has helped. Also uninstalled McAfee and turned off Windows firewall. Tried a restore to an earlier date but that did not help either. Now I am on my net-book so can only download here and copy programs to my Dell via a thumb drive. Taking one problem at a time, I believe getting my internet connection first will facilitate solving my other virus problems. Hope someone can help me out. Thanks

Edited by Budapest, 06 May 2012 - 03:19 AM.
Moved from XP ~Budapest


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:24 PM

Posted 06 May 2012 - 08:30 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#3 reedncg

reedncg
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 06 May 2012 - 05:25 PM

Ran tdsskiller and fss and now my internet connection is working. Logs are below. Don't know if I have any other issues yet. Should I re-install McAfee at this time? Thanks for all the help.

11:10:36.0515 3216 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
11:10:36.0531 3216 ============================================================
11:10:36.0531 3216 Current date / time: 2012/05/06 11:10:36.0531
11:10:36.0531 3216 SystemInfo:
11:10:36.0531 3216
11:10:36.0531 3216 OS Version: 5.1.2600 ServicePack: 3.0
11:10:36.0531 3216 Product type: Workstation
11:10:36.0531 3216 ComputerName: D3SP6181
11:10:36.0531 3216 UserName: Edwin Hildebrand
11:10:36.0531 3216 Windows directory: C:\WINDOWS
11:10:36.0531 3216 System windows directory: C:\WINDOWS
11:10:36.0531 3216 Processor architecture: Intel x86
11:10:36.0531 3216 Number of processors: 2
11:10:36.0531 3216 Page size: 0x1000
11:10:36.0531 3216 Boot type: Normal boot
11:10:36.0531 3216 ============================================================
11:10:39.0359 3216 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:10:39.0359 3216 Drive \Device\Harddisk1\DR10 - Size: 0xEF3FE00 (0.23 Gb), SectorSize: 0x200, Cylinders: 0x1E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:10:39.0359 3216 ============================================================
11:10:39.0359 3216 \Device\Harddisk0\DR0:
11:10:39.0359 3216 MBR partitions:
11:10:39.0359 3216 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xFB04, BlocksNum 0x8E7BB54
11:10:39.0359 3216 \Device\Harddisk1\DR10:
11:10:39.0359 3216 MBR partitions:
11:10:39.0359 3216 \Device\Harddisk1\DR10\Partition0: MBR, Type 0xE, StartLBA 0x4, BlocksNum 0x779FB
11:10:39.0359 3216 ============================================================
11:10:39.0406 3216 C: <-> \Device\Harddisk0\DR0\Partition0
11:10:39.0406 3216 ============================================================
11:10:39.0406 3216 Initialize success
11:10:39.0406 3216 ============================================================
11:11:39.0375 1020 ============================================================
11:11:39.0375 1020 Scan started
11:11:39.0375 1020 Mode: Manual; TDLFS;
11:11:39.0375 1020 ============================================================
11:11:39.0796 1020 a016obex - ok
11:11:39.0828 1020 Abiosdsk - ok
11:11:39.0859 1020 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
11:11:39.0875 1020 abp480n5 - ok
11:11:39.0921 1020 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:11:39.0921 1020 ACPI - ok
11:11:39.0968 1020 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:11:39.0968 1020 ACPIEC - ok
11:11:39.0968 1020 adihdaudaddservice - ok
11:11:40.0062 1020 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:11:40.0078 1020 AdobeFlashPlayerUpdateSvc - ok
11:11:40.0125 1020 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
11:11:40.0125 1020 adpu160m - ok
11:11:40.0171 1020 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:11:40.0171 1020 aec - ok
11:11:40.0234 1020 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:11:40.0234 1020 AFD - ok
11:11:40.0250 1020 afs2k - ok
11:11:40.0296 1020 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
11:11:40.0312 1020 agp440 - ok
11:11:40.0328 1020 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
11:11:40.0343 1020 agpCPQ - ok
11:11:40.0375 1020 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
11:11:40.0375 1020 Aha154x - ok
11:11:40.0390 1020 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
11:11:40.0406 1020 aic78u2 - ok
11:11:40.0421 1020 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
11:11:40.0421 1020 aic78xx - ok
11:11:40.0437 1020 aksusb - ok
11:11:40.0468 1020 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
11:11:40.0468 1020 Alerter - ok
11:11:40.0484 1020 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
11:11:40.0500 1020 ALG - ok
11:11:40.0531 1020 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
11:11:40.0531 1020 AliIde - ok
11:11:40.0546 1020 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
11:11:40.0562 1020 alim1541 - ok
11:11:40.0578 1020 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
11:11:40.0578 1020 amdagp - ok
11:11:40.0578 1020 AmdIde - ok
11:11:40.0593 1020 amdk8 - ok
11:11:40.0625 1020 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
11:11:40.0625 1020 amsint - ok
11:11:40.0640 1020 AN983 - ok
11:11:40.0750 1020 Apple Mobile Device (d503df3aba595f551b98b9bae017a271) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:11:40.0750 1020 Apple Mobile Device - ok
11:11:40.0765 1020 AppMgmt - ok
11:11:40.0781 1020 arc - ok
11:11:40.0781 1020 armoucfltr - ok
11:11:40.0843 1020 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
11:11:40.0843 1020 asc - ok
11:11:40.0859 1020 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
11:11:40.0859 1020 asc3350p - ok
11:11:40.0859 1020 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
11:11:40.0875 1020 asc3550 - ok
11:11:40.0906 1020 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
11:11:40.0906 1020 ASCTRM - ok
11:11:40.0906 1020 ASLDRService - ok
11:11:41.0062 1020 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:11:41.0078 1020 aspnet_state - ok
11:11:41.0093 1020 asuskeyboardservice - ok
11:11:41.0109 1020 ASUSVRC - ok
11:11:41.0140 1020 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:11:41.0140 1020 AsyncMac - ok
11:11:41.0171 1020 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:11:41.0187 1020 atapi - ok
11:11:41.0187 1020 Atdisk - ok
11:11:41.0218 1020 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:11:41.0218 1020 Atmarpc - ok
11:11:41.0265 1020 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
11:11:41.0265 1020 AudioSrv - ok
11:11:41.0328 1020 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:11:41.0328 1020 audstub - ok
11:11:41.0343 1020 avgarcln - ok
11:11:41.0343 1020 avgmfx86 - ok
11:11:41.0359 1020 avgtdi - ok
11:11:41.0390 1020 avsvcmonitor - ok
11:11:41.0500 1020 BBSvc (2ed050291bc1d7f9e322e328db3aaecf) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
11:11:41.0515 1020 BBSvc - ok
11:11:41.0562 1020 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
11:11:41.0578 1020 BBUpdate - ok
11:11:41.0578 1020 bc_ip_f - ok
11:11:41.0593 1020 bc_tdi_f - ok
11:11:41.0640 1020 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:11:41.0640 1020 Beep - ok
11:11:41.0703 1020 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
11:11:41.0734 1020 BITS - ok
11:11:41.0796 1020 Bonjour Service (ebad0f51d8d4dade7660b1851addbd07) C:\Program Files\Bonjour\mDNSResponder.exe
11:11:41.0812 1020 Bonjour Service - ok
11:11:41.0859 1020 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
11:11:41.0859 1020 Browser - ok
11:11:41.0875 1020 btcsrusb - ok
11:11:41.0875 1020 btdriver - ok
11:11:41.0890 1020 bthpan - ok
11:11:41.0921 1020 bvrp_pci - ok
11:11:41.0937 1020 Cap7134 - ok
11:11:41.0984 1020 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
11:11:41.0984 1020 cbidf - ok
11:11:41.0984 1020 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:11:41.0984 1020 cbidf2k - ok
11:11:42.0015 1020 CBN - ok
11:11:42.0062 1020 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:11:42.0062 1020 CCDECODE - ok
11:11:42.0109 1020 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
11:11:42.0109 1020 cd20xrnt - ok
11:11:42.0125 1020 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:11:42.0125 1020 Cdaudio - ok
11:11:42.0171 1020 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:11:42.0187 1020 Cdfs - ok
11:11:42.0187 1020 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:11:42.0203 1020 Cdrom - ok
11:11:42.0203 1020 cdvp - ok
11:11:42.0218 1020 cebdaldr - ok
11:11:42.0234 1020 Changer - ok
11:11:42.0312 1020 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
11:11:42.0312 1020 CiSvc - ok
11:11:42.0328 1020 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
11:11:42.0343 1020 ClipSrv - ok
11:11:42.0453 1020 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:11:42.0468 1020 clr_optimization_v2.0.50727_32 - ok
11:11:42.0546 1020 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:11:42.0546 1020 clr_optimization_v4.0.30319_32 - ok
11:11:42.0578 1020 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
11:11:42.0578 1020 CmdIde - ok
11:11:42.0593 1020 COMSysApp - ok
11:11:42.0625 1020 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
11:11:42.0625 1020 Cpqarray - ok
11:11:42.0671 1020 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
11:11:42.0687 1020 CryptSvc - ok
11:11:42.0687 1020 ctxcpubal - ok
11:11:42.0687 1020 CVPNDRVA - ok
11:11:42.0718 1020 cwafreportscheduler - ok
11:11:42.0765 1020 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
11:11:42.0765 1020 dac2w2k - ok
11:11:42.0781 1020 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
11:11:42.0781 1020 dac960nt - ok
11:11:42.0843 1020 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
11:11:42.0859 1020 DcomLaunch - ok
11:11:42.0921 1020 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
11:11:42.0921 1020 Dhcp - ok
11:11:42.0953 1020 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:11:42.0968 1020 Disk - ok
11:11:42.0968 1020 dlbu_device - ok
11:11:42.0984 1020 dmadmin - ok
11:11:43.0046 1020 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
11:11:43.0062 1020 dmboot - ok
11:11:43.0109 1020 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
11:11:43.0125 1020 dmio - ok
11:11:43.0140 1020 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:11:43.0156 1020 dmload - ok
11:11:43.0171 1020 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
11:11:43.0171 1020 dmserver - ok
11:11:43.0203 1020 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:11:43.0218 1020 DMusic - ok
11:11:43.0250 1020 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
11:11:43.0250 1020 Dnscache - ok
11:11:43.0312 1020 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
11:11:43.0375 1020 Dot3svc - ok
11:11:43.0406 1020 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
11:11:43.0406 1020 dpti2o - ok
11:11:43.0437 1020 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:11:43.0437 1020 drmkaud - ok
11:11:43.0484 1020 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
11:11:43.0500 1020 drvmcdb - ok
11:11:43.0500 1020 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
11:11:43.0515 1020 drvnddm - ok
11:11:43.0625 1020 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
11:11:43.0625 1020 DSBrokerService - ok
11:11:43.0703 1020 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
11:11:43.0703 1020 DSproct - ok
11:11:43.0750 1020 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
11:11:43.0750 1020 dsunidrv - ok
11:11:43.0750 1020 dtsrvc - ok
11:11:43.0765 1020 E1000 - ok
11:11:43.0796 1020 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
11:11:43.0812 1020 E100B - ok
11:11:43.0843 1020 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
11:11:43.0859 1020 EapHost - ok
11:11:43.0859 1020 ELmon - ok
11:11:43.0859 1020 emAudio - ok
11:11:43.0906 1020 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
11:11:43.0906 1020 ERSvc - ok
11:11:43.0953 1020 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
11:11:43.0953 1020 Eventlog - ok
11:11:44.0015 1020 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
11:11:44.0031 1020 EventSystem - ok
11:11:44.0078 1020 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:11:44.0078 1020 Fastfat - ok
11:11:44.0125 1020 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
11:11:44.0140 1020 FastUserSwitchingCompatibility - ok
11:11:44.0203 1020 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
11:11:44.0203 1020 Fax - ok
11:11:44.0234 1020 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:11:44.0234 1020 Fdc - ok
11:11:44.0265 1020 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
11:11:44.0281 1020 Fips - ok
11:11:44.0453 1020 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:11:44.0453 1020 Flpydisk - ok
11:11:44.0484 1020 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:11:44.0500 1020 FltMgr - ok
11:11:44.0625 1020 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:11:44.0625 1020 FontCache3.0.0.0 - ok
11:11:44.0640 1020 fsssvc - ok
11:11:44.0687 1020 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:11:44.0687 1020 Fs_Rec - ok
11:11:44.0734 1020 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:11:44.0750 1020 Ftdisk - ok
11:11:44.0750 1020 G400DH - ok
11:11:44.0796 1020 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:11:44.0796 1020 GEARAspiWDM - ok
11:11:44.0875 1020 getPlus® Helper (35a1f815962f3552066c6be4c969d297) C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
11:11:44.0890 1020 getPlus® Helper - ok
11:11:44.0890 1020 gotomypc - ok
11:11:44.0921 1020 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:11:44.0937 1020 Gpc - ok
11:11:45.0015 1020 gupdate1ca0904829b59be (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
11:11:45.0015 1020 gupdate1ca0904829b59be - ok
11:11:45.0031 1020 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
11:11:45.0031 1020 gupdatem - ok
11:11:45.0093 1020 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:11:45.0109 1020 gusvc - ok
11:11:45.0109 1020 GVCplDrv - ok
11:11:45.0187 1020 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:11:45.0203 1020 helpsvc - ok
11:11:45.0218 1020 hf30service - ok
11:11:45.0265 1020 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
11:11:45.0265 1020 HidServ - ok
11:11:45.0390 1020 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:11:45.0453 1020 HidUsb - ok
11:11:45.0531 1020 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
11:11:45.0531 1020 hkmsvc - ok
11:11:45.0546 1020 Hotkey - ok
11:11:45.0562 1020 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
11:11:45.0578 1020 hpn - ok
11:11:45.0609 1020 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:11:45.0625 1020 HPZid412 - ok
11:11:45.0656 1020 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
11:11:45.0656 1020 HPZipr12 - ok
11:11:45.0703 1020 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:11:45.0718 1020 HPZius12 - ok
11:11:45.0765 1020 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:11:45.0781 1020 HTTP - ok
11:11:45.0828 1020 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
11:11:45.0828 1020 HTTPFilter - ok
11:11:45.0843 1020 HWSCtrl - ok
11:11:45.0890 1020 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
11:11:45.0890 1020 i2omgmt - ok
11:11:45.0921 1020 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
11:11:45.0921 1020 i2omp - ok
11:11:45.0953 1020 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:11:45.0953 1020 i8042prt - ok
11:11:46.0062 1020 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
11:11:46.0109 1020 ialm - ok
11:11:46.0109 1020 ICAM5USB - ok
11:11:46.0125 1020 ichaud - ok
11:11:46.0140 1020 id2scaps - ok
11:11:46.0156 1020 idebusdr - ok
11:11:46.0515 1020 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:11:46.0562 1020 idsvc - ok
11:11:46.0640 1020 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:11:46.0656 1020 Imapi - ok
11:11:46.0687 1020 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
11:11:46.0703 1020 ImapiService - ok
11:11:46.0718 1020 imaservice - ok
11:11:46.0765 1020 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
11:11:46.0765 1020 ini910u - ok
11:11:46.0781 1020 ino_flpy - ok
11:11:46.0875 1020 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\WINDOWS\system32\DRIVERS\IntelC51.sys
11:11:46.0921 1020 IntelC51 - ok
11:11:46.0968 1020 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\WINDOWS\system32\DRIVERS\IntelC52.sys
11:11:46.0984 1020 IntelC52 - ok
11:11:47.0000 1020 IntelC53 (cf0b937710cec6ef39416edecd803cbb) C:\WINDOWS\system32\DRIVERS\IntelC53.sys
11:11:47.0015 1020 IntelC53 - ok
11:11:47.0046 1020 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
11:11:47.0046 1020 IntelIde - ok
11:11:47.0093 1020 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:11:47.0109 1020 intelppm - ok
11:11:47.0218 1020 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
11:11:47.0218 1020 IntuitUpdateService - ok
11:11:47.0437 1020 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
11:11:47.0484 1020 IntuitUpdateServiceV4 - ok
11:11:47.0515 1020 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:11:47.0531 1020 Ip6Fw - ok
11:11:47.0578 1020 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:11:47.0593 1020 IpFilterDriver - ok
11:11:47.0609 1020 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:11:47.0609 1020 IpInIp - ok
11:11:47.0640 1020 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:11:47.0656 1020 IpNat - ok
11:11:47.0718 1020 iPod Service (3c30491045dbbd44a42876b3d6f3917d) C:\Program Files\iPod\bin\iPodService.exe
11:11:47.0750 1020 iPod Service - ok
11:11:47.0750 1020 ipodservice - ok
11:11:47.0765 1020 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:11:47.0781 1020 IPSec - ok
11:11:47.0828 1020 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:11:47.0828 1020 IRENUM - ok
11:11:47.0859 1020 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:11:47.0859 1020 isapnp - ok
11:11:47.0875 1020 isdrv120 - ok
11:11:47.0875 1020 issvc - ok
11:11:47.0906 1020 itchfltr - ok
11:11:48.0031 1020 JavaQuickStarterService (5e06a9d23727daf96faa796f1135fdcd) C:\Program Files\Java\jre6\bin\jqs.exe
11:11:48.0046 1020 JavaQuickStarterService - ok
11:11:48.0046 1020 Jukebox - ok
11:11:48.0062 1020 jukebox3 - ok
11:11:48.0078 1020 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:11:48.0078 1020 Kbdclass - ok
11:11:48.0093 1020 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:11:48.0093 1020 kbdhid - ok
11:11:48.0109 1020 kl1 - ok
11:11:48.0125 1020 KLOGNT - ok
11:11:48.0187 1020 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:11:48.0203 1020 kmixer - ok
11:11:48.0250 1020 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:11:48.0265 1020 KSecDD - ok
11:11:48.0265 1020 L8042Kbd - ok
11:11:48.0640 1020 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
11:11:48.0656 1020 lanmanserver - ok
11:11:48.0703 1020 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
11:11:48.0718 1020 lanmanworkstation - ok
11:11:48.0765 1020 LBeepKE (c99ba72106a858cb8b521bb4c02c93ed) C:\WINDOWS\system32\Drivers\LBeepKE.sys
11:11:48.0765 1020 LBeepKE - ok
11:11:48.0765 1020 lbrtfdc - ok
11:11:48.0906 1020 LBTServ (0f98b9384c37c8c29904b8ae4359a54f) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
11:11:48.0953 1020 LBTServ - ok
11:11:48.0968 1020 ldlcserv - ok
11:11:49.0000 1020 LHidFilt (318b3d608fbec44b7e0c23bf759dced5) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
11:11:49.0000 1020 LHidFilt - ok
11:11:49.0015 1020 lkcitadelserver - ok
11:11:49.0031 1020 lkclassads - ok
11:11:49.0078 1020 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
11:11:49.0078 1020 LmHosts - ok
11:11:49.0078 1020 LMIRfsClientNP - ok
11:11:49.0125 1020 LMouFilt (84af069d219df3c43dc6792b2bbd7bed) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
11:11:49.0125 1020 LMouFilt - ok
11:11:49.0187 1020 lusbaudio (f57fcbfbbd7ff68cc286f6fefeaed2b2) C:\WINDOWS\system32\drivers\lvsound2.sys
11:11:49.0187 1020 lusbaudio - ok
11:11:49.0234 1020 LVBulk (eb17c2146d2bafa79c67e35229f4297c) C:\WINDOWS\system32\DRIVERS\LVBulk.sys
11:11:49.0234 1020 LVBulk - ok
11:11:49.0250 1020 lvpr2mon - ok
11:11:49.0671 1020 LVVI500A (c4a1debc2b9a61a31d2616c2c6c03eee) C:\WINDOWS\system32\DRIVERS\lvvi500a.sys
11:11:49.0718 1020 LVVI500A - ok
11:11:49.0734 1020 lxbx_device - ok
11:11:49.0765 1020 lxby_device - ok
11:11:49.0765 1020 MA8032M - ok
11:11:49.0781 1020 MA8032U - ok
11:11:49.0796 1020 ma_cmidi_installerservice - ok
11:11:49.0828 1020 McciCMService - ok
11:11:49.0875 1020 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
11:11:49.0890 1020 Messenger - ok
11:11:49.0890 1020 mksupdateint - ok
11:11:49.0953 1020 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:11:49.0953 1020 mnmdd - ok
11:11:50.0000 1020 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
11:11:50.0000 1020 mnmsrvc - ok
11:11:50.0015 1020 MobilePreInstallerService - ok
11:11:50.0015 1020 mod7700 - ok
11:11:50.0062 1020 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
11:11:50.0078 1020 Modem - ok
11:11:50.0093 1020 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
11:11:50.0093 1020 MODEMCSA - ok
11:11:50.0109 1020 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\WINDOWS\system32\DRIVERS\mohfilt.sys
11:11:50.0125 1020 mohfilt - ok
11:11:50.0125 1020 motmodem - ok
11:11:50.0171 1020 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:11:50.0171 1020 Mouclass - ok
11:11:50.0171 1020 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:11:50.0171 1020 mouhid - ok
11:11:50.0187 1020 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:11:50.0203 1020 MountMgr - ok
11:11:50.0234 1020 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
11:11:50.0234 1020 mraid35x - ok
11:11:50.0281 1020 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:11:50.0468 1020 MRxDAV - ok
11:11:50.0609 1020 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:11:50.0625 1020 MRxSmb - ok
11:11:50.0671 1020 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
11:11:50.0671 1020 MSDTC - ok
11:11:50.0750 1020 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:11:50.0750 1020 Msfs - ok
11:11:50.0750 1020 MSIServer - ok
11:11:50.0750 1020 mskservice - ok
11:11:50.0781 1020 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:11:50.0781 1020 MSKSSRV - ok
11:11:50.0843 1020 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:11:50.0843 1020 MSPCLOCK - ok
11:11:50.0843 1020 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:11:50.0843 1020 MSPQM - ok
11:11:50.0906 1020 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:11:50.0906 1020 mssmbios - ok
11:11:50.0906 1020 mstdc - ok
11:11:50.0953 1020 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
11:11:50.0953 1020 MSTEE - ok
11:11:51.0000 1020 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:11:51.0000 1020 Mup - ok
11:11:51.0015 1020 mxserver - ok
11:11:51.0062 1020 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:11:51.0078 1020 NABTSFEC - ok
11:11:51.0140 1020 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
11:11:51.0156 1020 napagent - ok
11:11:51.0187 1020 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:11:51.0203 1020 NDIS - ok
11:11:51.0250 1020 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:11:51.0250 1020 NdisIP - ok
11:11:51.0390 1020 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:11:51.0421 1020 NdisTapi - ok
11:11:51.0562 1020 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:11:51.0562 1020 Ndisuio - ok
11:11:51.0578 1020 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:11:51.0578 1020 NdisWan - ok
11:11:51.0625 1020 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:11:51.0625 1020 NDProxy - ok
11:11:51.0671 1020 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:11:51.0687 1020 NetBIOS - ok
11:11:51.0734 1020 NetBT (45a5c7d071467c1ae5380edeb7d35906) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:11:51.0734 1020 NetBT ( Virus.Win32.ZAccess.k ) - infected
11:11:51.0734 1020 NetBT - detected Virus.Win32.ZAccess.k (0)
11:11:51.0781 1020 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
11:11:51.0781 1020 NetDDE - ok
11:11:51.0796 1020 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
11:11:51.0796 1020 NetDDEdsdm - ok
11:11:51.0796 1020 NETGEAR_MA111 - ok
11:11:51.0843 1020 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:11:51.0843 1020 Netlogon - ok
11:11:51.0906 1020 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
11:11:51.0906 1020 Netman - ok
11:11:52.0046 1020 NetSvc (02d0798f376fcbd0210eda58476d0b1b) C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
11:11:52.0062 1020 NetSvc - ok
11:11:52.0156 1020 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:11:52.0156 1020 NetTcpPortSharing - ok
11:11:52.0156 1020 nisvcloc - ok
11:11:52.0203 1020 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
11:11:52.0218 1020 Nla - ok
11:11:52.0265 1020 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:11:52.0328 1020 Npfs - ok
11:11:52.0328 1020 npkcrypt - ok
11:11:52.0625 1020 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:11:52.0656 1020 Ntfs - ok
11:11:52.0656 1020 ntiopnp - ok
11:11:52.0703 1020 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:11:52.0703 1020 NtLmSsp - ok
11:11:52.0765 1020 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
11:11:52.0781 1020 NtmsSvc - ok
11:11:52.0781 1020 NTSIM - ok
11:11:52.0812 1020 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
11:11:52.0812 1020 NuidFltr - ok
11:11:52.0859 1020 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:11:52.0859 1020 Null - ok
11:11:53.0703 1020 nv (ed9816dbaf6689542ea7d022631906a1) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:11:53.0984 1020 nv - ok
11:11:54.0093 1020 NVSvc (a2322c6207ebb0761a6c8cc9003ebacf) C:\WINDOWS\system32\nvsvc32.exe
11:11:54.0109 1020 NVSvc - ok
11:11:54.0125 1020 NWFILTER - ok
11:11:54.0203 1020 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:11:54.0203 1020 NwlnkFlt - ok
11:11:54.0218 1020 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:11:54.0218 1020 NwlnkFwd - ok
11:11:54.0234 1020 oracleorahome811cmadmin - ok
11:11:54.0234 1020 oracleorahome92tnslistener - ok
11:11:54.0265 1020 oraclesnmppeerencapsulator - ok
11:11:54.0281 1020 papyjoy - ok
11:11:54.0562 1020 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
11:11:54.0640 1020 Parport - ok
11:11:54.0687 1020 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:11:54.0687 1020 PartMgr - ok
11:11:54.0718 1020 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
11:11:54.0718 1020 ParVdm - ok
11:11:54.0718 1020 pavsrv - ok
11:11:54.0734 1020 PCDRSRVC - ok
11:11:54.0765 1020 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
11:11:54.0781 1020 PCI - ok
11:11:54.0781 1020 PCIDump - ok
11:11:54.0843 1020 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:11:54.0843 1020 PCIIde - ok
11:11:54.0875 1020 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:11:54.0890 1020 Pcmcia - ok
11:11:54.0890 1020 PDCOMP - ok
11:11:54.0890 1020 pdfcreatormessages - ok
11:11:54.0921 1020 PDFRAME - ok
11:11:54.0937 1020 pdlncbas - ok
11:11:54.0953 1020 PDRELI - ok
11:11:54.0968 1020 PDRFRAME - ok
11:11:55.0031 1020 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
11:11:55.0031 1020 perc2 - ok
11:11:55.0046 1020 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
11:11:55.0062 1020 perc2hib - ok
11:11:55.0078 1020 pinnaclesys.mediaserver - ok
11:11:55.0109 1020 plsremotesvc - ok
11:11:55.0156 1020 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
11:11:55.0156 1020 PlugPlay - ok
11:11:55.0203 1020 Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\system32\HPZipm12.exe
11:11:55.0203 1020 Pml Driver HPZ12 - ok
11:11:55.0218 1020 pnrouter - ok
11:11:55.0265 1020 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:11:55.0265 1020 PolicyAgent - ok
11:11:55.0281 1020 portmapper - ok
11:11:55.0343 1020 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:11:55.0359 1020 PptpMiniport - ok
11:11:55.0359 1020 processor - ok
11:11:55.0375 1020 profos - ok
11:11:55.0390 1020 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:11:55.0406 1020 ProtectedStorage - ok
11:11:55.0421 1020 proxyhostservice - ok
11:11:55.0453 1020 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:11:55.0453 1020 PSched - ok
11:11:55.0484 1020 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:11:55.0484 1020 Ptilink - ok
11:11:55.0500 1020 pxfhserd - ok
11:11:55.0531 1020 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:11:55.0546 1020 PxHelp20 - ok
11:11:55.0578 1020 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
11:11:55.0593 1020 ql1080 - ok
11:11:55.0609 1020 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
11:11:55.0609 1020 Ql10wnt - ok
11:11:55.0640 1020 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
11:11:55.0640 1020 ql12160 - ok
11:11:55.0656 1020 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
11:11:55.0671 1020 ql1240 - ok
11:11:55.0671 1020 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
11:11:55.0687 1020 ql1280 - ok
11:11:55.0687 1020 quickhealfirewall - ok
11:11:55.0718 1020 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:11:55.0734 1020 RasAcd - ok
11:11:55.0765 1020 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
11:11:55.0765 1020 RasAuto - ok
11:11:55.0796 1020 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:11:55.0812 1020 Rasl2tp - ok
11:11:55.0859 1020 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
11:11:55.0875 1020 RasMan - ok
11:11:55.0890 1020 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:11:55.0906 1020 RasPppoe - ok
11:11:55.0921 1020 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:11:55.0921 1020 Raspti - ok
11:11:55.0937 1020 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:11:55.0953 1020 Rdbss - ok
11:11:55.0968 1020 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:11:55.0968 1020 RDPCDD - ok
11:11:56.0015 1020 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:11:56.0031 1020 rdpdr - ok
11:11:56.0078 1020 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
11:11:56.0078 1020 RDPWD - ok
11:11:56.0125 1020 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
11:11:56.0140 1020 RDSessMgr - ok
11:11:56.0156 1020 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:11:56.0171 1020 redbook - ok
11:11:56.0171 1020 regmanserv - ok
11:11:56.0187 1020 regspy - ok
11:11:56.0234 1020 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
11:11:56.0250 1020 RemoteAccess - ok
11:11:56.0265 1020 RimSerPort - ok
11:11:56.0281 1020 rismxdp - ok
11:11:56.0296 1020 roxmediadb - ok
11:11:56.0343 1020 roxwatch9 - ok
11:11:56.0343 1020 rpaservice - ok
11:11:56.0640 1020 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
11:11:56.0640 1020 RpcLocator - ok
11:11:56.0656 1020 rpcnet - ok
11:11:56.0718 1020 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
11:11:56.0718 1020 RpcSs - ok
11:11:56.0765 1020 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
11:11:56.0828 1020 RSVP - ok
11:11:56.0875 1020 RT2500 (e2988349fe0567cbe4161cc653575a8e) C:\WINDOWS\system32\DRIVERS\RT2500.sys
11:11:56.0890 1020 RT2500 - ok
11:11:56.0890 1020 s116nd5 - ok
11:11:56.0906 1020 s217nd5 - ok
11:11:56.0921 1020 s616bus - ok
11:11:56.0968 1020 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:11:56.0968 1020 SamSs - ok
11:11:56.0968 1020 savrtpel - ok
11:11:56.0984 1020 scanexplicit - ok
11:11:57.0031 1020 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
11:11:57.0046 1020 SCardSvr - ok
11:11:57.0078 1020 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
11:11:57.0093 1020 Schedule - ok
11:11:57.0109 1020 scramby - ok
11:11:57.0125 1020 SeaPort - ok
11:11:57.0156 1020 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:11:57.0156 1020 Secdrv - ok
11:11:57.0203 1020 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
11:11:57.0203 1020 seclogon - ok
11:11:57.0734 1020 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
11:11:57.0859 1020 senfilt - ok
11:11:57.0906 1020 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
11:11:57.0906 1020 SENS - ok
11:11:57.0921 1020 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:11:57.0921 1020 serenum - ok
11:11:57.0984 1020 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
11:11:57.0984 1020 Serial - ok
11:11:58.0031 1020 sfilter - ok
11:11:58.0062 1020 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:11:58.0062 1020 Sfloppy - ok
11:11:58.0078 1020 sfrem01 - ok
11:11:58.0140 1020 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
11:11:58.0156 1020 SharedAccess - ok
11:11:58.0203 1020 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
11:11:58.0203 1020 ShellHWDetection - ok
11:11:58.0203 1020 Simbad - ok
11:11:58.0250 1020 SimpTcp (32933b07fc16d9f778bee12545fa1b1a) C:\WINDOWS\system32\tcpsvcs.exe
11:11:58.0250 1020 SimpTcp - ok
11:11:58.0640 1020 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
11:11:58.0656 1020 sisagp - ok
11:11:58.0703 1020 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:11:58.0703 1020 SLIP - ok
11:11:58.0703 1020 smartscaps - ok
11:11:58.0718 1020 smbios - ok
11:11:58.0750 1020 smcirda - ok
11:11:58.0765 1020 smsmdd - ok
11:11:58.0843 1020 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
11:11:58.0859 1020 smwdm - ok
11:11:58.0859 1020 SndTDriverV32 - ok
11:11:58.0906 1020 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
11:11:58.0906 1020 Sparrow - ok
11:11:58.0937 1020 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:11:58.0937 1020 splitter - ok
11:11:58.0984 1020 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
11:11:58.0984 1020 Spooler - ok
11:11:59.0078 1020 sprtsvc_dellsupportcenter - ok
11:11:59.0234 1020 SPService - ok
11:11:59.0515 1020 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
11:11:59.0515 1020 sr - ok
11:11:59.0562 1020 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
11:11:59.0578 1020 srservice - ok
11:11:59.0640 1020 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:11:59.0828 1020 Srv - ok
11:11:59.0828 1020 SrvcEKIOMngr - ok
11:11:59.0843 1020 srvdpi - ok
11:11:59.0890 1020 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
11:11:59.0890 1020 sscdbhk5 - ok
11:11:59.0906 1020 sscdmdm - ok
11:11:59.0953 1020 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
11:11:59.0968 1020 SSDPSRV - ok
11:11:59.0968 1020 ssoftservice - ok
11:11:59.0984 1020 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
11:11:59.0984 1020 ssrtln - ok
11:12:00.0000 1020 ss_mdfl - ok
11:12:00.0015 1020 st330service - ok
11:12:00.0031 1020 starwindservice - ok
11:12:00.0078 1020 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
11:12:00.0078 1020 StillCam - ok
11:12:00.0140 1020 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
11:12:00.0156 1020 stisvc - ok
11:12:00.0171 1020 Stltrk2k - ok
11:12:00.0218 1020 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:12:00.0218 1020 streamip - ok
11:12:00.0234 1020 surveyor - ok
11:12:00.0250 1020 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:12:00.0250 1020 swenum - ok
11:12:00.0406 1020 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:12:00.0421 1020 swmidi - ok
11:12:00.0421 1020 SwPrv - ok
11:12:00.0421 1020 SWUMX51 - ok
11:12:00.0484 1020 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
11:12:00.0484 1020 symc810 - ok
11:12:00.0500 1020 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
11:12:00.0500 1020 symc8xx - ok
11:12:00.0515 1020 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
11:12:00.0515 1020 sym_hi - ok
11:12:00.0531 1020 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
11:12:00.0531 1020 sym_u3 - ok
11:12:00.0562 1020 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:12:00.0562 1020 sysaudio - ok
11:12:00.0625 1020 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
11:12:00.0640 1020 SysmonLog - ok
11:12:00.0687 1020 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
11:12:00.0703 1020 TapiSrv - ok
11:12:00.0750 1020 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:12:00.0781 1020 Tcpip - ok
11:12:00.0781 1020 tdcmdpst - ok
11:12:00.0828 1020 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:12:00.0828 1020 TDPIPE - ok
11:12:00.0843 1020 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:12:00.0843 1020 TDTCP - ok
11:12:00.0875 1020 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:12:00.0890 1020 TermDD - ok
11:12:00.0937 1020 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
11:12:00.0953 1020 TermService - ok
11:12:01.0046 1020 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
11:12:01.0046 1020 tfsnboio - ok
11:12:01.0062 1020 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
11:12:01.0062 1020 tfsncofs - ok
11:12:01.0062 1020 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
11:12:01.0062 1020 tfsndrct - ok
11:12:01.0093 1020 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
11:12:01.0093 1020 tfsndres - ok
11:12:01.0109 1020 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
11:12:01.0125 1020 tfsnifs - ok
11:12:01.0125 1020 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
11:12:01.0125 1020 tfsnopio - ok
11:12:01.0156 1020 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
11:12:01.0156 1020 tfsnpool - ok
11:12:01.0171 1020 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
11:12:01.0187 1020 tfsnudf - ok
11:12:01.0203 1020 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
11:12:01.0203 1020 tfsnudfa - ok
11:12:01.0234 1020 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
11:12:01.0250 1020 Themes - ok
11:12:01.0250 1020 TICalc - ok
11:12:01.0718 1020 TomTomHOMEService (efef22b9577e5051057fde1ae381b50c) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
11:12:01.0718 1020 TomTomHOMEService - ok
11:12:01.0765 1020 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
11:12:01.0765 1020 TosIde - ok
11:12:01.0765 1020 TPM - ok
11:12:01.0812 1020 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
11:12:01.0812 1020 TrkWks - ok
11:12:01.0859 1020 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
11:12:01.0859 1020 tunmp - ok
11:12:01.0875 1020 UDFReadr - ok
11:12:01.0890 1020 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:12:01.0906 1020 Udfs - ok
11:12:01.0906 1020 uiusys - ok
11:12:01.0953 1020 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
11:12:01.0953 1020 ultra - ok
11:12:01.0968 1020 UPATC - ok
11:12:02.0015 1020 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:12:02.0031 1020 Update - ok
11:12:02.0093 1020 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
11:12:02.0109 1020 upnphost - ok
11:12:02.0140 1020 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
11:12:02.0156 1020 UPS - ok
11:12:02.0171 1020 USB11LDR - ok
11:12:02.0187 1020 USB28xxBGA - ok
11:12:02.0218 1020 USBAAPL (e8c1b9ebac65288e1b51e8a987d98af6) C:\WINDOWS\system32\Drivers\usbaapl.sys
11:12:02.0234 1020 USBAAPL - ok
11:12:02.0265 1020 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
11:12:02.0281 1020 usbaudio - ok
11:12:02.0578 1020 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:12:02.0578 1020 usbccgp - ok
11:12:02.0593 1020 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:12:02.0609 1020 usbehci - ok
11:12:02.0656 1020 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:12:02.0656 1020 usbhub - ok
11:12:02.0703 1020 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:12:02.0703 1020 usbprint - ok
11:12:02.0734 1020 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:12:02.0734 1020 usbscan - ok
11:12:02.0796 1020 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:12:02.0796 1020 USBSTOR - ok
11:12:02.0843 1020 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:12:02.0843 1020 usbuhci - ok
11:12:02.0859 1020 USB_RNDIS (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys
11:12:02.0859 1020 USB_RNDIS - ok
11:12:02.0875 1020 uscbs108 - ok
11:12:02.0890 1020 USR1806V - ok
11:12:02.0906 1020 vaiomediaplatform-integratedserver-appserver - ok
11:12:02.0921 1020 vetfddnt - ok
11:12:02.0968 1020 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:12:02.0984 1020 VgaSave - ok
11:12:03.0015 1020 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
11:12:03.0015 1020 viaagp - ok
11:12:03.0031 1020 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
11:12:03.0046 1020 ViaIde - ok
11:12:03.0078 1020 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
11:12:03.0093 1020 VolSnap - ok
11:12:03.0093 1020 vpcbus - ok
11:12:03.0109 1020 vpn5000service - ok
11:12:03.0125 1020 VRADFIL - ok
11:12:03.0187 1020 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
11:12:03.0203 1020 VSS - ok
11:12:03.0203 1020 vsserv - ok
11:12:03.0218 1020 vstor2 - ok
11:12:03.0250 1020 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
11:12:03.0265 1020 w32time - ok
11:12:03.0640 1020 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:12:03.0656 1020 Wanarp - ok
11:12:03.0656 1020 wanatw - ok
11:12:03.0671 1020 WBHWDOCT - ok
11:12:03.0687 1020 wceusbsh - ok
11:12:03.0750 1020 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
11:12:03.0765 1020 Wdf01000 - ok
11:12:03.0765 1020 WDICA - ok
11:12:03.0828 1020 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:12:03.0828 1020 wdmaud - ok
11:12:03.0828 1020 WDM_YAMAHAAC97 - ok
11:12:03.0890 1020 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
11:12:03.0890 1020 WebClient - ok
11:12:03.0906 1020 webcompserver - ok
11:12:03.0906 1020 winachsx - ok
11:12:04.0015 1020 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
11:12:04.0031 1020 winmgmt - ok
11:12:04.0046 1020 winsshd - ok
11:12:04.0062 1020 wm - ok
11:12:04.0125 1020 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
11:12:04.0140 1020 WmdmPmSN - ok
11:12:04.0187 1020 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:12:04.0187 1020 WmiApSrv - ok
11:12:04.0406 1020 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
11:12:04.0437 1020 WMPNetworkSvc - ok
11:12:04.0609 1020 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:12:04.0656 1020 WPFFontCache_v0400 - ok
11:12:05.0000 1020 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:12:05.0031 1020 WSTCODEC - ok
11:12:05.0062 1020 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
11:12:05.0062 1020 wuauserv - ok
11:12:05.0109 1020 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:12:05.0109 1020 WudfPf - ok
11:12:05.0140 1020 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:12:05.0140 1020 WudfRd - ok
11:12:05.0171 1020 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
11:12:05.0171 1020 WudfSvc - ok
11:12:05.0234 1020 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
11:12:05.0250 1020 WZCSVC - ok
11:12:05.0515 1020 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
11:12:05.0531 1020 xmlprov - ok
11:12:05.0531 1020 zdeviceservice - ok
11:12:05.0609 1020 MBR (0x1B8) (a03e065717cb65f3034ad33ad58b6bba) \Device\Harddisk0\DR0
11:12:05.0750 1020 \Device\Harddisk0\DR0 - ok
11:12:05.0765 1020 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR10
11:12:12.0140 1020 \Device\Harddisk1\DR10 - ok
11:12:12.0156 1020 Boot (0x1200) (bdb13d31d98258c5d40f699692849641) \Device\Harddisk0\DR0\Partition0
11:12:12.0156 1020 \Device\Harddisk0\DR0\Partition0 - ok
11:12:12.0156 1020 Boot (0x1200) (62f1ce21751dfedddce91517701a0b81) \Device\Harddisk1\DR10\Partition0
11:12:12.0156 1020 \Device\Harddisk1\DR10\Partition0 - ok
11:12:12.0156 1020 ============================================================
11:12:12.0156 1020 Scan finished
11:12:12.0156 1020 ============================================================
11:12:12.0187 2476 Detected object count: 1
11:12:12.0187 2476 Actual detected object count: 1
11:13:13.0125 2476 C:\WINDOWS\system32\DRIVERS\netbt.sys - copied to quarantine
11:13:13.0203 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\@ - copied to quarantine
11:13:13.0218 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\cfg.ini - copied to quarantine
11:13:13.0296 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\Desktop.ini - copied to quarantine
11:13:13.0343 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\L\odetmngk - copied to quarantine
11:13:13.0359 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\oemid - copied to quarantine
11:13:13.0421 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\U\00000001.@ - copied to quarantine
11:13:13.0453 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\U\00000002.@ - copied to quarantine
11:13:13.0468 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\U\00000004.@ - copied to quarantine
11:13:13.0500 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\U\80000000.@ - copied to quarantine
11:13:13.0562 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\U\80000004.@ - copied to quarantine
11:13:13.0578 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\U\80000032.@ - copied to quarantine
11:13:13.0656 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\version - copied to quarantine
11:13:13.0703 2476 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\WINDOWS\system32\drivers\netbt.sys) error 1813
11:13:18.0203 2476 Backup copy found, using it..
11:13:18.0921 2476 C:\WINDOWS\system32\DRIVERS\netbt.sys - will be cured on reboot
11:13:25.0437 2476 C:\WINDOWS\$NtUninstallKB29142$\2566124077 - will be deleted on reboot
11:13:25.0437 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\@ - will be deleted on reboot
11:13:25.0437 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\cfg.ini - will be deleted on reboot
11:13:25.0468 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\Desktop.ini - will be deleted on reboot
11:13:25.0484 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\oemid - will be deleted on reboot
11:13:25.0484 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\U\00000001.@ - will be deleted on reboot
11:13:25.0484 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\U\00000002.@ - will be deleted on reboot
11:13:25.0484 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\U\00000004.@ - will be deleted on reboot
11:13:25.0484 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\U\80000000.@ - will be deleted on reboot
11:13:25.0484 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\U\80000004.@ - will be deleted on reboot
11:13:25.0484 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\U\80000032.@ - will be deleted on reboot
11:13:25.0484 2476 C:\WINDOWS\$NtUninstallKB29142$\3014181502\version - will be deleted on reboot
11:13:25.0484 2476 NetBT ( Virus.Win32.ZAccess.k ) - User select action: Cure
11:13:47.0640 1148 Deinitialize success



Farbar Service Scanner Version: 30-04-2012 01
Ran by Edwin Hildebrand (administrator) on 06-05-2012 at 11:20:35
Running from "C:\Documents and Settings\Edwin Hildebrand\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0C0000000400000001000000020000000300000009000000080000000500000006000000070000000A0000000B0000000C000000
IpSec Tag value is correct.

**** End of log ****

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:24 PM

Posted 06 May 2012 - 06:44 PM

Restart the PC ,run TDSSkiller once again and post the log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 reedncg

reedncg
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 07 May 2012 - 03:51 AM

Shot myself in the foot. (again!) Ran TDSS again and it came up with 20 suspicious files. I checked the delete box on them all. Bang! Did a restart and got a blue screen saying I might have a virus on my hard drive. Finally got a good reboot by booting from last known good configuration. Now I no longer have internet connection. Log from TDSS follows. I have not run any of the other programs you suggested until I can get my screw-up fixed. Hope you can help. Thanks, Ed

17:10:05.0015 1524 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
17:10:07.0015 1524 ============================================================
17:10:07.0015 1524 Current date / time: 2012/05/06 17:10:07.0015
17:10:07.0015 1524 SystemInfo:
17:10:07.0015 1524
17:10:07.0015 1524 OS Version: 5.1.2600 ServicePack: 3.0
17:10:07.0015 1524 Product type: Workstation
17:10:07.0015 1524 ComputerName: D3SP6181
17:10:07.0015 1524 UserName: Edwin Hildebrand
17:10:07.0015 1524 Windows directory: C:\WINDOWS
17:10:07.0015 1524 System windows directory: C:\WINDOWS
17:10:07.0015 1524 Processor architecture: Intel x86
17:10:07.0015 1524 Number of processors: 2
17:10:07.0015 1524 Page size: 0x1000
17:10:07.0015 1524 Boot type: Normal boot
17:10:07.0015 1524 ============================================================
17:10:13.0093 1524 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:10:13.0093 1524 Drive \Device\Harddisk1\DR4 - Size: 0xEF3FE00 (0.23 Gb), SectorSize: 0x200, Cylinders: 0x1E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:10:13.0093 1524 ============================================================
17:10:13.0093 1524 \Device\Harddisk0\DR0:
17:10:13.0093 1524 MBR partitions:
17:10:13.0093 1524 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xFB04, BlocksNum 0x8E7BB54
17:10:13.0093 1524 \Device\Harddisk1\DR4:
17:10:13.0093 1524 MBR partitions:
17:10:13.0093 1524 \Device\Harddisk1\DR4\Partition0: MBR, Type 0xE, StartLBA 0x4, BlocksNum 0x779FB
17:10:13.0093 1524 ============================================================
17:10:13.0140 1524 C: <-> \Device\Harddisk0\DR0\Partition0
17:10:13.0140 1524 ============================================================
17:10:13.0140 1524 Initialize success
17:10:13.0140 1524 ============================================================
17:10:28.0921 0500 ============================================================
17:10:28.0921 0500 Scan started
17:10:28.0921 0500 Mode: Manual; SigCheck; TDLFS;
17:10:28.0921 0500 ============================================================
17:10:29.0218 0500 a016obex - ok
17:10:29.0250 0500 Abiosdsk - ok
17:10:29.0265 0500 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
17:10:29.0953 0500 abp480n5 - ok
17:10:30.0015 0500 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:10:30.0156 0500 ACPI - ok
17:10:30.0312 0500 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:10:30.0609 0500 ACPIEC - ok
17:10:30.0625 0500 adihdaudaddservice - ok
17:10:30.0718 0500 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:10:30.0734 0500 AdobeFlashPlayerUpdateSvc - ok
17:10:30.0765 0500 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
17:10:31.0015 0500 adpu160m - ok
17:10:31.0062 0500 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:10:31.0218 0500 aec - ok
17:10:31.0281 0500 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:10:31.0484 0500 AFD - ok
17:10:31.0484 0500 afs2k - ok
17:10:31.0515 0500 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
17:10:31.0687 0500 agp440 - ok
17:10:31.0703 0500 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
17:10:31.0875 0500 agpCPQ - ok
17:10:31.0921 0500 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
17:10:32.0078 0500 Aha154x - ok
17:10:32.0125 0500 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
17:10:32.0343 0500 aic78u2 - ok
17:10:32.0390 0500 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
17:10:32.0625 0500 aic78xx - ok
17:10:32.0625 0500 aksusb - ok
17:10:32.0812 0500 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
17:10:32.0984 0500 Alerter - ok
17:10:33.0000 0500 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
17:10:33.0093 0500 ALG - ok
17:10:33.0125 0500 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
17:10:33.0343 0500 AliIde - ok
17:10:33.0390 0500 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
17:10:33.0562 0500 alim1541 - ok
17:10:33.0593 0500 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
17:10:33.0765 0500 amdagp - ok
17:10:33.0765 0500 AmdIde - ok
17:10:33.0781 0500 amdk8 - ok
17:10:33.0828 0500 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
17:10:33.0984 0500 amsint - ok
17:10:33.0984 0500 AN983 - ok
17:10:34.0125 0500 Apple Mobile Device (d503df3aba595f551b98b9bae017a271) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:10:34.0234 0500 Apple Mobile Device - ok
17:10:34.0234 0500 AppMgmt - ok
17:10:34.0250 0500 arc - ok
17:10:34.0265 0500 armoucfltr - ok
17:10:34.0312 0500 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
17:10:34.0546 0500 asc - ok
17:10:34.0578 0500 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
17:10:34.0718 0500 asc3350p - ok
17:10:34.0750 0500 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
17:10:34.0984 0500 asc3550 - ok
17:10:35.0031 0500 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
17:10:35.0125 0500 ASCTRM ( UnsignedFile.Multi.Generic ) - warning
17:10:35.0125 0500 ASCTRM - detected UnsignedFile.Multi.Generic (1)
17:10:35.0125 0500 ASLDRService - ok
17:10:35.0265 0500 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:10:35.0437 0500 aspnet_state - ok
17:10:35.0453 0500 asuskeyboardservice - ok
17:10:35.0453 0500 ASUSVRC - ok
17:10:35.0500 0500 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:10:35.0671 0500 AsyncMac - ok
17:10:35.0703 0500 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:10:35.0828 0500 atapi - ok
17:10:35.0843 0500 Atdisk - ok
17:10:36.0046 0500 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:10:36.0312 0500 Atmarpc - ok
17:10:36.0609 0500 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
17:10:36.0937 0500 AudioSrv - ok
17:10:36.0968 0500 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:10:37.0125 0500 audstub - ok
17:10:37.0125 0500 avgarcln - ok
17:10:37.0125 0500 avgmfx86 - ok
17:10:37.0156 0500 avgtdi - ok
17:10:37.0171 0500 avsvcmonitor - ok
17:10:37.0281 0500 BBSvc (2ed050291bc1d7f9e322e328db3aaecf) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
17:10:37.0406 0500 BBSvc - ok
17:10:37.0484 0500 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
17:10:37.0593 0500 BBUpdate - ok
17:10:37.0593 0500 bc_ip_f - ok
17:10:37.0609 0500 bc_tdi_f - ok
17:10:37.0656 0500 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:10:37.0812 0500 Beep - ok
17:10:37.0875 0500 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
17:10:38.0171 0500 BITS - ok
17:10:38.0250 0500 Bonjour Service (ebad0f51d8d4dade7660b1851addbd07) C:\Program Files\Bonjour\mDNSResponder.exe
17:10:38.0484 0500 Bonjour Service - ok
17:10:38.0515 0500 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
17:10:38.0671 0500 Browser - ok
17:10:38.0687 0500 btcsrusb - ok
17:10:38.0687 0500 btdriver - ok
17:10:38.0703 0500 bthpan - ok
17:10:38.0734 0500 bvrp_pci - ok
17:10:38.0750 0500 Cap7134 - ok
17:10:38.0796 0500 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
17:10:38.0968 0500 cbidf - ok
17:10:38.0968 0500 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:10:39.0109 0500 cbidf2k - ok
17:10:39.0109 0500 CBN - ok
17:10:39.0171 0500 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:10:39.0312 0500 CCDECODE - ok
17:10:39.0468 0500 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
17:10:39.0625 0500 cd20xrnt - ok
17:10:39.0640 0500 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:10:39.0796 0500 Cdaudio - ok
17:10:39.0843 0500 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:10:40.0000 0500 Cdfs - ok
17:10:40.0015 0500 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:10:40.0187 0500 Cdrom - ok
17:10:40.0187 0500 cdvp - ok
17:10:40.0203 0500 cebdaldr - ok
17:10:40.0250 0500 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\WINDOWS\system32\drivers\cfwids.sys
17:10:40.0437 0500 cfwids - ok
17:10:40.0500 0500 Changer - ok
17:10:40.0531 0500 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
17:10:40.0687 0500 CiSvc - ok
17:10:40.0718 0500 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
17:10:40.0906 0500 ClipSrv - ok
17:10:41.0187 0500 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:10:41.0406 0500 clr_optimization_v2.0.50727_32 - ok
17:10:41.0500 0500 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:10:41.0593 0500 clr_optimization_v4.0.30319_32 - ok
17:10:41.0640 0500 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
17:10:41.0796 0500 CmdIde - ok
17:10:41.0796 0500 COMSysApp - ok
17:10:41.0859 0500 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
17:10:42.0015 0500 Cpqarray - ok
17:10:42.0078 0500 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
17:10:42.0218 0500 CryptSvc - ok
17:10:42.0218 0500 ctxcpubal - ok
17:10:42.0234 0500 CVPNDRVA - ok
17:10:42.0250 0500 cwafreportscheduler - ok
17:10:42.0312 0500 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
17:10:42.0500 0500 dac2w2k - ok
17:10:42.0531 0500 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
17:10:42.0750 0500 dac960nt - ok
17:10:42.0984 0500 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:10:43.0109 0500 DcomLaunch - ok
17:10:43.0156 0500 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
17:10:43.0312 0500 Dhcp - ok
17:10:43.0453 0500 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:10:43.0640 0500 Disk - ok
17:10:43.0640 0500 dlbu_device - ok
17:10:43.0640 0500 dmadmin - ok
17:10:43.0718 0500 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:10:44.0031 0500 dmboot - ok
17:10:44.0078 0500 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:10:44.0250 0500 dmio - ok
17:10:44.0296 0500 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:10:44.0437 0500 dmload - ok
17:10:44.0546 0500 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
17:10:44.0718 0500 dmserver - ok
17:10:44.0750 0500 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:10:44.0890 0500 DMusic - ok
17:10:44.0937 0500 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
17:10:45.0093 0500 Dnscache - ok
17:10:45.0140 0500 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
17:10:45.0312 0500 Dot3svc - ok
17:10:45.0515 0500 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
17:10:45.0718 0500 dpti2o - ok
17:10:45.0750 0500 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:10:45.0921 0500 drmkaud - ok
17:10:46.0187 0500 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
17:10:46.0281 0500 drvmcdb ( UnsignedFile.Multi.Generic ) - warning
17:10:46.0281 0500 drvmcdb - detected UnsignedFile.Multi.Generic (1)
17:10:46.0953 0500 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
17:10:47.0093 0500 drvnddm ( UnsignedFile.Multi.Generic ) - warning
17:10:47.0093 0500 drvnddm - detected UnsignedFile.Multi.Generic (1)
17:10:47.0218 0500 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
17:10:47.0328 0500 DSBrokerService - ok
17:10:47.0515 0500 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
17:10:47.0593 0500 DSproct ( UnsignedFile.Multi.Generic ) - warning
17:10:47.0593 0500 DSproct - detected UnsignedFile.Multi.Generic (1)
17:10:47.0640 0500 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
17:10:47.0734 0500 dsunidrv - ok
17:10:47.0734 0500 dtsrvc - ok
17:10:47.0750 0500 E1000 - ok
17:10:47.0796 0500 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:10:47.0937 0500 E100B - ok
17:10:48.0031 0500 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
17:10:48.0218 0500 EapHost - ok
17:10:48.0218 0500 ELmon - ok
17:10:48.0234 0500 emAudio - ok
17:10:48.0281 0500 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
17:10:48.0484 0500 ERSvc - ok
17:10:48.0515 0500 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:10:48.0562 0500 Eventlog - ok
17:10:48.0625 0500 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
17:10:48.0703 0500 EventSystem - ok
17:10:48.0750 0500 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:10:48.0906 0500 Fastfat - ok
17:10:48.0953 0500 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:10:49.0078 0500 FastUserSwitchingCompatibility - ok
17:10:49.0140 0500 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
17:10:49.0296 0500 Fax - ok
17:10:49.0328 0500 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:10:49.0500 0500 Fdc - ok
17:10:49.0531 0500 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:10:49.0687 0500 Fips - ok
17:10:49.0718 0500 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:10:49.0875 0500 Flpydisk - ok
17:10:49.0921 0500 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:10:50.0078 0500 FltMgr - ok
17:10:50.0218 0500 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:10:50.0250 0500 FontCache3.0.0.0 - ok
17:10:50.0265 0500 fsssvc - ok
17:10:50.0312 0500 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:10:50.0453 0500 Fs_Rec - ok
17:10:50.0515 0500 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:10:50.0656 0500 Ftdisk - ok
17:10:50.0671 0500 G400DH - ok
17:10:50.0703 0500 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:10:50.0796 0500 GEARAspiWDM - ok
17:10:50.0875 0500 getPlus® Helper (35a1f815962f3552066c6be4c969d297) C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
17:10:52.0187 0500 getPlus® Helper - ok
17:10:52.0203 0500 gotomypc - ok
17:10:52.0234 0500 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:10:52.0406 0500 Gpc - ok
17:10:52.0500 0500 gupdate1ca0904829b59be (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
17:10:52.0515 0500 gupdate1ca0904829b59be - ok
17:10:52.0515 0500 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
17:10:52.0531 0500 gupdatem - ok
17:10:52.0593 0500 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:10:52.0703 0500 gusvc - ok
17:10:52.0718 0500 GVCplDrv - ok
17:10:52.0812 0500 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:10:52.0953 0500 helpsvc - ok
17:10:52.0968 0500 hf30service - ok
17:10:53.0015 0500 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
17:10:53.0171 0500 HidServ - ok
17:10:53.0187 0500 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:10:53.0328 0500 HidUsb - ok
17:10:53.0406 0500 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
17:10:53.0593 0500 hkmsvc - ok
17:10:53.0593 0500 Hotkey - ok
17:10:53.0640 0500 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
17:10:53.0859 0500 hpn - ok
17:10:53.0890 0500 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:10:54.0109 0500 HPZid412 - ok
17:10:54.0140 0500 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:10:54.0296 0500 HPZipr12 - ok
17:10:54.0328 0500 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:10:54.0640 0500 HPZius12 - ok
17:10:54.0703 0500 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:10:54.0765 0500 HTTP - ok
17:10:54.0812 0500 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
17:10:55.0000 0500 HTTPFilter - ok
17:10:55.0000 0500 HWSCtrl - ok
17:10:55.0046 0500 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
17:10:55.0203 0500 i2omgmt - ok
17:10:55.0234 0500 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
17:10:55.0390 0500 i2omp - ok
17:10:55.0421 0500 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:10:55.0562 0500 i8042prt - ok
17:10:55.0687 0500 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
17:10:56.0218 0500 ialm - ok
17:10:56.0234 0500 ICAM5USB - ok
17:10:56.0234 0500 ichaud - ok
17:10:56.0250 0500 id2scaps - ok
17:10:56.0281 0500 idebusdr - ok
17:10:56.0484 0500 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:10:56.0812 0500 idsvc - ok
17:10:56.0890 0500 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:10:57.0046 0500 Imapi - ok
17:10:57.0093 0500 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
17:10:57.0250 0500 ImapiService - ok
17:10:57.0250 0500 imaservice - ok
17:10:57.0296 0500 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
17:10:57.0515 0500 ini910u - ok
17:10:57.0531 0500 ino_flpy - ok
17:10:57.0625 0500 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\WINDOWS\system32\DRIVERS\IntelC51.sys
17:10:57.0984 0500 IntelC51 - ok
17:10:58.0031 0500 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\WINDOWS\system32\DRIVERS\IntelC52.sys
17:10:58.0312 0500 IntelC52 - ok
17:10:58.0453 0500 IntelC53 (cf0b937710cec6ef39416edecd803cbb) C:\WINDOWS\system32\DRIVERS\IntelC53.sys
17:10:58.0578 0500 IntelC53 - ok
17:10:58.0625 0500 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
17:10:58.0765 0500 IntelIde - ok
17:10:58.0812 0500 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:10:58.0953 0500 intelppm - ok
17:10:59.0078 0500 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
17:10:59.0171 0500 IntuitUpdateService - ok
17:10:59.0250 0500 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
17:10:59.0343 0500 IntuitUpdateServiceV4 - ok
17:10:59.0343 0500 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:10:59.0546 0500 Ip6Fw - ok
17:10:59.0593 0500 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:10:59.0734 0500 IpFilterDriver - ok
17:10:59.0765 0500 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:10:59.0921 0500 IpInIp - ok
17:10:59.0953 0500 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:11:00.0109 0500 IpNat - ok
17:11:00.0171 0500 iPod Service (3c30491045dbbd44a42876b3d6f3917d) C:\Program Files\iPod\bin\iPodService.exe
17:11:00.0375 0500 iPod Service - ok
17:11:00.0390 0500 ipodservice - ok
17:11:00.0421 0500 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:11:00.0578 0500 IPSec - ok
17:11:00.0609 0500 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:11:00.0703 0500 IRENUM - ok
17:11:00.0718 0500 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:11:00.0875 0500 isapnp - ok
17:11:00.0875 0500 isdrv120 - ok
17:11:00.0890 0500 issvc - ok
17:11:00.0906 0500 itchfltr - ok
17:11:01.0046 0500 JavaQuickStarterService (5e06a9d23727daf96faa796f1135fdcd) C:\Program Files\Java\jre6\bin\jqs.exe
17:11:01.0140 0500 JavaQuickStarterService - ok
17:11:01.0140 0500 Jukebox - ok
17:11:01.0156 0500 jukebox3 - ok
17:11:01.0187 0500 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:11:01.0328 0500 Kbdclass - ok
17:11:01.0343 0500 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:11:01.0484 0500 kbdhid - ok
17:11:01.0484 0500 kl1 - ok
17:11:01.0500 0500 KLOGNT - ok
17:11:01.0562 0500 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:11:01.0718 0500 kmixer - ok
17:11:01.0765 0500 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:11:01.0937 0500 KSecDD - ok
17:11:01.0937 0500 L8042Kbd - ok
17:11:01.0984 0500 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
17:11:02.0125 0500 lanmanserver - ok
17:11:02.0171 0500 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
17:11:02.0250 0500 lanmanworkstation - ok
17:11:02.0296 0500 LBeepKE (c99ba72106a858cb8b521bb4c02c93ed) C:\WINDOWS\system32\Drivers\LBeepKE.sys
17:11:02.0437 0500 LBeepKE - ok
17:11:02.0453 0500 lbrtfdc - ok
17:11:02.0593 0500 LBTServ (0f98b9384c37c8c29904b8ae4359a54f) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:11:02.0765 0500 LBTServ - ok
17:11:02.0765 0500 ldlcserv - ok
17:11:02.0812 0500 LHidFilt (318b3d608fbec44b7e0c23bf759dced5) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
17:11:02.0890 0500 LHidFilt - ok
17:11:02.0906 0500 lkcitadelserver - ok
17:11:02.0921 0500 lkclassads - ok
17:11:02.0984 0500 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
17:11:03.0203 0500 LmHosts - ok
17:11:03.0203 0500 LMIRfsClientNP - ok
17:11:03.0250 0500 LMouFilt (84af069d219df3c43dc6792b2bbd7bed) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
17:11:03.0406 0500 LMouFilt - ok
17:11:03.0437 0500 lusbaudio (f57fcbfbbd7ff68cc286f6fefeaed2b2) C:\WINDOWS\system32\drivers\lvsound2.sys
17:11:03.0562 0500 lusbaudio ( UnsignedFile.Multi.Generic ) - warning
17:11:03.0562 0500 lusbaudio - detected UnsignedFile.Multi.Generic (1)
17:11:03.0609 0500 LVBulk (eb17c2146d2bafa79c67e35229f4297c) C:\WINDOWS\system32\DRIVERS\LVBulk.sys
17:11:03.0703 0500 LVBulk ( UnsignedFile.Multi.Generic ) - warning
17:11:03.0703 0500 LVBulk - detected UnsignedFile.Multi.Generic (1)
17:11:03.0718 0500 lvpr2mon - ok
17:11:03.0765 0500 LVVI500A (c4a1debc2b9a61a31d2616c2c6c03eee) C:\WINDOWS\system32\DRIVERS\lvvi500a.sys
17:11:03.0875 0500 LVVI500A ( UnsignedFile.Multi.Generic ) - warning
17:11:03.0875 0500 LVVI500A - detected UnsignedFile.Multi.Generic (1)
17:11:03.0890 0500 lxbx_device - ok
17:11:03.0890 0500 lxby_device - ok
17:11:03.0906 0500 MA8032M - ok
17:11:03.0921 0500 MA8032U - ok
17:11:03.0953 0500 ma_cmidi_installerservice - ok
17:11:04.0062 0500 McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
17:11:04.0171 0500 McAfee SiteAdvisor Service - ok
17:11:04.0296 0500 McAWFwk (3a346239cd2d75be7f54be7e28eb5e4f) c:\PROGRA~1\mcafee\msc\mcawfwk.exe
17:11:04.0609 0500 McAWFwk - ok
17:11:04.0609 0500 McciCMService - ok
17:11:04.0625 0500 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
17:11:04.0640 0500 McMPFSvc - ok
17:11:04.0656 0500 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
17:11:04.0671 0500 mcmscsvc - ok
17:11:04.0687 0500 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
17:11:04.0703 0500 McNaiAnn - ok
17:11:04.0703 0500 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
17:11:04.0734 0500 McNASvc - ok
17:11:05.0234 0500 McODS (42117cbc4849a5cf11129912dabbdeca) C:\Program Files\McAfee\VirusScan\mcods.exe
17:11:05.0625 0500 McODS - ok
17:11:05.0625 0500 McOobeSv (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
17:11:05.0640 0500 McOobeSv - ok
17:11:05.0656 0500 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
17:11:05.0671 0500 McProxy - ok
17:11:05.0718 0500 McPvDrv (000751813ecef491689176e72b3a8bee) C:\WINDOWS\system32\drivers\McPvDrv.sys
17:11:05.0906 0500 McPvDrv - ok
17:11:05.0968 0500 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
17:11:06.0062 0500 McShield - ok
17:11:06.0109 0500 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
17:11:06.0265 0500 Messenger - ok
17:11:06.0312 0500 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\WINDOWS\system32\drivers\mfeapfk.sys
17:11:06.0406 0500 mfeapfk - ok
17:11:07.0953 0500 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\WINDOWS\system32\drivers\mfeavfk.sys
17:11:08.0046 0500 mfeavfk - ok
17:11:08.0062 0500 mfeavfk01 - ok
17:11:08.0109 0500 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\WINDOWS\system32\drivers\mfebopk.sys
17:11:08.0203 0500 mfebopk - ok
17:11:08.0250 0500 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
17:11:08.0343 0500 mfefire - ok
17:11:08.0484 0500 mfefirek (4ea6ff90015424517843e931448e00f1) C:\WINDOWS\system32\drivers\mfefirek.sys
17:11:08.0640 0500 mfefirek - ok
17:11:08.0687 0500 mfehidk (d1e998748ba24a731106611d535c6bbf) C:\WINDOWS\system32\drivers\mfehidk.sys
17:11:08.0937 0500 mfehidk - ok
17:11:08.0968 0500 mfendisk (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
17:11:09.0125 0500 mfendisk - ok
17:11:09.0125 0500 mfendiskmp (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
17:11:09.0140 0500 mfendiskmp - ok
17:11:09.0187 0500 mferkdet (f454a13377f0a006d20a8c14a753c432) C:\WINDOWS\system32\drivers\mferkdet.sys
17:11:09.0296 0500 mferkdet - ok
17:11:09.0328 0500 mfetdi2k (070d3faf2eac417c59d8674a8752f7a6) C:\WINDOWS\system32\drivers\mfetdi2k.sys
17:11:09.0437 0500 mfetdi2k - ok
17:11:09.0484 0500 mfevtp (b10c4efd40810c08f4b44df2efcb54f7) C:\WINDOWS\system32\mfevtps.exe
17:11:09.0578 0500 mfevtp - ok
17:11:09.0593 0500 mksupdateint - ok
17:11:09.0625 0500 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:11:09.0765 0500 mnmdd - ok
17:11:09.0828 0500 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
17:11:09.0984 0500 mnmsrvc - ok
17:11:09.0984 0500 MobilePreInstallerService - ok
17:11:10.0000 0500 mod7700 - ok
17:11:10.0046 0500 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:11:10.0203 0500 Modem - ok
17:11:10.0234 0500 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
17:11:10.0468 0500 MODEMCSA - ok
17:11:10.0484 0500 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\WINDOWS\system32\DRIVERS\mohfilt.sys
17:11:10.0609 0500 mohfilt - ok
17:11:10.0609 0500 motmodem - ok
17:11:10.0656 0500 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:11:10.0796 0500 Mouclass - ok
17:11:10.0828 0500 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:11:10.0984 0500 mouhid - ok
17:11:11.0000 0500 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:11:11.0156 0500 MountMgr - ok
17:11:11.0187 0500 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17:11:11.0421 0500 mraid35x - ok
17:11:11.0468 0500 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:11:11.0625 0500 MRxDAV - ok
17:11:11.0671 0500 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:11:11.0937 0500 MRxSmb - ok
17:11:12.0000 0500 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
17:11:12.0156 0500 MSDTC - ok
17:11:12.0218 0500 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:11:12.0406 0500 Msfs - ok
17:11:12.0421 0500 MSIServer - ok
17:11:12.0562 0500 MSK80Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
17:11:12.0578 0500 MSK80Service - ok
17:11:12.0578 0500 mskservice - ok
17:11:12.0609 0500 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:11:12.0765 0500 MSKSSRV - ok
17:11:12.0812 0500 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:11:12.0953 0500 MSPCLOCK - ok
17:11:12.0968 0500 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:11:13.0109 0500 MSPQM - ok
17:11:13.0156 0500 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:11:13.0296 0500 mssmbios - ok
17:11:13.0296 0500 mstdc - ok
17:11:13.0328 0500 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:11:13.0484 0500 MSTEE - ok
17:11:13.0531 0500 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:11:13.0656 0500 Mup - ok
17:11:13.0656 0500 mxserver - ok
17:11:13.0718 0500 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:11:13.0859 0500 NABTSFEC - ok
17:11:13.0906 0500 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
17:11:14.0078 0500 napagent - ok
17:11:14.0109 0500 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:11:14.0265 0500 NDIS - ok
17:11:14.0312 0500 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:11:14.0484 0500 NdisIP - ok
17:11:14.0531 0500 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:11:14.0671 0500 NdisTapi - ok
17:11:14.0718 0500 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:11:14.0859 0500 Ndisuio - ok
17:11:14.0890 0500 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:11:15.0031 0500 NdisWan - ok
17:11:15.0078 0500 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:11:15.0234 0500 NDProxy - ok
17:11:15.0281 0500 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:11:15.0421 0500 NetBIOS - ok
17:11:15.0468 0500 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:11:15.0625 0500 NetBT - ok
17:11:15.0671 0500 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:11:15.0828 0500 NetDDE - ok
17:11:15.0828 0500 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
17:11:15.0968 0500 NetDDEdsdm - ok
17:11:15.0968 0500 NETGEAR_MA111 - ok
17:11:16.0015 0500 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:11:16.0156 0500 Netlogon - ok
17:11:16.0218 0500 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
17:11:16.0359 0500 Netman - ok
17:11:16.0609 0500 NetSvc (02d0798f376fcbd0210eda58476d0b1b) C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
17:11:16.0734 0500 NetSvc ( UnsignedFile.Multi.Generic ) - warning
17:11:16.0734 0500 NetSvc - detected UnsignedFile.Multi.Generic (1)
17:11:16.0859 0500 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:11:16.0906 0500 NetTcpPortSharing - ok
17:11:16.0921 0500 nisvcloc - ok
17:11:16.0968 0500 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
17:11:17.0015 0500 Nla - ok
17:11:17.0062 0500 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:11:17.0203 0500 Npfs - ok
17:11:17.0218 0500 npkcrypt - ok
17:11:17.0265 0500 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:11:17.0609 0500 Ntfs - ok
17:11:17.0609 0500 ntiopnp - ok
17:11:17.0656 0500 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:11:17.0781 0500 NtLmSsp - ok
17:11:17.0843 0500 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
17:11:18.0062 0500 NtmsSvc - ok
17:11:18.0062 0500 NTSIM - ok
17:11:18.0109 0500 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
17:11:18.0203 0500 NuidFltr - ok
17:11:18.0234 0500 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:11:18.0453 0500 Null - ok
17:11:18.0968 0500 nv (ed9816dbaf6689542ea7d022631906a1) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:11:21.0468 0500 nv - ok
17:11:21.0593 0500 NVSvc (a2322c6207ebb0761a6c8cc9003ebacf) C:\WINDOWS\system32\nvsvc32.exe
17:11:21.0718 0500 NVSvc - ok
17:11:21.0718 0500 NWFILTER - ok
17:11:21.0812 0500 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:11:21.0968 0500 NwlnkFlt - ok
17:11:22.0000 0500 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:11:22.0156 0500 NwlnkFwd - ok
17:11:22.0156 0500 oracleorahome811cmadmin - ok
17:11:22.0171 0500 oracleorahome92tnslistener - ok
17:11:22.0187 0500 oraclesnmppeerencapsulator - ok
17:11:22.0218 0500 papyjoy - ok
17:11:22.0265 0500 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
17:11:22.0437 0500 Parport - ok
17:11:22.0468 0500 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:11:22.0578 0500 PartMgr - ok
17:11:22.0625 0500 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:11:22.0765 0500 ParVdm - ok
17:11:22.0781 0500 pavsrv - ok
17:11:22.0781 0500 PCDRSRVC - ok
17:11:22.0812 0500 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:11:22.0953 0500 PCI - ok
17:11:22.0968 0500 PCIDump - ok
17:11:23.0015 0500 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:11:23.0156 0500 PCIIde - ok
17:11:23.0218 0500 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:11:23.0453 0500 Pcmcia - ok
17:11:23.0468 0500 PDCOMP - ok
17:11:23.0468 0500 pdfcreatormessages - ok
17:11:23.0484 0500 PDFRAME - ok
17:11:23.0515 0500 pdlncbas - ok
17:11:23.0531 0500 PDRELI - ok
17:11:23.0546 0500 PDRFRAME - ok
17:11:23.0593 0500 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
17:11:23.0812 0500 perc2 - ok
17:11:23.0859 0500 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
17:11:24.0000 0500 perc2hib - ok
17:11:24.0031 0500 pinnaclesys.mediaserver - ok
17:11:24.0062 0500 plsremotesvc - ok
17:11:24.0125 0500 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
17:11:24.0140 0500 PlugPlay - ok
17:11:24.0187 0500 Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\system32\HPZipm12.exe
17:11:24.0296 0500 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:11:24.0296 0500 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:11:24.0296 0500 pnrouter - ok
17:11:24.0625 0500 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:11:24.0734 0500 PolicyAgent - ok
17:11:24.0750 0500 portmapper - ok
17:11:24.0843 0500 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:11:25.0000 0500 PptpMiniport - ok
17:11:25.0000 0500 processor - ok
17:11:25.0015 0500 profos - ok
17:11:25.0031 0500 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:11:25.0156 0500 ProtectedStorage - ok
17:11:25.0156 0500 proxyhostservice - ok
17:11:25.0187 0500 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:11:25.0343 0500 PSched - ok
17:11:25.0562 0500 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:11:25.0703 0500 Ptilink - ok
17:11:25.0703 0500 pxfhserd - ok
17:11:25.0750 0500 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:11:25.0781 0500 PxHelp20 - ok
17:11:25.0828 0500 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
17:11:25.0984 0500 ql1080 - ok
17:11:26.0015 0500 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
17:11:26.0171 0500 Ql10wnt - ok
17:11:26.0218 0500 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
17:11:26.0343 0500 ql12160 - ok
17:11:26.0562 0500 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
17:11:26.0734 0500 ql1240 - ok
17:11:26.0765 0500 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
17:11:26.0921 0500 ql1280 - ok
17:11:26.0921 0500 quickhealfirewall - ok
17:11:26.0968 0500 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:11:27.0093 0500 RasAcd - ok
17:11:27.0140 0500 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
17:11:27.0296 0500 RasAuto - ok
17:11:27.0312 0500 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:11:27.0453 0500 Rasl2tp - ok
17:11:27.0515 0500 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
17:11:27.0656 0500 RasMan - ok
17:11:27.0687 0500 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:11:27.0828 0500 RasPppoe - ok
17:11:27.0859 0500 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:11:27.0984 0500 Raspti - ok
17:11:28.0015 0500 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:11:28.0171 0500 Rdbss - ok
17:11:28.0187 0500 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:11:28.0312 0500 RDPCDD - ok
17:11:28.0468 0500 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:11:28.0625 0500 rdpdr - ok
17:11:28.0671 0500 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
17:11:28.0937 0500 RDPWD - ok
17:11:28.0984 0500 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
17:11:29.0140 0500 RDSessMgr - ok
17:11:29.0156 0500 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:11:29.0312 0500 redbook - ok
17:11:29.0312 0500 regmanserv - ok
17:11:29.0328 0500 regspy - ok
17:11:30.0156 0500 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
17:11:30.0484 0500 RemoteAccess - ok
17:11:30.0515 0500 RimSerPort - ok
17:11:30.0515 0500 rismxdp - ok
17:11:30.0531 0500 roxmediadb - ok
17:11:30.0546 0500 roxwatch9 - ok
17:11:30.0578 0500 rpaservice - ok
17:11:31.0484 0500 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
17:11:31.0625 0500 RpcLocator - ok
17:11:31.0625 0500 rpcnet - ok
17:11:31.0703 0500 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
17:11:31.0781 0500 RpcSs - ok
17:11:31.0812 0500 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
17:11:31.0984 0500 RSVP - ok
17:11:32.0046 0500 RT2500 (e2988349fe0567cbe4161cc653575a8e) C:\WINDOWS\system32\DRIVERS\RT2500.sys
17:11:32.0250 0500 RT2500 - ok
17:11:32.0250 0500 s116nd5 - ok
17:11:32.0265 0500 s217nd5 - ok
17:11:32.0281 0500 s616bus - ok
17:11:32.0328 0500 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
17:11:32.0453 0500 SamSs - ok
17:11:32.0468 0500 savrtpel - ok
17:11:32.0484 0500 scanexplicit - ok
17:11:32.0515 0500 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
17:11:32.0671 0500 SCardSvr - ok
17:11:32.0734 0500 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
17:11:32.0890 0500 Schedule - ok
17:11:32.0890 0500 scramby - ok
17:11:32.0906 0500 SeaPort - ok
17:11:32.0953 0500 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:11:33.0046 0500 Secdrv - ok
17:11:33.0093 0500 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
17:11:33.0234 0500 seclogon - ok
17:11:33.0453 0500 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
17:11:33.0750 0500 senfilt - ok
17:11:33.0781 0500 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
17:11:33.0937 0500 SENS - ok
17:11:33.0953 0500 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:11:34.0093 0500 serenum - ok
17:11:34.0140 0500 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:11:34.0281 0500 Serial - ok
17:11:34.0328 0500 sfilter - ok
17:11:34.0406 0500 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:11:34.0531 0500 Sfloppy - ok
17:11:34.0546 0500 sfrem01 - ok
17:11:34.0609 0500 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
17:11:34.0828 0500 SharedAccess - ok
17:11:34.0859 0500 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:11:34.0890 0500 ShellHWDetection - ok
17:11:34.0906 0500 Simbad - ok
17:11:34.0953 0500 SimpTcp (32933b07fc16d9f778bee12545fa1b1a) C:\WINDOWS\system32\tcpsvcs.exe
17:11:35.0078 0500 SimpTcp - ok
17:11:35.0125 0500 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
17:11:35.0250 0500 sisagp - ok
17:11:35.0296 0500 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:11:35.0437 0500 SLIP - ok
17:11:35.0468 0500 smartscaps - ok
17:11:35.0484 0500 smbios - ok
17:11:35.0484 0500 smcirda - ok
17:11:35.0515 0500 smsmdd - ok
17:11:35.0609 0500 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
17:11:35.0656 0500 smwdm - ok
17:11:35.0671 0500 SndTDriverV32 - ok
17:11:35.0703 0500 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
17:11:35.0781 0500 Sparrow - ok
17:11:35.0796 0500 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:11:35.0937 0500 splitter - ok
17:11:36.0000 0500 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
17:11:36.0109 0500 Spooler - ok
17:11:36.0187 0500 sprtsvc_dellsupportcenter - ok
17:11:36.0343 0500 SPService - ok
17:11:36.0406 0500 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:11:36.0484 0500 sr - ok
17:11:36.0546 0500 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
17:11:36.0640 0500 srservice - ok
17:11:36.0687 0500 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:11:36.0921 0500 Srv - ok
17:11:36.0921 0500 SrvcEKIOMngr - ok
17:11:36.0937 0500 srvdpi - ok
17:11:37.0000 0500 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
17:11:37.0078 0500 sscdbhk5 ( UnsignedFile.Multi.Generic ) - warning
17:11:37.0078 0500 sscdbhk5 - detected UnsignedFile.Multi.Generic (1)
17:11:37.0093 0500 sscdmdm - ok
17:11:37.0140 0500 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
17:11:37.0218 0500 SSDPSRV - ok
17:11:37.0234 0500 ssoftservice - ok
17:11:37.0250 0500 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
17:11:37.0343 0500 ssrtln ( UnsignedFile.Multi.Generic ) - warning
17:11:37.0343 0500 ssrtln - detected UnsignedFile.Multi.Generic (1)
17:11:37.0359 0500 ss_mdfl - ok
17:11:37.0375 0500 st330service - ok
17:11:37.0390 0500 starwindservice - ok
17:11:37.0453 0500 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
17:11:37.0625 0500 StillCam - ok
17:11:37.0687 0500 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
17:11:37.0890 0500 stisvc - ok
17:11:37.0890 0500 Stltrk2k - ok
17:11:37.0953 0500 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:11:38.0078 0500 streamip - ok
17:11:38.0093 0500 surveyor - ok
17:11:38.0109 0500 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:11:38.0250 0500 swenum - ok
17:11:38.0296 0500 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:11:38.0453 0500 swmidi - ok
17:11:38.0453 0500 SwPrv - ok
17:11:38.0468 0500 SWUMX51 - ok
17:11:38.0500 0500 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
17:11:38.0703 0500 symc810 - ok
17:11:38.0734 0500 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
17:11:38.0953 0500 symc8xx - ok
17:11:38.0984 0500 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
17:11:39.0140 0500 sym_hi - ok
17:11:39.0187 0500 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
17:11:39.0406 0500 sym_u3 - ok
17:11:39.0437 0500 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:11:39.0578 0500 sysaudio - ok
17:11:39.0640 0500 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
17:11:39.0765 0500 SysmonLog - ok
17:11:39.0828 0500 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
17:11:39.0984 0500 TapiSrv - ok
17:11:40.0046 0500 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:11:40.0156 0500 Tcpip - ok
17:11:40.0156 0500 tdcmdpst - ok
17:11:40.0203 0500 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:11:40.0359 0500 TDPIPE - ok
17:11:40.0421 0500 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:11:40.0562 0500 TDTCP - ok
17:11:40.0609 0500 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:11:40.0750 0500 TermDD - ok
17:11:40.0828 0500 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
17:11:40.0984 0500 TermService - ok
17:11:41.0062 0500 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
17:11:41.0171 0500 tfsnboio ( UnsignedFile.Multi.Generic ) - warning
17:11:41.0171 0500 tfsnboio - detected UnsignedFile.Multi.Generic (1)
17:11:41.0187 0500 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
17:11:41.0296 0500 tfsncofs ( UnsignedFile.Multi.Generic ) - warning
17:11:41.0296 0500 tfsncofs - detected UnsignedFile.Multi.Generic (1)
17:11:41.0343 0500 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
17:11:41.0437 0500 tfsndrct ( UnsignedFile.Multi.Generic ) - warning
17:11:41.0437 0500 tfsndrct - detected UnsignedFile.Multi.Generic (1)
17:11:41.0484 0500 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
17:11:41.0578 0500 tfsndres ( UnsignedFile.Multi.Generic ) - warning
17:11:41.0578 0500 tfsndres - detected UnsignedFile.Multi.Generic (1)
17:11:41.0609 0500 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
17:11:41.0703 0500 tfsnifs ( UnsignedFile.Multi.Generic ) - warning
17:11:41.0703 0500 tfsnifs - detected UnsignedFile.Multi.Generic (1)
17:11:41.0718 0500 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
17:11:41.0812 0500 tfsnopio ( UnsignedFile.Multi.Generic ) - warning
17:11:41.0812 0500 tfsnopio - detected UnsignedFile.Multi.Generic (1)
17:11:41.0828 0500 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
17:11:41.0921 0500 tfsnpool ( UnsignedFile.Multi.Generic ) - warning
17:11:41.0921 0500 tfsnpool - detected UnsignedFile.Multi.Generic (1)
17:11:41.0937 0500 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
17:11:42.0046 0500 tfsnudf ( UnsignedFile.Multi.Generic ) - warning
17:11:42.0046 0500 tfsnudf - detected UnsignedFile.Multi.Generic (1)
17:11:42.0062 0500 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
17:11:42.0156 0500 tfsnudfa ( UnsignedFile.Multi.Generic ) - warning
17:11:42.0156 0500 tfsnudfa - detected UnsignedFile.Multi.Generic (1)
17:11:42.0203 0500 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
17:11:42.0218 0500 Themes - ok
17:11:42.0234 0500 TICalc - ok
17:11:42.0343 0500 TomTomHOMEService (efef22b9577e5051057fde1ae381b50c) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
17:11:42.0437 0500 TomTomHOMEService - ok
17:11:42.0468 0500 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
17:11:42.0593 0500 TosIde - ok
17:11:42.0609 0500 TPM - ok
17:11:42.0656 0500 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
17:11:42.0781 0500 TrkWks - ok
17:11:42.0843 0500 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
17:11:42.0984 0500 tunmp - ok
17:11:43.0000 0500 UDFReadr - ok
17:11:43.0015 0500 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:11:43.0156 0500 Udfs - ok
17:11:43.0171 0500 uiusys - ok
17:11:43.0218 0500 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
17:11:43.0390 0500 ultra - ok
17:11:43.0390 0500 UPATC - ok
17:11:43.0546 0500 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:11:43.0765 0500 Update - ok
17:11:43.0828 0500 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
17:11:43.0921 0500 upnphost - ok
17:11:43.0968 0500 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
17:11:44.0125 0500 UPS - ok
17:11:44.0125 0500 USB11LDR - ok
17:11:44.0140 0500 USB28xxBGA - ok
17:11:44.0187 0500 USBAAPL (e8c1b9ebac65288e1b51e8a987d98af6) C:\WINDOWS\system32\Drivers\usbaapl.sys
17:11:44.0390 0500 USBAAPL - ok
17:11:44.0437 0500 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
17:11:44.0562 0500 usbaudio - ok
17:11:44.0625 0500 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:11:44.0765 0500 usbccgp - ok
17:11:44.0781 0500 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:11:44.0921 0500 usbehci - ok
17:11:44.0968 0500 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:11:45.0109 0500 usbhub - ok
17:11:45.0171 0500 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:11:45.0312 0500 usbprint - ok
17:11:45.0640 0500 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:11:45.0843 0500 usbscan - ok
17:11:45.0953 0500 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:11:46.0093 0500 USBSTOR - ok
17:11:46.0140 0500 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:11:46.0281 0500 usbuhci - ok
17:11:46.0312 0500 USB_RNDIS (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys
17:11:46.0453 0500 USB_RNDIS - ok
17:11:46.0468 0500 uscbs108 - ok
17:11:46.0484 0500 USR1806V - ok
17:11:46.0484 0500 vaiomediaplatform-integratedserver-appserver - ok
17:11:46.0515 0500 vetfddnt - ok
17:11:46.0546 0500 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:11:46.0687 0500 VgaSave - ok
17:11:46.0718 0500 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
17:11:46.0875 0500 viaagp - ok
17:11:46.0906 0500 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
17:11:47.0062 0500 ViaIde - ok
17:11:47.0125 0500 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:11:47.0265 0500 VolSnap - ok
17:11:47.0281 0500 vpcbus - ok
17:11:47.0281 0500 vpn5000service - ok
17:11:47.0296 0500 VRADFIL - ok
17:11:47.0437 0500 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
17:11:47.0515 0500 VSS - ok
17:11:47.0531 0500 vsserv - ok
17:11:47.0531 0500 vstor2 - ok
17:11:47.0578 0500 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
17:11:47.0703 0500 w32time - ok
17:11:47.0734 0500 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:11:47.0875 0500 Wanarp - ok
17:11:47.0890 0500 wanatw - ok
17:11:47.0906 0500 WBHWDOCT - ok
17:11:47.0906 0500 wceusbsh - ok
17:11:47.0984 0500 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
17:11:48.0125 0500 Wdf01000 - ok
17:11:48.0140 0500 WDICA - ok
17:11:48.0171 0500 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:11:48.0312 0500 wdmaud - ok
17:11:48.0328 0500 WDM_YAMAHAAC97 - ok
17:11:48.0515 0500 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
17:11:48.0703 0500 WebClient - ok
17:11:48.0703 0500 webcompserver - ok
17:11:48.0718 0500 winachsx - ok
17:11:48.0828 0500 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:11:48.0968 0500 winmgmt - ok
17:11:48.0984 0500 winsshd - ok
17:11:49.0015 0500 wm - ok
17:11:49.0078 0500 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
17:11:49.0171 0500 WmdmPmSN - ok
17:11:49.0218 0500 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:11:49.0406 0500 WmiApSrv - ok
17:11:49.0562 0500 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
17:11:49.0828 0500 WMPNetworkSvc - ok
17:11:50.0015 0500 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:11:50.0296 0500 WPFFontCache_v0400 - ok
17:11:50.0859 0500 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:11:51.0000 0500 WSTCODEC - ok
17:11:51.0046 0500 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
17:11:51.0187 0500 wuauserv - ok
17:11:51.0234 0500 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:11:51.0312 0500 WudfPf - ok
17:11:51.0328 0500 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:11:51.0468 0500 WudfRd - ok
17:11:51.0500 0500 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
17:11:51.0578 0500 WudfSvc - ok
17:11:51.0656 0500 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
17:11:51.0859 0500 WZCSVC - ok
17:11:51.0875 0500 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
17:11:52.0062 0500 xmlprov - ok
17:11:52.0078 0500 zdeviceservice - ok
17:11:52.0156 0500 MBR (0x1B8) (a03e065717cb65f3034ad33ad58b6bba) \Device\Harddisk0\DR0
17:11:52.0281 0500 \Device\Harddisk0\DR0 - ok
17:11:52.0296 0500 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR4
17:12:00.0265 0500 \Device\Harddisk1\DR4 - ok
17:12:00.0296 0500 Boot (0x1200) (bdb13d31d98258c5d40f699692849641) \Device\Harddisk0\DR0\Partition0
17:12:00.0296 0500 \Device\Harddisk0\DR0\Partition0 - ok
17:12:00.0296 0500 Boot (0x1200) (c5d0ca32d6828f5d12912f68981c5e3c) \Device\Harddisk1\DR4\Partition0
17:12:00.0296 0500 \Device\Harddisk1\DR4\Partition0 - ok
17:12:00.0312 0500 ============================================================
17:12:00.0312 0500 Scan finished
17:12:00.0312 0500 ============================================================
17:12:00.0421 3004 Detected object count: 20
17:12:00.0421 3004 Actual detected object count: 20
17:13:39.0265 3004 C:\WINDOWS\system32\drivers\ASCTRM.sys - copied to quarantine
17:13:39.0437 3004 HKLM\SYSTEM\ControlSet001\services\ASCTRM - will be deleted on reboot
17:13:39.0437 3004 HKLM\SYSTEM\ControlSet002\services\ASCTRM - will be deleted on reboot
17:13:39.0437 3004 C:\WINDOWS\system32\drivers\ASCTRM.sys - will be deleted on reboot
17:13:39.0437 3004 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:39.0546 3004 C:\WINDOWS\system32\drivers\drvmcdb.sys - copied to quarantine
17:13:39.0703 3004 HKLM\SYSTEM\ControlSet001\services\drvmcdb - will be deleted on reboot
17:13:39.0703 3004 HKLM\SYSTEM\ControlSet002\services\drvmcdb - will be deleted on reboot
17:13:39.0703 3004 C:\WINDOWS\system32\drivers\drvmcdb.sys - will be deleted on reboot
17:13:39.0703 3004 drvmcdb ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:39.0750 3004 C:\WINDOWS\system32\drivers\drvnddm.sys - copied to quarantine
17:13:39.0921 3004 HKLM\SYSTEM\ControlSet001\services\drvnddm - will be deleted on reboot
17:13:39.0921 3004 HKLM\SYSTEM\ControlSet002\services\drvnddm - will be deleted on reboot
17:13:39.0921 3004 C:\WINDOWS\system32\drivers\drvnddm.sys - will be deleted on reboot
17:13:39.0921 3004 drvnddm ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:40.0078 3004 C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys - copied to quarantine
17:13:40.0234 3004 HKLM\SYSTEM\ControlSet001\services\DSproct - will be deleted on reboot
17:13:40.0234 3004 HKLM\SYSTEM\ControlSet002\services\DSproct - will be deleted on reboot
17:13:40.0234 3004 C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys - will be deleted on reboot
17:13:40.0234 3004 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:40.0296 3004 C:\WINDOWS\system32\drivers\lvsound2.sys - copied to quarantine
17:13:40.0343 3004 HKLM\SYSTEM\ControlSet001\services\lusbaudio - will be deleted on reboot
17:13:40.0343 3004 HKLM\SYSTEM\ControlSet002\services\lusbaudio - will be deleted on reboot
17:13:40.0343 3004 C:\WINDOWS\system32\drivers\lvsound2.sys - will be deleted on reboot
17:13:40.0343 3004 lusbaudio ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:40.0468 3004 C:\WINDOWS\system32\DRIVERS\LVBulk.sys - copied to quarantine
17:13:40.0656 3004 HKLM\SYSTEM\ControlSet001\services\LVBulk - will be deleted on reboot
17:13:40.0656 3004 HKLM\SYSTEM\ControlSet002\services\LVBulk - will be deleted on reboot
17:13:40.0656 3004 C:\WINDOWS\system32\DRIVERS\LVBulk.sys - will be deleted on reboot
17:13:40.0656 3004 LVBulk ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:40.0718 3004 C:\WINDOWS\system32\DRIVERS\lvvi500a.sys - copied to quarantine
17:13:40.0875 3004 HKLM\SYSTEM\ControlSet001\services\LVVI500A - will be deleted on reboot
17:13:40.0875 3004 HKLM\SYSTEM\ControlSet002\services\LVVI500A - will be deleted on reboot
17:13:40.0875 3004 C:\WINDOWS\system32\DRIVERS\lvvi500a.sys - will be deleted on reboot
17:13:40.0875 3004 LVVI500A ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:41.0000 3004 C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe - copied to quarantine
17:13:41.0187 3004 HKLM\SYSTEM\ControlSet001\services\NetSvc - will be deleted on reboot
17:13:41.0187 3004 HKLM\SYSTEM\ControlSet002\services\NetSvc - will be deleted on reboot
17:13:41.0187 3004 C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe - will be deleted on reboot
17:13:41.0187 3004 NetSvc ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:41.0234 3004 C:\WINDOWS\system32\HPZipm12.exe - copied to quarantine
17:13:41.0421 3004 HKLM\SYSTEM\ControlSet001\services\Pml Driver HPZ12 - will be deleted on reboot
17:13:41.0421 3004 HKLM\SYSTEM\ControlSet002\services\Pml Driver HPZ12 - will be deleted on reboot
17:13:41.0421 3004 C:\WINDOWS\system32\HPZipm12.exe - will be deleted on reboot
17:13:41.0421 3004 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:41.0421 3004 sscdbhk5 ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:41.0421 3004 sscdbhk5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:13:41.0500 3004 C:\WINDOWS\system32\drivers\ssrtln.sys - copied to quarantine
17:13:41.0656 3004 HKLM\SYSTEM\ControlSet001\services\ssrtln - will be deleted on reboot
17:13:41.0656 3004 HKLM\SYSTEM\ControlSet002\services\ssrtln - will be deleted on reboot
17:13:41.0656 3004 C:\WINDOWS\system32\drivers\ssrtln.sys - will be deleted on reboot
17:13:41.0656 3004 ssrtln ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:41.0734 3004 C:\WINDOWS\system32\dla\tfsnboio.sys - copied to quarantine
17:13:41.0906 3004 HKLM\SYSTEM\ControlSet001\services\tfsnboio - will be deleted on reboot
17:13:41.0906 3004 HKLM\SYSTEM\ControlSet002\services\tfsnboio - will be deleted on reboot
17:13:41.0906 3004 C:\WINDOWS\system32\dla\tfsnboio.sys - will be deleted on reboot
17:13:41.0906 3004 tfsnboio ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:41.0968 3004 C:\WINDOWS\system32\dla\tfsncofs.sys - copied to quarantine
17:13:42.0125 3004 HKLM\SYSTEM\ControlSet001\services\tfsncofs - will be deleted on reboot
17:13:42.0125 3004 HKLM\SYSTEM\ControlSet002\services\tfsncofs - will be deleted on reboot
17:13:42.0125 3004 C:\WINDOWS\system32\dla\tfsncofs.sys - will be deleted on reboot
17:13:42.0125 3004 tfsncofs ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:42.0156 3004 C:\WINDOWS\system32\dla\tfsndrct.sys - copied to quarantine
17:13:42.0312 3004 HKLM\SYSTEM\ControlSet001\services\tfsndrct - will be deleted on reboot
17:13:42.0312 3004 HKLM\SYSTEM\ControlSet002\services\tfsndrct - will be deleted on reboot
17:13:42.0312 3004 C:\WINDOWS\system32\dla\tfsndrct.sys - will be deleted on reboot
17:13:42.0328 3004 tfsndrct ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:42.0453 3004 C:\WINDOWS\system32\dla\tfsndres.sys - copied to quarantine
17:13:42.0625 3004 HKLM\SYSTEM\ControlSet001\services\tfsndres - will be deleted on reboot
17:13:42.0625 3004 HKLM\SYSTEM\ControlSet002\services\tfsndres - will be deleted on reboot
17:13:42.0625 3004 C:\WINDOWS\system32\dla\tfsndres.sys - will be deleted on reboot
17:13:42.0625 3004 tfsndres ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:42.0656 3004 C:\WINDOWS\system32\dla\tfsnifs.sys - copied to quarantine
17:13:42.0812 3004 HKLM\SYSTEM\ControlSet001\services\tfsnifs - will be deleted on reboot
17:13:42.0812 3004 HKLM\SYSTEM\ControlSet002\services\tfsnifs - will be deleted on reboot
17:13:42.0812 3004 C:\WINDOWS\system32\dla\tfsnifs.sys - will be deleted on reboot
17:13:42.0812 3004 tfsnifs ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:42.0890 3004 C:\WINDOWS\system32\dla\tfsnopio.sys - copied to quarantine
17:13:43.0078 3004 HKLM\SYSTEM\ControlSet001\services\tfsnopio - will be deleted on reboot
17:13:43.0078 3004 HKLM\SYSTEM\ControlSet002\services\tfsnopio - will be deleted on reboot
17:13:43.0078 3004 C:\WINDOWS\system32\dla\tfsnopio.sys - will be deleted on reboot
17:13:43.0078 3004 tfsnopio ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:43.0109 3004 C:\WINDOWS\system32\dla\tfsnpool.sys - copied to quarantine
17:13:43.0265 3004 HKLM\SYSTEM\ControlSet001\services\tfsnpool - will be deleted on reboot
17:13:43.0265 3004 HKLM\SYSTEM\ControlSet002\services\tfsnpool - will be deleted on reboot
17:13:43.0265 3004 C:\WINDOWS\system32\dla\tfsnpool.sys - will be deleted on reboot
17:13:43.0265 3004 tfsnpool ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:43.0296 3004 C:\WINDOWS\system32\dla\tfsnudf.sys - copied to quarantine
17:13:43.0468 3004 HKLM\SYSTEM\ControlSet001\services\tfsnudf - will be deleted on reboot
17:13:43.0468 3004 HKLM\SYSTEM\ControlSet002\services\tfsnudf - will be deleted on reboot
17:13:43.0468 3004 C:\WINDOWS\system32\dla\tfsnudf.sys - will be deleted on reboot
17:13:43.0468 3004 tfsnudf ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:13:43.0546 3004 C:\WINDOWS\system32\dla\tfsnudfa.sys - copied to quarantine
17:13:43.0734 3004 HKLM\SYSTEM\ControlSet001\services\tfsnudfa - will be deleted on reboot
17:13:43.0734 3004 HKLM\SYSTEM\ControlSet002\services\tfsnudfa - will be deleted on reboot
17:13:43.0734 3004 C:\WINDOWS\system32\dla\tfsnudfa.sys - will be deleted on reboot
17:13:43.0734 3004 tfsnudfa ( UnsignedFile.Multi.Generic ) - User select action: Delete
17:14:02.0125 1420 Deinitialize success

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:24 PM

Posted 07 May 2012 - 10:32 AM

Ran TDSS again and it came up with 20 suspicious files. I checked the delete box on them all. Bang! Did a restart and got a blue screen saying

Why did you select DELETE in the first case? TDSSkiller detects even legitimate files as suspicious.

You should not change the option from SKIP to DELETE if you're not sure of results.


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system.DO NOT SELECT THE other option.Uncheck it.

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#7 reedncg

reedncg
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 07 May 2012 - 12:00 PM

In answer to your question, it was my own stupidity! Ran TDSS and FSS again. Logs below. Thanks, Ed

09:36:54.0234 5376 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
09:36:54.0250 5376 ============================================================
09:36:54.0250 5376 Current date / time: 2012/05/07 09:36:54.0250
09:36:54.0250 5376 SystemInfo:
09:36:54.0250 5376
09:36:54.0250 5376 OS Version: 5.1.2600 ServicePack: 3.0
09:36:54.0250 5376 Product type: Workstation
09:36:54.0250 5376 ComputerName: D3SP6181
09:36:54.0250 5376 UserName: Edwin Hildebrand
09:36:54.0250 5376 Windows directory: C:\WINDOWS
09:36:54.0250 5376 System windows directory: C:\WINDOWS
09:36:54.0250 5376 Processor architecture: Intel x86
09:36:54.0250 5376 Number of processors: 2
09:36:54.0250 5376 Page size: 0x1000
09:36:54.0250 5376 Boot type: Normal boot
09:36:54.0250 5376 ============================================================
09:36:57.0218 5376 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:36:57.0218 5376 ============================================================
09:36:57.0218 5376 \Device\Harddisk0\DR0:
09:36:57.0218 5376 MBR partitions:
09:36:57.0218 5376 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xFB04, BlocksNum 0x8E7BB54
09:36:57.0218 5376 ============================================================
09:36:57.0265 5376 C: <-> \Device\Harddisk0\DR0\Partition0
09:36:57.0265 5376 ============================================================
09:36:57.0265 5376 Initialize success
09:36:57.0265 5376 ============================================================
09:37:39.0718 2664 ============================================================
09:37:39.0718 2664 Scan started
09:37:39.0718 2664 Mode: Manual; TDLFS;
09:37:39.0718 2664 ============================================================
09:37:40.0093 2664 6to4 (c07d5197410aab28d0d93f943f59656d) C:\WINDOWS\System32\6to4svc.dll
09:37:40.0109 2664 6to4 - ok
09:37:40.0109 2664 a016obex - ok
09:37:40.0156 2664 Abiosdsk - ok
09:37:40.0187 2664 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
09:37:40.0203 2664 abp480n5 - ok
09:37:40.0234 2664 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:37:40.0250 2664 ACPI - ok
09:37:40.0296 2664 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:37:40.0296 2664 ACPIEC - ok
09:37:40.0312 2664 adihdaudaddservice - ok
09:37:40.0406 2664 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:37:40.0421 2664 AdobeFlashPlayerUpdateSvc - ok
09:37:40.0468 2664 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
09:37:40.0468 2664 adpu160m - ok
09:37:40.0500 2664 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:37:40.0515 2664 aec - ok
09:37:40.0578 2664 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:37:40.0593 2664 AFD - ok
09:37:40.0609 2664 afs2k - ok
09:37:40.0640 2664 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
09:37:40.0640 2664 agp440 - ok
09:37:40.0656 2664 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
09:37:40.0671 2664 agpCPQ - ok
09:37:40.0687 2664 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
09:37:40.0703 2664 Aha154x - ok
09:37:40.0718 2664 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
09:37:40.0718 2664 aic78u2 - ok
09:37:40.0734 2664 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
09:37:40.0750 2664 aic78xx - ok
09:37:40.0765 2664 aksusb - ok
09:37:40.0812 2664 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
09:37:40.0812 2664 Alerter - ok
09:37:40.0828 2664 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
09:37:40.0843 2664 ALG - ok
09:37:40.0875 2664 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
09:37:40.0875 2664 AliIde - ok
09:37:40.0890 2664 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
09:37:40.0906 2664 alim1541 - ok
09:37:40.0921 2664 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
09:37:40.0921 2664 amdagp - ok
09:37:40.0953 2664 AmdIde - ok
09:37:40.0968 2664 amdk8 - ok
09:37:40.0984 2664 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
09:37:40.0984 2664 amsint - ok
09:37:41.0000 2664 AN983 - ok
09:37:41.0093 2664 Apple Mobile Device (d503df3aba595f551b98b9bae017a271) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:37:41.0109 2664 Apple Mobile Device - ok
09:37:41.0109 2664 AppMgmt - ok
09:37:41.0125 2664 arc - ok
09:37:41.0140 2664 armoucfltr - ok
09:37:41.0187 2664 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
09:37:41.0203 2664 asc - ok
09:37:41.0203 2664 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
09:37:41.0203 2664 asc3350p - ok
09:37:41.0218 2664 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
09:37:41.0218 2664 asc3550 - ok
09:37:41.0250 2664 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
09:37:41.0250 2664 ASCTRM - ok
09:37:41.0250 2664 ASLDRService - ok
09:37:41.0406 2664 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:37:41.0437 2664 aspnet_state - ok
09:37:41.0437 2664 asuskeyboardservice - ok
09:37:41.0453 2664 ASUSVRC - ok
09:37:41.0484 2664 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:37:41.0484 2664 AsyncMac - ok
09:37:41.0515 2664 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:37:41.0515 2664 atapi - ok
09:37:41.0515 2664 Atdisk - ok
09:37:41.0578 2664 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:37:41.0578 2664 Atmarpc - ok
09:37:41.0625 2664 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
09:37:41.0625 2664 AudioSrv - ok
09:37:41.0671 2664 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:37:41.0671 2664 audstub - ok
09:37:41.0687 2664 avgarcln - ok
09:37:41.0703 2664 avgmfx86 - ok
09:37:41.0703 2664 avgtdi - ok
09:37:41.0718 2664 avsvcmonitor - ok
09:37:41.0843 2664 BBSvc (2ed050291bc1d7f9e322e328db3aaecf) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
09:37:41.0875 2664 BBSvc - ok
09:37:41.0921 2664 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
09:37:41.0921 2664 BBUpdate - ok
09:37:41.0937 2664 bc_ip_f - ok
09:37:41.0953 2664 bc_tdi_f - ok
09:37:42.0000 2664 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:37:42.0015 2664 Beep - ok
09:37:42.0078 2664 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
09:37:42.0093 2664 BITS - ok
09:37:42.0171 2664 Bonjour Service (ebad0f51d8d4dade7660b1851addbd07) C:\Program Files\Bonjour\mDNSResponder.exe
09:37:42.0187 2664 Bonjour Service - ok
09:37:42.0234 2664 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
09:37:42.0234 2664 Browser - ok
09:37:42.0250 2664 btcsrusb - ok
09:37:42.0250 2664 btdriver - ok
09:37:42.0265 2664 bthpan - ok
09:37:42.0281 2664 bvrp_pci - ok
09:37:42.0312 2664 Cap7134 - ok
09:37:42.0359 2664 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
09:37:42.0359 2664 cbidf - ok
09:37:42.0359 2664 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:37:42.0359 2664 cbidf2k - ok
09:37:42.0375 2664 CBN - ok
09:37:42.0437 2664 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:37:42.0437 2664 CCDECODE - ok
09:37:42.0468 2664 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
09:37:42.0468 2664 cd20xrnt - ok
09:37:42.0500 2664 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:37:42.0500 2664 Cdaudio - ok
09:37:42.0609 2664 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:37:42.0609 2664 Cdfs - ok
09:37:42.0625 2664 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:37:42.0640 2664 Cdrom - ok
09:37:42.0640 2664 cdvp - ok
09:37:42.0656 2664 cebdaldr - ok
09:37:42.0687 2664 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\WINDOWS\system32\drivers\cfwids.sys
09:37:42.0687 2664 cfwids - ok
09:37:42.0703 2664 Changer - ok
09:37:42.0734 2664 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
09:37:42.0734 2664 CiSvc - ok
09:37:42.0750 2664 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
09:37:42.0750 2664 ClipSrv - ok
09:37:42.0875 2664 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:37:42.0984 2664 clr_optimization_v2.0.50727_32 - ok
09:37:43.0062 2664 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:37:43.0062 2664 clr_optimization_v4.0.30319_32 - ok
09:37:43.0093 2664 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
09:37:43.0093 2664 CmdIde - ok
09:37:43.0109 2664 COMSysApp - ok
09:37:43.0156 2664 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
09:37:43.0156 2664 Cpqarray - ok
09:37:43.0187 2664 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
09:37:43.0203 2664 CryptSvc - ok
09:37:43.0203 2664 ctxcpubal - ok
09:37:43.0218 2664 CVPNDRVA - ok
09:37:43.0234 2664 cwafreportscheduler - ok
09:37:43.0281 2664 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
09:37:43.0296 2664 dac2w2k - ok
09:37:43.0312 2664 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
09:37:43.0312 2664 dac960nt - ok
09:37:43.0375 2664 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
09:37:43.0390 2664 DcomLaunch - ok
09:37:43.0437 2664 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
09:37:43.0453 2664 Dhcp - ok
09:37:43.0484 2664 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:37:43.0500 2664 Disk - ok
09:37:43.0500 2664 dlbu_device - ok
09:37:43.0515 2664 dmadmin - ok
09:37:43.0625 2664 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
09:37:43.0656 2664 dmboot - ok
09:37:43.0703 2664 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
09:37:43.0703 2664 dmio - ok
09:37:43.0718 2664 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:37:43.0718 2664 dmload - ok
09:37:43.0750 2664 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
09:37:43.0750 2664 dmserver - ok
09:37:43.0781 2664 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:37:43.0796 2664 DMusic - ok
09:37:43.0828 2664 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
09:37:43.0828 2664 Dnscache - ok
09:37:43.0890 2664 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
09:37:43.0890 2664 Dot3svc - ok
09:37:43.0921 2664 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
09:37:43.0921 2664 dpti2o - ok
09:37:43.0953 2664 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:37:43.0953 2664 drmkaud - ok
09:37:44.0015 2664 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
09:37:44.0015 2664 drvmcdb - ok
09:37:44.0031 2664 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
09:37:44.0031 2664 drvnddm - ok
09:37:44.0140 2664 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
09:37:44.0140 2664 DSBrokerService - ok
09:37:44.0218 2664 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
09:37:44.0218 2664 DSproct - ok
09:37:44.0265 2664 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
09:37:44.0265 2664 dsunidrv - ok
09:37:44.0265 2664 dtsrvc - ok
09:37:44.0281 2664 E1000 - ok
09:37:44.0312 2664 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
09:37:44.0312 2664 E100B - ok
09:37:44.0359 2664 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
09:37:44.0359 2664 EapHost - ok
09:37:44.0375 2664 ELmon - ok
09:37:44.0375 2664 emAudio - ok
09:37:44.0421 2664 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
09:37:44.0421 2664 ERSvc - ok
09:37:44.0468 2664 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
09:37:44.0468 2664 Eventlog - ok
09:37:44.0515 2664 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
09:37:44.0531 2664 EventSystem - ok
09:37:44.0937 2664 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:37:44.0937 2664 Fastfat - ok
09:37:44.0984 2664 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:37:45.0000 2664 FastUserSwitchingCompatibility - ok
09:37:45.0062 2664 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
09:37:45.0062 2664 Fax - ok
09:37:45.0093 2664 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
09:37:45.0093 2664 Fdc - ok
09:37:45.0125 2664 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
09:37:45.0125 2664 Fips - ok
09:37:45.0156 2664 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:37:45.0156 2664 Flpydisk - ok
09:37:45.0203 2664 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:37:45.0203 2664 FltMgr - ok
09:37:45.0328 2664 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:37:45.0343 2664 FontCache3.0.0.0 - ok
09:37:45.0343 2664 fsssvc - ok
09:37:45.0406 2664 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:37:45.0406 2664 Fs_Rec - ok
09:37:45.0453 2664 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:37:45.0453 2664 Ftdisk - ok
09:37:45.0468 2664 G400DH - ok
09:37:45.0500 2664 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
09:37:45.0500 2664 GEARAspiWDM - ok
09:37:45.0734 2664 getPlus® Helper (35a1f815962f3552066c6be4c969d297) C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
09:37:45.0750 2664 getPlus® Helper - ok
09:37:45.0750 2664 gotomypc - ok
09:37:45.0781 2664 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:37:45.0796 2664 Gpc - ok
09:37:45.0875 2664 gupdate1ca0904829b59be (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
09:37:45.0875 2664 gupdate1ca0904829b59be - ok
09:37:45.0875 2664 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
09:37:45.0890 2664 gupdatem - ok
09:37:45.0937 2664 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:37:45.0953 2664 gusvc - ok
09:37:45.0953 2664 GVCplDrv - ok
09:37:46.0046 2664 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:37:46.0062 2664 helpsvc - ok
09:37:46.0062 2664 hf30service - ok
09:37:46.0109 2664 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
09:37:46.0109 2664 HidServ - ok
09:37:46.0125 2664 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:37:46.0125 2664 HidUsb - ok
09:37:46.0156 2664 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
09:37:46.0171 2664 hkmsvc - ok
09:37:46.0171 2664 Hotkey - ok
09:37:46.0203 2664 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
09:37:46.0203 2664 hpn - ok
09:37:46.0250 2664 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
09:37:46.0250 2664 HPZid412 - ok
09:37:46.0296 2664 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
09:37:46.0296 2664 HPZipr12 - ok
09:37:46.0343 2664 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
09:37:46.0343 2664 HPZius12 - ok
09:37:46.0390 2664 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
09:37:46.0406 2664 HTTP - ok
09:37:46.0453 2664 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
09:37:46.0453 2664 HTTPFilter - ok
09:37:46.0453 2664 HWSCtrl - ok
09:37:46.0500 2664 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
09:37:46.0500 2664 i2omgmt - ok
09:37:46.0515 2664 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
09:37:46.0531 2664 i2omp - ok
09:37:46.0906 2664 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:37:46.0906 2664 i8042prt - ok
09:37:47.0015 2664 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
09:37:47.0062 2664 ialm - ok
09:37:47.0062 2664 ICAM5USB - ok
09:37:47.0078 2664 ichaud - ok
09:37:47.0093 2664 id2scaps - ok
09:37:47.0109 2664 idebusdr - ok
09:37:47.0265 2664 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:37:47.0296 2664 idsvc - ok
09:37:47.0375 2664 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:37:47.0375 2664 Imapi - ok
09:37:47.0421 2664 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
09:37:47.0437 2664 ImapiService - ok
09:37:47.0437 2664 imaservice - ok
09:37:47.0484 2664 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
09:37:47.0484 2664 ini910u - ok
09:37:47.0484 2664 ino_flpy - ok
09:37:47.0734 2664 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\WINDOWS\system32\DRIVERS\IntelC51.sys
09:37:47.0781 2664 IntelC51 - ok
09:37:47.0828 2664 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\WINDOWS\system32\DRIVERS\IntelC52.sys
09:37:47.0843 2664 IntelC52 - ok
09:37:47.0875 2664 IntelC53 (cf0b937710cec6ef39416edecd803cbb) C:\WINDOWS\system32\DRIVERS\IntelC53.sys
09:37:47.0875 2664 IntelC53 - ok
09:37:47.0921 2664 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
09:37:47.0921 2664 IntelIde - ok
09:37:47.0968 2664 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:37:47.0968 2664 intelppm - ok
09:37:48.0093 2664 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
09:37:48.0093 2664 IntuitUpdateService - ok
09:37:48.0156 2664 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
09:37:48.0156 2664 IntuitUpdateServiceV4 - ok
09:37:48.0171 2664 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:37:48.0171 2664 Ip6Fw - ok
09:37:48.0218 2664 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:37:48.0234 2664 IpFilterDriver - ok
09:37:48.0250 2664 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:37:48.0250 2664 IpInIp - ok
09:37:48.0281 2664 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:37:48.0296 2664 IpNat - ok
09:37:48.0359 2664 iPod Service (3c30491045dbbd44a42876b3d6f3917d) C:\Program Files\iPod\bin\iPodService.exe
09:37:48.0375 2664 iPod Service - ok
09:37:48.0375 2664 ipodservice - ok
09:37:48.0406 2664 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:37:48.0406 2664 IPSec - ok
09:37:48.0453 2664 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:37:48.0453 2664 IRENUM - ok
09:37:48.0484 2664 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:37:48.0484 2664 isapnp - ok
09:37:48.0500 2664 isdrv120 - ok
09:37:48.0500 2664 issvc - ok
09:37:48.0515 2664 itchfltr - ok
09:37:48.0906 2664 JavaQuickStarterService (5e06a9d23727daf96faa796f1135fdcd) C:\Program Files\Java\jre6\bin\jqs.exe
09:37:48.0906 2664 JavaQuickStarterService - ok
09:37:48.0906 2664 Jukebox - ok
09:37:48.0921 2664 jukebox3 - ok
09:37:48.0953 2664 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:37:48.0953 2664 Kbdclass - ok
09:37:48.0953 2664 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:37:48.0968 2664 kbdhid - ok
09:37:48.0984 2664 kl1 - ok
09:37:49.0000 2664 KLOGNT - ok
09:37:49.0062 2664 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:37:49.0062 2664 kmixer - ok
09:37:49.0125 2664 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
09:37:49.0125 2664 KSecDD - ok
09:37:49.0125 2664 L8042Kbd - ok
09:37:49.0171 2664 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
09:37:49.0171 2664 lanmanserver - ok
09:37:49.0234 2664 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
09:37:49.0250 2664 lanmanworkstation - ok
09:37:49.0281 2664 LBeepKE (c99ba72106a858cb8b521bb4c02c93ed) C:\WINDOWS\system32\Drivers\LBeepKE.sys
09:37:49.0281 2664 LBeepKE - ok
09:37:49.0296 2664 lbrtfdc - ok
09:37:49.0421 2664 LBTServ (0f98b9384c37c8c29904b8ae4359a54f) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
09:37:49.0484 2664 LBTServ - ok
09:37:49.0484 2664 ldlcserv - ok
09:37:49.0515 2664 LHidFilt (318b3d608fbec44b7e0c23bf759dced5) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
09:37:49.0515 2664 LHidFilt - ok
09:37:49.0531 2664 lkcitadelserver - ok
09:37:49.0546 2664 lkclassads - ok
09:37:49.0781 2664 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
09:37:49.0828 2664 LmHosts - ok
09:37:49.0828 2664 LMIRfsClientNP - ok
09:37:49.0875 2664 LMouFilt (84af069d219df3c43dc6792b2bbd7bed) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
09:37:49.0875 2664 LMouFilt - ok
09:37:50.0015 2664 lusbaudio (f57fcbfbbd7ff68cc286f6fefeaed2b2) C:\WINDOWS\system32\drivers\lvsound2.sys
09:37:50.0031 2664 lusbaudio - ok
09:37:50.0062 2664 LVBulk (eb17c2146d2bafa79c67e35229f4297c) C:\WINDOWS\system32\DRIVERS\LVBulk.sys
09:37:50.0078 2664 LVBulk - ok
09:37:50.0078 2664 lvpr2mon - ok
09:37:50.0125 2664 LVVI500A (c4a1debc2b9a61a31d2616c2c6c03eee) C:\WINDOWS\system32\DRIVERS\lvvi500a.sys
09:37:50.0140 2664 LVVI500A - ok
09:37:50.0140 2664 lxbx_device - ok
09:37:50.0156 2664 lxby_device - ok
09:37:50.0171 2664 MA8032M - ok
09:37:50.0187 2664 MA8032U - ok
09:37:50.0203 2664 ma_cmidi_installerservice - ok
09:37:50.0328 2664 McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:37:50.0328 2664 McAfee SiteAdvisor Service - ok
09:37:50.0453 2664 McAWFwk (3a346239cd2d75be7f54be7e28eb5e4f) c:\PROGRA~1\mcafee\msc\mcawfwk.exe
09:37:50.0500 2664 McAWFwk - ok
09:37:50.0500 2664 McciCMService - ok
09:37:50.0515 2664 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:37:50.0515 2664 McMPFSvc - ok
09:37:50.0531 2664 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:37:50.0531 2664 mcmscsvc - ok
09:37:50.0546 2664 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:37:50.0578 2664 McNaiAnn - ok
09:37:50.0578 2664 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:37:50.0578 2664 McNASvc - ok
09:37:50.0828 2664 McODS (42117cbc4849a5cf11129912dabbdeca) C:\Program Files\McAfee\VirusScan\mcods.exe
09:37:50.0890 2664 McODS - ok
09:37:50.0906 2664 McOobeSv (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:37:50.0906 2664 McOobeSv - ok
09:37:50.0906 2664 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:37:50.0906 2664 McProxy - ok
09:37:50.0953 2664 McPvDrv (000751813ecef491689176e72b3a8bee) C:\WINDOWS\system32\drivers\McPvDrv.sys
09:37:50.0968 2664 McPvDrv - ok
09:37:51.0031 2664 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
09:37:51.0046 2664 McShield - ok
09:37:51.0093 2664 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
09:37:51.0093 2664 Messenger - ok
09:37:51.0140 2664 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\WINDOWS\system32\drivers\mfeapfk.sys
09:37:51.0140 2664 mfeapfk - ok
09:37:51.0187 2664 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\WINDOWS\system32\drivers\mfeavfk.sys
09:37:51.0187 2664 mfeavfk - ok
09:37:51.0203 2664 mfeavfk01 - ok
09:37:51.0234 2664 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\WINDOWS\system32\drivers\mfebopk.sys
09:37:51.0250 2664 mfebopk - ok
09:37:51.0281 2664 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
09:37:51.0296 2664 mfefire - ok
09:37:51.0343 2664 mfefirek (4ea6ff90015424517843e931448e00f1) C:\WINDOWS\system32\drivers\mfefirek.sys
09:37:51.0343 2664 mfefirek - ok
09:37:51.0406 2664 mfehidk (d1e998748ba24a731106611d535c6bbf) C:\WINDOWS\system32\drivers\mfehidk.sys
09:37:51.0437 2664 mfehidk - ok
09:37:51.0484 2664 mfendisk (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
09:37:51.0484 2664 mfendisk - ok
09:37:51.0484 2664 mfendiskmp (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
09:37:51.0484 2664 mfendiskmp - ok
09:37:51.0531 2664 mferkdet (f454a13377f0a006d20a8c14a753c432) C:\WINDOWS\system32\drivers\mferkdet.sys
09:37:51.0531 2664 mferkdet - ok
09:37:51.0750 2664 mfetdi2k (070d3faf2eac417c59d8674a8752f7a6) C:\WINDOWS\system32\drivers\mfetdi2k.sys
09:37:51.0750 2664 mfetdi2k - ok
09:37:51.0781 2664 mfevtp (b10c4efd40810c08f4b44df2efcb54f7) C:\WINDOWS\system32\mfevtps.exe
09:37:51.0781 2664 mfevtp - ok
09:37:51.0796 2664 mksupdateint - ok
09:37:51.0828 2664 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:37:51.0828 2664 mnmdd - ok
09:37:51.0875 2664 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
09:37:51.0890 2664 mnmsrvc - ok
09:37:51.0890 2664 MobilePreInstallerService - ok
09:37:51.0906 2664 mod7700 - ok
09:37:51.0953 2664 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
09:37:51.0953 2664 Modem - ok
09:37:51.0968 2664 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
09:37:51.0984 2664 MODEMCSA - ok
09:37:52.0000 2664 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\WINDOWS\system32\DRIVERS\mohfilt.sys
09:37:52.0000 2664 mohfilt - ok
09:37:52.0015 2664 motmodem - ok
09:37:52.0046 2664 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:37:52.0046 2664 Mouclass - ok
09:37:52.0078 2664 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:37:52.0078 2664 mouhid - ok
09:37:52.0093 2664 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:37:52.0109 2664 MountMgr - ok
09:37:52.0140 2664 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
09:37:52.0140 2664 mraid35x - ok
09:37:52.0187 2664 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:37:52.0187 2664 MRxDAV - ok
09:37:52.0250 2664 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:37:52.0265 2664 MRxSmb - ok
09:37:52.0312 2664 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
09:37:52.0312 2664 MSDTC - ok
09:37:52.0359 2664 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:37:52.0359 2664 Msfs - ok
09:37:52.0359 2664 MSIServer - ok
09:37:52.0500 2664 MSK80Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
09:37:52.0515 2664 MSK80Service - ok
09:37:52.0531 2664 mskservice - ok
09:37:52.0656 2664 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:37:52.0687 2664 MSKSSRV - ok
09:37:52.0796 2664 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:37:52.0859 2664 MSPCLOCK - ok
09:37:52.0875 2664 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:37:52.0875 2664 MSPQM - ok
09:37:52.0921 2664 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:37:52.0921 2664 mssmbios - ok
09:37:52.0937 2664 mstdc - ok
09:37:52.0968 2664 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
09:37:52.0968 2664 MSTEE - ok
09:37:53.0015 2664 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:37:53.0015 2664 Mup - ok
09:37:53.0031 2664 mxserver - ok
09:37:53.0078 2664 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:37:53.0078 2664 NABTSFEC - ok
09:37:53.0140 2664 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
09:37:53.0140 2664 napagent - ok
09:37:53.0187 2664 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:37:53.0203 2664 NDIS - ok
09:37:53.0250 2664 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:37:53.0250 2664 NdisIP - ok
09:37:53.0281 2664 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:37:53.0281 2664 NdisTapi - ok
09:37:53.0343 2664 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:37:53.0343 2664 Ndisuio - ok
09:37:53.0359 2664 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:37:53.0375 2664 NdisWan - ok
09:37:53.0421 2664 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:37:53.0421 2664 NDProxy - ok
09:37:53.0484 2664 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:37:53.0484 2664 NetBIOS - ok
09:37:53.0531 2664 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:37:53.0640 2664 NetBT - ok
09:37:53.0890 2664 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
09:37:53.0906 2664 NetDDE - ok
09:37:53.0906 2664 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
09:37:53.0906 2664 NetDDEdsdm - ok
09:37:53.0921 2664 NETGEAR_MA111 - ok
09:37:53.0953 2664 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:37:53.0953 2664 Netlogon - ok
09:37:54.0015 2664 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
09:37:54.0031 2664 Netman - ok
09:37:54.0171 2664 NetSvc (02d0798f376fcbd0210eda58476d0b1b) C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
09:37:54.0171 2664 NetSvc - ok
09:37:54.0281 2664 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:37:54.0296 2664 NetTcpPortSharing - ok
09:37:54.0296 2664 nisvcloc - ok
09:37:54.0343 2664 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
09:37:54.0359 2664 Nla - ok
09:37:54.0421 2664 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:37:54.0421 2664 Npfs - ok
09:37:54.0437 2664 npkcrypt - ok
09:37:54.0468 2664 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:37:54.0484 2664 Ntfs - ok
09:37:54.0500 2664 ntiopnp - ok
09:37:54.0765 2664 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:37:54.0765 2664 NtLmSsp - ok
09:37:54.0906 2664 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
09:37:54.0937 2664 NtmsSvc - ok
09:37:54.0953 2664 NTSIM - ok
09:37:54.0984 2664 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
09:37:54.0984 2664 NuidFltr - ok
09:37:55.0031 2664 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:37:55.0078 2664 Null - ok
09:37:56.0031 2664 nv (ed9816dbaf6689542ea7d022631906a1) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:37:56.0312 2664 nv - ok
09:37:56.0421 2664 NVSvc (a2322c6207ebb0761a6c8cc9003ebacf) C:\WINDOWS\system32\nvsvc32.exe
09:37:56.0421 2664 NVSvc - ok
09:37:56.0437 2664 NWFILTER - ok
09:37:56.0515 2664 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:37:56.0515 2664 NwlnkFlt - ok
09:37:56.0531 2664 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:37:56.0531 2664 NwlnkFwd - ok
09:37:56.0546 2664 oracleorahome811cmadmin - ok
09:37:56.0546 2664 oracleorahome92tnslistener - ok
09:37:56.0562 2664 oraclesnmppeerencapsulator - ok
09:37:56.0578 2664 papyjoy - ok
09:37:57.0140 2664 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
09:37:57.0140 2664 Parport - ok
09:37:57.0156 2664 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:37:57.0156 2664 PartMgr - ok
09:37:57.0187 2664 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
09:37:57.0187 2664 ParVdm - ok
09:37:57.0203 2664 pavsrv - ok
09:37:57.0203 2664 PCDRSRVC - ok
09:37:57.0250 2664 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
09:37:57.0250 2664 PCI - ok
09:37:57.0250 2664 PCIDump - ok
09:37:57.0312 2664 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:37:57.0312 2664 PCIIde - ok
09:37:57.0359 2664 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:37:57.0359 2664 Pcmcia - ok
09:37:57.0375 2664 PDCOMP - ok
09:37:57.0375 2664 pdfcreatormessages - ok
09:37:57.0390 2664 PDFRAME - ok
09:37:57.0421 2664 pdlncbas - ok
09:37:57.0437 2664 PDRELI - ok
09:37:57.0453 2664 PDRFRAME - ok
09:37:57.0500 2664 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
09:37:57.0500 2664 perc2 - ok
09:37:57.0531 2664 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
09:37:57.0531 2664 perc2hib - ok
09:37:57.0562 2664 pinnaclesys.mediaserver - ok
09:37:57.0578 2664 plsremotesvc - ok
09:37:57.0734 2664 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
09:37:57.0750 2664 PlugPlay - ok
09:37:57.0781 2664 Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\system32\HPZipm12.exe
09:37:57.0781 2664 Pml Driver HPZ12 - ok
09:37:57.0796 2664 pnrouter - ok
09:37:57.0828 2664 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:37:57.0828 2664 PolicyAgent - ok
09:37:57.0828 2664 portmapper - ok
09:37:57.0890 2664 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:37:57.0890 2664 PptpMiniport - ok
09:37:57.0906 2664 processor - ok
09:37:57.0906 2664 profos - ok
09:37:57.0921 2664 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:37:57.0921 2664 ProtectedStorage - ok
09:37:57.0937 2664 proxyhostservice - ok
09:37:57.0968 2664 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:37:57.0984 2664 PSched - ok
09:37:58.0015 2664 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:37:58.0015 2664 Ptilink - ok
09:37:58.0031 2664 pxfhserd - ok
09:37:58.0062 2664 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:37:58.0078 2664 PxHelp20 - ok
09:37:58.0109 2664 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
09:37:58.0125 2664 ql1080 - ok
09:37:58.0140 2664 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
09:37:58.0140 2664 Ql10wnt - ok
09:37:58.0171 2664 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
09:37:58.0187 2664 ql12160 - ok
09:37:58.0203 2664 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
09:37:58.0218 2664 ql1240 - ok
09:37:58.0218 2664 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
09:37:58.0234 2664 ql1280 - ok
09:37:58.0234 2664 quickhealfirewall - ok
09:37:58.0265 2664 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:37:58.0281 2664 RasAcd - ok
09:37:58.0328 2664 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
09:37:58.0328 2664 RasAuto - ok
09:37:58.0359 2664 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:37:58.0359 2664 Rasl2tp - ok
09:37:58.0421 2664 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
09:37:58.0437 2664 RasMan - ok
09:37:58.0453 2664 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:37:58.0468 2664 RasPppoe - ok
09:37:58.0484 2664 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:37:58.0484 2664 Raspti - ok
09:37:58.0500 2664 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:37:58.0515 2664 Rdbss - ok
09:37:58.0531 2664 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:37:58.0531 2664 RDPCDD - ok
09:37:58.0906 2664 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:37:58.0921 2664 rdpdr - ok
09:37:58.0953 2664 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
09:37:58.0968 2664 RDPWD - ok
09:37:59.0015 2664 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
09:37:59.0015 2664 RDSessMgr - ok
09:37:59.0046 2664 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:37:59.0046 2664 redbook - ok
09:37:59.0062 2664 regmanserv - ok
09:37:59.0062 2664 regspy - ok
09:37:59.0125 2664 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
09:37:59.0125 2664 RemoteAccess - ok
09:37:59.0140 2664 RimSerPort - ok
09:37:59.0140 2664 rismxdp - ok
09:37:59.0156 2664 roxmediadb - ok
09:37:59.0171 2664 roxwatch9 - ok
09:37:59.0203 2664 rpaservice - ok
09:37:59.0265 2664 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
09:37:59.0281 2664 RpcLocator - ok
09:37:59.0281 2664 rpcnet - ok
09:37:59.0343 2664 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
09:37:59.0359 2664 RpcSs - ok
09:37:59.0406 2664 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
09:37:59.0453 2664 RSVP - ok
09:37:59.0515 2664 RT2500 (e2988349fe0567cbe4161cc653575a8e) C:\WINDOWS\system32\DRIVERS\RT2500.sys
09:37:59.0515 2664 RT2500 - ok
09:37:59.0531 2664 s116nd5 - ok
09:37:59.0531 2664 s217nd5 - ok
09:37:59.0546 2664 s616bus - ok
09:37:59.0828 2664 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:37:59.0828 2664 SamSs - ok
09:37:59.0843 2664 savrtpel - ok
09:37:59.0843 2664 scanexplicit - ok
09:37:59.0906 2664 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
09:37:59.0937 2664 SCardSvr - ok
09:37:59.0968 2664 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
09:37:59.0984 2664 Schedule - ok
09:37:59.0984 2664 scramby - ok
09:38:00.0000 2664 SeaPort - ok
09:38:00.0046 2664 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:38:00.0046 2664 Secdrv - ok
09:38:00.0187 2664 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
09:38:00.0187 2664 seclogon - ok
09:38:00.0265 2664 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
09:38:00.0296 2664 senfilt - ok
09:38:00.0343 2664 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
09:38:00.0359 2664 SENS - ok
09:38:00.0375 2664 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
09:38:00.0375 2664 serenum - ok
09:38:00.0421 2664 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
09:38:00.0437 2664 Serial - ok
09:38:00.0484 2664 sfilter - ok
09:38:00.0500 2664 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:38:00.0500 2664 Sfloppy - ok
09:38:00.0515 2664 sfrem01 - ok
09:38:00.0843 2664 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
09:38:00.0859 2664 SharedAccess - ok
09:38:00.0890 2664 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:38:00.0890 2664 ShellHWDetection - ok
09:38:00.0906 2664 Simbad - ok
09:38:00.0953 2664 SimpTcp (32933b07fc16d9f778bee12545fa1b1a) C:\WINDOWS\system32\tcpsvcs.exe
09:38:00.0953 2664 SimpTcp - ok
09:38:01.0000 2664 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
09:38:01.0015 2664 sisagp - ok
09:38:01.0062 2664 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:38:01.0062 2664 SLIP - ok
09:38:01.0062 2664 smartscaps - ok
09:38:01.0078 2664 smbios - ok
09:38:01.0093 2664 smcirda - ok
09:38:01.0109 2664 smsmdd - ok
09:38:01.0203 2664 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
09:38:01.0218 2664 smwdm - ok
09:38:01.0234 2664 SndTDriverV32 - ok
09:38:01.0265 2664 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
09:38:01.0265 2664 Sparrow - ok
09:38:01.0296 2664 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:38:01.0296 2664 splitter - ok
09:38:01.0343 2664 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
09:38:01.0359 2664 Spooler - ok
09:38:01.0437 2664 sprtsvc_dellsupportcenter - ok
09:38:01.0718 2664 SPService - ok
09:38:01.0765 2664 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
09:38:01.0781 2664 sr - ok
09:38:01.0828 2664 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
09:38:01.0843 2664 srservice - ok
09:38:01.0890 2664 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
09:38:01.0906 2664 Srv - ok
09:38:01.0906 2664 SrvcEKIOMngr - ok
09:38:01.0921 2664 srvdpi - ok
09:38:01.0968 2664 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
09:38:01.0968 2664 sscdbhk5 - ok
09:38:01.0984 2664 sscdmdm - ok
09:38:02.0031 2664 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
09:38:02.0031 2664 SSDPSRV - ok
09:38:02.0046 2664 ssoftservice - ok
09:38:02.0062 2664 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
09:38:02.0062 2664 ssrtln - ok
09:38:02.0078 2664 ss_mdfl - ok
09:38:02.0078 2664 st330service - ok
09:38:02.0109 2664 starwindservice - ok
09:38:02.0140 2664 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
09:38:02.0140 2664 StillCam - ok
09:38:02.0203 2664 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
09:38:02.0218 2664 stisvc - ok
09:38:02.0218 2664 Stltrk2k - ok
09:38:02.0281 2664 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:38:02.0281 2664 streamip - ok
09:38:02.0281 2664 surveyor - ok
09:38:02.0312 2664 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:38:02.0312 2664 swenum - ok
09:38:02.0359 2664 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:38:02.0375 2664 swmidi - ok
09:38:02.0375 2664 SwPrv - ok
09:38:02.0390 2664 SWUMX51 - ok
09:38:02.0437 2664 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
09:38:02.0437 2664 symc810 - ok
09:38:02.0453 2664 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
09:38:02.0468 2664 symc8xx - ok
09:38:02.0468 2664 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
09:38:02.0484 2664 sym_hi - ok
09:38:02.0484 2664 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
09:38:02.0484 2664 sym_u3 - ok
09:38:02.0531 2664 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:38:02.0531 2664 sysaudio - ok
09:38:03.0078 2664 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
09:38:03.0078 2664 SysmonLog - ok
09:38:03.0156 2664 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
09:38:03.0171 2664 TapiSrv - ok
09:38:03.0218 2664 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:38:03.0234 2664 Tcpip - ok
09:38:03.0281 2664 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
09:38:03.0296 2664 Tcpip6 - ok
09:38:03.0296 2664 tdcmdpst - ok
09:38:03.0343 2664 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:38:03.0343 2664 TDPIPE - ok
09:38:03.0359 2664 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:38:03.0359 2664 TDTCP - ok
09:38:03.0390 2664 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:38:03.0406 2664 TermDD - ok
09:38:03.0453 2664 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
09:38:03.0468 2664 TermService - ok
09:38:03.0937 2664 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
09:38:03.0953 2664 tfsnboio - ok
09:38:03.0953 2664 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
09:38:03.0968 2664 tfsncofs - ok
09:38:04.0000 2664 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
09:38:04.0000 2664 tfsndrct - ok
09:38:04.0015 2664 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
09:38:04.0015 2664 tfsndres - ok
09:38:04.0031 2664 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
09:38:04.0031 2664 tfsnifs - ok
09:38:04.0046 2664 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
09:38:04.0046 2664 tfsnopio - ok
09:38:04.0062 2664 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
09:38:04.0062 2664 tfsnpool - ok
09:38:04.0078 2664 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
09:38:04.0078 2664 tfsnudf - ok
09:38:04.0093 2664 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
09:38:04.0109 2664 tfsnudfa - ok
09:38:04.0140 2664 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:38:04.0140 2664 Themes - ok
09:38:04.0156 2664 TICalc - ok
09:38:04.0265 2664 TomTomHOMEService (efef22b9577e5051057fde1ae381b50c) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
09:38:04.0281 2664 TomTomHOMEService - ok
09:38:04.0312 2664 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
09:38:04.0312 2664 TosIde - ok
09:38:04.0328 2664 TPM - ok
09:38:04.0375 2664 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
09:38:04.0375 2664 TrkWks - ok
09:38:04.0437 2664 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
09:38:04.0437 2664 tunmp - ok
09:38:04.0453 2664 UDFReadr - ok
09:38:04.0468 2664 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:38:04.0484 2664 Udfs - ok
09:38:04.0484 2664 uiusys - ok
09:38:04.0531 2664 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
09:38:04.0546 2664 ultra - ok
09:38:04.0687 2664 UPATC - ok
09:38:04.0765 2664 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:38:04.0781 2664 Update - ok
09:38:04.0843 2664 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
09:38:04.0859 2664 upnphost - ok
09:38:04.0890 2664 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
09:38:04.0890 2664 UPS - ok
09:38:04.0906 2664 USB11LDR - ok
09:38:04.0906 2664 USB28xxBGA - ok
09:38:04.0953 2664 USBAAPL (e8c1b9ebac65288e1b51e8a987d98af6) C:\WINDOWS\system32\Drivers\usbaapl.sys
09:38:04.0968 2664 USBAAPL - ok
09:38:05.0015 2664 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
09:38:05.0015 2664 usbaudio - ok
09:38:05.0062 2664 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:38:05.0078 2664 usbccgp - ok
09:38:05.0093 2664 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:38:05.0093 2664 usbehci - ok
09:38:05.0125 2664 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:38:05.0156 2664 usbhub - ok
09:38:05.0296 2664 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:38:05.0312 2664 usbprint - ok
09:38:05.0328 2664 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:38:05.0328 2664 usbscan - ok
09:38:05.0390 2664 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:38:05.0406 2664 USBSTOR - ok
09:38:05.0437 2664 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:38:05.0453 2664 usbuhci - ok
09:38:05.0484 2664 USB_RNDIS (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys
09:38:05.0484 2664 USB_RNDIS - ok
09:38:05.0484 2664 uscbs108 - ok
09:38:05.0500 2664 USR1806V - ok
09:38:05.0515 2664 vaiomediaplatform-integratedserver-appserver - ok
09:38:05.0531 2664 vetfddnt - ok
09:38:05.0828 2664 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:38:05.0828 2664 VgaSave - ok
09:38:05.0859 2664 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
09:38:05.0859 2664 viaagp - ok
09:38:05.0890 2664 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
09:38:05.0890 2664 ViaIde - ok
09:38:05.0921 2664 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
09:38:05.0921 2664 VolSnap - ok
09:38:05.0937 2664 vpcbus - ok
09:38:05.0937 2664 vpn5000service - ok
09:38:05.0953 2664 VRADFIL - ok
09:38:06.0031 2664 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
09:38:06.0046 2664 VSS - ok
09:38:06.0046 2664 vsserv - ok
09:38:06.0062 2664 vstor2 - ok
09:38:06.0093 2664 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
09:38:06.0109 2664 w32time - ok
09:38:06.0125 2664 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:38:06.0140 2664 Wanarp - ok
09:38:06.0140 2664 wanatw - ok
09:38:06.0156 2664 WBHWDOCT - ok
09:38:06.0171 2664 wceusbsh - ok
09:38:06.0234 2664 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
09:38:06.0234 2664 Wdf01000 - ok
09:38:06.0250 2664 WDICA - ok
09:38:06.0312 2664 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:38:06.0312 2664 wdmaud - ok
09:38:06.0328 2664 WDM_YAMAHAAC97 - ok
09:38:06.0375 2664 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
09:38:06.0375 2664 WebClient - ok
09:38:06.0390 2664 webcompserver - ok
09:38:06.0406 2664 winachsx - ok
09:38:06.0515 2664 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
09:38:06.0515 2664 winmgmt - ok
09:38:06.0531 2664 winsshd - ok
09:38:06.0562 2664 wm - ok
09:38:06.0890 2664 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
09:38:06.0937 2664 WmdmPmSN - ok
09:38:07.0000 2664 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:38:07.0015 2664 WmiApSrv - ok
09:38:07.0171 2664 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
09:38:07.0203 2664 WMPNetworkSvc - ok
09:38:07.0375 2664 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:38:07.0421 2664 WPFFontCache_v0400 - ok
09:38:07.0890 2664 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:38:07.0953 2664 WSTCODEC - ok
09:38:08.0000 2664 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
09:38:08.0000 2664 wuauserv - ok
09:38:08.0046 2664 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:38:08.0062 2664 WudfPf - ok
09:38:08.0093 2664 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:38:08.0093 2664 WudfRd - ok
09:38:08.0125 2664 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
09:38:08.0125 2664 WudfSvc - ok
09:38:08.0187 2664 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
09:38:08.0203 2664 WZCSVC - ok
09:38:08.0218 2664 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
09:38:08.0234 2664 xmlprov - ok
09:38:08.0250 2664 zdeviceservice - ok
09:38:08.0328 2664 MBR (0x1B8) (a03e065717cb65f3034ad33ad58b6bba) \Device\Harddisk0\DR0
09:38:08.0453 2664 \Device\Harddisk0\DR0 - ok
09:38:08.0484 2664 Boot (0x1200) (bdb13d31d98258c5d40f699692849641) \Device\Harddisk0\DR0\Partition0
09:38:08.0484 2664 \Device\Harddisk0\DR0\Partition0 - ok
09:38:08.0484 2664 ============================================================
09:38:08.0484 2664 Scan finished
09:38:08.0484 2664 ============================================================
09:38:08.0500 5948 Detected object count: 0
09:38:08.0500 5948 Actual detected object count: 0
09:38:17.0250 4800 Deinitialize success


Farbar Service Scanner Version: 30-04-2012 01
Ran by Edwin Hildebrand (administrator) on 07-05-2012 at 09:39:18
Running from "C:\Documents and Settings\Edwin Hildebrand\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.


Connection Status:
==============
Localhost is blocked.
LAN connected.
Attempt to access Google IP returned error: Other errors
Attempt to access Yahoo IP returned error: Other errors


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice: "C:\WINDOWS\system32\srsvc.dll".


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS: "C:\WINDOWS\system32\qmgr.dll".

cryptsvc Service is not running. Checking service configuration:
The start type of cryptsvc service is OK.
The ImagePath of cryptsvc service is OK.
The ServiceDll of cryptsvc service is OK.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) mfetdi2k(9) NetBT(5) PSched(7) Tcpip(3) Tcpip6(13)
0x0D0000000400000001000000020000000300000009000000080000000500000006000000070000000A0000000B0000000C0000000D000000
IpSec Tag value is correct.

**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:24 PM

Posted 07 May 2012 - 12:44 PM

Press Windows+R key and type

cmd and click ok

Now run this command

net start dhcp

Now check if you can browse internet.Restart the PC and check again.If that doesnt work try this


Download

Winsock fix

Launch it ,Click on FIX

Restart your PC after it gets completed

Check your browser.If that doesnt work try this


PLEASE create a restore point before trying this

Please copy the entire contents of the codebox below into Notepad:


REGEDIT4

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock]

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2]





Open a notepad ,copy the script,save it as

Filename:winsock.reg
save as type:All files


Launch it and click YES to add it to registry

After that, Reboot your computer.

After the restart,

Go to Network Connections
Right click on your normal connection icon, and choose Properties
Click the Install button
Choose Protocol then click Add
Click Have disk
In the drop down box, type in: C:\WINDOWS\INF and click OK
In the next dialog, click Internet Protocol (TCP/IP) then click OK
Click Close to leave the properties box

After that, restart your computer and see if you can browse now.

Post the NEW FSS log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Good luck

Edited by narenxp, 07 May 2012 - 12:44 PM.


#9 reedncg

reedncg
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 07 May 2012 - 02:45 PM

Internet connection working again after running Winsock Fix. FSS and results from Mini toolbox are below. Thank, Ed

MiniToolBox by Farbar Version: 18-01-2012
Ran by Edwin Hildebrand (administrator) on 07-05-2012 at 12:38:37
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "*.local"

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Linksys Wireless-G PCI Adapter = Wireless Network Connection 2 (Connected)
Intel® PRO/100 VE Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection 2"

set address name="Wireless Network Connection 2" source=dhcp
set dns name="Wireless Network Connection 2" source=dhcp register=BOTH
set wins name="Wireless Network Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : D3SP6181

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 00-13-20-49-EE-BE



Ethernet adapter Wireless Network Connection 2:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Linksys Wireless-G PCI Adapter #2

Physical Address. . . . . . . . . : 00-12-17-8B-62-5B

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.102

Subnet Mask . . . . . . . . . . . : 255.255.255.0

IP Address. . . . . . . . . . . . : ?

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 68.105.28.11

68.105.29.11

68.105.28.12

?

?

?

Lease Obtained. . . . . . . . . . : Monday, May 07, 2012 11:38:03 AM

Lease Expires . . . . . . . . . . : Tuesday, May 08, 2012 11:38:03 AM



Tunnel adapter Teredo Tunneling Pseudo-Interface:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : ?

Default Gateway . . . . . . . . . :

NetBIOS over Tcpip. . . . . . . . : Disabled

Server: cdns1.cox.net
Address: 68.105.28.11

Name: google.com
Addresses: 74.125.224.164, 74.125.224.165, 74.125.224.166, 74.125.224.167
74.125.224.168, 74.125.224.169, 74.125.224.174, 74.125.224.160, 74.125.224.161
74.125.224.162, 74.125.224.163



Pinging google.com [74.125.224.238] with 32 bytes of data:



Reply from 74.125.224.238: bytes=32 time=23ms TTL=56

Reply from 74.125.224.238: bytes=32 time=24ms TTL=56



Ping statistics for 74.125.224.238:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 23ms, Maximum = 24ms, Average = 23ms

Server: cdns1.cox.net
Address: 68.105.28.11

Name: yahoo.com
Addresses: 72.30.38.140, 98.139.183.24, 209.191.122.70



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=48ms TTL=55

Reply from 209.191.122.70: bytes=32 time=47ms TTL=55



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 47ms, Maximum = 48ms, Average = 47ms

Server: cdns1.cox.net
Address: 68.105.28.11

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 13 20 49 ee be ...... Intel® PRO/100 VE Network Connection
0x10004 ...00 12 17 8b 62 5b ...... Linksys Wireless-G PCI Adapter #2
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.102 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.102 192.168.1.102 20
192.168.1.0 255.255.255.0 192.168.1.102 192.168.1.102 25
192.168.1.102 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.102 192.168.1.102 25
224.0.0.0 240.0.0.0 192.168.1.102 192.168.1.102 25
255.255.255.255 255.255.255.255 192.168.1.102 10003 1
255.255.255.255 255.255.255.255 192.168.1.102 192.168.1.102 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/07/2012 11:25:05 AM) (Source: Google Update) (User: SYSTEM)SYSTEM
Description: Google Update has encountered a fatal error.
ver=1.3.21.111;lang=en;id=;is_machine=1;upload=0;minidump=C:\Program Files\Google\CrashReports\08176ee7-bd5d-4394-90c1-0b388b07c245.dmp

Error: (05/07/2012 11:24:24 AM) (Source: SENS) (User: )
Description: Event System Win32 Error: No service is operating at the destination network endpoint on the remote system.

ServiceStart(): SensInitialize() failed

Error: (05/07/2012 11:22:29 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10093)

Error: (05/07/2012 11:15:23 AM) (Source: SENS) (User: )
Description: Event System Win32 Error: No service is operating at the destination network endpoint on the remote system.

ServiceStart(): SensInitialize() failed

Error: (05/07/2012 11:13:42 AM) (Source: SENS) (User: )
Description: Event System Win32 Error: No service is operating at the destination network endpoint on the remote system.

ServiceStart(): SensInitialize() failed

Error: (05/07/2012 10:11:31 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/07/2012 00:36:23 AM) (Source: SENS) (User: )
Description: Event System Win32 Error: No service is operating at the destination network endpoint on the remote system.

ServiceStart(): SensInitialize() failed

Error: (05/07/2012 00:34:32 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10093)

Error: (05/07/2012 00:28:58 AM) (Source: SENS) (User: )
Description: Event System Win32 Error: No service is operating at the destination network endpoint on the remote system.

ServiceStart(): SensInitialize() failed

Error: (05/07/2012 00:26:52 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10093)


System errors:
=============
Error: (05/07/2012 11:40:39 AM) (Source: Service Control Manager) (User: )
Description: The IPv6 Helper Service service hung on starting.

Error: (05/07/2012 11:39:25 AM) (Source: Service Control Manager) (User: )
Description: The Pserve service terminated with the following error:
%%126

Error: (05/07/2012 11:39:25 AM) (Source: Service Control Manager) (User: )
Description: The Fssfltr service terminated with the following error:
%%126

Error: (05/07/2012 11:39:25 AM) (Source: Service Control Manager) (User: )
Description: The Elnkupdateservice service terminated with the following error:
%%126

Error: (05/07/2012 11:39:25 AM) (Source: Service Control Manager) (User: )
Description: The Ehstart service terminated with the following error:
%%126

Error: (05/07/2012 11:39:25 AM) (Source: Service Control Manager) (User: )
Description: The Tosrfusb service terminated with the following error:
%%126

Error: (05/07/2012 11:39:25 AM) (Source: Service Control Manager) (User: )
Description: The MRV6X32P service terminated with the following error:
%%126

Error: (05/07/2012 11:39:25 AM) (Source: Service Control Manager) (User: )
Description: The Zdeviceservice service terminated with the following error:
%%126

Error: (05/07/2012 11:39:25 AM) (Source: Service Control Manager) (User: )
Description: The WmaCVideo32 service terminated with the following error:
%%126

Error: (05/07/2012 11:39:25 AM) (Source: Service Control Manager) (User: )
Description: The Bthusb service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================
Error: (05/07/2012 11:25:05 AM) (Source: Google Update)(User: SYSTEM)SYSTEM
Description: Google Update has encountered a fatal error.
ver=1.3.21.111;lang=en;id=;is_machine=1;upload=0;minidump=C:\Program Files\Google\CrashReports\08176ee7-bd5d-4394-90c1-0b388b07c245.dmp

Error: (05/07/2012 11:24:24 AM) (Source: SENS)(User: )
Description: Event System Win32 Error: No service is operating at the destination network endpoint on the remote system.

ServiceStart(): SensInitialize() failed

Error: (05/07/2012 11:22:29 AM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10093)

Error: (05/07/2012 11:15:23 AM) (Source: SENS)(User: )
Description: Event System Win32 Error: No service is operating at the destination network endpoint on the remote system.

ServiceStart(): SensInitialize() failed

Error: (05/07/2012 11:13:42 AM) (Source: SENS)(User: )
Description: Event System Win32 Error: No service is operating at the destination network endpoint on the remote system.

ServiceStart(): SensInitialize() failed

Error: (05/07/2012 10:11:31 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/07/2012 00:36:23 AM) (Source: SENS)(User: )
Description: Event System Win32 Error: No service is operating at the destination network endpoint on the remote system.

ServiceStart(): SensInitialize() failed

Error: (05/07/2012 00:34:32 AM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10093)

Error: (05/07/2012 00:28:58 AM) (Source: SENS)(User: )
Description: Event System Win32 Error: No service is operating at the destination network endpoint on the remote system.

ServiceStart(): SensInitialize() failed

Error: (05/07/2012 00:26:52 AM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10093)


=========================== Installed Programs ============================

1400 (Version: 50.0.206.000)
1400_Help (Version: 50.0.206.000)
1400Trb (Version: 50.0.206.000)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
AiO_Scan (Version: 50.0.206.000)
AiOSoftware (Version: 50.0.206.000)
AnswerWorks 5.0 English Runtime (Version: 008.000.0003)
AOLIcon (Version: 1.00.0000)
Apple Application Support (Version: 1.2.1)
Apple Mobile Device Support (Version: 3.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Bing Bar (Version: 7.0.822.0)
Bonjour (Version: 2.0.1.2)
BufferChm (Version: 53.0.13.000)
CCScore (Version: 7.00.0000.0001)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Coupon Printer for Windows (Version: 4.0)
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Picture Studio v3.0 (Version: 3.0.0)
Dell Support Center (Support Software) (Version: 2.2.09085)
Dell System Restore (Version: 2.00.0000)
DellSupport (Version: 6.0.3062)
Destinations (Version: 53.0.13.000)
DeviceManagementQFolder (Version: 1.00.0000)
Digital TV for PC 2.0
DocProc (Version: 5.2.0.0)
eReg (Version: 1.20.138.34)
ESSBrwr (Version: 7.00.0000.0003)
ESSCDBK (Version: 7.00.0000.0002)
ESScore (Version: 7.00.0000.0008)
ESSgui (Version: 7.00.0000.0002)
ESSini (Version: 7.00.0000.0003)
ESSPCD (Version: 7.00.0000.0002)
ESSPDock (Version: 6.03.0001.0004)
ESSSONIC (Version: 6.4.0000.0001)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 7.00.0000.0002)
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 50.0.206.000)
fflink (Version: 6.02.1001.0001)
getPlus® for Adobe (Version: 1.5.2.35)
Google Earth (Version: 6.1.0.5001)
Google Talk Plugin (Version: 2.8.7.6830)
Google Update Helper (Version: 1.3.21.111)
Google Updater (Version: 2.4.2432.1652)
Hardwood Spades
HP Image Zone Express (Version: 1.5.1.29)
HP Imaging Device Functions 5.3 (Version: 5.3)
HP Product Assistant (Version: 100.000.001.000)
HP PSC & OfficeJet 5.3.B
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
HP Update (Version: 5.003.001.001)
HPProductAssistant (Version: 53.0.13.000)
Image Resizer Powertoy for Windows XP (Version: 1.00.0001)
Intel® 537EP V9x DF PCI Modem
Intel® Extreme Graphics 2 Driver (Version: 6.14.10.4396)
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections (Version: 8.00.5000)
Internet Explorer Default Page (Version: 1.00.03)
iPhone Configuration Utility (Version: 2.1.0.163)
iTunes (Version: 9.1.1.12)
Jasc Paint Shop Photo Album 5 (Version: 5.21)
Jasc Paint Shop Pro Studio, Dell Editon (Version: 1.01.0000)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
kgcbaby (Version: 5.03.0000.0002)
kgcbase (Version: 5.03.0000.0004)
kgchday (Version: 5.03.0000.0002)
kgchlwn (Version: 5.03.0000.0002)
kgcinvt (Version: 5.03.0000.0003)
kgckids (Version: 6.03.0001.0001)
kgcmove (Version: 6.03.0001.0001)
kgcvday (Version: 5.03.0000.0002)
Kodak EasyShare software
Logitech QuickCam (Version: 6.01.0000)
Logitech SetPoint 6.20 (Version: 6.20.64)
Maptech Terrain Navigator
McAfee Total Protection (Version: 11.0.669)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Disc 2 (Version: 9.00.2720)
Microsoft Office 2000 Small Business (Version: 9.00.2720)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MobileMe Control Panel (Version: 3.0.1.2)
Modem Event Monitor
Modem Helper (Version: 2.40)
Modem On Hold (Version: 1.12)
Move Media Player
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Musicmatch® Jukebox (Version: 9.00.5100)
My Way Search Assistant
My Way Search Assistant (Version: 1.0.256)
neroxml (Version: 1.0.0)
netbrdg (Version: 7.00.0000.0003)
NewCopy (Version: 50.0.206.000)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA nView Desktop Manager (Version: 6.14.10.13527)
NVIDIA PhysX v8.09.04 (Version: 8.09.04)
OfotoXMI (Version: 7.00.0000.0002)
OpenOffice.org Installer 1.0 (Version: 1.0.9221)
PartyPokerNet (Version: 124)
Photo Click (Version: 1.0.0)
ProductContext (Version: 50.0.206.000)
QuickTime (Version: 7.66.71.0)
Readme (Version: 50.0.206.000)
RealFlight G5 R/C Simulator
RealPlayer Basic
Safari (Version: 5.31.22.7)
Scan (Version: 5.2.0.0)
ScannerCopy (Version: 5.2.0.0)
SFR (Version: 7.00.0000.0004)
SHASTA (Version: 6.04.0000.0001)
skin0001 (Version: 7.00.0000.0002)
SKINXSDK (Version: 7.00.0000.0001)
SolutionCenter (Version: 50.0.152.000)
Sonic CinePlayer DVD Pack (Version: 2.3.1)
Sonic DLA (Version: 4.95)
Sonic RecordNow Audio (Version: 2.0.0)
Sonic RecordNow Copy (Version: 2.0.0)
Sonic RecordNow Data (Version: 2.0.0)
Sonic Update Manager (Version: 3.0.0)
staticcr (Version: 7.00.0000.0002)
Status (Version: 53.0.13.000)
TomTom HOME 2.8.2.2264 (Version: 2.8.2.2264)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
tooltips (Version: 7.00.0000.0002)
TrayApp (Version: 53.0.13.000)
TurboTax 2008
TurboTax 2008 waziper (Version: 008.000.0118)
TurboTax 2008 WinPerFedFormset (Version: 008.000.0338)
TurboTax 2008 WinPerProgramHelp (Version: 008.000.0218)
TurboTax 2008 WinPerReleaseEngine (Version: 008.000.0190)
TurboTax 2008 WinPerTaxSupport (Version: 008.000.1000)
TurboTax 2008 WinPerUserEducation (Version: 008.000.0428)
TurboTax 2008 wrapper (Version: 008.000.0065)
TurboTax 2009
TurboTax 2009 waziper (Version: 009.000.0659)
TurboTax 2009 WinPerFedFormset (Version: 009.000.2163)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0238)
TurboTax 2009 wrapper (Version: 009.000.0145)
TurboTax 2010
TurboTax 2010 waziper (Version: 010.000.1275)
TurboTax 2010 WinPerFedFormset (Version: 010.000.4227)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0483)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0214)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 waziper (Version: 011.000.1607)
TurboTax 2011 WinPerFedFormset (Version: 011.000.2999)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0474)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0214)
TurboTax 2011 wrapper (Version: 011.000.0121)
Unload (Version: 5.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB968220) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB942763) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Viewpoint Media Player
VPRINTOL (Version: 7.00.0000.0001)
W Photo Studio (Version: 1.0.0.143)
WebCyberCoach 3.2 Dell
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
Windows Essentials Media Codec Pack 3.6 [32-Bit] (Version: 3.6)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows jZip Toolbar (Version: 2.5.0.102741)
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
WIRELESS (Version: 7.00.0000.0002)
WordPerfect Office 12 (Version: 12.01)
Yahoo! Messenger
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 22%
Total physical RAM: 2045.98 MB
Available physical RAM: 1594.36 MB
Total Pagefile: 2664.17 MB
Available Pagefile: 2018.94 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.65 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:71.24 GB) (Free:28.38 GB) NTFS
5 Drive g: (TravelDrive) (Removable) (Total:0.23 GB) (Free:0.13 GB) FAT

========================= Users: ========================================

User accounts for \\D3SP6181

Administrator Edwin Hildebrand Guest
HelpAssistant SUPPORT_388945a0


**** End of log ****

Farbar Service Scanner Version: 30-04-2012 01
Ran by Edwin Hildebrand (administrator) on 07-05-2012 at 12:30:51
Running from "C:\Documents and Settings\Edwin Hildebrand\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) mfetdi2k(9) NetBT(5) PSched(7) Tcpip(3) Tcpip6(13)
0x0D0000000400000001000000020000000300000009000000080000000500000006000000070000000A0000000B0000000C0000000D000000
IpSec Tag value is correct.

**** End of log ****

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:24 PM

Posted 07 May 2012 - 08:03 PM

Follow my previous instructions,run MBAM and eset online scanner and post the logs

good luck

#11 reedncg

reedncg
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 08 May 2012 - 04:24 AM

Ran MBAM full and then again Quick. Logs below. Also ran ESET and minitoolbox. Logs below. Thanks, Ed

Full MBAM

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.07.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Edwin Hildebrand :: D3SP6181 [administrator]

5/7/2012 4:48:20 PM
mbam-log-2012-05-07 (16-48-20).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 317708
Time elapsed: 5 hour(s), 33 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 6
HKCR\CLSID\{96AFBE69-C3B0-4b00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\sp (TrojanProxy.Agent) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\sp (TrojanProxy.Agent) -> Quarantined and deleted successfully.
HKLM\System\CurrentControlSet\Services\SPService (TrojanProxy.Agent) -> Quarantined and deleted successfully.

Registry Values Detected: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{96AFBE69-C3B0-4B00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Data: sp -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{96AFBE69-C3B0-4b00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost|netsvc (TrojanProxy.Agent) -> Data: SPService^w^ -> Quarantined and deleted successfully.

Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 3
C:\Program Files\MyWaySA (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWaySA\SrchAsDe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWaySA\SrchAsDe\1.bin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Files Detected: 2
C:\Documents and Settings\NetworkService\Application Data\Microsoft\sp.DLL (TrojanProxy.Agent) -> Quarantined and deleted successfully.
c:\tdsskiller_quarantine\06.05.2012_11.10.36\rtkt0000\zafs0000\tsk0002.dta (Rootkit.0Access) -> Quarantined and deleted successfully.

(end)

MBAM Quick

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.07.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Edwin Hildebrand :: D3SP6181 [administrator]

5/7/2012 10:57:26 PM
mbam-log-2012-05-07 (22-57-26).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213648
Time elapsed: 25 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

ESET log
C:\Documents and Settings\Edwin Hildebrand\My Documents\Downloads\CouponPrinter.exe probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
C:\TDSSKiller_Quarantine\06.05.2012_11.10.36\rtkt0000\svc0000\tsk0000.dta Win32/Sirefef.DA trojan cleaned by deleting - quarantined

Minitoolbox Result

MiniToolBox by Farbar Version: 18-01-2012
Ran by Edwin Hildebrand (administrator) on 08-05-2012 at 02:05:47
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Linksys Wireless-G PCI Adapter = Wireless Network Connection 2 (Connected)
Intel® PRO/100 VE Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection 2"

set address name="Wireless Network Connection 2" source=dhcp
set dns name="Wireless Network Connection 2" source=dhcp register=BOTH
set wins name="Wireless Network Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : D3SP6181

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 00-13-20-49-EE-BE



Ethernet adapter Wireless Network Connection 2:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Linksys Wireless-G PCI Adapter #2

Physical Address. . . . . . . . . : 00-12-17-8B-62-5B

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.102

Subnet Mask . . . . . . . . . . . : 255.255.255.0

IP Address. . . . . . . . . . . . : ?

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 68.105.28.11

68.105.29.11

68.105.28.12

?

?

?

Lease Obtained. . . . . . . . . . : Monday, May 07, 2012 10:45:55 PM

Lease Expires . . . . . . . . . . : Tuesday, May 08, 2012 10:45:55 PM



Tunnel adapter Teredo Tunneling Pseudo-Interface:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : ?

Default Gateway . . . . . . . . . :

NetBIOS over Tcpip. . . . . . . . : Disabled

Server: cdns1.cox.net
Address: 68.105.28.11

Name: google.com
Addresses: 74.125.224.200, 74.125.224.201, 74.125.224.206, 74.125.224.192
74.125.224.193, 74.125.224.194, 74.125.224.195, 74.125.224.196, 74.125.224.197
74.125.224.198, 74.125.224.199



Pinging google.com [74.125.224.160] with 32 bytes of data:



Reply from 74.125.224.160: bytes=32 time=25ms TTL=56

Reply from 74.125.224.160: bytes=32 time=27ms TTL=56



Ping statistics for 74.125.224.160:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 25ms, Maximum = 27ms, Average = 26ms

Server: cdns1.cox.net
Address: 68.105.28.11

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=48ms TTL=55

Reply from 209.191.122.70: bytes=32 time=50ms TTL=55



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 48ms, Maximum = 50ms, Average = 49ms

Server: cdns1.cox.net
Address: 68.105.28.11

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 13 20 49 ee be ...... Intel® PRO/100 VE Network Connection
0x10004 ...00 12 17 8b 62 5b ...... Linksys Wireless-G PCI Adapter #2
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.102 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.102 192.168.1.102 20
192.168.1.0 255.255.255.0 192.168.1.102 192.168.1.102 25
192.168.1.102 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.102 192.168.1.102 25
224.0.0.0 240.0.0.0 192.168.1.102 192.168.1.102 25
255.255.255.255 255.255.255.255 192.168.1.102 10003 1
255.255.255.255 255.255.255.255 192.168.1.102 192.168.1.102 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/07/2012 04:16:16 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/07/2012 04:16:16 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/07/2012 04:05:22 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/07/2012 04:05:22 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/07/2012 11:25:05 AM) (Source: Google Update) (User: SYSTEM)SYSTEM
Description: Google Update has encountered a fatal error.
ver=1.3.21.111;lang=en;id=;is_machine=1;upload=0;minidump=C:\Program Files\Google\CrashReports\08176ee7-bd5d-4394-90c1-0b388b07c245.dmp

Error: (05/07/2012 11:24:24 AM) (Source: SENS) (User: )
Description: Event System Win32 Error: No service is operating at the destination network endpoint on the remote system.

ServiceStart(): SensInitialize() failed

Error: (05/07/2012 11:22:29 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10093)

Error: (05/07/2012 11:15:23 AM) (Source: SENS) (User: )
Description: Event System Win32 Error: No service is operating at the destination network endpoint on the remote system.

ServiceStart(): SensInitialize() failed

Error: (05/07/2012 11:13:42 AM) (Source: SENS) (User: )
Description: Event System Win32 Error: No service is operating at the destination network endpoint on the remote system.

ServiceStart(): SensInitialize() failed

Error: (05/07/2012 10:11:31 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


System errors:
=============
Error: (05/07/2012 10:48:16 PM) (Source: DCOM) (User: SYSTEM)
Description: The server {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C} did not register with DCOM within the required timeout.

Error: (05/07/2012 10:47:12 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
IntelIde

Error: (05/07/2012 10:47:12 PM) (Source: Service Control Manager) (User: )
Description: The Bobo service terminated with the following error:
%%126

Error: (05/07/2012 10:47:12 PM) (Source: Service Control Manager) (User: )
Description: The Ehstart service terminated with the following error:
%%126

Error: (05/07/2012 10:47:12 PM) (Source: Service Control Manager) (User: )
Description: The MRV6X32P service terminated with the following error:
%%126

Error: (05/07/2012 10:47:12 PM) (Source: Service Control Manager) (User: )
Description: The WmaCVideo32 service terminated with the following error:
%%126

Error: (05/07/2012 10:47:12 PM) (Source: Service Control Manager) (User: )
Description: The Bthusb service terminated with the following error:
%%126

Error: (05/07/2012 10:47:12 PM) (Source: Service Control Manager) (User: )
Description: The Rpcapd service terminated with the following error:
%%126

Error: (05/07/2012 10:47:12 PM) (Source: Service Control Manager) (User: )
Description: The Elnkupdateservice service terminated with the following error:
%%126

Error: (05/07/2012 10:47:12 PM) (Source: Service Control Manager) (User: )
Description: The Pserve service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================
Error: (05/07/2012 04:16:16 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/07/2012 04:16:16 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/07/2012 04:05:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/07/2012 04:05:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/07/2012 11:25:05 AM) (Source: Google Update)(User: SYSTEM)SYSTEM
Description: Google Update has encountered a fatal error.
ver=1.3.21.111;lang=en;id=;is_machine=1;upload=0;minidump=C:\Program Files\Google\CrashReports\08176ee7-bd5d-4394-90c1-0b388b07c245.dmp

Error: (05/07/2012 11:24:24 AM) (Source: SENS)(User: )
Description: Event System Win32 Error: No service is operating at the destination network endpoint on the remote system.

ServiceStart(): SensInitialize() failed

Error: (05/07/2012 11:22:29 AM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10093)

Error: (05/07/2012 11:15:23 AM) (Source: SENS)(User: )
Description: Event System Win32 Error: No service is operating at the destination network endpoint on the remote system.

ServiceStart(): SensInitialize() failed

Error: (05/07/2012 11:13:42 AM) (Source: SENS)(User: )
Description: Event System Win32 Error: No service is operating at the destination network endpoint on the remote system.

ServiceStart(): SensInitialize() failed

Error: (05/07/2012 10:11:31 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

1400 (Version: 50.0.206.000)
1400_Help (Version: 50.0.206.000)
1400Trb (Version: 50.0.206.000)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
AiO_Scan (Version: 50.0.206.000)
AiOSoftware (Version: 50.0.206.000)
AnswerWorks 5.0 English Runtime (Version: 008.000.0003)
AOLIcon (Version: 1.00.0000)
Apple Application Support (Version: 1.2.1)
Apple Mobile Device Support (Version: 3.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Bing Bar (Version: 7.0.822.0)
Bonjour (Version: 2.0.1.2)
BufferChm (Version: 53.0.13.000)
CCScore (Version: 7.00.0000.0001)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Coupon Printer for Windows (Version: 4.0)
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Picture Studio v3.0 (Version: 3.0.0)
Dell Support Center (Support Software) (Version: 2.2.09085)
Dell System Restore (Version: 2.00.0000)
DellSupport (Version: 6.0.3062)
Destinations (Version: 53.0.13.000)
DeviceManagementQFolder (Version: 1.00.0000)
Digital TV for PC 2.0
DocProc (Version: 5.2.0.0)
eReg (Version: 1.20.138.34)
ESET Online Scanner v3
ESSBrwr (Version: 7.00.0000.0003)
ESSCDBK (Version: 7.00.0000.0002)
ESScore (Version: 7.00.0000.0008)
ESSgui (Version: 7.00.0000.0002)
ESSini (Version: 7.00.0000.0003)
ESSPCD (Version: 7.00.0000.0002)
ESSPDock (Version: 6.03.0001.0004)
ESSSONIC (Version: 6.4.0000.0001)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 7.00.0000.0002)
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 50.0.206.000)
fflink (Version: 6.02.1001.0001)
getPlus® for Adobe (Version: 1.5.2.35)
Google Earth (Version: 6.1.0.5001)
Google Talk Plugin (Version: 2.8.7.6830)
Google Update Helper (Version: 1.3.21.111)
Google Updater (Version: 2.4.2432.1652)
Hardwood Spades
HP Image Zone Express (Version: 1.5.1.29)
HP Imaging Device Functions 5.3 (Version: 5.3)
HP Product Assistant (Version: 100.000.001.000)
HP PSC & OfficeJet 5.3.B
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
HP Update (Version: 5.003.001.001)
HPProductAssistant (Version: 53.0.13.000)
Image Resizer Powertoy for Windows XP (Version: 1.00.0001)
Intel® 537EP V9x DF PCI Modem
Intel® Extreme Graphics 2 Driver (Version: 6.14.10.4396)
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections (Version: 8.00.5000)
Internet Explorer Default Page (Version: 1.00.03)
iPhone Configuration Utility (Version: 2.1.0.163)
iTunes (Version: 9.1.1.12)
Jasc Paint Shop Photo Album 5 (Version: 5.21)
Jasc Paint Shop Pro Studio, Dell Editon (Version: 1.01.0000)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
kgcbaby (Version: 5.03.0000.0002)
kgcbase (Version: 5.03.0000.0004)
kgchday (Version: 5.03.0000.0002)
kgchlwn (Version: 5.03.0000.0002)
kgcinvt (Version: 5.03.0000.0003)
kgckids (Version: 6.03.0001.0001)
kgcmove (Version: 6.03.0001.0001)
kgcvday (Version: 5.03.0000.0002)
Kodak EasyShare software
Logitech QuickCam (Version: 6.01.0000)
Logitech SetPoint 6.20 (Version: 6.20.64)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Maptech Terrain Navigator
McAfee Total Protection (Version: 11.0.669)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Disc 2 (Version: 9.00.2720)
Microsoft Office 2000 Small Business (Version: 9.00.2720)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MobileMe Control Panel (Version: 3.0.1.2)
Modem Event Monitor
Modem Helper (Version: 2.40)
Modem On Hold (Version: 1.12)
Move Media Player
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Musicmatch® Jukebox (Version: 9.00.5100)
My Way Search Assistant
My Way Search Assistant (Version: 1.0.256)
neroxml (Version: 1.0.0)
netbrdg (Version: 7.00.0000.0003)
NewCopy (Version: 50.0.206.000)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA nView Desktop Manager (Version: 6.14.10.13527)
NVIDIA PhysX v8.09.04 (Version: 8.09.04)
OfotoXMI (Version: 7.00.0000.0002)
OpenOffice.org Installer 1.0 (Version: 1.0.9221)
PartyPokerNet (Version: 124)
Photo Click (Version: 1.0.0)
ProductContext (Version: 50.0.206.000)
QuickTime (Version: 7.66.71.0)
Readme (Version: 50.0.206.000)
RealFlight G5 R/C Simulator
RealPlayer Basic
Safari (Version: 5.31.22.7)
Scan (Version: 5.2.0.0)
ScannerCopy (Version: 5.2.0.0)
SFR (Version: 7.00.0000.0004)
SHASTA (Version: 6.04.0000.0001)
skin0001 (Version: 7.00.0000.0002)
SKINXSDK (Version: 7.00.0000.0001)
SolutionCenter (Version: 50.0.152.000)
Sonic CinePlayer DVD Pack (Version: 2.3.1)
Sonic DLA (Version: 4.95)
Sonic RecordNow Audio (Version: 2.0.0)
Sonic RecordNow Copy (Version: 2.0.0)
Sonic RecordNow Data (Version: 2.0.0)
Sonic Update Manager (Version: 3.0.0)
staticcr (Version: 7.00.0000.0002)
Status (Version: 53.0.13.000)
TomTom HOME 2.8.2.2264 (Version: 2.8.2.2264)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
tooltips (Version: 7.00.0000.0002)
TrayApp (Version: 53.0.13.000)
TurboTax 2008
TurboTax 2008 waziper (Version: 008.000.0118)
TurboTax 2008 WinPerFedFormset (Version: 008.000.0338)
TurboTax 2008 WinPerProgramHelp (Version: 008.000.0218)
TurboTax 2008 WinPerReleaseEngine (Version: 008.000.0190)
TurboTax 2008 WinPerTaxSupport (Version: 008.000.1000)
TurboTax 2008 WinPerUserEducation (Version: 008.000.0428)
TurboTax 2008 wrapper (Version: 008.000.0065)
TurboTax 2009
TurboTax 2009 waziper (Version: 009.000.0659)
TurboTax 2009 WinPerFedFormset (Version: 009.000.2163)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0238)
TurboTax 2009 wrapper (Version: 009.000.0145)
TurboTax 2010
TurboTax 2010 waziper (Version: 010.000.1275)
TurboTax 2010 WinPerFedFormset (Version: 010.000.4227)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0483)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0214)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 waziper (Version: 011.000.1607)
TurboTax 2011 WinPerFedFormset (Version: 011.000.2999)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0474)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0214)
TurboTax 2011 wrapper (Version: 011.000.0121)
Unload (Version: 5.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB968220) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB942763) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Viewpoint Media Player
VPRINTOL (Version: 7.00.0000.0001)
W Photo Studio (Version: 1.0.0.143)
WebCyberCoach 3.2 Dell
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
Windows Essentials Media Codec Pack 3.6 [32-Bit] (Version: 3.6)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows jZip Toolbar (Version: 2.5.0.102741)
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
WIRELESS (Version: 7.00.0000.0002)
WordPerfect Office 12 (Version: 12.01)
Yahoo! Messenger
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 2045.98 MB
Available physical RAM: 1553.43 MB
Total Pagefile: 2664.13 MB
Available Pagefile: 1985.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.65 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:71.24 GB) (Free:28.22 GB) NTFS
5 Drive g: (TravelDrive) (Removable) (Total:0.23 GB) (Free:0.13 GB) FAT

========================= Users: ========================================

User accounts for \\D3SP6181

Administrator Edwin Hildebrand Guest
HelpAssistant SUPPORT_388945a0


**** End of log ****

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:24 PM

Posted 08 May 2012 - 04:38 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#13 reedncg

reedncg
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 08 May 2012 - 07:09 AM

All Went well, Thanks so much for your help and patients with me.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:24 PM

Posted 08 May 2012 - 11:45 AM

You're welcome :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users