Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rkill not working on new S.M.A.R.T Virus variant Part 2: The Search for more money


  • Please log in to reply
14 replies to this topic

#1 ARKaMAN

ARKaMAN

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:27 PM

Posted 08 May 2012 - 11:09 AM

Old Thread: http://www.bleepingcomputer.com/forums/topic452314.html

I have a computer with the following Virus

Posted Image

BC AdBot (Login to Remove)

 


#2 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:10:27 PM

Posted 08 May 2012 - 12:40 PM

I have had to repair a number of these in the last week at our shop as well. I found that I have the best luck by using safemode with networking, Run rkill then malwarebytes then tdsskiller. From there someone on the Malware Response team can help you with the removal of anything else, I am fairly new to BC so I am not totaly sure how much help to give. I think what I have given so far should at least help. Also I have found that if you can get to the net but malwarebytes wont update a reinstall often fixes the problem. Hope this helps.

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:27 PM

Posted 08 May 2012 - 12:53 PM

Did you follow this guide?

http://www.bleepingcomputer.com/virus-removal/remove-data-recovery

Note:Boot the pc into safe mode with networking Run the unhide tool first

Unhide

After unhide gets finished,Update malwarebytes and run

good luck

Edited by narenxp, 08 May 2012 - 12:54 PM.


#4 ARKaMAN

ARKaMAN
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:27 PM

Posted 08 May 2012 - 12:56 PM

Yes, I have just been waiting for a reply because you are not suppose to post any logs without being asked first. I am having issue because Rkill is not finding anything.

#5 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:10:27 PM

Posted 08 May 2012 - 12:59 PM

If Rkill doesn't "find", or stop any malware services, that is actually a good thing. Were you able to update and run Malwarebytes? I have found that somtimes you have to run malwarebytes with out the update to remove some malware just to be able to update and run it again.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:27 PM

Posted 08 May 2012 - 01:05 PM

Yes, I have just been waiting for a reply because you are not suppose to post any logs without being asked first. I am having issue because Rkill is not finding anything.

Read my instructions once again,run the unhide tool and then run malwarebytes :thumbup2:

#7 ARKaMAN

ARKaMAN
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:27 PM

Posted 08 May 2012 - 02:18 PM

I was not able to update MWB, but I am running a scan.

#8 ARKaMAN

ARKaMAN
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:27 PM

Posted 08 May 2012 - 02:43 PM

Something is messed up with my network in safemode "With Networking" I finished the MWB Scan. It kinda removed the virus, but then it was reinstalled once i restarted.

#9 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:10:27 PM

Posted 08 May 2012 - 03:23 PM

Did you run Tdsskiller? If so did it find any rootkits? It sounds like that's what you have going on. I have found this to be typical with this malware.

#10 ARKaMAN

ARKaMAN
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:27 PM

Posted 08 May 2012 - 04:05 PM

Yes I have run Tdsskiller. It found nothing.

#11 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:10:27 PM

Posted 08 May 2012 - 07:45 PM

You may want to look at this post.

http://www.bleepingcomputer.com/forums/topic34773.html

Posting in the "Virus, Trojan, Spyware, and Malware Removal Logs" may help the malware response team should be able to walk you through the removal of any rootkits and any further malware. They will be able to help you with some of the more intrusive tools and be able to analize the logs of such programs. If malwarebytes is not removing the malware and tdsskiller is not finding anything you may need help from the malware response team. If you still want help in this form please rerun rkill and malwarebytes and post the logs and we can take a look at what your facing. Hope this helps.

Edited by Jimbob85, 08 May 2012 - 08:13 PM.


#12 ARKaMAN

ARKaMAN
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:27 PM

Posted 09 May 2012 - 09:53 AM

rkill.log
This log file is located at C:\rkill.log. 
Please post this only if requested to by the person helping you. 
Otherwise you can close this log when you wish. 

Rkill was run on 05/08/2012 at 10:19:40. 
Operating System: Microsoft Windows XP 


Processes terminated by Rkill or while it was running: 



Rkill completed on 05/08/2012 at 10:20:02. 
Please post this only if requested to by the person helping you. 
Otherwise you can close this log when you wish. 

Rkill was run on 05/08/2012 at 13:08:11. 
Operating System: Microsoft Windows XP 


Processes terminated by Rkill or while it was running: 

E:\Fake HDD & System Fix Virus Fix Tools\Kill Process & Kickstart MWB\eXplorer.exe


Rkill completed on 05/08/2012 at 13:08:20. 

TDSSKiller.2.6.22.0_08.05.2012_10.21.55_log
10:21:55.0203 1756	TDSS rootkit removing tool 2.6.22.0 Dec  7 2011 13:21:06
10:21:55.0234 1756	============================================================
10:21:55.0234 1756	Current date / time: 2012/05/08 10:21:55.0234
10:21:55.0234 1756	SystemInfo:
10:21:55.0234 1756	
10:21:55.0234 1756	OS Version: 5.1.2600 ServicePack: 3.0
10:21:55.0234 1756	Product type: Workstation
10:21:55.0234 1756	ComputerName: DJT2BM11
10:21:55.0234 1756	UserName: Administrator
10:21:55.0234 1756	Windows directory: C:\WINDOWS
10:21:55.0234 1756	System windows directory: C:\WINDOWS
10:21:55.0234 1756	Processor architecture: Intel x86
10:21:55.0234 1756	Number of processors: 1
10:21:55.0234 1756	Page size: 0x1000
10:21:55.0234 1756	Boot type: Safe boot with network
10:21:55.0234 1756	============================================================
10:21:57.0406 1756	Initialize success
10:21:59.0343 2036	============================================================
10:21:59.0343 2036	Scan started
10:21:59.0343 2036	Mode: Manual; 
10:21:59.0343 2036	============================================================
10:22:00.0781 2036	Abiosdsk - ok
10:22:00.0984 2036	abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
10:22:00.0984 2036	abp480n5 - ok
10:22:01.0203 2036	ACPI            (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:22:01.0203 2036	ACPI - ok
10:22:01.0437 2036	ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
10:22:01.0437 2036	ACPIEC - ok
10:22:01.0703 2036	adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
10:22:01.0703 2036	adpu160m - ok
10:22:01.0984 2036	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
10:22:02.0000 2036	aec - ok
10:22:02.0265 2036	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
10:22:02.0265 2036	AFD - ok
10:22:02.0500 2036	agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
10:22:02.0500 2036	agp440 - ok
10:22:02.0734 2036	agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
10:22:02.0750 2036	agpCPQ - ok
10:22:03.0000 2036	Aha154x         (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
10:22:03.0015 2036	Aha154x - ok
10:22:03.0234 2036	aic78u2         (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
10:22:03.0234 2036	aic78u2 - ok
10:22:03.0468 2036	aic78xx         (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
10:22:03.0468 2036	aic78xx - ok
10:22:03.0781 2036	AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
10:22:03.0781 2036	AliIde - ok
10:22:04.0000 2036	alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
10:22:04.0000 2036	alim1541 - ok
10:22:04.0250 2036	amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
10:22:04.0250 2036	amdagp - ok
10:22:04.0500 2036	amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
10:22:04.0500 2036	amsint - ok
10:22:04.0828 2036	asc             (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
10:22:04.0828 2036	asc - ok
10:22:05.0078 2036	asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
10:22:05.0078 2036	asc3350p - ok
10:22:05.0296 2036	asc3550         (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
10:22:05.0296 2036	asc3550 - ok
10:22:05.0640 2036	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:22:05.0640 2036	AsyncMac - ok
10:22:05.0859 2036	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
10:22:05.0859 2036	atapi - ok
10:22:06.0031 2036	Atdisk - ok
10:22:06.0265 2036	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:22:06.0265 2036	Atmarpc - ok
10:22:06.0609 2036	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
10:22:06.0609 2036	audstub - ok
10:22:06.0859 2036	AX88772         (b77ad79bbd5d53d1a85f988f04bc1365) C:\WINDOWS\system32\DRIVERS\ax88772.sys
10:22:06.0875 2036	AX88772 - ok
10:22:07.0156 2036	basic2          (9372cc48814a17e67c28945eb4acc189) C:\WINDOWS\system32\DRIVERS\basic2.sys
10:22:07.0156 2036	basic2 - ok
10:22:07.0421 2036	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
10:22:07.0421 2036	Beep - ok
10:22:07.0718 2036	bvrp_pci        (c043ca48f1f5c00ff8272180fbbd15e9) C:\WINDOWS\system32\drivers\bvrp_pci.sys
10:22:07.0718 2036	bvrp_pci - ok
10:22:07.0968 2036	cbidf           (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
10:22:07.0968 2036	cbidf - ok
10:22:08.0203 2036	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
10:22:08.0203 2036	cbidf2k - ok
10:22:08.0468 2036	cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
10:22:08.0468 2036	cd20xrnt - ok
10:22:08.0734 2036	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
10:22:08.0734 2036	Cdaudio - ok
10:22:08.0984 2036	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
10:22:08.0984 2036	Cdfs - ok
10:22:09.0218 2036	Cdr4_xp         (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
10:22:09.0234 2036	Cdr4_xp - ok
10:22:09.0484 2036	Cdralw2k        (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
10:22:09.0484 2036	Cdralw2k - ok
10:22:09.0734 2036	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:22:09.0734 2036	Cdrom - ok
10:22:09.0937 2036	Changer - ok
10:22:10.0234 2036	CmdIde          (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
10:22:10.0250 2036	CmdIde - ok
10:22:10.0562 2036	Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
10:22:10.0562 2036	Cpqarray - ok
10:22:10.0812 2036	dac2w2k         (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
10:22:10.0828 2036	dac2w2k - ok
10:22:11.0062 2036	dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
10:22:11.0062 2036	dac960nt - ok
10:22:11.0406 2036	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
10:22:11.0406 2036	Disk - ok
10:22:11.0687 2036	dmboot          (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
10:22:11.0703 2036	dmboot - ok
10:22:12.0031 2036	dmio            (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
10:22:12.0031 2036	dmio - ok
10:22:12.0281 2036	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
10:22:12.0281 2036	dmload - ok
10:22:12.0562 2036	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
10:22:12.0562 2036	DMusic - ok
10:22:12.0859 2036	dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
10:22:12.0859 2036	dpti2o - ok
10:22:13.0093 2036	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
10:22:13.0093 2036	drmkaud - ok
10:22:13.0343 2036	EL90XBC         (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
10:22:13.0343 2036	EL90XBC - ok
10:22:13.0671 2036	Fallback        (9ea76a7f28cd968f8adc709e479f23b2) C:\WINDOWS\system32\DRIVERS\fallback.sys
10:22:13.0671 2036	Fallback - ok
10:22:13.0953 2036	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
10:22:13.0953 2036	Fastfat - ok
10:22:14.0265 2036	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
10:22:14.0281 2036	Fdc - ok
10:22:14.0500 2036	Fips            (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
10:22:14.0500 2036	Fips - ok
10:22:14.0765 2036	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:22:14.0765 2036	Flpydisk - ok
10:22:15.0031 2036	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
10:22:15.0031 2036	FltMgr - ok
10:22:15.0312 2036	Fsks            (b7b262d0431374f3afd1349e35b368d9) C:\WINDOWS\system32\DRIVERS\fsksnt.sys
10:22:15.0312 2036	Fsks - ok
10:22:15.0578 2036	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:22:15.0578 2036	Fs_Rec - ok
10:22:15.0843 2036	Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:22:15.0843 2036	Ftdisk - ok
10:22:16.0093 2036	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:22:16.0093 2036	Gpc - ok
10:22:16.0359 2036	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:22:16.0359 2036	HidUsb - ok
10:22:16.0640 2036	hpn             (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
10:22:16.0640 2036	hpn - ok
10:22:16.0890 2036	hpt3xx          (b077b7f8e79779ea967e84a4fc040227) C:\WINDOWS\System32\DRIVERS\hpt3xx.sys
10:22:16.0890 2036	hpt3xx - ok
10:22:17.0187 2036	hsf_msft        (74e379857d4c0dfb56de2d19b8f4c434) C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys
10:22:17.0203 2036	hsf_msft - ok
10:22:17.0453 2036	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
10:22:17.0453 2036	HTTP - ok
10:22:17.0718 2036	i2omgmt         (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
10:22:17.0718 2036	i2omgmt - ok
10:22:17.0953 2036	i2omp           (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
10:22:17.0953 2036	i2omp - ok
10:22:18.0234 2036	i8042prt        (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:22:18.0250 2036	i8042prt - ok
10:22:18.0546 2036	ialm            (44b7d5a4f2bd9fe21aea0bb0bace38c4) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
10:22:18.0562 2036	ialm - ok
10:22:18.0859 2036	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\drivers\Imapi.sys
10:22:18.0859 2036	Imapi - ok
10:22:19.0125 2036	ini910u         (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
10:22:19.0125 2036	ini910u - ok
10:22:19.0390 2036	IntelIde        (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
10:22:19.0390 2036	IntelIde - ok
10:22:19.0640 2036	ip6fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
10:22:19.0640 2036	ip6fw - ok
10:22:19.0921 2036	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:22:19.0921 2036	IpFilterDriver - ok
10:22:20.0140 2036	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:22:20.0140 2036	IpInIp - ok
10:22:20.0406 2036	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:22:20.0406 2036	IpNat - ok
10:22:20.0671 2036	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:22:20.0671 2036	IPSec - ok
10:22:20.0937 2036	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
10:22:20.0937 2036	IRENUM - ok
10:22:21.0218 2036	isapnp          (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:22:21.0218 2036	isapnp - ok
10:22:21.0515 2036	K56             (a4e3277398c8aba999483d4c658c9696) C:\WINDOWS\system32\DRIVERS\k56nt.sys
10:22:21.0531 2036	K56 - ok
10:22:21.0812 2036	Kbdclass        (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:22:21.0812 2036	Kbdclass - ok
10:22:22.0140 2036	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
10:22:22.0140 2036	kmixer - ok
10:22:22.0390 2036	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
10:22:22.0390 2036	KSecDD - ok
10:22:22.0656 2036	lbrtfdc - ok
10:22:22.0906 2036	LXARScan - ok
10:22:23.0187 2036	mfeapfk         (688b626fca708ee9eb161cad1f7363a9) C:\WINDOWS\system32\drivers\mfeapfk.sys
10:22:23.0203 2036	mfeapfk - ok
10:22:23.0500 2036	mfehidk         (44184f32392fa2e94d08d056ce750d56) C:\WINDOWS\system32\drivers\mfehidk.sys
10:22:23.0515 2036	mfehidk - ok
10:22:23.0843 2036	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
10:22:23.0859 2036	mnmdd - ok
10:22:24.0125 2036	Modem           (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
10:22:24.0125 2036	Modem - ok
10:22:24.0375 2036	Mouclass        (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:22:24.0375 2036	Mouclass - ok
10:22:24.0625 2036	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
10:22:24.0625 2036	MountMgr - ok
10:22:24.0859 2036	mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
10:22:24.0859 2036	mraid35x - ok
10:22:25.0109 2036	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:22:25.0109 2036	MRxDAV - ok
10:22:25.0390 2036	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:22:25.0390 2036	MRxSmb - ok
10:22:25.0703 2036	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
10:22:25.0703 2036	Msfs - ok
10:22:25.0953 2036	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:22:25.0953 2036	MSKSSRV - ok
10:22:26.0203 2036	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:22:26.0203 2036	MSPCLOCK - ok
10:22:26.0468 2036	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
10:22:26.0468 2036	MSPQM - ok
10:22:26.0734 2036	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:22:26.0734 2036	mssmbios - ok
10:22:27.0031 2036	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
10:22:27.0031 2036	Mup - ok
10:22:27.0296 2036	MxlW2k          (19dd5c581eef70134ccef87d626f4417) C:\WINDOWS\system32\drivers\MxlW2k.sys
10:22:27.0296 2036	MxlW2k - ok
10:22:27.0609 2036	NAVAP           (7ff0e3941c23bc84baa1bb1111720a84) C:\WINDOWS\System32\Drivers\NAVAP.SYS
10:22:27.0625 2036	NAVAP - ok
10:22:27.0921 2036	NAVENG          (6dcf7081fc4290400bbc56b1963a5d62) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20010808.016\NAVENG.SYS
10:22:27.0921 2036	NAVENG - ok
10:22:28.0015 2036	NAVEX15         (fd5e795d8ca4d0836d69d52f2170d79f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20010808.016\NAVEX15.SYS
10:22:28.0031 2036	NAVEX15 - ok
10:22:28.0312 2036	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
10:22:28.0312 2036	NDIS - ok
10:22:28.0562 2036	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:22:28.0562 2036	NdisTapi - ok
10:22:28.0828 2036	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:22:28.0828 2036	Ndisuio - ok
10:22:29.0109 2036	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:22:29.0109 2036	NdisWan - ok
10:22:29.0359 2036	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
10:22:29.0359 2036	NDProxy - ok
10:22:29.0640 2036	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
10:22:29.0640 2036	NetBIOS - ok
10:22:29.0906 2036	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
10:22:29.0921 2036	NetBT - ok
10:22:30.0312 2036	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
10:22:30.0312 2036	Npfs - ok
10:22:30.0625 2036	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
10:22:30.0640 2036	Ntfs - ok
10:22:31.0000 2036	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
10:22:31.0000 2036	Null - ok
10:22:31.0328 2036	nv              (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:22:31.0359 2036	nv - ok
10:22:31.0687 2036	nv4             (4d31783965b0b7ced7db3f4ee14cf260) C:\WINDOWS\system32\DRIVERS\nv4.sys
10:22:31.0703 2036	nv4 - ok
10:22:31.0984 2036	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:22:31.0984 2036	NwlnkFlt - ok
10:22:32.0250 2036	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:22:32.0250 2036	NwlnkFwd - ok
10:22:32.0500 2036	P3              (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
10:22:32.0500 2036	P3 - ok
10:22:32.0750 2036	Parport         (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
10:22:32.0750 2036	Parport - ok
10:22:32.0984 2036	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
10:22:32.0984 2036	PartMgr - ok
10:22:33.0203 2036	ParVdm          (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
10:22:33.0203 2036	ParVdm - ok
10:22:33.0484 2036	PCI             (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
10:22:33.0484 2036	PCI - ok
10:22:33.0718 2036	PCIDump - ok
10:22:33.0968 2036	PCIIde          (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
10:22:33.0968 2036	PCIIde - ok
10:22:34.0218 2036	Pcmcia          (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
10:22:34.0218 2036	Pcmcia - ok
10:22:34.0406 2036	PDCOMP - ok
10:22:34.0562 2036	PDFRAME - ok
10:22:34.0734 2036	PDRELI - ok
10:22:34.0875 2036	PDRFRAME - ok
10:22:35.0125 2036	perc2           (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
10:22:35.0125 2036	perc2 - ok
10:22:35.0375 2036	perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
10:22:35.0375 2036	perc2hib - ok
10:22:35.0796 2036	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:22:35.0796 2036	PptpMiniport - ok
10:22:36.0078 2036	Processor       (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
10:22:36.0093 2036	Processor - ok
10:22:36.0390 2036	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
10:22:36.0390 2036	PSched - ok
10:22:36.0640 2036	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:22:36.0640 2036	Ptilink - ok
10:22:36.0890 2036	PxHelp20        (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:22:36.0906 2036	PxHelp20 - ok
10:22:37.0140 2036	ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
10:22:37.0140 2036	ql1080 - ok
10:22:37.0375 2036	Ql10wnt         (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
10:22:37.0375 2036	Ql10wnt - ok
10:22:37.0656 2036	ql12160         (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
10:22:37.0656 2036	ql12160 - ok
10:22:37.0906 2036	ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
10:22:37.0906 2036	ql1240 - ok
10:22:38.0140 2036	ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
10:22:38.0140 2036	ql1280 - ok
10:22:38.0375 2036	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:22:38.0375 2036	RasAcd - ok
10:22:38.0656 2036	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:22:38.0656 2036	Rasl2tp - ok
10:22:38.0937 2036	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:22:38.0937 2036	RasPppoe - ok
10:22:39.0125 2036	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
10:22:39.0125 2036	Raspti - ok
10:22:39.0328 2036	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:22:39.0328 2036	Rdbss - ok
10:22:39.0609 2036	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:22:39.0609 2036	RDPCDD - ok
10:22:39.0859 2036	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:22:39.0859 2036	rdpdr - ok
10:22:40.0125 2036	RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
10:22:40.0125 2036	RDPWD - ok
10:22:40.0406 2036	redbook         (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
10:22:40.0406 2036	redbook - ok
10:22:40.0687 2036	Rksample        (4c35e57300a2dc5932a8e29efa527c32) C:\WINDOWS\system32\DRIVERS\rksample.sys
10:22:40.0703 2036	Rksample - ok
10:22:41.0187 2036	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:22:41.0187 2036	Secdrv - ok
10:22:41.0484 2036	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
10:22:41.0484 2036	serenum - ok
10:22:41.0687 2036	Serial          (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
10:22:41.0703 2036	Serial - ok
10:22:42.0046 2036	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
10:22:42.0046 2036	Sfloppy - ok
10:22:42.0312 2036	Simbad - ok
10:22:42.0546 2036	sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
10:22:42.0546 2036	sisagp - ok
10:22:42.0859 2036	smwdm           (b911c822922cf62df83ad36d5c9775cc) C:\WINDOWS\system32\drivers\smwdm.sys
10:22:42.0859 2036	smwdm - ok
10:22:43.0171 2036	SoftFax         (413cfa795cad19a010889df0ec060408) C:\WINDOWS\system32\DRIVERS\faxnt.sys
10:22:43.0171 2036	SoftFax - ok
10:22:43.0406 2036	SONYPVU1        (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
10:22:43.0406 2036	SONYPVU1 - ok
10:22:43.0671 2036	Sparrow         (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
10:22:43.0671 2036	Sparrow - ok
10:22:43.0937 2036	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
10:22:43.0937 2036	splitter - ok
10:22:44.0171 2036	sr              (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
10:22:44.0171 2036	sr - ok
10:22:44.0468 2036	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
10:22:44.0484 2036	Srv - ok
10:22:44.0796 2036	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
10:22:44.0796 2036	swenum - ok
10:22:45.0046 2036	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
10:22:45.0046 2036	swmidi - ok
10:22:45.0359 2036	symc810         (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
10:22:45.0359 2036	symc810 - ok
10:22:45.0687 2036	symc8xx         (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
10:22:45.0687 2036	symc8xx - ok
10:22:45.0859 2036	SymEvent        (a769203607d8af4efa01148ae86697d5) C:\Program Files\Symantec\SYMEVENT.SYS
10:22:45.0859 2036	SymEvent - ok
10:22:46.0156 2036	SYMREDRV        (8b680afd7831169a9c4be321ad42653c) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
10:22:46.0171 2036	SYMREDRV - ok
10:22:46.0390 2036	SYMTDI          (675bf630bcf9af548a765c0525cc9a06) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
10:22:46.0390 2036	SYMTDI - ok
10:22:46.0671 2036	sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
10:22:46.0671 2036	sym_hi - ok
10:22:46.0953 2036	sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
10:22:46.0953 2036	sym_u3 - ok
10:22:47.0171 2036	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
10:22:47.0187 2036	sysaudio - ok
10:22:47.0484 2036	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:22:47.0484 2036	Tcpip - ok
10:22:47.0781 2036	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
10:22:47.0781 2036	TDPIPE - ok
10:22:48.0031 2036	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
10:22:48.0031 2036	TDTCP - ok
10:22:48.0281 2036	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
10:22:48.0281 2036	TermDD - ok
10:22:48.0640 2036	Tones           (e0f10a379239b4fab319c55a9cd6bc96) C:\WINDOWS\system32\DRIVERS\tonesnt.sys
10:22:48.0640 2036	Tones - ok
10:22:48.0875 2036	TosIde          (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
10:22:48.0875 2036	TosIde - ok
10:22:49.0140 2036	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
10:22:49.0140 2036	Udfs - ok
10:22:49.0375 2036	ultra           (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
10:22:49.0375 2036	ultra - ok
10:22:49.0671 2036	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
10:22:49.0671 2036	Update - ok
10:22:50.0000 2036	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:22:50.0000 2036	usbccgp - ok
10:22:50.0250 2036	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:22:50.0265 2036	usbehci - ok
10:22:50.0484 2036	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:22:50.0500 2036	usbhub - ok
10:22:50.0703 2036	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:22:50.0703 2036	usbprint - ok
10:22:50.0937 2036	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:22:50.0937 2036	usbscan - ok
10:22:51.0187 2036	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:22:51.0187 2036	USBSTOR - ok
10:22:51.0437 2036	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:22:51.0453 2036	usbuhci - ok
10:22:51.0656 2036	USB_RNDIS_XP    (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys
10:22:51.0656 2036	USB_RNDIS_XP - ok
10:22:51.0937 2036	V124            (177b65899d418f8c8f037b20567a99d6) C:\WINDOWS\system32\DRIVERS\v124nt.sys
10:22:51.0937 2036	V124 - ok
10:22:52.0203 2036	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
10:22:52.0203 2036	VgaSave - ok
10:22:52.0421 2036	viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
10:22:52.0421 2036	viaagp - ok
10:22:52.0656 2036	ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
10:22:52.0656 2036	ViaIde - ok
10:22:52.0875 2036	VolSnap         (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
10:22:52.0875 2036	VolSnap - ok
10:22:53.0203 2036	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:22:53.0203 2036	Wanarp - ok
10:22:53.0421 2036	WDICA - ok
10:22:53.0656 2036	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
10:22:53.0656 2036	wdmaud - ok
10:22:53.0984 2036	winachsf        (a941aa38e3951058e584c4bbddd56ed9) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
10:22:54.0000 2036	winachsf - ok
10:22:54.0671 2036	{6080A529-897E-4629-A488-ABA0C29B635E} (6f221e213521179132cf019d9dbf5cae) C:\WINDOWS\system32\drivers\ialmsbw.sys
10:22:54.0671 2036	{6080A529-897E-4629-A488-ABA0C29B635E} - ok
10:22:55.0015 2036	{D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (d972db6f3fc84df74adc2a305e436301) C:\WINDOWS\system32\drivers\ialmkchw.sys
10:22:55.0015 2036	{D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
10:22:55.0109 2036	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
10:22:55.0281 2036	\Device\Harddisk0\DR0 - ok
10:22:55.0328 2036	MBR (0x1B8)     (996dd28ffe22994059bafa016fadfd2a) \Device\Harddisk1\DR3
10:22:55.0343 2036	\Device\Harddisk1\DR3 - ok
10:22:55.0390 2036	Boot (0x1200)   (0bed746c0048138941d22d0e76832d64) \Device\Harddisk0\DR0\Partition0
10:22:55.0390 2036	\Device\Harddisk0\DR0\Partition0 - ok
10:22:55.0453 2036	Boot (0x1200)   (2b76ed43ff1b390a38c0c7dabaa67d65) \Device\Harddisk1\DR3\Partition0
10:22:55.0453 2036	\Device\Harddisk1\DR3\Partition0 - ok
10:22:55.0484 2036	============================================================
10:22:55.0484 2036	Scan finished
10:22:55.0484 2036	============================================================
10:22:55.0546 1676	Detected object count: 0
10:22:55.0546 1676	Actual detected object count: 0
10:23:01.0171 1764	Deinitialize success

TDSSKiller.2.7.33.0_08.05.2012_10.23.02_log
10:23:02.0421 1892	TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
10:23:02.0437 1892	============================================================
10:23:02.0437 1892	Current date / time: 2012/05/08 10:23:02.0437
10:23:02.0437 1892	SystemInfo:
10:23:02.0437 1892	
10:23:02.0437 1892	OS Version: 5.1.2600 ServicePack: 3.0
10:23:02.0437 1892	Product type: Workstation
10:23:02.0437 1892	ComputerName: DJT2BM11
10:23:02.0437 1892	UserName: Administrator
10:23:02.0437 1892	Windows directory: C:\WINDOWS
10:23:02.0437 1892	System windows directory: C:\WINDOWS
10:23:02.0437 1892	Processor architecture: Intel x86
10:23:02.0437 1892	Number of processors: 1
10:23:02.0437 1892	Page size: 0x1000
10:23:02.0437 1892	Boot type: Safe boot with network
10:23:02.0437 1892	============================================================
10:23:04.0625 1892	Drive \Device\Harddisk0\DR0 - Size: 0x4A94F0000 (18.65 Gb), SectorSize: 0x200, Cylinders: 0x982, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:23:04.0625 1892	Drive \Device\Harddisk1\DR3 - Size: 0xEC580000 (3.69 Gb), SectorSize: 0x200, Cylinders: 0x1E2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:23:04.0625 1892	============================================================
10:23:04.0625 1892	\Device\Harddisk0\DR0:
10:23:04.0625 1892	MBR partitions:
10:23:04.0625 1892	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xFB04, BlocksNum 0x2536D3D
10:23:04.0625 1892	\Device\Harddisk1\DR3:
10:23:04.0625 1892	MBR partitions:
10:23:04.0625 1892	\Device\Harddisk1\DR3\Partition0: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x760C00
10:23:04.0625 1892	============================================================
10:23:04.0625 1892	C: <-> \Device\Harddisk0\DR0\Partition0
10:23:04.0625 1892	============================================================
10:23:04.0625 1892	Initialize success
10:23:04.0625 1892	============================================================
10:23:06.0437 1424	============================================================
10:23:06.0437 1424	Scan started
10:23:06.0437 1424	Mode: Manual; 
10:23:06.0437 1424	============================================================
10:23:07.0687 1424	Abiosdsk - ok
10:23:07.0781 1424	abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
10:23:07.0781 1424	abp480n5 - ok
10:23:07.0843 1424	ACPI            (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:23:07.0843 1424	ACPI - ok
10:23:07.0953 1424	ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
10:23:07.0953 1424	ACPIEC - ok
10:23:08.0015 1424	adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
10:23:08.0015 1424	adpu160m - ok
10:23:08.0125 1424	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
10:23:08.0125 1424	aec - ok
10:23:08.0218 1424	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
10:23:08.0218 1424	AFD - ok
10:23:08.0328 1424	agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
10:23:08.0328 1424	agp440 - ok
10:23:08.0406 1424	agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
10:23:08.0406 1424	agpCPQ - ok
10:23:08.0500 1424	Aha154x         (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
10:23:08.0500 1424	Aha154x - ok
10:23:08.0593 1424	aic78u2         (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
10:23:08.0593 1424	aic78u2 - ok
10:23:08.0656 1424	aic78xx         (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
10:23:08.0656 1424	aic78xx - ok
10:23:08.0750 1424	Alerter         (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
10:23:08.0750 1424	Alerter - ok
10:23:08.0828 1424	ALG             (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
10:23:08.0828 1424	ALG - ok
10:23:08.0890 1424	AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
10:23:08.0890 1424	AliIde - ok
10:23:08.0984 1424	alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
10:23:08.0984 1424	alim1541 - ok
10:23:09.0046 1424	amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
10:23:09.0046 1424	amdagp - ok
10:23:09.0156 1424	amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
10:23:09.0156 1424	amsint - ok
10:23:09.0203 1424	AppMgmt - ok
10:23:09.0265 1424	asc             (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
10:23:09.0265 1424	asc - ok
10:23:09.0328 1424	asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
10:23:09.0328 1424	asc3350p - ok
10:23:09.0421 1424	asc3550         (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
10:23:09.0421 1424	asc3550 - ok
10:23:09.0625 1424	aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:23:09.0625 1424	aspnet_state - ok
10:23:09.0687 1424	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:23:09.0687 1424	AsyncMac - ok
10:23:09.0781 1424	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
10:23:09.0781 1424	atapi - ok
10:23:09.0812 1424	Atdisk - ok
10:23:09.0890 1424	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:23:09.0890 1424	Atmarpc - ok
10:23:09.0984 1424	AudioSrv        (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
10:23:09.0984 1424	AudioSrv - ok
10:23:10.0093 1424	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
10:23:10.0093 1424	audstub - ok
10:23:10.0203 1424	AX88772         (b77ad79bbd5d53d1a85f988f04bc1365) C:\WINDOWS\system32\DRIVERS\ax88772.sys
10:23:10.0203 1424	AX88772 - ok
10:23:10.0281 1424	basic2          (9372cc48814a17e67c28945eb4acc189) C:\WINDOWS\system32\DRIVERS\basic2.sys
10:23:10.0281 1424	basic2 - ok
10:23:10.0390 1424	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
10:23:10.0390 1424	Beep - ok
10:23:10.0484 1424	BITS            (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
10:23:10.0500 1424	BITS - ok
10:23:10.0593 1424	Browser         (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
10:23:10.0593 1424	Browser - ok
10:23:10.0703 1424	bvrp_pci        (c043ca48f1f5c00ff8272180fbbd15e9) C:\WINDOWS\system32\drivers\bvrp_pci.sys
10:23:10.0718 1424	bvrp_pci - ok
10:23:10.0781 1424	cbidf           (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
10:23:10.0781 1424	cbidf - ok
10:23:10.0843 1424	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
10:23:10.0843 1424	cbidf2k - ok
10:23:10.0875 1424	cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
10:23:10.0875 1424	cd20xrnt - ok
10:23:10.0968 1424	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
10:23:10.0968 1424	Cdaudio - ok
10:23:11.0046 1424	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
10:23:11.0046 1424	Cdfs - ok
10:23:11.0140 1424	Cdr4_xp         (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
10:23:11.0140 1424	Cdr4_xp - ok
10:23:11.0218 1424	Cdralw2k        (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
10:23:11.0218 1424	Cdralw2k - ok
10:23:11.0281 1424	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:23:11.0281 1424	Cdrom - ok
10:23:11.0328 1424	Changer - ok
10:23:11.0421 1424	cisvc           (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\System32\cisvc.exe
10:23:11.0421 1424	cisvc - ok
10:23:11.0500 1424	ClipSrv         (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
10:23:11.0515 1424	ClipSrv - ok
10:23:11.0640 1424	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:23:11.0640 1424	clr_optimization_v2.0.50727_32 - ok
10:23:11.0750 1424	CmdIde          (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
10:23:11.0750 1424	CmdIde - ok
10:23:11.0796 1424	COMSysApp - ok
10:23:11.0937 1424	Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
10:23:11.0937 1424	Cpqarray - ok
10:23:12.0046 1424	CryptSvc        (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
10:23:12.0046 1424	CryptSvc - ok
10:23:12.0125 1424	dac2w2k         (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
10:23:12.0140 1424	dac2w2k - ok
10:23:12.0218 1424	dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
10:23:12.0218 1424	dac960nt - ok
10:23:12.0328 1424	DcomLaunch      (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
10:23:12.0343 1424	DcomLaunch - ok
10:23:12.0437 1424	Dhcp            (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
10:23:12.0437 1424	Dhcp - ok
10:23:12.0515 1424	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
10:23:12.0531 1424	Disk - ok
10:23:12.0562 1424	dmadmin - ok
10:23:12.0703 1424	dmboot          (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
10:23:12.0718 1424	dmboot - ok
10:23:12.0828 1424	dmio            (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
10:23:12.0828 1424	dmio - ok
10:23:12.0921 1424	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
10:23:12.0921 1424	dmload - ok
10:23:13.0000 1424	dmserver        (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
10:23:13.0000 1424	dmserver - ok
10:23:13.0109 1424	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
10:23:13.0109 1424	DMusic - ok
10:23:13.0203 1424	Dnscache        (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
10:23:13.0203 1424	Dnscache - ok
10:23:13.0296 1424	Dot3svc         (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
10:23:13.0296 1424	Dot3svc - ok
10:23:13.0359 1424	dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
10:23:13.0359 1424	dpti2o - ok
10:23:13.0421 1424	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
10:23:13.0421 1424	drmkaud - ok
10:23:13.0468 1424	EapHost         (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
10:23:13.0468 1424	EapHost - ok
10:23:13.0531 1424	EL90XBC         (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
10:23:13.0531 1424	EL90XBC - ok
10:23:13.0625 1424	ERSvc           (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
10:23:13.0625 1424	ERSvc - ok
10:23:13.0718 1424	Eventlog        (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
10:23:13.0718 1424	Eventlog - ok
10:23:13.0828 1424	EventSystem     (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
10:23:13.0859 1424	EventSystem - ok
10:23:13.0984 1424	Fallback        (9ea76a7f28cd968f8adc709e479f23b2) C:\WINDOWS\system32\DRIVERS\fallback.sys
10:23:13.0984 1424	Fallback - ok
10:23:14.0062 1424	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
10:23:14.0062 1424	Fastfat - ok
10:23:14.0203 1424	FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
10:23:14.0203 1424	FastUserSwitchingCompatibility - ok
10:23:14.0328 1424	Fax             (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
10:23:14.0328 1424	Fax - ok
10:23:14.0437 1424	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
10:23:14.0437 1424	Fdc - ok
10:23:14.0500 1424	Fips            (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
10:23:14.0500 1424	Fips - ok
10:23:14.0562 1424	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:23:14.0562 1424	Flpydisk - ok
10:23:14.0625 1424	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
10:23:14.0625 1424	FltMgr - ok
10:23:14.0796 1424	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:23:14.0796 1424	FontCache3.0.0.0 - ok
10:23:14.0921 1424	Fsks            (b7b262d0431374f3afd1349e35b368d9) C:\WINDOWS\system32\DRIVERS\fsksnt.sys
10:23:14.0921 1424	Fsks - ok
10:23:15.0015 1424	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:23:15.0015 1424	Fs_Rec - ok
10:23:15.0078 1424	Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:23:15.0078 1424	Ftdisk - ok
10:23:15.0187 1424	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:23:15.0203 1424	Gpc - ok
10:23:15.0312 1424	helpsvc         (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:23:15.0312 1424	helpsvc - ok
10:23:15.0359 1424	HidServ - ok
10:23:15.0437 1424	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:23:15.0437 1424	HidUsb - ok
10:23:15.0531 1424	hkmsvc          (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
10:23:15.0531 1424	hkmsvc - ok
10:23:15.0640 1424	hpn             (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
10:23:15.0640 1424	hpn - ok
10:23:15.0750 1424	hpt3xx          (b077b7f8e79779ea967e84a4fc040227) C:\WINDOWS\System32\DRIVERS\hpt3xx.sys
10:23:15.0750 1424	hpt3xx - ok
10:23:15.0859 1424	hsf_msft        (74e379857d4c0dfb56de2d19b8f4c434) C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys
10:23:15.0875 1424	hsf_msft - ok
10:23:15.0968 1424	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
10:23:15.0968 1424	HTTP - ok
10:23:16.0046 1424	HTTPFilter      (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
10:23:16.0062 1424	HTTPFilter - ok
10:23:16.0140 1424	i2omgmt         (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
10:23:16.0140 1424	i2omgmt - ok
10:23:16.0218 1424	i2omp           (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
10:23:16.0218 1424	i2omp - ok
10:23:16.0296 1424	i8042prt        (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:23:16.0312 1424	i8042prt - ok
10:23:16.0484 1424	ialm            (44b7d5a4f2bd9fe21aea0bb0bace38c4) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
10:23:16.0500 1424	ialm - ok
10:23:16.0703 1424	IDriverT        (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
10:23:16.0703 1424	IDriverT - ok
10:23:17.0078 1424	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:23:17.0093 1424	idsvc - ok
10:23:17.0312 1424	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\drivers\Imapi.sys
10:23:17.0328 1424	Imapi - ok
10:23:17.0390 1424	ImapiService    (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\System32\Imapi.exe
10:23:17.0406 1424	ImapiService - ok
10:23:17.0531 1424	ini910u         (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
10:23:17.0531 1424	ini910u - ok
10:23:17.0609 1424	IntelIde        (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
10:23:17.0609 1424	IntelIde - ok
10:23:17.0703 1424	ip6fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
10:23:17.0703 1424	ip6fw - ok
10:23:17.0781 1424	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:23:17.0781 1424	IpFilterDriver - ok
10:23:17.0859 1424	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:23:17.0859 1424	IpInIp - ok
10:23:17.0921 1424	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:23:17.0937 1424	IpNat - ok
10:23:18.0000 1424	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:23:18.0000 1424	IPSec - ok
10:23:18.0093 1424	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
10:23:18.0093 1424	IRENUM - ok
10:23:18.0203 1424	isapnp          (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:23:18.0203 1424	isapnp - ok
10:23:18.0359 1424	K56             (a4e3277398c8aba999483d4c658c9696) C:\WINDOWS\system32\DRIVERS\k56nt.sys
10:23:18.0359 1424	K56 - ok
10:23:18.0421 1424	Kbdclass        (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:23:18.0421 1424	Kbdclass - ok
10:23:18.0515 1424	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
10:23:18.0515 1424	kmixer - ok
10:23:18.0609 1424	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
10:23:18.0609 1424	KSecDD - ok
10:23:18.0703 1424	lanmanserver    (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
10:23:18.0718 1424	lanmanserver - ok
10:23:18.0828 1424	lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
10:23:18.0843 1424	lanmanworkstation - ok
10:23:18.0890 1424	lbrtfdc - ok
10:23:19.0031 1424	LexBceS         (2a125981bb23f0a023255d39b7e1c25e) C:\WINDOWS\system32\LEXBCES.EXE
10:23:19.0031 1424	LexBceS - ok
10:23:19.0125 1424	LmHosts         (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
10:23:19.0140 1424	LmHosts - ok
10:23:19.0187 1424	LXARScan - ok
10:23:19.0234 1424	lxcr_device - ok
10:23:19.0328 1424	Messenger       (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
10:23:19.0328 1424	Messenger - ok
10:23:19.0437 1424	mfeapfk         (688b626fca708ee9eb161cad1f7363a9) C:\WINDOWS\system32\drivers\mfeapfk.sys
10:23:19.0437 1424	mfeapfk - ok
10:23:19.0578 1424	mfehidk         (44184f32392fa2e94d08d056ce750d56) C:\WINDOWS\system32\drivers\mfehidk.sys
10:23:19.0593 1424	mfehidk - ok
10:23:19.0718 1424	mfevtp          (6991a9ea5e74e6035b8dab17a7572cf3) C:\WINDOWS\system32\mfevtps.exe
10:23:19.0718 1424	mfevtp - ok
10:23:19.0812 1424	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
10:23:19.0812 1424	mnmdd - ok
10:23:19.0937 1424	mnmsrvc         (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
10:23:19.0937 1424	mnmsrvc - ok
10:23:20.0046 1424	Modem           (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
10:23:20.0046 1424	Modem - ok
10:23:20.0078 1424	Mouclass        (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:23:20.0078 1424	Mouclass - ok
10:23:20.0156 1424	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
10:23:20.0156 1424	MountMgr - ok
10:23:20.0234 1424	mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
10:23:20.0234 1424	mraid35x - ok
10:23:20.0312 1424	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:23:20.0312 1424	MRxDAV - ok
10:23:20.0437 1424	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:23:20.0453 1424	MRxSmb - ok
10:23:20.0531 1424	MSDTC           (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
10:23:20.0546 1424	MSDTC - ok
10:23:20.0656 1424	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
10:23:20.0656 1424	Msfs - ok
10:23:20.0734 1424	MSIServer - ok
10:23:20.0796 1424	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:23:20.0796 1424	MSKSSRV - ok
10:23:20.0843 1424	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:23:20.0859 1424	MSPCLOCK - ok
10:23:20.0890 1424	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
10:23:20.0890 1424	MSPQM - ok
10:23:20.0953 1424	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:23:20.0953 1424	mssmbios - ok
10:23:21.0015 1424	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
10:23:21.0015 1424	Mup - ok
10:23:21.0109 1424	MxlW2k          (19dd5c581eef70134ccef87d626f4417) C:\WINDOWS\system32\drivers\MxlW2k.sys
10:23:21.0109 1424	MxlW2k - ok
10:23:21.0250 1424	napagent        (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
10:23:21.0265 1424	napagent - ok
10:23:21.0359 1424	NAVAP           (7ff0e3941c23bc84baa1bb1111720a84) C:\WINDOWS\System32\Drivers\NAVAP.SYS
10:23:21.0359 1424	NAVAP - ok
10:23:21.0515 1424	navapsvc        (abcffd7890dbb4426fd1eadfdabe17ce) C:\Program Files\Norton AntiVirus\navapsvc.exe
10:23:21.0515 1424	navapsvc - ok
10:23:21.0703 1424	NAVENG          (6dcf7081fc4290400bbc56b1963a5d62) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20010808.016\NAVENG.SYS
10:23:21.0703 1424	NAVENG - ok
10:23:21.0828 1424	NAVEX15         (fd5e795d8ca4d0836d69d52f2170d79f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20010808.016\NAVEX15.SYS
10:23:21.0843 1424	NAVEX15 - ok
10:23:21.0953 1424	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
10:23:21.0953 1424	NDIS - ok
10:23:22.0062 1424	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:23:22.0062 1424	NdisTapi - ok
10:23:22.0140 1424	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:23:22.0140 1424	Ndisuio - ok
10:23:22.0218 1424	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:23:22.0218 1424	NdisWan - ok
10:23:22.0312 1424	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
10:23:22.0312 1424	NDProxy - ok
10:23:22.0359 1424	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
10:23:22.0359 1424	NetBIOS - ok
10:23:22.0437 1424	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
10:23:22.0437 1424	NetBT - ok
10:23:22.0531 1424	NetDDE          (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
10:23:22.0546 1424	NetDDE - ok
10:23:22.0593 1424	NetDDEdsdm      (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
10:23:22.0593 1424	NetDDEdsdm - ok
10:23:22.0671 1424	Netlogon        (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
10:23:22.0671 1424	Netlogon - ok
10:23:22.0750 1424	Netman          (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
10:23:22.0765 1424	Netman - ok
10:23:22.0953 1424	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:23:22.0953 1424	NetTcpPortSharing - ok
10:23:23.0093 1424	Nla             (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
10:23:23.0109 1424	Nla - ok
10:23:23.0171 1424	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
10:23:23.0171 1424	Npfs - ok
10:23:23.0312 1424	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
10:23:23.0312 1424	Ntfs - ok
10:23:23.0406 1424	NtLmSsp         (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
10:23:23.0406 1424	NtLmSsp - ok
10:23:23.0531 1424	NtmsSvc         (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
10:23:23.0546 1424	NtmsSvc - ok
10:23:23.0625 1424	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
10:23:23.0625 1424	Null - ok
10:23:23.0875 1424	nv              (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:23:23.0906 1424	nv - ok
10:23:24.0328 1424	nv4             (4d31783965b0b7ced7db3f4ee14cf260) C:\WINDOWS\system32\DRIVERS\nv4.sys
10:23:24.0343 1424	nv4 - ok
10:23:24.0437 1424	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:23:24.0437 1424	NwlnkFlt - ok
10:23:24.0484 1424	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:23:24.0484 1424	NwlnkFwd - ok
10:23:24.0562 1424	P3              (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
10:23:24.0562 1424	P3 - ok
10:23:24.0625 1424	Parport         (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
10:23:24.0625 1424	Parport - ok
10:23:24.0687 1424	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
10:23:24.0687 1424	PartMgr - ok
10:23:24.0750 1424	ParVdm          (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
10:23:24.0750 1424	ParVdm - ok
10:23:24.0812 1424	PCI             (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
10:23:24.0812 1424	PCI - ok
10:23:24.0843 1424	PCIDump - ok
10:23:24.0921 1424	PCIIde          (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
10:23:24.0921 1424	PCIIde - ok
10:23:24.0984 1424	Pcmcia          (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
10:23:24.0984 1424	Pcmcia - ok
10:23:25.0031 1424	PDCOMP - ok
10:23:25.0093 1424	PDFRAME - ok
10:23:25.0140 1424	PDRELI - ok
10:23:25.0218 1424	PDRFRAME - ok
10:23:25.0328 1424	perc2           (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
10:23:25.0328 1424	perc2 - ok
10:23:25.0390 1424	perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
10:23:25.0390 1424	perc2hib - ok
10:23:25.0546 1424	PlugPlay        (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
10:23:25.0546 1424	PlugPlay - ok
10:23:25.0593 1424	PolicyAgent     (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
10:23:25.0593 1424	PolicyAgent - ok
10:23:25.0671 1424	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:23:25.0671 1424	PptpMiniport - ok
10:23:25.0734 1424	Processor       (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
10:23:25.0734 1424	Processor - ok
10:23:25.0781 1424	ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
10:23:25.0781 1424	ProtectedStorage - ok
10:23:25.0843 1424	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
10:23:25.0843 1424	PSched - ok
10:23:25.0921 1424	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:23:25.0921 1424	Ptilink - ok
10:23:26.0031 1424	PxHelp20        (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:23:26.0031 1424	PxHelp20 - ok
10:23:26.0140 1424	ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
10:23:26.0140 1424	ql1080 - ok
10:23:26.0203 1424	Ql10wnt         (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
10:23:26.0203 1424	Ql10wnt - ok
10:23:26.0281 1424	ql12160         (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
10:23:26.0281 1424	ql12160 - ok
10:23:26.0343 1424	ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
10:23:26.0343 1424	ql1240 - ok
10:23:26.0406 1424	ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
10:23:26.0406 1424	ql1280 - ok
10:23:26.0484 1424	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:23:26.0484 1424	RasAcd - ok
10:23:26.0578 1424	RasAuto         (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
10:23:26.0578 1424	RasAuto - ok
10:23:26.0656 1424	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:23:26.0656 1424	Rasl2tp - ok
10:23:26.0781 1424	RasMan          (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
10:23:26.0796 1424	RasMan - ok
10:23:26.0859 1424	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:23:26.0859 1424	RasPppoe - ok
10:23:26.0953 1424	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
10:23:26.0953 1424	Raspti - ok
10:23:27.0015 1424	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:23:27.0015 1424	Rdbss - ok
10:23:27.0140 1424	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:23:27.0140 1424	RDPCDD - ok
10:23:27.0250 1424	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:23:27.0250 1424	rdpdr - ok
10:23:27.0359 1424	RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
10:23:27.0359 1424	RDPWD - ok
10:23:27.0484 1424	RDSessMgr       (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
10:23:27.0484 1424	RDSessMgr - ok
10:23:27.0593 1424	redbook         (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
10:23:27.0609 1424	redbook - ok
10:23:27.0703 1424	RemoteAccess    (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
10:23:27.0703 1424	RemoteAccess - ok
10:23:27.0812 1424	Rksample        (4c35e57300a2dc5932a8e29efa527c32) C:\WINDOWS\system32\DRIVERS\rksample.sys
10:23:27.0812 1424	Rksample - ok
10:23:27.0890 1424	RpcLocator      (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
10:23:27.0890 1424	RpcLocator - ok
10:23:28.0015 1424	RpcSs           (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
10:23:28.0015 1424	RpcSs - ok
10:23:28.0125 1424	RSVP            (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
10:23:28.0125 1424	RSVP - ok
10:23:28.0171 1424	SamSs           (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
10:23:28.0171 1424	SamSs - ok
10:23:28.0390 1424	SBService       (3db0459e2661531bfe88ae0a182d019a) C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
10:23:28.0390 1424	SBService - ok
10:23:28.0500 1424	SCardSvr        (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
10:23:28.0500 1424	SCardSvr - ok
10:23:28.0609 1424	Schedule        (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
10:23:28.0609 1424	Schedule - ok
10:23:28.0750 1424	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:23:28.0750 1424	Secdrv - ok
10:23:28.0812 1424	seclogon        (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
10:23:28.0828 1424	seclogon - ok
10:23:28.0875 1424	SENS            (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
10:23:28.0875 1424	SENS - ok
10:23:29.0000 1424	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
10:23:29.0000 1424	serenum - ok
10:23:29.0062 1424	Serial          (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
10:23:29.0062 1424	Serial - ok
10:23:29.0218 1424	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
10:23:29.0218 1424	Sfloppy - ok
10:23:29.0296 1424	SharedAccess    (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
10:23:29.0296 1424	SharedAccess - ok
10:23:29.0390 1424	ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
10:23:29.0390 1424	ShellHWDetection - ok
10:23:29.0468 1424	Simbad - ok
10:23:29.0562 1424	sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
10:23:29.0562 1424	sisagp - ok
10:23:29.0687 1424	smwdm           (b911c822922cf62df83ad36d5c9775cc) C:\WINDOWS\system32\drivers\smwdm.sys
10:23:29.0703 1424	smwdm - ok
10:23:29.0796 1424	SoftFax         (413cfa795cad19a010889df0ec060408) C:\WINDOWS\system32\DRIVERS\faxnt.sys
10:23:29.0796 1424	SoftFax - ok
10:23:29.0875 1424	SONYPVU1        (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
10:23:29.0890 1424	SONYPVU1 - ok
10:23:29.0937 1424	Sparrow         (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
10:23:29.0937 1424	Sparrow - ok
10:23:29.0984 1424	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
10:23:29.0984 1424	splitter - ok
10:23:30.0046 1424	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
10:23:30.0046 1424	Spooler - ok
10:23:30.0109 1424	sr              (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
10:23:30.0109 1424	sr - ok
10:23:30.0203 1424	srservice       (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\System32\srsvc.dll
10:23:30.0218 1424	srservice - ok
10:23:30.0359 1424	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
10:23:30.0359 1424	Srv - ok
10:23:30.0453 1424	SSDPSRV         (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
10:23:30.0468 1424	SSDPSRV - ok
10:23:30.0562 1424	stisvc          (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
10:23:30.0562 1424	stisvc - ok
10:23:30.0656 1424	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
10:23:30.0656 1424	swenum - ok
10:23:30.0718 1424	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
10:23:30.0718 1424	swmidi - ok
10:23:30.0796 1424	SwPrv - ok
10:23:30.0921 1424	symc810         (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
10:23:30.0921 1424	symc810 - ok
10:23:30.0968 1424	symc8xx         (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
10:23:30.0984 1424	symc8xx - ok
10:23:31.0140 1424	SymEvent        (a769203607d8af4efa01148ae86697d5) C:\Program Files\Symantec\SYMEVENT.SYS
10:23:31.0140 1424	SymEvent - ok
10:23:31.0250 1424	SYMREDRV        (8b680afd7831169a9c4be321ad42653c) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
10:23:31.0250 1424	SYMREDRV - ok
10:23:31.0343 1424	SYMTDI          (675bf630bcf9af548a765c0525cc9a06) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
10:23:31.0343 1424	SYMTDI - ok
10:23:31.0406 1424	sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
10:23:31.0406 1424	sym_hi - ok
10:23:31.0484 1424	sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
10:23:31.0500 1424	sym_u3 - ok
10:23:31.0546 1424	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
10:23:31.0546 1424	sysaudio - ok
10:23:31.0640 1424	SysmonLog       (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
10:23:31.0656 1424	SysmonLog - ok
10:23:31.0765 1424	TapiSrv         (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
10:23:31.0781 1424	TapiSrv - ok
10:23:31.0968 1424	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:23:31.0984 1424	Tcpip - ok
10:23:32.0093 1424	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
10:23:32.0093 1424	TDPIPE - ok
10:23:32.0171 1424	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
10:23:32.0171 1424	TDTCP - ok
10:23:32.0250 1424	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
10:23:32.0250 1424	TermDD - ok
10:23:32.0359 1424	TermService     (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
10:23:32.0375 1424	TermService - ok
10:23:32.0437 1424	Themes          (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
10:23:32.0453 1424	Themes - ok
10:23:32.0546 1424	Tones           (e0f10a379239b4fab319c55a9cd6bc96) C:\WINDOWS\system32\DRIVERS\tonesnt.sys
10:23:32.0546 1424	Tones - ok
10:23:32.0625 1424	TosIde          (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
10:23:32.0625 1424	TosIde - ok
10:23:32.0718 1424	TrkWks          (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
10:23:32.0718 1424	TrkWks - ok
10:23:32.0812 1424	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
10:23:32.0812 1424	Udfs - ok
10:23:32.0921 1424	ultra           (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
10:23:32.0921 1424	ultra - ok
10:23:33.0015 1424	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
10:23:33.0031 1424	Update - ok
10:23:33.0125 1424	upnphost        (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
10:23:33.0125 1424	upnphost - ok
10:23:33.0203 1424	UPS             (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
10:23:33.0203 1424	UPS - ok
10:23:33.0296 1424	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:23:33.0296 1424	usbccgp - ok
10:23:33.0390 1424	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:23:33.0390 1424	usbehci - ok
10:23:33.0453 1424	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:23:33.0453 1424	usbhub - ok
10:23:33.0515 1424	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:23:33.0515 1424	usbprint - ok
10:23:33.0593 1424	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:23:33.0593 1424	usbscan - ok
10:23:33.0687 1424	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:23:33.0703 1424	USBSTOR - ok
10:23:33.0781 1424	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:23:33.0781 1424	usbuhci - ok
10:23:33.0812 1424	USB_RNDIS_XP    (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys
10:23:33.0812 1424	USB_RNDIS_XP - ok
10:23:33.0968 1424	V124            (177b65899d418f8c8f037b20567a99d6) C:\WINDOWS\system32\DRIVERS\v124nt.sys
10:23:33.0968 1424	V124 - ok
10:23:34.0046 1424	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
10:23:34.0046 1424	VgaSave - ok
10:23:34.0125 1424	viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
10:23:34.0125 1424	viaagp - ok
10:23:34.0218 1424	ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
10:23:34.0218 1424	ViaIde - ok
10:23:34.0312 1424	VolSnap         (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
10:23:34.0312 1424	VolSnap - ok
10:23:34.0421 1424	VSS             (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
10:23:34.0421 1424	VSS - ok
10:23:34.0546 1424	w32time         (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
10:23:34.0562 1424	w32time - ok
10:23:34.0625 1424	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:23:34.0625 1424	Wanarp - ok
10:23:34.0671 1424	WDICA - ok
10:23:34.0734 1424	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
10:23:34.0750 1424	wdmaud - ok
10:23:34.0812 1424	WebClient       (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
10:23:34.0812 1424	WebClient - ok
10:23:35.0015 1424	winachsf        (a941aa38e3951058e584c4bbddd56ed9) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
10:23:35.0015 1424	winachsf - ok
10:23:35.0187 1424	winmgmt         (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
10:23:35.0187 1424	winmgmt - ok
10:23:35.0328 1424	WmdmPmSN        (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll
10:23:35.0328 1424	WmdmPmSN - ok
10:23:35.0453 1424	WmiApSrv        (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
10:23:35.0468 1424	WmiApSrv - ok
10:23:35.0546 1424	wscsvc          (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
10:23:35.0546 1424	wscsvc - ok
10:23:35.0609 1424	wuauserv        (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
10:23:35.0609 1424	wuauserv - ok
10:23:35.0703 1424	WZCSVC          (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
10:23:35.0718 1424	WZCSVC - ok
10:23:35.0765 1424	xmlprov         (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
10:23:35.0781 1424	xmlprov - ok
10:23:35.0921 1424	{6080A529-897E-4629-A488-ABA0C29B635E} (6f221e213521179132cf019d9dbf5cae) C:\WINDOWS\system32\drivers\ialmsbw.sys
10:23:35.0921 1424	{6080A529-897E-4629-A488-ABA0C29B635E} - ok
10:23:36.0031 1424	{D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (d972db6f3fc84df74adc2a305e436301) C:\WINDOWS\system32\drivers\ialmkchw.sys
10:23:36.0031 1424	{D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
10:23:36.0125 1424	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
10:23:36.0343 1424	\Device\Harddisk0\DR0 - ok
10:23:36.0406 1424	MBR (0x1B8)     (996dd28ffe22994059bafa016fadfd2a) \Device\Harddisk1\DR3
10:23:36.0421 1424	\Device\Harddisk1\DR3 - ok
10:23:36.0437 1424	Boot (0x1200)   (0bed746c0048138941d22d0e76832d64) \Device\Harddisk0\DR0\Partition0
10:23:36.0437 1424	\Device\Harddisk0\DR0\Partition0 - ok
10:23:36.0468 1424	Boot (0x1200)   (b06c506e4b8e673ebbe7c4d826134e94) \Device\Harddisk1\DR3\Partition0
10:23:36.0468 1424	\Device\Harddisk1\DR3\Partition0 - ok
10:23:36.0484 1424	============================================================
10:23:36.0484 1424	Scan finished
10:23:36.0484 1424	============================================================
10:23:36.0546 0224	Detected object count: 0
10:23:36.0546 0224	Actual detected object count: 0
10:23:38.0500 0160	Deinitialize success

TDSSKiller.2.7.34.0_08.05.2012_10.20.32_log
10:20:32.0125 1936	TDSS rootkit removing tool 2.7.34.0 May  2 2012 09:59:18
10:20:32.0156 1936	============================================================
10:20:32.0156 1936	Current date / time: 2012/05/08 10:20:32.0156
10:20:32.0156 1936	SystemInfo:
10:20:32.0156 1936	
10:20:32.0156 1936	OS Version: 5.1.2600 ServicePack: 3.0
10:20:32.0156 1936	Product type: Workstation
10:20:32.0156 1936	ComputerName: DJT2BM11
10:20:32.0156 1936	UserName: Administrator
10:20:32.0156 1936	Windows directory: C:\WINDOWS
10:20:32.0156 1936	System windows directory: C:\WINDOWS
10:20:32.0156 1936	Processor architecture: Intel x86
10:20:32.0156 1936	Number of processors: 1
10:20:32.0156 1936	Page size: 0x1000
10:20:32.0156 1936	Boot type: Safe boot with network
10:20:32.0156 1936	============================================================
10:20:34.0656 1936	Drive \Device\Harddisk0\DR0 - Size: 0x4A94F0000 (18.65 Gb), SectorSize: 0x200, Cylinders: 0x982, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:20:35.0031 1936	Drive \Device\Harddisk1\DR3 - Size: 0xEC580000 (3.69 Gb), SectorSize: 0x200, Cylinders: 0x1E2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:20:35.0031 1936	============================================================
10:20:35.0031 1936	\Device\Harddisk0\DR0:
10:20:35.0031 1936	MBR partitions:
10:20:35.0031 1936	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xFB04, BlocksNum 0x2536D3D
10:20:35.0031 1936	\Device\Harddisk1\DR3:
10:20:35.0031 1936	MBR partitions:
10:20:35.0031 1936	\Device\Harddisk1\DR3\Partition0: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x760C00
10:20:35.0031 1936	============================================================
10:20:35.0093 1936	C: <-> \Device\Harddisk0\DR0\Partition0
10:20:35.0093 1936	============================================================
10:20:35.0093 1936	Initialize success
10:20:35.0093 1936	============================================================
10:20:36.0171 1940	============================================================
10:20:36.0171 1940	Scan started
10:20:36.0171 1940	Mode: Manual; 
10:20:36.0171 1940	============================================================
10:20:37.0906 1940	Abiosdsk - ok
10:20:38.0000 1940	abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
10:20:38.0000 1940	abp480n5 - ok
10:20:38.0125 1940	ACPI            (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:20:38.0140 1940	ACPI - ok
10:20:38.0218 1940	ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
10:20:38.0218 1940	ACPIEC - ok
10:20:38.0312 1940	adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
10:20:38.0312 1940	adpu160m - ok
10:20:38.0406 1940	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
10:20:38.0406 1940	aec - ok
10:20:38.0484 1940	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
10:20:38.0484 1940	AFD - ok
10:20:38.0578 1940	agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
10:20:38.0578 1940	agp440 - ok
10:20:38.0656 1940	agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
10:20:38.0656 1940	agpCPQ - ok
10:20:38.0750 1940	Aha154x         (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
10:20:38.0750 1940	Aha154x - ok
10:20:38.0812 1940	aic78u2         (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
10:20:38.0812 1940	aic78u2 - ok
10:20:38.0890 1940	aic78xx         (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
10:20:38.0906 1940	aic78xx - ok
10:20:39.0000 1940	Alerter         (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
10:20:39.0000 1940	Alerter - ok
10:20:39.0078 1940	ALG             (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
10:20:39.0078 1940	ALG - ok
10:20:39.0140 1940	AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
10:20:39.0140 1940	AliIde - ok
10:20:39.0218 1940	alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
10:20:39.0218 1940	alim1541 - ok
10:20:39.0281 1940	amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
10:20:39.0281 1940	amdagp - ok
10:20:39.0343 1940	amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
10:20:39.0343 1940	amsint - ok
10:20:39.0406 1940	AppMgmt - ok
10:20:39.0453 1940	asc             (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
10:20:39.0468 1940	asc - ok
10:20:39.0531 1940	asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
10:20:39.0531 1940	asc3350p - ok
10:20:39.0593 1940	asc3550         (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
10:20:39.0593 1940	asc3550 - ok
10:20:39.0812 1940	aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:20:39.0875 1940	aspnet_state - ok
10:20:39.0984 1940	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:20:39.0984 1940	AsyncMac - ok
10:20:40.0078 1940	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
10:20:40.0078 1940	atapi - ok
10:20:40.0125 1940	Atdisk - ok
10:20:40.0234 1940	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:20:40.0234 1940	Atmarpc - ok
10:20:40.0328 1940	AudioSrv        (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
10:20:40.0328 1940	AudioSrv - ok
10:20:40.0453 1940	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
10:20:40.0453 1940	audstub - ok
10:20:40.0546 1940	AX88772         (b77ad79bbd5d53d1a85f988f04bc1365) C:\WINDOWS\system32\DRIVERS\ax88772.sys
10:20:40.0546 1940	AX88772 - ok
10:20:40.0625 1940	basic2          (9372cc48814a17e67c28945eb4acc189) C:\WINDOWS\system32\DRIVERS\basic2.sys
10:20:40.0625 1940	basic2 - ok
10:20:40.0734 1940	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
10:20:40.0734 1940	Beep - ok
10:20:40.0828 1940	BITS            (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
10:20:40.0968 1940	BITS - ok
10:20:41.0046 1940	Browser         (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
10:20:41.0062 1940	Browser - ok
10:20:41.0125 1940	bvrp_pci        (c043ca48f1f5c00ff8272180fbbd15e9) C:\WINDOWS\system32\drivers\bvrp_pci.sys
10:20:41.0125 1940	bvrp_pci - ok
10:20:41.0218 1940	cbidf           (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
10:20:41.0218 1940	cbidf - ok
10:20:41.0250 1940	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
10:20:41.0250 1940	cbidf2k - ok
10:20:41.0312 1940	cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
10:20:41.0312 1940	cd20xrnt - ok
10:20:41.0375 1940	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
10:20:41.0375 1940	Cdaudio - ok
10:20:41.0437 1940	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
10:20:41.0437 1940	Cdfs - ok
10:20:41.0500 1940	Cdr4_xp         (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
10:20:41.0500 1940	Cdr4_xp - ok
10:20:41.0593 1940	Cdralw2k        (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
10:20:41.0593 1940	Cdralw2k - ok
10:20:41.0640 1940	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:20:41.0656 1940	Cdrom - ok
10:20:41.0703 1940	Changer - ok
10:20:41.0812 1940	cisvc           (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\System32\cisvc.exe
10:20:41.0812 1940	cisvc - ok
10:20:41.0890 1940	ClipSrv         (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
10:20:41.0890 1940	ClipSrv - ok
10:20:42.0031 1940	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:20:42.0218 1940	clr_optimization_v2.0.50727_32 - ok
10:20:42.0328 1940	CmdIde          (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
10:20:42.0328 1940	CmdIde - ok
10:20:42.0375 1940	COMSysApp - ok
10:20:42.0531 1940	Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
10:20:42.0546 1940	Cpqarray - ok
10:20:42.0640 1940	CryptSvc        (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
10:20:42.0640 1940	CryptSvc - ok
10:20:42.0703 1940	dac2w2k         (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
10:20:42.0703 1940	dac2w2k - ok
10:20:42.0781 1940	dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
10:20:42.0781 1940	dac960nt - ok
10:20:42.0953 1940	DcomLaunch      (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
10:20:42.0968 1940	DcomLaunch - ok
10:20:43.0078 1940	Dhcp            (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
10:20:43.0093 1940	Dhcp - ok
10:20:43.0140 1940	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
10:20:43.0140 1940	Disk - ok
10:20:43.0171 1940	dmadmin - ok
10:20:43.0312 1940	dmboot          (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
10:20:43.0359 1940	dmboot - ok
10:20:43.0421 1940	dmio            (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
10:20:43.0437 1940	dmio - ok
10:20:43.0515 1940	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
10:20:43.0515 1940	dmload - ok
10:20:43.0609 1940	dmserver        (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
10:20:43.0609 1940	dmserver - ok
10:20:43.0687 1940	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
10:20:43.0687 1940	DMusic - ok
10:20:43.0781 1940	Dnscache        (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
10:20:43.0781 1940	Dnscache - ok
10:20:43.0875 1940	Dot3svc         (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
10:20:43.0890 1940	Dot3svc - ok
10:20:43.0968 1940	dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
10:20:43.0968 1940	dpti2o - ok
10:20:44.0046 1940	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
10:20:44.0062 1940	drmkaud - ok
10:20:44.0156 1940	EapHost         (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
10:20:44.0156 1940	EapHost - ok
10:20:44.0218 1940	EL90XBC         (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
10:20:44.0234 1940	EL90XBC - ok
10:20:44.0312 1940	ERSvc           (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
10:20:44.0312 1940	ERSvc - ok
10:20:44.0421 1940	Eventlog        (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
10:20:44.0421 1940	Eventlog - ok
10:20:44.0531 1940	EventSystem     (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
10:20:44.0531 1940	EventSystem - ok
10:20:44.0687 1940	Fallback        (9ea76a7f28cd968f8adc709e479f23b2) C:\WINDOWS\system32\DRIVERS\fallback.sys
10:20:44.0718 1940	Fallback - ok
10:20:44.0781 1940	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
10:20:44.0796 1940	Fastfat - ok
10:20:44.0890 1940	FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
10:20:44.0906 1940	FastUserSwitchingCompatibility - ok
10:20:45.0000 1940	Fax             (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
10:20:45.0015 1940	Fax - ok
10:20:45.0109 1940	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
10:20:45.0109 1940	Fdc - ok
10:20:45.0171 1940	Fips            (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
10:20:45.0171 1940	Fips - ok
10:20:45.0234 1940	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:20:45.0234 1940	Flpydisk - ok
10:20:45.0312 1940	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
10:20:45.0312 1940	FltMgr - ok
10:20:45.0468 1940	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:20:45.0484 1940	FontCache3.0.0.0 - ok
10:20:45.0593 1940	Fsks            (b7b262d0431374f3afd1349e35b368d9) C:\WINDOWS\system32\DRIVERS\fsksnt.sys
10:20:45.0593 1940	Fsks - ok
10:20:45.0703 1940	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:20:45.0703 1940	Fs_Rec - ok
10:20:45.0781 1940	Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:20:45.0781 1940	Ftdisk - ok
10:20:45.0875 1940	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:20:45.0890 1940	Gpc - ok
10:20:46.0000 1940	helpsvc         (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:20:46.0000 1940	helpsvc - ok
10:20:46.0062 1940	HidServ - ok
10:20:46.0125 1940	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:20:46.0125 1940	HidUsb - ok
10:20:46.0218 1940	hkmsvc          (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
10:20:46.0218 1940	hkmsvc - ok
10:20:46.0328 1940	hpn             (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
10:20:46.0328 1940	hpn - ok
10:20:46.0453 1940	hpt3xx          (b077b7f8e79779ea967e84a4fc040227) C:\WINDOWS\System32\DRIVERS\hpt3xx.sys
10:20:46.0453 1940	hpt3xx - ok
10:20:46.0562 1940	hsf_msft        (74e379857d4c0dfb56de2d19b8f4c434) C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys
10:20:46.0593 1940	hsf_msft - ok
10:20:46.0718 1940	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
10:20:46.0734 1940	HTTP - ok
10:20:46.0828 1940	HTTPFilter      (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
10:20:46.0843 1940	HTTPFilter - ok
10:20:46.0921 1940	i2omgmt         (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
10:20:46.0921 1940	i2omgmt - ok
10:20:47.0000 1940	i2omp           (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
10:20:47.0000 1940	i2omp - ok
10:20:47.0078 1940	i8042prt        (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:20:47.0078 1940	i8042prt - ok
10:20:47.0234 1940	ialm            (44b7d5a4f2bd9fe21aea0bb0bace38c4) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
10:20:47.0281 1940	ialm - ok
10:20:47.0484 1940	IDriverT        (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
10:20:47.0484 1940	IDriverT - ok
10:20:47.0750 1940	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:20:47.0781 1940	idsvc - ok
10:20:48.0046 1940	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\drivers\Imapi.sys
10:20:48.0046 1940	Imapi - ok
10:20:48.0125 1940	ImapiService    (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\System32\Imapi.exe
10:20:48.0140 1940	ImapiService - ok
10:20:48.0265 1940	ini910u         (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
10:20:48.0265 1940	ini910u - ok
10:20:48.0390 1940	IntelIde        (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
10:20:48.0390 1940	IntelIde - ok
10:20:48.0453 1940	ip6fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
10:20:48.0453 1940	ip6fw - ok
10:20:48.0546 1940	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:20:48.0546 1940	IpFilterDriver - ok
10:20:48.0625 1940	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:20:48.0625 1940	IpInIp - ok
10:20:48.0718 1940	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:20:48.0718 1940	IpNat - ok
10:20:48.0812 1940	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:20:48.0812 1940	IPSec - ok
10:20:48.0890 1940	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
10:20:48.0890 1940	IRENUM - ok
10:20:49.0000 1940	isapnp          (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:20:49.0000 1940	isapnp - ok
10:20:49.0140 1940	K56             (a4e3277398c8aba999483d4c658c9696) C:\WINDOWS\system32\DRIVERS\k56nt.sys
10:20:49.0156 1940	K56 - ok
10:20:49.0218 1940	Kbdclass        (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:20:49.0218 1940	Kbdclass - ok
10:20:49.0312 1940	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
10:20:49.0328 1940	kmixer - ok
10:20:49.0406 1940	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
10:20:49.0406 1940	KSecDD - ok
10:20:49.0484 1940	lanmanserver    (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
10:20:49.0484 1940	lanmanserver - ok
10:20:49.0546 1940	lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
10:20:49.0546 1940	lanmanworkstation - ok
10:20:49.0609 1940	lbrtfdc - ok
10:20:49.0734 1940	LexBceS         (2a125981bb23f0a023255d39b7e1c25e) C:\WINDOWS\system32\LEXBCES.EXE
10:20:49.0750 1940	LexBceS - ok
10:20:49.0859 1940	LmHosts         (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
10:20:49.0875 1940	LmHosts - ok
10:20:49.0921 1940	LXARScan - ok
10:20:49.0968 1940	lxcr_device - ok
10:20:50.0062 1940	Messenger       (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
10:20:50.0062 1940	Messenger - ok
10:20:50.0156 1940	mfeapfk         (688b626fca708ee9eb161cad1f7363a9) C:\WINDOWS\system32\drivers\mfeapfk.sys
10:20:50.0156 1940	mfeapfk - ok
10:20:50.0296 1940	mfehidk         (44184f32392fa2e94d08d056ce750d56) C:\WINDOWS\system32\drivers\mfehidk.sys
10:20:50.0312 1940	mfehidk - ok
10:20:50.0406 1940	mfevtp          (6991a9ea5e74e6035b8dab17a7572cf3) C:\WINDOWS\system32\mfevtps.exe
10:20:50.0406 1940	mfevtp - ok
10:20:50.0515 1940	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
10:20:50.0531 1940	mnmdd - ok
10:20:50.0625 1940	mnmsrvc         (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
10:20:50.0625 1940	mnmsrvc - ok
10:20:50.0671 1940	Modem           (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
10:20:50.0671 1940	Modem - ok
10:20:50.0718 1940	Mouclass        (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:20:50.0718 1940	Mouclass - ok
10:20:50.0765 1940	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
10:20:50.0765 1940	MountMgr - ok
10:20:50.0875 1940	mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
10:20:50.0875 1940	mraid35x - ok
10:20:50.0968 1940	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:20:50.0968 1940	MRxDAV - ok
10:20:51.0125 1940	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:20:51.0140 1940	MRxSmb - ok
10:20:51.0234 1940	MSDTC           (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
10:20:51.0250 1940	MSDTC - ok
10:20:51.0359 1940	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
10:20:51.0359 1940	Msfs - ok
10:20:51.0406 1940	MSIServer - ok
10:20:51.0484 1940	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:20:51.0484 1940	MSKSSRV - ok
10:20:51.0578 1940	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:20:51.0578 1940	MSPCLOCK - ok
10:20:51.0656 1940	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
10:20:51.0656 1940	MSPQM - ok
10:20:51.0734 1940	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:20:51.0734 1940	mssmbios - ok
10:20:51.0843 1940	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
10:20:51.0843 1940	Mup - ok
10:20:51.0937 1940	MxlW2k          (19dd5c581eef70134ccef87d626f4417) C:\WINDOWS\system32\drivers\MxlW2k.sys
10:20:51.0937 1940	MxlW2k - ok
10:20:52.0046 1940	napagent        (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
10:20:52.0062 1940	napagent - ok
10:20:52.0218 1940	NAVAP           (7ff0e3941c23bc84baa1bb1111720a84) C:\WINDOWS\System32\Drivers\NAVAP.SYS
10:20:52.0234 1940	NAVAP - ok
10:20:52.0390 1940	navapsvc        (abcffd7890dbb4426fd1eadfdabe17ce) C:\Program Files\Norton AntiVirus\navapsvc.exe
10:20:52.0390 1940	navapsvc - ok
10:20:52.0578 1940	NAVENG          (6dcf7081fc4290400bbc56b1963a5d62) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20010808.016\NAVENG.SYS
10:20:52.0578 1940	NAVENG - ok
10:20:52.0703 1940	NAVEX15         (fd5e795d8ca4d0836d69d52f2170d79f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20010808.016\NAVEX15.SYS
10:20:52.0734 1940	NAVEX15 - ok
10:20:52.0828 1940	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
10:20:52.0828 1940	NDIS - ok
10:20:52.0937 1940	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:20:52.0937 1940	NdisTapi - ok
10:20:53.0015 1940	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:20:53.0031 1940	Ndisuio - ok
10:20:53.0093 1940	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:20:53.0093 1940	NdisWan - ok
10:20:53.0171 1940	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
10:20:53.0171 1940	NDProxy - ok
10:20:53.0265 1940	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
10:20:53.0265 1940	NetBIOS - ok
10:20:53.0328 1940	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
10:20:53.0328 1940	NetBT - ok
10:20:53.0437 1940	NetDDE          (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
10:20:53.0437 1940	NetDDE - ok
10:20:53.0484 1940	NetDDEdsdm      (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
10:20:53.0500 1940	NetDDEdsdm - ok
10:20:53.0562 1940	Netlogon        (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
10:20:53.0562 1940	Netlogon - ok
10:20:53.0625 1940	Netman          (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
10:20:53.0640 1940	Netman - ok
10:20:53.0796 1940	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:20:53.0796 1940	NetTcpPortSharing - ok
10:20:53.0921 1940	Nla             (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
10:20:53.0937 1940	Nla - ok
10:20:54.0015 1940	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
10:20:54.0015 1940	Npfs - ok
10:20:54.0140 1940	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
10:20:54.0171 1940	Ntfs - ok
10:20:54.0281 1940	NtLmSsp         (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
10:20:54.0281 1940	NtLmSsp - ok
10:20:54.0421 1940	NtmsSvc         (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
10:20:54.0437 1940	NtmsSvc - ok
10:20:54.0562 1940	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
10:20:54.0562 1940	Null - ok
10:20:54.0812 1940	nv              (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:20:54.0937 1940	nv - ok
10:20:55.0296 1940	nv4             (4d31783965b0b7ced7db3f4ee14cf260) C:\WINDOWS\system32\DRIVERS\nv4.sys
10:20:55.0343 1940	nv4 - ok
10:20:55.0437 1940	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:20:55.0437 1940	NwlnkFlt - ok
10:20:55.0484 1940	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:20:55.0484 1940	NwlnkFwd - ok
10:20:55.0593 1940	P3              (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
10:20:55.0593 1940	P3 - ok
10:20:55.0671 1940	Parport         (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
10:20:55.0671 1940	Parport - ok
10:20:55.0734 1940	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
10:20:55.0734 1940	PartMgr - ok
10:20:55.0796 1940	ParVdm          (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
10:20:55.0796 1940	ParVdm - ok
10:20:55.0906 1940	PCI             (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
10:20:55.0906 1940	PCI - ok
10:20:55.0937 1940	PCIDump - ok
10:20:56.0015 1940	PCIIde          (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
10:20:56.0015 1940	PCIIde - ok
10:20:56.0093 1940	Pcmcia          (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
10:20:56.0109 1940	Pcmcia - ok
10:20:56.0156 1940	PDCOMP - ok
10:20:56.0203 1940	PDFRAME - ok
10:20:56.0265 1940	PDRELI - ok
10:20:56.0312 1940	PDRFRAME - ok
10:20:56.0437 1940	perc2           (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
10:20:56.0437 1940	perc2 - ok
10:20:56.0468 1940	perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
10:20:56.0484 1940	perc2hib - ok
10:20:56.0640 1940	PlugPlay        (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
10:20:56.0656 1940	PlugPlay - ok
10:20:56.0734 1940	PolicyAgent     (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
10:20:56.0734 1940	PolicyAgent - ok
10:20:56.0828 1940	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:20:56.0828 1940	PptpMiniport - ok
10:20:56.0921 1940	Processor       (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
10:20:56.0937 1940	Processor - ok
10:20:56.0968 1940	ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
10:20:56.0968 1940	ProtectedStorage - ok
10:20:57.0031 1940	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
10:20:57.0031 1940	PSched - ok
10:20:57.0125 1940	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:20:57.0125 1940	Ptilink - ok
10:20:57.0218 1940	PxHelp20        (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:20:57.0218 1940	PxHelp20 - ok
10:20:57.0296 1940	ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
10:20:57.0296 1940	ql1080 - ok
10:20:57.0390 1940	Ql10wnt         (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
10:20:57.0390 1940	Ql10wnt - ok
10:20:57.0437 1940	ql12160         (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
10:20:57.0453 1940	ql12160 - ok
10:20:57.0500 1940	ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
10:20:57.0500 1940	ql1240 - ok
10:20:57.0562 1940	ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
10:20:57.0562 1940	ql1280 - ok
10:20:57.0671 1940	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:20:57.0671 1940	RasAcd - ok
10:20:57.0734 1940	RasAuto         (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
10:20:57.0734 1940	RasAuto - ok
10:20:57.0812 1940	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:20:57.0828 1940	Rasl2tp - ok
10:20:57.0921 1940	RasMan          (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
10:20:57.0937 1940	RasMan - ok
10:20:58.0000 1940	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:20:58.0000 1940	RasPppoe - ok
10:20:58.0078 1940	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
10:20:58.0078 1940	Raspti - ok
10:20:58.0187 1940	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:20:58.0203 1940	Rdbss - ok
10:20:58.0328 1940	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:20:58.0343 1940	RDPCDD - ok
10:20:58.0437 1940	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:20:58.0453 1940	rdpdr - ok
10:20:58.0578 1940	RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
10:20:58.0593 1940	RDPWD - ok
10:20:58.0703 1940	RDSessMgr       (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
10:20:58.0703 1940	RDSessMgr - ok
10:20:58.0796 1940	redbook         (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
10:20:58.0796 1940	redbook - ok
10:20:58.0890 1940	RemoteAccess    (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
10:20:58.0906 1940	RemoteAccess - ok
10:20:59.0031 1940	Rksample        (4c35e57300a2dc5932a8e29efa527c32) C:\WINDOWS\system32\DRIVERS\rksample.sys
10:20:59.0031 1940	Rksample - ok
10:20:59.0125 1940	RpcLocator      (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
10:20:59.0125 1940	RpcLocator - ok
10:20:59.0234 1940	RpcSs           (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
10:20:59.0234 1940	RpcSs - ok
10:20:59.0343 1940	RSVP            (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
10:20:59.0343 1940	RSVP - ok
10:20:59.0437 1940	SamSs           (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
10:20:59.0437 1940	SamSs - ok
10:20:59.0656 1940	SBService       (3db0459e2661531bfe88ae0a182d019a) C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
10:20:59.0656 1940	SBService - ok
10:20:59.0750 1940	SCardSvr        (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
10:20:59.0765 1940	SCardSvr - ok
10:20:59.0843 1940	Schedule        (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
10:20:59.0875 1940	Schedule - ok
10:21:00.0000 1940	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:21:00.0000 1940	Secdrv - ok
10:21:00.0062 1940	seclogon        (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
10:21:00.0062 1940	seclogon - ok
10:21:00.0125 1940	SENS            (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
10:21:00.0125 1940	SENS - ok
10:21:00.0171 1940	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
10:21:00.0171 1940	serenum - ok
10:21:00.0234 1940	Serial          (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
10:21:00.0234 1940	Serial - ok
10:21:00.0328 1940	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
10:21:00.0328 1940	Sfloppy - ok
10:21:00.0421 1940	SharedAccess    (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
10:21:00.0453 1940	SharedAccess - ok
10:21:00.0562 1940	ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
10:21:00.0578 1940	ShellHWDetection - ok
10:21:00.0625 1940	Simbad - ok
10:21:00.0703 1940	sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
10:21:00.0703 1940	sisagp - ok
10:21:00.0921 1940	smwdm           (b911c822922cf62df83ad36d5c9775cc) C:\WINDOWS\system32\drivers\smwdm.sys
10:21:00.0937 1940	smwdm - ok
10:21:01.0015 1940	SoftFax         (413cfa795cad19a010889df0ec060408) C:\WINDOWS\system32\DRIVERS\faxnt.sys
10:21:01.0031 1940	SoftFax - ok
10:21:01.0140 1940	SONYPVU1        (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
10:21:01.0140 1940	SONYPVU1 - ok
10:21:01.0250 1940	Sparrow         (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
10:21:01.0250 1940	Sparrow - ok
10:21:01.0312 1940	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
10:21:01.0312 1940	splitter - ok
10:21:01.0375 1940	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
10:21:01.0375 1940	Spooler - ok
10:21:01.0437 1940	sr              (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
10:21:01.0437 1940	sr - ok
10:21:01.0546 1940	srservice       (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\System32\srsvc.dll
10:21:01.0562 1940	srservice - ok
10:21:01.0671 1940	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
10:21:01.0703 1940	Srv - ok
10:21:01.0765 1940	SSDPSRV         (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
10:21:01.0765 1940	SSDPSRV - ok
10:21:01.0890 1940	stisvc          (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
10:21:01.0937 1940	stisvc - ok
10:21:02.0015 1940	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
10:21:02.0015 1940	swenum - ok
10:21:02.0078 1940	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
10:21:02.0078 1940	swmidi - ok
10:21:02.0140 1940	SwPrv - ok
10:21:02.0234 1940	symc810         (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
10:21:02.0234 1940	symc810 - ok
10:21:02.0296 1940	symc8xx         (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
10:21:02.0296 1940	symc8xx - ok
10:21:02.0468 1940	SymEvent        (a769203607d8af4efa01148ae86697d5) C:\Program Files\Symantec\SYMEVENT.SYS
10:21:02.0468 1940	SymEvent - ok
10:21:02.0562 1940	SYMREDRV        (8b680afd7831169a9c4be321ad42653c) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
10:21:02.0562 1940	SYMREDRV - ok
10:21:02.0640 1940	SYMTDI          (675bf630bcf9af548a765c0525cc9a06) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
10:21:02.0656 1940	SYMTDI - ok
10:21:02.0765 1940	sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
10:21:02.0765 1940	sym_hi - ok
10:21:02.0828 1940	sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
10:21:02.0828 1940	sym_u3 - ok
10:21:02.0921 1940	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
10:21:02.0921 1940	sysaudio - ok
10:21:03.0015 1940	SysmonLog       (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
10:21:03.0031 1940	SysmonLog - ok
10:21:03.0140 1940	TapiSrv         (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
10:21:03.0171 1940	TapiSrv - ok
10:21:03.0296 1940	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:21:03.0328 1940	Tcpip - ok
10:21:03.0437 1940	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
10:21:03.0437 1940	TDPIPE - ok
10:21:03.0500 1940	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
10:21:03.0500 1940	TDTCP - ok
10:21:03.0578 1940	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
10:21:03.0578 1940	TermDD - ok
10:21:03.0703 1940	TermService     (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
10:21:03.0718 1940	TermService - ok
10:21:03.0812 1940	Themes          (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
10:21:03.0812 1940	Themes - ok
10:21:03.0937 1940	Tones           (e0f10a379239b4fab319c55a9cd6bc96) C:\WINDOWS\system32\DRIVERS\tonesnt.sys
10:21:03.0937 1940	Tones - ok
10:21:04.0046 1940	TosIde          (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
10:21:04.0046 1940	TosIde - ok
10:21:04.0156 1940	TrkWks          (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
10:21:04.0156 1940	TrkWks - ok
10:21:04.0265 1940	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
10:21:04.0281 1940	Udfs - ok
10:21:04.0328 1940	ultra           (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
10:21:04.0328 1940	ultra - ok
10:21:04.0484 1940	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
10:21:04.0500 1940	Update - ok
10:21:04.0562 1940	upnphost        (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
10:21:04.0562 1940	upnphost - ok
10:21:04.0640 1940	UPS             (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
10:21:04.0656 1940	UPS - ok
10:21:04.0765 1940	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:21:04.0765 1940	usbccgp - ok
10:21:04.0843 1940	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:21:04.0843 1940	usbehci - ok
10:21:04.0906 1940	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:21:04.0921 1940	usbhub - ok
10:21:04.0968 1940	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:21:04.0968 1940	usbprint - ok
10:21:05.0031 1940	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:21:05.0031 1940	usbscan - ok
10:21:05.0109 1940	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:21:05.0109 1940	USBSTOR - ok
10:21:05.0187 1940	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:21:05.0187 1940	usbuhci - ok
10:21:05.0218 1940	USB_RNDIS_XP    (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys
10:21:05.0234 1940	USB_RNDIS_XP - ok
10:21:05.0328 1940	V124            (177b65899d418f8c8f037b20567a99d6) C:\WINDOWS\system32\DRIVERS\v124nt.sys
10:21:05.0359 1940	V124 - ok
10:21:05.0421 1940	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
10:21:05.0421 1940	VgaSave - ok
10:21:05.0531 1940	viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
10:21:05.0531 1940	viaagp - ok
10:21:05.0609 1940	ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
10:21:05.0609 1940	ViaIde - ok
10:21:05.0703 1940	VolSnap         (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
10:21:05.0703 1940	VolSnap - ok
10:21:05.0828 1940	VSS             (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
10:21:05.0859 1940	VSS - ok
10:21:05.0953 1940	w32time         (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
10:21:05.0968 1940	w32time - ok
10:21:06.0078 1940	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:21:06.0078 1940	Wanarp - ok
10:21:06.0140 1940	WDICA - ok
10:21:06.0203 1940	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
10:21:06.0203 1940	wdmaud - ok
10:21:06.0265 1940	WebClient       (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
10:21:06.0265 1940	WebClient - ok
10:21:06.0468 1940	winachsf        (a941aa38e3951058e584c4bbddd56ed9) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
10:21:06.0500 1940	winachsf - ok
10:21:06.0671 1940	winmgmt         (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
10:21:06.0671 1940	winmgmt - ok
10:21:06.0859 1940	WmdmPmSN        (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll
10:21:06.0875 1940	WmdmPmSN - ok
10:21:07.0000 1940	WmiApSrv        (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
10:21:07.0000 1940	WmiApSrv - ok
10:21:07.0109 1940	wscsvc          (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
10:21:07.0171 1940	wscsvc - ok
10:21:07.0250 1940	wuauserv        (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
10:21:07.0265 1940	wuauserv - ok
10:21:07.0421 1940	WZCSVC          (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
10:21:07.0437 1940	WZCSVC - ok
10:21:07.0531 1940	xmlprov         (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
10:21:07.0531 1940	xmlprov - ok
10:21:07.0656 1940	{6080A529-897E-4629-A488-ABA0C29B635E} (6f221e213521179132cf019d9dbf5cae) C:\WINDOWS\system32\drivers\ialmsbw.sys
10:21:07.0656 1940	{6080A529-897E-4629-A488-ABA0C29B635E} - ok
10:21:07.0796 1940	{D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (d972db6f3fc84df74adc2a305e436301) C:\WINDOWS\system32\drivers\ialmkchw.sys
10:21:07.0796 1940	{D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
10:21:07.0859 1940	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
10:21:08.0109 1940	\Device\Harddisk0\DR0 - ok
10:21:08.0187 1940	MBR (0x1B8)     (996dd28ffe22994059bafa016fadfd2a) \Device\Harddisk1\DR3
10:21:08.0187 1940	\Device\Harddisk1\DR3 - ok
10:21:08.0218 1940	Boot (0x1200)   (0bed746c0048138941d22d0e76832d64) \Device\Harddisk0\DR0\Partition0
10:21:08.0218 1940	\Device\Harddisk0\DR0\Partition0 - ok
10:21:08.0265 1940	Boot (0x1200)   (b06c506e4b8e673ebbe7c4d826134e94) \Device\Harddisk1\DR3\Partition0
10:21:08.0265 1940	\Device\Harddisk1\DR3\Partition0 - ok
10:21:08.0296 1940	============================================================
10:21:08.0296 1940	Scan finished
10:21:08.0296 1940	============================================================
10:21:08.0359 1976	Detected object count: 0
10:21:08.0359 1976	Actual detected object count: 0
10:21:12.0484 1928	Deinitialize success

TDSSKiller.2.7.34.0_08.05.2012_13.22.49_log
13:22:50.0046 0464	TDSS rootkit removing tool 2.7.34.0 May  2 2012 09:59:18
13:22:52.0093 0464	============================================================
13:22:52.0093 0464	Current date / time: 2012/05/08 13:22:52.0093
13:22:52.0093 0464	SystemInfo:
13:22:52.0093 0464	
13:22:52.0093 0464	OS Version: 5.1.2600 ServicePack: 3.0
13:22:52.0093 0464	Product type: Workstation
13:22:52.0093 0464	ComputerName: DJT2BM11
13:22:52.0093 0464	UserName: milt
13:22:52.0093 0464	Windows directory: C:\WINDOWS
13:22:52.0093 0464	System windows directory: C:\WINDOWS
13:22:52.0093 0464	Processor architecture: Intel x86
13:22:52.0093 0464	Number of processors: 1
13:22:52.0093 0464	Page size: 0x1000
13:22:52.0093 0464	Boot type: Safe boot with network
13:22:52.0093 0464	============================================================
13:22:58.0656 0464	Drive \Device\Harddisk0\DR0 - Size: 0x4A94F0000 (18.65 Gb), SectorSize: 0x200, Cylinders: 0x982, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:22:58.0937 0464	Drive \Device\Harddisk1\DR3 - Size: 0xEC580000 (3.69 Gb), SectorSize: 0x200, Cylinders: 0x1E2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:22:58.0937 0464	============================================================
13:22:58.0937 0464	\Device\Harddisk0\DR0:
13:22:58.0968 0464	MBR partitions:
13:22:58.0968 0464	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xFB04, BlocksNum 0x2536D3D
13:22:58.0968 0464	\Device\Harddisk1\DR3:
13:22:58.0984 0464	MBR partitions:
13:22:58.0984 0464	\Device\Harddisk1\DR3\Partition0: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x760C00
13:22:58.0984 0464	============================================================
13:22:59.0156 0464	C: <-> \Device\Harddisk0\DR0\Partition0
13:22:59.0187 0464	============================================================
13:22:59.0187 0464	Initialize success
13:22:59.0187 0464	============================================================
13:23:02.0250 1708	============================================================
13:23:02.0250 1708	Scan started
13:23:02.0250 1708	Mode: Manual; 
13:23:02.0250 1708	============================================================
13:23:06.0140 1708	Abiosdsk - ok
13:23:06.0187 1708	abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
13:23:06.0187 1708	abp480n5 - ok
13:23:06.0468 1708	ACPI            (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:23:06.0500 1708	ACPI - ok
13:23:06.0625 1708	ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:23:06.0625 1708	ACPIEC - ok
13:23:06.0750 1708	adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
13:23:06.0750 1708	adpu160m - ok
13:23:06.0828 1708	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:23:06.0843 1708	aec - ok
13:23:06.0984 1708	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
13:23:07.0000 1708	AFD - ok
13:23:07.0187 1708	agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
13:23:07.0203 1708	agp440 - ok
13:23:07.0281 1708	agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
13:23:07.0281 1708	agpCPQ - ok
13:23:07.0390 1708	Aha154x         (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
13:23:07.0421 1708	Aha154x - ok
13:23:07.0578 1708	aic78u2         (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
13:23:07.0578 1708	aic78u2 - ok
13:23:07.0734 1708	aic78xx         (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
13:23:07.0750 1708	aic78xx - ok
13:23:07.0953 1708	Alerter         (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
13:23:07.0953 1708	Alerter - ok
13:23:08.0015 1708	ALG             (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
13:23:08.0015 1708	ALG - ok
13:23:08.0171 1708	AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
13:23:08.0203 1708	AliIde - ok
13:23:08.0281 1708	alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
13:23:08.0281 1708	alim1541 - ok
13:23:08.0359 1708	amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
13:23:08.0359 1708	amdagp - ok
13:23:08.0437 1708	amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
13:23:08.0437 1708	amsint - ok
13:23:08.0484 1708	AppMgmt - ok
13:23:08.0578 1708	asc             (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
13:23:08.0578 1708	asc - ok
13:23:08.0671 1708	asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
13:23:08.0687 1708	asc3350p - ok
13:23:08.0765 1708	asc3550         (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
13:23:08.0765 1708	asc3550 - ok
13:23:09.0078 1708	aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:23:09.0140 1708	aspnet_state - ok
13:23:09.0265 1708	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:23:09.0265 1708	AsyncMac - ok
13:23:09.0531 1708	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:23:09.0546 1708	atapi - ok
13:23:09.0609 1708	Atdisk - ok
13:23:09.0812 1708	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:23:09.0812 1708	Atmarpc - ok
13:23:09.0906 1708	AudioSrv        (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
13:23:09.0906 1708	AudioSrv - ok
13:23:10.0015 1708	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:23:10.0031 1708	audstub - ok
13:23:10.0250 1708	AX88772         (b77ad79bbd5d53d1a85f988f04bc1365) C:\WINDOWS\system32\DRIVERS\ax88772.sys
13:23:10.0265 1708	AX88772 - ok
13:23:10.0375 1708	basic2          (9372cc48814a17e67c28945eb4acc189) C:\WINDOWS\system32\DRIVERS\basic2.sys
13:23:10.0406 1708	basic2 - ok
13:23:10.0562 1708	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:23:10.0562 1708	Beep - ok
13:23:10.0984 1708	BITS            (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
13:23:11.0328 1708	BITS - ok
13:23:11.0437 1708	Browser         (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
13:23:11.0437 1708	Browser - ok
13:23:11.0609 1708	bvrp_pci        (c043ca48f1f5c00ff8272180fbbd15e9) C:\WINDOWS\system32\drivers\bvrp_pci.sys
13:23:11.0640 1708	bvrp_pci - ok
13:23:11.0781 1708	cbidf           (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
13:23:11.0781 1708	cbidf - ok
13:23:11.0828 1708	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:23:11.0843 1708	cbidf2k - ok
13:23:11.0937 1708	cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
13:23:11.0953 1708	cd20xrnt - ok
13:23:12.0062 1708	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:23:12.0078 1708	Cdaudio - ok
13:23:12.0156 1708	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:23:12.0156 1708	Cdfs - ok
13:23:12.0281 1708	Cdr4_xp         (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
13:23:12.0281 1708	Cdr4_xp - ok
13:23:12.0343 1708	Cdralw2k        (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
13:23:12.0343 1708	Cdralw2k - ok
13:23:12.0484 1708	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:23:12.0484 1708	Cdrom - ok
13:23:12.0531 1708	Changer - ok
13:23:12.0656 1708	cisvc           (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\System32\cisvc.exe
13:23:12.0671 1708	cisvc - ok
13:23:12.0859 1708	ClipSrv         (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
13:23:12.0859 1708	ClipSrv - ok
13:23:13.0078 1708	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:23:13.0312 1708	clr_optimization_v2.0.50727_32 - ok
13:23:13.0484 1708	CmdIde          (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
13:23:13.0500 1708	CmdIde - ok
13:23:13.0546 1708	COMSysApp - ok
13:23:13.0734 1708	Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
13:23:13.0734 1708	Cpqarray - ok
13:23:13.0828 1708	CryptSvc        (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
13:23:13.0828 1708	CryptSvc - ok
13:23:13.0984 1708	dac2w2k         (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
13:23:13.0984 1708	dac2w2k - ok
13:23:14.0078 1708	dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
13:23:14.0078 1708	dac960nt - ok
13:23:14.0500 1708	DcomLaunch      (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
13:23:14.0531 1708	DcomLaunch - ok
13:23:14.0671 1708	Dhcp            (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
13:23:14.0671 1708	Dhcp - ok
13:23:14.0796 1708	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:23:14.0796 1708	Disk - ok
13:23:14.0859 1708	dmadmin - ok
13:23:15.0703 1708	dmboot          (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
13:23:15.0906 1708	dmboot - ok
13:23:16.0109 1708	dmio            (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
13:23:16.0125 1708	dmio - ok
13:23:16.0234 1708	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:23:16.0234 1708	dmload - ok
13:23:16.0328 1708	dmserver        (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
13:23:16.0328 1708	dmserver - ok
13:23:16.0453 1708	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:23:16.0468 1708	DMusic - ok
13:23:16.0625 1708	Dnscache        (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
13:23:16.0656 1708	Dnscache - ok
13:23:16.0796 1708	Dot3svc         (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
13:23:16.0796 1708	Dot3svc - ok
13:23:16.0937 1708	dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
13:23:16.0937 1708	dpti2o - ok
13:23:17.0015 1708	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:23:17.0015 1708	drmkaud - ok
13:23:17.0125 1708	EapHost         (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
13:23:17.0140 1708	EapHost - ok
13:23:17.0234 1708	EL90XBC         (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
13:23:17.0234 1708	EL90XBC - ok
13:23:17.0312 1708	ERSvc           (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
13:23:17.0359 1708	ERSvc - ok
13:23:17.0437 1708	Eventlog        (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
13:23:17.0468 1708	Eventlog - ok
13:23:17.0781 1708	EventSystem     (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
13:23:17.0781 1708	EventSystem - ok
13:23:18.0234 1708	Fallback        (9ea76a7f28cd968f8adc709e479f23b2) C:\WINDOWS\system32\DRIVERS\fallback.sys
13:23:18.0265 1708	Fallback - ok
13:23:18.0515 1708	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:23:18.0515 1708	Fastfat - ok
13:23:18.0750 1708	FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:23:18.0796 1708	FastUserSwitchingCompatibility - ok
13:23:19.0187 1708	Fax             (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
13:23:19.0234 1708	Fax - ok
13:23:19.0328 1708	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
13:23:19.0328 1708	Fdc - ok
13:23:19.0484 1708	Fips            (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
13:23:19.0484 1708	Fips - ok
13:23:19.0562 1708	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:23:19.0578 1708	Flpydisk - ok
13:23:19.0765 1708	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
13:23:19.0781 1708	FltMgr - ok
13:23:20.0218 1708	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:23:20.0218 1708	FontCache3.0.0.0 - ok
13:23:20.0421 1708	Fsks            (b7b262d0431374f3afd1349e35b368d9) C:\WINDOWS\system32\DRIVERS\fsksnt.sys
13:23:20.0437 1708	Fsks - ok
13:23:20.0593 1708	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:23:20.0593 1708	Fs_Rec - ok
13:23:20.0687 1708	Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:23:20.0687 1708	Ftdisk - ok
13:23:20.0828 1708	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:23:20.0843 1708	Gpc - ok
13:23:20.0968 1708	helpsvc         (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:23:20.0984 1708	helpsvc - ok
13:23:21.0031 1708	HidServ - ok
13:23:21.0140 1708	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:23:21.0140 1708	HidUsb - ok
13:23:21.0343 1708	hkmsvc          (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
13:23:21.0359 1708	hkmsvc - ok
13:23:21.0484 1708	hpn             (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
13:23:21.0500 1708	hpn - ok
13:23:21.0640 1708	hpt3xx          (b077b7f8e79779ea967e84a4fc040227) C:\WINDOWS\System32\DRIVERS\hpt3xx.sys
13:23:21.0640 1708	hpt3xx - ok
13:23:22.0421 1708	hsf_msft        (74e379857d4c0dfb56de2d19b8f4c434) C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys
13:23:22.0750 1708	hsf_msft - ok
13:23:22.0984 1708	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
13:23:23.0031 1708	HTTP - ok
13:23:23.0187 1708	HTTPFilter      (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
13:23:23.0218 1708	HTTPFilter - ok
13:23:23.0328 1708	i2omgmt         (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
13:23:23.0343 1708	i2omgmt - ok
13:23:23.0390 1708	i2omp           (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
13:23:23.0390 1708	i2omp - ok
13:23:23.0500 1708	i8042prt        (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:23:23.0500 1708	i8042prt - ok
13:23:24.0359 1708	ialm            (44b7d5a4f2bd9fe21aea0bb0bace38c4) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
13:23:24.0703 1708	ialm - ok
13:23:25.0171 1708	IDriverT        (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
13:23:25.0218 1708	IDriverT - ok
13:23:26.0375 1708	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:23:26.0750 1708	idsvc - ok
13:23:27.0625 1708	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\drivers\Imapi.sys
13:23:27.0625 1708	Imapi - ok
13:23:27.0875 1708	ImapiService    (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\System32\Imapi.exe
13:23:27.0890 1708	ImapiService - ok
13:23:28.0015 1708	ini910u         (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
13:23:28.0015 1708	ini910u - ok
13:23:28.0203 1708	IntelIde        (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
13:23:28.0203 1708	IntelIde - ok
13:23:28.0312 1708	ip6fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
13:23:28.0312 1708	ip6fw - ok
13:23:28.0468 1708	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:23:28.0500 1708	IpFilterDriver - ok
13:23:28.0640 1708	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:23:28.0640 1708	IpInIp - ok
13:23:28.0828 1708	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:23:28.0843 1708	IpNat - ok
13:23:29.0015 1708	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:23:29.0031 1708	IPSec - ok
13:23:29.0140 1708	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:23:29.0156 1708	IRENUM - ok
13:23:29.0250 1708	isapnp          (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:23:29.0250 1708	isapnp - ok
13:23:29.0468 1708	K56             (a4e3277398c8aba999483d4c658c9696) C:\WINDOWS\system32\DRIVERS\k56nt.sys
13:23:29.0515 1708	K56 - ok
13:23:29.0609 1708	Kbdclass        (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:23:29.0609 1708	Kbdclass - ok
13:23:29.0781 1708	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:23:29.0796 1708	kmixer - ok
13:23:29.0890 1708	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
13:23:29.0921 1708	KSecDD - ok
13:23:30.0031 1708	lanmanserver    (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
13:23:30.0031 1708	lanmanserver - ok
13:23:30.0250 1708	lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
13:23:30.0250 1708	lanmanworkstation - ok
13:23:30.0312 1708	lbrtfdc - ok
13:23:30.0421 1708	LexBceS         (2a125981bb23f0a023255d39b7e1c25e) C:\WINDOWS\system32\LEXBCES.EXE
13:23:30.0453 1708	LexBceS - ok
13:23:30.0625 1708	LmHosts         (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
13:23:30.0625 1708	LmHosts - ok
13:23:30.0687 1708	LXARScan - ok
13:23:30.0734 1708	lxcr_device - ok
13:23:30.0812 1708	mbamchameleon - ok
13:23:30.0906 1708	MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
13:23:30.0921 1708	MBAMProtector - ok
13:23:30.0968 1708	MBAMService - ok
13:23:31.0093 1708	MBAMSwissArmy   (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
13:23:31.0109 1708	MBAMSwissArmy - ok
13:23:31.0281 1708	Messenger       (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
13:23:31.0296 1708	Messenger - ok
13:23:31.0390 1708	mfeapfk         (688b626fca708ee9eb161cad1f7363a9) C:\WINDOWS\system32\drivers\mfeapfk.sys
13:23:31.0406 1708	mfeapfk - ok
13:23:32.0015 1708	mfehidk         (44184f32392fa2e94d08d056ce750d56) C:\WINDOWS\system32\drivers\mfehidk.sys
13:23:32.0187 1708	mfehidk - ok
13:23:32.0312 1708	mfevtp          (6991a9ea5e74e6035b8dab17a7572cf3) C:\WINDOWS\system32\mfevtps.exe
13:23:32.0328 1708	mfevtp - ok
13:23:32.0421 1708	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:23:32.0421 1708	mnmdd - ok
13:23:32.0531 1708	mnmsrvc         (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
13:23:32.0546 1708	mnmsrvc - ok
13:23:32.0796 1708	Modem           (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
13:23:32.0796 1708	Modem - ok
13:23:32.0906 1708	Mouclass        (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:23:32.0921 1708	Mouclass - ok
13:23:32.0984 1708	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:23:33.0000 1708	MountMgr - ok
13:23:33.0171 1708	mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
13:23:33.0171 1708	mraid35x - ok
13:23:33.0265 1708	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:23:33.0281 1708	MRxDAV - ok
13:23:33.0468 1708	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:23:33.0593 1708	MRxSmb - ok
13:23:33.0687 1708	MSDTC           (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
13:23:33.0687 1708	MSDTC - ok
13:23:33.0812 1708	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:23:33.0828 1708	Msfs - ok
13:23:33.0875 1708	MSIServer - ok
13:23:33.0937 1708	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:23:33.0937 1708	MSKSSRV - ok
13:23:34.0000 1708	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:23:34.0000 1708	MSPCLOCK - ok
13:23:34.0078 1708	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:23:34.0078 1708	MSPQM - ok
13:23:34.0156 1708	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:23:34.0171 1708	mssmbios - ok
13:23:34.0375 1708	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
13:23:34.0375 1708	Mup - ok
13:23:34.0515 1708	MxlW2k          (19dd5c581eef70134ccef87d626f4417) C:\WINDOWS\system32\drivers\MxlW2k.sys
13:23:34.0515 1708	MxlW2k - ok
13:23:34.0671 1708	napagent        (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
13:23:34.0687 1708	napagent - ok
13:23:34.0859 1708	NAVAP           (7ff0e3941c23bc84baa1bb1111720a84) C:\WINDOWS\System32\Drivers\NAVAP.SYS
13:23:34.0875 1708	NAVAP - ok
13:23:35.0078 1708	navapsvc        (abcffd7890dbb4426fd1eadfdabe17ce) C:\Program Files\Norton AntiVirus\navapsvc.exe
13:23:35.0078 1708	navapsvc - ok
13:23:35.0296 1708	NAVENG          (6dcf7081fc4290400bbc56b1963a5d62) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20010808.016\NAVENG.SYS
13:23:35.0312 1708	NAVENG - ok
13:23:35.0453 1708	NAVEX15         (fd5e795d8ca4d0836d69d52f2170d79f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20010808.016\NAVEX15.SYS
13:23:35.0593 1708	NAVEX15 - ok
13:23:35.0687 1708	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:23:35.0703 1708	NDIS - ok
13:23:35.0828 1708	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:23:35.0875 1708	NdisTapi - ok
13:23:36.0031 1708	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:23:36.0031 1708	Ndisuio - ok
13:23:36.0234 1708	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:23:36.0234 1708	NdisWan - ok
13:23:36.0390 1708	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
13:23:36.0421 1708	NDProxy - ok
13:23:36.0484 1708	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:23:36.0531 1708	NetBIOS - ok
13:23:36.0656 1708	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:23:36.0671 1708	NetBT - ok
13:23:36.0796 1708	NetDDE          (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
13:23:36.0812 1708	NetDDE - ok
13:23:36.0859 1708	NetDDEdsdm      (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
13:23:36.0859 1708	NetDDEdsdm - ok
13:23:37.0000 1708	Netlogon        (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
13:23:37.0031 1708	Netlogon - ok
13:23:37.0093 1708	Netman          (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
13:23:37.0109 1708	Netman - ok
13:23:37.0390 1708	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:23:37.0390 1708	NetTcpPortSharing - ok
13:23:37.0656 1708	Nla             (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
13:23:37.0718 1708	Nla - ok
13:23:37.0828 1708	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:23:37.0859 1708	Npfs - ok
13:23:38.0156 1708	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:23:38.0250 1708	Ntfs - ok
13:23:38.0343 1708	NtLmSsp         (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
13:23:38.0343 1708	NtLmSsp - ok
13:23:38.0625 1708	NtmsSvc         (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
13:23:38.0796 1708	NtmsSvc - ok
13:23:38.0906 1708	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:23:38.0906 1708	Null - ok
13:23:39.0578 1708	nv              (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:23:39.0734 1708	nv - ok
13:23:40.0296 1708	nv4             (4d31783965b0b7ced7db3f4ee14cf260) C:\WINDOWS\system32\DRIVERS\nv4.sys
13:23:40.0375 1708	nv4 - ok
13:23:40.0484 1708	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:23:40.0531 1708	NwlnkFlt - ok
13:23:40.0609 1708	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:23:40.0609 1708	NwlnkFwd - ok
13:23:40.0703 1708	P3              (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
13:23:40.0718 1708	P3 - ok
13:23:40.0843 1708	Parport         (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
13:23:40.0843 1708	Parport - ok
13:23:40.0937 1708	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:23:40.0953 1708	PartMgr - ok
13:23:41.0046 1708	ParVdm          (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
13:23:41.0062 1708	ParVdm - ok
13:23:41.0156 1708	PCI             (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
13:23:41.0156 1708	PCI - ok
13:23:41.0187 1708	PCIDump - ok
13:23:41.0265 1708	PCIIde          (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:23:41.0265 1708	PCIIde - ok
13:23:41.0328 1708	Pcmcia          (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:23:41.0359 1708	Pcmcia - ok
13:23:41.0390 1708	PDCOMP - ok
13:23:41.0437 1708	PDFRAME - ok
13:23:41.0500 1708	PDRELI - ok
13:23:41.0546 1708	PDRFRAME - ok
13:23:41.0625 1708	perc2           (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
13:23:41.0625 1708	perc2 - ok
13:23:41.0671 1708	perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
13:23:41.0687 1708	perc2hib - ok
13:23:41.0859 1708	PlugPlay        (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
13:23:41.0875 1708	PlugPlay - ok
13:23:41.0968 1708	PolicyAgent     (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
13:23:41.0968 1708	PolicyAgent - ok
13:23:42.0109 1708	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:23:42.0125 1708	PptpMiniport - ok
13:23:42.0187 1708	Processor       (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
13:23:42.0187 1708	Processor - ok
13:23:42.0218 1708	ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:23:42.0250 1708	ProtectedStorage - ok
13:23:42.0312 1708	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:23:42.0312 1708	PSched - ok
13:23:42.0468 1708	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:23:42.0468 1708	Ptilink - ok
13:23:42.0578 1708	PxHelp20        (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:23:42.0578 1708	PxHelp20 - ok
13:23:42.0687 1708	ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
13:23:42.0687 1708	ql1080 - ok
13:23:42.0750 1708	Ql10wnt         (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
13:23:42.0750 1708	Ql10wnt - ok
13:23:42.0796 1708	ql12160         (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
13:23:42.0812 1708	ql12160 - ok
13:23:42.0875 1708	ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
13:23:42.0890 1708	ql1240 - ok
13:23:42.0953 1708	ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
13:23:42.0953 1708	ql1280 - ok
13:23:43.0031 1708	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:23:43.0046 1708	RasAcd - ok
13:23:43.0125 1708	RasAuto         (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
13:23:43.0156 1708	RasAuto - ok
13:23:43.0265 1708	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:23:43.0265 1708	Rasl2tp - ok
13:23:43.0390 1708	RasMan          (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
13:23:43.0390 1708	RasMan - ok
13:23:43.0453 1708	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:23:43.0468 1708	RasPppoe - ok
13:23:43.0578 1708	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:23:43.0609 1708	Raspti - ok
13:23:43.0703 1708	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:23:43.0718 1708	Rdbss - ok
13:23:43.0812 1708	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:23:43.0812 1708	RDPCDD - ok
13:23:43.0906 1708	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:23:43.0921 1708	rdpdr - ok
13:23:44.0062 1708	RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
13:23:44.0078 1708	RDPWD - ok
13:23:44.0156 1708	RDSessMgr       (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
13:23:44.0156 1708	RDSessMgr - ok
13:23:44.0250 1708	redbook         (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:23:44.0265 1708	redbook - ok
13:23:44.0343 1708	RemoteAccess    (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
13:23:44.0359 1708	RemoteAccess - ok
13:23:44.0578 1708	Rksample        (4c35e57300a2dc5932a8e29efa527c32) C:\WINDOWS\system32\DRIVERS\rksample.sys
13:23:44.0593 1708	Rksample - ok
13:23:44.0796 1708	RpcLocator      (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
13:23:44.0796 1708	RpcLocator - ok
13:23:44.0968 1708	RpcSs           (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
13:23:44.0984 1708	RpcSs - ok
13:23:45.0078 1708	RSVP            (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
13:23:45.0093 1708	RSVP - ok
13:23:45.0171 1708	SamSs           (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:23:45.0187 1708	SamSs - ok
13:23:45.0562 1708	SBService       (3db0459e2661531bfe88ae0a182d019a) C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
13:23:45.0562 1708	SBService - ok
13:23:45.0640 1708	SCardSvr        (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
13:23:45.0656 1708	SCardSvr - ok
13:23:45.0843 1708	Schedule        (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
13:23:45.0859 1708	Schedule - ok
13:23:45.0984 1708	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:23:45.0984 1708	Secdrv - ok
13:23:46.0046 1708	seclogon        (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
13:23:46.0046 1708	seclogon - ok
13:23:46.0187 1708	SENS            (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
13:23:46.0203 1708	SENS - ok
13:23:46.0328 1708	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
13:23:46.0328 1708	serenum - ok
13:23:46.0406 1708	Serial          (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
13:23:46.0406 1708	Serial - ok
13:23:46.0593 1708	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:23:46.0593 1708	Sfloppy - ok
13:23:46.0828 1708	SharedAccess    (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
13:23:46.0906 1708	SharedAccess - ok
13:23:47.0000 1708	ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:23:47.0000 1708	ShellHWDetection - ok
13:23:47.0078 1708	Simbad - ok
13:23:47.0171 1708	sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
13:23:47.0187 1708	sisagp - ok
13:23:47.0359 1708	smwdm           (b911c822922cf62df83ad36d5c9775cc) C:\WINDOWS\system32\drivers\smwdm.sys
13:23:47.0390 1708	smwdm - ok
13:23:47.0468 1708	SoftFax         (413cfa795cad19a010889df0ec060408) C:\WINDOWS\system32\DRIVERS\faxnt.sys
13:23:47.0515 1708	SoftFax - ok
13:23:47.0656 1708	SONYPVU1        (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
13:23:47.0656 1708	SONYPVU1 - ok
13:23:47.0796 1708	Sparrow         (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
13:23:47.0796 1708	Sparrow - ok
13:23:47.0906 1708	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:23:47.0906 1708	splitter - ok
13:23:47.0984 1708	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
13:23:47.0984 1708	Spooler - ok
13:23:48.0062 1708	sr              (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
13:23:48.0062 1708	sr - ok
13:23:48.0187 1708	srservice       (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\System32\srsvc.dll
13:23:48.0187 1708	srservice - ok
13:23:48.0312 1708	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
13:23:48.0343 1708	Srv - ok
13:23:48.0437 1708	SSDPSRV         (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
13:23:48.0453 1708	SSDPSRV - ok
13:23:48.0734 1708	stisvc          (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
13:23:48.0750 1708	stisvc - ok
13:23:48.0921 1708	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:23:48.0921 1708	swenum - ok
13:23:49.0015 1708	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:23:49.0031 1708	swmidi - ok
13:23:49.0078 1708	SwPrv - ok
13:23:49.0203 1708	symc810         (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
13:23:49.0203 1708	symc810 - ok
13:23:49.0265 1708	symc8xx         (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
13:23:49.0296 1708	symc8xx - ok
13:23:49.0500 1708	SymEvent        (a769203607d8af4efa01148ae86697d5) C:\Program Files\Symantec\SYMEVENT.SYS
13:23:49.0500 1708	SymEvent - ok
13:23:49.0671 1708	SYMREDRV        (8b680afd7831169a9c4be321ad42653c) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
13:23:49.0671 1708	SYMREDRV - ok
13:23:49.0765 1708	SYMTDI          (675bf630bcf9af548a765c0525cc9a06) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
13:23:49.0781 1708	SYMTDI - ok
13:23:49.0875 1708	sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
13:23:49.0875 1708	sym_hi - ok
13:23:49.0937 1708	sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
13:23:49.0937 1708	sym_u3 - ok
13:23:50.0046 1708	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:23:50.0046 1708	sysaudio - ok
13:23:50.0156 1708	SysmonLog       (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
13:23:50.0156 1708	SysmonLog - ok
13:23:50.0281 1708	TapiSrv         (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
13:23:50.0296 1708	TapiSrv - ok
13:23:50.0546 1708	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:23:50.0625 1708	Tcpip - ok
13:23:50.0765 1708	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:23:50.0765 1708	TDPIPE - ok
13:23:50.0859 1708	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:23:50.0859 1708	TDTCP - ok
13:23:50.0937 1708	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:23:50.0953 1708	TermDD - ok
13:23:51.0171 1708	TermService     (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
13:23:51.0187 1708	TermService - ok
13:23:51.0281 1708	Themes          (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:23:51.0281 1708	Themes - ok
13:23:51.0390 1708	Tones           (e0f10a379239b4fab319c55a9cd6bc96) C:\WINDOWS\system32\DRIVERS\tonesnt.sys
13:23:51.0390 1708	Tones - ok
13:23:51.0484 1708	TosIde          (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
13:23:51.0484 1708	TosIde - ok
13:23:51.0593 1708	TrkWks          (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
13:23:51.0609 1708	TrkWks - ok
13:23:51.0734 1708	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:23:51.0734 1708	Udfs - ok
13:23:51.0828 1708	ultra           (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
13:23:51.0828 1708	ultra - ok
13:23:51.0937 1708	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:23:52.0000 1708	Update - ok
13:23:52.0125 1708	upnphost        (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
13:23:52.0140 1708	upnphost - ok
13:23:52.0187 1708	UPS             (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
13:23:52.0203 1708	UPS - ok
13:23:52.0296 1708	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:23:52.0296 1708	usbccgp - ok
13:23:52.0375 1708	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:23:52.0375 1708	usbehci - ok
13:23:52.0453 1708	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:23:52.0453 1708	usbhub - ok
13:23:52.0546 1708	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:23:52.0546 1708	usbprint - ok
13:23:52.0625 1708	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:23:52.0625 1708	usbscan - ok
13:23:52.0718 1708	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:23:52.0718 1708	USBSTOR - ok
13:23:52.0812 1708	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:23:52.0843 1708	usbuhci - ok
13:23:52.0953 1708	USB_RNDIS_XP    (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys
13:23:52.0984 1708	USB_RNDIS_XP - ok
13:23:53.0109 1708	V124            (177b65899d418f8c8f037b20567a99d6) C:\WINDOWS\system32\DRIVERS\v124nt.sys
13:23:53.0187 1708	V124 - ok
13:23:53.0281 1708	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:23:53.0281 1708	VgaSave - ok
13:23:53.0406 1708	viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
13:23:53.0406 1708	viaagp - ok
13:23:53.0500 1708	ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
13:23:53.0500 1708	ViaIde - ok
13:23:53.0625 1708	VolSnap         (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
13:23:53.0640 1708	VolSnap - ok
13:23:53.0906 1708	VSS             (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
13:23:53.0968 1708	VSS - ok
13:23:54.0250 1708	w32time         (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
13:23:54.0281 1708	w32time - ok
13:23:54.0406 1708	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:23:54.0406 1708	Wanarp - ok
13:23:54.0468 1708	WDICA - ok
13:23:54.0656 1708	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:23:54.0656 1708	wdmaud - ok
13:23:54.0812 1708	WebClient       (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
13:23:54.0843 1708	WebClient - ok
13:23:55.0234 1708	winachsf        (a941aa38e3951058e584c4bbddd56ed9) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
13:23:55.0312 1708	winachsf - ok
13:23:55.0546 1708	winmgmt         (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
13:23:55.0546 1708	winmgmt - ok
13:23:55.0781 1708	WmdmPmSN        (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll
13:23:55.0781 1708	WmdmPmSN - ok
13:23:55.0921 1708	WmiApSrv        (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
13:23:55.0937 1708	WmiApSrv - ok
13:23:56.0046 1708	wscsvc          (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
13:23:56.0125 1708	wscsvc - ok
13:23:56.0187 1708	wuauserv        (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
13:23:56.0187 1708	wuauserv - ok
13:23:56.0484 1708	WZCSVC          (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
13:23:56.0578 1708	WZCSVC - ok
13:23:56.0703 1708	xmlprov         (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
13:23:56.0718 1708	xmlprov - ok
13:23:57.0109 1708	{6080A529-897E-4629-A488-ABA0C29B635E} (6f221e213521179132cf019d9dbf5cae) C:\WINDOWS\system32\drivers\ialmsbw.sys
13:23:57.0125 1708	{6080A529-897E-4629-A488-ABA0C29B635E} - ok
13:23:57.0328 1708	{D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (d972db6f3fc84df74adc2a305e436301) C:\WINDOWS\system32\drivers\ialmkchw.sys
13:23:57.0328 1708	{D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
13:23:57.0406 1708	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
13:23:57.0828 1708	\Device\Harddisk0\DR0 - ok
13:23:57.0875 1708	MBR (0x1B8)     (996dd28ffe22994059bafa016fadfd2a) \Device\Harddisk1\DR3
13:23:57.0890 1708	\Device\Harddisk1\DR3 - ok
13:23:57.0953 1708	Boot (0x1200)   (0bed746c0048138941d22d0e76832d64) \Device\Harddisk0\DR0\Partition0
13:23:57.0968 1708	\Device\Harddisk0\DR0\Partition0 - ok
13:23:58.0015 1708	Boot (0x1200)   (7c5d2c69989184a237a81942a0bd849f) \Device\Harddisk1\DR3\Partition0
13:23:58.0031 1708	\Device\Harddisk1\DR3\Partition0 - ok
13:23:58.0046 1708	============================================================
13:23:58.0046 1708	Scan finished
13:23:58.0046 1708	============================================================
13:23:58.0156 1580	Detected object count: 0
13:23:58.0156 1580	Actual detected object count: 0
13:24:01.0218 0436	Deinitialize success

mbam-log-2012-05-08 (13-20-57)
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.04.08

Windows XP Service Pack 3 x86 FAT32 (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
milt :: DJT2BM11 [administrator]

5/8/2012 1:20:57 PM
mbam-log-2012-05-08 (13-20-57).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 326184
Time elapsed: 1 hour(s), 10 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Weather Services (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 6
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowControlPanel (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowRun (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.

Folders Detected: 1
C:\WINDOWS\SYSTEM32\lowsec (Stolen.data) -> Quarantined and deleted successfully.

Files Detected: 26
C:\Documents and Settings\milt\Local Settings\Temp\d.exe (Trojan.Zbot) -> Quarantined and deleted successfully.
C:\Documents and Settings\milt\Local Settings\Temp\POS2.tmp (Spyware.Password) -> Quarantined and deleted successfully.
C:\Documents and Settings\milt\Local Settings\Temp\POSA.tmp (Spyware.Password) -> Quarantined and deleted successfully.
C:\Documents and Settings\milt\Local Settings\Temp\POSC.tmp (Trojan.Agent.SZ) -> Quarantined and deleted successfully.
C:\Documents and Settings\milt\Local Settings\Temp\wpbt0.dll (Trojan.VUPX.TP1) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP852\A1239406.exe (Spyware.Zbot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP852\A1241441.exe (Trojan.VUPX.TP1) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP852\A1241455.exe (Trojan.VUPX.TP1) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP852\A1241474.exe (Trojan.VUPX.TP1) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP855\A1242806.exe (Spyware.Spyeyes) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP855\A1242814.exe (Spyware.Spyeyes) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP855\A1242841.exe (Trojan.Agent.H) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP855\A1242871.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP855\A1242879.exe (Spyware.Password) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP855\A1242887.exe (Trojan.Zbot.FMC) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP855\A1242895.exe (Spyware.Spyeyes) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP855\A1242952.exe (Spyware.Spyeyes) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP855\A1243020.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP855\A1243044.exe (Spyware.Password.KB) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP855\A1244073.exe (Trojan.SpyEyes.DPGen) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP856\A1244114.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP856\A1245157.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\milt\Local Settings\Temp\c.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\milt\Local Settings\Temp\e.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\REGSVR.EXE (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.

(end)

Edited by ARKaMAN, 09 May 2012 - 09:55 AM.


#13 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:10:27 PM

Posted 09 May 2012 - 11:46 AM

Your Tdss logs look good to me. Can you get online with IE? If not have you checked for static ip's or a proxy? It looks like Malwarebytes is off to a good start but I don't see that it has gotten the malware that you want removed, unless you manually deleted the .exe files malwarebytes should eventually get them once we can get an updated version to run.

#14 ARKaMAN

ARKaMAN
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:27 PM

Posted 09 May 2012 - 12:23 PM

I can get online yes. I checked for a proxy. I have a custom static IP setup because it was getting the ip of 0.0.0.0 and gateway of 0.0.0.0 when it was in Safe Mode Networking. I also checked the hosts file. It looks ok.

#15 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:10:27 PM

Posted 10 May 2012 - 07:39 AM

If you are getting online, try to update malwarebytes again. If that doesn't work try to reinstall malwarebytes and see if that takes care of your update problem. That has worked for me on several computers.

Here is a link to a few other things you can try.

http://www.bleepingcomputer.com/forums/topic267354.html

Chameleon is something that I had somehow missed seeing and using before, sad to say. There is a portable tech version of SAS that you may want to look into. SAS is a great tool to have alongside malwarebytes.

Edited by Jimbob85, 10 May 2012 - 10:14 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users