Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Chronic "Aw, Snap"(Chrome)


  • Please log in to reply
9 replies to this topic

#1 Silverbak

Silverbak

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:13 AM

Posted 12 May 2012 - 05:05 PM

Hello,

Recently, Chrome has been crashing with the "Aw, Snap" message. It is especially bad in AOL mail, because I cannot compose or reply to an email. When the first letter is typed in the message box, Chrome crashes.

I performed a detailed scan using Avast, and found 16 PUP files, which I removed. I attempted a detailed scan twice using Malwarbytes. The first attempt resulted in "Serious Error, blue screen," and the second attempt (overnight) resulted in the computer being shut down. Additionally, I downloaded a fresh copy of Chrome, but no change.

Any guidance would be appreciated.

Robert

Edited by hamluis, 13 May 2012 - 06:04 AM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:13 PM

Posted 13 May 2012 - 03:13 PM

Hello,please run these.
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.




Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Silverbak

Silverbak
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:13 AM

Posted 15 May 2012 - 09:07 PM

Hello boopme,

Thanks for the quick reply.

MiniToolBox results:

MiniToolBox by Farbar Version: 18-01-2012
Ran by nanci bunten sieder (administrator) on 15-05-2012 at 17:07:54
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : DDPXBQ41

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : sd.cox.net



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : sd.cox.net

Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

Physical Address. . . . . . . . . : 00-0D-56-6A-EC-64

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.101

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 68.105.28.12

68.105.29.12

68.105.28.11

Lease Obtained. . . . . . . . . . : Tuesday, May 15, 2012 2:34:47 PM

Lease Expires . . . . . . . . . . : Wednesday, May 16, 2012 2:34:47 PM

Server: cdns2.cox.net
Address: 68.105.28.12

Name: google.com
Addresses: 74.125.224.201, 74.125.224.206, 74.125.224.192, 74.125.224.193
74.125.224.194, 74.125.224.195, 74.125.224.196, 74.125.224.197, 74.125.224.198
74.125.224.199, 74.125.224.200



Pinging google.com [74.125.224.229] with 32 bytes of data:



Reply from 74.125.224.229: bytes=32 time=32ms TTL=56

Reply from 74.125.224.229: bytes=32 time=34ms TTL=56



Ping statistics for 74.125.224.229:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 32ms, Maximum = 34ms, Average = 33ms

Server: cdns2.cox.net
Address: 68.105.28.12

Name: yahoo.com
Addresses: 72.30.38.140, 98.139.183.24, 209.191.122.70



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=37ms TTL=54

Reply from 72.30.38.140: bytes=32 time=35ms TTL=54



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 35ms, Maximum = 37ms, Average = 36ms

Server: cdns2.cox.net
Address: 68.105.28.12

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0d 56 6a ec 64 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.101 192.168.1.101 20
192.168.1.101 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.101 192.168.1.101 20
224.0.0.0 240.0.0.0 192.168.1.101 192.168.1.101 20
255.255.255.255 255.255.255.255 192.168.1.101 192.168.1.101 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/14/2012 02:37:08 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/14/2012 00:43:57 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/14/2012 09:30:21 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/12/2012 09:07:21 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/12/2012 08:52:04 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/12/2012 07:42:13 PM) (Source: Application Error) (User: )
Description: Fault bucket -1339759277.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (05/12/2012 06:45:26 PM) (Source: Application Error) (User: )
Description: Faulting application chrome.exe, version 18.0.1025.168, faulting module chrome.dll, version 18.0.1025.168, fault address 0x00ec2534.
Processing media-specific event for [chrome.exe!ws!]

Error: (05/11/2012 09:47:03 PM) (Source: Application Hang) (User: )
Description: Fault bucket 1878916232.

Error: (05/11/2012 09:46:28 PM) (Source: Application Hang) (User: )
Description: Fault bucket 1878916232.

Error: (05/11/2012 09:46:19 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 7.0.6000.17055, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (05/15/2012 02:34:45 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.101 for the Network Card with network address 000D566AEC64 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (05/15/2012 02:34:43 AM) (Source: ipnathlp) (User: )
Description: The Network Address Translator (NAT) was unable to request an operation
of the kernel-mode translation module.
This may indicate misconfiguration, insufficient resources, or
an internal error.
The data is the error code.

Error: (05/15/2012 02:34:43 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.101 for the Network Card with network address 000D566AEC64 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (05/14/2012 02:35:08 PM) (Source: Service Control Manager) (User: )
Description: The Upload Manager service failed to start due to the following error:
%%1079

Error: (05/14/2012 00:46:02 PM) (Source: System Error) (User: )
Description: Error code 000000ea, parameter1 897ff5b8, parameter2 8a33d1d0, parameter3 8a4ff308, parameter4 00000001.

Error: (05/14/2012 00:44:15 PM) (Source: System Error) (User: )
Description: Error code 0000004e, parameter1 00000099, parameter2 0001b5bb, parameter3 00000000, parameter4 00000000.

Error: (05/14/2012 00:43:53 PM) (Source: Service Control Manager) (User: )
Description: The Upload Manager service failed to start due to the following error:
%%1079

Error: (05/14/2012 10:27:35 AM) (Source: 0) (User: )
Description: C:

Error: (05/14/2012 09:31:20 AM) (Source: System Error) (User: )
Description: Error code 000000ea, parameter1 8a376a08, parameter2 8a394008, parameter3 8a557880, parameter4 00000001.

Error: (05/14/2012 09:30:18 AM) (Source: Service Control Manager) (User: )
Description: The Upload Manager service failed to start due to the following error:
%%1079


Microsoft Office Sessions:
=========================
Error: (05/14/2012 02:37:08 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/14/2012 00:43:57 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/14/2012 09:30:21 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/12/2012 09:07:21 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/12/2012 08:52:04 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

Error: (05/12/2012 07:42:13 PM) (Source: Application Error)(User: )
Description: -1339759277

Error: (05/12/2012 06:45:26 PM) (Source: Application Error)(User: )
Description: chrome.exe18.0.1025.168chrome.dll18.0.1025.16800ec2534

Error: (05/11/2012 09:47:03 PM) (Source: Application Hang)(User: )
Description: 1878916232

Error: (05/11/2012 09:46:28 PM) (Source: Application Hang)(User: )
Description: 1878916232

Error: (05/11/2012 09:46:19 PM) (Source: Application Hang)(User: )
Description: iexplore.exe7.0.6000.17055hungapp0.0.0.000000000


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.1.102.63)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Reader X (10.1.3) (Version: 10.1.3)
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
Auslogics Disk Defrag (Version: version 3.4)
AvancePaint v5.0.0
avast! Free Antivirus (Version: 7.0.1426.0)
Banctec Service Agreement (Version: 1.00.00)
Broadcom Management Programs (Version: 4.01.0000)
Canon Camera Access Library (Version: 8.1.1.17)
Canon Camera Support Core Library (Version: 7.3.1.6)
Canon Camera Window DC_DV 5 for ZoomBrowser EX (Version: 5.4.5.17)
Canon Camera Window DC_DV 6 for ZoomBrowser EX (Version: 6.2.0.8)
Canon Camera Window MC 6 for ZoomBrowser EX (Version: 6.1.0.7)
Canon G.726 WMP-Decoder (Version: 1.0.1.3)
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.2.0.13)
Canon RAW Image Task for ZoomBrowser EX (Version: 2.3.0.11)
Canon RemoteCapture Task for ZoomBrowser EX (Version: 1.5.0.5)
Canon Utilities EOS Utility (Version: 1.0.2.16)
Canon Utilities PhotoStitch (Version: 3.1.17.41)
Canon Utilities ZoomBrowser EX (Version: 5.6.0.27)
ClickTray Calendar
Cobian Backup 10
Coupon Printer for Windows (Version: 4.0)
DA920EN (Version: 1.0.0.0)
DeadLine Equation Solver (Version: 2.36.969)
Defraggler (Version: 2.07)
Dell AIO Printer A920
Dell Digital Jukebox Driver
Dell Networking Guide (Version: 1.00.0001)
Dell Solution Center (Version: 1.00.0000)
DellSupport (Version: 6.0.3062)
doPDF 6.1 printer
Download Updater (AOL LLC)
DriverAgent by TouchStone Software
ESET Online Scanner v3
Google Chrome (Version: 18.0.1025.168)
Google Update Helper (Version: 1.3.21.111)
Help and Support Customization (Version: 1.00.0000)
Intel® 537EP V9x DF PCI Modem
Intel® Extreme Graphics Driver
Internet Explorer Default Page (Version: 1.00.03)
IrfanView (remove only) (Version: 4.27)
Jasc Paint Shop Photo Album (Version: 4.0.3)
Jasc Paint Shop Pro 8 Dell Edition (Version: 8.10.0000)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ 7 Update 4 (Version: 7.0.40)
Java™ SE Development Kit 7 Update 2 (Version: 1.7.0.20)
JavaFX 2.0.2 SDK (Version: 2.0.2)
JavaFX 2.1.0 (Version: 2.1.0)
Learn2 Player (Uninstall Only)
LiveUpdate 1.90 (Symantec Corporation) (Version: 1.90.15.0)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MFC RunTime files (Version: 1.0.0)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Bootvis (Version: 1.3.37)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003 (Version: 11.0.5614.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
Password Safe
PerfectDisk Live (Version: 7.00.047)
PhotoFiltre
Qualxserve Service Agreement (Version: 1.00.0004)
QuickTime
RealOne Player
Screen Grab Pro
Setup (Version: 1.0.0)
Skype Toolbars (Version: 5.3.7280)
Skype™ 5.3 (Version: 5.3.120)
TempoPerfect
Uninstall AOL Emergency Connect Utility 1.0
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows XP (KB908531) (Version: 2)
Update for Windows XP (KB910437) (Version: 1)
Update for Windows XP (KB911280) (Version: 2)
Update for Windows XP (KB942840) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
USB Camera (Version: 1.00.0000)
Viewpoint Media Player
WebFldrs XP (Version: 9.50.6513)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB873333 (Version: 20050114.005213)
Windows XP Hotfix - KB873339 (Version: 20041117.092459)
Windows XP Hotfix - KB885250 (Version: 20050118.202711)
Windows XP Hotfix - KB885835 (Version: 20041027.181713)
Windows XP Hotfix - KB885836 (Version: 20041028.173203)
Windows XP Hotfix - KB888113 (Version: 20041116.131036)
Windows XP Hotfix - KB888302 (Version: 20041207.111426)
Windows XP Hotfix - KB890047 (Version: 20041221.124506)
Windows XP Hotfix - KB890175 (Version: 20041201.233338)
Windows XP Hotfix - KB890859 (Version: 1)
Windows XP Hotfix - KB891781 (Version: 20050110.165439)
ZipItFree 1.85 (Version: 1.85)

========================= Devices: ================================


**** End of log ****

TDSSKiller.exe Results:
17:58:37.0187 0904 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
17:58:37.0656 0904 ============================================================
17:58:37.0656 0904 Current date / time: 2012/05/15 17:58:37.0656
17:58:37.0656 0904 SystemInfo:
17:58:37.0656 0904
17:58:37.0656 0904 OS Version: 5.1.2600 ServicePack: 2.0
17:58:37.0656 0904 Product type: Workstation
17:58:37.0656 0904 ComputerName: DDPXBQ41
17:58:37.0656 0904 UserName: nanci bunten sieder
17:58:37.0656 0904 Windows directory: C:\WINDOWS
17:58:37.0656 0904 System windows directory: C:\WINDOWS
17:58:37.0656 0904 Processor architecture: Intel x86
17:58:37.0656 0904 Number of processors: 1
17:58:37.0656 0904 Page size: 0x1000
17:58:37.0656 0904 Boot type: Normal boot
17:58:37.0656 0904 ============================================================
17:58:41.0750 0904 Drive \Device\Harddisk0\DR0 - Size: 0x9502F9000 (37.25 Gb), SectorSize: 0x200, Cylinders: 0x12FF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:58:41.0750 0904 ============================================================
17:58:41.0750 0904 \Device\Harddisk0\DR0:
17:58:41.0750 0904 MBR partitions:
17:58:41.0750 0904 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xFB04, BlocksNum 0x4A6DA7A
17:58:41.0750 0904 ============================================================
17:58:41.0828 0904 C: <-> \Device\Harddisk0\DR0\Partition0
17:58:41.0828 0904 ============================================================
17:58:41.0828 0904 Initialize success
17:58:41.0828 0904 ============================================================
18:00:45.0765 3920 ============================================================
18:00:45.0765 3920 Scan started
18:00:45.0765 3920 Mode: Manual;
18:00:45.0765 3920 ============================================================
18:00:46.0484 3920 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
18:00:46.0500 3920 Aavmker4 - ok
18:00:46.0515 3920 Abiosdsk - ok
18:00:46.0593 3920 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
18:00:46.0593 3920 abp480n5 - ok
18:00:46.0734 3920 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:00:46.0796 3920 ACPI - ok
18:00:46.0843 3920 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
18:00:46.0859 3920 ACPIEC - ok
18:00:46.0906 3920 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
18:00:46.0953 3920 adpu160m - ok
18:00:47.0000 3920 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
18:00:47.0000 3920 aeaudio - ok
18:00:47.0109 3920 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
18:00:47.0156 3920 aec - ok
18:00:47.0218 3920 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
18:00:47.0265 3920 AFD - ok
18:00:47.0328 3920 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\System32\DRIVERS\agp440.sys
18:00:47.0343 3920 agp440 - ok
18:00:47.0375 3920 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
18:00:47.0390 3920 agpCPQ - ok
18:00:47.0421 3920 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
18:00:47.0421 3920 Aha154x - ok
18:00:47.0453 3920 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
18:00:47.0468 3920 aic78u2 - ok
18:00:47.0515 3920 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
18:00:47.0531 3920 aic78xx - ok
18:00:47.0593 3920 Alerter (c7ae0fd3867db0d42b03b73c18f3d671) C:\WINDOWS\system32\alrsvc.dll
18:00:47.0609 3920 Alerter - ok
18:00:47.0671 3920 ALG (f1958fbf86d5c004cf19a5951a9514b7) C:\WINDOWS\System32\alg.exe
18:00:47.0687 3920 ALG - ok
18:00:47.0703 3920 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
18:00:47.0703 3920 AliIde - ok
18:00:47.0750 3920 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\System32\DRIVERS\alim1541.sys
18:00:47.0765 3920 alim1541 - ok
18:00:47.0812 3920 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\System32\DRIVERS\amdagp.sys
18:00:47.0828 3920 amdagp - ok
18:00:47.0859 3920 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
18:00:47.0859 3920 amsint - ok
18:00:48.0078 3920 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
18:00:48.0093 3920 AOL ACS - ok
18:00:48.0109 3920 AppMgmt - ok
18:00:48.0171 3920 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
18:00:48.0187 3920 asc - ok
18:00:48.0203 3920 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
18:00:48.0218 3920 asc3350p - ok
18:00:48.0234 3920 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
18:00:48.0250 3920 asc3550 - ok
18:00:48.0375 3920 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:00:48.0406 3920 aspnet_state - ok
18:00:48.0468 3920 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
18:00:48.0484 3920 aswFsBlk - ok
18:00:48.0531 3920 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
18:00:48.0562 3920 aswMon2 - ok
18:00:48.0609 3920 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
18:00:48.0625 3920 aswRdr - ok
18:00:48.0859 3920 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
18:00:49.0078 3920 aswSnx - ok
18:00:49.0234 3920 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
18:00:49.0343 3920 aswSP - ok
18:00:49.0375 3920 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
18:00:49.0406 3920 aswTdi - ok
18:00:49.0468 3920 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:00:49.0484 3920 AsyncMac - ok
18:00:49.0546 3920 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:00:49.0562 3920 atapi - ok
18:00:49.0578 3920 Atdisk - ok
18:00:49.0859 3920 ati2mtag (8759322ffc1a50569c1e5528ee8026b7) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
18:00:50.0140 3920 ati2mtag - ok
18:00:50.0218 3920 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:00:50.0234 3920 Atmarpc - ok
18:00:50.0343 3920 AudioSrv (db66db626e4882ebef55f136f12c1829) C:\WINDOWS\System32\audiosrv.dll
18:00:50.0390 3920 AudioSrv - ok
18:00:50.0437 3920 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:00:50.0437 3920 audstub - ok
18:00:50.0578 3920 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:00:50.0593 3920 avast! Antivirus - ok
18:00:50.0687 3920 bcm4sbxp (068523d2cd260069b19ad68adea0d739) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
18:00:50.0703 3920 bcm4sbxp - ok
18:00:50.0781 3920 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:00:50.0781 3920 Beep - ok
18:00:50.0968 3920 BITS (2c69ec7e5a311334d10dd95f338fccea) C:\WINDOWS\system32\qmgr.dll
18:00:51.0093 3920 BITS - ok
18:00:51.0187 3920 Browser (e3cfccdda4edd1d0dc9168b2e18f27b8) C:\WINDOWS\System32\browser.dll
18:00:51.0203 3920 Browser - ok
18:00:51.0218 3920 bvrp_pci - ok
18:00:51.0484 3920 catchme - ok
18:00:51.0531 3920 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
18:00:51.0531 3920 cbidf - ok
18:00:51.0546 3920 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:00:51.0546 3920 cbidf2k - ok
18:00:51.0656 3920 CCALib8 (5753532c476b83119d85aa43b1b10ab3) C:\Program Files\Canon\CAL\CALMAIN.exe
18:00:51.0687 3920 CCALib8 - ok
18:00:51.0734 3920 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:00:51.0734 3920 CCDECODE - ok
18:00:51.0781 3920 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
18:00:51.0781 3920 cd20xrnt - ok
18:00:51.0812 3920 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:00:51.0828 3920 Cdaudio - ok
18:00:51.0875 3920 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
18:00:51.0890 3920 Cdfs - ok
18:00:51.0937 3920 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:00:51.0953 3920 Cdrom - ok
18:00:51.0953 3920 Changer - ok
18:00:52.0015 3920 CiSvc (3192bd04d032a9c4a85a3278c268a13a) C:\WINDOWS\system32\cisvc.exe
18:00:52.0015 3920 CiSvc - ok
18:00:52.0078 3920 ClipSrv (c8dec22c4137d7a90f8bdf41ca4b82ae) C:\WINDOWS\system32\clipsrv.exe
18:00:52.0093 3920 ClipSrv - ok
18:00:52.0265 3920 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:00:52.0328 3920 clr_optimization_v2.0.50727_32 - ok
18:00:52.0390 3920 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
18:00:52.0390 3920 CmdIde - ok
18:00:52.0406 3920 COMSysApp - ok
18:00:52.0437 3920 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
18:00:52.0453 3920 Cpqarray - ok
18:00:52.0546 3920 CryptSvc (10654f9ddcea9c46cfb77554231be73b) C:\WINDOWS\System32\cryptsvc.dll
18:00:52.0562 3920 CryptSvc - ok
18:00:52.0687 3920 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
18:00:52.0734 3920 dac2w2k - ok
18:00:52.0765 3920 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
18:00:52.0765 3920 dac960nt - ok
18:00:52.0984 3920 DcomLaunch (01095febf33beea00c2a0730b9b3ec28) C:\WINDOWS\system32\rpcss.dll
18:00:52.0984 3920 DcomLaunch - ok
18:00:53.0109 3920 Defrag32 (573ac4974e59a28ac5815bf56d59822c) C:\WINDOWS\system32\drivers\Defrag32.sys
18:00:53.0140 3920 Defrag32 - ok
18:00:53.0171 3920 Defrag32b (739fd63e6ac4f3940ada9b31b8b5de14) C:\WINDOWS\system32\drivers\Defrag32b.sys
18:00:53.0187 3920 Defrag32b - ok
18:00:53.0281 3920 Dhcp (ef545e1a4b043da4c84e230dd471c55f) C:\WINDOWS\System32\dhcpcsvc.dll
18:00:53.0281 3920 Dhcp - ok
18:00:53.0312 3920 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
18:00:53.0328 3920 Disk - ok
18:00:53.0343 3920 dmadmin - ok
18:00:53.0656 3920 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
18:00:53.0921 3920 dmboot - ok
18:00:54.0000 3920 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
18:00:54.0093 3920 dmio - ok
18:00:54.0125 3920 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:00:54.0140 3920 dmload - ok
18:00:54.0171 3920 dmserver (1639d9964c9e1b2ecca95c8217d3e70d) C:\WINDOWS\System32\dmserver.dll
18:00:54.0187 3920 dmserver - ok
18:00:54.0234 3920 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
18:00:54.0265 3920 DMusic - ok
18:00:54.0343 3920 Dnscache (aac8ffbfd61e784fa3bac851d4a0bd5f) C:\WINDOWS\System32\dnsrslvr.dll
18:00:54.0359 3920 Dnscache - ok
18:00:54.0375 3920 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
18:00:54.0390 3920 dpti2o - ok
18:00:54.0453 3920 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
18:00:54.0453 3920 drmkaud - ok
18:00:54.0625 3920 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
18:00:54.0656 3920 DSBrokerService - ok
18:00:54.0703 3920 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
18:00:54.0718 3920 DSproct - ok
18:00:54.0765 3920 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
18:00:54.0765 3920 dsunidrv - ok
18:00:54.0843 3920 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
18:00:54.0875 3920 EL90XBC - ok
18:00:54.0937 3920 ERSvc (67dff7bbbd0e80aab7b3cf061448db8a) C:\WINDOWS\System32\ersvc.dll
18:00:54.0937 3920 ERSvc - ok
18:00:55.0046 3920 Eventlog (37561f8d4160d62da86d24ae41fae8de) C:\WINDOWS\system32\services.exe
18:00:55.0109 3920 Eventlog - ok
18:00:55.0250 3920 EventSystem (60d1a6342238378bfb7545c81ee3606c) C:\WINDOWS\System32\es.dll
18:00:55.0343 3920 EventSystem - ok
18:00:55.0406 3920 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
18:00:55.0468 3920 Fastfat - ok
18:00:55.0578 3920 FastUserSwitchingCompatibility (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
18:00:55.0625 3920 FastUserSwitchingCompatibility - ok
18:00:55.0703 3920 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
18:00:55.0718 3920 Fdc - ok
18:00:55.0750 3920 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
18:00:55.0765 3920 Fips - ok
18:00:55.0796 3920 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:00:55.0796 3920 Flpydisk - ok
18:00:55.0859 3920 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\drivers\fltmgr.sys
18:00:55.0890 3920 FltMgr - ok
18:00:56.0062 3920 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:00:56.0078 3920 FontCache3.0.0.0 - ok
18:00:56.0140 3920 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:00:56.0140 3920 Fs_Rec - ok
18:00:56.0203 3920 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:00:56.0250 3920 Ftdisk - ok
18:00:56.0328 3920 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:00:56.0343 3920 Gpc - ok
18:00:56.0500 3920 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
18:00:56.0546 3920 gupdate - ok
18:00:56.0562 3920 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
18:00:56.0562 3920 gupdatem - ok
18:00:56.0687 3920 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:00:56.0734 3920 gusvc - ok
18:00:56.0859 3920 helpsvc (8827911a8c37e40c027cbfc88e69d967) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:00:56.0875 3920 helpsvc - ok
18:00:56.0890 3920 HidServ - ok
18:00:56.0968 3920 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:00:56.0968 3920 HidUsb - ok
18:00:57.0046 3920 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
18:00:57.0062 3920 hpn - ok
18:00:57.0218 3920 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
18:00:57.0312 3920 HTTP - ok
18:00:57.0359 3920 HTTPFilter (064d8581adf77c25133e7d751d917d83) C:\WINDOWS\System32\w3ssl.dll
18:00:57.0375 3920 HTTPFilter - ok
18:00:57.0437 3920 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
18:00:57.0437 3920 i2omgmt - ok
18:00:57.0484 3920 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\System32\DRIVERS\i2omp.sys
18:00:57.0484 3920 i2omp - ok
18:00:57.0546 3920 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:00:57.0562 3920 i8042prt - ok
18:00:57.0656 3920 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
18:00:57.0718 3920 i81x - ok
18:00:57.0765 3920 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
18:00:57.0781 3920 iAimFP0 - ok
18:00:57.0796 3920 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
18:00:57.0812 3920 iAimFP1 - ok
18:00:57.0843 3920 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
18:00:57.0843 3920 iAimFP2 - ok
18:00:57.0890 3920 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
18:00:57.0890 3920 iAimFP3 - ok
18:00:57.0937 3920 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
18:00:57.0937 3920 iAimFP4 - ok
18:00:58.0015 3920 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
18:00:58.0031 3920 iAimTV0 - ok
18:00:58.0078 3920 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
18:00:58.0078 3920 iAimTV1 - ok
18:00:58.0093 3920 iAimTV2 - ok
18:00:58.0140 3920 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
18:00:58.0140 3920 iAimTV3 - ok
18:00:58.0171 3920 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
18:00:58.0187 3920 iAimTV4 - ok
18:00:58.0250 3920 ialm (1406d6ef4436aee970efe13193123965) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
18:00:58.0296 3920 ialm - ok
18:00:58.0750 3920 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:00:59.0078 3920 idsvc - ok
18:00:59.0140 3920 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:00:59.0156 3920 Imapi - ok
18:00:59.0234 3920 ImapiService (fa788520bcac0f5d9d5cde5615c0d931) C:\WINDOWS\system32\imapi.exe
18:00:59.0281 3920 ImapiService - ok
18:00:59.0328 3920 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
18:00:59.0343 3920 ini910u - ok
18:00:59.0890 3920 IntelC51 (fcab28ffd3a8964581e16455efaf81c8) C:\WINDOWS\system32\DRIVERS\IntelC51.sys
18:01:00.0437 3920 IntelC51 - ok
18:01:01.0187 3920 IntelC52 (a288e7e3a6255255b9066686d860fbc5) C:\WINDOWS\system32\DRIVERS\IntelC52.sys
18:01:01.0468 3920 IntelC52 - ok
18:01:01.0500 3920 IntelC53 (d5e5a1abf6bdba7ca49941a044f04598) C:\WINDOWS\system32\DRIVERS\IntelC53.sys
18:01:01.0546 3920 IntelC53 - ok
18:01:01.0593 3920 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\System32\DRIVERS\intelide.sys
18:01:01.0609 3920 IntelIde - ok
18:01:01.0671 3920 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:01:01.0687 3920 intelppm - ok
18:01:01.0734 3920 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
18:01:01.0750 3920 ip6fw - ok
18:01:01.0812 3920 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:01:01.0890 3920 IpFilterDriver - ok
18:01:01.0921 3920 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:01:01.0921 3920 IpInIp - ok
18:01:02.0093 3920 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:01:02.0156 3920 IpNat - ok
18:01:02.0234 3920 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:01:02.0265 3920 IPSec - ok
18:01:02.0312 3920 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:01:02.0375 3920 IRENUM - ok
18:01:02.0453 3920 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:01:02.0468 3920 isapnp - ok
18:01:02.0765 3920 JavaQuickStarterService (5472d771c0197355c1d347f20392b982) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
18:01:02.0765 3920 JavaQuickStarterService - ok
18:01:02.0828 3920 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:01:02.0890 3920 Kbdclass - ok
18:01:02.0984 3920 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
18:01:02.0984 3920 kmixer - ok
18:01:03.0140 3920 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
18:01:03.0171 3920 KSecDD - ok
18:01:03.0312 3920 lanmanserver (0cb3af149a0bac0836022ca307c7a0f8) C:\WINDOWS\System32\srvsvc.dll
18:01:03.0375 3920 lanmanserver - ok
18:01:03.0468 3920 lanmanworkstation (e1f27cfcd114ec9f1e1f44674b2ff9f0) C:\WINDOWS\System32\wkssvc.dll
18:01:03.0640 3920 lanmanworkstation - ok
18:01:03.0718 3920 lbrtfdc - ok
18:01:03.0890 3920 LexBceS (6c2a98bdddbfa29430dd927cf17c0680) C:\WINDOWS\system32\LEXBCES.EXE
18:01:04.0109 3920 LexBceS - ok
18:01:04.0140 3920 LmHosts (b3eff6d938c572e90a07b3d87a3c7657) C:\WINDOWS\System32\lmhsvc.dll
18:01:04.0156 3920 LmHosts - ok
18:01:04.0218 3920 Messenger (95fd808e4ac22aba025a7b3eac0375d2) C:\WINDOWS\System32\msgsvc.dll
18:01:04.0234 3920 Messenger - ok
18:01:04.0296 3920 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:01:04.0296 3920 mnmdd - ok
18:01:04.0359 3920 mnmsrvc (f6415361201915b9fe3896b0e4e724ff) C:\WINDOWS\System32\mnmsrvc.exe
18:01:04.0375 3920 mnmsrvc - ok
18:01:04.0437 3920 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
18:01:04.0453 3920 Modem - ok
18:01:04.0484 3920 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
18:01:04.0515 3920 MODEMCSA - ok
18:01:04.0718 3920 mohfilt (c6a08c4f34b3048a73bbb2951150f98d) C:\WINDOWS\system32\DRIVERS\mohfilt.sys
18:01:04.0781 3920 mohfilt - ok
18:01:04.0812 3920 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:01:04.0828 3920 Mouclass - ok
18:01:04.0859 3920 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
18:01:04.0890 3920 MountMgr - ok
18:01:05.0187 3920 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:01:05.0234 3920 MozillaMaintenance - ok
18:01:05.0281 3920 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
18:01:05.0296 3920 mraid35x - ok
18:01:05.0437 3920 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:01:05.0515 3920 MRxDAV - ok
18:01:05.0781 3920 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:01:05.0953 3920 MRxSmb - ok
18:01:06.0109 3920 MSDTC (c7c3d89eb0a6f3dba622ea737fa335b1) C:\WINDOWS\System32\msdtc.exe
18:01:06.0546 3920 MSDTC - ok
18:01:06.0609 3920 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
18:01:06.0921 3920 Msfs - ok
18:01:06.0937 3920 MSIServer - ok
18:01:06.0953 3920 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:01:07.0156 3920 MSKSSRV - ok
18:01:07.0171 3920 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:01:07.0390 3920 MSPCLOCK - ok
18:01:07.0406 3920 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
18:01:07.0625 3920 MSPQM - ok
18:01:07.0703 3920 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:01:07.0859 3920 mssmbios - ok
18:01:07.0906 3920 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
18:01:08.0234 3920 MSTEE - ok
18:01:08.0296 3920 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
18:01:08.0390 3920 Mup - ok
18:01:08.0453 3920 MxlW2k (e91fc8b52d21e38317dc61a3c7ccfa4b) C:\WINDOWS\system32\drivers\MxlW2k.sys
18:01:08.0843 3920 MxlW2k - ok
18:01:08.0953 3920 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:01:09.0328 3920 NABTSFEC - ok
18:01:09.0468 3920 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
18:01:09.0828 3920 NDIS - ok
18:01:09.0843 3920 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:01:10.0171 3920 NdisIP - ok
18:01:10.0234 3920 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:01:10.0453 3920 NdisTapi - ok
18:01:10.0515 3920 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:01:10.0578 3920 Ndisuio - ok
18:01:10.0781 3920 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:01:10.0937 3920 NdisWan - ok
18:01:11.0156 3920 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
18:01:11.0312 3920 NDProxy - ok
18:01:11.0343 3920 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:01:11.0359 3920 NetBIOS - ok
18:01:11.0437 3920 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:01:11.0500 3920 NetBT - ok
18:01:11.0593 3920 NetDDE (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
18:01:11.0625 3920 NetDDE - ok
18:01:11.0640 3920 NetDDEdsdm (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
18:01:11.0656 3920 NetDDEdsdm - ok
18:01:11.0828 3920 Netlogon (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
18:01:11.0843 3920 Netlogon - ok
18:01:11.0953 3920 Netman (36739b39267914ba69ad0610a0299732) C:\WINDOWS\System32\netman.dll
18:01:11.0968 3920 Netman - ok
18:01:12.0375 3920 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:01:12.0437 3920 NetTcpPortSharing - ok
18:01:12.0578 3920 Nla (097722f235a1fb698bf9234e01b52637) C:\WINDOWS\System32\mswsock.dll
18:01:12.0656 3920 Nla - ok
18:01:12.0734 3920 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
18:01:12.0734 3920 Npfs - ok
18:01:12.0953 3920 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
18:01:13.0359 3920 Ntfs - ok
18:01:13.0375 3920 NtLmSsp (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\System32\lsass.exe
18:01:13.0375 3920 NtLmSsp - ok
18:01:13.0593 3920 NtmsSvc (b62f29c00ac55a761b2e45877d85ea0f) C:\WINDOWS\system32\ntmssvc.dll
18:01:13.0765 3920 NtmsSvc - ok
18:01:13.0812 3920 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:01:13.0812 3920 Null - ok
18:01:14.0640 3920 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:01:15.0312 3920 nv - ok
18:01:15.0656 3920 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:01:15.0671 3920 NwlnkFlt - ok
18:01:15.0703 3920 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:01:15.0718 3920 NwlnkFwd - ok
18:01:15.0765 3920 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
18:01:15.0781 3920 omci - ok
18:01:15.0937 3920 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:01:15.0968 3920 ose - ok
18:01:16.0125 3920 P3 (3e16eff2a6fed2d8d7f5a66dfe65d183) C:\WINDOWS\system32\DRIVERS\p3.sys
18:01:16.0140 3920 P3 - ok
18:01:16.0187 3920 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
18:01:16.0218 3920 Parport - ok
18:01:16.0234 3920 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
18:01:16.0250 3920 PartMgr - ok
18:01:16.0312 3920 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
18:01:16.0328 3920 ParVdm - ok
18:01:16.0359 3920 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
18:01:16.0390 3920 PCI - ok
18:01:16.0406 3920 PCIDump - ok
18:01:16.0437 3920 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:01:16.0453 3920 PCIIde - ok
18:01:16.0515 3920 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:01:16.0546 3920 Pcmcia - ok
18:01:16.0578 3920 PDCOMP - ok
18:01:16.0593 3920 PDFRAME - ok
18:01:16.0609 3920 PDRELI - ok
18:01:16.0625 3920 PDRFRAME - ok
18:01:16.0765 3920 PDWebWmi (683beced197df6f46c9a377dbba3d4a1) C:\Program Files\Raxco\PerfectDisk Live\PDWebWmi.exe
18:01:16.0843 3920 PDWebWmi - ok
18:01:17.0234 3920 PDWEngine (01a468abf4ea9e3df2b1d299ff95ff8b) C:\Program Files\Raxco\PerfectDisk Live\PDWEngine.exe
18:01:17.0453 3920 PDWEngine - ok
18:01:17.0515 3920 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
18:01:17.0531 3920 perc2 - ok
18:01:17.0546 3920 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
18:01:17.0562 3920 perc2hib - ok
18:01:17.0671 3920 PlugPlay (37561f8d4160d62da86d24ae41fae8de) C:\WINDOWS\system32\services.exe
18:01:17.0671 3920 PlugPlay - ok
18:01:17.0718 3920 PolicyAgent (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
18:01:17.0718 3920 PolicyAgent - ok
18:01:17.0781 3920 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:01:17.0812 3920 PptpMiniport - ok
18:01:17.0843 3920 Processor (0d97d88720a4087ec93af7dbb303b30a) C:\WINDOWS\system32\DRIVERS\processr.sys
18:01:17.0859 3920 Processor - ok
18:01:17.0875 3920 ProtectedStorage (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
18:01:17.0875 3920 ProtectedStorage - ok
18:01:17.0906 3920 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
18:01:17.0937 3920 PSched - ok
18:01:17.0984 3920 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:01:18.0000 3920 Ptilink - ok
18:01:18.0156 3920 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
18:01:18.0171 3920 ql1080 - ok
18:01:18.0218 3920 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
18:01:18.0234 3920 Ql10wnt - ok
18:01:18.0281 3920 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
18:01:18.0296 3920 ql12160 - ok
18:01:18.0343 3920 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
18:01:18.0359 3920 ql1240 - ok
18:01:18.0421 3920 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
18:01:18.0437 3920 ql1280 - ok
18:01:18.0468 3920 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:01:18.0468 3920 RasAcd - ok
18:01:18.0562 3920 RasAuto (44db7a9bdd2fb58747d123fbf1d35adb) C:\WINDOWS\System32\rasauto.dll
18:01:18.0593 3920 RasAuto - ok
18:01:18.0671 3920 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:01:18.0687 3920 Rasl2tp - ok
18:01:18.0812 3920 RasMan (49b5eed5fb89d39456a2f616ccd8ba5d) C:\WINDOWS\System32\rasmans.dll
18:01:18.0875 3920 RasMan - ok
18:01:18.0921 3920 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:01:18.0953 3920 RasPppoe - ok
18:01:19.0000 3920 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:01:19.0015 3920 Raspti - ok
18:01:19.0156 3920 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:01:19.0203 3920 Rdbss - ok
18:01:19.0234 3920 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:01:19.0234 3920 RDPCDD - ok
18:01:19.0359 3920 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:01:19.0421 3920 rdpdr - ok
18:01:19.0500 3920 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
18:01:19.0546 3920 RDPWD - ok
18:01:19.0625 3920 RDSessMgr (729798e0933076b8fcfcd9934698f164) C:\WINDOWS\system32\sessmgr.exe
18:01:19.0687 3920 RDSessMgr - ok
18:01:19.0750 3920 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:01:19.0765 3920 redbook - ok
18:01:19.0828 3920 RemoteAccess (3046db917e3cfa040632799dd9b14865) C:\WINDOWS\System32\mprdim.dll
18:01:19.0859 3920 RemoteAccess - ok
18:01:19.0921 3920 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
18:01:19.0921 3920 ROOTMODEM - ok
18:01:20.0000 3920 RpcLocator (793f04a09b15e7c6c11dbdffaf06c0ab) C:\WINDOWS\System32\locator.exe
18:01:20.0156 3920 RpcLocator - ok
18:01:20.0390 3920 RpcSs (01095febf33beea00c2a0730b9b3ec28) C:\WINDOWS\System32\rpcss.dll
18:01:20.0406 3920 RpcSs - ok
18:01:20.0484 3920 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
18:01:20.0546 3920 RSVP - ok
18:01:20.0593 3920 SamSs (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
18:01:20.0593 3920 SamSs - ok
18:01:20.0671 3920 SCardSvr (25d8de134df108e3dbc8d7d23b1aa58e) C:\WINDOWS\System32\SCardSvr.exe
18:01:20.0703 3920 SCardSvr - ok
18:01:20.0812 3920 Schedule (92360854316611f6cc471612213c3d92) C:\WINDOWS\system32\schedsvc.dll
18:01:20.0875 3920 Schedule - ok
18:01:20.0953 3920 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:01:20.0953 3920 Secdrv - ok
18:01:21.0000 3920 seclogon (b1e0ce09895376871746f36dc5773b4f) C:\WINDOWS\System32\seclogon.dll
18:01:21.0015 3920 seclogon - ok
18:01:21.0125 3920 SENS (dfd9870cf39c791d86c4c209da9fa919) C:\WINDOWS\system32\sens.dll
18:01:21.0140 3920 SENS - ok
18:01:21.0203 3920 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
18:01:21.0218 3920 serenum - ok
18:01:21.0250 3920 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
18:01:21.0281 3920 Serial - ok
18:01:21.0328 3920 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:01:21.0328 3920 Sfloppy - ok
18:01:21.0515 3920 SharedAccess (36cc8c01b5e50163037bef56cb96deff) C:\WINDOWS\System32\ipnathlp.dll
18:01:21.0609 3920 SharedAccess - ok
18:01:21.0718 3920 ShellHWDetection (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
18:01:21.0734 3920 ShellHWDetection - ok
18:01:21.0750 3920 Simbad - ok
18:01:21.0796 3920 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\System32\DRIVERS\sisagp.sys
18:01:21.0812 3920 sisagp - ok
18:01:21.0843 3920 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:01:21.0859 3920 SLIP - ok
18:01:21.0890 3920 smbusp (64dce11279fde28f0abf6f04aa6a073a) C:\WINDOWS\system32\DRIVERS\intelsmb.sys
18:01:21.0906 3920 smbusp - ok
18:01:22.0250 3920 smwdm (99a9e1ef62f955c82a5001ac94b4b77b) C:\WINDOWS\system32\drivers\smwdm.sys
18:01:22.0453 3920 smwdm - ok
18:01:22.0500 3920 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
18:01:22.0515 3920 Sparrow - ok
18:01:22.0578 3920 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
18:01:22.0593 3920 splitter - ok
18:01:22.0671 3920 Spooler (da81ec57acd4cdc3d4c51cf3d409af9f) C:\WINDOWS\system32\spoolsv.exe
18:01:22.0703 3920 Spooler - ok
18:01:22.0750 3920 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
18:01:22.0765 3920 sr - ok
18:01:22.0906 3920 srservice (92bdf74f12d6cbec43c94d4b7f804838) C:\WINDOWS\system32\srsvc.dll
18:01:22.0968 3920 srservice - ok
18:01:23.0187 3920 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
18:01:23.0343 3920 Srv - ok
18:01:23.0421 3920 SSDPSRV (4b8d61792f7175bed48859cc18ce4e38) C:\WINDOWS\System32\ssdpsrv.dll
18:01:23.0453 3920 SSDPSRV - ok
18:01:23.0640 3920 stisvc (b6763f8534ac547cf1af98afdff2edc8) C:\WINDOWS\system32\wiaservc.dll
18:01:23.0750 3920 stisvc - ok
18:01:23.0812 3920 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:01:23.0812 3920 streamip - ok
18:01:23.0859 3920 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:01:23.0859 3920 swenum - ok
18:01:23.0906 3920 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
18:01:23.0921 3920 swmidi - ok
18:01:23.0937 3920 SwPrv - ok
18:01:24.0015 3920 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
18:01:24.0015 3920 symc810 - ok
18:01:24.0109 3920 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
18:01:24.0125 3920 symc8xx - ok
18:01:24.0156 3920 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
18:01:24.0171 3920 sym_hi - ok
18:01:24.0203 3920 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
18:01:24.0218 3920 sym_u3 - ok
18:01:24.0281 3920 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
18:01:24.0312 3920 sysaudio - ok
18:01:24.0390 3920 SysmonLog (8b54aa346d1b1b113ffaa75501b8b1b2) C:\WINDOWS\system32\smlogsvc.exe
18:01:24.0437 3920 SysmonLog - ok
18:01:24.0578 3920 TapiSrv (fb78839b36025aa286a51289ed28b73e) C:\WINDOWS\System32\tapisrv.dll
18:01:24.0671 3920 TapiSrv - ok
18:01:24.0828 3920 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:01:24.0937 3920 Tcpip - ok
18:01:25.0000 3920 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:01:25.0000 3920 TDPIPE - ok
18:01:25.0125 3920 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
18:01:25.0140 3920 TDTCP - ok
18:01:25.0203 3920 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:01:25.0218 3920 TermDD - ok
18:01:25.0421 3920 TermService (b60c877d16d9c880b952fda04adf16e6) C:\WINDOWS\System32\termsrv.dll
18:01:25.0531 3920 TermService - ok
18:01:25.0609 3920 Themes (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
18:01:25.0625 3920 Themes - ok
18:01:25.0687 3920 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
18:01:25.0687 3920 TosIde - ok
18:01:25.0765 3920 TrkWks (6d9ac544b30f96c57f8206566c1fb6a1) C:\WINDOWS\system32\trkwks.dll
18:01:25.0796 3920 TrkWks - ok
18:01:25.0875 3920 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
18:01:25.0875 3920 TVICHW32 - ok
18:01:25.0890 3920 ubxmytnj - ok
18:01:25.0953 3920 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
18:01:25.0984 3920 Udfs - ok
18:01:26.0046 3920 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
18:01:26.0062 3920 ultra - ok
18:01:26.0250 3920 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
18:01:26.0375 3920 Update - ok
18:01:26.0515 3920 uploadmgr (8827911a8c37e40c027cbfc88e69d967) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:01:26.0515 3920 uploadmgr - ok
18:01:26.0640 3920 upnphost (aca5d98663d879c6baafcea7e2f1b710) C:\WINDOWS\System32\upnphost.dll
18:01:26.0703 3920 upnphost - ok
18:01:26.0765 3920 UPS (3f5df65b0758675f95a2d43918a740a3) C:\WINDOWS\System32\ups.exe
18:01:26.0781 3920 UPS - ok
18:01:26.0828 3920 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
18:01:26.0843 3920 usbaudio - ok
18:01:26.0890 3920 usbcamcl (9af10ed514126bff476458ab9b8b4c91) C:\WINDOWS\system32\DRIVERS\usbcamcl.sys
18:01:26.0906 3920 usbcamcl - ok
18:01:26.0968 3920 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:01:26.0984 3920 usbccgp - ok
18:01:27.0062 3920 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:01:27.0062 3920 usbehci - ok
18:01:27.0140 3920 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:01:27.0171 3920 usbhub - ok
18:01:27.0218 3920 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:01:27.0234 3920 usbprint - ok
18:01:27.0250 3920 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:01:27.0265 3920 usbscan - ok
18:01:27.0296 3920 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:01:27.0312 3920 USBSTOR - ok
18:01:27.0359 3920 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:01:27.0375 3920 usbuhci - ok
18:01:27.0437 3920 usbvideo (8968ff3973a883c49e8b564200f565b9) C:\WINDOWS\system32\Drivers\usbvideo.sys
18:01:27.0468 3920 usbvideo - ok
18:01:27.0500 3920 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
18:01:27.0515 3920 VgaSave - ok
18:01:27.0562 3920 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\System32\DRIVERS\viaagp.sys
18:01:27.0578 3920 viaagp - ok
18:01:27.0609 3920 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\System32\DRIVERS\viaide.sys
18:01:27.0609 3920 ViaIde - ok
18:01:27.0671 3920 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
18:01:27.0687 3920 VolSnap - ok
18:01:27.0828 3920 VSS (3ee00364ae0fd8d604f46cbaf512838a) C:\WINDOWS\System32\vssvc.exe
18:01:27.0937 3920 VSS - ok
18:01:28.0062 3920 w32time (2b281958f5d0cf99ed626e3ef39d5c8d) C:\WINDOWS\system32\w32time.dll
18:01:28.0125 3920 w32time - ok
18:01:28.0187 3920 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:01:28.0203 3920 Wanarp - ok
18:01:28.0281 3920 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
18:01:28.0296 3920 wanatw - ok
18:01:28.0390 3920 WANMiniportService (909f2dc0da7f57d229a05ee90647b2c3) C:\WINDOWS\wanmpsvc.exe
18:01:28.0406 3920 WANMiniportService - ok
18:01:28.0421 3920 WDICA - ok
18:01:28.0484 3920 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
18:01:28.0515 3920 wdmaud - ok
18:01:28.0609 3920 WebClient (265f534ef76832435afbf771ec97176d) C:\WINDOWS\System32\webclnt.dll
18:01:28.0640 3920 WebClient - ok
18:01:28.0812 3920 winmgmt (f399242a80c4066fd155efa4cf96658e) C:\WINDOWS\system32\wbem\WMIsvc.dll
18:01:28.0843 3920 winmgmt - ok
18:01:28.0906 3920 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
18:01:28.0921 3920 WmdmPmSN - ok
18:01:29.0046 3920 WmiApSrv (ba8cecc3e813e1f7c441b20393d4f86c) C:\WINDOWS\System32\wbem\wmiapsrv.exe
18:01:29.0093 3920 WmiApSrv - ok
18:01:29.0546 3920 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
18:01:29.0843 3920 WMPNetworkSvc - ok
18:01:29.0968 3920 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:01:29.0984 3920 WS2IFSL - ok
18:01:30.0093 3920 wscsvc (4d59daa66c60858cdf4f67a900f42d4a) C:\WINDOWS\system32\wscsvc.dll
18:01:30.0125 3920 wscsvc - ok
18:01:30.0171 3920 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:01:30.0187 3920 WSTCODEC - ok
18:01:30.0250 3920 wuauserv (13d72740963cba12d9ff76a7f218bcd8) C:\WINDOWS\system32\wuauserv.dll
18:01:30.0296 3920 wuauserv - ok
18:01:30.0359 3920 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:01:30.0390 3920 WudfPf - ok
18:01:30.0453 3920 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:01:30.0468 3920 WudfRd - ok
18:01:30.0515 3920 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
18:01:30.0546 3920 WudfSvc - ok
18:01:30.0718 3920 WZCSVC (5a91e6feab9f901302fa7ff768c0120f) C:\WINDOWS\System32\wzcsvc.dll
18:01:30.0843 3920 WZCSVC - ok
18:01:30.0921 3920 xmlprov (eef46dab68229a14da3d8e73c99e2959) C:\WINDOWS\System32\xmlprov.dll
18:01:30.0968 3920 xmlprov - ok
18:01:31.0078 3920 {6080A529-897E-4629-A488-ABA0C29B635E} (fd1f4e9cf06c71c8d73a24acf18d8296) C:\WINDOWS\system32\drivers\ialmsbw.sys
18:01:31.0125 3920 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
18:01:31.0203 3920 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (d4d7331d33d1fa73e588e5ce0d90a4c1) C:\WINDOWS\system32\drivers\ialmkchw.sys
18:01:31.0234 3920 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
18:01:31.0281 3920 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
18:01:31.0312 3920 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
18:01:31.0312 3920 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
18:01:31.0359 3920 Boot (0x1200) (1ec645e0679fc915bb8ecaa103e995f7) \Device\Harddisk0\DR0\Partition0
18:01:31.0359 3920 \Device\Harddisk0\DR0\Partition0 - ok
18:01:31.0359 3920 ============================================================
18:01:31.0359 3920 Scan finished
18:01:31.0359 3920 ============================================================
18:01:31.0375 3100 Detected object count: 1
18:01:31.0375 3100 Actual detected object count: 1
18:03:23.0562 3100 \Device\Harddisk0\DR0\# - copied to quarantine
18:03:23.0562 3100 \Device\Harddisk0\DR0 - copied to quarantine
18:03:23.0609 3100 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
18:03:23.0640 3100 \Device\Harddisk0\DR0 - ok
18:03:23.0640 3100 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure
18:03:30.0765 2424 Deinitialize success

aswMBR Results
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-15 18:17:54
-----------------------------
18:17:54.562 OS Version: Windows 5.1.2600 Service Pack 2
18:17:54.562 Number of processors: 1 586 0x209
18:17:54.562 ComputerName: DDPXBQ41 UserName:
18:17:56.531 Initialize success
18:17:57.546 AVAST engine defs: 12051401
18:18:12.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
18:18:12.125 Disk 0 Vendor: WDC_WD400BB-75DEA0 05.03E05 Size: 38146MB BusType: 3
18:18:12.156 Disk 0 MBR read successfully
18:18:12.156 Disk 0 MBR scan
18:18:12.156 Disk 0 Windows XP default MBR code
18:18:12.156 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 31 MB offset 63
18:18:12.171 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 38107 MB offset 64260
18:18:12.187 Disk 0 scanning sectors +78108030
18:18:12.250 Disk 0 malicious Win32:MBRoot code @ sector 78108033 !
18:18:12.328 Disk 0 scanning C:\WINDOWS\system32\drivers
18:18:39.406 Service scanning
18:19:14.125 Modules scanning
18:19:26.531 Disk 0 trace - called modules:
18:19:27.046 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys
18:19:27.046 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a782ab8]
18:19:27.062 3 CLASSPNP.SYS[f763805b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a75fd98]
18:19:27.984 AVAST engine scan C:\WINDOWS
18:19:36.593 AVAST engine scan C:\WINDOWS\system32
18:25:13.968 AVAST engine scan C:\WINDOWS\system32\drivers
18:25:45.500 AVAST engine scan C:\Documents and Settings\nanci bunten sieder
18:33:39.546 AVAST engine scan C:\Documents and Settings\All Users
18:35:48.890 Scan finished successfully

Edited by Silverbak, 15 May 2012 - 09:11 PM.


#4 Silverbak

Silverbak
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:13 AM

Posted 17 May 2012 - 03:20 PM

Hello boopme,

I just realized that I did follow your instructions in my 5/15 reply regarding TDSkiller. I did not check the box requested, and I did not tell you that a reboot was, indeed, required.

Regarding the Report I ran today (listed below), I did check the box requested, and a reboot was not required (even though one suspicious file was detected. I believe it was quarantined)


12:45:18.0109 1024 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
12:45:18.0515 1024 ============================================================
12:45:18.0515 1024 Current date / time: 2012/05/17 12:45:18.0515
12:45:18.0515 1024 SystemInfo:
12:45:18.0515 1024
12:45:18.0515 1024 OS Version: 5.1.2600 ServicePack: 2.0
12:45:18.0515 1024 Product type: Workstation
12:45:18.0515 1024 ComputerName: DDPXBQ41
12:45:18.0515 1024 UserName: nanci bunten sieder
12:45:18.0515 1024 Windows directory: C:\WINDOWS
12:45:18.0515 1024 System windows directory: C:\WINDOWS
12:45:18.0515 1024 Processor architecture: Intel x86
12:45:18.0515 1024 Number of processors: 1
12:45:18.0515 1024 Page size: 0x1000
12:45:18.0515 1024 Boot type: Normal boot
12:45:18.0515 1024 ============================================================
12:45:21.0203 1024 Drive \Device\Harddisk0\DR0 - Size: 0x9502F9000 (37.25 Gb), SectorSize: 0x200, Cylinders: 0x12FF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:45:21.0203 1024 ============================================================
12:45:21.0203 1024 \Device\Harddisk0\DR0:
12:45:21.0203 1024 MBR partitions:
12:45:21.0203 1024 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xFB04, BlocksNum 0x4A6DA7A
12:45:21.0203 1024 ============================================================
12:45:21.0265 1024 C: <-> \Device\Harddisk0\DR0\Partition0
12:45:21.0265 1024 ============================================================
12:45:21.0265 1024 Initialize success
12:45:21.0265 1024 ============================================================
12:45:32.0531 3940 ============================================================
12:45:32.0531 3940 Scan started
12:45:32.0531 3940 Mode: Manual; TDLFS;
12:45:32.0531 3940 ============================================================
12:45:33.0171 3940 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
12:45:33.0171 3940 Aavmker4 - ok
12:45:33.0187 3940 Abiosdsk - ok
12:45:33.0250 3940 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
12:45:33.0265 3940 abp480n5 - ok
12:45:33.0406 3940 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:45:33.0453 3940 ACPI - ok
12:45:33.0484 3940 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:45:33.0484 3940 ACPIEC - ok
12:45:33.0531 3940 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
12:45:33.0562 3940 adpu160m - ok
12:45:33.0609 3940 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
12:45:33.0609 3940 aeaudio - ok
12:45:33.0671 3940 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
12:45:33.0703 3940 aec - ok
12:45:33.0765 3940 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
12:45:33.0796 3940 AFD - ok
12:45:33.0828 3940 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\System32\DRIVERS\agp440.sys
12:45:33.0843 3940 agp440 - ok
12:45:33.0875 3940 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
12:45:33.0890 3940 agpCPQ - ok
12:45:33.0906 3940 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
12:45:33.0906 3940 Aha154x - ok
12:45:33.0937 3940 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
12:45:33.0968 3940 aic78u2 - ok
12:45:34.0000 3940 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
12:45:34.0015 3940 aic78xx - ok
12:45:34.0062 3940 Alerter (c7ae0fd3867db0d42b03b73c18f3d671) C:\WINDOWS\system32\alrsvc.dll
12:45:34.0078 3940 Alerter - ok
12:45:34.0140 3940 ALG (f1958fbf86d5c004cf19a5951a9514b7) C:\WINDOWS\System32\alg.exe
12:45:34.0140 3940 ALG - ok
12:45:34.0156 3940 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
12:45:34.0156 3940 AliIde - ok
12:45:34.0187 3940 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\System32\DRIVERS\alim1541.sys
12:45:34.0203 3940 alim1541 - ok
12:45:34.0265 3940 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\System32\DRIVERS\amdagp.sys
12:45:34.0281 3940 amdagp - ok
12:45:34.0296 3940 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
12:45:34.0296 3940 amsint - ok
12:45:34.0484 3940 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
12:45:34.0500 3940 AOL ACS - ok
12:45:34.0515 3940 AppMgmt - ok
12:45:34.0578 3940 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
12:45:34.0593 3940 asc - ok
12:45:34.0609 3940 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
12:45:34.0625 3940 asc3350p - ok
12:45:34.0656 3940 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
12:45:34.0656 3940 asc3550 - ok
12:45:34.0812 3940 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:45:34.0812 3940 aspnet_state - ok
12:45:34.0875 3940 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
12:45:34.0875 3940 aswFsBlk - ok
12:45:34.0937 3940 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
12:45:34.0937 3940 aswMon2 - ok
12:45:34.0984 3940 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
12:45:34.0984 3940 aswRdr - ok
12:45:35.0250 3940 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
12:45:35.0250 3940 aswSnx - ok
12:45:35.0406 3940 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
12:45:35.0421 3940 aswSP - ok
12:45:35.0468 3940 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
12:45:35.0468 3940 aswTdi - ok
12:45:35.0531 3940 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:45:35.0531 3940 AsyncMac - ok
12:45:35.0593 3940 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:45:35.0609 3940 atapi - ok
12:45:35.0625 3940 Atdisk - ok
12:45:35.0906 3940 ati2mtag (8759322ffc1a50569c1e5528ee8026b7) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:45:36.0140 3940 ati2mtag - ok
12:45:36.0171 3940 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:45:36.0187 3940 Atmarpc - ok
12:45:36.0265 3940 AudioSrv (db66db626e4882ebef55f136f12c1829) C:\WINDOWS\System32\audiosrv.dll
12:45:36.0265 3940 AudioSrv - ok
12:45:36.0312 3940 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:45:36.0328 3940 audstub - ok
12:45:36.0453 3940 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:45:36.0453 3940 avast! Antivirus - ok
12:45:36.0546 3940 bcm4sbxp (068523d2cd260069b19ad68adea0d739) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
12:45:36.0546 3940 bcm4sbxp - ok
12:45:36.0593 3940 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:45:36.0593 3940 Beep - ok
12:45:36.0796 3940 BITS (2c69ec7e5a311334d10dd95f338fccea) C:\WINDOWS\system32\qmgr.dll
12:45:36.0937 3940 BITS - ok
12:45:37.0015 3940 Browser (e3cfccdda4edd1d0dc9168b2e18f27b8) C:\WINDOWS\System32\browser.dll
12:45:37.0015 3940 Browser - ok
12:45:37.0031 3940 bvrp_pci - ok
12:45:37.0265 3940 catchme - ok
12:45:37.0312 3940 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
12:45:37.0312 3940 cbidf - ok
12:45:37.0328 3940 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:45:37.0328 3940 cbidf2k - ok
12:45:37.0421 3940 CCALib8 (5753532c476b83119d85aa43b1b10ab3) C:\Program Files\Canon\CAL\CALMAIN.exe
12:45:37.0421 3940 CCALib8 - ok
12:45:37.0453 3940 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:45:37.0468 3940 CCDECODE - ok
12:45:37.0484 3940 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
12:45:37.0484 3940 cd20xrnt - ok
12:45:37.0531 3940 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:45:37.0531 3940 Cdaudio - ok
12:45:37.0593 3940 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
12:45:37.0593 3940 Cdfs - ok
12:45:37.0625 3940 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:45:37.0625 3940 Cdrom - ok
12:45:37.0640 3940 Changer - ok
12:45:37.0703 3940 CiSvc (3192bd04d032a9c4a85a3278c268a13a) C:\WINDOWS\system32\cisvc.exe
12:45:37.0703 3940 CiSvc - ok
12:45:37.0750 3940 ClipSrv (c8dec22c4137d7a90f8bdf41ca4b82ae) C:\WINDOWS\system32\clipsrv.exe
12:45:37.0765 3940 ClipSrv - ok
12:45:37.0921 3940 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:45:37.0921 3940 clr_optimization_v2.0.50727_32 - ok
12:45:37.0968 3940 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
12:45:37.0984 3940 CmdIde - ok
12:45:38.0000 3940 COMSysApp - ok
12:45:38.0031 3940 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
12:45:38.0031 3940 Cpqarray - ok
12:45:38.0109 3940 CryptSvc (10654f9ddcea9c46cfb77554231be73b) C:\WINDOWS\System32\cryptsvc.dll
12:45:38.0109 3940 CryptSvc - ok
12:45:38.0218 3940 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
12:45:38.0265 3940 dac2w2k - ok
12:45:38.0281 3940 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
12:45:38.0281 3940 dac960nt - ok
12:45:38.0515 3940 DcomLaunch (01095febf33beea00c2a0730b9b3ec28) C:\WINDOWS\system32\rpcss.dll
12:45:38.0531 3940 DcomLaunch - ok
12:45:38.0609 3940 Defrag32 (573ac4974e59a28ac5815bf56d59822c) C:\WINDOWS\system32\drivers\Defrag32.sys
12:45:38.0609 3940 Defrag32 - ok
12:45:38.0656 3940 Defrag32b (739fd63e6ac4f3940ada9b31b8b5de14) C:\WINDOWS\system32\drivers\Defrag32b.sys
12:45:38.0656 3940 Defrag32b - ok
12:45:38.0750 3940 Dhcp (ef545e1a4b043da4c84e230dd471c55f) C:\WINDOWS\System32\dhcpcsvc.dll
12:45:38.0750 3940 Dhcp - ok
12:45:38.0781 3940 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
12:45:38.0781 3940 Disk - ok
12:45:38.0796 3940 dmadmin - ok
12:45:39.0109 3940 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
12:45:39.0390 3940 dmboot - ok
12:45:39.0468 3940 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
12:45:39.0531 3940 dmio - ok
12:45:39.0562 3940 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:45:39.0578 3940 dmload - ok
12:45:39.0609 3940 dmserver (1639d9964c9e1b2ecca95c8217d3e70d) C:\WINDOWS\System32\dmserver.dll
12:45:39.0625 3940 dmserver - ok
12:45:39.0671 3940 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
12:45:39.0687 3940 DMusic - ok
12:45:39.0750 3940 Dnscache (aac8ffbfd61e784fa3bac851d4a0bd5f) C:\WINDOWS\System32\dnsrslvr.dll
12:45:39.0765 3940 Dnscache - ok
12:45:39.0812 3940 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
12:45:39.0828 3940 dpti2o - ok
12:45:39.0875 3940 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
12:45:39.0875 3940 drmkaud - ok
12:45:40.0015 3940 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
12:45:40.0046 3940 DSBrokerService - ok
12:45:40.0109 3940 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
12:45:40.0125 3940 DSproct - ok
12:45:40.0156 3940 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
12:45:40.0156 3940 dsunidrv - ok
12:45:40.0250 3940 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
12:45:40.0265 3940 EL90XBC - ok
12:45:40.0343 3940 ERSvc (67dff7bbbd0e80aab7b3cf061448db8a) C:\WINDOWS\System32\ersvc.dll
12:45:40.0343 3940 ERSvc - ok
12:45:40.0453 3940 Eventlog (37561f8d4160d62da86d24ae41fae8de) C:\WINDOWS\system32\services.exe
12:45:40.0484 3940 Eventlog - ok
12:45:40.0609 3940 EventSystem (60d1a6342238378bfb7545c81ee3606c) C:\WINDOWS\System32\es.dll
12:45:40.0671 3940 EventSystem - ok
12:45:40.0734 3940 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
12:45:40.0765 3940 Fastfat - ok
12:45:40.0875 3940 FastUserSwitchingCompatibility (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
12:45:40.0875 3940 FastUserSwitchingCompatibility - ok
12:45:40.0937 3940 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:45:40.0953 3940 Fdc - ok
12:45:40.0984 3940 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
12:45:40.0984 3940 Fips - ok
12:45:41.0000 3940 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:45:41.0015 3940 Flpydisk - ok
12:45:41.0078 3940 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\drivers\fltmgr.sys
12:45:41.0093 3940 FltMgr - ok
12:45:41.0250 3940 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:45:41.0265 3940 FontCache3.0.0.0 - ok
12:45:41.0312 3940 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:45:41.0312 3940 Fs_Rec - ok
12:45:41.0375 3940 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:45:41.0406 3940 Ftdisk - ok
12:45:41.0468 3940 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:45:41.0484 3940 Gpc - ok
12:45:41.0625 3940 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:45:41.0625 3940 gupdate - ok
12:45:41.0640 3940 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:45:41.0640 3940 gupdatem - ok
12:45:41.0750 3940 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:45:41.0781 3940 gusvc - ok
12:45:41.0890 3940 helpsvc (8827911a8c37e40c027cbfc88e69d967) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:45:41.0890 3940 helpsvc - ok
12:45:41.0906 3940 HidServ - ok
12:45:41.0968 3940 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:45:41.0968 3940 HidUsb - ok
12:45:42.0015 3940 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
12:45:42.0015 3940 hpn - ok
12:45:42.0171 3940 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
12:45:42.0296 3940 HTTP - ok
12:45:42.0343 3940 HTTPFilter (064d8581adf77c25133e7d751d917d83) C:\WINDOWS\System32\w3ssl.dll
12:45:42.0375 3940 HTTPFilter - ok
12:45:42.0406 3940 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
12:45:42.0406 3940 i2omgmt - ok
12:45:42.0437 3940 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\System32\DRIVERS\i2omp.sys
12:45:42.0437 3940 i2omp - ok
12:45:42.0484 3940 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:45:42.0484 3940 i8042prt - ok
12:45:42.0578 3940 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
12:45:42.0609 3940 i81x - ok
12:45:42.0656 3940 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
12:45:42.0671 3940 iAimFP0 - ok
12:45:42.0703 3940 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
12:45:42.0703 3940 iAimFP1 - ok
12:45:42.0734 3940 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
12:45:42.0734 3940 iAimFP2 - ok
12:45:42.0781 3940 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
12:45:42.0781 3940 iAimFP3 - ok
12:45:42.0828 3940 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
12:45:42.0828 3940 iAimFP4 - ok
12:45:42.0875 3940 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
12:45:42.0875 3940 iAimTV0 - ok
12:45:42.0906 3940 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
12:45:42.0921 3940 iAimTV1 - ok
12:45:42.0921 3940 iAimTV2 - ok
12:45:42.0968 3940 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
12:45:42.0968 3940 iAimTV3 - ok
12:45:43.0000 3940 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
12:45:43.0000 3940 iAimTV4 - ok
12:45:43.0078 3940 ialm (1406d6ef4436aee970efe13193123965) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
12:45:43.0093 3940 ialm - ok
12:45:43.0640 3940 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:45:43.0937 3940 idsvc - ok
12:45:43.0984 3940 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:45:43.0984 3940 Imapi - ok
12:45:44.0078 3940 ImapiService (fa788520bcac0f5d9d5cde5615c0d931) C:\WINDOWS\system32\imapi.exe
12:45:44.0140 3940 ImapiService - ok
12:45:44.0203 3940 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
12:45:44.0203 3940 ini910u - ok
12:45:44.0796 3940 IntelC51 (fcab28ffd3a8964581e16455efaf81c8) C:\WINDOWS\system32\DRIVERS\IntelC51.sys
12:45:45.0234 3940 IntelC51 - ok
12:45:45.0859 3940 IntelC52 (a288e7e3a6255255b9066686d860fbc5) C:\WINDOWS\system32\DRIVERS\IntelC52.sys
12:45:46.0046 3940 IntelC52 - ok
12:45:46.0093 3940 IntelC53 (d5e5a1abf6bdba7ca49941a044f04598) C:\WINDOWS\system32\DRIVERS\IntelC53.sys
12:45:46.0093 3940 IntelC53 - ok
12:45:46.0140 3940 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\System32\DRIVERS\intelide.sys
12:45:46.0140 3940 IntelIde - ok
12:45:46.0187 3940 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:45:46.0187 3940 intelppm - ok
12:45:46.0234 3940 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
12:45:46.0234 3940 ip6fw - ok
12:45:46.0281 3940 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:45:46.0281 3940 IpFilterDriver - ok
12:45:46.0296 3940 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:45:46.0296 3940 IpInIp - ok
12:45:46.0390 3940 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:45:46.0406 3940 IpNat - ok
12:45:46.0484 3940 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:45:46.0500 3940 IPSec - ok
12:45:46.0515 3940 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:45:46.0515 3940 IRENUM - ok
12:45:46.0562 3940 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:45:46.0562 3940 isapnp - ok
12:45:46.0765 3940 JavaQuickStarterService (5472d771c0197355c1d347f20392b982) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
12:45:46.0781 3940 JavaQuickStarterService - ok
12:45:46.0843 3940 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:45:46.0843 3940 Kbdclass - ok
12:45:46.0937 3940 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
12:45:46.0937 3940 kmixer - ok
12:45:46.0984 3940 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
12:45:47.0000 3940 KSecDD - ok
12:45:47.0078 3940 lanmanserver (0cb3af149a0bac0836022ca307c7a0f8) C:\WINDOWS\System32\srvsvc.dll
12:45:47.0109 3940 lanmanserver - ok
12:45:47.0187 3940 lanmanworkstation (e1f27cfcd114ec9f1e1f44674b2ff9f0) C:\WINDOWS\System32\wkssvc.dll
12:45:47.0250 3940 lanmanworkstation - ok
12:45:47.0265 3940 lbrtfdc - ok
12:45:47.0421 3940 LexBceS (6c2a98bdddbfa29430dd927cf17c0680) C:\WINDOWS\system32\LEXBCES.EXE
12:45:47.0453 3940 LexBceS - ok
12:45:47.0500 3940 LmHosts (b3eff6d938c572e90a07b3d87a3c7657) C:\WINDOWS\System32\lmhsvc.dll
12:45:47.0500 3940 LmHosts - ok
12:45:47.0546 3940 Messenger (95fd808e4ac22aba025a7b3eac0375d2) C:\WINDOWS\System32\msgsvc.dll
12:45:47.0562 3940 Messenger - ok
12:45:47.0625 3940 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:45:47.0625 3940 mnmdd - ok
12:45:47.0687 3940 mnmsrvc (f6415361201915b9fe3896b0e4e724ff) C:\WINDOWS\System32\mnmsrvc.exe
12:45:47.0703 3940 mnmsrvc - ok
12:45:47.0750 3940 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
12:45:47.0750 3940 Modem - ok
12:45:47.0781 3940 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
12:45:47.0781 3940 MODEMCSA - ok
12:45:47.0859 3940 mohfilt (c6a08c4f34b3048a73bbb2951150f98d) C:\WINDOWS\system32\DRIVERS\mohfilt.sys
12:45:47.0859 3940 mohfilt - ok
12:45:47.0890 3940 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:45:47.0890 3940 Mouclass - ok
12:45:47.0921 3940 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
12:45:47.0921 3940 MountMgr - ok
12:45:48.0078 3940 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:45:48.0125 3940 MozillaMaintenance - ok
12:45:48.0187 3940 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
12:45:48.0187 3940 mraid35x - ok
12:45:48.0328 3940 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:45:48.0359 3940 MRxDAV - ok
12:45:48.0609 3940 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:45:48.0734 3940 MRxSmb - ok
12:45:48.0781 3940 MSDTC (c7c3d89eb0a6f3dba622ea737fa335b1) C:\WINDOWS\System32\msdtc.exe
12:45:48.0796 3940 MSDTC - ok
12:45:48.0859 3940 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
12:45:48.0859 3940 Msfs - ok
12:45:48.0875 3940 MSIServer - ok
12:45:48.0906 3940 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:45:48.0906 3940 MSKSSRV - ok
12:45:48.0921 3940 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:45:48.0921 3940 MSPCLOCK - ok
12:45:48.0937 3940 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
12:45:48.0953 3940 MSPQM - ok
12:45:48.0984 3940 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:45:48.0984 3940 mssmbios - ok
12:45:49.0000 3940 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
12:45:49.0000 3940 MSTEE - ok
12:45:49.0062 3940 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
12:45:49.0078 3940 Mup - ok
12:45:49.0140 3940 MxlW2k (e91fc8b52d21e38317dc61a3c7ccfa4b) C:\WINDOWS\system32\drivers\MxlW2k.sys
12:45:49.0140 3940 MxlW2k - ok
12:45:49.0187 3940 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:45:49.0187 3940 NABTSFEC - ok
12:45:49.0312 3940 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
12:45:49.0359 3940 NDIS - ok
12:45:49.0375 3940 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:45:49.0375 3940 NdisIP - ok
12:45:49.0406 3940 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:45:49.0406 3940 NdisTapi - ok
12:45:49.0437 3940 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:45:49.0437 3940 Ndisuio - ok
12:45:49.0484 3940 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:45:49.0500 3940 NdisWan - ok
12:45:49.0531 3940 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
12:45:49.0531 3940 NDProxy - ok
12:45:49.0562 3940 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:45:49.0562 3940 NetBIOS - ok
12:45:49.0656 3940 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:45:49.0687 3940 NetBT - ok
12:45:49.0781 3940 NetDDE (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
12:45:49.0812 3940 NetDDE - ok
12:45:49.0843 3940 NetDDEdsdm (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
12:45:49.0843 3940 NetDDEdsdm - ok
12:45:49.0906 3940 Netlogon (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
12:45:49.0906 3940 Netlogon - ok
12:45:50.0000 3940 Netman (36739b39267914ba69ad0610a0299732) C:\WINDOWS\System32\netman.dll
12:45:50.0031 3940 Netman - ok
12:45:50.0203 3940 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:45:50.0296 3940 NetTcpPortSharing - ok
12:45:50.0468 3940 Nla (097722f235a1fb698bf9234e01b52637) C:\WINDOWS\System32\mswsock.dll
12:45:50.0531 3940 Nla - ok
12:45:50.0593 3940 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
12:45:50.0593 3940 Npfs - ok
12:45:50.0828 3940 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
12:45:51.0015 3940 Ntfs - ok
12:45:51.0031 3940 NtLmSsp (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\System32\lsass.exe
12:45:51.0031 3940 NtLmSsp - ok
12:45:51.0312 3940 NtmsSvc (b62f29c00ac55a761b2e45877d85ea0f) C:\WINDOWS\system32\ntmssvc.dll
12:45:51.0515 3940 NtmsSvc - ok
12:45:51.0562 3940 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:45:51.0562 3940 Null - ok
12:45:52.0359 3940 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:45:52.0984 3940 nv - ok
12:45:53.0375 3940 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:45:53.0390 3940 NwlnkFlt - ok
12:45:53.0453 3940 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:45:53.0453 3940 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys. Real md5: c99b3415198d1aab7227f2c88fd664b9, Fake md5: 00be954cf83e834e64202cb52944e666
12:45:53.0453 3940 NwlnkFwd ( ForgedFile.Multi.Generic ) - warning
12:45:53.0453 3940 NwlnkFwd - detected ForgedFile.Multi.Generic (1)
12:45:53.0500 3940 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
12:45:53.0500 3940 omci - ok
12:45:53.0656 3940 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:45:53.0687 3940 ose - ok
12:45:53.0765 3940 P3 (3e16eff2a6fed2d8d7f5a66dfe65d183) C:\WINDOWS\system32\DRIVERS\p3.sys
12:45:53.0765 3940 P3 - ok
12:45:53.0812 3940 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
12:45:53.0812 3940 Parport - ok
12:45:53.0843 3940 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
12:45:53.0859 3940 PartMgr - ok
12:45:53.0906 3940 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:45:53.0906 3940 ParVdm - ok
12:45:53.0953 3940 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
12:45:53.0953 3940 PCI - ok
12:45:53.0968 3940 PCIDump - ok
12:45:54.0015 3940 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:45:54.0015 3940 PCIIde - ok
12:45:54.0093 3940 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:45:54.0109 3940 Pcmcia - ok
12:45:54.0125 3940 PDCOMP - ok
12:45:54.0140 3940 PDFRAME - ok
12:45:54.0156 3940 PDRELI - ok
12:45:54.0171 3940 PDRFRAME - ok
12:45:54.0375 3940 PDWebWmi (683beced197df6f46c9a377dbba3d4a1) C:\Program Files\Raxco\PerfectDisk Live\PDWebWmi.exe
12:45:54.0375 3940 PDWebWmi - ok
12:45:54.0640 3940 PDWEngine (01a468abf4ea9e3df2b1d299ff95ff8b) C:\Program Files\Raxco\PerfectDisk Live\PDWEngine.exe
12:45:54.0781 3940 PDWEngine - ok
12:45:54.0843 3940 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
12:45:54.0843 3940 perc2 - ok
12:45:54.0859 3940 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
12:45:54.0875 3940 perc2hib - ok
12:45:55.0000 3940 PlugPlay (37561f8d4160d62da86d24ae41fae8de) C:\WINDOWS\system32\services.exe
12:45:55.0000 3940 PlugPlay - ok
12:45:55.0046 3940 PolicyAgent (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
12:45:55.0046 3940 PolicyAgent - ok
12:45:55.0109 3940 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:45:55.0109 3940 PptpMiniport - ok
12:45:55.0140 3940 Processor (0d97d88720a4087ec93af7dbb303b30a) C:\WINDOWS\system32\DRIVERS\processr.sys
12:45:55.0140 3940 Processor - ok
12:45:55.0156 3940 ProtectedStorage (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
12:45:55.0156 3940 ProtectedStorage - ok
12:45:55.0203 3940 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
12:45:55.0203 3940 PSched - ok
12:45:55.0265 3940 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:45:55.0265 3940 Ptilink - ok
12:45:55.0328 3940 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
12:45:55.0343 3940 ql1080 - ok
12:45:55.0359 3940 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
12:45:55.0375 3940 Ql10wnt - ok
12:45:55.0421 3940 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
12:45:55.0421 3940 ql12160 - ok
12:45:55.0453 3940 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
12:45:55.0453 3940 ql1240 - ok
12:45:55.0515 3940 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
12:45:55.0515 3940 ql1280 - ok
12:45:55.0562 3940 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:45:55.0578 3940 RasAcd - ok
12:45:55.0656 3940 RasAuto (44db7a9bdd2fb58747d123fbf1d35adb) C:\WINDOWS\System32\rasauto.dll
12:45:55.0687 3940 RasAuto - ok
12:45:55.0750 3940 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:45:55.0765 3940 Rasl2tp - ok
12:45:55.0875 3940 RasMan (49b5eed5fb89d39456a2f616ccd8ba5d) C:\WINDOWS\System32\rasmans.dll
12:45:55.0875 3940 RasMan - ok
12:45:55.0921 3940 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:45:55.0921 3940 RasPppoe - ok
12:45:55.0968 3940 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:45:55.0968 3940 Raspti - ok
12:45:56.0062 3940 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:45:56.0093 3940 Rdbss - ok
12:45:56.0125 3940 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:45:56.0125 3940 RDPCDD - ok
12:45:56.0281 3940 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:45:56.0328 3940 rdpdr - ok
12:45:56.0406 3940 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
12:45:56.0437 3940 RDPWD - ok
12:45:56.0515 3940 RDSessMgr (729798e0933076b8fcfcd9934698f164) C:\WINDOWS\system32\sessmgr.exe
12:45:56.0578 3940 RDSessMgr - ok
12:45:56.0625 3940 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:45:56.0640 3940 redbook - ok
12:45:56.0687 3940 RemoteAccess (3046db917e3cfa040632799dd9b14865) C:\WINDOWS\System32\mprdim.dll
12:45:56.0718 3940 RemoteAccess - ok
12:45:56.0765 3940 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
12:45:56.0765 3940 ROOTMODEM - ok
12:45:56.0843 3940 RpcLocator (793f04a09b15e7c6c11dbdffaf06c0ab) C:\WINDOWS\System32\locator.exe
12:45:56.0875 3940 RpcLocator - ok
12:45:57.0062 3940 RpcSs (01095febf33beea00c2a0730b9b3ec28) C:\WINDOWS\System32\rpcss.dll
12:45:57.0078 3940 RpcSs - ok
12:45:57.0156 3940 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
12:45:57.0234 3940 RSVP - ok
12:45:57.0281 3940 SamSs (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
12:45:57.0281 3940 SamSs - ok
12:45:57.0343 3940 SCardSvr (25d8de134df108e3dbc8d7d23b1aa58e) C:\WINDOWS\System32\SCardSvr.exe
12:45:57.0375 3940 SCardSvr - ok
12:45:57.0484 3940 Schedule (92360854316611f6cc471612213c3d92) C:\WINDOWS\system32\schedsvc.dll
12:45:57.0546 3940 Schedule - ok
12:45:57.0609 3940 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:45:57.0609 3940 Secdrv - ok
12:45:57.0656 3940 seclogon (b1e0ce09895376871746f36dc5773b4f) C:\WINDOWS\System32\seclogon.dll
12:45:57.0656 3940 seclogon - ok
12:45:57.0734 3940 SENS (dfd9870cf39c791d86c4c209da9fa919) C:\WINDOWS\system32\sens.dll
12:45:57.0734 3940 SENS - ok
12:45:57.0812 3940 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:45:57.0812 3940 serenum - ok
12:45:57.0859 3940 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
12:45:57.0859 3940 Serial - ok
12:45:57.0890 3940 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:45:57.0906 3940 Sfloppy - ok
12:45:58.0093 3940 SharedAccess (36cc8c01b5e50163037bef56cb96deff) C:\WINDOWS\System32\ipnathlp.dll
12:45:58.0156 3940 SharedAccess - ok
12:45:58.0265 3940 ShellHWDetection (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
12:45:58.0281 3940 ShellHWDetection - ok
12:45:58.0296 3940 Simbad - ok
12:45:58.0343 3940 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\System32\DRIVERS\sisagp.sys
12:45:58.0343 3940 sisagp - ok
12:45:58.0375 3940 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:45:58.0375 3940 SLIP - ok
12:45:58.0468 3940 smbusp (64dce11279fde28f0abf6f04aa6a073a) C:\WINDOWS\system32\DRIVERS\intelsmb.sys
12:45:58.0468 3940 smbusp - ok
12:45:58.0734 3940 smwdm (99a9e1ef62f955c82a5001ac94b4b77b) C:\WINDOWS\system32\drivers\smwdm.sys
12:45:58.0921 3940 smwdm - ok
12:45:58.0953 3940 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
12:45:58.0953 3940 Sparrow - ok
12:45:59.0000 3940 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
12:45:59.0015 3940 splitter - ok
12:45:59.0093 3940 Spooler (da81ec57acd4cdc3d4c51cf3d409af9f) C:\WINDOWS\system32\spoolsv.exe
12:45:59.0109 3940 Spooler - ok
12:45:59.0156 3940 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
12:45:59.0156 3940 sr - ok
12:45:59.0281 3940 srservice (92bdf74f12d6cbec43c94d4b7f804838) C:\WINDOWS\system32\srsvc.dll
12:45:59.0296 3940 srservice - ok
12:45:59.0468 3940 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
12:45:59.0562 3940 Srv - ok
12:45:59.0640 3940 SSDPSRV (4b8d61792f7175bed48859cc18ce4e38) C:\WINDOWS\System32\ssdpsrv.dll
12:45:59.0656 3940 SSDPSRV - ok
12:45:59.0828 3940 stisvc (b6763f8534ac547cf1af98afdff2edc8) C:\WINDOWS\system32\wiaservc.dll
12:45:59.0953 3940 stisvc - ok
12:46:00.0000 3940 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:46:00.0000 3940 streamip - ok
12:46:00.0031 3940 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:46:00.0046 3940 swenum - ok
12:46:00.0078 3940 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
12:46:00.0093 3940 swmidi - ok
12:46:00.0109 3940 SwPrv - ok
12:46:00.0171 3940 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
12:46:00.0171 3940 symc810 - ok
12:46:00.0234 3940 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
12:46:00.0234 3940 symc8xx - ok
12:46:00.0281 3940 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
12:46:00.0281 3940 sym_hi - ok
12:46:00.0343 3940 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
12:46:00.0343 3940 sym_u3 - ok
12:46:00.0406 3940 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
12:46:00.0421 3940 sysaudio - ok
12:46:00.0500 3940 SysmonLog (8b54aa346d1b1b113ffaa75501b8b1b2) C:\WINDOWS\system32\smlogsvc.exe
12:46:00.0531 3940 SysmonLog - ok
12:46:00.0671 3940 TapiSrv (fb78839b36025aa286a51289ed28b73e) C:\WINDOWS\System32\tapisrv.dll
12:46:00.0750 3940 TapiSrv - ok
12:46:00.0906 3940 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:46:01.0000 3940 Tcpip - ok
12:46:01.0046 3940 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:46:01.0046 3940 TDPIPE - ok
12:46:01.0078 3940 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
12:46:01.0093 3940 TDTCP - ok
12:46:01.0140 3940 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:46:01.0140 3940 TermDD - ok
12:46:01.0328 3940 TermService (b60c877d16d9c880b952fda04adf16e6) C:\WINDOWS\System32\termsrv.dll
12:46:01.0406 3940 TermService - ok
12:46:01.0484 3940 Themes (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
12:46:01.0484 3940 Themes - ok
12:46:01.0546 3940 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
12:46:01.0546 3940 TosIde - ok
12:46:01.0593 3940 TrkWks (6d9ac544b30f96c57f8206566c1fb6a1) C:\WINDOWS\system32\trkwks.dll
12:46:01.0609 3940 TrkWks - ok
12:46:01.0656 3940 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
12:46:01.0671 3940 TVICHW32 - ok
12:46:01.0687 3940 ubxmytnj - ok
12:46:01.0734 3940 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
12:46:01.0734 3940 Udfs - ok
12:46:01.0781 3940 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
12:46:01.0781 3940 ultra - ok
12:46:01.0953 3940 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
12:46:02.0046 3940 Update - ok
12:46:02.0156 3940 uploadmgr (8827911a8c37e40c027cbfc88e69d967) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:46:02.0156 3940 uploadmgr - ok
12:46:02.0312 3940 upnphost (aca5d98663d879c6baafcea7e2f1b710) C:\WINDOWS\System32\upnphost.dll
12:46:02.0375 3940 upnphost - ok
12:46:02.0406 3940 UPS (3f5df65b0758675f95a2d43918a740a3) C:\WINDOWS\System32\ups.exe
12:46:02.0421 3940 UPS - ok
12:46:02.0484 3940 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
12:46:02.0484 3940 usbaudio - ok
12:46:02.0531 3940 usbcamcl (9af10ed514126bff476458ab9b8b4c91) C:\WINDOWS\system32\DRIVERS\usbcamcl.sys
12:46:02.0546 3940 usbcamcl - ok
12:46:02.0593 3940 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:46:02.0593 3940 usbccgp - ok
12:46:02.0656 3940 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:46:02.0671 3940 usbehci - ok
12:46:02.0734 3940 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:46:02.0750 3940 usbhub - ok
12:46:02.0781 3940 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:46:02.0781 3940 usbprint - ok
12:46:02.0796 3940 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:46:02.0812 3940 usbscan - ok
12:46:02.0843 3940 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:46:02.0859 3940 USBSTOR - ok
12:46:02.0906 3940 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:46:02.0906 3940 usbuhci - ok
12:46:02.0968 3940 usbvideo (8968ff3973a883c49e8b564200f565b9) C:\WINDOWS\system32\Drivers\usbvideo.sys
12:46:02.0984 3940 usbvideo - ok
12:46:03.0000 3940 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
12:46:03.0015 3940 VgaSave - ok
12:46:03.0046 3940 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\System32\DRIVERS\viaagp.sys
12:46:03.0046 3940 viaagp - ok
12:46:03.0078 3940 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\System32\DRIVERS\viaide.sys
12:46:03.0078 3940 ViaIde - ok
12:46:03.0140 3940 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
12:46:03.0140 3940 VolSnap - ok
12:46:03.0312 3940 VSS (3ee00364ae0fd8d604f46cbaf512838a) C:\WINDOWS\System32\vssvc.exe
12:46:03.0421 3940 VSS - ok
12:46:03.0953 3940 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
12:46:03.0968 3940 vToolbarUpdater11.1.0 - ok
12:46:04.0078 3940 w32time (2b281958f5d0cf99ed626e3ef39d5c8d) C:\WINDOWS\system32\w32time.dll
12:46:04.0109 3940 w32time - ok
12:46:04.0265 3940 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:46:04.0265 3940 Wanarp - ok
12:46:04.0343 3940 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
12:46:04.0343 3940 wanatw - ok
12:46:04.0421 3940 WANMiniportService (909f2dc0da7f57d229a05ee90647b2c3) C:\WINDOWS\wanmpsvc.exe
12:46:04.0421 3940 WANMiniportService - ok
12:46:04.0437 3940 WDICA - ok
12:46:04.0500 3940 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
12:46:04.0500 3940 wdmaud - ok
12:46:04.0593 3940 WebClient (265f534ef76832435afbf771ec97176d) C:\WINDOWS\System32\webclnt.dll
12:46:04.0609 3940 WebClient - ok
12:46:04.0781 3940 winmgmt (f399242a80c4066fd155efa4cf96658e) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:46:04.0781 3940 winmgmt - ok
12:46:04.0859 3940 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
12:46:04.0875 3940 WmdmPmSN - ok
12:46:04.0968 3940 WmiApSrv (ba8cecc3e813e1f7c441b20393d4f86c) C:\WINDOWS\System32\wbem\wmiapsrv.exe
12:46:05.0015 3940 WmiApSrv - ok
12:46:05.0531 3940 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
12:46:05.0828 3940 WMPNetworkSvc - ok
12:46:05.0937 3940 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:46:05.0937 3940 WS2IFSL - ok
12:46:06.0015 3940 wscsvc (4d59daa66c60858cdf4f67a900f42d4a) C:\WINDOWS\system32\wscsvc.dll
12:46:06.0031 3940 wscsvc - ok
12:46:06.0093 3940 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:46:06.0093 3940 WSTCODEC - ok
12:46:06.0156 3940 wuauserv (13d72740963cba12d9ff76a7f218bcd8) C:\WINDOWS\system32\wuauserv.dll
12:46:06.0156 3940 wuauserv - ok
12:46:06.0281 3940 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:46:06.0281 3940 WudfPf - ok
12:46:06.0343 3940 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:46:06.0343 3940 WudfRd - ok
12:46:06.0390 3940 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
12:46:06.0421 3940 WudfSvc - ok
12:46:06.0578 3940 WZCSVC (5a91e6feab9f901302fa7ff768c0120f) C:\WINDOWS\System32\wzcsvc.dll
12:46:06.0687 3940 WZCSVC - ok
12:46:06.0765 3940 xmlprov (eef46dab68229a14da3d8e73c99e2959) C:\WINDOWS\System32\xmlprov.dll
12:46:06.0828 3940 xmlprov - ok
12:46:06.0906 3940 {6080A529-897E-4629-A488-ABA0C29B635E} (fd1f4e9cf06c71c8d73a24acf18d8296) C:\WINDOWS\system32\drivers\ialmsbw.sys
12:46:06.0921 3940 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
12:46:06.0968 3940 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (d4d7331d33d1fa73e588e5ce0d90a4c1) C:\WINDOWS\system32\drivers\ialmkchw.sys
12:46:06.0984 3940 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
12:46:07.0031 3940 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:46:07.0812 3940 \Device\Harddisk0\DR0 - ok
12:46:07.0859 3940 Boot (0x1200) (1ec645e0679fc915bb8ecaa103e995f7) \Device\Harddisk0\DR0\Partition0
12:46:07.0859 3940 \Device\Harddisk0\DR0\Partition0 - ok
12:46:07.0859 3940 ============================================================
12:46:07.0859 3940 Scan finished
12:46:07.0859 3940 ============================================================
12:46:07.0890 1332 Detected object count: 1
12:46:07.0890 1332 Actual detected object count: 1
12:46:39.0593 1332 NwlnkFwd ( ForgedFile.Multi.Generic ) - skipped by user
12:46:39.0593 1332 NwlnkFwd ( ForgedFile.Multi.Generic ) - User select action: Skip
12:47:59.0078 3232 Deinitialize success

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:13 PM

Posted 17 May 2012 - 03:59 PM

Ok, it has removed the rootkits. This one,( ForgedFile.Multi.Generic ) , is just your CD drive and thats ok.. The sounds gone now?

Running well?

You need to install SP 3 you have Microsoft Windows XP Home Edition Service Pack 2 (X86)
You have to go to Windows Update,but after one more scan so we leave nothing behind....


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.

Edited by boopme, 17 May 2012 - 08:53 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Silverbak

Silverbak
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:13 AM

Posted 17 May 2012 - 08:40 PM

Hello boopme,

I do not understand the first line of your last reply, since I have not been having problems with "sounds."

The machine seems to be running better, but the "Aw, Snap" error still occurs from time to time.

Should I install SP3 before doing the scan you requested?

Thanks,
Robert

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:13 PM

Posted 17 May 2012 - 08:55 PM

Sorry if I weren't clear enough.

Ok, it (TDSS scan) has removed the rootkits. This one,( ForgedFile.Multi.Generic ) , is just your CD drive and thats ok.. The sounds gone now?
I thought "Aw, Snap" was an audible message.

Doesn't look like malware.. See these steps//

"Aw, Snap!"
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Silverbak

Silverbak
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:13 AM

Posted 25 May 2012 - 10:30 PM

Hello boopme,

I believe you were right, it is not malware. Previously I downloaded a new copy of chrome, but I had not removed the old copy. The problem remained. This time I removed the old copy and downlaoded a new copy and things seem to be fixed.

Thank you very much for your help.

Robert

#9 GP3

GP3

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:02:13 PM

Posted 28 September 2014 - 03:09 PM

Hi - I'm using OS Windows 7 and am having the same problem with Aw Snap in Chrome in AOL Mail.

 

I've followed boopme's instructions to Robert but nothing's come up.

 

I also cannot update Chrome - maybe I have another version running?  This is driving me nuts.

 

HELP,

Nancy



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:13 PM

Posted 29 September 2014 - 02:40 PM

How to Completely Remove Chrome
 
 
Try disabling your extensions one by one to see if a particular extension is causing the problem.
 Click the Chrome menu on the browser toolbar.
  • Select Tools.
  • Select Extensions.
  • On the Extensions page, unselect the "Enabled" checkbox for the extension you'd like to temporarily remove.

Edited by boopme, 29 September 2014 - 02:41 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users