Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect virus issues


  • Please log in to reply
12 replies to this topic

#1 toyotaracer9

toyotaracer9

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 14 May 2012 - 06:59 AM

Hi , I got a virus a few weeks ago it hid my icons so I used unhide and got them back but I am still infected with the redirect virus. before knowing better I tried to run combofix but it never ran all the way through. I tried to do the pre steps on the prep page but when I get 3/4 through the dds log it stops running .I also have malwarebytes and adaware installed. thanks in advance

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:49 AM

Posted 14 May 2012 - 08:53 AM

Lets see if you really need combofix

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 toyotaracer9

toyotaracer9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 14 May 2012 - 04:13 PM

gmer is the only one I could get to run, it says none found. the other two will download but not launch.

Edited by toyotaracer9, 14 May 2012 - 05:06 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:49 AM

Posted 14 May 2012 - 05:28 PM

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot click on REPAIR

Now run those tools

good luck

#5 toyotaracer9

toyotaracer9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 14 May 2012 - 09:17 PM

ok I hope I got what you were asking for, thanks for the patients

20:43:27.0687 1204 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
20:43:28.0312 1204 ============================================================
20:43:28.0312 1204 Current date / time: 2012/05/14 20:43:28.0312
20:43:28.0312 1204 SystemInfo:
20:43:28.0312 1204
20:43:28.0312 1204 OS Version: 5.1.2600 ServicePack: 3.0
20:43:28.0312 1204 Product type: Workstation
20:43:28.0312 1204 ComputerName: D8YT1V91
20:43:28.0312 1204 UserName: Shane
20:43:28.0312 1204 Windows directory: C:\WINDOWS
20:43:28.0312 1204 System windows directory: C:\WINDOWS
20:43:28.0312 1204 Processor architecture: Intel x86
20:43:28.0312 1204 Number of processors: 1
20:43:28.0312 1204 Page size: 0x1000
20:43:28.0312 1204 Boot type: Normal boot
20:43:28.0312 1204 ============================================================
20:43:31.0750 1204 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:43:31.0796 1204 ============================================================
20:43:31.0796 1204 \Device\Harddisk0\DR0:
20:43:31.0828 1204 MBR partitions:
20:43:31.0828 1204 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x69A6EF0
20:43:31.0828 1204 ============================================================
20:43:31.0875 1204 C: <-> \Device\Harddisk0\DR0\Partition0
20:43:31.0875 1204 ============================================================
20:43:31.0875 1204 Initialize success
20:43:31.0875 1204 ============================================================
20:43:57.0234 2924 ============================================================
20:43:57.0234 2924 Scan started
20:43:57.0234 2924 Mode: Manual; TDLFS;
20:43:57.0234 2924 ============================================================
20:43:57.0750 2924 Abiosdsk - ok
20:43:57.0812 2924 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
20:43:57.0812 2924 abp480n5 - ok
20:43:57.0937 2924 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:43:57.0937 2924 ACPI - ok
20:43:57.0984 2924 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:43:57.0984 2924 ACPIEC - ok
20:43:58.0140 2924 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:43:58.0203 2924 AdobeFlashPlayerUpdateSvc - ok
20:43:58.0296 2924 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:43:58.0312 2924 adpu160m - ok
20:43:58.0390 2924 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:43:58.0406 2924 aec - ok
20:43:58.0484 2924 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:43:58.0500 2924 AFD - ok
20:43:58.0531 2924 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
20:43:58.0562 2924 agp440 - ok
20:43:58.0593 2924 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
20:43:58.0593 2924 agpCPQ - ok
20:43:58.0609 2924 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
20:43:58.0609 2924 Aha154x - ok
20:43:58.0656 2924 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:43:58.0671 2924 aic78u2 - ok
20:43:58.0687 2924 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:43:58.0687 2924 aic78xx - ok
20:43:58.0765 2924 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
20:43:58.0765 2924 Alerter - ok
20:43:58.0828 2924 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
20:43:58.0828 2924 ALG - ok
20:43:58.0875 2924 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
20:43:58.0875 2924 AliIde - ok
20:43:58.0906 2924 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
20:43:58.0906 2924 alim1541 - ok
20:43:58.0953 2924 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
20:43:58.0968 2924 amdagp - ok
20:43:58.0968 2924 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
20:43:58.0968 2924 amsint - ok
20:43:59.0078 2924 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
20:43:59.0093 2924 APPDRV - ok
20:43:59.0093 2924 AppMgmt - ok
20:43:59.0109 2924 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
20:43:59.0109 2924 asc - ok
20:43:59.0125 2924 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
20:43:59.0125 2924 asc3350p - ok
20:43:59.0140 2924 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
20:43:59.0140 2924 asc3550 - ok
20:43:59.0250 2924 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
20:43:59.0250 2924 ASCTRM - ok
20:43:59.0468 2924 aspnet_state (e1a1206a4fb19b675e947b29ccd25fba) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
20:43:59.0468 2924 aspnet_state - ok
20:43:59.0531 2924 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:43:59.0531 2924 AsyncMac - ok
20:43:59.0593 2924 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:43:59.0609 2924 atapi - ok
20:43:59.0609 2924 Atdisk - ok
20:43:59.0656 2924 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:43:59.0656 2924 Atmarpc - ok
20:43:59.0781 2924 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
20:43:59.0781 2924 AudioSrv - ok
20:43:59.0843 2924 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:43:59.0843 2924 audstub - ok
20:44:00.0078 2924 BCM43XX (30d20fc98bcfd52e1da778cf19b223d4) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
20:44:00.0125 2924 BCM43XX - ok
20:44:00.0187 2924 bcm4sbxp (c768c8a463d32c219ce291645a0621a4) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
20:44:00.0203 2924 bcm4sbxp - ok
20:44:00.0218 2924 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:44:00.0218 2924 Beep - ok
20:44:00.0437 2924 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
20:44:00.0453 2924 BITS - ok
20:44:00.0515 2924 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
20:44:00.0515 2924 Browser - ok
20:44:00.0609 2924 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
20:44:00.0609 2924 cbidf - ok
20:44:00.0625 2924 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:44:00.0625 2924 cbidf2k - ok
20:44:00.0875 2924 CCALib8 (8ef654045e518ac00e52e7a1e2d3ad70) C:\Program Files\Canon\CAL\CALMAIN.exe
20:44:00.0875 2924 CCALib8 - ok
20:44:00.0984 2924 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
20:44:00.0984 2924 cd20xrnt - ok
20:44:01.0031 2924 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:44:01.0046 2924 Cdaudio - ok
20:44:01.0125 2924 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:44:01.0125 2924 Cdfs - ok
20:44:01.0156 2924 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:44:01.0187 2924 Cdrom - ok
20:44:01.0187 2924 Changer - ok
20:44:01.0234 2924 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
20:44:01.0281 2924 CiSvc - ok
20:44:01.0312 2924 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
20:44:01.0312 2924 ClipSrv - ok
20:44:01.0390 2924 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:44:01.0390 2924 CmBatt - ok
20:44:01.0421 2924 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
20:44:01.0421 2924 CmdIde - ok
20:44:01.0453 2924 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:44:01.0453 2924 Compbatt - ok
20:44:01.0453 2924 COMSysApp - ok
20:44:01.0500 2924 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
20:44:01.0515 2924 Cpqarray - ok
20:44:01.0562 2924 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
20:44:01.0562 2924 CryptSvc - ok
20:44:01.0687 2924 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
20:44:01.0687 2924 dac2w2k - ok
20:44:01.0703 2924 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
20:44:01.0703 2924 dac960nt - ok
20:44:01.0937 2924 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
20:44:01.0937 2924 DcomLaunch - ok
20:44:02.0062 2924 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
20:44:02.0062 2924 Dhcp - ok
20:44:02.0093 2924 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:44:02.0093 2924 Disk - ok
20:44:02.0093 2924 dmadmin - ok
20:44:02.0421 2924 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
20:44:02.0453 2924 dmboot - ok
20:44:02.0515 2924 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
20:44:02.0546 2924 dmio - ok
20:44:02.0562 2924 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:44:02.0609 2924 dmload - ok
20:44:02.0640 2924 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
20:44:02.0640 2924 dmserver - ok
20:44:02.0687 2924 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:44:02.0703 2924 DMusic - ok
20:44:02.0781 2924 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
20:44:02.0781 2924 Dnscache - ok
20:44:02.0890 2924 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
20:44:02.0890 2924 Dot3svc - ok
20:44:02.0968 2924 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20:44:02.0968 2924 dpti2o - ok
20:44:03.0000 2924 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:44:03.0000 2924 drmkaud - ok
20:44:03.0078 2924 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
20:44:03.0078 2924 drvmcdb - ok
20:44:03.0093 2924 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
20:44:03.0093 2924 drvnddm - ok
20:44:03.0171 2924 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
20:44:03.0203 2924 E100B - ok
20:44:03.0265 2924 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
20:44:03.0265 2924 EapHost - ok
20:44:03.0343 2924 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
20:44:03.0343 2924 ERSvc - ok
20:44:03.0437 2924 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
20:44:03.0437 2924 Eventlog - ok
20:44:03.0562 2924 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
20:44:03.0562 2924 EventSystem - ok
20:44:03.0687 2924 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:44:03.0687 2924 Fastfat - ok
20:44:03.0812 2924 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:44:03.0812 2924 FastUserSwitchingCompatibility - ok
20:44:03.0921 2924 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
20:44:03.0921 2924 Fax - ok
20:44:04.0000 2924 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:44:04.0000 2924 Fdc - ok
20:44:04.0062 2924 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
20:44:04.0062 2924 Fips - ok
20:44:04.0109 2924 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:44:04.0109 2924 Flpydisk - ok
20:44:04.0203 2924 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:44:04.0218 2924 FltMgr - ok
20:44:04.0328 2924 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:44:04.0328 2924 Fs_Rec - ok
20:44:04.0390 2924 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:44:04.0390 2924 Ftdisk - ok
20:44:04.0437 2924 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:44:04.0437 2924 Gpc - ok
20:44:04.0468 2924 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:44:04.0500 2924 HDAudBus - ok
20:44:04.0625 2924 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:44:04.0625 2924 helpsvc - ok
20:44:04.0656 2924 HidServ - ok
20:44:04.0765 2924 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
20:44:04.0765 2924 hkmsvc - ok
20:44:04.0859 2924 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
20:44:04.0859 2924 hpn - ok
20:44:05.0062 2924 HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
20:44:05.0062 2924 HSFHWAZL - ok
20:44:05.0484 2924 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
20:44:05.0546 2924 HSF_DPV - ok
20:44:05.0703 2924 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:44:05.0765 2924 HTTP - ok
20:44:05.0843 2924 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
20:44:05.0843 2924 HTTPFilter - ok
20:44:05.0906 2924 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
20:44:05.0921 2924 i2omgmt - ok
20:44:05.0937 2924 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
20:44:05.0937 2924 i2omp - ok
20:44:05.0984 2924 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:44:05.0984 2924 i8042prt - ok
20:44:06.0500 2924 ialm (5a8e05f1d5c36abd58cffa111eb325ea) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
20:44:06.0578 2924 ialm - ok
20:44:06.0640 2924 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:44:06.0640 2924 Imapi - ok
20:44:06.0750 2924 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
20:44:06.0781 2924 ImapiService - ok
20:44:06.0812 2924 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
20:44:06.0812 2924 ini910u - ok
20:44:06.0875 2924 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
20:44:06.0875 2924 IntelIde - ok
20:44:06.0968 2924 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:44:06.0968 2924 intelppm - ok
20:44:07.0046 2924 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:44:07.0046 2924 Ip6Fw - ok
20:44:07.0093 2924 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:44:07.0093 2924 IpFilterDriver - ok
20:44:07.0140 2924 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:44:07.0140 2924 IpInIp - ok
20:44:07.0218 2924 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:44:07.0218 2924 IpNat - ok
20:44:07.0250 2924 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:44:07.0250 2924 IPSec - ok
20:44:07.0281 2924 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:44:07.0281 2924 IRENUM - ok
20:44:07.0312 2924 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:44:07.0312 2924 isapnp - ok
20:44:07.0500 2924 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
20:44:07.0500 2924 JavaQuickStarterService - ok
20:44:07.0515 2924 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:44:07.0515 2924 Kbdclass - ok
20:44:07.0609 2924 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:44:07.0625 2924 kmixer - ok
20:44:07.0703 2924 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:44:07.0703 2924 KSecDD - ok
20:44:07.0828 2924 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
20:44:07.0828 2924 lanmanserver - ok
20:44:07.0890 2924 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
20:44:07.0921 2924 lanmanworkstation - ok
20:44:09.0312 2924 Lavasoft Ad-Aware Service (93b3ef77866490c7daba054f6cbfcd51) C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
20:44:09.0343 2924 Lavasoft Ad-Aware Service - ok
20:44:09.0515 2924 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
20:44:09.0515 2924 Lavasoft Kernexplorer - ok
20:44:09.0984 2924 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
20:44:09.0984 2924 Lbd - ok
20:44:09.0984 2924 lbrtfdc - ok
20:44:10.0062 2924 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
20:44:10.0093 2924 LmHosts - ok
20:44:10.0171 2924 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
20:44:10.0171 2924 mdmxsdk - ok
20:44:10.0250 2924 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
20:44:10.0250 2924 Messenger - ok
20:44:10.0328 2924 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:44:10.0328 2924 mnmdd - ok
20:44:10.0453 2924 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
20:44:10.0453 2924 mnmsrvc - ok
20:44:10.0562 2924 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
20:44:10.0562 2924 Modem - ok
20:44:10.0593 2924 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:44:10.0593 2924 Mouclass - ok
20:44:10.0609 2924 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:44:10.0609 2924 MountMgr - ok
20:44:10.0703 2924 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:44:10.0718 2924 MozillaMaintenance - ok
20:44:10.0796 2924 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
20:44:10.0828 2924 mraid35x - ok
20:44:10.0984 2924 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:44:10.0984 2924 MRxDAV - ok
20:44:11.0125 2924 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:44:11.0156 2924 MRxSmb - ok
20:44:11.0187 2924 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
20:44:11.0203 2924 MSDTC - ok
20:44:11.0218 2924 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:44:11.0218 2924 Msfs - ok
20:44:11.0234 2924 MSIServer - ok
20:44:11.0265 2924 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:44:11.0265 2924 MSKSSRV - ok
20:44:11.0296 2924 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:44:11.0296 2924 MSPCLOCK - ok
20:44:11.0328 2924 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:44:11.0328 2924 MSPQM - ok
20:44:11.0421 2924 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:44:11.0421 2924 mssmbios - ok
20:44:11.0484 2924 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:44:11.0484 2924 Mup - ok
20:44:11.0562 2924 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
20:44:11.0578 2924 napagent - ok
20:44:11.0656 2924 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:44:11.0656 2924 NDIS - ok
20:44:11.0734 2924 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:44:11.0734 2924 NdisTapi - ok
20:44:11.0750 2924 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:44:11.0750 2924 Ndisuio - ok
20:44:11.0765 2924 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:44:11.0765 2924 NdisWan - ok
20:44:11.0843 2924 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:44:11.0843 2924 NDProxy - ok
20:44:11.0937 2924 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:44:11.0937 2924 NetBIOS - ok
20:44:12.0000 2924 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:44:12.0000 2924 NetBT - ok
20:44:12.0078 2924 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
20:44:12.0078 2924 NetDDE - ok
20:44:12.0109 2924 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
20:44:12.0109 2924 NetDDEdsdm - ok
20:44:12.0156 2924 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:44:12.0156 2924 Netlogon - ok
20:44:12.0250 2924 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
20:44:12.0250 2924 Netman - ok
20:44:12.0578 2924 NICCONFIGSVC (202abc5c766a9c0767ce83f98605ce96) C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
20:44:12.0578 2924 NICCONFIGSVC - ok
20:44:12.0734 2924 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
20:44:12.0734 2924 Nla - ok
20:44:12.0765 2924 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:44:12.0781 2924 Npfs - ok
20:44:13.0062 2924 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:44:13.0109 2924 Ntfs - ok
20:44:13.0171 2924 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:44:13.0171 2924 NtLmSsp - ok
20:44:13.0421 2924 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
20:44:13.0437 2924 NtmsSvc - ok
20:44:13.0515 2924 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:44:13.0515 2924 Null - ok
20:44:14.0312 2924 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:44:14.0375 2924 nv - ok
20:44:14.0484 2924 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:44:14.0484 2924 NwlnkFlt - ok
20:44:14.0484 2924 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:44:14.0484 2924 NwlnkFwd - ok
20:44:14.0531 2924 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
20:44:14.0531 2924 Parport - ok
20:44:14.0578 2924 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:44:14.0578 2924 PartMgr - ok
20:44:14.0625 2924 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
20:44:14.0625 2924 ParVdm - ok
20:44:14.0625 2924 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
20:44:14.0640 2924 PCI - ok
20:44:14.0640 2924 PCIDump - ok
20:44:14.0656 2924 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:44:14.0671 2924 PCIIde - ok
20:44:14.0687 2924 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:44:14.0703 2924 Pcmcia - ok
20:44:14.0703 2924 PDCOMP - ok
20:44:14.0718 2924 PDFRAME - ok
20:44:14.0718 2924 PDRELI - ok
20:44:14.0734 2924 PDRFRAME - ok
20:44:14.0750 2924 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
20:44:14.0750 2924 perc2 - ok
20:44:14.0796 2924 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
20:44:14.0796 2924 perc2hib - ok
20:44:14.0859 2924 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
20:44:14.0859 2924 PlugPlay - ok
20:44:14.0937 2924 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:44:14.0937 2924 PolicyAgent - ok
20:44:14.0968 2924 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:44:14.0968 2924 PptpMiniport - ok
20:44:14.0984 2924 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:44:14.0984 2924 ProtectedStorage - ok
20:44:15.0015 2924 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:44:15.0015 2924 PSched - ok
20:44:15.0062 2924 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:44:15.0062 2924 Ptilink - ok
20:44:15.0109 2924 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:44:15.0109 2924 PxHelp20 - ok
20:44:15.0125 2924 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
20:44:15.0125 2924 ql1080 - ok
20:44:15.0140 2924 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
20:44:15.0140 2924 Ql10wnt - ok
20:44:15.0156 2924 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
20:44:15.0156 2924 ql12160 - ok
20:44:15.0171 2924 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
20:44:15.0187 2924 ql1240 - ok
20:44:15.0218 2924 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
20:44:15.0218 2924 ql1280 - ok
20:44:15.0218 2924 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:44:15.0234 2924 RasAcd - ok
20:44:15.0281 2924 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
20:44:15.0281 2924 RasAuto - ok
20:44:15.0296 2924 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:44:15.0296 2924 Rasl2tp - ok
20:44:15.0390 2924 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
20:44:15.0406 2924 RasMan - ok
20:44:15.0437 2924 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:44:15.0437 2924 RasPppoe - ok
20:44:15.0453 2924 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:44:15.0468 2924 Raspti - ok
20:44:15.0546 2924 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:44:15.0546 2924 Rdbss - ok
20:44:15.0562 2924 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:44:15.0562 2924 RDPCDD - ok
20:44:15.0640 2924 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:44:15.0656 2924 rdpdr - ok
20:44:16.0234 2924 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
20:44:16.0234 2924 RDPWD - ok
20:44:16.0281 2924 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
20:44:16.0281 2924 RDSessMgr - ok
20:44:16.0328 2924 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:44:16.0328 2924 redbook - ok
20:44:16.0390 2924 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
20:44:16.0390 2924 RemoteAccess - ok
20:44:16.0421 2924 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
20:44:16.0437 2924 RpcLocator - ok
20:44:16.0484 2924 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
20:44:16.0500 2924 RpcSs - ok
20:44:16.0546 2924 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
20:44:16.0546 2924 RSVP - ok
20:44:16.0578 2924 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:44:16.0578 2924 SamSs - ok
20:44:16.0640 2924 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
20:44:16.0640 2924 SCardSvr - ok
20:44:16.0687 2924 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
20:44:16.0687 2924 Schedule - ok
20:44:16.0750 2924 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:44:16.0750 2924 Secdrv - ok
20:44:16.0781 2924 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
20:44:16.0796 2924 seclogon - ok
20:44:16.0812 2924 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
20:44:16.0812 2924 SENS - ok
20:44:16.0859 2924 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:44:16.0875 2924 serenum - ok
20:44:16.0921 2924 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
20:44:16.0921 2924 Serial - ok
20:44:16.0968 2924 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:44:16.0968 2924 Sfloppy - ok
20:44:17.0046 2924 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
20:44:17.0062 2924 SharedAccess - ok
20:44:17.0125 2924 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:44:17.0140 2924 ShellHWDetection - ok
20:44:17.0156 2924 Simbad - ok
20:44:17.0187 2924 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
20:44:17.0187 2924 sisagp - ok
20:44:17.0234 2924 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
20:44:17.0234 2924 Sparrow - ok
20:44:17.0281 2924 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:44:17.0281 2924 splitter - ok
20:44:17.0359 2924 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:44:17.0375 2924 Spooler - ok
20:44:17.0421 2924 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
20:44:17.0437 2924 sr - ok
20:44:17.0515 2924 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
20:44:17.0515 2924 srservice - ok
20:44:17.0625 2924 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:44:17.0640 2924 Srv - ok
20:44:17.0687 2924 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
20:44:17.0687 2924 sscdbhk5 - ok
20:44:17.0750 2924 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
20:44:17.0750 2924 SSDPSRV - ok
20:44:17.0765 2924 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
20:44:17.0765 2924 ssrtln - ok
20:44:17.0906 2924 STHDA (0467a93b1e7fda167e01fdec79783154) C:\WINDOWS\system32\drivers\sthda.sys
20:44:18.0000 2924 STHDA - ok
20:44:18.0093 2924 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
20:44:18.0109 2924 stisvc - ok
20:44:18.0171 2924 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:44:18.0187 2924 swenum - ok
20:44:18.0203 2924 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:44:18.0203 2924 swmidi - ok
20:44:18.0218 2924 SwPrv - ok
20:44:18.0281 2924 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
20:44:18.0281 2924 symc810 - ok
20:44:18.0296 2924 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:44:18.0328 2924 symc8xx - ok
20:44:18.0468 2924 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
20:44:18.0468 2924 sym_hi - ok
20:44:18.0531 2924 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:44:18.0531 2924 sym_u3 - ok
20:44:18.0656 2924 SynTP (35d5b3632e0bcebe27b391157de05996) C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:44:18.0656 2924 SynTP - ok
20:44:18.0687 2924 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:44:18.0687 2924 sysaudio - ok
20:44:18.0734 2924 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
20:44:18.0734 2924 SysmonLog - ok
20:44:18.0781 2924 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
20:44:18.0781 2924 TapiSrv - ok
20:44:18.0859 2924 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:44:18.0890 2924 Tcpip - ok
20:44:18.0953 2924 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:44:18.0953 2924 TDPIPE - ok
20:44:18.0984 2924 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:44:18.0984 2924 TDTCP - ok
20:44:19.0000 2924 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:44:19.0000 2924 TermDD - ok
20:44:19.0062 2924 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
20:44:19.0062 2924 TermService - ok
20:44:19.0140 2924 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
20:44:19.0140 2924 tfsnboio - ok
20:44:19.0156 2924 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
20:44:19.0156 2924 tfsncofs - ok
20:44:19.0171 2924 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
20:44:19.0171 2924 tfsndrct - ok
20:44:19.0187 2924 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
20:44:19.0187 2924 tfsndres - ok
20:44:19.0218 2924 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
20:44:19.0218 2924 tfsnifs - ok
20:44:19.0234 2924 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
20:44:19.0234 2924 tfsnopio - ok
20:44:19.0250 2924 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
20:44:19.0250 2924 tfsnpool - ok
20:44:19.0281 2924 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
20:44:19.0281 2924 tfsnudf - ok
20:44:19.0296 2924 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
20:44:19.0312 2924 tfsnudfa - ok
20:44:19.0375 2924 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:44:19.0375 2924 Themes - ok
20:44:19.0421 2924 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
20:44:19.0421 2924 TosIde - ok
20:44:19.0484 2924 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
20:44:19.0484 2924 TrkWks - ok
20:44:19.0531 2924 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:44:19.0531 2924 Udfs - ok
20:44:19.0546 2924 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
20:44:19.0546 2924 ultra - ok
20:44:19.0609 2924 UMWdf (ab0a7ca90d9e3d6a193905dc1715ded0) C:\WINDOWS\system32\wdfmgr.exe
20:44:19.0609 2924 UMWdf - ok
20:44:19.0656 2924 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:44:19.0687 2924 Update - ok
20:44:19.0734 2924 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
20:44:19.0750 2924 upnphost - ok
20:44:19.0765 2924 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
20:44:19.0781 2924 UPS - ok
20:44:19.0828 2924 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:44:19.0828 2924 usbccgp - ok
20:44:19.0875 2924 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:44:19.0875 2924 usbehci - ok
20:44:19.0953 2924 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:44:19.0953 2924 usbhub - ok
20:44:19.0968 2924 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:44:19.0968 2924 usbprint - ok
20:44:20.0015 2924 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:44:20.0015 2924 usbscan - ok
20:44:20.0062 2924 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:44:20.0062 2924 USBSTOR - ok
20:44:20.0125 2924 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:44:20.0125 2924 usbuhci - ok
20:44:20.0156 2924 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:44:20.0156 2924 VgaSave - ok
20:44:20.0218 2924 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
20:44:20.0218 2924 viaagp - ok
20:44:20.0250 2924 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
20:44:20.0250 2924 ViaIde - ok
20:44:20.0312 2924 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
20:44:20.0312 2924 VolSnap - ok
20:44:20.0375 2924 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
20:44:20.0406 2924 VSS - ok
20:44:20.0468 2924 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
20:44:20.0468 2924 w32time - ok
20:44:20.0546 2924 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:44:20.0546 2924 Wanarp - ok
20:44:20.0562 2924 wanatw - ok
20:44:20.0593 2924 WDICA - ok
20:44:20.0625 2924 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:44:20.0625 2924 wdmaud - ok
20:44:20.0703 2924 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
20:44:20.0718 2924 WebClient - ok
20:44:20.0843 2924 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
20:44:20.0875 2924 winachsf - ok
20:44:21.0359 2924 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:44:21.0359 2924 winmgmt - ok
20:44:21.0375 2924 wltrysvc - ok
20:44:21.0625 2924 WmdmPmSN (140ef97b64f560fd78643cae2cdad838) C:\WINDOWS\system32\MsPMSNSv.dll
20:44:21.0625 2924 WmdmPmSN - ok
20:44:21.0750 2924 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:44:21.0750 2924 WmiApSrv - ok
20:44:21.0875 2924 WpdUsb (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\Drivers\wpdusb.sys
20:44:21.0875 2924 WpdUsb - ok
20:44:21.0953 2924 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:44:21.0953 2924 WS2IFSL - ok
20:44:22.0109 2924 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
20:44:22.0109 2924 wscsvc - ok
20:44:22.0125 2924 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
20:44:22.0140 2924 wuauserv - ok
20:44:22.0562 2924 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
20:44:22.0562 2924 WZCSVC - ok
20:44:22.0718 2924 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
20:44:22.0718 2924 xmlprov - ok
20:44:22.0750 2924 MBR (0x1B8) (91722e6bc3a2b40ff00222dca4a3db3e) \Device\Harddisk0\DR0
20:44:22.0875 2924 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:44:22.0875 2924 \Device\Harddisk0\DR0 - detected TDSS File System (1)
20:44:22.0906 2924 Boot (0x1200) (5dbbd96ee283dae4afb5163ff5fa0d9a) \Device\Harddisk0\DR0\Partition0
20:44:22.0921 2924 \Device\Harddisk0\DR0\Partition0 - ok
20:44:22.0921 2924 ============================================================
20:44:22.0921 2924 Scan finished
20:44:22.0953 2924 ============================================================
20:44:22.0984 2916 Detected object count: 1
20:44:22.0984 2916 Actual detected object count: 1
20:44:39.0671 2916 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
20:44:39.0671 2916 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
20:44:54.0562 4052 ============================================================
20:44:54.0562 4052 Scan started
20:44:54.0562 4052 Mode: Manual; TDLFS;
20:44:54.0562 4052 ============================================================
20:44:54.0734 4052 Abiosdsk - ok
20:44:54.0765 4052 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
20:44:54.0765 4052 abp480n5 - ok
20:44:54.0843 4052 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:44:54.0843 4052 ACPI - ok
20:44:54.0890 4052 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:44:54.0890 4052 ACPIEC - ok
20:44:55.0015 4052 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:44:55.0015 4052 AdobeFlashPlayerUpdateSvc - ok
20:44:55.0078 4052 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:44:55.0078 4052 adpu160m - ok
20:44:55.0125 4052 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:44:55.0140 4052 aec - ok
20:44:55.0218 4052 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:44:55.0218 4052 AFD - ok
20:44:55.0265 4052 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
20:44:55.0265 4052 agp440 - ok
20:44:55.0296 4052 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
20:44:55.0296 4052 agpCPQ - ok
20:44:55.0312 4052 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
20:44:55.0312 4052 Aha154x - ok
20:44:55.0343 4052 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:44:55.0343 4052 aic78u2 - ok
20:44:55.0375 4052 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:44:55.0375 4052 aic78xx - ok
20:44:55.0421 4052 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
20:44:55.0421 4052 Alerter - ok
20:44:55.0468 4052 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
20:44:55.0468 4052 ALG - ok
20:44:55.0515 4052 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
20:44:55.0515 4052 AliIde - ok
20:44:55.0562 4052 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
20:44:55.0562 4052 alim1541 - ok
20:44:55.0593 4052 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
20:44:55.0593 4052 amdagp - ok
20:44:55.0609 4052 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
20:44:55.0609 4052 amsint - ok
20:44:55.0656 4052 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
20:44:55.0671 4052 APPDRV - ok
20:44:55.0671 4052 AppMgmt - ok
20:44:55.0718 4052 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
20:44:55.0718 4052 asc - ok
20:44:55.0734 4052 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
20:44:55.0734 4052 asc3350p - ok
20:44:55.0750 4052 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
20:44:55.0750 4052 asc3550 - ok
20:44:55.0812 4052 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
20:44:55.0812 4052 ASCTRM - ok
20:44:55.0953 4052 aspnet_state (e1a1206a4fb19b675e947b29ccd25fba) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
20:44:55.0953 4052 aspnet_state - ok
20:44:56.0000 4052 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:44:56.0000 4052 AsyncMac - ok
20:44:56.0062 4052 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:44:56.0062 4052 atapi - ok
20:44:56.0078 4052 Atdisk - ok
20:44:56.0125 4052 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:44:56.0125 4052 Atmarpc - ok
20:44:56.0187 4052 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
20:44:56.0187 4052 AudioSrv - ok
20:44:56.0203 4052 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:44:56.0203 4052 audstub - ok
20:44:56.0281 4052 BCM43XX (30d20fc98bcfd52e1da778cf19b223d4) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
20:44:56.0281 4052 BCM43XX - ok
20:44:56.0359 4052 bcm4sbxp (c768c8a463d32c219ce291645a0621a4) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
20:44:56.0359 4052 bcm4sbxp - ok
20:44:56.0390 4052 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:44:56.0390 4052 Beep - ok
20:44:56.0453 4052 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
20:44:56.0453 4052 BITS - ok
20:44:56.0546 4052 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
20:44:56.0546 4052 Browser - ok
20:44:56.0593 4052 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
20:44:56.0593 4052 cbidf - ok
20:44:56.0609 4052 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:44:56.0609 4052 cbidf2k - ok
20:44:56.0781 4052 CCALib8 (8ef654045e518ac00e52e7a1e2d3ad70) C:\Program Files\Canon\CAL\CALMAIN.exe
20:44:56.0781 4052 CCALib8 - ok
20:44:56.0843 4052 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
20:44:56.0843 4052 cd20xrnt - ok
20:44:56.0890 4052 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:44:56.0890 4052 Cdaudio - ok
20:44:56.0921 4052 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:44:56.0921 4052 Cdfs - ok
20:44:56.0937 4052 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:44:56.0937 4052 Cdrom - ok
20:44:56.0953 4052 Changer - ok
20:44:57.0062 4052 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
20:44:57.0062 4052 CiSvc - ok
20:44:57.0187 4052 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
20:44:57.0187 4052 ClipSrv - ok
20:44:57.0265 4052 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:44:57.0281 4052 CmBatt - ok
20:44:57.0359 4052 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
20:44:57.0359 4052 CmdIde - ok
20:44:57.0390 4052 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:44:57.0390 4052 Compbatt - ok
20:44:57.0406 4052 COMSysApp - ok
20:44:57.0515 4052 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
20:44:57.0515 4052 Cpqarray - ok
20:44:57.0562 4052 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
20:44:57.0562 4052 CryptSvc - ok
20:44:57.0828 4052 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
20:44:57.0828 4052 dac2w2k - ok
20:44:57.0828 4052 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
20:44:57.0828 4052 dac960nt - ok
20:44:58.0281 4052 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
20:44:58.0281 4052 DcomLaunch - ok
20:44:58.0359 4052 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
20:44:58.0359 4052 Dhcp - ok
20:44:58.0390 4052 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:44:58.0390 4052 Disk - ok
20:44:58.0406 4052 dmadmin - ok
20:44:58.0500 4052 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
20:44:58.0500 4052 dmboot - ok
20:44:58.0546 4052 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
20:44:58.0546 4052 dmio - ok
20:44:58.0578 4052 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:44:58.0578 4052 dmload - ok
20:44:58.0609 4052 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
20:44:58.0609 4052 dmserver - ok
20:44:58.0656 4052 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:44:58.0656 4052 DMusic - ok
20:44:58.0718 4052 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
20:44:58.0718 4052 Dnscache - ok
20:44:58.0781 4052 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
20:44:58.0781 4052 Dot3svc - ok
20:44:58.0812 4052 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20:44:58.0812 4052 dpti2o - ok
20:44:58.0843 4052 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:44:58.0843 4052 drmkaud - ok
20:44:58.0937 4052 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
20:44:58.0937 4052 drvmcdb - ok
20:44:58.0968 4052 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
20:44:58.0968 4052 drvnddm - ok
20:44:59.0015 4052 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
20:44:59.0015 4052 E100B - ok
20:44:59.0046 4052 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
20:44:59.0046 4052 EapHost - ok
20:44:59.0093 4052 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
20:44:59.0093 4052 ERSvc - ok
20:44:59.0187 4052 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
20:44:59.0187 4052 Eventlog - ok
20:44:59.0281 4052 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
20:44:59.0296 4052 EventSystem - ok
20:44:59.0375 4052 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:44:59.0375 4052 Fastfat - ok
20:44:59.0437 4052 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:44:59.0437 4052 FastUserSwitchingCompatibility - ok
20:44:59.0515 4052 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
20:44:59.0531 4052 Fax - ok
20:44:59.0562 4052 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:44:59.0562 4052 Fdc - ok
20:44:59.0609 4052 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
20:44:59.0609 4052 Fips - ok
20:44:59.0656 4052 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:44:59.0656 4052 Flpydisk - ok
20:44:59.0703 4052 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:44:59.0718 4052 FltMgr - ok
20:44:59.0781 4052 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:44:59.0781 4052 Fs_Rec - ok
20:44:59.0812 4052 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:44:59.0812 4052 Ftdisk - ok
20:44:59.0890 4052 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:44:59.0890 4052 Gpc - ok
20:44:59.0937 4052 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:44:59.0937 4052 HDAudBus - ok
20:45:00.0062 4052 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:45:00.0062 4052 helpsvc - ok
20:45:00.0078 4052 HidServ - ok
20:45:00.0140 4052 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
20:45:00.0140 4052 hkmsvc - ok
20:45:00.0187 4052 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
20:45:00.0187 4052 hpn - ok
20:45:00.0250 4052 HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
20:45:00.0250 4052 HSFHWAZL - ok
20:45:00.0390 4052 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
20:45:00.0421 4052 HSF_DPV - ok
20:45:00.0500 4052 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:45:00.0500 4052 HTTP - ok
20:45:00.0546 4052 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
20:45:00.0562 4052 HTTPFilter - ok
20:45:00.0625 4052 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
20:45:00.0625 4052 i2omgmt - ok
20:45:00.0671 4052 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
20:45:00.0671 4052 i2omp - ok
20:45:00.0718 4052 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:45:00.0718 4052 i8042prt - ok
20:45:00.0937 4052 ialm (5a8e05f1d5c36abd58cffa111eb325ea) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
20:45:00.0968 4052 ialm - ok
20:45:01.0031 4052 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:45:01.0031 4052 Imapi - ok
20:45:01.0109 4052 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
20:45:01.0125 4052 ImapiService - ok
20:45:01.0171 4052 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
20:45:01.0171 4052 ini910u - ok
20:45:01.0234 4052 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
20:45:01.0234 4052 IntelIde - ok
20:45:01.0265 4052 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:45:01.0265 4052 intelppm - ok
20:45:01.0296 4052 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:45:01.0296 4052 Ip6Fw - ok
20:45:01.0343 4052 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:45:01.0343 4052 IpFilterDriver - ok
20:45:01.0375 4052 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:45:01.0375 4052 IpInIp - ok
20:45:01.0437 4052 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:45:01.0437 4052 IpNat - ok
20:45:01.0484 4052 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:45:01.0484 4052 IPSec - ok
20:45:01.0515 4052 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:45:01.0515 4052 IRENUM - ok
20:45:01.0531 4052 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:45:01.0546 4052 isapnp - ok
20:45:01.0703 4052 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
20:45:01.0703 4052 JavaQuickStarterService - ok
20:45:01.0734 4052 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:45:01.0734 4052 Kbdclass - ok
20:45:01.0781 4052 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:45:01.0781 4052 kmixer - ok
20:45:01.0859 4052 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:45:01.0875 4052 KSecDD - ok
20:45:01.0953 4052 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
20:45:01.0953 4052 lanmanserver - ok
20:45:02.0000 4052 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
20:45:02.0000 4052 lanmanworkstation - ok
20:45:02.0328 4052 Lavasoft Ad-Aware Service (93b3ef77866490c7daba054f6cbfcd51) C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
20:45:02.0390 4052 Lavasoft Ad-Aware Service - ok
20:45:02.0468 4052 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
20:45:02.0468 4052 Lavasoft Kernexplorer - ok
20:45:02.0609 4052 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
20:45:02.0609 4052 Lbd - ok
20:45:02.0625 4052 lbrtfdc - ok
20:45:02.0703 4052 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
20:45:02.0703 4052 LmHosts - ok
20:45:02.0765 4052 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
20:45:02.0765 4052 mdmxsdk - ok
20:45:02.0812 4052 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
20:45:02.0828 4052 Messenger - ok
20:45:02.0859 4052 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:45:02.0859 4052 mnmdd - ok
20:45:02.0937 4052 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
20:45:02.0937 4052 mnmsrvc - ok
20:45:02.0968 4052 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
20:45:02.0968 4052 Modem - ok
20:45:02.0984 4052 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:45:02.0984 4052 Mouclass - ok
20:45:03.0015 4052 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:45:03.0015 4052 MountMgr - ok
20:45:03.0093 4052 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:45:03.0093 4052 MozillaMaintenance - ok
20:45:03.0156 4052 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
20:45:03.0156 4052 mraid35x - ok
20:45:03.0187 4052 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:45:03.0187 4052 MRxDAV - ok
20:45:03.0281 4052 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:45:03.0281 4052 MRxSmb - ok
20:45:03.0328 4052 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
20:45:03.0328 4052 MSDTC - ok
20:45:03.0343 4052 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:45:03.0343 4052 Msfs - ok
20:45:03.0359 4052 MSIServer - ok
20:45:03.0406 4052 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:45:03.0406 4052 MSKSSRV - ok
20:45:03.0437 4052 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:45:03.0437 4052 MSPCLOCK - ok
20:45:03.0453 4052 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:45:03.0453 4052 MSPQM - ok
20:45:03.0500 4052 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:45:03.0500 4052 mssmbios - ok
20:45:03.0578 4052 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:45:03.0593 4052 Mup - ok
20:45:03.0671 4052 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
20:45:03.0687 4052 napagent - ok
20:45:03.0734 4052 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:45:03.0734 4052 NDIS - ok
20:45:03.0812 4052 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:45:03.0812 4052 NdisTapi - ok
20:45:03.0843 4052 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:45:03.0843 4052 Ndisuio - ok
20:45:03.0875 4052 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:45:03.0875 4052 NdisWan - ok
20:45:03.0953 4052 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:45:03.0953 4052 NDProxy - ok
20:45:04.0000 4052 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:45:04.0000 4052 NetBIOS - ok
20:45:04.0078 4052 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:45:04.0078 4052 NetBT - ok
20:45:04.0140 4052 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
20:45:04.0140 4052 NetDDE - ok
20:45:04.0156 4052 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
20:45:04.0171 4052 NetDDEdsdm - ok
20:45:04.0218 4052 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:45:04.0218 4052 Netlogon - ok
20:45:04.0265 4052 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
20:45:04.0265 4052 Netman - ok
20:45:04.0437 4052 NICCONFIGSVC (202abc5c766a9c0767ce83f98605ce96) C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
20:45:04.0437 4052 NICCONFIGSVC - ok
20:45:04.0546 4052 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
20:45:04.0546 4052 Nla - ok
20:45:04.0578 4052 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:45:04.0578 4052 Npfs - ok
20:45:04.0656 4052 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:45:04.0671 4052 Ntfs - ok
20:45:04.0687 4052 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:45:04.0687 4052 NtLmSsp - ok
20:45:04.0781 4052 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
20:45:04.0796 4052 NtmsSvc - ok
20:45:04.0859 4052 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:45:04.0859 4052 Null - ok
20:45:05.0078 4052 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:45:05.0125 4052 nv - ok
20:45:05.0250 4052 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:45:05.0250 4052 NwlnkFlt - ok
20:45:05.0265 4052 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:45:05.0265 4052 NwlnkFwd - ok
20:45:05.0312 4052 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
20:45:05.0312 4052 Parport - ok
20:45:05.0328 4052 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:45:05.0328 4052 PartMgr - ok
20:45:05.0359 4052 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
20:45:05.0359 4052 ParVdm - ok
20:45:05.0390 4052 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
20:45:05.0390 4052 PCI - ok
20:45:05.0406 4052 PCIDump - ok
20:45:05.0421 4052 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:45:05.0421 4052 PCIIde - ok
20:45:05.0453 4052 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:45:05.0453 4052 Pcmcia - ok
20:45:05.0468 4052 PDCOMP - ok
20:45:05.0484 4052 PDFRAME - ok
20:45:05.0500 4052 PDRELI - ok
20:45:05.0515 4052 PDRFRAME - ok
20:45:05.0546 4052 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
20:45:05.0562 4052 perc2 - ok
20:45:05.0578 4052 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
20:45:05.0578 4052 perc2hib - ok
20:45:05.0671 4052 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
20:45:05.0671 4052 PlugPlay - ok
20:45:05.0750 4052 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:45:05.0765 4052 PolicyAgent - ok
20:45:05.0781 4052 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:45:05.0781 4052 PptpMiniport - ok
20:45:05.0796 4052 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:45:05.0812 4052 ProtectedStorage - ok
20:45:05.0843 4052 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:45:05.0843 4052 PSched - ok
20:45:05.0906 4052 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:45:05.0906 4052 Ptilink - ok
20:45:05.0984 4052 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:45:05.0984 4052 PxHelp20 - ok
20:45:06.0000 4052 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
20:45:06.0015 4052 ql1080 - ok
20:45:06.0031 4052 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
20:45:06.0031 4052 Ql10wnt - ok
20:45:06.0046 4052 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
20:45:06.0046 4052 ql12160 - ok
20:45:06.0062 4052 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
20:45:06.0078 4052 ql1240 - ok
20:45:06.0125 4052 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
20:45:06.0125 4052 ql1280 - ok
20:45:06.0140 4052 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:45:06.0140 4052 RasAcd - ok
20:45:06.0203 4052 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
20:45:06.0203 4052 RasAuto - ok
20:45:06.0218 4052 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:45:06.0234 4052 Rasl2tp - ok
20:45:06.0312 4052 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
20:45:06.0312 4052 RasMan - ok
20:45:06.0343 4052 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:45:06.0343 4052 RasPppoe - ok
20:45:06.0359 4052 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:45:06.0359 4052 Raspti - ok
20:45:06.0406 4052 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:45:06.0406 4052 Rdbss - ok
20:45:06.0421 4052 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:45:06.0421 4052 RDPCDD - ok
20:45:06.0484 4052 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:45:06.0500 4052 rdpdr - ok
20:45:06.0546 4052 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
20:45:06.0546 4052 RDPWD - ok
20:45:06.0578 4052 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
20:45:06.0593 4052 RDSessMgr - ok
20:45:06.0640 4052 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:45:06.0656 4052 redbook - ok
20:45:06.0703 4052 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
20:45:06.0718 4052 RemoteAccess - ok
20:45:06.0750 4052 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
20:45:06.0750 4052 RpcLocator - ok
20:45:06.0843 4052 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
20:45:06.0859 4052 RpcSs - ok
20:45:06.0921 4052 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
20:45:06.0921 4052 RSVP - ok
20:45:06.0968 4052 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
20:45:06.0968 4052 SamSs - ok
20:45:07.0031 4052 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
20:45:07.0031 4052 SCardSvr - ok
20:45:07.0109 4052 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
20:45:07.0109 4052 Schedule - ok
20:45:07.0171 4052 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:45:07.0171 4052 Secdrv - ok
20:45:07.0218 4052 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
20:45:07.0218 4052 seclogon - ok
20:45:07.0234 4052 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
20:45:07.0250 4052 SENS - ok
20:45:07.0281 4052 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:45:07.0281 4052 serenum - ok
20:45:07.0343 4052 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
20:45:07.0343 4052 Serial - ok
20:45:07.0375 4052 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:45:07.0375 4052 Sfloppy - ok
20:45:07.0453 4052 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
20:45:07.0468 4052 SharedAccess - ok
20:45:07.0546 4052 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:45:07.0562 4052 ShellHWDetection - ok
20:45:07.0578 4052 Simbad - ok
20:45:07.0609 4052 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
20:45:07.0625 4052 sisagp - ok
20:45:07.0656 4052 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
20:45:07.0656 4052 Sparrow - ok
20:45:07.0703 4052 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:45:07.0703 4052 splitter - ok
20:45:07.0781 4052 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:45:07.0796 4052 Spooler - ok
20:45:07.0828 4052 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
20:45:07.0828 4052 sr - ok
20:45:07.0921 4052 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
20:45:07.0921 4052 srservice - ok
20:45:08.0031 4052 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:45:08.0031 4052 Srv - ok
20:45:08.0078 4052 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
20:45:08.0078 4052 sscdbhk5 - ok
20:45:08.0125 4052 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
20:45:08.0140 4052 SSDPSRV - ok
20:45:08.0156 4052 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
20:45:08.0156 4052 ssrtln - ok
20:45:08.0328 4052 STHDA (0467a93b1e7fda167e01fdec79783154) C:\WINDOWS\system32\drivers\sthda.sys
20:45:08.0343 4052 STHDA - ok
20:45:08.0421 4052 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
20:45:08.0437 4052 stisvc - ok
20:45:08.0515 4052 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:45:08.0515 4052 swenum - ok
20:45:08.0546 4052 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:45:08.0546 4052 swmidi - ok
20:45:08.0546 4052 SwPrv - ok
20:45:08.0609 4052 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
20:45:08.0609 4052 symc810 - ok
20:45:08.0640 4052 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:45:08.0640 4052 symc8xx - ok
20:45:08.0656 4052 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
20:45:08.0656 4052 sym_hi - ok
20:45:08.0687 4052 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:45:08.0687 4052 sym_u3 - ok
20:45:08.0734 4052 SynTP (35d5b3632e0bcebe27b391157de05996) C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:45:08.0750 4052 SynTP - ok
20:45:08.0781 4052 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:45:08.0781 4052 sysaudio - ok
20:45:08.0843 4052 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
20:45:08.0843 4052 SysmonLog - ok
20:45:08.0906 4052 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
20:45:08.0921 4052 TapiSrv - ok
20:45:09.0031 4052 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:45:09.0031 4052 Tcpip - ok
20:45:09.0093 4052 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:45:09.0093 4052 TDPIPE - ok
20:45:09.0125 4052 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:45:09.0125 4052 TDTCP - ok
20:45:09.0140 4052 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:45:09.0140 4052 TermDD - ok
20:45:09.0218 4052 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
20:45:09.0218 4052 TermService - ok
20:45:09.0296 4052 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
20:45:09.0296 4052 tfsnboio - ok
20:45:09.0312 4052 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
20:45:09.0312 4052 tfsncofs - ok
20:45:09.0343 4052 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
20:45:09.0343 4052 tfsndrct - ok
20:45:09.0359 4052 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
20:45:09.0359 4052 tfsndres - ok
20:45:09.0406 4052 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
20:45:09.0406 4052 tfsnifs - ok
20:45:09.0421 4052 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
20:45:09.0421 4052 tfsnopio - ok
20:45:09.0437 4052 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
20:45:09.0437 4052 tfsnpool - ok
20:45:09.0468 4052 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
20:45:09.0468 4052 tfsnudf - ok
20:45:09.0484 4052 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
20:45:09.0500 4052 tfsnudfa - ok
20:45:09.0578 4052 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
20:45:09.0578 4052 Themes - ok
20:45:09.0640 4052 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
20:45:09.0640 4052 TosIde - ok
20:45:09.0703 4052 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
20:45:09.0718 4052 TrkWks - ok
20:45:09.0765 4052 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:45:09.0781 4052 Udfs - ok
20:45:09.0796 4052 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
20:45:09.0796 4052 ultra - ok
20:45:09.0890 4052 UMWdf (ab0a7ca90d9e3d6a193905dc1715ded0) C:\WINDOWS\system32\wdfmgr.exe
20:45:09.0890 4052 UMWdf - ok
20:45:10.0140 4052 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:45:10.0140 4052 Update - ok
20:45:10.0203 4052 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
20:45:10.0218 4052 upnphost - ok
20:45:10.0250 4052 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
20:45:10.0265 4052 UPS - ok
20:45:10.0343 4052 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:45:10.0343 4052 usbccgp - ok
20:45:10.0421 4052 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:45:10.0421 4052 usbehci - ok
20:45:10.0500 4052 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:45:10.0500 4052 usbhub - ok
20:45:10.0515 4052 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:45:10.0515 4052 usbprint - ok
20:45:10.0562 4052 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:45:10.0562 4052 usbscan - ok
20:45:10.0609 4052 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:45:10.0609 4052 USBSTOR - ok
20:45:10.0640 4052 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:45:10.0640 4052 usbuhci - ok
20:45:10.0656 4052 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:45:10.0671 4052 VgaSave - ok
20:45:10.0718 4052 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
20:45:10.0718 4052 viaagp - ok
20:45:10.0750 4052 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
20:45:10.0750 4052 ViaIde - ok
20:45:10.0796 4052 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
20:45:10.0812 4052 VolSnap - ok
20:45:10.0875 4052 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
20:45:10.0890 4052 VSS - ok
20:45:10.0953 4052 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
20:45:10.0953 4052 w32time - ok
20:45:10.0984 4052 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:45:11.0000 4052 Wanarp - ok
20:45:11.0015 4052 wanatw - ok
20:45:11.0015 4052 WDICA - ok
20:45:11.0046 4052 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:45:11.0062 4052 wdmaud - ok
20:45:11.0078 4052 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
20:45:11.0093 4052 WebClient - ok
20:45:11.0218 4052 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
20:45:11.0218 4052 winachsf - ok
20:45:11.0343 4052 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:45:11.0343 4052 winmgmt - ok
20:45:11.0375 4052 wltrysvc - ok
20:45:11.0421 4052 WmdmPmSN (140ef97b64f560fd78643cae2cdad838) C:\WINDOWS\system32\MsPMSNSv.dll
20:45:11.0421 4052 WmdmPmSN - ok
20:45:11.0468 4052 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:45:11.0468 4052 WmiApSrv - ok
20:45:11.0500 4052 WpdUsb (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\Drivers\wpdusb.sys
20:45:11.0500 4052 WpdUsb - ok
20:45:11.0546 4052 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:45:11.0546 4052 WS2IFSL - ok
20:45:11.0625 4052 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
20:45:11.0625 4052 wscsvc - ok
20:45:11.0656 4052 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
20:45:11.0656 4052 wuauserv - ok
20:45:11.0765 4052 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
20:45:11.0781 4052 WZCSVC - ok
20:45:11.0828 4052 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
20:45:11.0843 4052 xmlprov - ok
20:45:11.0875 4052 MBR (0x1B8) (91722e6bc3a2b40ff00222dca4a3db3e) \Device\Harddisk0\DR0
20:45:11.0937 4052 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:45:11.0937 4052 \Device\Harddisk0\DR0 - detected TDSS File System (1)
20:45:11.0984 4052 Boot (0x1200) (5dbbd96ee283dae4afb5163ff5fa0d9a) \Device\Harddisk0\DR0\Partition0
20:45:11.0984 4052 \Device\Harddisk0\DR0\Partition0 - ok
20:45:11.0984 4052 ============================================================
20:45:11.0984 4052 Scan finished
20:45:11.0984 4052 ============================================================
20:45:12.0015 4044 Detected object count: 1
20:45:12.0015 4044 Actual detected object count: 1
20:45:29.0312 4044 \Device\Harddisk0\DR0\TDLFS\z00clicker.dll - copied to quarantine
20:45:29.0312 4044 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
20:45:29.0312 4044 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

#6 toyotaracer9

toyotaracer9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 14 May 2012 - 09:20 PM

this one is the other log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-14 20:53:56
-----------------------------
20:53:56.828 OS Version: Windows 5.1.2600 Service Pack 3
20:53:56.828 Number of processors: 1 586 0xD08
20:53:56.828 ComputerName: D8YT1V91 UserName: Shane
20:53:58.781 Initialize success
21:03:44.046 AVAST engine defs: 12051401
21:04:18.343 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
21:04:18.359 Disk 0 Vendor: FUJITSU_MHV2060AH 000000A0 Size: 57231MB BusType: 3
21:04:18.453 Disk 0 MBR read successfully
21:04:18.453 Disk 0 MBR scan
21:04:18.640 Disk 0 unknown MBR code
21:04:18.656 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
21:04:18.687 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 54093 MB offset 96390
21:04:18.734 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3074 MB offset 110896695
21:04:18.765 Disk 0 scanning sectors +117210224
21:04:18.921 Disk 0 scanning C:\WINDOWS\system32\drivers
21:04:35.859 Service scanning
21:05:03.406 Modules scanning
21:05:33.890 Disk 0 trace - called modules:
21:05:34.281 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
21:05:34.281 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82d89030]
21:05:34.296 3 CLASSPNP.SYS[f8532fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x82de6218]
21:05:34.843 AVAST engine scan C:\WINDOWS
21:05:50.140 AVAST engine scan C:\WINDOWS\system32
21:08:19.218 AVAST engine scan C:\WINDOWS\system32\drivers
21:08:47.953 AVAST engine scan C:\Documents and Settings\Shane
21:10:29.765 AVAST engine scan C:\Documents and Settings\All Users
21:11:20.531 Scan finished successfully
21:12:44.656 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Shane\Desktop\MBR.dat"
21:12:44.718 The log file has been saved successfully to "C:\Documents and Settings\Shane\Desktop\aswMBRscanlog.txt"

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:49 AM

Posted 15 May 2012 - 01:43 AM

Please post the GMER log too

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#8 toyotaracer9

toyotaracer9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 15 May 2012 - 08:00 AM

here is my new gmer.log


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-05-15 07:59:34
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 FUJITSU_MHV2060AH rev.000000A0
Running: wmgbh79u.exe; Driver: C:\DOCUME~1\Shane\LOCALS~1\Temp\pxlyapow.sys


---- System - GMER 1.0.15 ----

SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF854287E]
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF8542BFE]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[3136] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 011DC930 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3136] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 02380001
.text C:\Program Files\Mozilla Firefox\firefox.exe[3136] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 0140E0AA C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3136] kernel32.dll!MapViewOfFile 7C80B9A5 5 Bytes JMP 0140E083 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3136] GDI32.dll!CreateDIBSection 77F19E19 5 Bytes JMP 0140E00D C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3136] WS2_32.dll!WSALookupServiceNextW 71AB3181 6 Bytes JMP 71A50F5A
.text C:\Program Files\Mozilla Firefox\firefox.exe[3136] WS2_32.dll!WSALookupServiceEnd 71AB350E 6 Bytes JMP 71A20F5A
.text C:\Program Files\Mozilla Firefox\firefox.exe[3136] WS2_32.dll!WSALookupServiceBeginW 71AB35EF 6 Bytes JMP 71AF0F5A
.text C:\Program Files\Mozilla Firefox\firefox.exe[3136] WS2_32.dll!send 71AB4C27 6 Bytes JMP 719F0F5A
.text C:\Program Files\Mozilla Firefox\firefox.exe[3136] WS2_32.dll!WSARecv 71AB4CB5 6 Bytes JMP 71960F5A
.text C:\Program Files\Mozilla Firefox\firefox.exe[3136] WS2_32.dll!recv 71AB676F 6 Bytes JMP 719C0F5A
.text C:\Program Files\Mozilla Firefox\firefox.exe[3136] WS2_32.dll!WSASend 71AB68FA 6 Bytes JMP 71990F5A
.text C:\Program Files\Mozilla Firefox\firefox.exe[3136] WS2_32.dll!WSAGetOverlappedResult 71AC0D1B 6 Bytes JMP 71930F5A
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3968] USER32.dll!SetWindowLongA 7E42C29D 5 Bytes JMP 10665EE6 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3968] USER32.dll!SetWindowLongW 7E42C2BB 5 Bytes JMP 10665E78 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3968] USER32.dll!GetWindowInfo 7E42C49C 5 Bytes JMP 10454822 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3968] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 10454DD6 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \FileSystem\Fastfat \Fat A90AFD20

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- Files - GMER 1.0.15 ----

File C:\Documents and Settings\Shane\Local Settings\Temporary Internet Files\Content.IE5\GXE74HI7\stamp[1].txt 12 bytes

---- EOF - GMER 1.0.15 ----

#9 toyotaracer9

toyotaracer9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 15 May 2012 - 11:36 AM

this is minitool

MiniToolBox by Farbar Version: 18-01-2012
Ran by Shane (administrator) on 15-05-2012 at 11:33:14
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Dell Wireless 1470 Dual Band WLAN Mini-PCI Card = Wireless Network Connection (Connected)
Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : D8YT1V91

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : Belkin



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

Physical Address. . . . . . . . . : 00-14-22-A4-FF-F6



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . : Belkin

Description . . . . . . . . . . . : Dell Wireless 1470 Dual Band WLAN Mini-PCI Card

Physical Address. . . . . . . . . : 00-14-A5-4C-45-AD

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.2.3

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.2.1

DHCP Server . . . . . . . . . . . : 192.168.2.1

DNS Servers . . . . . . . . . . . : 192.168.2.1

Lease Obtained. . . . . . . . . . : Tuesday, May 15, 2012 9:16:43 AM

Lease Expires . . . . . . . . . . : Monday, January 18, 2038 10:14:07 PM

Server: UnKnown
Address: 192.168.2.1

Name: google.com
Addresses: 173.194.37.36, 173.194.37.32, 173.194.37.41, 173.194.37.34
173.194.37.35, 173.194.37.38, 173.194.37.40, 173.194.37.46, 173.194.37.39
173.194.37.37, 173.194.37.33



Pinging google.com [74.125.137.102] with 32 bytes of data:



Reply from 74.125.137.102: bytes=32 time=24ms TTL=49

Reply from 74.125.137.102: bytes=32 time=24ms TTL=49



Ping statistics for 74.125.137.102:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 24ms, Maximum = 24ms, Average = 24ms

Server: UnKnown
Address: 192.168.2.1

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=92ms TTL=46

Reply from 98.139.183.24: bytes=32 time=186ms TTL=45



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 92ms, Maximum = 186ms, Average = 139ms

Server: UnKnown
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 14 22 a4 ff f6 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
0x3 ...00 14 a5 4c 45 ad ...... Dell Wireless 1470 Dual Band WLAN Mini-PCI Card - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.3 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.2.0 255.255.255.0 192.168.2.3 192.168.2.3 25
192.168.2.3 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.2.255 255.255.255.255 192.168.2.3 192.168.2.3 25
224.0.0.0 240.0.0.0 192.168.2.3 192.168.2.3 25
255.255.255.255 255.255.255.255 192.168.2.3 2 1
255.255.255.255 255.255.255.255 192.168.2.3 192.168.2.3 1
Default Gateway: 192.168.2.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/14/2012 09:34:08 PM) (Source: Application Hang) (User: )
Description: Hanging application Ad-Aware.exe, version 9.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/12/2012 11:28:15 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (05/12/2012 11:28:15 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established

Error: (05/12/2012 09:29:58 AM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module mshtml.dll, version 6.0.2900.6197, fault address 0x00068d48.
Processing media-specific event for [explorer.exe!ws!]

Error: (05/11/2012 06:14:26 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.5512, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00001de6.
Error in creating result PEAP-TLV in response to received PEAP-TLV (svchost.exe!ld!)

Error: (05/11/2012 05:31:42 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.5512, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00001de6.
Processing media-specific event for [svchost.exe!ws!]

Error: (05/07/2012 08:59:02 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.

Error: (05/07/2012 08:59:02 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (05/02/2012 07:57:19 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.60.0.80, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (04/17/2012 00:46:22 PM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module mshtml.dll, version 6.0.2900.6197, fault address 0x001df66b.
Processing media-specific event for [explorer.exe!ws!]


System errors:
=============
Error: (05/15/2012 09:16:25 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
IntelIde

Error: (05/15/2012 09:16:21 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (05/15/2012 07:00:16 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (05/15/2012 07:00:04 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (05/14/2012 08:42:22 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
IntelIde

Error: (05/14/2012 05:24:28 PM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x8007054f: Security Update for Windows XP (KB2676562).

Error: (05/14/2012 05:24:26 PM) (Source: NtServicePack) (User: SYSTEM)
Description: Windows XP KB2676562 installation failed.
An internal error occurred.

Error: (05/14/2012 04:30:18 PM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x8007054f: Security Update for Windows XP (KB2676562).

Error: (05/14/2012 04:30:16 PM) (Source: NtServicePack) (User: SYSTEM)
Description: Windows XP KB2676562 installation failed.
An internal error occurred.

Error: (05/14/2012 08:29:36 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x8007054f: Security Update for Windows XP (KB2676562).


Microsoft Office Sessions:
=========================
Error: (05/14/2012 09:34:08 PM) (Source: Application Hang)(User: )
Description: Ad-Aware.exe9.0.0.0hungapp0.0.0.000000000

Error: (05/12/2012 11:28:15 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (05/12/2012 11:28:15 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtA connection with the server could not be established

Error: (05/12/2012 09:29:58 AM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.5512mshtml.dll6.0.2900.619700068d48

Error: (05/11/2012 06:14:26 PM) (Source: Application Error)(User: )
Description: svchost.exe5.1.2600.5512ntdll.dll5.1.2600.605500001de6

Error: (05/11/2012 05:31:42 PM) (Source: Application Error)(User: )
Description: svchost.exe5.1.2600.5512ntdll.dll5.1.2600.605500001de6

Error: (05/07/2012 08:59:02 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.

Error: (05/07/2012 08:59:02 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (05/02/2012 07:57:19 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.60.0.80hungapp0.0.0.000000000

Error: (04/17/2012 00:46:22 PM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.5512mshtml.dll6.0.2900.6197001df66b


=========================== Installed Programs ============================

Ad-Aware (Version: 9.6.0)
Ad-Aware Security Toolbar (Version: 0.9.1.8)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Reader 7.0 (Version: 7.0.0)
AOLIcon (Version: 1.00.0000)
Broadcom Management Programs (Version: 8.65.05)
Canon Camera Access Library (Version: 8.4.0.1)
Canon Camera Support Core Library (Version: 7.3.1.6)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.6.0.12)
Canon Internet Library for ZoomBrowser EX (Version: 1.6.2.7)
Canon Utilities CameraWindow (Version: 7.1.0.2)
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX (Version: 5.4.6.18)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.2.16)
Canon Utilities MyCamera (Version: 7.0.0.3)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9)
Canon Utilities ZoomBrowser EX (Version: 6.2.0.29)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.2.0.9)
Conexant HDA D110 MDC V.92 Modem
Corel Paint Shop Pro X (Version: 10.0)
Dell Digital Jukebox Driver
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Support 3.1 (Version: 5.1.760)
Dell System Restore (Version: 2.00.0000)
Dell Wireless WLAN Card (Version: 4.10.47.3)
Digital Content Portal (Version: 1.00.0000)
Digital Line Detect (Version: 1.15)
EducateU (Version: 1.00.0000)
ELIcon (Version: 1.00.0000)
ESET Online Scanner v3
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
HP Photosmart Plus B210 series Basic Device Software (Version: 22.50.231.0)
HP Photosmart Plus B210 series Help (Version: 140.0.54.54)
ImageMixer 3 SE Ver.5 Transfer Utility (Version: 3.04.009)
ImageMixer 3 SE Ver.5 Video Tools (Version: 3.04.014)
Intel® Graphics Media Accelerator Driver for Mobile (Version: 6.14.10.4410)
Internal Network Card Power Management (Version: 1.7.2)
Java 2 Runtime Environment, SE v1.4.2_03 (Version: 1.4.2_03)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Learn2 Player (Uninstall Only)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MCU (Version: 1.00.0000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Transfer Utility Ver.2 (Version: 1.01.006)
Musicmatch for Windows Media Player (Version: 0.00.000)
Musicmatch® Jukebox (Version: 10.10.0097)
NetWaiting (Version: 2.5.23)
PowerDVD 5.5
QuickSet (Version: 7.0.10)
QuickTime
RealPlayer Basic
Sonic DLA (Version: 4.95)
Sonic RecordNow Audio (Version: 2.0.0)
Sonic RecordNow Copy (Version: 2.0.0)
Sonic RecordNow Data (Version: 2.0.0)
Sonic Update Manager (Version: 3.0.0)
Synaptics Pointing Device Driver (Version: 8.2.4.3)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update for Windows XP (KB978207) (Version: 1)
Update for Windows XP (KB980182) (Version: 1)
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebCyberCoach 3.2 Dell
WebFldrs XP (Version: 9.50.7523)
WildTangent Web Driver
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 10 (Version: 9.00.3636)
Windows XP Service Pack 3 (Version: 20080414.031525)
WordPerfect Office 12 (Version: 12.01)

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 503.37 MB
Available physical RAM: 317.76 MB
Total Pagefile: 1228.1 MB
Available Pagefile: 1031.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.4 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:52.83 GB) (Free:41.31 GB) NTFS

========================= Users: ========================================

User accounts for \\D8YT1V91

Administrator Guest HelpAssistant
Misty Love Shane SUPPORT_388945a0


**** End of log ****

#10 toyotaracer9

toyotaracer9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 15 May 2012 - 11:38 AM

this is esetlog

C:\Documents and Settings\Misty Love\Local Settings\temp\plugtmp-1\plugin-ap1.php JS/Exploit.Pdfka.PIN trojan cleaned by deleting - quarantined





how am I looking ??

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:49 AM

Posted 15 May 2012 - 11:45 AM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

I would recommend you to upgrade to 1GB RAM to optimize your system performance.

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#12 toyotaracer9

toyotaracer9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 15 May 2012 - 02:11 PM

Ok everything looks and running great, now if I could ask you one more thing? How do I go about deleting all of the programs I installed, I would like to keep malwarebytes as I have been using it for a while with good results and using adware as my live watch. thanks for all of the patience and help!!

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:49 AM

Posted 15 May 2012 - 02:13 PM

You can simply delete all these tools

TDSSkiller,GMER ,fixtdss,mini toolbox,aswmbr

Go to add or remove programs and uninstall eset online scanner

Malwarebytes is a perfect choice

good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users