Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

XP boot with blue display message "initializecommand c0000033"


  • This topic is locked This topic is locked
76 replies to this topic

#1 lento

lento

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:46 AM

Posted 22 May 2012 - 05:21 PM

Hi,

Following your intructions I post the dds.txt first and atacht the ther files needed nly to remember the problem I have is a blue screen on windows boting with he nex message "initializecomand C0000033". I try to attacht akr.log but this file is too big, and if compress it with rar your system can't accept the file type. The first time I scan with GMER the system hang and now is totaly slowed, the akr.log Isaved was did on safe mode, how can attacht the file for you?:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31
Run by xxxxxx xxxxxx at 10:06:12 on 2012-05-22
Microsoft Windows XP Professional 5.1.2600.3.1252.34.1033.18.3070.1706 [GMT 2:00]
.
AV: AVG Anti-Virus Network Edition *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Norton Internet Worm Protection *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe
C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ArcGIS\License10.0\bin\ARCGIS.exe
svchost.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe
C:\Program Files\Telefonica\bin\tgsrvc.exe
C:\Program Files\2SE\The Owl\theowl_be.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\PROGRA~1\MICROS~2\Office14\OUTLOOK.EXE
C:\Documents and Settings\xxxxxx xxxxxx\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\xxxxxx xxxxxx\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\xxxxxx xxxxxx\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Documents and Settings\xxxxxx xxxxxx\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\xxxxxx xxxxxx\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\xxxxxx xxxxxx\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\xxxxxx xxxxxx\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\xxxxxx xxxxxx\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Total.Commander_v7.55a\Setup and Crack\TotalCmd.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uStart Page = hxxp://www.google.es/
uSearch Bar =
uInternet Settings,ProxyOverride = local
mSearchAssistant =
mURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {968631B6-4729-440D-9BF4-251F5593EC9A} - No File
TB: {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - No File
TB: {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
TB: {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - No File
TB: {577EBCA9-8ED3-45FC-A514-55B3817D4BCF} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
mRun: [Toshiba Hotkey Utility] "c:\program files\toshiba\windows utilities\Hotkey.exe" /lang ES
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [EOUApp] "c:\program files\intel\wireless\bin\EOUWiz.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRunOnce: [Regsister WScript] wscript -regserver
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\juanjo~1\startm~1\programs\startup\recort~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE
uPolicies-explorer: MaxRecentDocs = 11 (0xb)
uPolicies-explorer: NoSMBalloonTip = 0 (0x0)
uPolicies-system: disableregistrytoosl = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - res://c:\program files\flashcapture\fciext.dll/FCIEXT.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
Trusted Zone: fnmt.es
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://web.atar.rima-tde.net/sdccommon/download/tgctlcm.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} - hxxp://www.ipix.com/viewers/ipixx.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - hxxp://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
DPF: {2513AB48-1AEF-4E55-8329-927FF97C9DCE} - hxxp://www.lizardtech.com/plugin/MrSID_BPI.cab
DPF: {3BB4FE3B-7A37-11D3-A41E-0060080C03B3} - hxxp://www.igae.pap.meh.es/activex/NWWClientFullSP.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab
DPF: {4FEE6316-7B6F-4A6C-BD4E-4157C59A9E9D} - hxxp://static.s2g.gate5.de/ovi_maps/OviMaps_2.3.37.6.cab
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1217354128968
DPF: {5D80A6D1-B500-47DA-82B8-EB9875F85B4D} - hxxp://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab
DPF: {62789780-B744-11D0-986B-00609731A21D} - hxxp://www.stig.usal.es/WebGestionEspacios/classes/mgaxctrl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
DPF: {B6F0855B-A06D-498B-A537-80AFF04A1B4E} - hxxps://www.movistar.es/o1/http/WSClient.cab
DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} - hxxps://www2.agenciatributaria.gob.es/ES13/h/CACTIVEX.CAB
DPF: {B785FA3C-1DE9-4D20-8396-613C486FE960} - hxxps://host.cixtec.es/XEITO/javascr/sinatura.cab
DPF: {CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_08-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab
DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} - hxxp://www.instantaction.com/download/iaplayer.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5334/mcfscan.cab
TCP: DhcpNameServer = 80.58.61.250 80.58.61.254
TCP: Interfaces\{700F6520-5F63-425F-8315-E36AD2C70FA2} : DhcpNameServer = 80.58.61.250 80.58.61.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: x-excid - {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\windows\downloaded program files\mimectl.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: ShellExecuteHook contra el software malintencionado de Microsoft: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\xxxxxx xxxxxx\application data\mozilla\firefox\profiles\5zx7s393.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\xxxxxx xxxxxx\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\acrobat 9.0\acrobat\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdjvu.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
.
============= SERVICES / DRIVERS ===============
.
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2008-11-14 52872]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-11-14 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-11-14 29712]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-11-14 243152]
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [2011-2-20 33824]
R1 SWIPsec;SonicWALL IPsec Driver;c:\windows\system32\drivers\SWIPsec.sys [2011-4-15 87064]
R1 vcdrom;Virtual CD-ROM Device Driver;c:\windows\system32\VCdRom.sys [2001-12-19 8576]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/01/06 16:17:39];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2010-3-13 87536]
R2 ArcGIS License Manager;ArcGIS License Manager;c:\program files\arcgis\license10.0\bin\lmgrd.exe [2010-11-9 1377104]
R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-10-21 308136]
R2 Iprip;RIP Listener;c:\windows\system32\svchost.exe -k netsvcs [2006-3-10 14336]
R2 MicroGuard;MicroGuard Copy Protection;c:\windows\system32\drivers\mgnt.sys [2007-9-30 40480]
R2 SWGVCSvc;SonicWALL Global VPN Client Service;c:\program files\sonicwall\sonicwall global vpn client\SWGVCSvc.exe [2009-3-5 227352]
R2 tgsrvc_telefonica;SupportSoft Repair Service (telefonica);c:\program files\telefonica\bin\tgsrvc.exe [2010-3-29 185640]
R2 theowl_be;The Owl;c:\program files\2se\the owl\theowl_be.exe [2012-3-5 596480]
R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [2006-3-23 7040]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S2 SSIPDDP;SSIPDDP Parallel port device driver;c:\windows\system32\drivers\ssipddp.sys [2009-5-26 54272]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-8 257696]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]
S3 EMVSCARD;EMVSCARD;c:\windows\system32\drivers\EMVSCARD.sys [2006-9-18 20269]
S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [2007-10-6 32377]
S3 rcvpn;SonicWALL VPN Adapter;c:\windows\system32\drivers\rcvpn.sys --> c:\windows\system32\drivers\rcvpn.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2011-9-28 27064]
S3 rkhdrv40;Rootkit Unhooker Driver; [x]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC;c:\windows\system32\drivers\sffp_mmc.sys [2008-5-9 10240]
S3 silabenm;CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\drivers\silabenm.sys [2012-3-23 47176]
S3 silabser;CP210x USB to UART Bridge Driver;c:\windows\system32\drivers\silabser.sys [2011-12-31 61312]
S3 SWUSBFLT;Microsoft SideWinder VIA Filter Driver;c:\windows\system32\drivers\SWUSBFLT.SYS [2007-7-22 3968]
S3 SWVNIC;SonicWALL Virtual Miniport;c:\windows\system32\drivers\SWVNIC.sys [2009-3-4 21016]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2006-3-10 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 zlportio;zlportio;\??\c:\documents and settings\xxxxxx xxxxxx\my documents\downloads\ultrastardx-101a-lite\zlportio.sys --> c:\documents and settings\xxxxxx xxxxxx\my documents\downloads\ultrastardx-101a-lite\zlportio.sys [?]
S4 KMService;KMService;c:\windows\system32\srvany.exe [2011-9-29 8192]
.
=============== File Associations ===============
.
inifile=Notepad.exe "%1"
JSEFile=NOTEPAD.EXE %1
txtfile=Notepad.exe "%1"
.
=============== Created Last 30 ================
.
2012-05-20 14:53:18 174592 ----a-w- c:\windows\system32\framedyn.dll
2012-05-20 13:57:01 -------- d-----w- C:\_OTL
2012-05-11 19:07:53 4140192 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-05-03 19:55:30 -------- d-----w- c:\program files\2SE
2012-04-29 15:05:00 592824 ----a-w- c:\program files\mozilla firefox\gkmedias.dll
2012-04-29 15:05:00 44472 ----a-w- c:\program files\mozilla firefox\mozglue.dll
2012-04-27 15:47:47 -------- d-----w- c:\program files\Pocket METAR
2012-04-23 14:03:33 -------- d-----w- c:\windows\system32\shxfont
2012-04-23 14:03:32 -------- d-----w- c:\windows\system32\ps
2012-04-23 11:30:07 -------- d-----w- c:\documents and settings\xxxxxx xxxxxx\local settings\application data\DWG Fix Free
2012-04-22 14:46:08 -------- d-----w- c:\program files\Microsoft ActiveSync
.
==================== Find3M ====================
.
2012-05-12 08:11:52 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-12 08:11:52 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-23 10:54:21 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
2012-04-11 13:14:41 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 13:12:06 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 12:35:51 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-08 15:34:09 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-08 15:34:08 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-22 19:12:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr
2012-03-18 17:51:28 57344 ----a-w- c:\documents and settings\xxxxxx xxxxxx\iSetupNI.dll
2012-03-05 08:31:42 47176 ----a-w- c:\windows\system32\drivers\silabenm.sys
2012-03-05 07:31:58 61312 ----a-w- c:\windows\system32\drivers\silabser.sys
2012-03-03 21:43:19 87064 ----a-w- c:\windows\system32\drivers\SWIPsec.sys
2012-03-02 18:53:29 106557 ----a-w- c:\windows\system32\btw_ci.dll
2012-03-01 11:01:32 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 11:01:32 43520 ------w- c:\windows\system32\licmgr10.dll
2012-03-01 11:01:32 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10:16 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10:16 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17:40 385024 ------w- c:\windows\system32\html.iec
.
============= FINISH: 10:08:06.67 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:46 AM

Posted 23 May 2012 - 05:14 AM

Hi, can you zip up the GMER log and attach it to your post?

Download BlueScreenView
No installation required.
Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit>Select All.
Go File>Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#3 lento

lento
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:46 AM

Posted 23 May 2012 - 07:27 AM

Ok. I try to attach akr.log in rar format, then I attacht like zip. Unfortunately a blue screen of death appears in my last session, this is the first time it happen, now I'm in safe mode with avg scan process running, all the morning working because the system are very slow now. I try to finish this scan and the I'll post the information you ask me.

Thanks

#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:46 AM

Posted 23 May 2012 - 08:28 AM

Okay, if you encounter any trouble, please let me know.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#5 lento

lento
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:46 AM

Posted 23 May 2012 - 01:36 PM

This is the bluescreenview, I did on safe mode... attached akr.zip.


==================================================
Filename : ntoskrnl.exe
Address In Stack : ntoskrnl.exe+bb6e
From Address : 0x804d7000
To Address : 0x80700000
Size : 0x00229000
Time Stamp : 0x4f8583b6
Time String : 11/04/2012 15:14:30
Product Name : Microsoft® Windows® Operating System
File Description : NT Kernel & System
File Version : 5.1.2600.6206 (xpsp_sp3_gdr.120411-1615)
Company : Microsoft Corporation
Full Path : C:\WINDOWS\system32\ntoskrnl.exe
==================================================

Attached Files

  • Attached File  akr.zip   88.25KB   1 downloads


#6 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:46 AM

Posted 23 May 2012 - 01:49 PM

Hi again,

COMBOFIX
---------------
Please download ComboFix from one of these locations:
Bleepingcomputer
ForoSpyware
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#7 lento

lento
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:46 AM

Posted 23 May 2012 - 04:54 PM

The message is continuing appearing, the blue screen is a page with a white windows xp logo on the right top corner. The screen has two blue darker bands on top and bottom, the inner part of the page is blue clear and contents the "initializecommand C0000033" message with white letters.

Now the system is extremely slow.

Thanks for your help.

Attached Files



#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:46 AM

Posted 24 May 2012 - 01:12 AM

Hello again,

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#9 lento

lento
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:46 AM

Posted 24 May 2012 - 02:28 AM

No threats found with TDSKiller
Thank you for your time

09:13:27.0203 0432 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
09:13:27.0656 0432 ============================================================
09:13:27.0656 0432 Current date / time: 2012/05/24 09:13:27.0656
09:13:27.0656 0432 SystemInfo:
09:13:27.0656 0432
09:13:27.0656 0432 OS Version: 5.1.2600 ServicePack: 3.0
09:13:27.0656 0432 Product type: Workstation
09:13:27.0656 0432 ComputerName: TAF_JUANJO
09:13:27.0656 0432 UserName: Juanjo Hierro
09:13:27.0656 0432 Windows directory: C:\WINDOWS
09:13:27.0656 0432 System windows directory: C:\WINDOWS
09:13:27.0656 0432 Processor architecture: Intel x86
09:13:27.0656 0432 Number of processors: 2
09:13:27.0656 0432 Page size: 0x1000
09:13:27.0656 0432 Boot type: Normal boot
09:13:27.0656 0432 ============================================================
09:13:31.0109 0432 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:13:31.0125 0432 Drive \Device\Harddisk1\DR3 - Size: 0xE8E0B00000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:13:31.0125 0432 ============================================================
09:13:31.0125 0432 \Device\Harddisk0\DR0:
09:13:31.0125 0432 MBR partitions:
09:13:31.0125 0432 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1299B262
09:13:31.0125 0432 \Device\Harddisk1\DR3:
09:13:31.0125 0432 MBR partitions:
09:13:31.0125 0432 \Device\Harddisk1\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
09:13:31.0125 0432 ============================================================
09:13:31.0234 0432 C: <-> \Device\Harddisk0\DR0\Partition0
09:13:31.0546 0432 E: <-> \Device\Harddisk1\DR3\Partition0
09:13:31.0625 0432 ============================================================
09:13:31.0625 0432 Initialize success
09:13:31.0625 0432 ============================================================
09:13:45.0390 2124 ============================================================
09:13:45.0390 2124 Scan started
09:13:45.0390 2124 Mode: Manual;
09:13:45.0390 2124 ============================================================
09:13:46.0421 2124 Abiosdsk - ok
09:13:46.0421 2124 abp480n5 - ok
09:13:46.0703 2124 ACEDRV07 (4e5451dd0aec8504d7f8030dd2d4c416) C:\WINDOWS\system32\drivers\ACEDRV07.sys
09:13:46.0703 2124 ACEDRV07 - ok
09:13:46.0843 2124 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:13:46.0937 2124 ACPI - ok
09:13:46.0953 2124 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
09:13:46.0953 2124 ACPIEC - ok
09:13:47.0171 2124 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
09:13:47.0203 2124 Adobe LM Service - ok
09:13:47.0640 2124 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:13:47.0765 2124 AdobeFlashPlayerUpdateSvc - ok
09:13:47.0765 2124 adpu160m - ok
09:13:47.0875 2124 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:13:47.0953 2124 aec - ok
09:13:48.0031 2124 AegisP (12dafd934641dcf61e446313bc261ec2) C:\WINDOWS\system32\DRIVERS\AegisP.sys
09:13:48.0031 2124 AegisP - ok
09:13:48.0140 2124 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:13:48.0171 2124 AFD - ok
09:13:48.0187 2124 Aha154x - ok
09:13:48.0187 2124 aic78u2 - ok
09:13:48.0203 2124 aic78xx - ok
09:13:48.0265 2124 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
09:13:48.0281 2124 Alerter - ok
09:13:48.0312 2124 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
09:13:48.0312 2124 ALG - ok
09:13:48.0328 2124 AliIde - ok
09:13:48.0328 2124 amsint - ok
09:13:48.0640 2124 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
09:13:48.0734 2124 AppMgmt - ok
09:13:49.0796 2124 ArcGIS License Manager (6fac4e9e361383c8b8d93da0c3722619) C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe
09:13:50.0671 2124 ArcGIS License Manager - ok
09:13:51.0421 2124 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:13:51.0437 2124 Arp1394 - ok
09:13:51.0453 2124 asc - ok
09:13:51.0453 2124 asc3350p - ok
09:13:51.0453 2124 asc3550 - ok
09:13:51.0859 2124 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:13:51.0890 2124 aspnet_state - ok
09:13:51.0921 2124 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:13:51.0937 2124 AsyncMac - ok
09:13:52.0000 2124 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:13:52.0000 2124 atapi - ok
09:13:52.0000 2124 Atdisk - ok
09:13:52.0062 2124 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:13:52.0093 2124 Atmarpc - ok
09:13:52.0171 2124 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
09:13:52.0203 2124 AudioSrv - ok
09:13:52.0218 2124 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:13:52.0218 2124 audstub - ok
09:13:52.0234 2124 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:13:52.0234 2124 Beep - ok
09:13:52.0703 2124 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
09:13:53.0250 2124 BITS - ok
09:13:53.0296 2124 BoiHwsetup (141befbd4f2a84a66e2f54b9e32e40d1) C:\WINDOWS\system32\drivers\BoiHwSetup.sys
09:13:53.0312 2124 BoiHwsetup - ok
09:13:53.0875 2124 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files\Bonjour\mDNSResponder.exe
09:13:54.0078 2124 Bonjour Service - ok
09:13:54.0156 2124 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
09:13:54.0187 2124 Bridge - ok
09:13:54.0187 2124 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
09:13:54.0187 2124 BridgeMP - ok
09:13:54.0265 2124 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
09:13:54.0281 2124 Browser - ok
09:13:54.0328 2124 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
09:13:54.0343 2124 BthEnum - ok
09:13:54.0406 2124 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
09:13:54.0468 2124 BthPan - ok
09:13:54.0843 2124 BTHPORT (662bfd909447dd9cc15b1a1c366583b4) C:\WINDOWS\system32\Drivers\BTHport.sys
09:13:54.0937 2124 BTHPORT - ok
09:13:55.0015 2124 BthServ (f4c43c66471b87996d95db7a3a664a37) C:\WINDOWS\System32\bthserv.dll
09:13:55.0015 2124 BthServ - ok
09:13:55.0062 2124 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
09:13:55.0078 2124 BTHUSB - ok
09:13:55.0078 2124 btkrnl - ok
09:13:55.0234 2124 catchme - ok
09:13:55.0265 2124 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:13:55.0281 2124 cbidf2k - ok
09:13:55.0281 2124 cd20xrnt - ok
09:13:55.0312 2124 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:13:55.0328 2124 Cdaudio - ok
09:13:55.0375 2124 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:13:55.0406 2124 Cdfs - ok
09:13:55.0671 2124 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:13:55.0703 2124 Cdrom - ok
09:13:55.0937 2124 CFSvcs (3cb0cc8879956c187e87e18634ee5164) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
09:13:55.0953 2124 CFSvcs - ok
09:13:55.0953 2124 Changer - ok
09:13:56.0000 2124 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
09:13:56.0000 2124 CiSvc - ok
09:13:56.0062 2124 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
09:13:56.0078 2124 ClipSrv - ok
09:13:56.0296 2124 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:13:56.0546 2124 clr_optimization_v2.0.50727_32 - ok
09:13:56.0875 2124 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:13:57.0078 2124 clr_optimization_v4.0.30319_32 - ok
09:13:57.0156 2124 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
09:13:57.0171 2124 CmBatt - ok
09:13:57.0171 2124 CmdIde - ok
09:13:57.0203 2124 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:13:57.0203 2124 Compbatt - ok
09:13:57.0203 2124 COMSysApp - ok
09:13:57.0203 2124 Cpqarray - ok
09:13:57.0281 2124 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
09:13:57.0296 2124 cpudrv - ok
09:13:57.0375 2124 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
09:13:57.0406 2124 CryptSvc - ok
09:13:57.0406 2124 dac2w2k - ok
09:13:57.0406 2124 dac960nt - ok
09:13:57.0890 2124 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
09:13:58.0125 2124 DcomLaunch - ok
09:13:58.0234 2124 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
09:13:58.0296 2124 Dhcp - ok
09:13:58.0328 2124 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:13:58.0343 2124 Disk - ok
09:13:58.0437 2124 DLABOIOM (ee4325becef51b8c32b4329097e4f301) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
09:13:58.0453 2124 DLABOIOM - ok
09:13:58.0453 2124 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
09:13:58.0468 2124 DLACDBHM - ok
09:13:58.0578 2124 DLADResN (4bc6fb5d5159813adfbe584564f378c3) C:\WINDOWS\system32\DLA\DLADResN.SYS
09:13:58.0625 2124 DLADResN - ok
09:13:58.0812 2124 DLAIFS_M (752376e109a090970bfa9722f0f40b03) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
09:13:58.0859 2124 DLAIFS_M - ok
09:13:58.0890 2124 DLAOPIOM (62ee7902e74b90bf1ccc4643fc6c07a7) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
09:13:58.0890 2124 DLAOPIOM - ok
09:13:58.0906 2124 DLAPoolM (5c220124c5afeaee84a9bb89d685c17b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
09:13:58.0921 2124 DLAPoolM - ok
09:13:58.0937 2124 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
09:13:58.0937 2124 DLARTL_N - ok
09:13:59.0000 2124 DLAUDFAM (4ebb78d9bbf072119363b35b9b3e518f) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
09:13:59.0062 2124 DLAUDFAM - ok
09:13:59.0156 2124 DLAUDF_M (333b770e52d2cea7bd86391120466e43) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
09:13:59.0203 2124 DLAUDF_M - ok
09:13:59.0203 2124 dmadmin - ok
09:13:59.0890 2124 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
09:14:00.0296 2124 dmboot - ok
09:14:00.0406 2124 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
09:14:00.0546 2124 dmio - ok
09:14:00.0703 2124 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:14:00.0718 2124 dmload - ok
09:14:00.0781 2124 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
09:14:00.0796 2124 dmserver - ok
09:14:00.0859 2124 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:14:00.0875 2124 DMusic - ok
09:14:01.0000 2124 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\WINDOWS\system32\DRIVERS\dne2000.sys
09:14:01.0000 2124 DNE - ok
09:14:01.0078 2124 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
09:14:01.0078 2124 Dnscache - ok
09:14:01.0187 2124 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
09:14:01.0250 2124 Dot3svc - ok
09:14:01.0250 2124 dpti2o - ok
09:14:01.0296 2124 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:14:01.0296 2124 drmkaud - ok
09:14:01.0359 2124 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
09:14:01.0406 2124 DRVMCDB - ok
09:14:01.0421 2124 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
09:14:01.0453 2124 DRVNDDM - ok
09:14:01.0765 2124 E100B (2646883e6dd867cd872d5b51b6036710) C:\WINDOWS\system32\DRIVERS\e100b325.sys
09:14:01.0843 2124 E100B - ok
09:14:01.0984 2124 e1express (e1fa10ed8f9f700c1be1eae05a80ef57) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
09:14:02.0062 2124 e1express - ok
09:14:02.0125 2124 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
09:14:02.0140 2124 EapHost - ok
09:14:02.0843 2124 eeCtrl (1df3d1be3403d663827496e62d24ca4c) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
09:14:02.0843 2124 eeCtrl - ok
09:14:03.0093 2124 ehRecvr (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe
09:14:03.0203 2124 ehRecvr - ok
09:14:03.0312 2124 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe
09:14:03.0359 2124 ehSched - ok
09:14:03.0421 2124 EMVSCARD (19d61bb8773dac8f006c64dac3804acf) C:\WINDOWS\system32\Drivers\EMVSCARD.sys
09:14:03.0437 2124 EMVSCARD - ok
09:14:03.0671 2124 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
09:14:03.0671 2124 ERSvc - ok
09:14:03.0734 2124 esgiguard - ok
09:14:03.0859 2124 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
09:14:03.0921 2124 Eventlog - ok
09:14:04.0109 2124 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
09:14:04.0218 2124 EventSystem - ok
09:14:04.0375 2124 EvtEng (56ded3ade453272e6a0ad582d945d1a4) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
09:14:04.0421 2124 EvtEng - ok
09:14:04.0750 2124 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:14:04.0812 2124 Fastfat - ok
09:14:04.0937 2124 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:14:04.0984 2124 FastUserSwitchingCompatibility - ok
09:14:05.0015 2124 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
09:14:05.0031 2124 Fdc - ok
09:14:05.0062 2124 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
09:14:05.0062 2124 Fips - ok
09:14:05.0968 2124 FLEXnet Licensing Service (73081cf28f0ae20a52ca4f67cee6e6b0) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:14:06.0484 2124 FLEXnet Licensing Service - ok
09:14:07.0453 2124 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
09:14:07.0453 2124 Flpydisk - ok
09:14:07.0750 2124 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:14:07.0812 2124 FltMgr - ok
09:14:08.0000 2124 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:14:08.0031 2124 FontCache3.0.0.0 - ok
09:14:08.0062 2124 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:14:08.0062 2124 Fs_Rec - ok
09:14:08.0140 2124 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:14:08.0203 2124 Ftdisk - ok
09:14:08.0281 2124 GcKernel (72fe2bea6863d4eb93442a1c4fb5ca48) C:\WINDOWS\system32\DRIVERS\GcKernel.sys
09:14:08.0312 2124 GcKernel - ok
09:14:08.0343 2124 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:14:08.0375 2124 Gpc - ok
09:14:08.0437 2124 grmnusb (6003bc70f1a8307262bd3c941bda0b7e) C:\WINDOWS\system32\drivers\grmnusb.sys
09:14:08.0437 2124 grmnusb - ok
09:14:08.0890 2124 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:14:08.0968 2124 gusvc - ok
09:14:09.0375 2124 Hardlock (ed32d389f8b0e74e400932e020bcfbdf) C:\WINDOWS\system32\drivers\hardlock.sys
09:14:09.0921 2124 Hardlock - ok
09:14:10.0062 2124 Haspnt (2dd25f060dc9f79b5cdf33d90ed93669) C:\WINDOWS\system32\drivers\Haspnt.sys
09:14:10.0093 2124 Haspnt - ok
09:14:10.0437 2124 HdAudAddService (a8bccb6ab8e43c39f4ef1bc4db8d6165) C:\WINDOWS\system32\drivers\CHDAud.sys
09:14:10.0437 2124 HdAudAddService - ok
09:14:10.0750 2124 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:14:10.0750 2124 HDAudBus - ok
09:14:10.0875 2124 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:14:10.0890 2124 helpsvc - ok
09:14:10.0953 2124 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
09:14:10.0953 2124 HidServ - ok
09:14:11.0000 2124 HIDSwvd (bd205320308fb41c88a4049a2d1764b4) C:\WINDOWS\system32\DRIVERS\HIDSwvd.sys
09:14:11.0000 2124 HIDSwvd - ok
09:14:11.0046 2124 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:14:11.0062 2124 HidUsb - ok
09:14:11.0156 2124 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
09:14:11.0187 2124 hkmsvc - ok
09:14:11.0187 2124 hpn - ok
09:14:11.0265 2124 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
09:14:11.0296 2124 HPZid412 - ok
09:14:11.0343 2124 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
09:14:11.0359 2124 HPZipr12 - ok
09:14:11.0375 2124 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
09:14:11.0390 2124 HPZius12 - ok
09:14:11.0390 2124 HSFHWAZL - ok
09:14:12.0187 2124 HSF_DPV (9efa5fec26cec696a66a891ac90b412d) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
09:14:12.0187 2124 HSF_DPV - ok
09:14:12.0328 2124 HSXHWAZL (7e775360ece92156ced6ed3b1daf6208) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
09:14:12.0328 2124 HSXHWAZL - ok
09:14:12.0703 2124 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
09:14:12.0796 2124 HTTP - ok
09:14:12.0859 2124 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
09:14:12.0921 2124 HTTPFilter - ok
09:14:12.0937 2124 i2omgmt - ok
09:14:12.0937 2124 i2omp - ok
09:14:13.0000 2124 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:14:13.0031 2124 i8042prt - ok
09:14:14.0000 2124 ialm (81efe1c5542afb2570758f39ae3b1151) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
09:14:14.0906 2124 ialm - ok
09:14:15.0171 2124 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
09:14:15.0218 2124 IDriverT - ok
09:14:16.0171 2124 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:14:16.0640 2124 idsvc - ok
09:14:17.0140 2124 IISADMIN (db3c22745c0da4666f3be31f1af36b2f) C:\WINDOWS\system32\inetsrv\inetinfo.exe
09:14:17.0140 2124 IISADMIN - ok
09:14:17.0312 2124 imagedrv (1e90556b48615d7dfecb857c56e89222) C:\WINDOWS\system32\Drivers\imagedrv.sys
09:14:17.0312 2124 imagedrv - ok
09:14:17.0406 2124 imagesrv (a24dd16fcaf1b68c7cf3b17a6ef52b43) C:\WINDOWS\system32\DRIVERS\imagesrv.sys
09:14:17.0468 2124 imagesrv - ok
09:14:17.0515 2124 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:14:17.0531 2124 Imapi - ok
09:14:17.0671 2124 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
09:14:17.0718 2124 ImapiService - ok
09:14:17.0718 2124 ini910u - ok
09:14:20.0359 2124 IntcAzAudAddService (febb470bf0de4dbebbf72b79df993c5f) C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:14:22.0687 2124 IntcAzAudAddService - ok
09:14:23.0343 2124 IntelIde - ok
09:14:23.0375 2124 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:14:23.0390 2124 intelppm - ok
09:14:23.0437 2124 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:14:23.0437 2124 Ip6Fw - ok
09:14:23.0468 2124 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:14:23.0484 2124 IpFilterDriver - ok
09:14:23.0515 2124 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:14:23.0531 2124 IpInIp - ok
09:14:23.0625 2124 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:14:23.0703 2124 IpNat - ok
09:14:23.0750 2124 Iprip (f08d74ec300b8ba60ca953c58a24d19e) C:\WINDOWS\System32\iprip.dll
09:14:23.0765 2124 Iprip - ok
09:14:23.0828 2124 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:14:23.0875 2124 IPSec - ok
09:14:23.0906 2124 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:14:23.0906 2124 IRENUM - ok
09:14:23.0968 2124 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:14:24.0000 2124 isapnp - ok
09:14:24.0031 2124 Iviaspi (f59c3569a2f2c464bb78cb1bdcdca55e) C:\WINDOWS\system32\drivers\iviaspi.sys
09:14:24.0031 2124 Iviaspi - ok
09:14:24.0468 2124 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
09:14:24.0531 2124 JavaQuickStarterService - ok
09:14:24.0593 2124 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:14:24.0609 2124 Kbdclass - ok
09:14:24.0656 2124 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:14:24.0656 2124 kbdhid - ok
09:14:24.0796 2124 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:14:24.0875 2124 kmixer - ok
09:14:24.0921 2124 KMService (4635935fc972c582632bf45c26bfcb0e) C:\WINDOWS\system32\srvany.exe
09:14:24.0937 2124 KMService - ok
09:14:25.0015 2124 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
09:14:25.0031 2124 KSecDD - ok
09:14:25.0125 2124 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
09:14:25.0171 2124 lanmanserver - ok
09:14:25.0296 2124 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
09:14:25.0343 2124 lanmanworkstation - ok
09:14:25.0343 2124 lbrtfdc - ok
09:14:25.0390 2124 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
09:14:25.0406 2124 LmHosts - ok
09:14:25.0546 2124 Macromedia Licensing Service (a8382713f5870e4af1de4e8f7af9d882) C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
09:14:25.0578 2124 Macromedia Licensing Service - ok
09:14:25.0750 2124 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe
09:14:25.0796 2124 McrdSvc - ok
09:14:26.0078 2124 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
09:14:26.0250 2124 MDM - ok
09:14:26.0328 2124 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:14:26.0328 2124 mdmxsdk - ok
09:14:26.0390 2124 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
09:14:26.0406 2124 Messenger - ok
09:14:26.0484 2124 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll
09:14:26.0531 2124 MHN - ok
09:14:26.0593 2124 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
09:14:26.0593 2124 MHNDRV - ok
09:14:26.0656 2124 MicroGuard (e298b3788a69f8aa246c8c9e978dc13d) C:\WINDOWS\system32\drivers\mgnt.sys
09:14:26.0671 2124 MicroGuard - ok
09:14:26.0812 2124 Microsoft SharePoint Workspace Audit Service - ok
09:14:26.0843 2124 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:14:26.0843 2124 mnmdd - ok
09:14:26.0875 2124 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
09:14:26.0906 2124 mnmsrvc - ok
09:14:26.0921 2124 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
09:14:26.0921 2124 Modem - ok
09:14:26.0984 2124 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:14:26.0984 2124 Mouclass - ok
09:14:27.0015 2124 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:14:27.0015 2124 mouhid - ok
09:14:27.0078 2124 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:14:27.0109 2124 MountMgr - ok
09:14:27.0109 2124 mraid35x - ok
09:14:27.0265 2124 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:14:27.0359 2124 MRxDAV - ok
09:14:27.0640 2124 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:14:27.0843 2124 MRxSmb - ok
09:14:27.0890 2124 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
09:14:27.0906 2124 MSDTC - ok
09:14:27.0937 2124 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:14:27.0953 2124 Msfs - ok
09:14:27.0953 2124 MSIServer - ok
09:14:27.0984 2124 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:14:27.0984 2124 MSKSSRV - ok
09:14:28.0000 2124 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:14:28.0000 2124 MSPCLOCK - ok
09:14:28.0015 2124 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:14:28.0015 2124 MSPQM - ok
09:14:28.0062 2124 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:14:28.0062 2124 mssmbios - ok
09:14:28.0156 2124 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:14:28.0187 2124 Mup - ok
09:14:28.0390 2124 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
09:14:28.0718 2124 napagent - ok
09:14:28.0875 2124 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:14:28.0984 2124 NDIS - ok
09:14:29.0046 2124 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:14:29.0046 2124 NdisTapi - ok
09:14:29.0062 2124 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:14:29.0062 2124 Ndisuio - ok
09:14:29.0125 2124 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:14:29.0171 2124 NdisWan - ok
09:14:29.0218 2124 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:14:29.0218 2124 NDProxy - ok
09:14:29.0890 2124 Nero BackItUp Scheduler 3 (40d7d0a208ee863bca8d89e299216f15) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
09:14:30.0343 2124 Nero BackItUp Scheduler 3 - ok
09:14:30.0406 2124 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:14:30.0421 2124 NetBIOS - ok
09:14:30.0531 2124 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:14:30.0609 2124 NetBT - ok
09:14:30.0718 2124 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
09:14:30.0781 2124 NetDDE - ok
09:14:30.0781 2124 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
09:14:30.0781 2124 NetDDEdsdm - ok
09:14:30.0812 2124 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys
09:14:30.0812 2124 Netdevio - ok
09:14:30.0859 2124 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:14:30.0859 2124 Netlogon - ok
09:14:31.0000 2124 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
09:14:31.0093 2124 Netman - ok
09:14:31.0437 2124 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:14:31.0546 2124 NetTcpPortSharing - ok
09:14:31.0656 2124 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:14:31.0687 2124 NIC1394 - ok
09:14:31.0859 2124 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
09:14:31.0968 2124 Nla - ok
09:14:32.0625 2124 NMIndexingService (eba1b4bf2e2375abdadedb649f283541) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
09:14:32.0937 2124 NMIndexingService - ok
09:14:33.0000 2124 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:14:33.0015 2124 Npfs - ok
09:14:33.0328 2124 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:14:33.0625 2124 Ntfs - ok
09:14:33.0671 2124 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:14:33.0671 2124 NtLmSsp - ok
09:14:33.0937 2124 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
09:14:34.0187 2124 NtmsSvc - ok
09:14:34.0234 2124 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:14:34.0234 2124 Null - ok
09:14:36.0203 2124 nv (e955c80eeb77e809263b9c4443a1d188) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:14:37.0953 2124 nv - ok
09:14:38.0609 2124 NvNdis - ok
09:14:38.0718 2124 NVSvc (5ecb80f1a9e530aee7574dcac7068796) C:\WINDOWS\system32\nvsvc32.exe
09:14:38.0781 2124 NVSvc - ok
09:14:38.0796 2124 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:14:38.0812 2124 NwlnkFlt - ok
09:14:38.0843 2124 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:14:38.0859 2124 NwlnkFwd - ok
09:14:38.0906 2124 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:14:38.0937 2124 ohci1394 - ok
09:14:39.0015 2124 oreans32 (b99575d16f887883b821d372ff292c20) C:\WINDOWS\system32\drivers\oreans32.sys
09:14:39.0031 2124 oreans32 - ok
09:14:39.0421 2124 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:14:39.0500 2124 ose - ok
09:14:42.0156 2124 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:14:44.0515 2124 osppsvc - ok
09:14:45.0171 2124 p2pgasvc (937a02981f11b2ce96b1d493c95aed2b) C:\WINDOWS\system32\p2pgasvc.dll
09:14:45.0218 2124 p2pgasvc - ok
09:14:45.0562 2124 p2pimsvc (4a1035cb8f0d57be41873b5183d96cf4) C:\WINDOWS\system32\p2psvc.dll
09:14:45.0843 2124 p2pimsvc - ok
09:14:45.0843 2124 p2psvc (4a1035cb8f0d57be41873b5183d96cf4) C:\WINDOWS\system32\p2psvc.dll
09:14:45.0843 2124 p2psvc - ok
09:14:46.0000 2124 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
09:14:46.0046 2124 Parport - ok
09:14:46.0062 2124 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:14:46.0078 2124 PartMgr - ok
09:14:46.0093 2124 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
09:14:46.0109 2124 ParVdm - ok
09:14:46.0156 2124 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
09:14:46.0171 2124 pccsmcfd - ok
09:14:46.0265 2124 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
09:14:46.0296 2124 PCI - ok
09:14:46.0312 2124 PCIDump - ok
09:14:46.0343 2124 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:14:46.0343 2124 PCIIde - ok
09:14:46.0453 2124 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
09:14:46.0515 2124 Pcmcia - ok
09:14:46.0515 2124 PDCOMP - ok
09:14:46.0515 2124 PDFRAME - ok
09:14:46.0531 2124 PDRELI - ok
09:14:46.0531 2124 PDRFRAME - ok
09:14:46.0531 2124 perc2 - ok
09:14:46.0546 2124 perc2hib - ok
09:14:46.0578 2124 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
09:14:46.0578 2124 Pfc - ok
09:14:46.0687 2124 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
09:14:46.0687 2124 PlugPlay - ok
09:14:46.0765 2124 Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\system32\HPZipm12.exe
09:14:46.0796 2124 Pml Driver HPZ12 - ok
09:14:46.0796 2124 PNRPSvc (4a1035cb8f0d57be41873b5183d96cf4) C:\WINDOWS\system32\p2psvc.dll
09:14:46.0796 2124 PNRPSvc - ok
09:14:46.0859 2124 Point32 (60a044879c4fa76314494f5fddc43b93) C:\WINDOWS\system32\DRIVERS\point32.sys
09:14:46.0859 2124 Point32 - ok
09:14:46.0906 2124 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:14:46.0906 2124 PolicyAgent - ok
09:14:46.0984 2124 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:14:47.0015 2124 PptpMiniport - ok
09:14:47.0062 2124 PRODIGY (65937a34c9a5741e3030a86905400d91) C:\WINDOWS\system32\Drivers\PRODIGY.SYS
09:14:47.0078 2124 PRODIGY - ok
09:14:47.0078 2124 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:14:47.0093 2124 ProtectedStorage - ok
09:14:47.0156 2124 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:14:47.0171 2124 Ptilink - ok
09:14:47.0234 2124 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:14:47.0250 2124 PxHelp20 - ok
09:14:47.0281 2124 qkbfiltr (7dc7aca4e775e9d823f5773a2f47a2ac) C:\WINDOWS\system32\drivers\qkbfiltr.sys
09:14:47.0296 2124 qkbfiltr - ok
09:14:47.0296 2124 ql1080 - ok
09:14:47.0312 2124 Ql10wnt - ok
09:14:47.0312 2124 ql12160 - ok
09:14:47.0312 2124 ql1240 - ok
09:14:47.0328 2124 ql1280 - ok
09:14:47.0359 2124 qmofiltr (8652b9e134c3478be948bf089df8ed5e) C:\WINDOWS\system32\drivers\qmofiltr.sys
09:14:47.0375 2124 qmofiltr - ok
09:14:47.0390 2124 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:14:47.0406 2124 RasAcd - ok
09:14:47.0500 2124 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
09:14:47.0546 2124 RasAuto - ok
09:14:47.0593 2124 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:14:47.0625 2124 Rasl2tp - ok
09:14:47.0781 2124 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
09:14:47.0875 2124 RasMan - ok
09:14:47.0906 2124 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:14:47.0921 2124 RasPppoe - ok
09:14:47.0937 2124 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:14:47.0953 2124 Raspti - ok
09:14:47.0953 2124 rcvpn - ok
09:14:48.0093 2124 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:14:48.0171 2124 Rdbss - ok
09:14:48.0187 2124 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:14:48.0187 2124 RDPCDD - ok
09:14:48.0312 2124 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:14:48.0421 2124 rdpdr - ok
09:14:48.0531 2124 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
09:14:48.0562 2124 RDPWD - ok
09:14:48.0703 2124 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
09:14:48.0765 2124 RDSessMgr - ok
09:14:48.0843 2124 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:14:48.0875 2124 redbook - ok
09:14:49.0171 2124 RegSrvc (1b2857ef12d79a9f9adba14b0637cbf8) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
09:14:49.0265 2124 RegSrvc - ok
09:14:49.0328 2124 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
09:14:49.0343 2124 RemoteAccess - ok
09:14:49.0390 2124 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
09:14:49.0421 2124 RemoteRegistry - ok
09:14:49.0484 2124 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys
09:14:49.0500 2124 Revoflt - ok
09:14:49.0562 2124 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
09:14:49.0593 2124 RFCOMM - ok
09:14:49.0593 2124 rkhdrv40 - ok
09:14:49.0625 2124 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
09:14:49.0625 2124 ROOTMODEM - ok
09:14:49.0718 2124 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
09:14:49.0750 2124 RpcLocator - ok
09:14:50.0000 2124 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
09:14:50.0015 2124 RpcSs - ok
09:14:50.0140 2124 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
09:14:50.0218 2124 RSVP - ok
09:14:50.0687 2124 S24EventMonitor (6c5155cc0e805c7be6028bff7ac14524) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
09:14:50.0953 2124 S24EventMonitor - ok
09:14:51.0062 2124 s24trans (1cc074e0d48383d4e9bffc6a26c2a58a) C:\WINDOWS\system32\DRIVERS\s24trans.sys
09:14:51.0078 2124 s24trans - ok
09:14:51.0125 2124 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
09:14:51.0125 2124 SamSs - ok
09:14:51.0218 2124 SCardDrv (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\system32\Scardsvr.exe
09:14:51.0234 2124 SCardDrv - ok
09:14:51.0250 2124 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\system32\Scardsvr.exe
09:14:51.0250 2124 SCardSvr - ok
09:14:51.0390 2124 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
09:14:51.0484 2124 Schedule - ok
09:14:51.0546 2124 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
09:14:51.0593 2124 sdbus - ok
09:14:51.0656 2124 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:14:51.0671 2124 Secdrv - ok
09:14:51.0734 2124 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
09:14:51.0734 2124 seclogon - ok
09:14:51.0765 2124 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
09:14:51.0765 2124 SENS - ok
09:14:51.0796 2124 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
09:14:51.0812 2124 serenum - ok
09:14:51.0875 2124 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
09:14:51.0906 2124 Serial - ok
09:14:52.0421 2124 ServiceLayer (7d3903af48e6c1dc2704eafcb608d031) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
09:14:52.0718 2124 ServiceLayer - ok
09:14:52.0765 2124 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
09:14:52.0781 2124 sffdisk - ok
09:14:52.0812 2124 sffp_mmc (d66d22d76878bf3483a6be30183fb648) C:\WINDOWS\system32\DRIVERS\sffp_mmc.sys
09:14:52.0812 2124 sffp_mmc - ok
09:14:52.0843 2124 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
09:14:52.0859 2124 sffp_sd - ok
09:14:52.0875 2124 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:14:52.0875 2124 Sfloppy - ok
09:14:53.0093 2124 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
09:14:53.0250 2124 SharedAccess - ok
09:14:53.0359 2124 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:14:53.0359 2124 ShellHWDetection - ok
09:14:53.0421 2124 silabenm (3ead8e1668ce42a0afe41d56e7157bcf) C:\WINDOWS\system32\DRIVERS\silabenm.sys
09:14:53.0453 2124 silabenm - ok
09:14:53.0515 2124 silabser (b77c60b4a7848057bdcd0aa07299e8f3) C:\WINDOWS\system32\DRIVERS\silabser.sys
09:14:53.0546 2124 silabser - ok
09:14:53.0562 2124 Simbad - ok
09:14:53.0609 2124 SimpTcp (32933b07fc16d9f778bee12545fa1b1a) C:\WINDOWS\system32\tcpsvcs.exe
09:14:53.0609 2124 SimpTcp - ok
09:14:53.0687 2124 SMCB000 (6c7f2b518f8a7abe1c145f26aa48c633) C:\WINDOWS\system32\DRIVERS\hidsmsc.sys
09:14:53.0687 2124 SMCB000 - ok
09:14:53.0765 2124 SMTPSVC (db3c22745c0da4666f3be31f1af36b2f) C:\WINDOWS\system32\inetsrv\inetinfo.exe
09:14:53.0765 2124 SMTPSVC - ok
09:14:53.0828 2124 SNMP (60c377be6b3cc83f6a8584934b181d2e) C:\WINDOWS\System32\snmp.exe
09:14:53.0828 2124 SNMP - ok
09:14:53.0843 2124 SNMPTRAP (80a050795a107a76c2b1cd4cfbe010e6) C:\WINDOWS\System32\snmptrap.exe
09:14:53.0859 2124 SNMPTRAP - ok
09:14:53.0859 2124 Sparrow - ok
09:14:53.0890 2124 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:14:53.0890 2124 splitter - ok
09:14:53.0984 2124 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
09:14:54.0000 2124 Spooler - ok
09:14:54.0046 2124 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
09:14:54.0093 2124 sr - ok
09:14:54.0187 2124 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
09:14:54.0281 2124 srservice - ok
09:14:54.0468 2124 SRS_SSCFilter (25ecea986742275ecb23a1cb6bc87a61) C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys
09:14:54.0468 2124 SRS_SSCFilter - ok
09:14:54.0703 2124 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
09:14:54.0859 2124 Srv - ok
09:14:54.0953 2124 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
09:14:54.0984 2124 SSDPSRV - ok
09:14:55.0062 2124 SSIPDDP (2773f6c4c4be8a3b87227934ac8d5b38) C:\WINDOWS\system32\DRIVERS\SSIPDDP.SYS
09:14:55.0062 2124 SSIPDDP - ok
09:14:55.0125 2124 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
09:14:55.0125 2124 StillCam - ok
09:14:55.0359 2124 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
09:14:55.0515 2124 stisvc - ok
09:14:55.0562 2124 StMp3Rec (833ac40f6e7be17951d6d9a956829547) C:\WINDOWS\system32\Drivers\StMp3Rec.sys
09:14:55.0578 2124 StMp3Rec - ok
09:14:56.0000 2124 SupportSoft RemoteAssist (78b58486a5cb4f418d06ea2d6e961db0) C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
09:14:56.0187 2124 SupportSoft RemoteAssist - ok
09:14:56.0218 2124 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:14:56.0234 2124 swenum - ok
09:14:56.0437 2124 SWGVCSvc (c966e60968f0ef114606eefd3e5ef1c2) C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe
09:14:56.0546 2124 SWGVCSvc - ok
09:14:56.0640 2124 SWIPsec (ebd83e322b4eb50f6a1d8d7b42d3745e) C:\WINDOWS\system32\Drivers\SWIPsec.sys
09:14:56.0640 2124 SWIPsec - ok
09:14:56.0703 2124 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:14:56.0718 2124 swmidi - ok
09:14:56.0734 2124 SwPrv - ok
09:14:56.0781 2124 SWUSBFLT (5212178c49079e40831d95ec7596fcc7) C:\WINDOWS\system32\DRIVERS\SWUSBFLT.sys
09:14:56.0796 2124 SWUSBFLT - ok
09:14:56.0812 2124 SWVNIC (962b13026b10b82d2874bfda4ecc048d) C:\WINDOWS\system32\DRIVERS\swvnic.sys
09:14:56.0828 2124 SWVNIC - ok
09:14:56.0828 2124 symc810 - ok
09:14:56.0843 2124 symc8xx - ok
09:14:56.0843 2124 sym_hi - ok
09:14:56.0843 2124 sym_u3 - ok
09:14:56.0984 2124 SynTP (a6cc8c28d5aad4179ef32f05bed55e91) C:\WINDOWS\system32\DRIVERS\SynTP.sys
09:14:57.0078 2124 SynTP - ok
09:14:57.0125 2124 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:14:57.0156 2124 sysaudio - ok
09:14:57.0250 2124 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
09:14:57.0296 2124 SysmonLog - ok
09:14:57.0453 2124 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
09:14:57.0562 2124 TapiSrv - ok
09:14:57.0812 2124 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:14:57.0968 2124 Tcpip - ok
09:14:58.0125 2124 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
09:14:58.0203 2124 Tcpip6 - ok
09:14:58.0265 2124 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:14:58.0281 2124 TDPIPE - ok
09:14:58.0312 2124 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:14:58.0328 2124 TDTCP - ok
09:14:58.0375 2124 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:14:58.0390 2124 TermDD - ok
09:14:58.0593 2124 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
09:14:58.0750 2124 TermService - ok
09:14:58.0859 2124 tgsrvc_telefonica - ok
09:14:58.0953 2124 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
09:14:58.0953 2124 Themes - ok
09:14:59.0468 2124 theowl_be (2b20f3d381de89adfd5b4f31dbab72e8) C:\Program Files\2SE\The Owl\theowl_be.exe
09:14:59.0781 2124 theowl_be - ok
09:14:59.0984 2124 tifm21 (244cfbffdefb77f3df571a8cd108fc06) C:\WINDOWS\system32\drivers\tifm21.sys
09:15:00.0062 2124 tifm21 - ok
09:15:00.0156 2124 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
09:15:00.0187 2124 TlntSvr - ok
09:15:00.0375 2124 TOSHIBA Bluetooth Service (87843b2da99051bc66e2d6c211e3d6a4) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
09:15:00.0437 2124 TOSHIBA Bluetooth Service - ok
09:15:00.0468 2124 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys
09:15:00.0468 2124 toshidpt - ok
09:15:00.0468 2124 TosIde - ok
09:15:00.0546 2124 tosporte (8d624d3bd1f2d78bd1c01a2d4e954b4e) C:\WINDOWS\system32\DRIVERS\tosporte.sys
09:15:00.0562 2124 tosporte - ok
09:15:00.0671 2124 Tosrfbd (8c3bfaf3fca90502e6fa35503b8e979e) C:\WINDOWS\system32\Drivers\tosrfbd.sys
09:15:00.0718 2124 Tosrfbd - ok
09:15:00.0765 2124 Tosrfbnp (90c8525bc578aaffe87c2d0ed4379e9e) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
09:15:00.0781 2124 Tosrfbnp - ok
09:15:00.0843 2124 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys
09:15:00.0875 2124 Tosrfcom - ok
09:15:00.0906 2124 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\WINDOWS\system32\DRIVERS\tosrfec.sys
09:15:00.0921 2124 tosrfec - ok
09:15:00.0968 2124 Tosrfhid (7c807ba9660e2995cc0217a14a24094c) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
09:15:01.0015 2124 Tosrfhid - ok
09:15:01.0078 2124 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
09:15:01.0078 2124 tosrfnds - ok
09:15:01.0171 2124 TosRfSnd (a4ce9572bc4ac8d329455059b43c5bea) C:\WINDOWS\system32\drivers\TosRfSnd.sys
09:15:01.0203 2124 TosRfSnd - ok
09:15:01.0234 2124 Tosrfusb (ac59b465500e660607ba393587e0e3a1) C:\WINDOWS\system32\Drivers\tosrfusb.sys
09:15:01.0265 2124 Tosrfusb - ok
09:15:01.0359 2124 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
09:15:01.0406 2124 TrkWks - ok
09:15:01.0468 2124 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
09:15:01.0468 2124 tunmp - ok
09:15:01.0546 2124 U2SP (228d8e60bc9c5238587b0bf1654ec580) C:\WINDOWS\system32\DRIVERS\u2s2kxp.sys
09:15:01.0546 2124 U2SP - ok
09:15:01.0625 2124 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:15:01.0656 2124 Udfs - ok
09:15:01.0671 2124 UIUSys - ok
09:15:01.0671 2124 ultra - ok
09:15:01.0906 2124 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:15:02.0109 2124 Update - ok
09:15:02.0234 2124 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
09:15:02.0328 2124 upnphost - ok
09:15:02.0390 2124 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
09:15:02.0390 2124 UPS - ok
09:15:02.0406 2124 USBAAPL - ok
09:15:02.0484 2124 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
09:15:02.0515 2124 usbaudio - ok
09:15:02.0578 2124 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:15:02.0593 2124 usbccgp - ok
09:15:02.0625 2124 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:15:02.0640 2124 usbehci - ok
09:15:02.0687 2124 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:15:02.0718 2124 usbhub - ok
09:15:02.0781 2124 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:15:02.0796 2124 usbprint - ok
09:15:02.0828 2124 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:15:02.0843 2124 usbscan - ok
09:15:02.0906 2124 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
09:15:02.0921 2124 usbser - ok
09:15:02.0984 2124 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:15:03.0000 2124 USBSTOR - ok
09:15:03.0031 2124 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:15:03.0046 2124 usbuhci - ok
09:15:03.0062 2124 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
09:15:03.0078 2124 usb_rndisx - ok
09:15:03.0125 2124 vcdrom (bfa4ae30b3ac10e9223830bf103f5a3f) C:\WINDOWS\system32\VCdRom.sys
09:15:03.0125 2124 vcdrom - ok
09:15:03.0156 2124 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:15:03.0171 2124 VgaSave - ok
09:15:03.0171 2124 ViaIde - ok
09:15:03.0375 2124 VirtualFD - ok
09:15:03.0546 2124 vmm (590c7a3a1133e51a7e1cef67366e75af) C:\WINDOWS\system32\Drivers\vmm.sys
09:15:03.0546 2124 vmm - ok
09:15:03.0625 2124 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
09:15:03.0640 2124 VolSnap - ok
09:15:03.0687 2124 VPCNetS2 (f96a678debdccb0b4bb7f38cb2580589) C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys
09:15:03.0687 2124 VPCNetS2 - ok
09:15:03.0734 2124 vsbus (1c8a783e90c34d205596f1ab4a97e261) C:\WINDOWS\system32\DRIVERS\vsb.sys
09:15:03.0750 2124 vsbus - ok
09:15:03.0953 2124 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
09:15:04.0109 2124 VSS - ok
09:15:04.0281 2124 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
09:15:04.0375 2124 W32Time - ok
09:15:05.0171 2124 w39n51 (b1f126e7e28877106d60e6ff3998d033) C:\WINDOWS\system32\DRIVERS\w39n51.sys
09:15:05.0968 2124 w39n51 - ok
09:15:06.0625 2124 W3SVC (db3c22745c0da4666f3be31f1af36b2f) C:\WINDOWS\system32\inetsrv\inetinfo.exe
09:15:06.0625 2124 W3SVC - ok
09:15:06.0796 2124 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:15:06.0812 2124 Wanarp - ok
09:15:06.0906 2124 wceusbsh (4a954a20a4c73d6db13c0fe25f3f1b0c) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
09:15:06.0968 2124 wceusbsh - ok
09:15:07.0234 2124 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
09:15:07.0234 2124 Wdf01000 - ok
09:15:07.0250 2124 WDICA - ok
09:15:07.0296 2124 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:15:07.0343 2124 wdmaud - ok
09:15:07.0437 2124 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
09:15:07.0468 2124 WebClient - ok
09:15:07.0859 2124 winachsf (cf27edac75c87f2b776d9218f02f8301) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
09:15:07.0859 2124 winachsf - ok
09:15:08.0062 2124 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
09:15:08.0109 2124 winmgmt - ok
09:15:08.0765 2124 WinRM (18f347402da544a780949b8fdf83351b) C:\WINDOWS\system32\WsmSvc.dll
09:15:09.0343 2124 WinRM - ok
09:15:09.0718 2124 WLANKEEPER (abc34b2d88543dcfdd33ec2e7e0a24f2) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
09:15:09.0828 2124 WLANKEEPER - ok
09:15:10.0765 2124 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:15:11.0562 2124 wlidsvc - ok
09:15:11.0781 2124 WLSetupSvc (94a85e956a065e23e0010a6a7826243b) C:\Program Files\Windows Live\installer\WLSetupSvc.exe
09:15:11.0921 2124 WLSetupSvc - ok
09:15:12.0593 2124 WmBEnum (38932c4649f8baad6ce1000ac6503d5b) C:\WINDOWS\system32\drivers\WmBEnum.sys
09:15:12.0593 2124 WmBEnum - ok
09:15:12.0640 2124 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
09:15:12.0656 2124 WmdmPmSN - ok
09:15:12.0703 2124 WmFilter (58b3adab903fa1a78c86e6a42b80fe76) C:\WINDOWS\system32\drivers\WmFilter.sys
09:15:12.0718 2124 WmFilter - ok
09:15:13.0093 2124 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
09:15:13.0390 2124 Wmi - ok
09:15:13.0437 2124 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
09:15:13.0453 2124 WmiAcpi - ok
09:15:13.0625 2124 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:15:13.0687 2124 WmiApSrv - ok
09:15:14.0343 2124 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
09:15:14.0812 2124 WMPNetworkSvc - ok
09:15:14.0953 2124 WmVirHid (e45f01f4014d7ab13b8a0c41ebf48a3d) C:\WINDOWS\system32\drivers\WmVirHid.sys
09:15:14.0953 2124 WmVirHid - ok
09:15:15.0000 2124 WmXlCore (0398265dd65aae2ece180fa9d1e7b5bb) C:\WINDOWS\system32\drivers\WmXlCore.sys
09:15:15.0015 2124 WmXlCore - ok
09:15:15.0062 2124 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
09:15:15.0078 2124 WpdUsb - ok
09:15:15.0687 2124 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:15:16.0078 2124 WPFFontCache_v0400 - ok
09:15:16.0109 2124 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:15:16.0109 2124 WS2IFSL - ok
09:15:16.0218 2124 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
09:15:16.0234 2124 wscsvc - ok
09:15:16.0234 2124 WSearch - ok
09:15:16.0296 2124 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
09:15:16.0296 2124 wuauserv - ok
09:15:16.0484 2124 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:15:16.0531 2124 WudfPf - ok
09:15:16.0640 2124 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:15:16.0703 2124 WudfRd - ok
09:15:16.0765 2124 WudfSvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\WINDOWS\System32\WUDFSvc.dll
09:15:16.0890 2124 WudfSvc - ok
09:15:17.0171 2124 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
09:15:17.0421 2124 WZCSVC - ok
09:15:17.0437 2124 X10Hid (81e8da36ce70858898d5eb81e28a47d2) C:\WINDOWS\system32\Drivers\x10hid.sys
09:15:17.0437 2124 X10Hid - ok
09:15:17.0500 2124 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\WINDOWS\system32\DRIVERS\xaudio.sys
09:15:17.0500 2124 XAudio - ok
09:15:17.0718 2124 XAudioService (28dc5d626e036a75a572556f0a6eb1f6) C:\WINDOWS\system32\DRIVERS\xaudio.exe
09:15:17.0921 2124 XAudioService - ok
09:15:18.0046 2124 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
09:15:18.0234 2124 xmlprov - ok
09:15:18.0406 2124 zlportio - ok
09:15:18.0421 2124 zumbus - ok
09:15:18.0671 2124 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl
09:15:18.0671 2124 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
09:15:18.0734 2124 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
09:15:19.0281 2124 \Device\Harddisk0\DR0 - ok
09:15:19.0281 2124 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR3
09:15:19.0296 2124 \Device\Harddisk1\DR3 - ok
09:15:19.0312 2124 Boot (0x1200) (edae3c559cc6a81c3f1e4260f9d5f761) \Device\Harddisk0\DR0\Partition0
09:15:19.0312 2124 \Device\Harddisk0\DR0\Partition0 - ok
09:15:19.0328 2124 Boot (0x1200) (bc8f50932d9c05942c2bd9922fecb6c6) \Device\Harddisk1\DR3\Partition0
09:15:19.0328 2124 \Device\Harddisk1\DR3\Partition0 - ok
09:15:19.0328 2124 ============================================================
09:15:19.0328 2124 Scan finished
09:15:19.0328 2124 ============================================================
09:15:19.0328 0400 Detected object count: 0
09:15:19.0328 0400 Actual detected object count: 0
09:15:47.0546 3348 Deinitialize success

#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:46 AM

Posted 24 May 2012 - 05:25 AM

Can you tell me when this error (and other problems) occurred for the first time, do you know what (might have) caused it?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#11 lento

lento
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:46 AM

Posted 24 May 2012 - 09:18 AM

There's a month ago or so, that I show this message, I remember I was experiencing some problems due to malware and used different programs to detect, as my own antivirus AVG, TDSKiller, killbox, combofix, .... and then used the command chkdsk / f / r to check the disks. The truth is that until a few days, despite the message, nothing seemed to go wrong. A few days later checking the services that XP was running, I realized that there were 25 services that controlled a kind of paternal protection, each had a different name, I disable all one by one with TOL.exe. Then, although nothing seemed to go wrong, I began to inquire into the reason for the invasion of parental control services and found your forum asking in google about the funny message I have on boot. In your forum I read the analysis you were doing to him Bucka and require your help.

In any case until I used GMER, the speed of response of my operating system seemed intact, I can tell you that the system has any kind of because trouble writing these words, it's reading slower than I writing. Thanks for your help.

#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:46 AM

Posted 24 May 2012 - 09:37 AM

We need to see where your TDSSKiller log is. Please download TDSS Qlook on your desktop by clicking the following link.

Open TDSSQlook.exe and you will see two options: A (Scan) and B (Fix). Select A and wait for the scan to finish. A log should be created. Please copy/paste it within your next reply.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#13 lento

lento
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:46 AM

Posted 24 May 2012 - 09:45 AM

TDSSKiller Quarantine Information log
Version 1.0.0.4
***** START SCAN 24/05/2012 16:44:36.21 *****

---------- Warning! ----------

TDSSKiller Quarantine folder not found

---------- TDSSKiller logs ----------

TDSSKiller.2.6.18.0_03.03.2012_22.40.12_log.txt
TDSSKiller.2.6.18.0_13.11.2011_19.15.21_log.txt
TDSSKiller.2.7.37.0_23.05.2012_11.15.17_log.txt
TDSSKiller.2.7.37.0_24.05.2012_09.19.18_log.txt
TDSSKiller.2.7.37.0_24.05.2012_09.22.05_log.txt

---------- TDSSStarter logs ----------


***** END SCAN 24/05/2012 16:44:36.43 *****
- EOF -

#14 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:46 AM

Posted 24 May 2012 - 10:37 AM

Can you please post me the contents of this file: c:\TDSSKiller.2.6.18.0_03.03.2012_22.40.12_log.txt

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#15 lento

lento
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:02:46 AM

Posted 24 May 2012 - 11:03 AM

22:40:12.0984 1736 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15
22:40:14.0984 1736 ============================================================
22:40:14.0984 1736 Current date / time: 2012/03/03 22:40:14.0984
22:40:14.0984 1736 SystemInfo:
22:40:14.0984 1736
22:40:14.0984 1736 OS Version: 5.1.2600 ServicePack: 3.0
22:40:14.0984 1736 Product type: Workstation
22:40:14.0984 1736 ComputerName: TAF_JUANJO
22:40:14.0984 1736 UserName: Juanjo Hierro
22:40:14.0984 1736 Windows directory: C:\WINDOWS
22:40:14.0984 1736 System windows directory: C:\WINDOWS
22:40:14.0984 1736 Processor architecture: Intel x86
22:40:14.0984 1736 Number of processors: 2
22:40:14.0984 1736 Page size: 0x1000
22:40:14.0984 1736 Boot type: Safe boot with network
22:40:14.0984 1736 ============================================================
22:40:16.0859 1736 Initialize success
22:40:22.0562 1436 ============================================================
22:40:22.0562 1436 Scan started
22:40:22.0562 1436 Mode: Manual;
22:40:22.0562 1436 ============================================================
22:40:24.0875 1436 Abiosdsk - ok
22:40:24.0921 1436 abp480n5 - ok
22:40:25.0000 1436 ACEDRV07 (4e5451dd0aec8504d7f8030dd2d4c416) C:\WINDOWS\system32\drivers\ACEDRV07.sys
22:40:25.0000 1436 ACEDRV07 - ok
22:40:25.0125 1436 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:40:25.0125 1436 ACPI - ok
22:40:25.0187 1436 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
22:40:25.0203 1436 ACPIEC - ok
22:40:25.0265 1436 adpu160m - ok
22:40:25.0343 1436 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:40:25.0343 1436 aec - ok
22:40:25.0562 1436 AegisP (12dafd934641dcf61e446313bc261ec2) C:\WINDOWS\system32\DRIVERS\AegisP.sys
22:40:25.0562 1436 AegisP - ok
22:40:25.0671 1436 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:40:25.0671 1436 AFD - ok
22:40:25.0718 1436 Aha154x - ok
22:40:25.0781 1436 aic78u2 - ok
22:40:25.0843 1436 aic78xx - ok
22:40:25.0921 1436 AliIde - ok
22:40:26.0078 1436 Ambfilt (7db123bea66206f94d352ee54caf08c3) C:\WINDOWS\system32\drivers\Ambfilt.sys
22:40:26.0078 1436 Suspicious file (Forged): C:\WINDOWS\system32\drivers\Ambfilt.sys. Real md5: 7db123bea66206f94d352ee54caf08c3, Fake md5: 74c1cba670b927367ee6892d13d4f1db
22:40:26.0093 1436 Ambfilt ( ForgedFile.Multi.Generic ) - warning
22:40:26.0093 1436 Ambfilt - detected ForgedFile.Multi.Generic (1)
22:40:26.0265 1436 amsint - ok
22:40:26.0343 1436 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:40:26.0343 1436 Arp1394 - ok
22:40:26.0406 1436 asc - ok
22:40:26.0484 1436 asc3350p - ok
22:40:26.0515 1436 asc3550 - ok
22:40:26.0671 1436 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:40:26.0671 1436 AsyncMac - ok
22:40:26.0734 1436 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:40:26.0734 1436 atapi - ok
22:40:26.0906 1436 Atdisk - ok
22:40:26.0984 1436 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:40:26.0984 1436 Atmarpc - ok
22:40:27.0078 1436 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:40:27.0078 1436 audstub - ok
22:40:27.0187 1436 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\System32\Drivers\avgldx86.sys
22:40:27.0187 1436 AvgLdx86 - ok
22:40:27.0265 1436 AvgMfx86 (80ff2b1b7eeda966394f0baa895bbf4b) C:\WINDOWS\System32\Drivers\avgmfx86.sys
22:40:27.0265 1436 AvgMfx86 - ok
22:40:27.0484 1436 AvgRkx86 (5bbcd8646074a3af4ee9b321d12c2b64) C:\WINDOWS\system32\Drivers\avgrkx86.sys
22:40:27.0484 1436 AvgRkx86 - ok
22:40:27.0593 1436 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\WINDOWS\System32\Drivers\avgtdix.sys
22:40:27.0593 1436 AvgTdiX - ok
22:40:27.0687 1436 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:40:27.0687 1436 Beep - ok
22:40:27.0765 1436 BoiHwsetup (141befbd4f2a84a66e2f54b9e32e40d1) C:\WINDOWS\system32\drivers\BoiHwSetup.sys
22:40:27.0765 1436 BoiHwsetup - ok
22:40:27.0843 1436 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
22:40:27.0843 1436 Bridge - ok
22:40:27.0859 1436 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
22:40:27.0859 1436 BridgeMP - ok
22:40:27.0984 1436 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
22:40:27.0984 1436 BthEnum - ok
22:40:28.0187 1436 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
22:40:28.0187 1436 BthPan - ok
22:40:28.0328 1436 BTHPORT (662bfd909447dd9cc15b1a1c366583b4) C:\WINDOWS\system32\Drivers\BTHport.sys
22:40:28.0328 1436 BTHPORT - ok
22:40:28.0453 1436 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
22:40:28.0453 1436 BTHUSB - ok
22:40:28.0515 1436 btkrnl - ok
22:40:28.0593 1436 catchme - ok
22:40:28.0796 1436 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:40:28.0796 1436 cbidf2k - ok
22:40:28.0875 1436 cd20xrnt - ok
22:40:28.0968 1436 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:40:28.0968 1436 Cdaudio - ok
22:40:29.0015 1436 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:40:29.0015 1436 Cdfs - ok
22:40:29.0125 1436 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:40:29.0125 1436 Cdrom - ok
22:40:29.0187 1436 Changer - ok
22:40:29.0312 1436 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:40:29.0312 1436 CmBatt - ok
22:40:29.0453 1436 CmdIde - ok
22:40:29.0546 1436 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:40:29.0546 1436 Compbatt - ok
22:40:29.0656 1436 Cpqarray - ok
22:40:29.0781 1436 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
22:40:29.0781 1436 cpudrv - ok
22:40:29.0875 1436 dac2w2k - ok
22:40:29.0937 1436 dac960nt - ok
22:40:30.0046 1436 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:40:30.0046 1436 Disk - ok
22:40:30.0234 1436 DLABOIOM (ee4325becef51b8c32b4329097e4f301) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
22:40:30.0234 1436 DLABOIOM - ok
22:40:30.0328 1436 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
22:40:30.0328 1436 DLACDBHM - ok
22:40:30.0390 1436 DLADResN (4bc6fb5d5159813adfbe584564f378c3) C:\WINDOWS\system32\DLA\DLADResN.SYS
22:40:30.0390 1436 DLADResN - ok
22:40:30.0500 1436 DLAIFS_M (752376e109a090970bfa9722f0f40b03) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
22:40:30.0500 1436 DLAIFS_M - ok
22:40:30.0578 1436 DLAOPIOM (62ee7902e74b90bf1ccc4643fc6c07a7) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
22:40:30.0578 1436 DLAOPIOM - ok
22:40:30.0828 1436 DLAPoolM (5c220124c5afeaee84a9bb89d685c17b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
22:40:30.0828 1436 DLAPoolM - ok
22:40:30.0921 1436 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
22:40:30.0921 1436 DLARTL_N - ok
22:40:30.0968 1436 DLAUDFAM (4ebb78d9bbf072119363b35b9b3e518f) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
22:40:30.0984 1436 DLAUDFAM - ok
22:40:31.0156 1436 DLAUDF_M (333b770e52d2cea7bd86391120466e43) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
22:40:31.0156 1436 DLAUDF_M - ok
22:40:31.0250 1436 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:40:31.0296 1436 dmboot - ok
22:40:31.0531 1436 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:40:31.0531 1436 dmio - ok
22:40:31.0593 1436 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:40:31.0593 1436 dmload - ok
22:40:31.0718 1436 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:40:31.0718 1436 DMusic - ok
22:40:31.0812 1436 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\WINDOWS\system32\DRIVERS\dne2000.sys
22:40:31.0812 1436 DNE - ok
22:40:32.0031 1436 dpti2o - ok
22:40:32.0109 1436 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:40:32.0109 1436 drmkaud - ok
22:40:32.0203 1436 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
22:40:32.0203 1436 DRVMCDB - ok
22:40:32.0250 1436 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
22:40:32.0250 1436 DRVNDDM - ok
22:40:32.0343 1436 E100B (2646883e6dd867cd872d5b51b6036710) C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:40:32.0343 1436 E100B - ok
22:40:32.0578 1436 e1express (e1fa10ed8f9f700c1be1eae05a80ef57) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
22:40:32.0578 1436 e1express - ok
22:40:32.0843 1436 eeCtrl (1df3d1be3403d663827496e62d24ca4c) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
22:40:32.0843 1436 eeCtrl - ok
22:40:33.0000 1436 EMVSCARD (19d61bb8773dac8f006c64dac3804acf) C:\WINDOWS\system32\Drivers\EMVSCARD.sys
22:40:33.0078 1436 EMVSCARD - ok
22:40:33.0343 1436 esgiguard - ok
22:40:33.0578 1436 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:40:33.0578 1436 Fastfat - ok
22:40:33.0656 1436 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
22:40:33.0656 1436 Fdc - ok
22:40:33.0718 1436 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:40:33.0718 1436 Fips - ok
22:40:33.0859 1436 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
22:40:33.0859 1436 Flpydisk - ok
22:40:34.0125 1436 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:40:34.0125 1436 FltMgr - ok
22:40:34.0218 1436 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:40:34.0218 1436 Fs_Rec - ok
22:40:34.0328 1436 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:40:34.0328 1436 Ftdisk - ok
22:40:34.0437 1436 GcKernel (72fe2bea6863d4eb93442a1c4fb5ca48) C:\WINDOWS\system32\DRIVERS\GcKernel.sys
22:40:34.0437 1436 GcKernel - ok
22:40:34.0515 1436 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:40:34.0515 1436 Gpc - ok
22:40:34.0703 1436 grmnusb (6003bc70f1a8307262bd3c941bda0b7e) C:\WINDOWS\system32\drivers\grmnusb.sys
22:40:34.0703 1436 grmnusb - ok
22:40:34.0812 1436 hardlock (ed32d389f8b0e74e400932e020bcfbdf) C:\WINDOWS\system32\drivers\hardlock.sys
22:40:34.0859 1436 hardlock - ok
22:40:34.0984 1436 Haspnt (2dd25f060dc9f79b5cdf33d90ed93669) C:\WINDOWS\system32\drivers\Haspnt.sys
22:40:34.0984 1436 Haspnt - ok
22:40:35.0250 1436 HdAudAddService (a8bccb6ab8e43c39f4ef1bc4db8d6165) C:\WINDOWS\system32\drivers\CHDAud.sys
22:40:35.0281 1436 HdAudAddService - ok
22:40:35.0468 1436 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:40:35.0468 1436 HDAudBus - ok
22:40:35.0593 1436 HIDSwvd (bd205320308fb41c88a4049a2d1764b4) C:\WINDOWS\system32\DRIVERS\HIDSwvd.sys
22:40:35.0593 1436 HIDSwvd - ok
22:40:35.0687 1436 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:40:35.0687 1436 HidUsb - ok
22:40:35.0765 1436 hpn - ok
22:40:35.0843 1436 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:40:35.0859 1436 HPZid412 - ok
22:40:36.0031 1436 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:40:36.0031 1436 HPZipr12 - ok
22:40:36.0156 1436 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:40:36.0171 1436 HPZius12 - ok
22:40:36.0312 1436 HSFHWAZL - ok
22:40:36.0843 1436 HSF_DPV (9efa5fec26cec696a66a891ac90b412d) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
22:40:36.0890 1436 HSF_DPV - ok
22:40:37.0093 1436 HSXHWAZL (7e775360ece92156ced6ed3b1daf6208) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
22:40:37.0093 1436 HSXHWAZL - ok
22:40:37.0265 1436 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:40:37.0265 1436 HTTP - ok
22:40:37.0343 1436 i2omgmt - ok
22:40:37.0484 1436 i2omp - ok
22:40:37.0609 1436 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:40:37.0609 1436 i8042prt - ok
22:40:37.0796 1436 ialm (81efe1c5542afb2570758f39ae3b1151) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
22:40:37.0859 1436 ialm - ok
22:40:37.0968 1436 imagedrv (1e90556b48615d7dfecb857c56e89222) C:\WINDOWS\system32\Drivers\imagedrv.sys
22:40:37.0968 1436 imagedrv - ok
22:40:38.0140 1436 imagesrv (a24dd16fcaf1b68c7cf3b17a6ef52b43) C:\WINDOWS\system32\DRIVERS\imagesrv.sys
22:40:38.0140 1436 imagesrv - ok
22:40:38.0250 1436 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:40:38.0250 1436 Imapi - ok
22:40:38.0343 1436 ini910u - ok
22:40:38.0656 1436 IntcAzAudAddService (febb470bf0de4dbebbf72b79df993c5f) C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:40:38.0875 1436 IntcAzAudAddService - ok
22:40:39.0031 1436 IntelIde - ok
22:40:39.0125 1436 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:40:39.0125 1436 intelppm - ok
22:40:39.0203 1436 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:40:39.0203 1436 Ip6Fw - ok
22:40:39.0265 1436 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:40:39.0265 1436 IpFilterDriver - ok
22:40:39.0328 1436 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:40:39.0328 1436 IpInIp - ok
22:40:39.0500 1436 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:40:39.0500 1436 IpNat - ok
22:40:39.0640 1436 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:40:39.0640 1436 IPSec - ok
22:40:39.0718 1436 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:40:39.0718 1436 IRENUM - ok
22:40:39.0812 1436 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:40:39.0812 1436 isapnp - ok
22:40:39.0984 1436 Iviaspi (f59c3569a2f2c464bb78cb1bdcdca55e) C:\WINDOWS\system32\drivers\iviaspi.sys
22:40:39.0984 1436 Iviaspi - ok
22:40:40.0109 1436 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:40:40.0109 1436 Kbdclass - ok
22:40:40.0187 1436 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:40:40.0187 1436 kbdhid - ok
22:40:40.0296 1436 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:40:40.0296 1436 kmixer - ok
22:40:40.0468 1436 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:40:40.0468 1436 KSecDD - ok
22:40:40.0593 1436 lbrtfdc - ok
22:40:40.0843 1436 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:40:40.0843 1436 mdmxsdk - ok
22:40:40.0937 1436 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
22:40:40.0937 1436 MHNDRV - ok
22:40:41.0156 1436 MicroGuard (e298b3788a69f8aa246c8c9e978dc13d) C:\WINDOWS\system32\drivers\mgnt.sys
22:40:41.0156 1436 MicroGuard - ok
22:40:41.0296 1436 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:40:41.0296 1436 mnmdd - ok
22:40:41.0375 1436 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:40:41.0375 1436 Modem - ok
22:40:41.0515 1436 Monfilt (33e2d87ca31f02023b4cb545d1401650) C:\WINDOWS\system32\drivers\Monfilt.sys
22:40:41.0578 1436 Suspicious file (Forged): C:\WINDOWS\system32\drivers\Monfilt.sys. Real md5: 33e2d87ca31f02023b4cb545d1401650, Fake md5: 0c34c710e170a8059802b6174f261c7f
22:40:41.0578 1436 Monfilt ( ForgedFile.Multi.Generic ) - warning
22:40:41.0578 1436 Monfilt - detected ForgedFile.Multi.Generic (1)
22:40:41.0750 1436 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:40:41.0750 1436 Mouclass - ok
22:40:41.0890 1436 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:40:41.0890 1436 mouhid - ok
22:40:41.0968 1436 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:40:41.0968 1436 MountMgr - ok
22:40:42.0015 1436 mraid35x - ok
22:40:42.0187 1436 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:40:42.0203 1436 MRxDAV - ok
22:40:42.0421 1436 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:40:42.0437 1436 MRxSmb - ok
22:40:42.0640 1436 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:40:42.0640 1436 Msfs - ok
22:40:42.0703 1436 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:40:42.0703 1436 MSKSSRV - ok
22:40:42.0796 1436 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:40:42.0796 1436 MSPCLOCK - ok
22:40:42.0968 1436 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:40:42.0968 1436 MSPQM - ok
22:40:43.0156 1436 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:40:43.0156 1436 mssmbios - ok
22:40:43.0234 1436 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:40:43.0234 1436 Mup - ok
22:40:43.0359 1436 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:40:43.0375 1436 NDIS - ok
22:40:43.0531 1436 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:40:43.0531 1436 NdisTapi - ok
22:40:43.0671 1436 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:40:43.0687 1436 Ndisuio - ok
22:40:43.0734 1436 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:40:43.0734 1436 NdisWan - ok
22:40:43.0812 1436 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:40:43.0812 1436 NDProxy - ok
22:40:43.0937 1436 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:40:43.0937 1436 NetBIOS - ok
22:40:44.0125 1436 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:40:44.0125 1436 NetBT - ok
22:40:44.0296 1436 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys
22:40:44.0296 1436 Netdevio - ok
22:40:44.0375 1436 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:40:44.0375 1436 NIC1394 - ok
22:40:44.0515 1436 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:40:44.0515 1436 Npfs - ok
22:40:44.0687 1436 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:40:44.0703 1436 Ntfs - ok
22:40:44.0765 1436 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:40:44.0765 1436 Null - ok
22:40:45.0140 1436 nv (e955c80eeb77e809263b9c4443a1d188) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:40:45.0312 1436 nv - ok
22:40:45.0453 1436 NvNdis - ok
22:40:45.0531 1436 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:40:45.0531 1436 NwlnkFlt - ok
22:40:45.0593 1436 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:40:45.0593 1436 NwlnkFwd - ok
22:40:45.0765 1436 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:40:45.0765 1436 ohci1394 - ok
22:40:45.0859 1436 oreans32 (b99575d16f887883b821d372ff292c20) C:\WINDOWS\system32\drivers\oreans32.sys
22:40:45.0859 1436 oreans32 - ok
22:40:46.0109 1436 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
22:40:46.0109 1436 Parport - ok
22:40:46.0171 1436 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:40:46.0171 1436 PartMgr - ok
22:40:46.0343 1436 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:40:46.0343 1436 ParVdm - ok
22:40:46.0421 1436 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
22:40:46.0421 1436 pccsmcfd - ok
22:40:46.0578 1436 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:40:46.0578 1436 PCI - ok
22:40:46.0703 1436 PCIDump - ok
22:40:46.0859 1436 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:40:46.0859 1436 PCIIde - ok
22:40:46.0921 1436 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
22:40:46.0921 1436 Pcmcia - ok
22:40:46.0984 1436 PDCOMP - ok
22:40:47.0031 1436 PDFRAME - ok
22:40:47.0140 1436 PDRELI - ok
22:40:47.0203 1436 PDRFRAME - ok
22:40:47.0343 1436 perc2 - ok
22:40:47.0500 1436 perc2hib - ok
22:40:47.0609 1436 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
22:40:47.0609 1436 Pfc - ok
22:40:47.0718 1436 Point32 (60a044879c4fa76314494f5fddc43b93) C:\WINDOWS\system32\DRIVERS\point32.sys
22:40:47.0718 1436 Point32 - ok
22:40:47.0921 1436 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:40:47.0921 1436 PptpMiniport - ok
22:40:48.0031 1436 PRODIGY (65937a34c9a5741e3030a86905400d91) C:\WINDOWS\system32\Drivers\PRODIGY.SYS
22:40:48.0031 1436 PRODIGY - ok
22:40:48.0281 1436 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:40:48.0281 1436 Ptilink - ok
22:40:48.0453 1436 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:40:48.0453 1436 PxHelp20 - ok
22:40:48.0500 1436 qkbfiltr (7dc7aca4e775e9d823f5773a2f47a2ac) C:\WINDOWS\system32\drivers\qkbfiltr.sys
22:40:48.0500 1436 qkbfiltr - ok
22:40:48.0562 1436 ql1080 - ok
22:40:48.0640 1436 Ql10wnt - ok
22:40:48.0687 1436 ql12160 - ok
22:40:48.0781 1436 ql1240 - ok
22:40:48.0890 1436 ql1280 - ok
22:40:49.0062 1436 qmofiltr (8652b9e134c3478be948bf089df8ed5e) C:\WINDOWS\system32\drivers\qmofiltr.sys
22:40:49.0062 1436 qmofiltr - ok
22:40:49.0140 1436 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:40:49.0140 1436 RasAcd - ok
22:40:49.0312 1436 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:40:49.0312 1436 Rasl2tp - ok
22:40:49.0468 1436 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:40:49.0468 1436 RasPppoe - ok
22:40:49.0562 1436 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:40:49.0562 1436 Raspti - ok
22:40:49.0640 1436 rcvpn - ok
22:40:49.0703 1436 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:40:49.0703 1436 Rdbss - ok
22:40:49.0828 1436 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:40:49.0828 1436 RDPCDD - ok
22:40:50.0015 1436 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:40:50.0015 1436 rdpdr - ok
22:40:50.0140 1436 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:40:50.0140 1436 RDPWD - ok
22:40:50.0281 1436 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:40:50.0281 1436 redbook - ok
22:40:50.0406 1436 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys
22:40:50.0406 1436 Revoflt - ok
22:40:50.0578 1436 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
22:40:50.0578 1436 RFCOMM - ok
22:40:50.0640 1436 rkhdrv40 - ok
22:40:50.0703 1436 RkHit - ok
22:40:50.0843 1436 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
22:40:50.0843 1436 ROOTMODEM - ok
22:40:51.0062 1436 s24trans (1cc074e0d48383d4e9bffc6a26c2a58a) C:\WINDOWS\system32\DRIVERS\s24trans.sys
22:40:51.0062 1436 s24trans - ok
22:40:51.0312 1436 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
22:40:51.0312 1436 sdbus - ok
22:40:51.0421 1436 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:40:51.0421 1436 Secdrv - ok
22:40:51.0531 1436 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:40:51.0531 1436 serenum - ok
22:40:51.0656 1436 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
22:40:51.0656 1436 Serial - ok
22:40:51.0812 1436 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
22:40:51.0828 1436 sffdisk - ok
22:40:52.0031 1436 sffp_mmc (d66d22d76878bf3483a6be30183fb648) C:\WINDOWS\system32\DRIVERS\sffp_mmc.sys
22:40:52.0031 1436 sffp_mmc - ok
22:40:52.0093 1436 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
22:40:52.0093 1436 sffp_sd - ok
22:40:52.0187 1436 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:40:52.0187 1436 Sfloppy - ok
22:40:52.0359 1436 silabser (177d3ebf3e236a272d769c14f73ecc3e) C:\WINDOWS\system32\DRIVERS\silabser.sys
22:40:52.0359 1436 silabser - ok
22:40:52.0421 1436 Simbad - ok
22:40:52.0656 1436 SMCB000 (6c7f2b518f8a7abe1c145f26aa48c633) C:\WINDOWS\system32\DRIVERS\hidsmsc.sys
22:40:52.0656 1436 SMCB000 - ok
22:40:52.0750 1436 Sparrow - ok
22:40:52.0843 1436 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:40:52.0843 1436 splitter - ok
22:40:52.0984 1436 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:40:52.0984 1436 sr - ok
22:40:53.0125 1436 SRS_SSCFilter (25ecea986742275ecb23a1cb6bc87a61) C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys
22:40:53.0125 1436 SRS_SSCFilter - ok
22:40:53.0343 1436 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:40:53.0343 1436 Srv - ok
22:40:53.0453 1436 SSIPDDP (2773f6c4c4be8a3b87227934ac8d5b38) C:\WINDOWS\system32\DRIVERS\SSIPDDP.SYS
22:40:53.0453 1436 SSIPDDP - ok
22:40:53.0609 1436 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
22:40:53.0609 1436 StillCam - ok
22:40:53.0718 1436 StMp3Rec (833ac40f6e7be17951d6d9a956829547) C:\WINDOWS\system32\Drivers\StMp3Rec.sys
22:40:53.0718 1436 StMp3Rec - ok
22:40:53.0921 1436 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:40:53.0921 1436 swenum - ok
22:40:54.0031 1436 SWIPsec (5de79394183d6710870d693869d5268a) C:\WINDOWS\system32\Drivers\SWIPsec.sys
22:40:54.0031 1436 Suspicious file (Forged): C:\WINDOWS\system32\Drivers\SWIPsec.sys. Real md5: 5de79394183d6710870d693869d5268a, Fake md5: ebd83e322b4eb50f6a1d8d7b42d3745e
22:40:54.0031 1436 SWIPsec ( Rootkit.Win32.ZAccess.aml ) - infected
22:40:54.0031 1436 SWIPsec - detected Rootkit.Win32.ZAccess.aml (0)
22:40:54.0140 1436 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:40:54.0140 1436 swmidi - ok
22:40:54.0375 1436 SWUSBFLT (5212178c49079e40831d95ec7596fcc7) C:\WINDOWS\system32\DRIVERS\SWUSBFLT.sys
22:40:54.0375 1436 SWUSBFLT - ok
22:40:54.0453 1436 SWVNIC (962b13026b10b82d2874bfda4ecc048d) C:\WINDOWS\system32\DRIVERS\swvnic.sys
22:40:54.0453 1436 SWVNIC - ok
22:40:54.0515 1436 symc810 - ok
22:40:54.0625 1436 symc8xx - ok
22:40:54.0671 1436 sym_hi - ok
22:40:54.0859 1436 sym_u3 - ok
22:40:54.0921 1436 SynTP (a6cc8c28d5aad4179ef32f05bed55e91) C:\WINDOWS\system32\DRIVERS\SynTP.sys
22:40:54.0921 1436 SynTP - ok
22:40:54.0984 1436 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:40:54.0984 1436 sysaudio - ok
22:40:55.0156 1436 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:40:55.0156 1436 Tcpip - ok
22:40:55.0390 1436 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
22:40:55.0390 1436 Tcpip6 - ok
22:40:55.0453 1436 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:40:55.0453 1436 TDPIPE - ok
22:40:55.0578 1436 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:40:55.0578 1436 TDTCP - ok
22:40:55.0640 1436 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:40:55.0640 1436 TermDD - ok
22:40:55.0796 1436 tifm21 (244cfbffdefb77f3df571a8cd108fc06) C:\WINDOWS\system32\drivers\tifm21.sys
22:40:55.0796 1436 tifm21 - ok
22:40:56.0000 1436 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys
22:40:56.0000 1436 toshidpt - ok
22:40:56.0062 1436 TosIde - ok
22:40:56.0156 1436 tosporte (8d624d3bd1f2d78bd1c01a2d4e954b4e) C:\WINDOWS\system32\DRIVERS\tosporte.sys
22:40:56.0156 1436 tosporte - ok
22:40:56.0234 1436 Tosrfbd (8c3bfaf3fca90502e6fa35503b8e979e) C:\WINDOWS\system32\Drivers\tosrfbd.sys
22:40:56.0234 1436 Tosrfbd - ok
22:40:56.0359 1436 Tosrfbnp (90c8525bc578aaffe87c2d0ed4379e9e) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
22:40:56.0359 1436 Tosrfbnp - ok
22:40:56.0562 1436 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys
22:40:56.0578 1436 Tosrfcom - ok
22:40:56.0656 1436 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\WINDOWS\system32\DRIVERS\tosrfec.sys
22:40:56.0671 1436 tosrfec - ok
22:40:56.0796 1436 Tosrfhid (7c807ba9660e2995cc0217a14a24094c) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
22:40:56.0796 1436 Tosrfhid - ok
22:40:56.0906 1436 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
22:40:56.0906 1436 tosrfnds - ok
22:40:57.0000 1436 TosRfSnd (a4ce9572bc4ac8d329455059b43c5bea) C:\WINDOWS\system32\drivers\TosRfSnd.sys
22:40:57.0000 1436 TosRfSnd - ok
22:40:57.0187 1436 Tosrfusb (ac59b465500e660607ba393587e0e3a1) C:\WINDOWS\system32\Drivers\tosrfusb.sys
22:40:57.0187 1436 Tosrfusb - ok
22:40:57.0281 1436 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
22:40:57.0281 1436 tunmp - ok
22:40:57.0375 1436 U2SP (228d8e60bc9c5238587b0bf1654ec580) C:\WINDOWS\system32\DRIVERS\u2s2kxp.sys
22:40:57.0390 1436 U2SP - ok
22:40:57.0531 1436 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:40:57.0531 1436 Udfs - ok
22:40:57.0718 1436 UIUSys - ok
22:40:57.0765 1436 ultra - ok
22:40:57.0859 1436 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:40:57.0875 1436 Update - ok
22:40:57.0937 1436 USBAAPL - ok
22:40:58.0125 1436 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:40:58.0125 1436 usbaudio - ok
22:40:58.0296 1436 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:40:58.0296 1436 usbccgp - ok
22:40:58.0390 1436 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:40:58.0390 1436 usbehci - ok
22:40:58.0437 1436 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:40:58.0453 1436 usbhub - ok
22:40:58.0593 1436 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:40:58.0593 1436 usbprint - ok
22:40:58.0781 1436 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:40:58.0781 1436 usbscan - ok
22:40:58.0875 1436 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
22:40:58.0875 1436 usbser - ok
22:40:58.0984 1436 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:40:58.0984 1436 USBSTOR - ok
22:40:59.0078 1436 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:40:59.0078 1436 usbuhci - ok
22:40:59.0312 1436 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
22:40:59.0312 1436 usb_rndisx - ok
22:40:59.0375 1436 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:40:59.0375 1436 VgaSave - ok
22:40:59.0421 1436 ViaIde - ok
22:40:59.0578 1436 VirtualFD - ok
22:40:59.0875 1436 vmm (590c7a3a1133e51a7e1cef67366e75af) C:\WINDOWS\system32\Drivers\vmm.sys
22:40:59.0890 1436 vmm - ok
22:40:59.0984 1436 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:40:59.0984 1436 VolSnap - ok
22:41:00.0031 1436 VPCNetS2 (f96a678debdccb0b4bb7f38cb2580589) C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys
22:41:00.0031 1436 VPCNetS2 - ok
22:41:00.0109 1436 vsbus (1c8a783e90c34d205596f1ab4a97e261) C:\WINDOWS\system32\DRIVERS\vsb.sys
22:41:00.0109 1436 vsbus - ok
22:41:00.0484 1436 w39n51 (b1f126e7e28877106d60e6ff3998d033) C:\WINDOWS\system32\DRIVERS\w39n51.sys
22:41:00.0562 1436 w39n51 - ok
22:41:00.0640 1436 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:41:00.0640 1436 Wanarp - ok
22:41:00.0750 1436 wceusbsh (4a954a20a4c73d6db13c0fe25f3f1b0c) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
22:41:00.0750 1436 wceusbsh - ok
22:41:00.0843 1436 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
22:41:00.0843 1436 Wdf01000 - ok
22:41:01.0109 1436 WDICA - ok
22:41:01.0234 1436 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:41:01.0234 1436 wdmaud - ok
22:41:01.0359 1436 winachsf (cf27edac75c87f2b776d9218f02f8301) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
22:41:01.0406 1436 winachsf - ok
22:41:01.0750 1436 WmBEnum (38932c4649f8baad6ce1000ac6503d5b) C:\WINDOWS\system32\drivers\WmBEnum.sys
22:41:01.0750 1436 WmBEnum - ok
22:41:01.0890 1436 WmFilter (58b3adab903fa1a78c86e6a42b80fe76) C:\WINDOWS\system32\drivers\WmFilter.sys
22:41:01.0890 1436 WmFilter - ok
22:41:02.0000 1436 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:41:02.0000 1436 WmiAcpi - ok
22:41:02.0078 1436 WmVirHid (e45f01f4014d7ab13b8a0c41ebf48a3d) C:\WINDOWS\system32\drivers\WmVirHid.sys
22:41:02.0078 1436 WmVirHid - ok
22:41:02.0156 1436 WmXlCore (0398265dd65aae2ece180fa9d1e7b5bb) C:\WINDOWS\system32\drivers\WmXlCore.sys
22:41:02.0156 1436 WmXlCore - ok
22:41:02.0453 1436 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:41:02.0453 1436 WpdUsb - ok
22:41:02.0609 1436 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:41:02.0609 1436 WudfPf - ok
22:41:02.0656 1436 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:41:02.0671 1436 WudfRd - ok
22:41:02.0734 1436 X10Hid (81e8da36ce70858898d5eb81e28a47d2) C:\WINDOWS\system32\Drivers\x10hid.sys
22:41:02.0734 1436 X10Hid - ok
22:41:03.0031 1436 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\WINDOWS\system32\DRIVERS\xaudio.sys
22:41:03.0031 1436 XAudio - ok
22:41:03.0171 1436 zlportio - ok
22:41:03.0453 1436 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl
22:41:03.0453 1436 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
22:41:03.0546 1436 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
22:41:03.0687 1436 \Device\Harddisk0\DR0 - ok
22:41:03.0687 1436 Boot (0x1200) (edae3c559cc6a81c3f1e4260f9d5f761) \Device\Harddisk0\DR0\Partition0
22:41:03.0687 1436 \Device\Harddisk0\DR0\Partition0 - ok
22:41:03.0703 1436 ============================================================
22:41:03.0703 1436 Scan finished
22:41:03.0703 1436 ============================================================
22:41:03.0734 0240 Detected object count: 3
22:41:03.0734 0240 Actual detected object count: 3
22:42:24.0640 0240 HKLM\SYSTEM\ControlSet003\services\Ambfilt - will be deleted on reboot
22:42:24.0640 0240 HKLM\SYSTEM\ControlSet004\services\Ambfilt - will be deleted on reboot
22:42:24.0656 0240 C:\WINDOWS\system32\drivers\Ambfilt.sys - will be deleted on reboot
22:42:24.0656 0240 Ambfilt ( ForgedFile.Multi.Generic ) - User select action: Delete
22:42:24.0656 0240 HKLM\SYSTEM\ControlSet003\services\Monfilt - will be deleted on reboot
22:42:24.0656 0240 HKLM\SYSTEM\ControlSet004\services\Monfilt - will be deleted on reboot
22:42:24.0671 0240 C:\WINDOWS\system32\drivers\Monfilt.sys - will be deleted on reboot
22:42:24.0671 0240 Monfilt ( ForgedFile.Multi.Generic ) - User select action: Delete
22:42:25.0062 0240 Backup copy found, using it..
22:42:25.0078 0240 C:\WINDOWS\system32\Drivers\SWIPsec.sys - will be cured on reboot
22:42:32.0031 0240 SWIPsec ( Rootkit.Win32.ZAccess.aml ) - User select action: Cure
22:42:37.0781 1888 Deinitialize success




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users