Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Audio Virus, google redirecting, win32 error


  • Please log in to reply
10 replies to this topic

#1 macobi

macobi

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 19 June 2012 - 09:11 AM

Please help, I have three problems. First, when I search using internet explorer or google chrome if I attempt to open a link in a new tab, google redirects the page to some ad page. Second, I have a ghost audio file that plays randomly in the background even when I'm not logged on to the internet. Third, when I shut down my computer I get a win32 error message. I know I have a virus, will you help me fix it.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:06 PM

Posted 19 June 2012 - 10:07 AM

Boot the PC into safemode with networking


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 macobi

macobi
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 19 June 2012 - 01:02 PM

TDSSKiller LOG report:

11:12:36.0375 1648 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
11:12:36.0828 1648 ============================================================
11:12:36.0828 1648 Current date / time: 2012/06/19 11:12:36.0828
11:12:36.0828 1648 SystemInfo:
11:12:36.0828 1648
11:12:36.0828 1648 OS Version: 5.1.2600 ServicePack: 3.0
11:12:36.0828 1648 Product type: Workstation
11:12:36.0828 1648 ComputerName: FRONTOFFICEPC
11:12:36.0828 1648 UserName: Clerical Asst III
11:12:36.0828 1648 Windows directory: C:\WINDOWS
11:12:36.0828 1648 System windows directory: C:\WINDOWS
11:12:36.0828 1648 Processor architecture: Intel x86
11:12:36.0828 1648 Number of processors: 2
11:12:36.0828 1648 Page size: 0x1000
11:12:36.0828 1648 Boot type: Safe boot with network
11:12:36.0828 1648 ============================================================
11:12:39.0468 1648 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:12:39.0468 1648 ============================================================
11:12:39.0468 1648 \Device\Harddisk0\DR0:
11:12:39.0468 1648 MBR partitions:
11:12:39.0468 1648 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A011FC
11:12:39.0468 1648 ============================================================
11:12:39.0515 1648 C: <-> \Device\Harddisk0\DR0\Partition0
11:12:39.0546 1648 ============================================================
11:12:39.0546 1648 Initialize success
11:12:39.0546 1648 ============================================================
11:12:53.0578 0676 ============================================================
11:12:53.0578 0676 Scan started
11:12:53.0578 0676 Mode: Manual; TDLFS;
11:12:53.0578 0676 ============================================================
11:12:54.0812 0676 Abiosdsk - ok
11:12:54.0843 0676 abp480n5 - ok
11:12:54.0906 0676 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:12:54.0921 0676 ACPI - ok
11:12:54.0984 0676 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:12:54.0984 0676 ACPIEC - ok
11:12:55.0031 0676 ADIHdAudAddService (f959f333a01f5c109e9d644c3bd8301c) C:\WINDOWS\system32\drivers\ADIHdAud.sys
11:12:55.0046 0676 ADIHdAudAddService - ok
11:12:55.0062 0676 adpu160m - ok
11:12:55.0093 0676 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:12:55.0093 0676 aec - ok
11:12:55.0156 0676 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:12:55.0171 0676 AFD - ok
11:12:55.0187 0676 Aha154x - ok
11:12:55.0203 0676 aic78u2 - ok
11:12:55.0234 0676 aic78xx - ok
11:12:55.0281 0676 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
11:12:55.0281 0676 Alerter - ok
11:12:55.0312 0676 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
11:12:55.0312 0676 ALG - ok
11:12:55.0328 0676 AliIde - ok
11:12:55.0343 0676 amsint - ok
11:12:55.0406 0676 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
11:12:55.0421 0676 AppMgmt - ok
11:12:55.0437 0676 asc - ok
11:12:55.0484 0676 asc3350p - ok
11:12:55.0500 0676 asc3550 - ok
11:12:55.0671 0676 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:12:55.0687 0676 aspnet_state - ok
11:12:55.0718 0676 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:12:55.0718 0676 AsyncMac - ok
11:12:55.0765 0676 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:12:55.0765 0676 atapi - ok
11:12:55.0781 0676 Atdisk - ok
11:12:55.0890 0676 Ati HotKey Poller (c23082b890f21267037ca6111c385ff3) C:\WINDOWS\system32\Ati2evxx.exe
11:12:55.0906 0676 Ati HotKey Poller - ok
11:12:55.0984 0676 ATI Smart (cec65fa2556ade70544b32d65fc76d07) C:\WINDOWS\system32\ati2sgag.exe
11:12:56.0000 0676 ATI Smart - ok
11:12:56.0125 0676 ati2mtag (f5fc6ac1e7bc776871361d463fc86be2) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:12:56.0203 0676 ati2mtag - ok
11:12:56.0328 0676 ATICDSDr - ok
11:12:56.0500 0676 atiide (1842b56b3d3f195c36f62708d266b95e) C:\WINDOWS\system32\DRIVERS\atiide.sys
11:12:56.0500 0676 atiide - ok
11:12:56.0546 0676 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:12:56.0546 0676 Atmarpc - ok
11:12:56.0609 0676 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
11:12:56.0609 0676 AudioSrv - ok
11:12:56.0640 0676 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:12:56.0640 0676 audstub - ok
11:12:56.0859 0676 BBSvc (47480f4260dae9aa589bcaf924b3767a) C:\Program Files\Microsoft\BingBar\7.1.362.0\BBSvc.exe
11:12:56.0859 0676 BBSvc - ok
11:12:56.0968 0676 BBUpdate (6bf743cbf3bcd09dab79245e60e1ae62) C:\Program Files\Microsoft\BingBar\7.1.362.0\SeaPort.exe
11:12:57.0015 0676 BBUpdate - ok
11:12:57.0078 0676 bcm4sbxp (78e7b52da292fa90bad2f887bbf22159) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
11:12:57.0078 0676 bcm4sbxp - ok
11:12:57.0156 0676 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
11:12:57.0156 0676 BcmSqlStartupSvc - ok
11:12:57.0203 0676 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:12:57.0203 0676 Beep - ok
11:12:57.0546 0676 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120531.001\BHDrvx86.sys
11:12:57.0625 0676 BHDrvx86 - ok
11:12:57.0687 0676 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
11:12:57.0968 0676 BITS - ok
11:12:58.0046 0676 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
11:12:58.0046 0676 Browser - ok
11:12:58.0093 0676 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:12:58.0093 0676 cbidf2k - ok
11:12:58.0234 0676 ccSet_NIS (599e7f6259a127c174c49938d2aa6a60) C:\WINDOWS\system32\drivers\NIS\1307010.005\ccSetx86.sys
11:12:58.0234 0676 ccSet_NIS - ok
11:12:58.0250 0676 cd20xrnt - ok
11:12:58.0312 0676 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:12:58.0312 0676 Cdaudio - ok
11:12:58.0359 0676 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:12:58.0359 0676 Cdfs - ok
11:12:58.0500 0676 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:12:58.0500 0676 Cdrom - ok
11:12:58.0562 0676 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
11:12:58.0562 0676 cercsr6 - ok
11:12:58.0578 0676 Changer - ok
11:12:58.0640 0676 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
11:12:58.0640 0676 CiSvc - ok
11:12:58.0671 0676 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
11:12:58.0671 0676 ClipSrv - ok
11:12:59.0062 0676 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:12:59.0140 0676 clr_optimization_v2.0.50727_32 - ok
11:12:59.0234 0676 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:12:59.0296 0676 clr_optimization_v4.0.30319_32 - ok
11:12:59.0312 0676 CmdIde - ok
11:12:59.0328 0676 COMSysApp - ok
11:12:59.0375 0676 Cpqarray - ok
11:12:59.0437 0676 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
11:12:59.0437 0676 CryptSvc - ok
11:12:59.0453 0676 dac2w2k - ok
11:12:59.0468 0676 dac960nt - ok
11:12:59.0546 0676 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
11:12:59.0546 0676 DcomLaunch - ok
11:12:59.0718 0676 DellBIOS - ok
11:12:59.0796 0676 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
11:12:59.0796 0676 Dhcp - ok
11:12:59.0859 0676 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:12:59.0859 0676 Disk - ok
11:12:59.0921 0676 DLABMFSM (0659e6e0a95564f958d9df7313f7701e) C:\WINDOWS\system32\DLA\DLABMFSM.SYS
11:12:59.0921 0676 DLABMFSM - ok
11:12:59.0937 0676 DLABOIOM (8691c78908f0bd66170669db268369f2) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
11:12:59.0937 0676 DLABOIOM - ok
11:12:59.0953 0676 DLACDBHM (76167b5eb2dffc729edc36386876b40b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
11:12:59.0953 0676 DLACDBHM - ok
11:13:00.0000 0676 DLADResM (5615744a1056933b90e6ac54feb86f35) C:\WINDOWS\system32\DLA\DLADResM.SYS
11:13:00.0015 0676 DLADResM - ok
11:13:00.0031 0676 DLAIFS_M (1aeca2afa5005ce4a550cf8eb55a8c88) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
11:13:00.0031 0676 DLAIFS_M - ok
11:13:00.0062 0676 DLAOPIOM (840e7f6abb885c72b9ffddb022ef5b6d) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
11:13:00.0062 0676 DLAOPIOM - ok
11:13:00.0078 0676 DLAPoolM (0294d18731ac05da80132ce88f8a876b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
11:13:00.0078 0676 DLAPoolM - ok
11:13:00.0109 0676 DLARTL_M (91886fed52a3f9966207bce46cfd794f) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
11:13:00.0109 0676 DLARTL_M - ok
11:13:00.0125 0676 DLAUDFAM (cca4e121d599d7d1706a30f603731e59) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
11:13:00.0140 0676 DLAUDFAM - ok
11:13:00.0156 0676 DLAUDF_M (7dab85c33135df24419951da4e7d38e5) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
11:13:00.0156 0676 DLAUDF_M - ok
11:13:00.0203 0676 DM150Drv (c1e8f827343c65957f76487677711dfa) C:\WINDOWS\system32\DRIVERS\DM150Drv.sys
11:13:00.0203 0676 DM150Drv - ok
11:13:00.0218 0676 dmadmin - ok
11:13:00.0390 0676 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
11:13:00.0390 0676 dmboot - ok
11:13:00.0421 0676 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
11:13:00.0437 0676 dmio - ok
11:13:00.0453 0676 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:13:00.0453 0676 dmload - ok
11:13:00.0500 0676 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
11:13:00.0500 0676 dmserver - ok
11:13:00.0593 0676 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:13:00.0593 0676 DMusic - ok
11:13:00.0656 0676 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
11:13:00.0656 0676 Dnscache - ok
11:13:00.0718 0676 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
11:13:00.0734 0676 Dot3svc - ok
11:13:00.0781 0676 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
11:13:00.0812 0676 dot4 - ok
11:13:00.0859 0676 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
11:13:00.0859 0676 Dot4Print - ok
11:13:00.0875 0676 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
11:13:00.0875 0676 dot4usb - ok
11:13:00.0890 0676 dpti2o - ok
11:13:00.0937 0676 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:13:00.0937 0676 drmkaud - ok
11:13:00.0984 0676 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
11:13:01.0000 0676 DRVMCDB - ok
11:13:01.0015 0676 DRVNDDM (6e6ab29d3c06e64ce81feacda85394b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
11:13:01.0015 0676 DRVNDDM - ok
11:13:01.0046 0676 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
11:13:01.0046 0676 EapHost - ok
11:13:01.0156 0676 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
11:13:01.0250 0676 eeCtrl - ok
11:13:01.0312 0676 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:13:01.0312 0676 EraserUtilRebootDrv - ok
11:13:01.0390 0676 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
11:13:01.0390 0676 ERSvc - ok
11:13:01.0437 0676 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
11:13:01.0453 0676 Eventlog - ok
11:13:01.0515 0676 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
11:13:01.0562 0676 EventSystem - ok
11:13:01.0625 0676 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:13:01.0625 0676 Fastfat - ok
11:13:01.0687 0676 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
11:13:01.0703 0676 FastUserSwitchingCompatibility - ok
11:13:01.0750 0676 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:13:01.0750 0676 Fdc - ok
11:13:01.0796 0676 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
11:13:01.0796 0676 Fips - ok
11:13:01.0890 0676 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:13:01.0937 0676 FLEXnet Licensing Service - ok
11:13:01.0984 0676 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:13:01.0984 0676 Flpydisk - ok
11:13:02.0031 0676 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:13:02.0046 0676 FltMgr - ok
11:13:02.0140 0676 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:13:02.0156 0676 FontCache3.0.0.0 - ok
11:13:02.0187 0676 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:13:02.0187 0676 Fs_Rec - ok
11:13:02.0218 0676 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:13:02.0218 0676 Ftdisk - ok
11:13:02.0343 0676 GoToAssist (8f6ae606eb0cc884ee12c41948424422) C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
11:13:02.0343 0676 GoToAssist - ok
11:13:02.0406 0676 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:13:02.0406 0676 Gpc - ok
11:13:02.0453 0676 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
11:13:02.0468 0676 gupdate - ok
11:13:02.0484 0676 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
11:13:02.0484 0676 gupdatem - ok
11:13:02.0531 0676 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:13:02.0531 0676 gusvc - ok
11:13:02.0578 0676 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:13:02.0593 0676 HDAudBus - ok
11:13:02.0687 0676 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:13:02.0687 0676 helpsvc - ok
11:13:02.0703 0676 HidServ - ok
11:13:02.0765 0676 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:13:02.0765 0676 hidusb - ok
11:13:02.0812 0676 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
11:13:02.0812 0676 hkmsvc - ok
11:13:02.0828 0676 hpn - ok
11:13:02.0875 0676 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
11:13:02.0875 0676 HSFHWBS2 - ok
11:13:02.0968 0676 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
11:13:03.0046 0676 HSF_DP - ok
11:13:03.0109 0676 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:13:03.0109 0676 HTTP - ok
11:13:03.0171 0676 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
11:13:03.0218 0676 HTTPFilter - ok
11:13:03.0234 0676 i2omgmt - ok
11:13:03.0265 0676 i2omp - ok
11:13:03.0312 0676 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
11:13:03.0312 0676 i8042prt - ok
11:13:03.0515 0676 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:13:03.0546 0676 idsvc - ok
11:13:03.0734 0676 IDSxpx86 (c924bf6d42b3d9292268ff1998596bd1) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120613.007\IDSxpx86.sys
11:13:03.0781 0676 IDSxpx86 - ok
11:13:03.0828 0676 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:13:03.0828 0676 Imapi - ok
11:13:03.0875 0676 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
11:13:03.0890 0676 ImapiService - ok
11:13:03.0953 0676 ini910u - ok
11:13:03.0984 0676 IntelIde - ok
11:13:04.0031 0676 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:13:04.0031 0676 intelppm - ok
11:13:04.0093 0676 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:13:04.0093 0676 Ip6Fw - ok
11:13:04.0125 0676 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:13:04.0125 0676 IpFilterDriver - ok
11:13:04.0156 0676 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:13:04.0156 0676 IpInIp - ok
11:13:04.0203 0676 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:13:04.0218 0676 IpNat - ok
11:13:04.0250 0676 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:13:04.0250 0676 IPSec - ok
11:13:04.0265 0676 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:13:04.0265 0676 IRENUM - ok
11:13:04.0328 0676 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:13:04.0328 0676 isapnp - ok
11:13:04.0406 0676 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:13:04.0406 0676 Kbdclass - ok
11:13:04.0453 0676 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:13:04.0453 0676 kbdhid - ok
11:13:04.0515 0676 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:13:04.0515 0676 kmixer - ok
11:13:04.0578 0676 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:13:04.0578 0676 KSecDD - ok
11:13:04.0656 0676 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
11:13:04.0656 0676 lanmanserver - ok
11:13:04.0734 0676 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
11:13:04.0734 0676 lanmanworkstation - ok
11:13:04.0750 0676 lbrtfdc - ok
11:13:04.0812 0676 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
11:13:04.0812 0676 LmHosts - ok
11:13:04.0875 0676 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
11:13:04.0875 0676 mdmxsdk - ok
11:13:04.0906 0676 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
11:13:04.0906 0676 Messenger - ok
11:13:04.0937 0676 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:13:04.0937 0676 mnmdd - ok
11:13:04.0968 0676 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
11:13:04.0984 0676 mnmsrvc - ok
11:13:05.0015 0676 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
11:13:05.0015 0676 Modem - ok
11:13:05.0078 0676 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
11:13:05.0078 0676 MODEMCSA - ok
11:13:05.0109 0676 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:13:05.0109 0676 Mouclass - ok
11:13:05.0125 0676 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:13:05.0125 0676 mouhid - ok
11:13:05.0187 0676 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:13:05.0187 0676 MountMgr - ok
11:13:05.0203 0676 mraid35x - ok
11:13:05.0250 0676 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:13:05.0265 0676 MRxDAV - ok
11:13:05.0312 0676 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:13:05.0328 0676 MRxSmb - ok
11:13:05.0359 0676 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
11:13:05.0359 0676 MSDTC - ok
11:13:05.0453 0676 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:13:05.0453 0676 Msfs - ok
11:13:05.0468 0676 MSIServer - ok
11:13:05.0531 0676 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:13:05.0546 0676 MSKSSRV - ok
11:13:05.0546 0676 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:13:05.0562 0676 MSPCLOCK - ok
11:13:05.0578 0676 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:13:05.0578 0676 MSPQM - ok
11:13:05.0640 0676 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:13:05.0640 0676 mssmbios - ok
11:13:05.0781 0676 MSSQL$MSSMLBIZ - ok
11:13:05.0859 0676 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
11:13:05.0875 0676 MSSQLServerADHelper - ok
11:13:05.0890 0676 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:13:05.0890 0676 Mup - ok
11:13:05.0937 0676 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
11:13:05.0953 0676 napagent - ok
11:13:06.0218 0676 NAVENG (f11033730b38260b6892e837c457fb4b) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120618.017\NAVENG.SYS
11:13:06.0218 0676 NAVENG - ok
11:13:06.0359 0676 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120618.017\NAVEX15.SYS
11:13:06.0578 0676 NAVEX15 - ok
11:13:06.0796 0676 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:13:06.0812 0676 NDIS - ok
11:13:06.0875 0676 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:13:06.0875 0676 NdisTapi - ok
11:13:06.0921 0676 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:13:06.0921 0676 Ndisuio - ok
11:13:06.0968 0676 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:13:06.0968 0676 NdisWan - ok
11:13:07.0015 0676 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:13:07.0015 0676 NDProxy - ok
11:13:07.0203 0676 Net Driver HPZ12 (f7c14f5077bf2bc476c348b88a7f74e2) C:\WINDOWS\system32\HPZinw12.dll
11:13:07.0203 0676 Net Driver HPZ12 - ok
11:13:07.0265 0676 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:13:07.0265 0676 NetBIOS - ok
11:13:07.0328 0676 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:13:07.0343 0676 NetBT - ok
11:13:07.0406 0676 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
11:13:07.0421 0676 NetDDE - ok
11:13:07.0437 0676 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
11:13:07.0437 0676 NetDDEdsdm - ok
11:13:07.0500 0676 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:13:07.0500 0676 Netlogon - ok
11:13:07.0546 0676 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
11:13:07.0546 0676 Netman - ok
11:13:07.0703 0676 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:13:07.0718 0676 NetTcpPortSharing - ok
11:13:07.0859 0676 NIS (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
11:13:07.0875 0676 NIS - ok
11:13:07.0937 0676 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
11:13:07.0937 0676 Nla - ok
11:13:08.0343 0676 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:13:08.0343 0676 Npfs - ok
11:13:08.0500 0676 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:13:08.0515 0676 Ntfs - ok
11:13:08.0562 0676 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:13:08.0562 0676 NtLmSsp - ok
11:13:08.0640 0676 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
11:13:08.0656 0676 NtmsSvc - ok
11:13:08.0718 0676 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:13:08.0718 0676 Null - ok
11:13:08.0765 0676 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:13:08.0765 0676 NwlnkFlt - ok
11:13:08.0781 0676 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:13:08.0781 0676 NwlnkFwd - ok
11:13:08.0875 0676 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:13:08.0890 0676 odserv - ok
11:13:08.0906 0676 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:13:08.0906 0676 ose - ok
11:13:08.0968 0676 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
11:13:08.0968 0676 Parport - ok
11:13:09.0015 0676 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:13:09.0015 0676 PartMgr - ok
11:13:09.0062 0676 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
11:13:09.0062 0676 ParVdm - ok
11:13:09.0125 0676 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
11:13:09.0140 0676 PCI - ok
11:13:09.0140 0676 PCIDump - ok
11:13:09.0203 0676 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:13:09.0203 0676 PCIIde - ok
11:13:09.0250 0676 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:13:09.0265 0676 Pcmcia - ok
11:13:09.0265 0676 PDCOMP - ok
11:13:09.0312 0676 PDFRAME - ok
11:13:09.0328 0676 PDRELI - ok
11:13:09.0359 0676 PDRFRAME - ok
11:13:09.0375 0676 perc2 - ok
11:13:09.0406 0676 perc2hib - ok
11:13:09.0562 0676 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
11:13:09.0562 0676 PlugPlay - ok
11:13:09.0640 0676 Pml Driver HPZ12 (e638656001c52a1faa34f92e6d3a086b) C:\WINDOWS\system32\HPZipm12.dll
11:13:09.0640 0676 Pml Driver HPZ12 - ok
11:13:09.0671 0676 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:13:09.0671 0676 PolicyAgent - ok
11:13:09.0734 0676 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:13:09.0734 0676 PptpMiniport - ok
11:13:09.0750 0676 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:13:09.0750 0676 ProtectedStorage - ok
11:13:09.0781 0676 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:13:09.0781 0676 PSched - ok
11:13:09.0796 0676 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:13:09.0796 0676 Ptilink - ok
11:13:09.0859 0676 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:13:09.0859 0676 PxHelp20 - ok
11:13:09.0875 0676 ql1080 - ok
11:13:09.0890 0676 Ql10wnt - ok
11:13:09.0921 0676 ql12160 - ok
11:13:09.0937 0676 ql1240 - ok
11:13:09.0968 0676 ql1280 - ok
11:13:10.0015 0676 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:13:10.0015 0676 RasAcd - ok
11:13:10.0046 0676 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
11:13:10.0046 0676 RasAuto - ok
11:13:10.0078 0676 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:13:10.0078 0676 Rasl2tp - ok
11:13:10.0140 0676 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
11:13:10.0156 0676 RasMan - ok
11:13:10.0187 0676 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:13:10.0187 0676 RasPppoe - ok
11:13:10.0218 0676 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:13:10.0218 0676 Raspti - ok
11:13:10.0250 0676 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:13:10.0265 0676 Rdbss - ok
11:13:10.0281 0676 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:13:10.0281 0676 RDPCDD - ok
11:13:10.0312 0676 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:13:10.0328 0676 rdpdr - ok
11:13:10.0375 0676 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
11:13:10.0390 0676 RDPWD - ok
11:13:10.0437 0676 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
11:13:10.0437 0676 RDSessMgr - ok
11:13:10.0468 0676 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:13:10.0484 0676 redbook - ok
11:13:10.0531 0676 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
11:13:10.0531 0676 RemoteAccess - ok
11:13:10.0578 0676 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
11:13:10.0578 0676 RemoteRegistry - ok
11:13:10.0593 0676 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
11:13:10.0609 0676 RpcLocator - ok
11:13:10.0703 0676 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
11:13:10.0703 0676 RpcSs - ok
11:13:10.0781 0676 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
11:13:10.0796 0676 RSVP - ok
11:13:10.0843 0676 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:13:10.0890 0676 SamSs - ok
11:13:10.0937 0676 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
11:13:10.0953 0676 SCardSvr - ok
11:13:11.0000 0676 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
11:13:11.0000 0676 Schedule - ok
11:13:11.0046 0676 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:13:11.0046 0676 Secdrv - ok
11:13:11.0078 0676 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
11:13:11.0093 0676 seclogon - ok
11:13:11.0234 0676 SenFiltService (b6a6b409fda9d9ebd3aadb838d3d7173) C:\WINDOWS\system32\drivers\Senfilt.sys
11:13:11.0265 0676 SenFiltService - ok
11:13:11.0296 0676 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
11:13:11.0312 0676 SENS - ok
11:13:11.0359 0676 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:13:11.0359 0676 serenum - ok
11:13:11.0375 0676 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
11:13:11.0375 0676 Serial - ok
11:13:11.0468 0676 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:13:11.0468 0676 Sfloppy - ok
11:13:11.0531 0676 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
11:13:11.0562 0676 SharedAccess - ok
11:13:11.0609 0676 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
11:13:11.0609 0676 ShellHWDetection - ok
11:13:11.0625 0676 Simbad - ok
11:13:11.0671 0676 Sparrow - ok
11:13:11.0734 0676 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:13:11.0734 0676 splitter - ok
11:13:11.0781 0676 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
11:13:11.0781 0676 Spooler - ok
11:13:11.0843 0676 spupdsvc (03d7ad16ac204c48640cbe6ed8281a65) C:\WINDOWS\system32\spupdsvc.exe
11:13:11.0843 0676 spupdsvc - ok
11:13:11.0968 0676 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
11:13:11.0984 0676 SQLBrowser - ok
11:13:12.0015 0676 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:13:12.0031 0676 SQLWriter - ok
11:13:12.0062 0676 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
11:13:12.0062 0676 sr - ok
11:13:12.0109 0676 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
11:13:12.0125 0676 srservice - ok
11:13:12.0250 0676 SRTSP (9dd258ee034afd36259cb7357e19d0b1) C:\WINDOWS\System32\Drivers\NIS\1307010.005\SRTSP.SYS
11:13:12.0265 0676 SRTSP - ok
11:13:12.0281 0676 SRTSPX (0cc3a10f363436c7b478419eb73f8d91) C:\WINDOWS\system32\drivers\NIS\1307010.005\SRTSPX.SYS
11:13:12.0281 0676 SRTSPX - ok
11:13:12.0343 0676 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:13:12.0343 0676 Srv - ok
11:13:12.0390 0676 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
11:13:12.0390 0676 SSDPSRV - ok
11:13:12.0453 0676 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
11:13:12.0515 0676 stisvc - ok
11:13:12.0656 0676 stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
11:13:12.0671 0676 stllssvr - ok
11:13:12.0718 0676 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:13:12.0718 0676 swenum - ok
11:13:12.0734 0676 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:13:12.0750 0676 swmidi - ok
11:13:12.0765 0676 SwPrv - ok
11:13:12.0796 0676 symc810 - ok
11:13:12.0812 0676 symc8xx - ok
11:13:12.0875 0676 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\NIS\1307010.005\SYMDS.SYS
11:13:12.0875 0676 SymDS - ok
11:13:12.0968 0676 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\WINDOWS\system32\drivers\NIS\1307010.005\SYMEFA.SYS
11:13:12.0984 0676 SymEFA - ok
11:13:13.0031 0676 SymEvent (74e2521e96176a4449570e50be91954d) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
11:13:13.0031 0676 SymEvent - ok
11:13:13.0093 0676 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\WINDOWS\system32\drivers\NIS\1307010.005\Ironx86.SYS
11:13:13.0093 0676 SymIRON - ok
11:13:13.0171 0676 SYMTDI (508bd882040f9cb12319e3a4fc78edb9) C:\WINDOWS\System32\Drivers\NIS\1307010.005\SYMTDI.SYS
11:13:13.0187 0676 SYMTDI - ok
11:13:13.0203 0676 sym_hi - ok
11:13:13.0234 0676 sym_u3 - ok
11:13:13.0281 0676 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:13:13.0281 0676 sysaudio - ok
11:13:13.0328 0676 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
11:13:13.0343 0676 SysmonLog - ok
11:13:13.0421 0676 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
11:13:13.0484 0676 TapiSrv - ok
11:13:13.0562 0676 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:13:13.0625 0676 Tcpip - ok
11:13:13.0671 0676 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:13:13.0671 0676 TDPIPE - ok
11:13:13.0687 0676 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:13:13.0687 0676 TDTCP - ok
11:13:13.0765 0676 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:13:13.0765 0676 TermDD - ok
11:13:13.0843 0676 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
11:13:13.0843 0676 TermService - ok
11:13:13.0937 0676 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
11:13:13.0953 0676 Themes - ok
11:13:13.0984 0676 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
11:13:13.0984 0676 TlntSvr - ok
11:13:14.0000 0676 TosIde - ok
11:13:14.0062 0676 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
11:13:14.0062 0676 TrkWks - ok
11:13:14.0140 0676 UdfReadr (3831d5499ad1e61217abb88e93bb17dc) C:\WINDOWS\system32\drivers\UdfReadr.sys
11:13:14.0156 0676 UdfReadr - ok
11:13:14.0203 0676 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:13:14.0203 0676 Udfs - ok
11:13:14.0234 0676 ultra - ok
11:13:14.0296 0676 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:13:14.0375 0676 Update - ok
11:13:14.0406 0676 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
11:13:14.0453 0676 upnphost - ok
11:13:14.0484 0676 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
11:13:14.0500 0676 UPS - ok
11:13:14.0593 0676 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:13:14.0593 0676 usbccgp - ok
11:13:14.0671 0676 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:13:14.0671 0676 usbehci - ok
11:13:14.0687 0676 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:13:14.0687 0676 usbhub - ok
11:13:14.0718 0676 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
11:13:14.0734 0676 usbohci - ok
11:13:14.0781 0676 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:13:14.0781 0676 usbprint - ok
11:13:14.0828 0676 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:13:14.0828 0676 usbscan - ok
11:13:14.0859 0676 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:13:14.0859 0676 USBSTOR - ok
11:13:14.0921 0676 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:13:14.0921 0676 VgaSave - ok
11:13:14.0937 0676 ViaIde - ok
11:13:14.0984 0676 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
11:13:14.0984 0676 VolSnap - ok
11:13:15.0062 0676 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
11:13:15.0109 0676 VSS - ok
11:13:15.0171 0676 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
11:13:15.0171 0676 W32Time - ok
11:13:15.0234 0676 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:13:15.0234 0676 Wanarp - ok
11:13:15.0250 0676 WDICA - ok
11:13:15.0296 0676 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:13:15.0296 0676 wdmaud - ok
11:13:15.0359 0676 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
11:13:15.0375 0676 WebClient - ok
11:13:15.0468 0676 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
11:13:15.0468 0676 winachsf - ok
11:13:15.0609 0676 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
11:13:15.0625 0676 winmgmt - ok
11:13:15.0687 0676 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
11:13:15.0687 0676 WmdmPmSN - ok
11:13:15.0765 0676 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
11:13:15.0781 0676 Wmi - ok
11:13:15.0828 0676 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:13:15.0890 0676 WmiApSrv - ok
11:13:16.0046 0676 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
11:13:16.0062 0676 WMPNetworkSvc - ok
11:13:16.0125 0676 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:13:16.0125 0676 WpdUsb - ok
11:13:16.0265 0676 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:13:16.0281 0676 WPFFontCache_v0400 - ok
11:13:16.0343 0676 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
11:13:16.0343 0676 wscsvc - ok
11:13:16.0359 0676 WSearch - ok
11:13:16.0390 0676 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
11:13:16.0390 0676 wuauserv - ok
11:13:16.0453 0676 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:13:16.0453 0676 WudfPf - ok
11:13:16.0500 0676 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:13:16.0500 0676 WudfRd - ok
11:13:16.0546 0676 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
11:13:16.0546 0676 WudfSvc - ok
11:13:16.0640 0676 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
11:13:16.0656 0676 WZCSVC - ok
11:13:16.0687 0676 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
11:13:16.0703 0676 xmlprov - ok
11:13:16.0734 0676 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
11:13:16.0765 0676 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
11:13:16.0765 0676 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
11:13:16.0796 0676 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:13:16.0796 0676 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:13:16.0796 0676 Boot (0x1200) (d90268c54db72264a11644d2bdf3833f) \Device\Harddisk0\DR0\Partition0
11:13:16.0812 0676 \Device\Harddisk0\DR0\Partition0 - ok
11:13:16.0812 0676 ============================================================
11:13:16.0812 0676 Scan finished
11:13:16.0812 0676 ============================================================
11:13:16.0843 1984 Detected object count: 2
11:13:16.0843 1984 Actual detected object count: 2
11:14:41.0109 1984 \Device\Harddisk0\DR0\# - copied to quarantine
11:14:41.0109 1984 \Device\Harddisk0\DR0 - copied to quarantine
11:14:41.0125 1984 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
11:14:41.0140 1984 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
11:14:41.0140 1984 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
11:14:41.0156 1984 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
11:14:41.0171 1984 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
11:14:41.0203 1984 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
11:14:41.0203 1984 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
11:14:41.0203 1984 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
11:14:41.0218 1984 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
11:14:41.0218 1984 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
11:14:41.0218 1984 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
11:14:41.0218 1984 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
11:14:41.0250 1984 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
11:14:41.0250 1984 \Device\Harddisk0\DR0 - ok
11:14:42.0281 1984 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
11:14:42.0281 1984 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:14:42.0281 1984 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
11:14:54.0812 1624 Deinitialize success


Avast log results:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-19 11:40:37
-----------------------------
11:40:37.171 OS Version: Windows 5.1.2600 Service Pack 3
11:40:37.171 Number of processors: 2 586 0xF02
11:40:37.171 ComputerName: FRONTOFFICEPC UserName:
11:40:37.843 Initialize success
11:42:22.984 AVAST engine defs: 12061900
11:42:57.375 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
11:42:57.390 Disk 0 Vendor: WDC_WD1600AAJS-75M0A0 02.03E02 Size: 152587MB BusType: 3
11:42:57.421 Disk 0 MBR read successfully
11:42:57.437 Disk 0 MBR scan
11:42:57.500 Disk 0 Windows XP default MBR code
11:42:57.500 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152578 MB offset 63
11:42:57.515 Disk 0 scanning sectors +312480315
11:42:57.593 Disk 0 scanning C:\WINDOWS\system32\drivers
11:43:07.843 Service scanning
11:43:29.046 Modules scanning
11:43:33.593 Disk 0 trace - called modules:
11:43:33.640 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll atiide.sys PCIIDEX.SYS
11:43:33.656 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a937ab8]
11:43:33.656 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x8a93cd98]
11:43:34.296 AVAST engine scan C:\WINDOWS
11:43:38.703 AVAST engine scan C:\WINDOWS\system32
11:46:45.687 AVAST engine scan C:\WINDOWS\system32\drivers
11:47:04.250 AVAST engine scan C:\Documents and Settings\Clerical Asst III
11:47:59.203 File: C:\Documents and Settings\Clerical Asst III\Local Settings\Application Data\Brother\ATI\mmvyrzxq.dll **INFECTED** Win32:Kryptik-IWR [Trj]
11:48:47.093 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Clerical Asst III\My Documents\MBR.dat"
11:48:47.187 The log file has been saved successfully to "C:\Documents and Settings\Clerical Asst III\My Documents\aswMBR.txt"

ESET List of Found Threats:
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Documents and Settings\Clerical Asst III\Local Settings\Application Data\Brother\ATI\mmvyrzxq.dll a variant of Win32/Kryptik.AGVE trojan cleaned by deleting - quarantined
C:\Documents and Settings\Clerical Asst III\Local Settings\Temp\0.9094679303549037 a variant of Win32/Kryptik.AGVE trojan cleaned by deleting - quarantined
C:\Documents and Settings\Clerical Asst III\Local Settings\Temp\1044140.Uninstall\Uninstall.exe a variant of Win32/InstallCore.E application cleaned by deleting - quarantined
C:\Documents and Settings\Clerical Asst III\Local Settings\Temp\1093937.Uninstall\Uninstall.exe a variant of Win32/InstallCore.E application cleaned by deleting - quarantined
C:\Documents and Settings\Clerical Asst III\Local Settings\Temp\1108078.Uninstall\Uninstall.exe a variant of Win32/InstallCore.E application cleaned by deleting - quarantined
C:\Documents and Settings\Clerical Asst III\Local Settings\Temp\183906.Uninstall\Uninstall.exe a variant of Win32/InstallCore.E application cleaned by deleting - quarantined
C:\Documents and Settings\Clerical Asst III\Local Settings\Temp\197343.Uninstall\Uninstall.exe a variant of Win32/InstallCore.E application cleaned by deleting - quarantined
C:\Program Files\FoxTabPDFConverter\Uninstall\Uninstall.exe a variant of Win32/InstallCore.E application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.06.2012_11.12.36\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.06.2012_11.12.36\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.06.2012_11.12.36\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.06.2012_11.12.36\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.06.2012_11.12.36\mbr0000\tdlfs0000\tsk0008.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.06.2012_11.12.36\mbr0000\tdlfs0000\tsk0009.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:06 PM

Posted 19 June 2012 - 01:06 PM

Restart the PC ,run TDSSkiller and aswmbr again and post the new logs

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 macobi

macobi
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 19 June 2012 - 02:44 PM

TDSSKiller LOG report:
13:43:50.0125 1092 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
13:43:50.0593 1092 ============================================================
13:43:50.0593 1092 Current date / time: 2012/06/19 13:43:50.0593
13:43:50.0593 1092 SystemInfo:
13:43:50.0593 1092
13:43:50.0593 1092 OS Version: 5.1.2600 ServicePack: 3.0
13:43:50.0593 1092 Product type: Workstation
13:43:50.0593 1092 ComputerName: FRONTOFFICEPC
13:43:50.0593 1092 UserName: Clerical Asst III
13:43:50.0593 1092 Windows directory: C:\WINDOWS
13:43:50.0593 1092 System windows directory: C:\WINDOWS
13:43:50.0593 1092 Processor architecture: Intel x86
13:43:50.0593 1092 Number of processors: 2
13:43:50.0593 1092 Page size: 0x1000
13:43:50.0593 1092 Boot type: Safe boot with network
13:43:50.0609 1092 ============================================================
13:43:52.0609 1092 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:43:52.0609 1092 ============================================================
13:43:52.0609 1092 \Device\Harddisk0\DR0:
13:43:52.0609 1092 MBR partitions:
13:43:52.0609 1092 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A011FC
13:43:52.0609 1092 ============================================================
13:43:52.0656 1092 C: <-> \Device\Harddisk0\DR0\Partition0
13:43:52.0671 1092 ============================================================
13:43:52.0671 1092 Initialize success
13:43:52.0671 1092 ============================================================
13:43:56.0546 1168 ============================================================
13:43:56.0546 1168 Scan started
13:43:56.0546 1168 Mode: Manual;
13:43:56.0546 1168 ============================================================
13:43:57.0343 1168 Abiosdsk - ok
13:43:57.0359 1168 abp480n5 - ok
13:43:57.0421 1168 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:43:57.0437 1168 ACPI - ok
13:43:57.0484 1168 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:43:57.0484 1168 ACPIEC - ok
13:43:57.0546 1168 ADIHdAudAddService (f959f333a01f5c109e9d644c3bd8301c) C:\WINDOWS\system32\drivers\ADIHdAud.sys
13:43:57.0546 1168 ADIHdAudAddService - ok
13:43:57.0562 1168 adpu160m - ok
13:43:57.0609 1168 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:43:57.0609 1168 aec - ok
13:43:57.0671 1168 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
13:43:57.0671 1168 AFD - ok
13:43:57.0687 1168 Aha154x - ok
13:43:57.0703 1168 aic78u2 - ok
13:43:57.0734 1168 aic78xx - ok
13:43:57.0781 1168 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
13:43:57.0796 1168 Alerter - ok
13:43:57.0812 1168 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
13:43:57.0812 1168 ALG - ok
13:43:57.0828 1168 AliIde - ok
13:43:57.0843 1168 amsint - ok
13:43:57.0906 1168 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
13:43:57.0921 1168 AppMgmt - ok
13:43:57.0937 1168 asc - ok
13:43:57.0953 1168 asc3350p - ok
13:43:57.0984 1168 asc3550 - ok
13:43:58.0125 1168 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:43:58.0140 1168 aspnet_state - ok
13:43:58.0171 1168 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:43:58.0171 1168 AsyncMac - ok
13:43:58.0203 1168 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:43:58.0203 1168 atapi - ok
13:43:58.0218 1168 Atdisk - ok
13:43:58.0296 1168 Ati HotKey Poller (c23082b890f21267037ca6111c385ff3) C:\WINDOWS\system32\Ati2evxx.exe
13:43:58.0312 1168 Ati HotKey Poller - ok
13:43:58.0390 1168 ATI Smart (cec65fa2556ade70544b32d65fc76d07) C:\WINDOWS\system32\ati2sgag.exe
13:43:58.0406 1168 ATI Smart - ok
13:43:58.0531 1168 ati2mtag (f5fc6ac1e7bc776871361d463fc86be2) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
13:43:58.0562 1168 ati2mtag - ok
13:43:58.0687 1168 ATICDSDr - ok
13:43:58.0812 1168 atiide (1842b56b3d3f195c36f62708d266b95e) C:\WINDOWS\system32\DRIVERS\atiide.sys
13:43:58.0812 1168 atiide - ok
13:43:58.0859 1168 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:43:58.0859 1168 Atmarpc - ok
13:43:58.0921 1168 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
13:43:58.0921 1168 AudioSrv - ok
13:43:58.0953 1168 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:43:58.0968 1168 audstub - ok
13:43:59.0093 1168 BBSvc (47480f4260dae9aa589bcaf924b3767a) C:\Program Files\Microsoft\BingBar\7.1.362.0\BBSvc.exe
13:43:59.0093 1168 BBSvc - ok
13:43:59.0156 1168 BBUpdate (6bf743cbf3bcd09dab79245e60e1ae62) C:\Program Files\Microsoft\BingBar\7.1.362.0\SeaPort.exe
13:43:59.0156 1168 BBUpdate - ok
13:43:59.0203 1168 bcm4sbxp (78e7b52da292fa90bad2f887bbf22159) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
13:43:59.0203 1168 bcm4sbxp - ok
13:43:59.0328 1168 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
13:43:59.0328 1168 BcmSqlStartupSvc - ok
13:43:59.0375 1168 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:43:59.0375 1168 Beep - ok
13:43:59.0546 1168 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120531.001\BHDrvx86.sys
13:43:59.0578 1168 BHDrvx86 - ok
13:43:59.0640 1168 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
13:43:59.0812 1168 BITS - ok
13:43:59.0859 1168 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
13:43:59.0859 1168 Browser - ok
13:43:59.0906 1168 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:43:59.0906 1168 cbidf2k - ok
13:44:00.0015 1168 ccSet_NIS (599e7f6259a127c174c49938d2aa6a60) C:\WINDOWS\system32\drivers\NIS\1307010.005\ccSetx86.sys
13:44:00.0031 1168 ccSet_NIS - ok
13:44:00.0046 1168 cd20xrnt - ok
13:44:00.0093 1168 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:44:00.0093 1168 Cdaudio - ok
13:44:00.0125 1168 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:44:00.0140 1168 Cdfs - ok
13:44:00.0156 1168 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:44:00.0156 1168 Cdrom - ok
13:44:00.0187 1168 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
13:44:00.0187 1168 cercsr6 - ok
13:44:00.0203 1168 Changer - ok
13:44:00.0250 1168 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
13:44:00.0250 1168 CiSvc - ok
13:44:00.0265 1168 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
13:44:00.0265 1168 ClipSrv - ok
13:44:00.0406 1168 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:44:00.0468 1168 clr_optimization_v2.0.50727_32 - ok
13:44:00.0531 1168 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:44:00.0578 1168 clr_optimization_v4.0.30319_32 - ok
13:44:00.0578 1168 CmdIde - ok
13:44:00.0609 1168 COMSysApp - ok
13:44:00.0640 1168 Cpqarray - ok
13:44:00.0687 1168 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
13:44:00.0687 1168 CryptSvc - ok
13:44:00.0703 1168 dac2w2k - ok
13:44:00.0734 1168 dac960nt - ok
13:44:00.0781 1168 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
13:44:00.0796 1168 DcomLaunch - ok
13:44:00.0921 1168 DellBIOS - ok
13:44:00.0984 1168 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
13:44:00.0984 1168 Dhcp - ok
13:44:01.0046 1168 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:44:01.0062 1168 Disk - ok
13:44:01.0109 1168 DLABMFSM (0659e6e0a95564f958d9df7313f7701e) C:\WINDOWS\system32\DLA\DLABMFSM.SYS
13:44:01.0109 1168 DLABMFSM - ok
13:44:01.0125 1168 DLABOIOM (8691c78908f0bd66170669db268369f2) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
13:44:01.0125 1168 DLABOIOM - ok
13:44:01.0140 1168 DLACDBHM (76167b5eb2dffc729edc36386876b40b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
13:44:01.0140 1168 DLACDBHM - ok
13:44:01.0187 1168 DLADResM (5615744a1056933b90e6ac54feb86f35) C:\WINDOWS\system32\DLA\DLADResM.SYS
13:44:01.0187 1168 DLADResM - ok
13:44:01.0203 1168 DLAIFS_M (1aeca2afa5005ce4a550cf8eb55a8c88) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
13:44:01.0203 1168 DLAIFS_M - ok
13:44:01.0234 1168 DLAOPIOM (840e7f6abb885c72b9ffddb022ef5b6d) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
13:44:01.0234 1168 DLAOPIOM - ok
13:44:01.0250 1168 DLAPoolM (0294d18731ac05da80132ce88f8a876b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
13:44:01.0250 1168 DLAPoolM - ok
13:44:01.0265 1168 DLARTL_M (91886fed52a3f9966207bce46cfd794f) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
13:44:01.0265 1168 DLARTL_M - ok
13:44:01.0296 1168 DLAUDFAM (cca4e121d599d7d1706a30f603731e59) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
13:44:01.0296 1168 DLAUDFAM - ok
13:44:01.0328 1168 DLAUDF_M (7dab85c33135df24419951da4e7d38e5) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
13:44:01.0328 1168 DLAUDF_M - ok
13:44:01.0375 1168 DM150Drv (c1e8f827343c65957f76487677711dfa) C:\WINDOWS\system32\DRIVERS\DM150Drv.sys
13:44:01.0375 1168 DM150Drv - ok
13:44:01.0375 1168 dmadmin - ok
13:44:01.0484 1168 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
13:44:01.0500 1168 dmboot - ok
13:44:01.0515 1168 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
13:44:01.0531 1168 dmio - ok
13:44:01.0546 1168 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:44:01.0546 1168 dmload - ok
13:44:01.0593 1168 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
13:44:01.0593 1168 dmserver - ok
13:44:01.0625 1168 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:44:01.0625 1168 DMusic - ok
13:44:01.0671 1168 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
13:44:01.0671 1168 Dnscache - ok
13:44:01.0718 1168 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
13:44:01.0734 1168 Dot3svc - ok
13:44:01.0781 1168 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
13:44:01.0781 1168 dot4 - ok
13:44:01.0796 1168 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
13:44:01.0796 1168 Dot4Print - ok
13:44:01.0828 1168 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
13:44:01.0828 1168 dot4usb - ok
13:44:01.0843 1168 dpti2o - ok
13:44:01.0875 1168 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:44:01.0875 1168 drmkaud - ok
13:44:01.0921 1168 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
13:44:01.0921 1168 DRVMCDB - ok
13:44:01.0937 1168 DRVNDDM (6e6ab29d3c06e64ce81feacda85394b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
13:44:01.0937 1168 DRVNDDM - ok
13:44:01.0984 1168 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
13:44:02.0000 1168 EapHost - ok
13:44:02.0093 1168 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
13:44:02.0140 1168 eeCtrl - ok
13:44:02.0218 1168 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:44:02.0218 1168 EraserUtilRebootDrv - ok
13:44:02.0281 1168 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
13:44:02.0281 1168 ERSvc - ok
13:44:02.0328 1168 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
13:44:02.0343 1168 Eventlog - ok
13:44:02.0406 1168 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
13:44:02.0406 1168 EventSystem - ok
13:44:02.0437 1168 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:44:02.0453 1168 Fastfat - ok
13:44:02.0500 1168 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:44:02.0515 1168 FastUserSwitchingCompatibility - ok
13:44:02.0531 1168 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
13:44:02.0531 1168 Fdc - ok
13:44:02.0593 1168 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
13:44:02.0593 1168 Fips - ok
13:44:02.0671 1168 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:44:02.0687 1168 FLEXnet Licensing Service - ok
13:44:02.0703 1168 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:44:02.0703 1168 Flpydisk - ok
13:44:02.0750 1168 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
13:44:02.0765 1168 FltMgr - ok
13:44:02.0859 1168 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:44:02.0859 1168 FontCache3.0.0.0 - ok
13:44:02.0890 1168 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:44:02.0890 1168 Fs_Rec - ok
13:44:02.0921 1168 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:44:02.0921 1168 Ftdisk - ok
13:44:03.0031 1168 GoToAssist (8f6ae606eb0cc884ee12c41948424422) C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
13:44:03.0046 1168 GoToAssist - ok
13:44:03.0093 1168 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:44:03.0093 1168 Gpc - ok
13:44:03.0187 1168 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:44:03.0187 1168 gupdate - ok
13:44:03.0203 1168 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:44:03.0203 1168 gupdatem - ok
13:44:03.0250 1168 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:44:03.0265 1168 gusvc - ok
13:44:03.0296 1168 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:44:03.0296 1168 HDAudBus - ok
13:44:03.0390 1168 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:44:03.0390 1168 helpsvc - ok
13:44:03.0406 1168 HidServ - ok
13:44:03.0421 1168 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:44:03.0421 1168 hidusb - ok
13:44:03.0468 1168 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
13:44:03.0468 1168 hkmsvc - ok
13:44:03.0484 1168 hpn - ok
13:44:03.0515 1168 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
13:44:03.0515 1168 HSFHWBS2 - ok
13:44:03.0609 1168 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
13:44:03.0625 1168 HSF_DP - ok
13:44:03.0687 1168 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
13:44:03.0687 1168 HTTP - ok
13:44:03.0734 1168 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
13:44:03.0796 1168 HTTPFilter - ok
13:44:03.0812 1168 i2omgmt - ok
13:44:03.0828 1168 i2omp - ok
13:44:03.0875 1168 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
13:44:03.0875 1168 i8042prt - ok
13:44:04.0062 1168 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:44:04.0093 1168 idsvc - ok
13:44:04.0281 1168 IDSxpx86 (c924bf6d42b3d9292268ff1998596bd1) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120613.007\IDSxpx86.sys
13:44:04.0296 1168 IDSxpx86 - ok
13:44:04.0328 1168 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:44:04.0328 1168 Imapi - ok
13:44:04.0375 1168 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
13:44:04.0375 1168 ImapiService - ok
13:44:04.0406 1168 ini910u - ok
13:44:04.0437 1168 IntelIde - ok
13:44:04.0500 1168 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:44:04.0500 1168 intelppm - ok
13:44:04.0515 1168 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
13:44:04.0531 1168 Ip6Fw - ok
13:44:04.0562 1168 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:44:04.0562 1168 IpFilterDriver - ok
13:44:04.0593 1168 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:44:04.0593 1168 IpInIp - ok
13:44:04.0640 1168 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:44:04.0640 1168 IpNat - ok
13:44:04.0656 1168 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:44:04.0656 1168 IPSec - ok
13:44:04.0671 1168 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:44:04.0687 1168 IRENUM - ok
13:44:04.0718 1168 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:44:04.0718 1168 isapnp - ok
13:44:04.0750 1168 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:44:04.0750 1168 Kbdclass - ok
13:44:04.0765 1168 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:44:04.0765 1168 kbdhid - ok
13:44:04.0796 1168 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:44:04.0796 1168 kmixer - ok
13:44:04.0828 1168 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
13:44:04.0828 1168 KSecDD - ok
13:44:04.0906 1168 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
13:44:04.0906 1168 lanmanserver - ok
13:44:04.0937 1168 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
13:44:04.0937 1168 lanmanworkstation - ok
13:44:04.0953 1168 lbrtfdc - ok
13:44:05.0000 1168 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
13:44:05.0000 1168 LmHosts - ok
13:44:05.0046 1168 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
13:44:05.0046 1168 mdmxsdk - ok
13:44:05.0093 1168 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
13:44:05.0093 1168 Messenger - ok
13:44:05.0125 1168 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:44:05.0125 1168 mnmdd - ok
13:44:05.0171 1168 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
13:44:05.0171 1168 mnmsrvc - ok
13:44:05.0187 1168 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
13:44:05.0187 1168 Modem - ok
13:44:05.0234 1168 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
13:44:05.0234 1168 MODEMCSA - ok
13:44:05.0265 1168 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:44:05.0265 1168 Mouclass - ok
13:44:05.0281 1168 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:44:05.0281 1168 mouhid - ok
13:44:05.0312 1168 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:44:05.0312 1168 MountMgr - ok
13:44:05.0328 1168 mraid35x - ok
13:44:05.0375 1168 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:44:05.0375 1168 MRxDAV - ok
13:44:05.0437 1168 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:44:05.0437 1168 MRxSmb - ok
13:44:05.0484 1168 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
13:44:05.0484 1168 MSDTC - ok
13:44:05.0546 1168 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:44:05.0546 1168 Msfs - ok
13:44:05.0562 1168 MSIServer - ok
13:44:05.0593 1168 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:44:05.0593 1168 MSKSSRV - ok
13:44:05.0609 1168 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:44:05.0609 1168 MSPCLOCK - ok
13:44:05.0625 1168 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:44:05.0625 1168 MSPQM - ok
13:44:05.0671 1168 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:44:05.0671 1168 mssmbios - ok
13:44:05.0828 1168 MSSQL$MSSMLBIZ - ok
13:44:05.0906 1168 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
13:44:05.0921 1168 MSSQLServerADHelper - ok
13:44:05.0937 1168 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
13:44:05.0937 1168 Mup - ok
13:44:05.0984 1168 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
13:44:06.0000 1168 napagent - ok
13:44:06.0109 1168 NAVENG (f11033730b38260b6892e837c457fb4b) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120618.017\NAVENG.SYS
13:44:06.0109 1168 NAVENG - ok
13:44:06.0218 1168 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120618.017\NAVEX15.SYS
13:44:06.0265 1168 NAVEX15 - ok
13:44:06.0406 1168 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:44:06.0421 1168 NDIS - ok
13:44:06.0484 1168 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:44:06.0484 1168 NdisTapi - ok
13:44:06.0500 1168 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:44:06.0500 1168 Ndisuio - ok
13:44:06.0531 1168 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:44:06.0546 1168 NdisWan - ok
13:44:06.0578 1168 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
13:44:06.0578 1168 NDProxy - ok
13:44:06.0640 1168 Net Driver HPZ12 (f7c14f5077bf2bc476c348b88a7f74e2) C:\WINDOWS\system32\HPZinw12.dll
13:44:06.0640 1168 Net Driver HPZ12 - ok
13:44:06.0656 1168 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:44:06.0656 1168 NetBIOS - ok
13:44:06.0703 1168 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:44:06.0703 1168 NetBT - ok
13:44:06.0765 1168 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
13:44:06.0765 1168 NetDDE - ok
13:44:06.0781 1168 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
13:44:06.0781 1168 NetDDEdsdm - ok
13:44:06.0843 1168 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:44:06.0843 1168 Netlogon - ok
13:44:06.0875 1168 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
13:44:06.0875 1168 Netman - ok
13:44:07.0015 1168 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:44:07.0015 1168 NetTcpPortSharing - ok
13:44:07.0125 1168 NIS (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
13:44:07.0140 1168 NIS - ok
13:44:07.0187 1168 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
13:44:07.0187 1168 Nla - ok
13:44:07.0250 1168 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:44:07.0250 1168 Npfs - ok
13:44:07.0281 1168 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:44:07.0296 1168 Ntfs - ok
13:44:07.0312 1168 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:44:07.0312 1168 NtLmSsp - ok
13:44:07.0390 1168 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
13:44:07.0406 1168 NtmsSvc - ok
13:44:07.0437 1168 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:44:07.0453 1168 Null - ok
13:44:07.0484 1168 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:44:07.0484 1168 NwlnkFlt - ok
13:44:07.0500 1168 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:44:07.0500 1168 NwlnkFwd - ok
13:44:07.0609 1168 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:44:07.0625 1168 odserv - ok
13:44:07.0640 1168 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:44:07.0640 1168 ose - ok
13:44:07.0687 1168 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
13:44:07.0687 1168 Parport - ok
13:44:07.0703 1168 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:44:07.0703 1168 PartMgr - ok
13:44:07.0734 1168 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
13:44:07.0734 1168 ParVdm - ok
13:44:07.0765 1168 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
13:44:07.0765 1168 PCI - ok
13:44:07.0781 1168 PCIDump - ok
13:44:07.0812 1168 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:44:07.0812 1168 PCIIde - ok
13:44:07.0843 1168 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:44:07.0843 1168 Pcmcia - ok
13:44:07.0859 1168 PDCOMP - ok
13:44:07.0890 1168 PDFRAME - ok
13:44:07.0906 1168 PDRELI - ok
13:44:07.0921 1168 PDRFRAME - ok
13:44:07.0953 1168 perc2 - ok
13:44:07.0968 1168 perc2hib - ok
13:44:08.0062 1168 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
13:44:08.0062 1168 PlugPlay - ok
13:44:08.0125 1168 Pml Driver HPZ12 (e638656001c52a1faa34f92e6d3a086b) C:\WINDOWS\system32\HPZipm12.dll
13:44:08.0125 1168 Pml Driver HPZ12 - ok
13:44:08.0156 1168 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:44:08.0156 1168 PolicyAgent - ok
13:44:08.0203 1168 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:44:08.0203 1168 PptpMiniport - ok
13:44:08.0218 1168 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:44:08.0218 1168 ProtectedStorage - ok
13:44:08.0234 1168 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:44:08.0234 1168 PSched - ok
13:44:08.0265 1168 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:44:08.0265 1168 Ptilink - ok
13:44:08.0312 1168 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:44:08.0328 1168 PxHelp20 - ok
13:44:08.0328 1168 ql1080 - ok
13:44:08.0359 1168 Ql10wnt - ok
13:44:08.0375 1168 ql12160 - ok
13:44:08.0390 1168 ql1240 - ok
13:44:08.0421 1168 ql1280 - ok
13:44:08.0453 1168 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:44:08.0453 1168 RasAcd - ok
13:44:08.0484 1168 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
13:44:08.0500 1168 RasAuto - ok
13:44:08.0531 1168 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:44:08.0531 1168 Rasl2tp - ok
13:44:08.0593 1168 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
13:44:08.0593 1168 RasMan - ok
13:44:08.0609 1168 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:44:08.0625 1168 RasPppoe - ok
13:44:08.0640 1168 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:44:08.0640 1168 Raspti - ok
13:44:08.0671 1168 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:44:08.0687 1168 Rdbss - ok
13:44:08.0703 1168 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:44:08.0703 1168 RDPCDD - ok
13:44:08.0734 1168 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:44:08.0734 1168 rdpdr - ok
13:44:08.0796 1168 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
13:44:08.0812 1168 RDPWD - ok
13:44:08.0843 1168 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
13:44:08.0859 1168 RDSessMgr - ok
13:44:08.0875 1168 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:44:08.0875 1168 redbook - ok
13:44:08.0937 1168 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
13:44:08.0937 1168 RemoteAccess - ok
13:44:08.0984 1168 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
13:44:08.0984 1168 RemoteRegistry - ok
13:44:09.0015 1168 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
13:44:09.0015 1168 RpcLocator - ok
13:44:09.0078 1168 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
13:44:09.0078 1168 RpcSs - ok
13:44:09.0140 1168 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
13:44:09.0156 1168 RSVP - ok
13:44:09.0171 1168 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:44:09.0171 1168 SamSs - ok
13:44:09.0218 1168 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
13:44:09.0234 1168 SCardSvr - ok
13:44:09.0265 1168 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
13:44:09.0281 1168 Schedule - ok
13:44:09.0328 1168 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:44:09.0328 1168 Secdrv - ok
13:44:09.0359 1168 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
13:44:09.0375 1168 seclogon - ok
13:44:09.0437 1168 SenFiltService (b6a6b409fda9d9ebd3aadb838d3d7173) C:\WINDOWS\system32\drivers\Senfilt.sys
13:44:09.0453 1168 SenFiltService - ok
13:44:09.0468 1168 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
13:44:09.0468 1168 SENS - ok
13:44:09.0500 1168 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
13:44:09.0500 1168 serenum - ok
13:44:09.0515 1168 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
13:44:09.0531 1168 Serial - ok
13:44:09.0609 1168 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:44:09.0609 1168 Sfloppy - ok
13:44:09.0671 1168 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
13:44:09.0687 1168 SharedAccess - ok
13:44:09.0734 1168 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:44:09.0734 1168 ShellHWDetection - ok
13:44:09.0750 1168 Simbad - ok
13:44:09.0781 1168 Sparrow - ok
13:44:09.0843 1168 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:44:09.0843 1168 splitter - ok
13:44:09.0890 1168 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
13:44:09.0890 1168 Spooler - ok
13:44:10.0031 1168 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
13:44:10.0046 1168 SQLBrowser - ok
13:44:10.0078 1168 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
13:44:10.0078 1168 SQLWriter - ok
13:44:10.0125 1168 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
13:44:10.0125 1168 sr - ok
13:44:10.0187 1168 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
13:44:10.0187 1168 srservice - ok
13:44:10.0312 1168 SRTSP (9dd258ee034afd36259cb7357e19d0b1) C:\WINDOWS\System32\Drivers\NIS\1307010.005\SRTSP.SYS
13:44:10.0328 1168 SRTSP - ok
13:44:10.0343 1168 SRTSPX (0cc3a10f363436c7b478419eb73f8d91) C:\WINDOWS\system32\drivers\NIS\1307010.005\SRTSPX.SYS
13:44:10.0343 1168 SRTSPX - ok
13:44:10.0390 1168 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
13:44:10.0390 1168 Srv - ok
13:44:10.0421 1168 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
13:44:10.0421 1168 SSDPSRV - ok
13:44:10.0484 1168 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
13:44:10.0500 1168 stisvc - ok
13:44:10.0593 1168 stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
13:44:10.0593 1168 stllssvr - ok
13:44:10.0640 1168 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:44:10.0640 1168 swenum - ok
13:44:10.0656 1168 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:44:10.0656 1168 swmidi - ok
13:44:10.0671 1168 SwPrv - ok
13:44:10.0703 1168 symc810 - ok
13:44:10.0718 1168 symc8xx - ok
13:44:10.0765 1168 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\NIS\1307010.005\SYMDS.SYS
13:44:10.0781 1168 SymDS - ok
13:44:10.0859 1168 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\WINDOWS\system32\drivers\NIS\1307010.005\SYMEFA.SYS
13:44:10.0875 1168 SymEFA - ok
13:44:10.0921 1168 SymEvent (74e2521e96176a4449570e50be91954d) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
13:44:10.0937 1168 SymEvent - ok
13:44:10.0984 1168 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\WINDOWS\system32\drivers\NIS\1307010.005\Ironx86.SYS
13:44:11.0000 1168 SymIRON - ok
13:44:11.0046 1168 SYMTDI (508bd882040f9cb12319e3a4fc78edb9) C:\WINDOWS\System32\Drivers\NIS\1307010.005\SYMTDI.SYS
13:44:11.0046 1168 SYMTDI - ok
13:44:11.0062 1168 sym_hi - ok
13:44:11.0078 1168 sym_u3 - ok
13:44:11.0125 1168 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:44:11.0125 1168 sysaudio - ok
13:44:11.0171 1168 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
13:44:11.0171 1168 SysmonLog - ok
13:44:11.0218 1168 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
13:44:11.0234 1168 TapiSrv - ok
13:44:11.0296 1168 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:44:11.0312 1168 Tcpip - ok
13:44:11.0343 1168 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:44:11.0343 1168 TDPIPE - ok
13:44:11.0359 1168 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:44:11.0359 1168 TDTCP - ok
13:44:11.0406 1168 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:44:11.0406 1168 TermDD - ok
13:44:11.0468 1168 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
13:44:11.0468 1168 TermService - ok
13:44:11.0531 1168 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:44:11.0531 1168 Themes - ok
13:44:11.0562 1168 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
13:44:11.0562 1168 TlntSvr - ok
13:44:11.0578 1168 TosIde - ok
13:44:11.0640 1168 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
13:44:11.0640 1168 TrkWks - ok
13:44:11.0718 1168 UdfReadr (3831d5499ad1e61217abb88e93bb17dc) C:\WINDOWS\system32\drivers\UdfReadr.sys
13:44:11.0718 1168 UdfReadr - ok
13:44:11.0765 1168 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:44:11.0765 1168 Udfs - ok
13:44:11.0796 1168 ultra - ok
13:44:11.0843 1168 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:44:11.0843 1168 Update - ok
13:44:11.0890 1168 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
13:44:11.0890 1168 upnphost - ok
13:44:11.0906 1168 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
13:44:11.0906 1168 UPS - ok
13:44:11.0984 1168 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:44:11.0984 1168 usbccgp - ok
13:44:12.0015 1168 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:44:12.0015 1168 usbehci - ok
13:44:12.0046 1168 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:44:12.0046 1168 usbhub - ok
13:44:12.0093 1168 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
13:44:12.0093 1168 usbohci - ok
13:44:12.0140 1168 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:44:12.0156 1168 usbprint - ok
13:44:12.0187 1168 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:44:12.0187 1168 usbscan - ok
13:44:12.0218 1168 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:44:12.0218 1168 USBSTOR - ok
13:44:12.0265 1168 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:44:12.0265 1168 VgaSave - ok
13:44:12.0281 1168 ViaIde - ok
13:44:12.0312 1168 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
13:44:12.0312 1168 VolSnap - ok
13:44:12.0375 1168 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
13:44:12.0390 1168 VSS - ok
13:44:12.0453 1168 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
13:44:12.0468 1168 W32Time - ok
13:44:12.0531 1168 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:44:12.0531 1168 Wanarp - ok
13:44:12.0546 1168 WDICA - ok
13:44:12.0578 1168 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:44:12.0578 1168 wdmaud - ok
13:44:12.0640 1168 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
13:44:12.0640 1168 WebClient - ok
13:44:12.0718 1168 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
13:44:12.0734 1168 winachsf - ok
13:44:12.0859 1168 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
13:44:12.0859 1168 winmgmt - ok
13:44:12.0921 1168 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
13:44:12.0921 1168 WmdmPmSN - ok
13:44:12.0984 1168 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
13:44:13.0000 1168 Wmi - ok
13:44:13.0046 1168 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:44:13.0046 1168 WmiApSrv - ok
13:44:13.0203 1168 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
13:44:13.0234 1168 WMPNetworkSvc - ok
13:44:13.0250 1168 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
13:44:13.0265 1168 WpdUsb - ok
13:44:13.0390 1168 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:44:13.0421 1168 WPFFontCache_v0400 - ok
13:44:13.0484 1168 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
13:44:13.0484 1168 wscsvc - ok
13:44:13.0500 1168 WSearch - ok
13:44:13.0531 1168 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
13:44:13.0531 1168 wuauserv - ok
13:44:13.0578 1168 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:44:13.0578 1168 WudfPf - ok
13:44:13.0609 1168 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:44:13.0609 1168 WudfRd - ok
13:44:13.0656 1168 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
13:44:13.0656 1168 WudfSvc - ok
13:44:13.0718 1168 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
13:44:13.0734 1168 WZCSVC - ok
13:44:13.0781 1168 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
13:44:13.0781 1168 xmlprov - ok
13:44:13.0812 1168 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
13:44:14.0187 1168 \Device\Harddisk0\DR0 - ok
13:44:14.0203 1168 Boot (0x1200) (d90268c54db72264a11644d2bdf3833f) \Device\Harddisk0\DR0\Partition0
13:44:14.0203 1168 \Device\Harddisk0\DR0\Partition0 - ok
13:44:14.0218 1168 ============================================================
13:44:14.0218 1168 Scan finished
13:44:14.0218 1168 ============================================================
13:44:14.0250 1204 Detected object count: 0
13:44:14.0250 1204 Actual detected object count: 0
13:44:35.0750 1944 ============================================================
13:44:35.0750 1944 Scan started
13:44:35.0750 1944 Mode: Manual; TDLFS;
13:44:35.0750 1944 ============================================================
13:44:35.0875 1944 Abiosdsk - ok
13:44:35.0890 1944 abp480n5 - ok
13:44:35.0937 1944 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:44:35.0937 1944 ACPI - ok
13:44:36.0000 1944 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:44:36.0000 1944 ACPIEC - ok
13:44:36.0062 1944 ADIHdAudAddService (f959f333a01f5c109e9d644c3bd8301c) C:\WINDOWS\system32\drivers\ADIHdAud.sys
13:44:36.0062 1944 ADIHdAudAddService - ok
13:44:36.0078 1944 adpu160m - ok
13:44:36.0125 1944 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:44:36.0125 1944 aec - ok
13:44:36.0171 1944 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
13:44:36.0171 1944 AFD - ok
13:44:36.0187 1944 Aha154x - ok
13:44:36.0203 1944 aic78u2 - ok
13:44:36.0234 1944 aic78xx - ok
13:44:36.0281 1944 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
13:44:36.0281 1944 Alerter - ok
13:44:36.0312 1944 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
13:44:36.0312 1944 ALG - ok
13:44:36.0328 1944 AliIde - ok
13:44:36.0343 1944 amsint - ok
13:44:36.0390 1944 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
13:44:36.0390 1944 AppMgmt - ok
13:44:36.0406 1944 asc - ok
13:44:36.0437 1944 asc3350p - ok
13:44:36.0453 1944 asc3550 - ok
13:44:36.0562 1944 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:44:36.0562 1944 aspnet_state - ok
13:44:36.0593 1944 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:44:36.0593 1944 AsyncMac - ok
13:44:36.0625 1944 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:44:36.0625 1944 atapi - ok
13:44:36.0640 1944 Atdisk - ok
13:44:36.0718 1944 Ati HotKey Poller (c23082b890f21267037ca6111c385ff3) C:\WINDOWS\system32\Ati2evxx.exe
13:44:36.0718 1944 Ati HotKey Poller - ok
13:44:36.0812 1944 ATI Smart (cec65fa2556ade70544b32d65fc76d07) C:\WINDOWS\system32\ati2sgag.exe
13:44:36.0812 1944 ATI Smart - ok
13:44:36.0953 1944 ati2mtag (f5fc6ac1e7bc776871361d463fc86be2) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
13:44:36.0968 1944 ati2mtag - ok
13:44:37.0062 1944 ATICDSDr - ok
13:44:37.0187 1944 atiide (1842b56b3d3f195c36f62708d266b95e) C:\WINDOWS\system32\DRIVERS\atiide.sys
13:44:37.0187 1944 atiide - ok
13:44:37.0234 1944 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:44:37.0250 1944 Atmarpc - ok
13:44:37.0296 1944 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
13:44:37.0296 1944 AudioSrv - ok
13:44:37.0343 1944 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:44:37.0343 1944 audstub - ok
13:44:37.0453 1944 BBSvc (47480f4260dae9aa589bcaf924b3767a) C:\Program Files\Microsoft\BingBar\7.1.362.0\BBSvc.exe
13:44:37.0453 1944 BBSvc - ok
13:44:37.0515 1944 BBUpdate (6bf743cbf3bcd09dab79245e60e1ae62) C:\Program Files\Microsoft\BingBar\7.1.362.0\SeaPort.exe
13:44:37.0515 1944 BBUpdate - ok
13:44:37.0562 1944 bcm4sbxp (78e7b52da292fa90bad2f887bbf22159) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
13:44:37.0562 1944 bcm4sbxp - ok
13:44:37.0687 1944 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
13:44:37.0687 1944 BcmSqlStartupSvc - ok
13:44:37.0734 1944 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:44:37.0734 1944 Beep - ok
13:44:37.0906 1944 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120531.001\BHDrvx86.sys
13:44:37.0921 1944 BHDrvx86 - ok
13:44:37.0984 1944 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
13:44:38.0000 1944 BITS - ok
13:44:38.0046 1944 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
13:44:38.0046 1944 Browser - ok
13:44:38.0109 1944 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:44:38.0109 1944 cbidf2k - ok
13:44:38.0203 1944 ccSet_NIS (599e7f6259a127c174c49938d2aa6a60) C:\WINDOWS\system32\drivers\NIS\1307010.005\ccSetx86.sys
13:44:38.0203 1944 ccSet_NIS - ok
13:44:38.0218 1944 cd20xrnt - ok
13:44:38.0250 1944 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:44:38.0250 1944 Cdaudio - ok
13:44:38.0296 1944 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:44:38.0296 1944 Cdfs - ok
13:44:38.0328 1944 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:44:38.0328 1944 Cdrom - ok
13:44:38.0343 1944 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
13:44:38.0343 1944 cercsr6 - ok
13:44:38.0375 1944 Changer - ok
13:44:38.0421 1944 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
13:44:38.0421 1944 CiSvc - ok
13:44:38.0437 1944 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
13:44:38.0437 1944 ClipSrv - ok
13:44:38.0578 1944 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:44:38.0578 1944 clr_optimization_v2.0.50727_32 - ok
13:44:38.0640 1944 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:44:38.0640 1944 clr_optimization_v4.0.30319_32 - ok
13:44:38.0656 1944 CmdIde - ok
13:44:38.0671 1944 COMSysApp - ok
13:44:38.0718 1944 Cpqarray - ok
13:44:38.0750 1944 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
13:44:38.0750 1944 CryptSvc - ok
13:44:38.0765 1944 dac2w2k - ok
13:44:38.0781 1944 dac960nt - ok
13:44:38.0843 1944 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
13:44:38.0859 1944 DcomLaunch - ok
13:44:38.0984 1944 DellBIOS - ok
13:44:39.0046 1944 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
13:44:39.0046 1944 Dhcp - ok
13:44:39.0093 1944 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:44:39.0093 1944 Disk - ok
13:44:39.0156 1944 DLABMFSM (0659e6e0a95564f958d9df7313f7701e) C:\WINDOWS\system32\DLA\DLABMFSM.SYS
13:44:39.0156 1944 DLABMFSM - ok
13:44:39.0171 1944 DLABOIOM (8691c78908f0bd66170669db268369f2) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
13:44:39.0171 1944 DLABOIOM - ok
13:44:39.0187 1944 DLACDBHM (76167b5eb2dffc729edc36386876b40b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
13:44:39.0187 1944 DLACDBHM - ok
13:44:39.0234 1944 DLADResM (5615744a1056933b90e6ac54feb86f35) C:\WINDOWS\system32\DLA\DLADResM.SYS
13:44:39.0234 1944 DLADResM - ok
13:44:39.0250 1944 DLAIFS_M (1aeca2afa5005ce4a550cf8eb55a8c88) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
13:44:39.0250 1944 DLAIFS_M - ok
13:44:39.0265 1944 DLAOPIOM (840e7f6abb885c72b9ffddb022ef5b6d) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
13:44:39.0265 1944 DLAOPIOM - ok
13:44:39.0296 1944 DLAPoolM (0294d18731ac05da80132ce88f8a876b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
13:44:39.0296 1944 DLAPoolM - ok
13:44:39.0312 1944 DLARTL_M (91886fed52a3f9966207bce46cfd794f) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
13:44:39.0312 1944 DLARTL_M - ok
13:44:39.0343 1944 DLAUDFAM (cca4e121d599d7d1706a30f603731e59) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
13:44:39.0343 1944 DLAUDFAM - ok
13:44:39.0359 1944 DLAUDF_M (7dab85c33135df24419951da4e7d38e5) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
13:44:39.0359 1944 DLAUDF_M - ok
13:44:39.0421 1944 DM150Drv (c1e8f827343c65957f76487677711dfa) C:\WINDOWS\system32\DRIVERS\DM150Drv.sys
13:44:39.0421 1944 DM150Drv - ok
13:44:39.0437 1944 dmadmin - ok
13:44:39.0531 1944 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
13:44:39.0531 1944 dmboot - ok
13:44:39.0562 1944 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
13:44:39.0562 1944 dmio - ok
13:44:39.0593 1944 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:44:39.0593 1944 dmload - ok
13:44:39.0625 1944 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
13:44:39.0625 1944 dmserver - ok
13:44:39.0656 1944 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:44:39.0656 1944 DMusic - ok
13:44:39.0703 1944 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
13:44:39.0703 1944 Dnscache - ok
13:44:39.0750 1944 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
13:44:39.0765 1944 Dot3svc - ok
13:44:39.0796 1944 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
13:44:39.0812 1944 dot4 - ok
13:44:39.0812 1944 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
13:44:39.0812 1944 Dot4Print - ok
13:44:39.0843 1944 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
13:44:39.0843 1944 dot4usb - ok
13:44:39.0859 1944 dpti2o - ok
13:44:39.0890 1944 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:44:39.0890 1944 drmkaud - ok
13:44:39.0937 1944 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
13:44:39.0937 1944 DRVMCDB - ok
13:44:39.0953 1944 DRVNDDM (6e6ab29d3c06e64ce81feacda85394b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
13:44:39.0953 1944 DRVNDDM - ok
13:44:40.0015 1944 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
13:44:40.0015 1944 EapHost - ok
13:44:40.0125 1944 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
13:44:40.0125 1944 eeCtrl - ok
13:44:40.0156 1944 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:44:40.0156 1944 EraserUtilRebootDrv - ok
13:44:40.0187 1944 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
13:44:40.0187 1944 ERSvc - ok
13:44:40.0234 1944 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
13:44:40.0250 1944 Eventlog - ok
13:44:40.0312 1944 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
13:44:40.0312 1944 EventSystem - ok
13:44:40.0343 1944 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:44:40.0343 1944 Fastfat - ok
13:44:40.0390 1944 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:44:40.0390 1944 FastUserSwitchingCompatibility - ok
13:44:40.0406 1944 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
13:44:40.0406 1944 Fdc - ok
13:44:40.0468 1944 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
13:44:40.0468 1944 Fips - ok
13:44:40.0546 1944 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:44:40.0546 1944 FLEXnet Licensing Service - ok
13:44:40.0578 1944 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:44:40.0578 1944 Flpydisk - ok
13:44:40.0640 1944 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
13:44:40.0640 1944 FltMgr - ok
13:44:40.0734 1944 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:44:40.0734 1944 FontCache3.0.0.0 - ok
13:44:40.0781 1944 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:44:40.0781 1944 Fs_Rec - ok
13:44:40.0812 1944 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:44:40.0812 1944 Ftdisk - ok
13:44:40.0890 1944 GoToAssist (8f6ae606eb0cc884ee12c41948424422) C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
13:44:40.0906 1944 GoToAssist - ok
13:44:40.0953 1944 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:44:40.0953 1944 Gpc - ok
13:44:41.0046 1944 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:44:41.0046 1944 gupdate - ok
13:44:41.0062 1944 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:44:41.0062 1944 gupdatem - ok
13:44:41.0109 1944 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:44:41.0109 1944 gusvc - ok
13:44:41.0140 1944 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:44:41.0140 1944 HDAudBus - ok
13:44:41.0234 1944 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:44:41.0234 1944 helpsvc - ok
13:44:41.0250 1944 HidServ - ok
13:44:41.0281 1944 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:44:41.0281 1944 hidusb - ok
13:44:41.0312 1944 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
13:44:41.0328 1944 hkmsvc - ok
13:44:41.0328 1944 hpn - ok
13:44:41.0375 1944 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
13:44:41.0375 1944 HSFHWBS2 - ok
13:44:41.0453 1944 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
13:44:41.0468 1944 HSF_DP - ok
13:44:41.0515 1944 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
13:44:41.0531 1944 HTTP - ok
13:44:41.0562 1944 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
13:44:41.0562 1944 HTTPFilter - ok
13:44:41.0578 1944 i2omgmt - ok
13:44:41.0593 1944 i2omp - ok
13:44:41.0656 1944 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
13:44:41.0656 1944 i8042prt - ok
13:44:41.0828 1944 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:44:41.0843 1944 idsvc - ok
13:44:42.0015 1944 IDSxpx86 (c924bf6d42b3d9292268ff1998596bd1) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120613.007\IDSxpx86.sys
13:44:42.0015 1944 IDSxpx86 - ok
13:44:42.0078 1944 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:44:42.0078 1944 Imapi - ok
13:44:42.0125 1944 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
13:44:42.0125 1944 ImapiService - ok
13:44:42.0140 1944 ini910u - ok
13:44:42.0171 1944 IntelIde - ok
13:44:42.0234 1944 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:44:42.0234 1944 intelppm - ok
13:44:42.0265 1944 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
13:44:42.0265 1944 Ip6Fw - ok
13:44:42.0296 1944 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:44:42.0296 1944 IpFilterDriver - ok
13:44:42.0312 1944 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:44:42.0312 1944 IpInIp - ok
13:44:42.0359 1944 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:44:42.0359 1944 IpNat - ok
13:44:42.0390 1944 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:44:42.0390 1944 IPSec - ok
13:44:42.0406 1944 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:44:42.0406 1944 IRENUM - ok
13:44:42.0437 1944 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:44:42.0437 1944 isapnp - ok
13:44:42.0468 1944 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:44:42.0468 1944 Kbdclass - ok
13:44:42.0484 1944 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:44:42.0484 1944 kbdhid - ok
13:44:42.0515 1944 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:44:42.0515 1944 kmixer - ok
13:44:42.0546 1944 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
13:44:42.0546 1944 KSecDD - ok
13:44:42.0593 1944 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
13:44:42.0593 1944 lanmanserver - ok
13:44:42.0609 1944 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
13:44:42.0625 1944 lanmanworkstation - ok
13:44:42.0625 1944 lbrtfdc - ok
13:44:42.0671 1944 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
13:44:42.0687 1944 LmHosts - ok
13:44:42.0718 1944 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
13:44:42.0734 1944 mdmxsdk - ok
13:44:42.0765 1944 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
13:44:42.0765 1944 Messenger - ok
13:44:42.0781 1944 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:44:42.0781 1944 mnmdd - ok
13:44:42.0828 1944 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
13:44:42.0828 1944 mnmsrvc - ok
13:44:42.0843 1944 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
13:44:42.0843 1944 Modem - ok
13:44:42.0875 1944 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
13:44:42.0875 1944 MODEMCSA - ok
13:44:42.0906 1944 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:44:42.0906 1944 Mouclass - ok
13:44:42.0921 1944 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:44:42.0921 1944 mouhid - ok
13:44:42.0937 1944 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:44:42.0937 1944 MountMgr - ok
13:44:42.0953 1944 mraid35x - ok
13:44:43.0000 1944 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:44:43.0000 1944 MRxDAV - ok
13:44:43.0062 1944 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:44:43.0062 1944 MRxSmb - ok
13:44:43.0109 1944 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
13:44:43.0109 1944 MSDTC - ok
13:44:43.0156 1944 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:44:43.0156 1944 Msfs - ok
13:44:43.0171 1944 MSIServer - ok
13:44:43.0218 1944 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:44:43.0218 1944 MSKSSRV - ok
13:44:43.0218 1944 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:44:43.0218 1944 MSPCLOCK - ok
13:44:43.0250 1944 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:44:43.0250 1944 MSPQM - ok
13:44:43.0312 1944 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:44:43.0312 1944 mssmbios - ok
13:44:43.0453 1944 MSSQL$MSSMLBIZ - ok
13:44:43.0531 1944 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
13:44:43.0531 1944 MSSQLServerADHelper - ok
13:44:43.0546 1944 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
13:44:43.0546 1944 Mup - ok
13:44:43.0578 1944 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
13:44:43.0593 1944 napagent - ok
13:44:43.0656 1944 NAVENG (f11033730b38260b6892e837c457fb4b) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120618.017\NAVENG.SYS
13:44:43.0656 1944 NAVENG - ok
13:44:43.0765 1944 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120618.017\NAVEX15.SYS
13:44:43.0781 1944 NAVEX15 - ok
13:44:43.0921 1944 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:44:43.0921 1944 NDIS - ok
13:44:43.0968 1944 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:44:43.0968 1944 NdisTapi - ok
13:44:44.0000 1944 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:44:44.0000 1944 Ndisuio - ok
13:44:44.0031 1944 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:44:44.0031 1944 NdisWan - ok
13:44:44.0062 1944 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
13:44:44.0062 1944 NDProxy - ok
13:44:44.0125 1944 Net Driver HPZ12 (f7c14f5077bf2bc476c348b88a7f74e2) C:\WINDOWS\system32\HPZinw12.dll
13:44:44.0125 1944 Net Driver HPZ12 - ok
13:44:44.0140 1944 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:44:44.0140 1944 NetBIOS - ok
13:44:44.0171 1944 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:44:44.0171 1944 NetBT - ok
13:44:44.0234 1944 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
13:44:44.0234 1944 NetDDE - ok
13:44:44.0250 1944 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
13:44:44.0250 1944 NetDDEdsdm - ok
13:44:44.0296 1944 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:44:44.0296 1944 Netlogon - ok
13:44:44.0343 1944 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
13:44:44.0343 1944 Netman - ok
13:44:44.0468 1944 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:44:44.0468 1944 NetTcpPortSharing - ok
13:44:44.0593 1944 NIS (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
13:44:44.0593 1944 NIS - ok
13:44:44.0640 1944 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
13:44:44.0640 1944 Nla - ok
13:44:44.0687 1944 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:44:44.0703 1944 Npfs - ok
13:44:44.0734 1944 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:44:44.0734 1944 Ntfs - ok
13:44:44.0750 1944 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:44:44.0750 1944 NtLmSsp - ok
13:44:44.0843 1944 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
13:44:44.0843 1944 NtmsSvc - ok
13:44:44.0890 1944 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:44:44.0890 1944 Null - ok
13:44:44.0937 1944 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:44:44.0937 1944 NwlnkFlt - ok
13:44:44.0953 1944 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:44:44.0953 1944 NwlnkFwd - ok
13:44:45.0046 1944 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:44:45.0062 1944 odserv - ok
13:44:45.0093 1944 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:44:45.0093 1944 ose - ok
13:44:45.0140 1944 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
13:44:45.0140 1944 Parport - ok
13:44:45.0156 1944 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:44:45.0156 1944 PartMgr - ok
13:44:45.0171 1944 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
13:44:45.0171 1944 ParVdm - ok
13:44:45.0218 1944 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
13:44:45.0218 1944 PCI - ok
13:44:45.0218 1944 PCIDump - ok
13:44:45.0265 1944 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:44:45.0265 1944 PCIIde - ok
13:44:45.0296 1944 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:44:45.0296 1944 Pcmcia - ok
13:44:45.0312 1944 PDCOMP - ok
13:44:45.0328 1944 PDFRAME - ok
13:44:45.0359 1944 PDRELI - ok
13:44:45.0375 1944 PDRFRAME - ok
13:44:45.0390 1944 perc2 - ok
13:44:45.0421 1944 perc2hib - ok
13:44:45.0515 1944 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
13:44:45.0515 1944 PlugPlay - ok
13:44:45.0562 1944 Pml Driver HPZ12 (e638656001c52a1faa34f92e6d3a086b) C:\WINDOWS\system32\HPZipm12.dll
13:44:45.0562 1944 Pml Driver HPZ12 - ok
13:44:45.0593 1944 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:44:45.0593 1944 PolicyAgent - ok
13:44:45.0640 1944 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:44:45.0640 1944 PptpMiniport - ok
13:44:45.0640 1944 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:44:45.0656 1944 ProtectedStorage - ok
13:44:45.0671 1944 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:44:45.0671 1944 PSched - ok
13:44:45.0703 1944 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:44:45.0703 1944 Ptilink - ok
13:44:45.0734 1944 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:44:45.0734 1944 PxHelp20 - ok
13:44:45.0750 1944 ql1080 - ok
13:44:45.0765 1944 Ql10wnt - ok
13:44:45.0796 1944 ql12160 - ok
13:44:45.0812 1944 ql1240 - ok
13:44:45.0828 1944 ql1280 - ok
13:44:45.0875 1944 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:44:45.0875 1944 RasAcd - ok
13:44:45.0906 1944 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
13:44:45.0906 1944 RasAuto - ok
13:44:45.0937 1944 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:44:45.0937 1944 Rasl2tp - ok
13:44:46.0000 1944 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
13:44:46.0000 1944 RasMan - ok
13:44:46.0015 1944 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:44:46.0015 1944 RasPppoe - ok
13:44:46.0046 1944 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:44:46.0046 1944 Raspti - ok
13:44:46.0093 1944 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:44:46.0093 1944 Rdbss - ok
13:44:46.0109 1944 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:44:46.0109 1944 RDPCDD - ok
13:44:46.0140 1944 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:44:46.0140 1944 rdpdr - ok
13:44:46.0203 1944 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
13:44:46.0203 1944 RDPWD - ok
13:44:46.0234 1944 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
13:44:46.0250 1944 RDSessMgr - ok
13:44:46.0281 1944 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:44:46.0281 1944 redbook - ok
13:44:46.0328 1944 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
13:44:46.0328 1944 RemoteAccess - ok
13:44:46.0359 1944 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
13:44:46.0359 1944 RemoteRegistry - ok
13:44:46.0406 1944 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
13:44:46.0406 1944 RpcLocator - ok
13:44:46.0453 1944 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
13:44:46.0453 1944 RpcSs - ok
13:44:46.0500 1944 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
13:44:46.0515 1944 RSVP - ok
13:44:46.0531 1944 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:44:46.0531 1944 SamSs - ok
13:44:46.0562 1944 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
13:44:46.0562 1944 SCardSvr - ok
13:44:46.0593 1944 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
13:44:46.0609 1944 Schedule - ok
13:44:46.0640 1944 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:44:46.0640 1944 Secdrv - ok
13:44:46.0671 1944 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
13:44:46.0671 1944 seclogon - ok
13:44:46.0750 1944 SenFiltService (b6a6b409fda9d9ebd3aadb838d3d7173) C:\WINDOWS\system32\drivers\Senfilt.sys
13:44:46.0750 1944 SenFiltService - ok
13:44:46.0781 1944 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
13:44:46.0781 1944 SENS - ok
13:44:46.0796 1944 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
13:44:46.0796 1944 serenum - ok
13:44:46.0828 1944 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
13:44:46.0828 1944 Serial - ok
13:44:46.0890 1944 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:44:46.0906 1944 Sfloppy - ok
13:44:46.0968 1944 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
13:44:46.0968 1944 SharedAccess - ok
13:44:47.0031 1944 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:44:47.0031 1944 ShellHWDetection - ok
13:44:47.0046 1944 Simbad - ok
13:44:47.0078 1944 Sparrow - ok
13:44:47.0125 1944 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:44:47.0125 1944 splitter - ok
13:44:47.0171 1944 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
13:44:47.0171 1944 Spooler - ok
13:44:47.0312 1944 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
13:44:47.0312 1944 SQLBrowser - ok
13:44:47.0359 1944 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
13:44:47.0359 1944 SQLWriter - ok
13:44:47.0390 1944 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
13:44:47.0406 1944 sr - ok
13:44:47.0453 1944 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
13:44:47.0453 1944 srservice - ok
13:44:47.0578 1944 SRTSP (9dd258ee034afd36259cb7357e19d0b1) C:\WINDOWS\System32\Drivers\NIS\1307010.005\SRTSP.SYS
13:44:47.0578 1944 SRTSP - ok
13:44:47.0609 1944 SRTSPX (0cc3a10f363436c7b478419eb73f8d91) C:\WINDOWS\system32\drivers\NIS\1307010.005\SRTSPX.SYS
13:44:47.0625 1944 SRTSPX - ok
13:44:47.0671 1944 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
13:44:47.0671 1944 Srv - ok
13:44:47.0703 1944 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
13:44:47.0703 1944 SSDPSRV - ok
13:44:47.0765 1944 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
13:44:47.0781 1944 stisvc - ok
13:44:47.0859 1944 stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
13:44:47.0859 1944 stllssvr - ok
13:44:47.0906 1944 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:44:47.0906 1944 swenum - ok
13:44:47.0921 1944 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:44:47.0921 1944 swmidi - ok
13:44:47.0937 1944 SwPrv - ok
13:44:47.0968 1944 symc810 - ok
13:44:47.0984 1944 symc8xx - ok
13:44:48.0046 1944 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\NIS\1307010.005\SYMDS.SYS
13:44:48.0046 1944 SymDS - ok
13:44:48.0125 1944 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\WINDOWS\system32\drivers\NIS\1307010.005\SYMEFA.SYS
13:44:48.0140 1944 SymEFA - ok
13:44:48.0171 1944 SymEvent (74e2521e96176a4449570e50be91954d) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
13:44:48.0171 1944 SymEvent - ok
13:44:48.0234 1944 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\WINDOWS\system32\drivers\NIS\1307010.005\Ironx86.SYS
13:44:48.0234 1944 SymIRON - ok
13:44:48.0265 1944 SYMTDI (508bd882040f9cb12319e3a4fc78edb9) C:\WINDOWS\System32\Drivers\NIS\1307010.005\SYMTDI.SYS
13:44:48.0265 1944 SYMTDI - ok
13:44:48.0281 1944 sym_hi - ok
13:44:48.0296 1944 sym_u3 - ok
13:44:48.0359 1944 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:44:48.0359 1944 sysaudio - ok
13:44:48.0406 1944 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
13:44:48.0406 1944 SysmonLog - ok
13:44:48.0453 1944 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
13:44:48.0468 1944 TapiSrv - ok
13:44:48.0531 1944 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:44:48.0531 1944 Tcpip - ok
13:44:48.0562 1944 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:44:48.0562 1944 TDPIPE - ok
13:44:48.0593 1944 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:44:48.0593 1944 TDTCP - ok
13:44:48.0625 1944 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:44:48.0625 1944 TermDD - ok
13:44:48.0687 1944 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
13:44:48.0687 1944 TermService - ok
13:44:48.0734 1944 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:44:48.0750 1944 Themes - ok
13:44:48.0781 1944 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
13:44:48.0781 1944 TlntSvr - ok
13:44:48.0796 1944 TosIde - ok
13:44:48.0859 1944 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
13:44:48.0859 1944 TrkWks - ok
13:44:48.0921 1944 UdfReadr (3831d5499ad1e61217abb88e93bb17dc) C:\WINDOWS\system32\drivers\UdfReadr.sys
13:44:48.0921 1944 UdfReadr - ok
13:44:48.0968 1944 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:44:48.0968 1944 Udfs - ok
13:44:49.0000 1944 ultra - ok
13:44:49.0031 1944 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:44:49.0046 1944 Update - ok
13:44:49.0078 1944 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
13:44:49.0078 1944 upnphost - ok
13:44:49.0093 1944 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
13:44:49.0093 1944 UPS - ok
13:44:49.0156 1944 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:44:49.0156 1944 usbccgp - ok
13:44:49.0171 1944 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:44:49.0171 1944 usbehci - ok
13:44:49.0203 1944 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:44:49.0203 1944 usbhub - ok
13:44:49.0250 1944 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
13:44:49.0250 1944 usbohci - ok
13:44:49.0296 1944 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:44:49.0296 1944 usbprint - ok
13:44:49.0343 1944 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:44:49.0343 1944 usbscan - ok
13:44:49.0359 1944 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:44:49.0359 1944 USBSTOR - ok
13:44:49.0406 1944 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:44:49.0406 1944 VgaSave - ok
13:44:49.0421 1944 ViaIde - ok
13:44:49.0453 1944 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
13:44:49.0453 1944 VolSnap - ok
13:44:49.0515 1944 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
13:44:49.0531 1944 VSS - ok
13:44:49.0593 1944 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
13:44:49.0593 1944 W32Time - ok
13:44:49.0656 1944 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:44:49.0656 1944 Wanarp - ok
13:44:49.0671 1944 WDICA - ok
13:44:49.0703 1944 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:44:49.0703 1944 wdmaud - ok
13:44:49.0750 1944 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
13:44:49.0750 1944 WebClient - ok
13:44:49.0843 1944 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
13:44:49.0843 1944 winachsf - ok
13:44:49.0968 1944 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
13:44:49.0968 1944 winmgmt - ok
13:44:50.0031 1944 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
13:44:50.0031 1944 WmdmPmSN - ok
13:44:50.0093 1944 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
13:44:50.0093 1944 Wmi - ok
13:44:50.0140 1944 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:44:50.0140 1944 WmiApSrv - ok
13:44:50.0312 1944 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
13:44:50.0312 1944 WMPNetworkSvc - ok
13:44:50.0375 1944 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
13:44:50.0375 1944 WpdUsb - ok
13:44:50.0515 1944 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:44:50.0515 1944 WPFFontCache_v0400 - ok
13:44:50.0578 1944 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
13:44:50.0578 1944 wscsvc - ok
13:44:50.0593 1944 WSearch - ok
13:44:50.0625 1944 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
13:44:50.0625 1944 wuauserv - ok
13:44:50.0671 1944 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:44:50.0671 1944 WudfPf - ok
13:44:50.0718 1944 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:44:50.0718 1944 WudfRd - ok
13:44:50.0750 1944 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
13:44:50.0750 1944 WudfSvc - ok
13:44:50.0828 1944 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
13:44:50.0828 1944 WZCSVC - ok
13:44:50.0859 1944 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
13:44:50.0859 1944 xmlprov - ok
13:44:50.0890 1944 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
13:44:51.0312 1944 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:44:51.0312 1944 \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:44:51.0328 1944 Boot (0x1200) (d90268c54db72264a11644d2bdf3833f) \Device\Harddisk0\DR0\Partition0
13:44:51.0328 1944 \Device\Harddisk0\DR0\Partition0 - ok
13:44:51.0328 1944 ============================================================
13:44:51.0328 1944 Scan finished
13:44:51.0328 1944 ============================================================
13:44:51.0375 0944 Detected object count: 1
13:44:51.0375 0944 Actual detected object count: 1

aswMBR log results:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-19 13:46:02
-----------------------------
13:46:02.843 OS Version: Windows 5.1.2600 Service Pack 3
13:46:02.843 Number of processors: 2 586 0xF02
13:46:02.843 ComputerName: FRONTOFFICEPC UserName:
13:46:03.265 Initialize success
13:46:14.578 AVAST engine defs: 12061900
13:46:17.906 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
13:46:17.921 Disk 0 Vendor: WDC_WD1600AAJS-75M0A0 02.03E02 Size: 152587MB BusType: 3
13:46:17.937 Disk 0 MBR read successfully
13:46:17.953 Disk 0 MBR scan
13:46:17.984 Disk 0 Windows XP default MBR code
13:46:18.000 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152578 MB offset 63
13:46:18.015 Disk 0 scanning sectors +312480315
13:46:18.093 Disk 0 scanning C:\WINDOWS\system32\drivers
13:46:27.812 Service scanning
13:46:47.750 Modules scanning
13:46:52.062 Disk 0 trace - called modules:
13:46:52.093 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll atiide.sys PCIIDEX.SYS
13:46:52.093 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a937ab8]
13:46:52.109 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x8a93cd98]
13:46:52.734 AVAST engine scan C:\WINDOWS
13:46:56.937 AVAST engine scan C:\WINDOWS\system32
13:50:05.109 AVAST engine scan C:\WINDOWS\system32\drivers
13:50:23.546 AVAST engine scan C:\Documents and Settings\Clerical Asst III
14:02:57.656 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Clerical Asst III\My Documents\MBR.dat"
14:02:57.734 The log file has been saved successfully to "C:\Documents and Settings\Clerical Asst III\My Documents\aswMBRx.txt"

#6 macobi

macobi
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 19 June 2012 - 04:03 PM

MBAM scan in regular mode resulted in a clean log.

Mini Toolbox results:
MiniToolBox by Farbar Version: 09-06-2012
Ran by Clerical Asst III (administrator) on 19-06-2012 at 16:00:58
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Could not flush the DNS Resolver Cache: Function failed during execution.




========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : frontofficepc

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

Physical Address. . . . . . . . . : 00-1A-A0-3C-16-1E

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.3

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 208.180.42.68

208.180.42.100

Lease Obtained. . . . . . . . . . : Tuesday, June 19, 2012 2:45:46 PM

Lease Expires . . . . . . . . . . : Wednesday, June 20, 2012 2:45:46 PM

Server: rdns01.suddenlink.net
Address: 208.180.42.68

Name: google.com
Addresses: 74.125.227.97, 74.125.227.98, 74.125.227.99, 74.125.227.100
74.125.227.101, 74.125.227.102, 74.125.227.103, 74.125.227.104, 74.125.227.105
74.125.227.110, 74.125.227.96



Pinging google.com [74.125.227.98] with 32 bytes of data:



Reply from 74.125.227.98: bytes=32 time=58ms TTL=52

Reply from 74.125.227.98: bytes=32 time=39ms TTL=52



Ping statistics for 74.125.227.98:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 39ms, Maximum = 58ms, Average = 48ms

Server: rdns01.suddenlink.net
Address: 208.180.42.68

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=100ms TTL=47

Reply from 72.30.38.140: bytes=32 time=108ms TTL=47



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 100ms, Maximum = 108ms, Average = 104ms

Server: rdns01.suddenlink.net
Address: 208.180.42.68

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1a a0 3c 16 1e ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.3 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.3 192.168.0.3 20
192.168.0.3 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.3 192.168.0.3 20
224.0.0.0 240.0.0.0 192.168.0.3 192.168.0.3 20
255.255.255.255 255.255.255.255 192.168.0.3 192.168.0.3 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/19/2012 08:31:23 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\WINDOWS POWERSHELL 1.0\@.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/19/2012 08:31:22 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\WINDOWS POWERSHELL 1.0\@.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/18/2012 08:13:01 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (06/15/2012 03:22:26 PM) (Source: Application Error) (User: )
Description: Faulting application cp2020_series_fw_update-20120105[1].exe, version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x72206120.
Processing media-specific event for [cp2020_series_fw_update-20120105[1].exe!ws!]

Error: (06/15/2012 03:21:54 PM) (Source: Application Error) (User: )
Description: Fault bucket -1272099130.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (06/15/2012 03:21:50 PM) (Source: Application Error) (User: )
Description: Faulting application cp2020_series_fw_update-20120105[1].exe, version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x72206120.
Processing media-specific event for [cp2020_series_fw_update-20120105[1].exe!ws!]

Error: (06/15/2012 02:41:23 PM) (Source: MsiInstaller) (User: Clerical Asst III)Clerical Asst III
Description: Product: Microsoft .NET Framework 2.0 Service Pack 2 -- Error 1704.An installation for Adobe Acrobat 8 Standard is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?(NULL)(NULL)(NULL)(NULL)

Error: (06/15/2012 02:30:51 PM) (Source: Microsoft Office 12) (User: )
Description: Accepted Safe Mode action : Microsoft Office Word.

Error: (06/15/2012 08:49:00 AM) (Source: Userenv) (User: SYSTEM)SYSTEM
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (06/15/2012 08:49:00 AM) (Source: Userenv) (User: SYSTEM)SYSTEM
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.


System errors:
=============
Error: (06/19/2012 03:33:02 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (06/19/2012 02:46:07 PM) (Source: Service Control Manager) (User: )
Description: The Business Contact Manager SQL Server Startup Service service terminated with the following error:
%%2147943458

Error: (06/19/2012 02:45:56 PM) (Source: Print) (User: SYSTEM)
Description: Printer PageManager PDF Writer failed to initialize because a suitable PageManager PDF Writer driver could not be found.

Error: (06/19/2012 02:44:37 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (06/19/2012 02:02:56 PM) (Source: DCOM) (User: Clerical Asst III)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (06/19/2012 01:45:13 PM) (Source: DCOM) (User: Clerical Asst III)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (06/19/2012 01:43:03 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx86
ccSet_NIS
eeCtrl
Fips
intelppm
SRTSP
SRTSPX
SymIRON
SYMTDI

Error: (06/19/2012 01:42:00 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (06/19/2012 01:40:38 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (06/19/2012 01:01:44 PM) (Source: DCOM) (User: Clerical Asst III)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}


Microsoft Office Sessions:
=========================
Error: (01/04/2012 10:30:25 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 691 seconds with 240 seconds of active time. This session ended with a crash.

Error: (01/04/2012 10:01:37 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 280 seconds with 180 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

2007 Microsoft Office system (Version: 12.0.6612.1000)
32 Bit HP CIO Components Installer (Version: 8.1.4)
Adaptec UDF Reader
Adobe Acrobat 8 Standard (Version: 8.1.0)
Adobe Acrobat 8.1.0 Standard (Version: 8.1.0)
Adobe AIR (Version: 2.7.0.19480)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Reader X (10.1.0) (Version: 10.1.0)
ATI - Software Uninstall Utility (Version: 6.14.10.1015)
ATI Catalyst Control Center (Version: 1.2.2735.37383)
ATI Display Driver (Version: 8.263.5.1-060607a-035983C-Dell)
Bing Bar (Version: 7.1.362.0)
Broadcom 440x 10/100 Integrated Controller (Version: 8.06.07)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1)
Conexant D850 56K V.9x DFVc Modem
Dell Driver Download Manager (Version: 3.0.0.0)
Dell Resource CD (Version: 1.00.0000)
DSmobile 600 (Version: 1.2.9)
ESET Online Scanner v3
File Type Assistant
FoxTab PDF Converter
Free Audio Converter version 5.0.3.1206
Google Chrome (Version: 19.0.1084.56)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
GoToAssist Corporate (Version: 9.1.0.615)
HP LaserJet 2200 Uninstaller
InstallIQ Updater (Version: 1.4.3.0)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office 2003 Web Components (Version: 11.0.8173.0)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Accounting 2007 (Version: 2.0.7503.0)
Microsoft Office Accounting ADP Payroll Addin (Version: 0.0.0.0)
Microsoft Office Accounting Equifax Addin (Version: 2.0.7416.00)
Microsoft Office Accounting Fixed Asset Manager (Version: 2.0.7416.00)
Microsoft Office Accounting PayPal Addin (Version: 2.0.7416.00)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSXML 6.0 Parser (Version: 6.00.3883.8)
Norton Internet Security (Version: 19.7.1.5)
PowerDVD DX (Version: 8.2.5711)
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator DE (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio Drag-to-Disc (Version: 9.0)
Roxio Express Labeler (Version: 2.1.0)
Roxio Update Manager (Version: 3.0.0)
Sonic Activation Module (Version: 1.0)
SoundMAX (Version: 5.10.01.4541)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
WebFldrs XP (Version: 9.50.7523)
Widevine Media Transformer Plugin 4.5.0 (Version: 4.5.0.4049)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell™ 1.0 (Version: 2)
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01)

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 2045.9 MB
Available physical RAM: 966.71 MB
Total Pagefile: 3937.4 MB
Available Pagefile: 3130.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1968.1 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:149 GB) (Free:125.39 GB) NTFS
3 Drive d: (Acrobat8) (CDROM) (Total:0.3 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\FRONTOFFICEPC

Administrator ASPNET Clerical Asst III
Guest HelpAssistant SUPPORT_388945a0


**** End of log ****

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:06 PM

Posted 19 June 2012 - 04:26 PM

How is your PC behaving now?

#8 macobi

macobi
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 20 June 2012 - 08:17 AM

Great, all three problems are solved. The ghost audio virus is gone and I don't get any error messages when shutting down. And google is not longer redirecting.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:06 PM

Posted 20 June 2012 - 10:49 AM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#10 macobi

macobi
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:06 AM

Posted 21 June 2012 - 11:40 AM

Ok, thanks a million for all you help. :thumbsup:

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:06 PM

Posted 21 June 2012 - 12:46 PM

You're most welcome :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users