Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Looking for help with Search Redirect Virus


  • Please log in to reply
3 replies to this topic

#1 elkriverfj

elkriverfj

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 29 July 2012 - 06:34 AM

Hello,

I have Windows XP. I have had a search redirect virus for a few days. It will redirect my google searches to other sites. I primarily use FireFox, but the problem is the same in Internet explorer on Google and Bing.

What I have done so far: Tried TDSSKiller, and FixTDSS per here:www.pchell.com/support/google_redirect_virus.shtml

I have run Malwarebytes.

All with nothing found.

Thanks!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:41 PM

Posted 29 July 2012 - 06:39 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 elkriverfj

elkriverfj
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 29 July 2012 - 10:55 AM

My apologies. In my first post I stated I ran malwarebytes. I only did the quick scan. After I posted I ran a full scan and left my computer for awhile.

The full scan found the following (pasting malwarebytes log file):

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.29.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702

Protection: Enabled

7/29/2012 10:03:10 AM
mbam-log-2012-07-29 (10-03-10).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 381703
Time elapsed: 1 hour(s), 33 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\System Volume Information\_restore{DA2D81A2-3D2F-48C4-B082-CF07BD07448E}\RP718\A0115619.dll (Trojan.Agent) -> Quarantined and deleted successfully.

(end)


As of right now I am no longer getting re-directs. If the problem re-occurs I will start over at step 1 of your post and respond back.

Thanks!

Edited by elkriverfj, 29 July 2012 - 10:55 AM.


#4 elkriverfj

elkriverfj
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 29 July 2012 - 03:45 PM

OK Still getting Redirects.

Here is the TDSSKiller report:

14:59:52.0468 4964 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
14:59:53.0515 4964 ============================================================
14:59:53.0515 4964 Current date / time: 2012/07/29 14:59:53.0515
14:59:53.0515 4964 SystemInfo:
14:59:53.0515 4964
14:59:53.0531 4964 OS Version: 5.1.2600 ServicePack: 3.0
14:59:53.0531 4964 Product type: Workstation
14:59:53.0531 4964 ComputerName: MHOSEYLT
14:59:53.0531 4964 UserName: mhosey
14:59:53.0531 4964 Windows directory: C:\WINDOWS
14:59:53.0531 4964 System windows directory: C:\WINDOWS
14:59:53.0531 4964 Processor architecture: Intel x86
14:59:53.0531 4964 Number of processors: 2
14:59:53.0531 4964 Page size: 0x1000
14:59:53.0531 4964 Boot type: Normal boot
14:59:53.0531 4964 ============================================================
14:59:59.0609 4964 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:59:59.0703 4964 Drive \Device\Harddisk1\DR4 - Size: 0x1DA600000 (7.41 Gb), SectorSize: 0x200, Cylinders: 0x3C7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:59:59.0718 4964 ============================================================
14:59:59.0718 4964 \Device\Harddisk0\DR0:
14:59:59.0734 4964 MBR partitions:
14:59:59.0734 4964 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
14:59:59.0734 4964 \Device\Harddisk1\DR4:
14:59:59.0734 4964 MBR partitions:
14:59:59.0734 4964 \Device\Harddisk1\DR4\Partition0: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0xED2800
14:59:59.0734 4964 ============================================================
15:00:00.0765 4964 C: <-> \Device\Harddisk0\DR0\Partition0
15:00:00.0765 4964 ============================================================
15:00:00.0765 4964 Initialize success
15:00:00.0765 4964 ============================================================
15:00:17.0718 4572 ============================================================
15:00:17.0718 4572 Scan started
15:00:17.0718 4572 Mode: Manual; TDLFS;
15:00:17.0718 4572 ============================================================
15:00:18.0015 4572 1784-PCIDS DeviceNet (493f7e752537a8205042c23eefba9a35) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\PcidsService.exe
15:00:18.0015 4572 1784-PCIDS DeviceNet - ok
15:00:18.0078 4572 Abiosdsk - ok
15:00:18.0093 4572 abp480n5 - ok
15:00:18.0125 4572 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:00:18.0125 4572 ACPI - ok
15:00:18.0140 4572 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:00:18.0140 4572 ACPIEC - ok
15:00:18.0156 4572 adpu160m - ok
15:00:18.0187 4572 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:00:18.0203 4572 aec - ok
15:00:18.0218 4572 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:00:18.0218 4572 AFD - ok
15:00:18.0234 4572 Aha154x - ok
15:00:18.0234 4572 aic78u2 - ok
15:00:18.0234 4572 aic78xx - ok
15:00:18.0265 4572 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
15:00:18.0265 4572 Alerter - ok
15:00:18.0281 4572 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
15:00:18.0281 4572 ALG - ok
15:00:18.0281 4572 AliIde - ok
15:00:18.0296 4572 amsint - ok
15:00:18.0343 4572 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:00:18.0359 4572 Apple Mobile Device - ok
15:00:18.0375 4572 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
15:00:18.0375 4572 AppMgmt - ok
15:00:18.0375 4572 asc - ok
15:00:18.0390 4572 asc3350p - ok
15:00:18.0390 4572 asc3550 - ok
15:00:18.0484 4572 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:00:18.0562 4572 aspnet_state - ok
15:00:18.0593 4572 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:00:18.0593 4572 AsyncMac - ok
15:00:18.0796 4572 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:00:18.0796 4572 atapi - ok
15:00:18.0796 4572 Atdisk - ok
15:00:18.0828 4572 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:00:18.0843 4572 Atmarpc - ok
15:00:18.0859 4572 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
15:00:18.0859 4572 AudioSrv - ok
15:00:18.0890 4572 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:00:18.0890 4572 audstub - ok
15:00:18.0906 4572 b57w2k (c0acd392ece55784884cc208aafa06ce) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
15:00:18.0906 4572 b57w2k - ok
15:00:18.0937 4572 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:00:18.0937 4572 Beep - ok
15:00:18.0984 4572 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
15:00:19.0015 4572 BITS - ok
15:00:19.0078 4572 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
15:00:19.0093 4572 Bonjour Service - ok
15:00:19.0109 4572 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
15:00:19.0109 4572 Browser - ok
15:00:19.0125 4572 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:00:19.0125 4572 cbidf2k - ok
15:00:19.0250 4572 CcmExec (a454a9baa25b8c8e76735dd86bd4b017) C:\WINDOWS\system32\CCM\CcmExec.exe
15:00:19.0296 4572 CcmExec - ok
15:00:19.0312 4572 cd20xrnt - ok
15:00:19.0312 4572 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:00:19.0312 4572 Cdaudio - ok
15:00:19.0328 4572 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:00:19.0328 4572 Cdfs - ok
15:00:19.0343 4572 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:00:19.0343 4572 Cdrom - ok
15:00:19.0343 4572 Changer - ok
15:00:19.0359 4572 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
15:00:19.0359 4572 CiSvc - ok
15:00:19.0375 4572 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
15:00:19.0375 4572 ClipSrv - ok
15:00:19.0453 4572 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:00:19.0453 4572 clr_optimization_v2.0.50727_32 - ok
15:00:19.0515 4572 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:00:19.0593 4572 clr_optimization_v4.0.30319_32 - ok
15:00:19.0625 4572 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:00:19.0625 4572 CmBatt - ok
15:00:19.0625 4572 CmdIde - ok
15:00:19.0640 4572 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:00:19.0640 4572 Compbatt - ok
15:00:19.0640 4572 COMSysApp - ok
15:00:19.0656 4572 Cpqarray - ok
15:00:19.0671 4572 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
15:00:19.0671 4572 CryptSvc - ok
15:00:19.0687 4572 dac2w2k - ok
15:00:19.0687 4572 dac960nt - ok
15:00:19.0734 4572 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
15:00:19.0765 4572 DcomLaunch - ok
15:00:19.0796 4572 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
15:00:19.0796 4572 Dhcp - ok
15:00:19.0796 4572 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:00:19.0796 4572 Disk - ok
15:00:19.0812 4572 dmadmin - ok
15:00:19.0875 4572 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
15:00:19.0906 4572 dmboot - ok
15:00:19.0906 4572 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
15:00:19.0921 4572 dmio - ok
15:00:19.0937 4572 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:00:19.0937 4572 dmload - ok
15:00:19.0953 4572 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
15:00:19.0953 4572 dmserver - ok
15:00:19.0984 4572 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:00:19.0984 4572 DMusic - ok
15:00:20.0000 4572 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
15:00:20.0000 4572 Dnscache - ok
15:00:20.0093 4572 dnWhoDisp (201d48cd1c4e874e071444ce7c874813) C:\Program Files\Rockwell Software\RSLINX\dnwhodisp.exe
15:00:20.0093 4572 dnWhoDisp - ok
15:00:20.0125 4572 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
15:00:20.0125 4572 Dot3svc - ok
15:00:20.0125 4572 dpti2o - ok
15:00:20.0140 4572 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:00:20.0156 4572 drmkaud - ok
15:00:20.0156 4572 DS1410D - ok
15:00:20.0187 4572 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
15:00:20.0218 4572 EapHost - ok
15:00:20.0359 4572 EmuLogix 5868 Slot0 (e7e6b87b0b6de4fa52817862fc39cd0b) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
15:00:20.0468 4572 EmuLogix 5868 Slot0 - ok
15:00:20.0500 4572 EmuLogix 5868 Slot1 (e7e6b87b0b6de4fa52817862fc39cd0b) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
15:00:20.0515 4572 EmuLogix 5868 Slot1 - ok
15:00:20.0531 4572 EmuLogix 5868 Slot10 (e7e6b87b0b6de4fa52817862fc39cd0b) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
15:00:20.0546 4572 EmuLogix 5868 Slot10 - ok
15:00:20.0578 4572 EmuLogix 5868 Slot11 (e7e6b87b0b6de4fa52817862fc39cd0b) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
15:00:20.0593 4572 EmuLogix 5868 Slot11 - ok
15:00:20.0609 4572 EmuLogix 5868 Slot12 (e7e6b87b0b6de4fa52817862fc39cd0b) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
15:00:20.0609 4572 EmuLogix 5868 Slot12 - ok
15:00:20.0625 4572 EmuLogix 5868 Slot13 (e7e6b87b0b6de4fa52817862fc39cd0b) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
15:00:20.0640 4572 EmuLogix 5868 Slot13 - ok
15:00:20.0656 4572 EmuLogix 5868 Slot14 (e7e6b87b0b6de4fa52817862fc39cd0b) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
15:00:20.0656 4572 EmuLogix 5868 Slot14 - ok
15:00:20.0671 4572 EmuLogix 5868 Slot15 (e7e6b87b0b6de4fa52817862fc39cd0b) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
15:00:20.0687 4572 EmuLogix 5868 Slot15 - ok
15:00:20.0781 4572 EmuLogix 5868 Slot16 (51d4dddfdae436f69fa565fc485f5de4) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\\V17\EmuLogix5868.exe
15:00:20.0828 4572 EmuLogix 5868 Slot16 - ok
15:00:20.0921 4572 EmuLogix 5868 Slot2 (e7e6b87b0b6de4fa52817862fc39cd0b) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
15:00:20.0921 4572 EmuLogix 5868 Slot2 - ok
15:00:20.0937 4572 EmuLogix 5868 Slot3 (e7e6b87b0b6de4fa52817862fc39cd0b) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
15:00:20.0953 4572 EmuLogix 5868 Slot3 - ok
15:00:20.0968 4572 EmuLogix 5868 Slot4 (e7e6b87b0b6de4fa52817862fc39cd0b) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
15:00:20.0984 4572 EmuLogix 5868 Slot4 - ok
15:00:20.0984 4572 EmuLogix 5868 Slot5 (e7e6b87b0b6de4fa52817862fc39cd0b) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
15:00:21.0000 4572 EmuLogix 5868 Slot5 - ok
15:00:21.0015 4572 EmuLogix 5868 Slot6 (e7e6b87b0b6de4fa52817862fc39cd0b) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
15:00:21.0031 4572 EmuLogix 5868 Slot6 - ok
15:00:21.0046 4572 EmuLogix 5868 Slot7 (e7e6b87b0b6de4fa52817862fc39cd0b) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
15:00:21.0046 4572 EmuLogix 5868 Slot7 - ok
15:00:21.0062 4572 EmuLogix 5868 Slot8 (e7e6b87b0b6de4fa52817862fc39cd0b) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
15:00:21.0078 4572 EmuLogix 5868 Slot8 - ok
15:00:21.0093 4572 EmuLogix 5868 Slot9 (e7e6b87b0b6de4fa52817862fc39cd0b) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
15:00:21.0093 4572 EmuLogix 5868 Slot9 - ok
15:00:21.0171 4572 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
15:00:21.0187 4572 ERSvc - ok
15:00:21.0265 4572 EventClientMultiplexer (f913d9ddf505cc13091223f2c78b46b2) C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe
15:00:21.0281 4572 EventClientMultiplexer - ok
15:00:21.0312 4572 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
15:00:21.0328 4572 Eventlog - ok
15:00:21.0343 4572 EventServer (751216bd0818f2a92095074e88975169) C:\Program Files\Common Files\Rockwell\EventServer.exe
15:00:21.0359 4572 EventServer - ok
15:00:21.0390 4572 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
15:00:21.0406 4572 EventSystem - ok
15:00:21.0468 4572 FactoryTalk Activation Service (699c2585515f17ab5a94ecf8ee20c7ee) C:\Program Files\Rockwell Software\FactoryTalk Activation\lmgrd.exe
15:00:21.0500 4572 FactoryTalk Activation Service - ok
15:00:21.0531 4572 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:00:21.0531 4572 Fastfat - ok
15:00:21.0593 4572 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:00:21.0593 4572 FastUserSwitchingCompatibility - ok
15:00:21.0640 4572 FCSAM (8cab6b589f6610bf0e20780e153248c1) c:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe
15:00:21.0640 4572 FCSAM - ok
15:00:21.0671 4572 FcsSas (5e162feb08f6635f0348d250b98ac758) C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe
15:00:21.0671 4572 FcsSas - ok
15:00:21.0687 4572 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
15:00:21.0687 4572 Fdc - ok
15:00:21.0750 4572 FileOpenManagerSvc (acedb7769f9043e869e252153487cc5c) C:\Documents and Settings\All Users\Application Data\FileOpen\Services\FileOpenManagerSvc32.exe
15:00:21.0750 4572 FileOpenManagerSvc - ok
15:00:21.0765 4572 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
15:00:21.0765 4572 Fips - ok
15:00:21.0781 4572 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:00:21.0781 4572 Flpydisk - ok
15:00:21.0812 4572 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:00:21.0812 4572 FltMgr - ok
15:00:21.0921 4572 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:00:21.0921 4572 FontCache3.0.0.0 - ok
15:00:21.0984 4572 FreeAgentGoNext Service (81b4a2c6c9bd17ffb6031a0a61c09764) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
15:00:22.0000 4572 FreeAgentGoNext Service - ok
15:00:22.0000 4572 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:00:22.0015 4572 Fs_Rec - ok
15:00:22.0046 4572 FTActivationBoost (b639d2d53f5f52832f29a88dde1ca141) C:\Program Files\Rockwell Software\FactoryTalk Activation\Tools\FTActivationBoost.exe
15:00:22.0046 4572 FTActivationBoost - ok
15:00:22.0125 4572 FTAE_Archiver (007601a8b01ea3237a7df005402821c6) C:\Program Files\Common Files\Rockwell\FTAEArchiver.exe
15:00:22.0125 4572 FTAE_Archiver - ok
15:00:22.0140 4572 FTAE_HistServ (ec7619c2df1cae20ee4e8fb347e376ae) C:\Program Files\Common Files\Rockwell\FTAE_HistServ.exe
15:00:22.0171 4572 FTAE_HistServ - ok
15:00:22.0187 4572 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:00:22.0187 4572 Ftdisk - ok
15:00:22.0203 4572 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:00:22.0218 4572 GEARAspiWDM - ok
15:00:22.0234 4572 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:00:22.0234 4572 Gpc - ok
15:00:22.0265 4572 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
15:00:22.0265 4572 gupdate - ok
15:00:22.0281 4572 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
15:00:22.0281 4572 gupdatem - ok
15:00:22.0421 4572 Harmony (8f90898dd5ec3d4e3ce9ca64512a916e) C:\Program Files\Rockwell Software\RSCommon\RSOBSERV.EXE
15:00:22.0437 4572 Harmony - ok
15:00:22.0468 4572 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:00:22.0468 4572 HDAudBus - ok
15:00:22.0515 4572 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:00:22.0515 4572 helpsvc - ok
15:00:22.0546 4572 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
15:00:22.0546 4572 HidServ - ok
15:00:22.0562 4572 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:00:22.0578 4572 HidUsb - ok
15:00:22.0593 4572 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
15:00:22.0593 4572 hkmsvc - ok
15:00:22.0609 4572 hpn - ok
15:00:22.0656 4572 HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
15:00:22.0671 4572 HSFHWAZL - ok
15:00:22.0781 4572 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
15:00:22.0812 4572 HSF_DPV - ok
15:00:22.0843 4572 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:00:22.0859 4572 HTTP - ok
15:00:22.0890 4572 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
15:00:22.0890 4572 HTTPFilter - ok
15:00:22.0890 4572 i2omgmt - ok
15:00:22.0906 4572 i2omp - ok
15:00:22.0937 4572 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:00:22.0937 4572 i8042prt - ok
15:00:23.0093 4572 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:00:23.0125 4572 idsvc - ok
15:00:23.0140 4572 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:00:23.0156 4572 Imapi - ok
15:00:23.0187 4572 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
15:00:23.0187 4572 ImapiService - ok
15:00:23.0203 4572 ini910u - ok
15:00:23.0203 4572 IntelIde - ok
15:00:23.0234 4572 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:00:23.0234 4572 intelppm - ok
15:00:23.0250 4572 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:00:23.0250 4572 Ip6Fw - ok
15:00:23.0281 4572 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:00:23.0296 4572 IpFilterDriver - ok
15:00:23.0296 4572 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:00:23.0296 4572 IpInIp - ok
15:00:23.0328 4572 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:00:23.0328 4572 IpNat - ok
15:00:23.0468 4572 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
15:00:23.0500 4572 iPod Service - ok
15:00:23.0531 4572 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:00:23.0546 4572 IPSec - ok
15:00:23.0546 4572 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:00:23.0562 4572 IRENUM - ok
15:00:23.0593 4572 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:00:23.0593 4572 isapnp - ok
15:00:23.0671 4572 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
15:00:23.0671 4572 JavaQuickStarterService - ok
15:00:23.0703 4572 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:00:23.0703 4572 Kbdclass - ok
15:00:23.0734 4572 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:00:23.0734 4572 kbdhid - ok
15:00:23.0765 4572 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:00:23.0781 4572 kmixer - ok
15:00:23.0796 4572 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:00:23.0812 4572 KSecDD - ok
15:00:23.0828 4572 L8042pr2 (0f8b7bf7097d1e8d78f2f52a2bea03cd) C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys
15:00:23.0828 4572 L8042pr2 - ok
15:00:23.0859 4572 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
15:00:23.0859 4572 LanmanServer - ok
15:00:23.0890 4572 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
15:00:23.0906 4572 lanmanworkstation - ok
15:00:23.0906 4572 lbrtfdc - ok
15:00:23.0921 4572 LHidFlt2 (3c357dfdbbf2b4b01aa4b9c8a26e4416) C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys
15:00:23.0937 4572 LHidFlt2 - ok
15:00:23.0937 4572 LHidUsb (ffb851b1b2f6596b7d3182b977a85206) C:\WINDOWS\system32\Drivers\LHidUsb.Sys
15:00:23.0953 4572 LHidUsb - ok
15:00:23.0968 4572 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
15:00:23.0968 4572 LmHosts - ok
15:00:23.0984 4572 LMouFlt2 (aef09673376a4d93c09e8341854f1bf4) C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys
15:00:23.0984 4572 LMouFlt2 - ok
15:00:24.0031 4572 LogReceiver (211c75883abd095f9540f402223bc9a4) C:\Program Files\Rockwell Software\RSLinx Enterprise\LogReceiver.exe
15:00:24.0046 4572 LogReceiver - ok
15:00:24.0078 4572 massfilter (59f57b06d1e3c7a3f22d62c7c5b4c3c3) C:\WINDOWS\system32\drivers\massfilter.sys
15:00:24.0078 4572 massfilter - ok
15:00:24.0109 4572 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
15:00:24.0109 4572 MBAMProtector - ok
15:00:24.0187 4572 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:00:24.0203 4572 MBAMService - ok
15:00:24.0218 4572 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
15:00:24.0218 4572 mdmxsdk - ok
15:00:24.0250 4572 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
15:00:24.0250 4572 Messenger - ok
15:00:24.0296 4572 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:00:24.0296 4572 mnmdd - ok
15:00:24.0328 4572 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
15:00:24.0343 4572 mnmsrvc - ok
15:00:24.0359 4572 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
15:00:24.0359 4572 Modem - ok
15:00:24.0406 4572 MOM (f3c2e6441348a7fc20f21fe2f5eb28e6) C:\Program Files\Microsoft Forefront\Client Security\Client\Microsoft Operations Manager 2005\MOMService.exe
15:00:24.0421 4572 MOM - ok
15:00:24.0437 4572 MotoConnect Service (be72f68c3e898c6c7dd61afdf28769dd) C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
15:00:24.0453 4572 MotoConnect Service - ok
15:00:24.0453 4572 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:00:24.0453 4572 Mouclass - ok
15:00:24.0468 4572 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:00:24.0468 4572 mouhid - ok
15:00:24.0484 4572 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:00:24.0484 4572 MountMgr - ok
15:00:24.0578 4572 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:00:24.0593 4572 MozillaMaintenance - ok
15:00:24.0609 4572 MpFilter (356842aac621ab40f18992c01a590f71) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
15:00:24.0625 4572 MpFilter - ok
15:00:24.0625 4572 mraid35x - ok
15:00:24.0671 4572 MRxDAV (e3f17e1ea5256709d4e97ef0da04b3c9) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:00:24.0671 4572 MRxDAV - ok
15:00:24.0734 4572 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:00:24.0750 4572 MRxSmb - ok
15:00:24.0781 4572 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
15:00:24.0781 4572 MSDTC - ok
15:00:24.0796 4572 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:00:24.0796 4572 Msfs - ok
15:00:24.0796 4572 MSIServer - ok
15:00:24.0828 4572 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:00:24.0828 4572 MSKSSRV - ok
15:00:24.0828 4572 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:00:24.0828 4572 MSPCLOCK - ok
15:00:24.0828 4572 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:00:24.0843 4572 MSPQM - ok
15:00:24.0859 4572 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:00:24.0859 4572 mssmbios - ok
15:00:24.0875 4572 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:00:24.0890 4572 Mup - ok
15:00:24.0921 4572 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
15:00:24.0937 4572 napagent - ok
15:00:24.0968 4572 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:00:24.0984 4572 NDIS - ok
15:00:25.0015 4572 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:00:25.0015 4572 NdisTapi - ok
15:00:25.0031 4572 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:00:25.0031 4572 Ndisuio - ok
15:00:25.0046 4572 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:00:25.0046 4572 NdisWan - ok
15:00:25.0046 4572 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:00:25.0046 4572 NDProxy - ok
15:00:25.0062 4572 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:00:25.0062 4572 NetBIOS - ok
15:00:25.0093 4572 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:00:25.0093 4572 NetBT - ok
15:00:25.0109 4572 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
15:00:25.0109 4572 NetDDE - ok
15:00:25.0125 4572 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
15:00:25.0125 4572 NetDDEdsdm - ok
15:00:25.0156 4572 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:00:25.0156 4572 Netlogon - ok
15:00:25.0187 4572 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
15:00:25.0187 4572 Netman - ok
15:00:25.0312 4572 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:00:25.0390 4572 NetTcpPortSharing - ok
15:00:25.0625 4572 NETw5x32 (aa88346ab7849a1cb34bd3424febfece) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
15:00:25.0718 4572 NETw5x32 - ok
15:00:25.0828 4572 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
15:00:25.0843 4572 Nla - ok
15:00:25.0906 4572 NmspHost (7bc2281977aa408b3614cefad69b8f08) C:\Program Files\Common Files\Rockwell\NmspHost.exe
15:00:25.0921 4572 NmspHost - ok
15:00:25.0953 4572 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:00:25.0968 4572 Npfs - ok
15:00:26.0015 4572 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:00:26.0031 4572 Ntfs - ok
15:00:26.0062 4572 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:00:26.0062 4572 NtLmSsp - ok
15:00:26.0093 4572 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
15:00:26.0109 4572 NtmsSvc - ok
15:00:26.0140 4572 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:00:26.0140 4572 Null - ok
15:00:26.0578 4572 nv (c116d2b008a1640c4484a1dcd1abe12c) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:00:26.0734 4572 nv - ok
15:00:26.0828 4572 NVSvc (bc6f6d569a0848ba9d38158ae4734a9c) C:\WINDOWS\system32\nvsvc32.exe
15:00:26.0828 4572 NVSvc - ok
15:00:26.0859 4572 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:00:26.0859 4572 NwlnkFlt - ok
15:00:26.0875 4572 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:00:26.0875 4572 NwlnkFwd - ok
15:00:26.0937 4572 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:00:26.0953 4572 odserv - ok
15:00:26.0984 4572 OpcEnum (a12b32fb9e4c88998997e61db4a07670) C:\WINDOWS\system32\OpcEnum.exe
15:00:27.0000 4572 OpcEnum - ok
15:00:27.0046 4572 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:00:27.0046 4572 ose - ok
15:00:27.0078 4572 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
15:00:27.0093 4572 Parport - ok
15:00:27.0093 4572 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:00:27.0109 4572 PartMgr - ok
15:00:27.0109 4572 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
15:00:27.0125 4572 ParVdm - ok
15:00:27.0140 4572 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
15:00:27.0140 4572 PCI - ok
15:00:27.0140 4572 pcidnt - ok
15:00:27.0156 4572 PCIDump - ok
15:00:27.0156 4572 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:00:27.0156 4572 PCIIde - ok
15:00:27.0187 4572 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
15:00:27.0203 4572 Pcmcia - ok
15:00:27.0203 4572 PDCOMP - ok
15:00:27.0265 4572 PDFProFiltSrv (58ad3403d4e7b0c9b8808cf30888c3a0) C:\Program Files\Nuance\PDF Professional 5\PDFProFiltSrv.exe
15:00:27.0328 4572 PDFProFiltSrv - ok
15:00:27.0343 4572 PDFRAME - ok
15:00:27.0343 4572 PDRELI - ok
15:00:27.0359 4572 PDRFRAME - ok
15:00:27.0359 4572 perc2 - ok
15:00:27.0359 4572 perc2hib - ok
15:00:27.0406 4572 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
15:00:27.0421 4572 PlugPlay - ok
15:00:27.0437 4572 pneteth (088335b06f75adbcbb81575c7cae6c43) C:\WINDOWS\system32\DRIVERS\pneteth.sys
15:00:27.0437 4572 pneteth - ok
15:00:27.0453 4572 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:00:27.0453 4572 PolicyAgent - ok
15:00:27.0468 4572 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:00:27.0468 4572 PptpMiniport - ok
15:00:27.0531 4572 prepdrvr (2a4514a9233d35a355f569ff8b8f6240) C:\WINDOWS\system32\CCM\prepdrv.sys
15:00:27.0609 4572 prepdrvr - ok
15:00:27.0625 4572 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:00:27.0625 4572 ProtectedStorage - ok
15:00:27.0640 4572 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:00:27.0640 4572 PSched - ok
15:00:27.0640 4572 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:00:27.0656 4572 Ptilink - ok
15:00:27.0656 4572 ql1080 - ok
15:00:27.0656 4572 Ql10wnt - ok
15:00:27.0671 4572 ql12160 - ok
15:00:27.0671 4572 ql1240 - ok
15:00:27.0687 4572 ql1280 - ok
15:00:27.0703 4572 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:00:27.0703 4572 RasAcd - ok
15:00:27.0718 4572 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
15:00:27.0734 4572 RasAuto - ok
15:00:27.0750 4572 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:00:27.0750 4572 Rasl2tp - ok
15:00:27.0796 4572 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
15:00:27.0796 4572 RasMan - ok
15:00:27.0812 4572 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:00:27.0812 4572 RasPppoe - ok
15:00:27.0812 4572 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:00:27.0812 4572 Raspti - ok
15:00:27.0859 4572 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:00:27.0859 4572 Rdbss - ok
15:00:27.0937 4572 RdcyHost (f4d461a84c03d061967a09b96386428e) C:\Program Files\Common Files\Rockwell\RdcyHost.exe
15:00:27.0953 4572 RdcyHost - ok
15:00:27.0953 4572 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:00:27.0953 4572 RDPCDD - ok
15:00:28.0000 4572 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:00:28.0000 4572 rdpdr - ok
15:00:28.0046 4572 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
15:00:28.0046 4572 RDPWD - ok
15:00:28.0062 4572 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
15:00:28.0078 4572 RDSessMgr - ok
15:00:28.0109 4572 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:00:28.0125 4572 redbook - ok
15:00:28.0140 4572 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
15:00:28.0140 4572 RemoteAccess - ok
15:00:28.0156 4572 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
15:00:28.0156 4572 RemoteRegistry - ok
15:00:28.0203 4572 RnaAeServer (c63e112439d4fbff4ecff7dd6ae17445) C:\Program Files\Common Files\Rockwell\RnaAeServer.exe
15:00:28.0234 4572 RnaAeServer - ok
15:00:28.0375 4572 RnaAlarmMux (00ccdd1d8f5c2e53ed7f80f97735091a) C:\Program Files\Common Files\Rockwell\RnaAlarmMux.exe
15:00:28.0437 4572 RnaAlarmMux - ok
15:00:28.0453 4572 RNADiagnosticsService (3af10c58363bfc6a9c74c1d9aa45fd75) C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe
15:00:28.0468 4572 RNADiagnosticsService - ok
15:00:28.0500 4572 RNADiagReceiver (c0868b7e4ea86adb5a9ccd442db62901) C:\Program Files\Common Files\Rockwell\RNADiagReceiver.exe
15:00:28.0500 4572 RNADiagReceiver - ok
15:00:28.0578 4572 RNADirectory (6fee6a6f24c3db3992f9626930c4e625) C:\Program Files\Common Files\Rockwell\RnaDirServer.exe
15:00:28.0609 4572 RNADirectory - ok
15:00:28.0656 4572 RNADirMultiplexor (a00ea99cbc5aabb1ddc1f83797e203e8) C:\Program Files\Common Files\Rockwell\RNADirMultiplexor.exe
15:00:28.0703 4572 RNADirMultiplexor - ok
15:00:28.0781 4572 Rockwell HMI Activity Logger (13c522cce1fb8c7096c3110e90550244) C:\Program Files\Rockwell Software\RSView Enterprise\RsActivityLogServ.exe
15:00:28.0843 4572 Rockwell HMI Activity Logger - ok
15:00:28.0875 4572 Rockwell HMI Alarm Logger (71d7bc8920527d59709b89b7ff7686fa) C:\Program Files\Rockwell Software\RSView Enterprise\RsAlarmLogServ.exe
15:00:28.0890 4572 Rockwell HMI Alarm Logger - ok
15:00:28.0921 4572 Rockwell HMI Backup Server (c36d93d581d4d06d1c89dc43039c0931) C:\Program Files\Rockwell Software\RSView Enterprise\Rockwell HMI Backup Server.exe
15:00:28.0921 4572 Rockwell HMI Backup Server - ok
15:00:28.0937 4572 Rockwell HMI Diagnostics (2c463bd1de08d84a924c1cbdf95223f9) C:\Program Files\Rockwell Software\RSView Enterprise\HMIDIAGNOSTICSLSTADAPT.exe
15:00:28.0937 4572 Rockwell HMI Diagnostics - ok
15:00:28.0984 4572 Rockwell HMI Framework (d6213aca5b3251249d1efd740a9095b4) C:\Program Files\Rockwell Software\RSView Enterprise\ServerFramework.exe
15:00:29.0015 4572 Rockwell HMI Framework - ok
15:00:29.0046 4572 Rockwell Tag Server (704e5a3f461ab1ddc48a29ba97945b0d) C:\Program Files\Rockwell Software\RSView Enterprise\TagSrv.exe
15:00:29.0078 4572 Rockwell Tag Server - ok
15:00:29.0171 4572 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
15:00:29.0171 4572 RpcLocator - ok
15:00:29.0218 4572 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
15:00:29.0234 4572 RpcSs - ok
15:00:29.0281 4572 RSI-PKTX-A (9d1aff516d727612363c03abdc203380) C:\WINDOWS\System32\drivers\RSI-PKTX-A.SYS
15:00:29.0296 4572 RSI-PKTX-A - ok
15:00:29.0406 4572 RsiKtControl (2af65117091a47732f0997330e3daae6) C:\WINDOWS\system32\RSIKT.SYS
15:00:29.0437 4572 RsiKtControl - ok
15:00:29.0484 4572 RSLinx - ok
15:00:29.0515 4572 RSLinxNG (0c37cd0d08065421d1a42f75399a86c9) C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe
15:00:29.0531 4572 RSLinxNG - ok
15:00:29.0546 4572 RSLINXNGKtControl (9e866a7c540c6a4b21bd5255a2a2bd0d) C:\WINDOWS\System32\drivers\RSIKTNG.SYS
15:00:29.0546 4572 RSLINXNGKtControl - ok
15:00:29.0562 4572 RSSERIAL (b089419975668e2a701178032d652a24) C:\WINDOWS\SYSTEM32\RSSERIAL.SYS
15:00:29.0578 4572 RSSERIAL - ok
15:00:29.0656 4572 RsvcHost (f553b4c5c3ca6e77ac15dc45c3f8ce64) C:\Program Files\Common Files\Rockwell\RsvcHost.exe
15:00:29.0671 4572 RsvcHost - ok
15:00:29.0703 4572 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
15:00:29.0718 4572 RSVP - ok
15:00:29.0734 4572 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:00:29.0734 4572 SamSs - ok
15:00:29.0765 4572 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
15:00:29.0765 4572 SCardSvr - ok
15:00:29.0812 4572 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
15:00:29.0828 4572 Schedule - ok
15:00:29.0843 4572 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:00:29.0843 4572 Secdrv - ok
15:00:29.0859 4572 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
15:00:29.0859 4572 seclogon - ok
15:00:29.0859 4572 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
15:00:29.0875 4572 SENS - ok
15:00:29.0890 4572 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:00:29.0890 4572 serenum - ok
15:00:29.0906 4572 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
15:00:29.0921 4572 Serial - ok
15:00:29.0968 4572 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
15:00:29.0984 4572 Sfloppy - ok
15:00:30.0031 4572 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
15:00:30.0046 4572 SharedAccess - ok
15:00:30.0078 4572 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:00:30.0078 4572 ShellHWDetection - ok
15:00:30.0078 4572 Simbad - ok
15:00:30.0140 4572 SimModuleService (4054759891d29244d4fa7f52d76d0d2e) C:\Program Files\Rockwell Software\RSLogix Emulate 5000\SimModuleService.exe
15:00:30.0140 4572 SimModuleService - ok
15:00:30.0171 4572 smsmdd (4b4ab78e866bbecf93f6eabc3270178a) C:\WINDOWS\system32\DRIVERS\smsmdm.sys
15:00:30.0171 4572 smsmdd - ok
15:00:30.0187 4572 smstsmgr - ok
15:00:30.0203 4572 Sparrow - ok
15:00:30.0234 4572 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:00:30.0234 4572 splitter - ok
15:00:30.0250 4572 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:00:30.0265 4572 Spooler - ok
15:00:30.0281 4572 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
15:00:30.0296 4572 sr - ok
15:00:30.0312 4572 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
15:00:30.0328 4572 srservice - ok
15:00:30.0390 4572 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:00:30.0406 4572 Srv - ok
15:00:30.0437 4572 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
15:00:30.0453 4572 SSDPSRV - ok
15:00:30.0546 4572 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
15:00:30.0593 4572 STHDA - ok
15:00:30.0625 4572 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
15:00:30.0640 4572 stisvc - ok
15:00:30.0656 4572 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:00:30.0656 4572 swenum - ok
15:00:30.0671 4572 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:00:30.0687 4572 swmidi - ok
15:00:30.0687 4572 SwPrv - ok
15:00:30.0687 4572 symc810 - ok
15:00:30.0703 4572 symc8xx - ok
15:00:30.0703 4572 sym_hi - ok
15:00:30.0718 4572 sym_u3 - ok
15:00:30.0718 4572 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:00:30.0734 4572 sysaudio - ok
15:00:30.0750 4572 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
15:00:30.0765 4572 SysmonLog - ok
15:00:30.0796 4572 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
15:00:30.0812 4572 TapiSrv - ok
15:00:30.0859 4572 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:00:30.0875 4572 Tcpip - ok
15:00:30.0906 4572 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:00:30.0906 4572 TDPIPE - ok
15:00:30.0921 4572 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:00:30.0921 4572 TDTCP - ok
15:00:30.0937 4572 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:00:30.0937 4572 TermDD - ok
15:00:30.0968 4572 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
15:00:30.0984 4572 TermService - ok
15:00:31.0015 4572 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:00:31.0015 4572 Themes - ok
15:00:31.0031 4572 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
15:00:31.0046 4572 TlntSvr - ok
15:00:31.0062 4572 TosIde - ok
15:00:31.0078 4572 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
15:00:31.0078 4572 TrkWks - ok
15:00:31.0125 4572 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:00:31.0125 4572 Udfs - ok
15:00:31.0125 4572 ultra - ok
15:00:31.0187 4572 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:00:31.0203 4572 Update - ok
15:00:31.0234 4572 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
15:00:31.0250 4572 upnphost - ok
15:00:31.0265 4572 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
15:00:31.0296 4572 UPS - ok
15:00:31.0406 4572 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
15:00:31.0406 4572 USBAAPL - ok
15:00:31.0500 4572 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
15:00:31.0500 4572 usbaudio - ok
15:00:31.0546 4572 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:00:31.0546 4572 usbccgp - ok
15:00:31.0578 4572 USBCCID (6b5e4d5e6e5ecd6acd14aed59768ce5c) C:\WINDOWS\system32\DRIVERS\usbccid.sys
15:00:31.0593 4572 USBCCID - ok
15:00:31.0671 4572 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:00:31.0671 4572 usbehci - ok
15:00:31.0687 4572 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:00:31.0687 4572 usbhub - ok
15:00:31.0734 4572 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:00:31.0734 4572 usbprint - ok
15:00:31.0765 4572 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:00:31.0765 4572 usbscan - ok
15:00:31.0796 4572 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:00:31.0796 4572 USBSTOR - ok
15:00:31.0812 4572 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:00:31.0812 4572 usbuhci - ok
15:00:31.0843 4572 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:00:31.0843 4572 VgaSave - ok
15:00:31.0859 4572 ViaIde - ok
15:00:31.0875 4572 VirtualBackplane (1d64caf94f26e6e08bab8f6348fa0f2f) C:\WINDOWS\system32\drivers\VirtualBackplane.sys
15:00:31.0875 4572 VirtualBackplane - ok
15:00:31.0890 4572 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
15:00:31.0890 4572 VolSnap - ok
15:00:31.0937 4572 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
15:00:31.0937 4572 VSS - ok
15:00:31.0968 4572 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
15:00:31.0984 4572 W32Time - ok
15:00:32.0000 4572 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:00:32.0000 4572 Wanarp - ok
15:00:32.0078 4572 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
15:00:32.0093 4572 Wdf01000 - ok
15:00:32.0093 4572 WDICA - ok
15:00:32.0140 4572 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:00:32.0171 4572 wdmaud - ok
15:00:32.0187 4572 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
15:00:32.0187 4572 WebClient - ok
15:00:32.0250 4572 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
15:00:32.0281 4572 winachsf - ok
15:00:32.0390 4572 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:00:32.0406 4572 winmgmt - ok
15:00:32.0578 4572 WinRM (18f347402da544a780949b8fdf83351b) C:\WINDOWS\system32\WsmSvc.dll
15:00:32.0625 4572 WinRM - ok
15:00:32.0687 4572 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
15:00:32.0687 4572 WinUSB - ok
15:00:32.0734 4572 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:00:32.0734 4572 WmdmPmSN - ok
15:00:32.0796 4572 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
15:00:32.0828 4572 Wmi - ok
15:00:32.0843 4572 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
15:00:32.0859 4572 WmiAcpi - ok
15:00:32.0875 4572 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:00:32.0875 4572 WmiApSrv - ok
15:00:33.0000 4572 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
15:00:33.0031 4572 WMPNetworkSvc - ok
15:00:33.0046 4572 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
15:00:33.0046 4572 WpdUsb - ok
15:00:33.0203 4572 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:00:33.0250 4572 WPFFontCache_v0400 - ok
15:00:33.0296 4572 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
15:00:33.0312 4572 wscsvc - ok
15:00:33.0328 4572 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
15:00:33.0328 4572 wuauserv - ok
15:00:33.0359 4572 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:00:33.0375 4572 WudfPf - ok
15:00:33.0421 4572 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:00:33.0437 4572 WudfRd - ok
15:00:33.0468 4572 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
15:00:33.0468 4572 WudfSvc - ok
15:00:33.0515 4572 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
15:00:33.0546 4572 WZCSVC - ok
15:00:33.0578 4572 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
15:00:33.0609 4572 xmlprov - ok
15:00:33.0640 4572 ZTEusbmdm6k (4692a3e087cf018808f376a3cc2128fa) C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
15:00:33.0640 4572 ZTEusbmdm6k - ok
15:00:33.0656 4572 ZTEusbnmea (4692a3e087cf018808f376a3cc2128fa) C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
15:00:33.0671 4572 ZTEusbnmea - ok
15:00:33.0687 4572 ZTEusbser6k (4692a3e087cf018808f376a3cc2128fa) C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
15:00:33.0687 4572 ZTEusbser6k - ok
15:00:33.0718 4572 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
15:00:34.0421 4572 \Device\Harddisk0\DR0 - ok
15:00:34.0437 4572 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR4
15:00:34.0562 4572 \Device\Harddisk1\DR4 - ok
15:00:34.0562 4572 Boot (0x1200) (77462ec6988dccbb1d3f01c8c40261a0) \Device\Harddisk0\DR0\Partition0
15:00:34.0562 4572 \Device\Harddisk0\DR0\Partition0 - ok
15:00:34.0578 4572 Boot (0x1200) (081dd2a3c0261f7c95396a6d8a5489ac) \Device\Harddisk1\DR4\Partition0
15:00:34.0578 4572 \Device\Harddisk1\DR4\Partition0 - ok
15:00:34.0578 4572 ============================================================
15:00:34.0578 4572 Scan finished
15:00:34.0578 4572 ============================================================
15:00:34.0578 5328 Detected object count: 0
15:00:34.0578 5328 Actual detected object count: 0



Here is the aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-29 15:02:17
-----------------------------
15:02:17.687 OS Version: Windows 5.1.2600 Service Pack 3
15:02:17.687 Number of processors: 2 586 0xE08
15:02:17.687 ComputerName: MHOSEYLT UserName: mhosey
15:02:20.390 Initialize success
15:03:00.765 AVAST engine defs: 12072801
15:03:15.781 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
15:03:15.781 Disk 0 Vendor: ST9320421AS SD13 Size: 305245MB BusType: 3
15:03:15.890 Disk 0 MBR read successfully
15:03:15.890 Disk 0 MBR scan
15:03:16.078 Disk 0 Windows XP default MBR code
15:03:16.109 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305242 MB offset 63
15:03:16.125 Disk 0 scanning sectors +625137345
15:03:16.406 Disk 0 scanning C:\WINDOWS\system32\drivers
15:04:26.562 Service scanning
15:06:10.187 Modules scanning
15:06:16.953 Disk 0 trace - called modules:
15:06:16.968 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
15:06:16.968 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f85ab8]
15:06:16.968 3 CLASSPNP.SYS[f7562fd7] -> nt!IofCallDriver -> \Device\0000007e[0x86f7af18]
15:06:16.968 5 ACPI.sys[f73e9620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86f76940]
15:06:19.125 AVAST engine scan C:\WINDOWS
15:06:35.171 AVAST engine scan C:\WINDOWS\system32
15:13:12.265 AVAST engine scan C:\WINDOWS\system32\drivers
15:13:34.015 AVAST engine scan C:\Documents and Settings\mhosey
16:18:53.015 AVAST engine scan C:\Documents and Settings\All Users
16:24:42.500 Scan finished successfully
16:28:56.328 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\mhosey\Desktop\Stuff\tdss\MBR.dat"
16:28:56.328 The log file has been saved successfully to "C:\Documents and Settings\mhosey\Desktop\Stuff\tdss\aswMBR.txt"



Downloading ESET will run it next.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users