Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot Renew IP Address - suspected malware issue


  • Please log in to reply
12 replies to this topic

#1 jss8381

jss8381

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 16 August 2012 - 08:58 AM

Hello everyone,

An office computer in my firm has unable to connect to the Internet using the wired Ethernet connection for quite some time now. Specifically, it says that it cannot renew the IP address. When I attempted to verify that the DHCP Client Service was running, I received the message, "Could not start the DHCP Client on Local Computer. Error 1075: The dependency service does not exist or has been marked for deletion." I previously posted about it at TechSupportForums, and after a few attempted fixes, the growing consensus there seemed to be that there might be a malware issue causing the problem. A poster there referred me to here. That thread is here: http://www.techsupportforum.com/forums/f31/cannot-renew-ip-address-wired-connection-660084.html.

As always, your assistance is greatly appreciated.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:23 AM

Posted 16 August 2012 - 09:29 AM

Why do you say its malware related?

Do you have restore points when internet worked?

Copy these tools to infected PC

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Edited by narenxp, 16 August 2012 - 09:29 AM.


#3 jss8381

jss8381
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 16 August 2012 - 10:55 AM

Here's the FSS Log:

Farbar Service Scanner Version: 06-08-2012
Ran by Cooper (administrator) on 16-08-2012 at 10:43:16
Running from "E:\"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

NetBt Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open NetBt registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open NetBt registry key. The service key does not exist.


Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error: Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error: Yahoo IP is unreachable
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit

ATTENTION!=====> C:\WINDOWS\system32\Drivers\netbt.sys FILE IS MISSING AND SHOULD BE RESTORED.

C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
epfwtdir(8) Gpc(6) IPSec(4) PSched(7) Tcpip(3)
0x080000000400000001000000020000000300000005000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****





Here's the TDSSKiller log:


10:46:58.0109 3564 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
10:46:58.0156 3564 ============================================================
10:46:58.0156 3564 Current date / time: 2012/08/16 10:46:58.0156
10:46:58.0156 3564 SystemInfo:
10:46:58.0156 3564
10:46:58.0156 3564 OS Version: 5.1.2600 ServicePack: 3.0
10:46:58.0156 3564 Product type: Workstation
10:46:58.0156 3564 ComputerName: LAWCLERKS
10:46:58.0156 3564 UserName: Cooper
10:46:58.0156 3564 Windows directory: C:\WINDOWS
10:46:58.0156 3564 System windows directory: C:\WINDOWS
10:46:58.0156 3564 Processor architecture: Intel x86
10:46:58.0156 3564 Number of processors: 2
10:46:58.0156 3564 Page size: 0x1000
10:46:58.0156 3564 Boot type: Normal boot
10:46:58.0156 3564 ============================================================
10:47:00.0953 3564 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:47:00.0968 3564 Drive \Device\Harddisk1\DR7 - Size: 0x7B80000 (0.12 Gb), SectorSize: 0x200, Cylinders: 0xF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:47:00.0984 3564 ============================================================
10:47:00.0984 3564 \Device\Harddisk0\DR0:
10:47:00.0984 3564 MBR partitions:
10:47:00.0984 3564 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x129ED876
10:47:00.0984 3564 \Device\Harddisk1\DR7:
10:47:00.0984 3564 MBR partitions:
10:47:00.0984 3564 \Device\Harddisk1\DR7\Partition1: MBR, Type 0x4, StartLBA 0x20, BlocksNum 0x3DBE0
10:47:00.0984 3564 ============================================================
10:47:00.0984 3564 C: <-> \Device\Harddisk0\DR0\Partition1
10:47:00.0984 3564 ============================================================
10:47:00.0984 3564 Initialize success
10:47:00.0984 3564 ============================================================
10:47:05.0640 2132 ============================================================
10:47:05.0640 2132 Scan started
10:47:05.0640 2132 Mode: Manual;
10:47:05.0640 2132 ============================================================
10:47:06.0109 2132 ================ Scan services =============================
10:47:06.0109 2132 .mrxsmb - ok
10:47:06.0171 2132 Abiosdsk - ok
10:47:06.0187 2132 [ 6abb91494fe6c59089b9336452ab2ea3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
10:47:06.0187 2132 abp480n5 - ok
10:47:06.0218 2132 [ 8fd99680a539792a30e97944fdaecf17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:47:06.0218 2132 ACPI - ok
10:47:06.0250 2132 [ 9859c0f6936e723e4892d7141b1327d5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
10:47:06.0250 2132 ACPIEC - ok
10:47:06.0281 2132 [ f959f333a01f5c109e9d644c3bd8301c ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
10:47:06.0296 2132 ADIHdAudAddService - ok
10:47:06.0328 2132 [ 9a11864873da202c996558b2106b0bbc ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
10:47:06.0343 2132 adpu160m - ok
10:47:06.0375 2132 [ 8bed39e3c35d6a489438b8141717a557 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:47:06.0375 2132 aec - ok
10:47:06.0437 2132 [ 1e44bc1e83d8fd2305f8d452db109cf9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:47:06.0437 2132 AFD - ok
10:47:06.0468 2132 [ 08fd04aa961bdc77fb983f328334e3d7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
10:47:06.0468 2132 agp440 - ok
10:47:06.0500 2132 [ 03a7e0922acfe1b07d5db2eeb0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
10:47:06.0500 2132 agpCPQ - ok
10:47:06.0515 2132 [ c23ea9b5f46c7f7910db3eab648ff013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
10:47:06.0515 2132 Aha154x - ok
10:47:06.0531 2132 [ 19dd0fb48b0c18892f70e2e7d61a1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
10:47:06.0531 2132 aic78u2 - ok
10:47:06.0546 2132 [ b7fe594a7468aa0132deb03fb8e34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
10:47:06.0546 2132 aic78xx - ok
10:47:06.0593 2132 [ a9a3daa780ca6c9671a19d52456705b4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:47:06.0593 2132 Alerter - ok
10:47:06.0625 2132 [ 8c515081584a38aa007909cd02020b3d ] ALG C:\WINDOWS\System32\alg.exe
10:47:06.0625 2132 ALG - ok
10:47:06.0656 2132 [ 1140ab9938809700b46bb88e46d72a96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
10:47:06.0656 2132 AliIde - ok
10:47:06.0671 2132 [ cb08aed0de2dd889a8a820cd8082d83c ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
10:47:06.0671 2132 alim1541 - ok
10:47:06.0687 2132 [ 95b4fb835e28aa1336ceeb07fd5b9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
10:47:06.0687 2132 amdagp - ok
10:47:06.0718 2132 [ 79f5add8d24bd6893f2903a3e2f3fad6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
10:47:06.0718 2132 amsint - ok
10:47:06.0765 2132 [ d8849f77c0b66226335a59d26cb4edc6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
10:47:06.0765 2132 AppMgmt - ok
10:47:06.0781 2132 [ 62d318e9a0c8fc9b780008e724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
10:47:06.0781 2132 asc - ok
10:47:06.0796 2132 [ 69eb0cc7714b32896ccbfd5edcbea447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
10:47:06.0796 2132 asc3350p - ok
10:47:06.0796 2132 [ 5d8de112aa0254b907861e9e9c31d597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
10:47:06.0812 2132 asc3550 - ok
10:47:06.0921 2132 [ e1a1206a4fb19b675e947b29ccd25fba ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
10:47:06.0921 2132 aspnet_state - ok
10:47:06.0984 2132 [ b153affac761e7f5fcfa822b9c4e97bc ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:47:06.0984 2132 AsyncMac - ok
10:47:07.0000 2132 [ 9f3a2f5aa6875c72bf062c712cfa2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:47:07.0000 2132 atapi - ok
10:47:07.0015 2132 Atdisk - ok
10:47:07.0078 2132 [ c23082b890f21267037ca6111c385ff3 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
10:47:07.0093 2132 Ati HotKey Poller - ok
10:47:07.0203 2132 [ f5fc6ac1e7bc776871361d463fc86be2 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
10:47:07.0218 2132 ati2mtag - ok
10:47:07.0250 2132 [ 1842b56b3d3f195c36f62708d266b95e ] atiide C:\WINDOWS\system32\DRIVERS\atiide.sys
10:47:07.0250 2132 atiide - ok
10:47:07.0281 2132 [ 9916c1225104ba14794209cfa8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:47:07.0296 2132 Atmarpc - ok
10:47:07.0343 2132 [ def7a7882bec100fe0b2ce2549188f9d ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:47:07.0343 2132 AudioSrv - ok
10:47:07.0359 2132 [ d9f724aa26c010a217c97606b160ed68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:47:07.0359 2132 audstub - ok
10:47:07.0375 2132 [ 78e7b52da292fa90bad2f887bbf22159 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
10:47:07.0375 2132 bcm4sbxp - ok
10:47:07.0390 2132 [ da1f27d85e0d1525f6621372e7b685e9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:47:07.0390 2132 Beep - ok
10:47:07.0453 2132 [ 574738f61fca2935f5265dc4e5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
10:47:07.0453 2132 BITS - ok
10:47:07.0515 2132 [ a06ce3399d16db864f55faeb1f1927a9 ] Browser C:\WINDOWS\System32\browser.dll
10:47:07.0515 2132 Browser - ok
10:47:07.0531 2132 catchme - ok
10:47:07.0531 2132 [ 90a673fc8e12a79afbed2576f6a7aaf9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
10:47:07.0531 2132 cbidf - ok
10:47:07.0546 2132 [ 90a673fc8e12a79afbed2576f6a7aaf9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:47:07.0546 2132 cbidf2k - ok
10:47:07.0578 2132 [ f3ec03299634490e97bbce94cd2954c7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
10:47:07.0578 2132 cd20xrnt - ok
10:47:07.0609 2132 [ c1b486a7658353d33a10cc15211a873b ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:47:07.0609 2132 Cdaudio - ok
10:47:07.0609 2132 [ c885b02847f5d2fd45a24e219ed93b32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:47:07.0625 2132 Cdfs - ok
10:47:07.0625 2132 [ 1f4260cc5b42272d71f79e570a27a4fe ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:47:07.0625 2132 Cdrom - ok
10:47:07.0640 2132 Changer - ok
10:47:07.0656 2132 [ 1cfe720eb8d93a7158a4ebc3ab178bde ] CiSvc C:\WINDOWS\system32\cisvc.exe
10:47:07.0656 2132 CiSvc - ok
10:47:07.0671 2132 [ 34cbe729f38138217f9c80212a2a0c82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:47:07.0671 2132 ClipSrv - ok
10:47:07.0671 2132 [ e5dcb56c533014ecbc556a8357c929d5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
10:47:07.0687 2132 CmdIde - ok
10:47:07.0687 2132 COMSysApp - ok
10:47:07.0703 2132 [ 3ee529119eed34cd212a215e8c40d4b6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
10:47:07.0703 2132 Cpqarray - ok
10:47:07.0734 2132 [ 3d4e199942e29207970e04315d02ad3b ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:47:07.0734 2132 CryptSvc - ok
10:47:07.0750 2132 [ e550e7418984b65a78299d248f0a7f36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
10:47:07.0750 2132 dac2w2k - ok
10:47:07.0765 2132 [ 683789caa3864eb46125ae86ff677d34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
10:47:07.0765 2132 dac960nt - ok
10:47:07.0828 2132 [ 6b27a5c03dfb94b4245739065431322c ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:47:07.0828 2132 DcomLaunch - ok
10:47:07.0859 2132 [ 5e38d7684a49cacfb752b046357e0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:47:07.0859 2132 Dhcp - ok
10:47:07.0859 2132 [ 044452051f3e02e7963599fc8f4f3e25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:47:07.0859 2132 Disk - ok
10:47:07.0875 2132 dmadmin - ok
10:47:07.0921 2132 [ d992fe1274bde0f84ad826acae022a41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:47:07.0937 2132 dmboot - ok
10:47:07.0968 2132 [ 7c824cf7bbde77d95c08005717a95f6f ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:47:07.0968 2132 dmio - ok
10:47:08.0000 2132 [ e9317282a63ca4d188c0df5e09c6ac5f ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:47:08.0000 2132 dmload - ok
10:47:08.0046 2132 [ 57edec2e5f59f0335e92f35184bc8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
10:47:08.0046 2132 dmserver - ok
10:47:08.0062 2132 [ 8a208dfcf89792a484e76c40e5f50b45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:47:08.0062 2132 DMusic - ok
10:47:08.0109 2132 [ 5f7e24fa9eab896051ffb87f840730d2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:47:08.0125 2132 Dnscache - ok
10:47:08.0156 2132 [ 0f0f6e687e5e15579ef4da8dd6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:47:08.0156 2132 Dot3svc - ok
10:47:08.0171 2132 [ 40f3b93b4e5b0126f2f5c0a7a5e22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
10:47:08.0171 2132 dpti2o - ok
10:47:08.0203 2132 [ 8f5fcff8e8848afac920905fbd9d33c8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:47:08.0203 2132 drmkaud - ok
10:47:08.0250 2132 DSproct - ok
10:47:08.0265 2132 [ 3fca03cbca11269f973b70fa483c88ef ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
10:47:08.0265 2132 E100B - ok
10:47:08.0296 2132 [ 3b2e8f97b6869c29da023ee75bf585d5 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
10:47:08.0296 2132 eamon - ok
10:47:08.0328 2132 [ 2187855a7703adef0cef9ee4285182cc ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:47:08.0328 2132 EapHost - ok
10:47:08.0359 2132 [ 4fad054cbcaa296be7bd2cb77da9d9b4 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
10:47:08.0359 2132 ehdrv - ok
10:47:08.0390 2132 [ a292d2284353af1350a6a3c20d231098 ] EhttpSrv C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
10:47:08.0390 2132 EhttpSrv - ok
10:47:08.0453 2132 [ 8791f03854611deac8d2967c1c958a7e ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
10:47:08.0468 2132 ekrn - ok
10:47:08.0484 2132 [ d2a915b725845c3eda5a68ed2da74700 ] epfwtdir C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
10:47:08.0484 2132 epfwtdir - ok
10:47:08.0515 2132 [ bc93b4a066477954555966d77fec9ecb ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:47:08.0515 2132 ERSvc - ok
10:47:08.0546 2132 [ 65df52f5b8b6e9bbd183505225c37315 ] Eventlog C:\WINDOWS\system32\services.exe
10:47:08.0546 2132 Eventlog - ok
10:47:08.0609 2132 [ d4991d98f2db73c60d042f1aef79efae ] EventSystem C:\WINDOWS\system32\es.dll
10:47:08.0609 2132 EventSystem - ok
10:47:08.0640 2132 [ 38d332a6d56af32635675f132548343e ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:47:08.0640 2132 Fastfat - ok
10:47:08.0687 2132 [ 99bc0b50f511924348be19c7c7313bbf ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:47:08.0703 2132 FastUserSwitchingCompatibility - ok
10:47:08.0765 2132 [ e97d6a8684466df94ff3bc24fb787a07 ] Fax C:\WINDOWS\system32\fxssvc.exe
10:47:08.0765 2132 Fax - ok
10:47:08.0765 2132 fbyntuep - ok
10:47:08.0781 2132 [ 92cdd60b6730b9f50f6a1a0c1f8cdc81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
10:47:08.0781 2132 Fdc - ok
10:47:08.0828 2132 [ d45926117eb9fa946a6af572fbe1caa3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:47:08.0843 2132 Fips - ok
10:47:08.0921 2132 [ 227846995afeefa70d328bf5334a86a5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:47:08.0937 2132 FLEXnet Licensing Service - ok
10:47:08.0953 2132 [ 9d27e7b80bfcdf1cdd9b555862d5e7f0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:47:08.0953 2132 Flpydisk - ok
10:47:09.0000 2132 [ b2cf4b0786f8212cb92ed2b50c6db6b0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:47:09.0015 2132 FltMgr - ok
10:47:09.0015 2132 [ 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:47:09.0015 2132 Fs_Rec - ok
10:47:09.0046 2132 [ 6ac26732762483366c3969c9e4d2259d ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:47:09.0046 2132 Ftdisk - ok
10:47:09.0187 2132 [ 9f5f2f0fb0a7f5aa9f16b9a7b6dad89f ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:47:09.0187 2132 GoogleDesktopManager-051210-111108 - ok
10:47:09.0203 2132 [ 0a02c63c8b144bd8c86b103dee7c86a2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:47:09.0203 2132 Gpc - ok
10:47:09.0218 2132 gupdate1ca00077466cf0a - ok
10:47:09.0234 2132 gupdatem - ok
10:47:09.0281 2132 [ 408ddd80eede47175f6844817b90213e ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:47:09.0281 2132 gusvc - ok
10:47:09.0296 2132 [ 573c7d0a32852b48f3058cfd8026f511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:47:09.0312 2132 HDAudBus - ok
10:47:09.0406 2132 [ 4fcca060dfe0c51a09dd5c3843888bcd ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:47:09.0406 2132 helpsvc - ok
10:47:09.0421 2132 [ deb04da35cc871b6d309b77e1443c796 ] HidServ C:\WINDOWS\System32\hidserv.dll
10:47:09.0421 2132 HidServ - ok
10:47:09.0437 2132 [ ccf82c5ec8a7326c3066de870c06daf1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:47:09.0437 2132 HidUsb - ok
10:47:09.0484 2132 [ 8878bd685e490239777bfe51320b88e9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:47:09.0484 2132 hkmsvc - ok
10:47:09.0656 2132 hpdj - ok
10:47:09.0687 2132 [ b028377dea0546a5fcfba928a8aefae0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
10:47:09.0687 2132 hpn - ok
10:47:09.0734 2132 [ f80a415ef82cd06ffaf0d971528ead38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:47:09.0734 2132 HTTP - ok
10:47:09.0765 2132 [ 6100a808600f44d999cebdef8841c7a3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:47:09.0765 2132 HTTPFilter - ok
10:47:09.0781 2132 [ 9368670bd426ebea5e8b18a62416ec28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
10:47:09.0781 2132 i2omgmt - ok
10:47:09.0781 2132 [ f10863bf1ccc290babd1a09188ae49e0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
10:47:09.0781 2132 i2omp - ok
10:47:09.0812 2132 [ 4a0b06aa8943c1e332520f7440c0aa30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:47:09.0812 2132 i8042prt - ok
10:47:09.0875 2132 [ 083a052659f5310dd8b6a6cb05edcf8e ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:47:09.0875 2132 Imapi - ok
10:47:09.0984 2132 [ 30deaf54a9755bb8546168cfe8a6b5e1 ] ImapiService C:\WINDOWS\system32\imapi.exe
10:47:10.0031 2132 ImapiService - ok
10:47:10.0062 2132 [ 4a40e045faee58631fd8d91afc620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
10:47:10.0062 2132 ini910u - ok
10:47:10.0140 2132 [ b5466a9250342a7aa0cd1fba13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
10:47:10.0187 2132 IntelIde - ok
10:47:10.0203 2132 [ 8c953733d8f36eb2133f5bb58808b66b ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:47:10.0203 2132 intelppm - ok
10:47:10.0203 2132 [ 3bb22519a194418d5fec05d800a19ad0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
10:47:10.0203 2132 Ip6Fw - ok
10:47:10.0250 2132 [ 731f22ba402ee4b62748adaf6363c182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:47:10.0250 2132 IpFilterDriver - ok
10:47:10.0250 2132 [ b87ab476dcf76e72010632b5550955f5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:47:10.0265 2132 IpInIp - ok
10:47:10.0296 2132 [ cc748ea12c6effde940ee98098bf96bb ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:47:10.0296 2132 IpNat - ok
10:47:10.0312 2132 [ 23c74d75e36e7158768dd63d92789a91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:47:10.0312 2132 IPSec - ok
10:47:10.0343 2132 [ c93c9ff7b04d772627a3646d89f7bf89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:47:10.0343 2132 IRENUM - ok
10:47:10.0375 2132 [ 05a299ec56e52649b1cf2fc52d20f2d7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:47:10.0375 2132 isapnp - ok
10:47:10.0375 2132 jcowysay - ok
10:47:10.0390 2132 [ 463c1ec80cd17420a542b7f36a36f128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:47:10.0390 2132 Kbdclass - ok
10:47:10.0406 2132 [ 9ef487a186dea361aa06913a75b3fa99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:47:10.0406 2132 kbdhid - ok
10:47:10.0421 2132 [ 692bcf44383d056aed41b045a323d378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:47:10.0421 2132 kmixer - ok
10:47:10.0453 2132 [ b467646c54cc746128904e1654c750c1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:47:10.0468 2132 KSecDD - ok
10:47:10.0500 2132 [ 3a7c3cbe5d96b8ae96ce81f0b22fb527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
10:47:10.0500 2132 lanmanserver - ok
10:47:10.0562 2132 [ a8888a5327621856c0cec4e385f69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:47:10.0562 2132 lanmanworkstation - ok
10:47:10.0578 2132 lbrtfdc - ok
10:47:10.0609 2132 [ a7db739ae99a796d91580147e919cc59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:47:10.0609 2132 LmHosts - ok
10:47:10.0656 2132 [ 7ffd29fafcde7aaf89b689b6e156d5b0 ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
10:47:10.0656 2132 mbamchameleon - ok
10:47:10.0781 2132 [ 7cf1b716372b89568ae4c0fe769f5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
10:47:10.0781 2132 MDM - ok
10:47:10.0812 2132 [ 986b1ff5814366d71e0ac5755c88f2d3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:47:10.0812 2132 Messenger - ok
10:47:10.0859 2132 [ 4ae068242760a1fb6e1a44bf4e16afa6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:47:10.0859 2132 mnmdd - ok
10:47:10.0906 2132 [ d18f1f0c101d06a1c1adf26eed16fcdd ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:47:10.0921 2132 mnmsrvc - ok
10:47:10.0953 2132 [ dfcbad3cec1c5f964962ae10e0bcc8e1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:47:10.0953 2132 Modem - ok
10:47:10.0968 2132 [ 35c9e97194c8cfb8430125f8dbc34d04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:47:10.0968 2132 Mouclass - ok
10:47:11.0015 2132 [ b1c303e17fb9d46e87a98e4ba6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:47:11.0015 2132 mouhid - ok
10:47:11.0015 2132 [ a80b9a0bad1b73637dbcbba7df72d3fd ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:47:11.0031 2132 MountMgr - ok
10:47:11.0078 2132 [ fee0baded54222e9f1dae9541212aab1 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
10:47:11.0078 2132 MpFilter - ok
10:47:11.0187 2132 [ a69630d039c38018689190234f866d77 ] MpKsl07dfab5c c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{94A44C48-5BAC-4C49-819D-1A33EF407D12}\MpKsl07dfab5c.sys
10:47:11.0187 2132 MpKsl07dfab5c - ok
10:47:11.0218 2132 [ a69630d039c38018689190234f866d77 ] MpKslf2981527 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{94A44C48-5BAC-4C49-819D-1A33EF407D12}\MpKslf2981527.sys
10:47:11.0218 2132 MpKslf2981527 - ok
10:47:11.0250 2132 [ 3f4bb95e5a44f3be34824e8e7caf0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
10:47:11.0250 2132 mraid35x - ok
10:47:11.0250 2132 [ 11d42bb6206f33fbb3ba0288d3ef81bd ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:47:11.0265 2132 MRxDAV - ok
10:47:11.0281 2132 [ a137f1470499a205abbb9aafb3b6f2b1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:47:11.0281 2132 MSDTC - ok
10:47:11.0312 2132 [ c941ea2454ba8350021d774daf0f1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:47:11.0312 2132 Msfs - ok
10:47:11.0312 2132 MSIServer - ok
10:47:11.0343 2132 [ d1575e71568f4d9e14ca56b7b0453bf1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:47:11.0343 2132 MSKSSRV - ok
10:47:11.0421 2132 [ cfce43b70ca0cc4dcc8adb62b792b173 ] MsMpSvc c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
10:47:11.0421 2132 MsMpSvc - ok
10:47:11.0453 2132 [ 325bb26842fc7ccc1fcce2c457317f3e ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:47:11.0453 2132 MSPCLOCK - ok
10:47:11.0468 2132 [ bad59648ba099da4a17680b39730cb3d ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:47:11.0468 2132 MSPQM - ok
10:47:11.0468 2132 [ af5f4f3f14a8ea2c26de30f7a1e17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:47:11.0484 2132 mssmbios - ok
10:47:11.0484 2132 [ de6a75f5c270e756c5508d94b6cf68f5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:47:11.0500 2132 Mup - ok
10:47:11.0531 2132 [ 0102140028fad045756796e1c685d695 ] napagent C:\WINDOWS\System32\qagentrt.dll
10:47:11.0546 2132 napagent - ok
10:47:11.0546 2132 [ 1df7f42665c94b825322fae71721130d ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:47:11.0562 2132 NDIS - ok
10:47:11.0593 2132 [ 0109c4f3850dfbab279542515386ae22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:47:11.0593 2132 NdisTapi - ok
10:47:11.0609 2132 [ f927a4434c5028758a842943ef1a3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:47:11.0625 2132 Ndisuio - ok
10:47:11.0640 2132 [ edc1531a49c80614b2cfda43ca8659ab ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:47:11.0640 2132 NdisWan - ok
10:47:11.0671 2132 [ 9282bd12dfb069d3889eb3fcc1000a9b ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:47:11.0671 2132 NDProxy - ok
10:47:11.0671 2132 NecUsb - ok
10:47:11.0718 2132 [ 51c6d8bfbd4ea5b62a1ba7f4469250d3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
10:47:11.0718 2132 Net Driver HPZ12 - ok
10:47:11.0718 2132 [ 5d81cf9a2f1a3a756b66cf684911cdf0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:47:11.0718 2132 NetBIOS - ok
10:47:11.0750 2132 [ b857ba82860d7ff85ae29b095645563b ] NetDDE C:\WINDOWS\system32\netdde.exe
10:47:11.0750 2132 NetDDE - ok
10:47:11.0765 2132 [ b857ba82860d7ff85ae29b095645563b ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:47:11.0765 2132 NetDDEdsdm - ok
10:47:11.0796 2132 [ bf2466b3e18e970d8a976fb95fc1ca85 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:47:11.0796 2132 Netlogon - ok
10:47:11.0828 2132 [ 13e67b55b3abd7bf3fe7aae5a0f9a9de ] Netman C:\WINDOWS\System32\netman.dll
10:47:11.0828 2132 Netman - ok
10:47:11.0843 2132 [ 943337d786a56729263071623bbb9de5 ] Nla C:\WINDOWS\System32\mswsock.dll
10:47:11.0859 2132 Nla - ok
10:47:11.0859 2132 [ 3182d64ae053d6fb034f44b6def8034a ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:47:11.0859 2132 Npfs - ok
10:47:11.0906 2132 [ 78a08dd6a8d65e697c18e1db01c5cdca ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:47:11.0921 2132 Ntfs - ok
10:47:11.0921 2132 [ bf2466b3e18e970d8a976fb95fc1ca85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:47:11.0937 2132 NtLmSsp - ok
10:47:11.0953 2132 [ 156f64a3345bd23c600655fb4d10bc08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:47:11.0968 2132 NtmsSvc - ok
10:47:12.0000 2132 [ 73c1e1f395918bc2c6dd67af7591a3ad ] Null C:\WINDOWS\system32\drivers\Null.sys
10:47:12.0000 2132 Null - ok
10:47:12.0062 2132 [ 2b298519edbfcf451d43e0f1e8f1006d ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:47:12.0093 2132 nv - ok
10:47:12.0125 2132 [ b305f3fad35083837ef46a0bbce2fc57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:47:12.0125 2132 NwlnkFlt - ok
10:47:12.0140 2132 [ c99b3415198d1aab7227f2c88fd664b9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:47:12.0140 2132 NwlnkFwd - ok
10:47:12.0203 2132 [ 1f0e05dff4f5a833168e49be1256f002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:47:12.0218 2132 odserv - ok
10:47:12.0234 2132 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:47:12.0234 2132 ose - ok
10:47:12.0281 2132 [ 5575faf8f97ce5e713d108c2a58d7c7c ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
10:47:12.0281 2132 Parport - ok
10:47:12.0296 2132 [ beb3ba25197665d82ec7065b724171c6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:47:12.0296 2132 PartMgr - ok
10:47:12.0328 2132 [ 70e98b3fd8e963a6a46a2e6247e0bea1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:47:12.0328 2132 ParVdm - ok
10:47:12.0343 2132 [ a219903ccf74233761d92bef471a07b1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:47:12.0343 2132 PCI - ok
10:47:12.0343 2132 PCIDump - ok
10:47:12.0359 2132 [ ccf5f451bb1a5a2a522a76e670000ff0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:47:12.0375 2132 PCIIde - ok
10:47:12.0390 2132 [ 9e89ef60e9ee05e3f2eef2da7397f1c1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
10:47:12.0390 2132 Pcmcia - ok
10:47:12.0390 2132 PDCOMP - ok
10:47:12.0406 2132 PDFRAME - ok
10:47:12.0421 2132 PDRELI - ok
10:47:12.0421 2132 PDRFRAME - ok
10:47:12.0437 2132 [ 6c14b9c19ba84f73d3a86dba11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
10:47:12.0437 2132 perc2 - ok
10:47:12.0453 2132 [ f50f7c27f131afe7beba13e14a3b9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
10:47:12.0453 2132 perc2hib - ok
10:47:12.0500 2132 [ 65df52f5b8b6e9bbd183505225c37315 ] PlugPlay C:\WINDOWS\system32\services.exe
10:47:12.0500 2132 PlugPlay - ok
10:47:12.0515 2132 [ 79834aa2fbf9fe81eebb229024f6f7fc ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
10:47:12.0515 2132 Pml Driver HPZ12 - ok
10:47:12.0546 2132 [ bf2466b3e18e970d8a976fb95fc1ca85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:47:12.0546 2132 PolicyAgent - ok
10:47:12.0562 2132 [ efeec01b1d3cf84f16ddd24d9d9d8f99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:47:12.0562 2132 PptpMiniport - ok
10:47:12.0562 2132 [ bf2466b3e18e970d8a976fb95fc1ca85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:47:12.0562 2132 ProtectedStorage - ok
10:47:12.0578 2132 [ 09298ec810b07e5d582cb3a3f9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:47:12.0578 2132 PSched - ok
10:47:12.0593 2132 [ 80d317bd1c3dbc5d4fe7b1678c60cadd ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:47:12.0593 2132 Ptilink - ok
10:47:12.0609 2132 [ 0a63fb54039eb5662433caba3b26dba7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
10:47:12.0609 2132 ql1080 - ok
10:47:12.0609 2132 [ 6503449e1d43a0ff0201ad5cb1b8c706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
10:47:12.0625 2132 Ql10wnt - ok
10:47:12.0640 2132 [ 156ed0ef20c15114ca097a34a30d8a01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
10:47:12.0640 2132 ql12160 - ok
10:47:12.0656 2132 [ 70f016bebde6d29e864c1230a07cc5e6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
10:47:12.0656 2132 ql1240 - ok
10:47:12.0656 2132 [ 907f0aeea6bc451011611e732bd31fcf ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
10:47:12.0671 2132 ql1280 - ok
10:47:12.0671 2132 [ fe0d99d6f31e4fad8159f690d68ded9c ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:47:12.0671 2132 RasAcd - ok
10:47:12.0718 2132 [ ad188be7bdf94e8df4ca0a55c00a5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:47:12.0734 2132 RasAuto - ok
10:47:12.0750 2132 [ 11b4a627bc9614b885c4969bfa5ff8a6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:47:12.0750 2132 Rasl2tp - ok
10:47:12.0812 2132 [ 76a9a3cbeadd68cc57cda5e1d7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:47:12.0812 2132 RasMan - ok
10:47:12.0828 2132 [ 5bc962f2654137c9909c3d4603587dee ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:47:12.0828 2132 RasPppoe - ok
10:47:12.0828 2132 [ fdbb1d60066fcfbb7452fd8f9829b242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:47:12.0843 2132 Raspti - ok
10:47:12.0859 2132 [ 7ad224ad1a1437fe28d89cf22b17780a ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:47:12.0859 2132 Rdbss - ok
10:47:12.0875 2132 [ 4912d5b403614ce99c28420f75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:47:12.0875 2132 RDPCDD - ok
10:47:12.0890 2132 [ 15cabd0f7c00c47c70124907916af3f1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:47:12.0890 2132 rdpdr - ok
10:47:12.0937 2132 [ fc105dd312ed64eb66bff111e8ec6eac ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:47:12.0953 2132 RDPWD - ok
10:47:12.0968 2132 [ 3c37bf86641bda977c3bf8a840f3b7fa ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:47:12.0984 2132 RDSessMgr - ok
10:47:12.0984 2132 [ f828dd7e1419b6653894a8f97a0094c5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:47:12.0984 2132 redbook - ok
10:47:13.0015 2132 [ 7e699ff5f59b5d9de5390e3c34c67cf5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:47:13.0031 2132 RemoteAccess - ok
10:47:13.0031 2132 [ 5b19b557b0c188210a56a6b699d90b8f ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
10:47:13.0046 2132 RemoteRegistry - ok
10:47:13.0062 2132 [ aaed593f84afa419bbae8572af87cf6a ] RpcLocator C:\WINDOWS\system32\locator.exe
10:47:13.0093 2132 RpcLocator - ok
10:47:13.0125 2132 [ 6b27a5c03dfb94b4245739065431322c ] RpcSs C:\WINDOWS\System32\rpcss.dll
10:47:13.0140 2132 RpcSs - ok
10:47:13.0187 2132 [ 471b3f9741d762abe75e9deea4787e47 ] RSVP C:\WINDOWS\system32\rsvp.exe
10:47:13.0203 2132 RSVP - ok
10:47:13.0218 2132 [ bf2466b3e18e970d8a976fb95fc1ca85 ] SamSs C:\WINDOWS\system32\lsass.exe
10:47:13.0218 2132 SamSs - ok
10:47:13.0234 2132 [ 86d007e7a654b9a71d1d7d856b104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:47:13.0250 2132 SCardSvr - ok
10:47:13.0296 2132 [ 0a9a7365a1ca4319aa7c1d6cd8e4eafa ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:47:13.0312 2132 Schedule - ok
10:47:13.0359 2132 [ 90a3935d05b494a5a39d37e71f09a677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:47:13.0359 2132 Secdrv - ok
10:47:13.0390 2132 [ cbe612e2bb6a10e3563336191eda1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
10:47:13.0390 2132 seclogon - ok
10:47:13.0453 2132 [ b6a6b409fda9d9ebd3aadb838d3d7173 ] SenFiltService C:\WINDOWS\system32\drivers\Senfilt.sys
10:47:13.0453 2132 SenFiltService - ok
10:47:13.0468 2132 [ 7fdd5d0684eca8c1f68b4d99d124dcd0 ] SENS C:\WINDOWS\system32\sens.dll
10:47:13.0468 2132 SENS - ok
10:47:13.0531 2132 [ 0f29512ccd6bead730039fb4bd2c85ce ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
10:47:13.0531 2132 serenum - ok
10:47:13.0546 2132 [ cca207a8896d4c6a0c9ce29a4ae411a7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
10:47:13.0546 2132 Serial - ok
10:47:13.0562 2132 [ 8e6b8c671615d126fdc553d1e2de5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
10:47:13.0562 2132 Sfloppy - ok
10:47:13.0625 2132 [ 83f41d0d89645d7235c051ab1d9523ac ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:47:13.0625 2132 SharedAccess - ok
10:47:13.0640 2132 [ 99bc0b50f511924348be19c7c7313bbf ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:47:13.0656 2132 ShellHWDetection - ok
10:47:13.0656 2132 Simbad - ok
10:47:13.0687 2132 [ 6b33d0ebd30db32e27d1d78fe946a754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
10:47:13.0687 2132 sisagp - ok
10:47:13.0703 2132 [ 83c0f71f86d3bdaf915685f3d568b20e ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
10:47:13.0703 2132 Sparrow - ok
10:47:13.0718 2132 [ ab8b92451ecb048a4d1de7c3ffcb4a9f ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:47:13.0718 2132 splitter - ok
10:47:13.0765 2132 [ 60784f891563fb1b767f70117fc2428f ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:47:13.0765 2132 Spooler - ok
10:47:13.0812 2132 [ 76bb022c2fb6902fd5bdd4f78fc13a5d ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:47:13.0828 2132 sr - ok
10:47:13.0875 2132 [ 3805df0ac4296a34ba4bf93b346cc378 ] srservice C:\WINDOWS\system32\srsvc.dll
10:47:13.0875 2132 srservice - ok
10:47:13.0937 2132 [ 47ddfc2f003f7f9f0592c6874962a2e7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:47:13.0937 2132 Srv - ok
10:47:13.0968 2132 [ 0a5679b3714edab99e357057ee88fca6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:47:13.0968 2132 SSDPSRV - ok
10:47:13.0984 2132 [ 8bad69cbac032d4bbacfce0306174c30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:47:14.0000 2132 stisvc - ok
10:47:14.0046 2132 [ 3941d127aef12e93addf6fe6ee027e0f ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:47:14.0046 2132 swenum - ok
10:47:14.0062 2132 [ 8ce882bcc6cf8a62f2b2323d95cb3d01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:47:14.0062 2132 swmidi - ok
10:47:14.0078 2132 SwPrv - ok
10:47:14.0093 2132 [ 1ff3217614018630d0a6758630fc698c ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
10:47:14.0093 2132 symc810 - ok
10:47:14.0093 2132 [ 070e001d95cf725186ef8b20335f933c ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
10:47:14.0109 2132 symc8xx - ok
10:47:14.0109 2132 [ 80ac1c4abbe2df3b738bf15517a51f2c ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
10:47:14.0109 2132 sym_hi - ok
10:47:14.0125 2132 [ bf4fab949a382a8e105f46ebb4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
10:47:14.0125 2132 sym_u3 - ok
10:47:14.0140 2132 [ 8b83f3ed0f1688b4958f77cd6d2bf290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:47:14.0140 2132 sysaudio - ok
10:47:14.0156 2132 [ c7abbc59b43274b1109df6b24d617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:47:14.0156 2132 SysmonLog - ok
10:47:14.0187 2132 [ 3cb78c17bb664637787c9a1c98f79c38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:47:14.0187 2132 TapiSrv - ok
10:47:14.0250 2132 [ 9aefa14bd6b182d61e3119fa5f436d3d ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:47:14.0250 2132 Tcpip - ok
10:47:14.0281 2132 [ 6471a66807f5e104e4885f5b67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:47:14.0281 2132 TDPIPE - ok
10:47:14.0296 2132 [ c56b6d0402371cf3700eb322ef3aaf61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:47:14.0296 2132 TDTCP - ok
10:47:14.0328 2132 [ 88155247177638048422893737429d9e ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:47:14.0328 2132 TermDD - ok
10:47:14.0343 2132 [ ff3477c03be7201c294c35f684b3479f ] TermService C:\WINDOWS\System32\termsrv.dll
10:47:14.0359 2132 TermService - ok
10:47:14.0375 2132 [ 99bc0b50f511924348be19c7c7313bbf ] Themes C:\WINDOWS\System32\shsvcs.dll
10:47:14.0375 2132 Themes - ok
10:47:14.0421 2132 [ db7205804759ff62c34e3efd8a4cc76a ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
10:47:14.0421 2132 TlntSvr - ok
10:47:14.0453 2132 [ f2790f6af01321b172aa62f8e1e187d9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
10:47:14.0453 2132 TosIde - ok
10:47:14.0484 2132 [ 55bca12f7f523d35ca3cb833c725f54e ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:47:14.0484 2132 TrkWks - ok
10:47:14.0515 2132 [ 5787b80c2e3c5e2f56c2a233d91fa2c9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:47:14.0515 2132 Udfs - ok
10:47:14.0531 2132 [ 1b698a51cd528d8da4ffaed66dfc51b9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
10:47:14.0531 2132 ultra - ok
10:47:14.0578 2132 [ 402ddc88356b1bac0ee3dd1580c76a31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:47:14.0593 2132 Update - ok
10:47:14.0609 2132 [ 1ebafeb9a3fbdc41b8d9c7f0f687ad91 ] upnphost C:\WINDOWS\System32\upnphost.dll
10:47:14.0625 2132 upnphost - ok
10:47:14.0656 2132 [ 05365fb38fca1e98f7a566aaaf5d1815 ] UPS C:\WINDOWS\System32\ups.exe
10:47:14.0656 2132 UPS - ok
10:47:14.0671 2132 [ 173f317ce0db8e21322e71b7e60a27e8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:47:14.0671 2132 usbccgp - ok
10:47:14.0687 2132 [ 65dcf09d0e37d4c6b11b5b0b76d470a7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:47:14.0687 2132 usbehci - ok
10:47:14.0687 2132 [ 1ab3cdde553b6e064d2e754efe20285c ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:47:14.0703 2132 usbhub - ok
10:47:14.0703 2132 [ 0daecce65366ea32b162f85f07c6753b ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
10:47:14.0703 2132 usbohci - ok
10:47:14.0718 2132 [ a717c8721046828520c9edf31288fc00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:47:14.0734 2132 usbprint - ok
10:47:14.0734 2132 [ a0b8cf9deb1184fbdd20784a58fa75d4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:47:14.0734 2132 usbscan - ok
10:47:14.0750 2132 [ a32426d9b14a089eaa1d922e0c5801a9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:47:14.0750 2132 USBSTOR - ok
10:47:14.0781 2132 [ 26496f9dee2d787fc3e61ad54821ffe6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:47:14.0781 2132 usbuhci - ok
10:47:14.0812 2132 [ 0d3a8fafceacd8b7625cd549757a7df1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:47:14.0812 2132 VgaSave - ok
10:47:14.0843 2132 [ 754292ce5848b3738281b4f3607eaef4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
10:47:14.0843 2132 viaagp - ok
10:47:14.0859 2132 [ 3b3efcda263b8ac14fdf9cbdd0791b2e ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
10:47:14.0859 2132 ViaIde - ok
10:47:14.0890 2132 [ 4c8fcb5cc53aab716d810740fe59d025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:47:14.0906 2132 VolSnap - ok
10:47:14.0953 2132 [ 7a9db3a67c333bf0bd42e42b8596854b ] VSS C:\WINDOWS\System32\vssvc.exe
10:47:14.0953 2132 VSS - ok
10:47:14.0984 2132 [ 54af4b1d5459500ef0937f6d33b1914f ] w32time C:\WINDOWS\system32\w32time.dll
10:47:14.0984 2132 w32time - ok
10:47:15.0000 2132 [ e20b95baedb550f32dd489265c1da1f6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:47:15.0000 2132 Wanarp - ok
10:47:15.0015 2132 WDICA - ok
10:47:15.0031 2132 [ 6768acf64b18196494413695f0c3a00f ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:47:15.0031 2132 wdmaud - ok
10:47:15.0046 2132 [ 77a354e28153ad2d5e120a5a8687bc06 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:47:15.0046 2132 WebClient - ok
10:47:15.0156 2132 [ 2d0e4ed081963804ccc196a0929275b5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:47:15.0156 2132 winmgmt - ok
10:47:15.0203 2132 [ c51b4a5c05a5475708e3c81c7765b71d ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
10:47:15.0203 2132 WmdmPmSN - ok
10:47:15.0250 2132 [ e76f8807070ed04e7408a86d6d3a6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
10:47:15.0265 2132 Wmi - ok
10:47:15.0296 2132 [ e0673f1106e62a68d2257e376079f821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:47:15.0296 2132 WmiApSrv - ok
10:47:15.0406 2132 [ f74e3d9a7fa9556c3bbb14d4e5e63d3b ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
10:47:15.0421 2132 WMPNetworkSvc - ok
10:47:15.0453 2132 [ 6abe6e225adb5a751622a9cc3bc19ce8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
10:47:15.0453 2132 WS2IFSL - ok
10:47:15.0468 2132 [ f15feafffbb3644ccc80c5da584e6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:47:15.0468 2132 WudfPf - ok
10:47:15.0484 2132 [ 28b524262bce6de1f7ef9f510ba3985b ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:47:15.0484 2132 WudfRd - ok
10:47:15.0500 2132 [ 05231c04253c5bc30b26cbaae680ed89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
10:47:15.0500 2132 WudfSvc - ok
10:47:15.0546 2132 [ 81dc3f549f44b1c1fff022dec9ecf30b ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:47:15.0562 2132 WZCSVC - ok
10:47:15.0593 2132 [ 295d21f14c335b53cb8154e5b1f892b9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:47:15.0609 2132 xmlprov - ok
10:47:15.0609 2132 ================ Scan global ===============================
10:47:15.0640 2132 (42f1f4c0afb08410e5f02d4b13ebb623) C:\WINDOWS\system32\basesrv.dll
10:47:15.0703 2132 (95cf3446911a6e25ee4086df8a45b2aa) C:\WINDOWS\system32\winsrv.dll
10:47:15.0718 2132 (95cf3446911a6e25ee4086df8a45b2aa) C:\WINDOWS\system32\winsrv.dll
10:47:15.0734 2132 (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
10:47:15.0750 2132 [Global] - ok
10:47:15.0750 2132 ================ Scan MBR ==================================
10:47:15.0765 2132 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
10:47:15.0968 2132 \Device\Harddisk0\DR0 - ok
10:47:15.0984 2132 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR7
10:47:19.0078 2132 \Device\Harddisk1\DR7 - ok
10:47:19.0078 2132 ================ Scan VBR ==================================
10:47:19.0078 2132 Boot (0x1200) (acc0bec2dcb7e35b47e1e28ccc1684a2) \Device\Harddisk0\DR0\Partition1
10:47:19.0078 2132 \Device\Harddisk0\DR0\Partition1 - ok
10:47:19.0093 2132 Boot (0x1200) (3f63953f6ba837b246e13facccbbb989) \Device\Harddisk1\DR7\Partition1
10:47:19.0093 2132 \Device\Harddisk1\DR7\Partition1 - ok
10:47:19.0093 2132 ============================================================
10:47:19.0093 2132 Scan finished
10:47:19.0093 2132 ============================================================
10:47:19.0109 3616 Detected object count: 0
10:47:19.0109 3616 Actual detected object count: 0
10:48:24.0140 3008 ============================================================
10:48:24.0140 3008 Scan started
10:48:24.0140 3008 Mode: Manual; TDLFS;
10:48:24.0140 3008 ============================================================
10:48:24.0359 3008 ================ Scan services =============================
10:48:24.0359 3008 .mrxsmb - ok
10:48:24.0484 3008 Abiosdsk - ok
10:48:24.0500 3008 [ 6abb91494fe6c59089b9336452ab2ea3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
10:48:24.0500 3008 abp480n5 - ok
10:48:24.0531 3008 [ 8fd99680a539792a30e97944fdaecf17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:48:24.0531 3008 ACPI - ok
10:48:24.0562 3008 [ 9859c0f6936e723e4892d7141b1327d5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
10:48:24.0562 3008 ACPIEC - ok
10:48:24.0593 3008 [ f959f333a01f5c109e9d644c3bd8301c ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
10:48:24.0609 3008 ADIHdAudAddService - ok
10:48:24.0640 3008 [ 9a11864873da202c996558b2106b0bbc ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
10:48:24.0640 3008 adpu160m - ok
10:48:24.0671 3008 [ 8bed39e3c35d6a489438b8141717a557 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:48:24.0671 3008 aec - ok
10:48:24.0718 3008 [ 1e44bc1e83d8fd2305f8d452db109cf9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:48:24.0734 3008 AFD - ok
10:48:24.0765 3008 [ 08fd04aa961bdc77fb983f328334e3d7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
10:48:24.0765 3008 agp440 - ok
10:48:24.0781 3008 [ 03a7e0922acfe1b07d5db2eeb0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
10:48:24.0796 3008 agpCPQ - ok
10:48:24.0796 3008 [ c23ea9b5f46c7f7910db3eab648ff013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
10:48:24.0812 3008 Aha154x - ok
10:48:24.0812 3008 [ 19dd0fb48b0c18892f70e2e7d61a1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
10:48:24.0828 3008 aic78u2 - ok
10:48:24.0843 3008 [ b7fe594a7468aa0132deb03fb8e34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
10:48:24.0843 3008 aic78xx - ok
10:48:24.0875 3008 [ a9a3daa780ca6c9671a19d52456705b4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:48:24.0875 3008 Alerter - ok
10:48:24.0906 3008 [ 8c515081584a38aa007909cd02020b3d ] ALG C:\WINDOWS\System32\alg.exe
10:48:24.0906 3008 ALG - ok
10:48:24.0937 3008 [ 1140ab9938809700b46bb88e46d72a96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
10:48:24.0937 3008 AliIde - ok
10:48:24.0968 3008 [ cb08aed0de2dd889a8a820cd8082d83c ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
10:48:24.0968 3008 alim1541 - ok
10:48:24.0968 3008 [ 95b4fb835e28aa1336ceeb07fd5b9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
10:48:24.0968 3008 amdagp - ok
10:48:25.0000 3008 [ 79f5add8d24bd6893f2903a3e2f3fad6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
10:48:25.0000 3008 amsint - ok
10:48:25.0046 3008 [ d8849f77c0b66226335a59d26cb4edc6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
10:48:25.0046 3008 AppMgmt - ok
10:48:25.0078 3008 [ 62d318e9a0c8fc9b780008e724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
10:48:25.0078 3008 asc - ok
10:48:25.0078 3008 [ 69eb0cc7714b32896ccbfd5edcbea447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
10:48:25.0078 3008 asc3350p - ok
10:48:25.0093 3008 [ 5d8de112aa0254b907861e9e9c31d597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
10:48:25.0093 3008 asc3550 - ok
10:48:25.0203 3008 [ e1a1206a4fb19b675e947b29ccd25fba ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
10:48:25.0203 3008 aspnet_state - ok
10:48:25.0265 3008 [ b153affac761e7f5fcfa822b9c4e97bc ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:48:25.0265 3008 AsyncMac - ok
10:48:25.0281 3008 [ 9f3a2f5aa6875c72bf062c712cfa2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:48:25.0281 3008 atapi - ok
10:48:25.0296 3008 Atdisk - ok
10:48:25.0359 3008 [ c23082b890f21267037ca6111c385ff3 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
10:48:25.0359 3008 Ati HotKey Poller - ok
10:48:25.0437 3008 [ f5fc6ac1e7bc776871361d463fc86be2 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
10:48:25.0453 3008 ati2mtag - ok
10:48:25.0484 3008 [ 1842b56b3d3f195c36f62708d266b95e ] atiide C:\WINDOWS\system32\DRIVERS\atiide.sys
10:48:25.0484 3008 atiide - ok
10:48:25.0515 3008 [ 9916c1225104ba14794209cfa8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:48:25.0515 3008 Atmarpc - ok
10:48:25.0562 3008 [ def7a7882bec100fe0b2ce2549188f9d ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:48:25.0562 3008 AudioSrv - ok
10:48:25.0578 3008 [ d9f724aa26c010a217c97606b160ed68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:48:25.0593 3008 audstub - ok
10:48:25.0609 3008 [ 78e7b52da292fa90bad2f887bbf22159 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
10:48:25.0609 3008 bcm4sbxp - ok
10:48:25.0625 3008 [ da1f27d85e0d1525f6621372e7b685e9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:48:25.0625 3008 Beep - ok
10:48:25.0687 3008 [ 574738f61fca2935f5265dc4e5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
10:48:25.0687 3008 BITS - ok
10:48:25.0703 3008 [ a06ce3399d16db864f55faeb1f1927a9 ] Browser C:\WINDOWS\System32\browser.dll
10:48:25.0703 3008 Browser - ok
10:48:25.0703 3008 catchme - ok
10:48:25.0718 3008 [ 90a673fc8e12a79afbed2576f6a7aaf9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
10:48:25.0718 3008 cbidf - ok
10:48:25.0734 3008 [ 90a673fc8e12a79afbed2576f6a7aaf9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:48:25.0734 3008 cbidf2k - ok
10:48:25.0765 3008 [ f3ec03299634490e97bbce94cd2954c7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
10:48:25.0765 3008 cd20xrnt - ok
10:48:25.0796 3008 [ c1b486a7658353d33a10cc15211a873b ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:48:25.0796 3008 Cdaudio - ok
10:48:25.0828 3008 [ c885b02847f5d2fd45a24e219ed93b32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:48:25.0828 3008 Cdfs - ok
10:48:25.0828 3008 [ 1f4260cc5b42272d71f79e570a27a4fe ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:48:25.0828 3008 Cdrom - ok
10:48:25.0843 3008 Changer - ok
10:48:25.0875 3008 [ 1cfe720eb8d93a7158a4ebc3ab178bde ] CiSvc C:\WINDOWS\system32\cisvc.exe
10:48:25.0875 3008 CiSvc - ok
10:48:25.0890 3008 [ 34cbe729f38138217f9c80212a2a0c82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:48:25.0890 3008 ClipSrv - ok
10:48:25.0890 3008 [ e5dcb56c533014ecbc556a8357c929d5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
10:48:25.0906 3008 CmdIde - ok
10:48:25.0906 3008 COMSysApp - ok
10:48:25.0921 3008 [ 3ee529119eed34cd212a215e8c40d4b6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
10:48:25.0921 3008 Cpqarray - ok
10:48:25.0968 3008 [ 3d4e199942e29207970e04315d02ad3b ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:48:25.0984 3008 CryptSvc - ok
10:48:25.0984 3008 [ e550e7418984b65a78299d248f0a7f36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
10:48:25.0984 3008 dac2w2k - ok
10:48:26.0000 3008 [ 683789caa3864eb46125ae86ff677d34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
10:48:26.0000 3008 dac960nt - ok
10:48:26.0062 3008 [ 6b27a5c03dfb94b4245739065431322c ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:48:26.0062 3008 DcomLaunch - ok
10:48:26.0156 3008 [ 5e38d7684a49cacfb752b046357e0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:48:26.0156 3008 Dhcp - ok
10:48:26.0218 3008 [ 044452051f3e02e7963599fc8f4f3e25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:48:26.0218 3008 Disk - ok
10:48:26.0218 3008 dmadmin - ok
10:48:26.0296 3008 [ d992fe1274bde0f84ad826acae022a41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:48:26.0312 3008 dmboot - ok
10:48:26.0375 3008 [ 7c824cf7bbde77d95c08005717a95f6f ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:48:26.0375 3008 dmio - ok
10:48:26.0437 3008 [ e9317282a63ca4d188c0df5e09c6ac5f ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:48:26.0437 3008 dmload - ok
10:48:26.0468 3008 [ 57edec2e5f59f0335e92f35184bc8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
10:48:26.0468 3008 dmserver - ok
10:48:26.0484 3008 [ 8a208dfcf89792a484e76c40e5f50b45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:48:26.0484 3008 DMusic - ok
10:48:26.0531 3008 [ 5f7e24fa9eab896051ffb87f840730d2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:48:26.0531 3008 Dnscache - ok
10:48:26.0578 3008 [ 0f0f6e687e5e15579ef4da8dd6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:48:26.0593 3008 Dot3svc - ok
10:48:26.0593 3008 [ 40f3b93b4e5b0126f2f5c0a7a5e22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
10:48:26.0593 3008 dpti2o - ok
10:48:26.0625 3008 [ 8f5fcff8e8848afac920905fbd9d33c8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:48:26.0625 3008 drmkaud - ok
10:48:26.0671 3008 DSproct - ok
10:48:26.0687 3008 [ 3fca03cbca11269f973b70fa483c88ef ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
10:48:26.0687 3008 E100B - ok
10:48:26.0718 3008 [ 3b2e8f97b6869c29da023ee75bf585d5 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
10:48:26.0718 3008 eamon - ok
10:48:26.0734 3008 [ 2187855a7703adef0cef9ee4285182cc ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:48:26.0734 3008 EapHost - ok
10:48:26.0765 3008 [ 4fad054cbcaa296be7bd2cb77da9d9b4 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
10:48:26.0765 3008 ehdrv - ok
10:48:26.0812 3008 [ a292d2284353af1350a6a3c20d231098 ] EhttpSrv C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
10:48:26.0812 3008 EhttpSrv - ok
10:48:26.0859 3008 [ 8791f03854611deac8d2967c1c958a7e ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
10:48:26.0859 3008 ekrn - ok
10:48:26.0875 3008 [ d2a915b725845c3eda5a68ed2da74700 ] epfwtdir C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
10:48:26.0875 3008 epfwtdir - ok
10:48:26.0906 3008 [ bc93b4a066477954555966d77fec9ecb ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:48:26.0906 3008 ERSvc - ok
10:48:26.0953 3008 [ 65df52f5b8b6e9bbd183505225c37315 ] Eventlog C:\WINDOWS\system32\services.exe
10:48:26.0953 3008 Eventlog - ok
10:48:27.0015 3008 [ d4991d98f2db73c60d042f1aef79efae ] EventSystem C:\WINDOWS\system32\es.dll
10:48:27.0015 3008 EventSystem - ok
10:48:27.0046 3008 [ 38d332a6d56af32635675f132548343e ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:48:27.0046 3008 Fastfat - ok
10:48:27.0093 3008 [ 99bc0b50f511924348be19c7c7313bbf ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:48:27.0109 3008 FastUserSwitchingCompatibility - ok
10:48:27.0156 3008 [ e97d6a8684466df94ff3bc24fb787a07 ] Fax C:\WINDOWS\system32\fxssvc.exe
10:48:27.0171 3008 Fax - ok
10:48:27.0171 3008 fbyntuep - ok
10:48:27.0187 3008 [ 92cdd60b6730b9f50f6a1a0c1f8cdc81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
10:48:27.0187 3008 Fdc - ok
10:48:27.0250 3008 [ d45926117eb9fa946a6af572fbe1caa3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:48:27.0250 3008 Fips - ok
10:48:27.0328 3008 [ 227846995afeefa70d328bf5334a86a5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:48:27.0343 3008 FLEXnet Licensing Service - ok
10:48:27.0343 3008 [ 9d27e7b80bfcdf1cdd9b555862d5e7f0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:48:27.0343 3008 Flpydisk - ok
10:48:27.0406 3008 [ b2cf4b0786f8212cb92ed2b50c6db6b0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:48:27.0406 3008 FltMgr - ok
10:48:27.0406 3008 [ 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:48:27.0406 3008 Fs_Rec - ok
10:48:27.0437 3008 [ 6ac26732762483366c3969c9e4d2259d ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:48:27.0453 3008 Ftdisk - ok
10:48:27.0562 3008 [ 9f5f2f0fb0a7f5aa9f16b9a7b6dad89f ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:48:27.0562 3008 GoogleDesktopManager-051210-111108 - ok
10:48:27.0593 3008 [ 0a02c63c8b144bd8c86b103dee7c86a2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:48:27.0593 3008 Gpc - ok
10:48:27.0609 3008 gupdate1ca00077466cf0a - ok
10:48:27.0609 3008 gupdatem - ok
10:48:27.0671 3008 [ 408ddd80eede47175f6844817b90213e ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:48:27.0671 3008 gusvc - ok
10:48:27.0687 3008 [ 573c7d0a32852b48f3058cfd8026f511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:48:27.0687 3008 HDAudBus - ok
10:48:27.0796 3008 [ 4fcca060dfe0c51a09dd5c3843888bcd ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:48:27.0796 3008 helpsvc - ok
10:48:27.0812 3008 [ deb04da35cc871b6d309b77e1443c796 ] HidServ C:\WINDOWS\System32\hidserv.dll
10:48:27.0812 3008 HidServ - ok
10:48:27.0828 3008 [ ccf82c5ec8a7326c3066de870c06daf1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:48:27.0828 3008 HidUsb - ok
10:48:27.0890 3008 [ 8878bd685e490239777bfe51320b88e9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:48:27.0890 3008 hkmsvc - ok
10:48:28.0062 3008 hpdj - ok
10:48:28.0093 3008 [ b028377dea0546a5fcfba928a8aefae0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
10:48:28.0093 3008 hpn - ok
10:48:28.0140 3008 [ f80a415ef82cd06ffaf0d971528ead38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:48:28.0140 3008 HTTP - ok
10:48:28.0171 3008 [ 6100a808600f44d999cebdef8841c7a3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:48:28.0171 3008 HTTPFilter - ok
10:48:28.0171 3008 [ 9368670bd426ebea5e8b18a62416ec28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
10:48:28.0171 3008 i2omgmt - ok
10:48:28.0187 3008 [ f10863bf1ccc290babd1a09188ae49e0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
10:48:28.0187 3008 i2omp - ok
10:48:28.0218 3008 [ 4a0b06aa8943c1e332520f7440c0aa30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:48:28.0218 3008 i8042prt - ok
10:48:28.0218 3008 [ 083a052659f5310dd8b6a6cb05edcf8e ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:48:28.0234 3008 Imapi - ok
10:48:28.0250 3008 [ 30deaf54a9755bb8546168cfe8a6b5e1 ] ImapiService C:\WINDOWS\system32\imapi.exe
10:48:28.0250 3008 ImapiService - ok
10:48:28.0265 3008 [ 4a40e045faee58631fd8d91afc620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
10:48:28.0265 3008 ini910u - ok
10:48:28.0296 3008 [ b5466a9250342a7aa0cd1fba13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
10:48:28.0296 3008 IntelIde - ok
10:48:28.0312 3008 [ 8c953733d8f36eb2133f5bb58808b66b ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:48:28.0312 3008 intelppm - ok
10:48:28.0312 3008 [ 3bb22519a194418d5fec05d800a19ad0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
10:48:28.0312 3008 Ip6Fw - ok
10:48:28.0328 3008 [ 731f22ba402ee4b62748adaf6363c182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:48:28.0328 3008 IpFilterDriver - ok
10:48:28.0343 3008 [ b87ab476dcf76e72010632b5550955f5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:48:28.0343 3008 IpInIp - ok
10:48:28.0375 3008 [ cc748ea12c6effde940ee98098bf96bb ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:48:28.0375 3008 IpNat - ok
10:48:28.0390 3008 [ 23c74d75e36e7158768dd63d92789a91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:48:28.0390 3008 IPSec - ok
10:48:28.0421 3008 [ c93c9ff7b04d772627a3646d89f7bf89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:48:28.0421 3008 IRENUM - ok
10:48:28.0453 3008 [ 05a299ec56e52649b1cf2fc52d20f2d7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:48:28.0453 3008 isapnp - ok
10:48:28.0468 3008 jcowysay - ok
10:48:28.0468 3008 [ 463c1ec80cd17420a542b7f36a36f128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:48:28.0484 3008 Kbdclass - ok
10:48:28.0484 3008 [ 9ef487a186dea361aa06913a75b3fa99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:48:28.0484 3008 kbdhid - ok
10:48:28.0515 3008 [ 692bcf44383d056aed41b045a323d378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:48:28.0515 3008 kmixer - ok
10:48:28.0546 3008 [ b467646c54cc746128904e1654c750c1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:48:28.0546 3008 KSecDD - ok
10:48:28.0578 3008 [ 3a7c3cbe5d96b8ae96ce81f0b22fb527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
10:48:28.0578 3008 lanmanserver - ok
10:48:28.0640 3008 [ a8888a5327621856c0cec4e385f69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:48:28.0640 3008 lanmanworkstation - ok
10:48:28.0656 3008 lbrtfdc - ok
10:48:28.0671 3008 [ a7db739ae99a796d91580147e919cc59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:48:28.0671 3008 LmHosts - ok
10:48:28.0734 3008 [ 7ffd29fafcde7aaf89b689b6e156d5b0 ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
10:48:28.0734 3008 mbamchameleon - ok
10:48:28.0843 3008 [ 7cf1b716372b89568ae4c0fe769f5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
10:48:28.0843 3008 MDM - ok
10:48:28.0875 3008 [ 986b1ff5814366d71e0ac5755c88f2d3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:48:28.0875 3008 Messenger - ok
10:48:28.0921 3008 [ 4ae068242760a1fb6e1a44bf4e16afa6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:48:28.0921 3008 mnmdd - ok
10:48:28.0968 3008 [ d18f1f0c101d06a1c1adf26eed16fcdd ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:48:28.0968 3008 mnmsrvc - ok
10:48:29.0000 3008 [ dfcbad3cec1c5f964962ae10e0bcc8e1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:48:29.0000 3008 Modem - ok
10:48:29.0031 3008 [ 35c9e97194c8cfb8430125f8dbc34d04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:48:29.0031 3008 Mouclass - ok
10:48:29.0078 3008 [ b1c303e17fb9d46e87a98e4ba6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:48:29.0078 3008 mouhid - ok
10:48:29.0078 3008 [ a80b9a0bad1b73637dbcbba7df72d3fd ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:48:29.0078 3008 MountMgr - ok
10:48:29.0140 3008 [ fee0baded54222e9f1dae9541212aab1 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
10:48:29.0140 3008 MpFilter - ok
10:48:29.0250 3008 [ a69630d039c38018689190234f866d77 ] MpKsl07dfab5c c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{94A44C48-5BAC-4C49-819D-1A33EF407D12}\MpKsl07dfab5c.sys
10:48:29.0250 3008 MpKsl07dfab5c - ok
10:48:29.0281 3008 [ a69630d039c38018689190234f866d77 ] MpKslf2981527 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{94A44C48-5BAC-4C49-819D-1A33EF407D12}\MpKslf2981527.sys
10:48:29.0281 3008 MpKslf2981527 - ok
10:48:29.0296 3008 [ 3f4bb95e5a44f3be34824e8e7caf0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
10:48:29.0296 3008 mraid35x - ok
10:48:29.0312 3008 [ 11d42bb6206f33fbb3ba0288d3ef81bd ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:48:29.0312 3008 MRxDAV - ok
10:48:29.0343 3008 [ a137f1470499a205abbb9aafb3b6f2b1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:48:29.0343 3008 MSDTC - ok
10:48:29.0437 3008 [ c941ea2454ba8350021d774daf0f1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:48:29.0437 3008 Msfs - ok
10:48:29.0453 3008 MSIServer - ok
10:48:29.0484 3008 [ d1575e71568f4d9e14ca56b7b0453bf1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:48:29.0484 3008 MSKSSRV - ok
10:48:29.0593 3008 [ cfce43b70ca0cc4dcc8adb62b792b173 ] MsMpSvc c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
10:48:29.0593 3008 MsMpSvc - ok
10:48:29.0625 3008 [ 325bb26842fc7ccc1fcce2c457317f3e ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:48:29.0625 3008 MSPCLOCK - ok
10:48:29.0687 3008 [ bad59648ba099da4a17680b39730cb3d ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:48:29.0703 3008 MSPQM - ok
10:48:29.0718 3008 [ af5f4f3f14a8ea2c26de30f7a1e17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:48:29.0718 3008 mssmbios - ok
10:48:29.0765 3008 [ de6a75f5c270e756c5508d94b6cf68f5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:48:29.0765 3008 Mup - ok
10:48:29.0828 3008 [ 0102140028fad045756796e1c685d695 ] napagent C:\WINDOWS\System32\qagentrt.dll
10:48:29.0828 3008 napagent - ok
10:48:29.0859 3008 [ 1df7f42665c94b825322fae71721130d ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:48:29.0859 3008 NDIS - ok
10:48:29.0906 3008 [ 0109c4f3850dfbab279542515386ae22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:48:29.0906 3008 NdisTapi - ok
10:48:29.0921 3008 [ f927a4434c5028758a842943ef1a3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:48:29.0921 3008 Ndisuio - ok
10:48:29.0937 3008 [ edc1531a49c80614b2cfda43ca8659ab ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:48:29.0937 3008 NdisWan - ok
10:48:29.0968 3008 [ 9282bd12dfb069d3889eb3fcc1000a9b ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:48:29.0968 3008 NDProxy - ok
10:48:29.0984 3008 NecUsb - ok
10:48:30.0031 3008 [ 51c6d8bfbd4ea5b62a1ba7f4469250d3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
10:48:30.0031 3008 Net Driver HPZ12 - ok
10:48:30.0031 3008 [ 5d81cf9a2f1a3a756b66cf684911cdf0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:48:30.0031 3008 NetBIOS - ok
10:48:30.0062 3008 [ b857ba82860d7ff85ae29b095645563b ] NetDDE C:\WINDOWS\system32\netdde.exe
10:48:30.0062 3008 NetDDE - ok
10:48:30.0078 3008 [ b857ba82860d7ff85ae29b095645563b ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:48:30.0078 3008 NetDDEdsdm - ok
10:48:30.0109 3008 [ bf2466b3e18e970d8a976fb95fc1ca85 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:48:30.0109 3008 Netlogon - ok
10:48:30.0125 3008 [ 13e67b55b3abd7bf3fe7aae5a0f9a9de ] Netman C:\WINDOWS\System32\netman.dll
10:48:30.0125 3008 Netman - ok
10:48:30.0156 3008 [ 943337d786a56729263071623bbb9de5 ] Nla C:\WINDOWS\System32\mswsock.dll
10:48:30.0156 3008 Nla - ok
10:48:30.0187 3008 [ 3182d64ae053d6fb034f44b6def8034a ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:48:30.0187 3008 Npfs - ok
10:48:30.0234 3008 [ 78a08dd6a8d65e697c18e1db01c5cdca ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:48:30.0234 3008 Ntfs - ok
10:48:30.0250 3008 [ bf2466b3e18e970d8a976fb95fc1ca85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:48:30.0250 3008 NtLmSsp - ok
10:48:30.0281 3008 [ 156f64a3345bd23c600655fb4d10bc08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:48:30.0281 3008 NtmsSvc - ok
10:48:30.0312 3008 [ 73c1e1f395918bc2c6dd67af7591a3ad ] Null C:\WINDOWS\system32\drivers\Null.sys
10:48:30.0312 3008 Null - ok
10:48:30.0390 3008 [ 2b298519edbfcf451d43e0f1e8f1006d ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:48:30.0406 3008 nv - ok
10:48:30.0437 3008 [ b305f3fad35083837ef46a0bbce2fc57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:48:30.0437 3008 NwlnkFlt - ok
10:48:30.0437 3008 [ c99b3415198d1aab7227f2c88fd664b9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:48:30.0437 3008 NwlnkFwd - ok
10:48:30.0500 3008 [ 1f0e05dff4f5a833168e49be1256f002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:48:30.0500 3008 odserv - ok
10:48:30.0515 3008 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:48:30.0531 3008 ose - ok
10:48:30.0578 3008 [ 5575faf8f97ce5e713d108c2a58d7c7c ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
10:48:30.0578 3008 Parport - ok
10:48:30.0578 3008 [ beb3ba25197665d82ec7065b724171c6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:48:30.0578 3008 PartMgr - ok
10:48:30.0609 3008 [ 70e98b3fd8e963a6a46a2e6247e0bea1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:48:30.0609 3008 ParVdm - ok
10:48:30.0625 3008 [ a219903ccf74233761d92bef471a07b1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:48:30.0625 3008 PCI - ok
10:48:30.0625 3008 PCIDump - ok
10:48:30.0640 3008 [ ccf5f451bb1a5a2a522a76e670000ff0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:48:30.0656 3008 PCIIde - ok
10:48:30.0671 3008 [ 9e89ef60e9ee05e3f2eef2da7397f1c1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
10:48:30.0671 3008 Pcmcia - ok
10:48:30.0671 3008 PDCOMP - ok
10:48:30.0687 3008 PDFRAME - ok
10:48:30.0687 3008 PDRELI - ok
10:48:30.0703 3008 PDRFRAME - ok
10:48:30.0718 3008 [ 6c14b9c19ba84f73d3a86dba11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
10:48:30.0718 3008 perc2 - ok
10:48:30.0734 3008 [ f50f7c27f131afe7beba13e14a3b9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
10:48:30.0734 3008 perc2hib - ok
10:48:30.0781 3008 [ 65df52f5b8b6e9bbd183505225c37315 ] PlugPlay C:\WINDOWS\system32\services.exe
10:48:30.0781 3008 PlugPlay - ok
10:48:30.0796 3008 [ 79834aa2fbf9fe81eebb229024f6f7fc ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
10:48:30.0796 3008 Pml Driver HPZ12 - ok
10:48:30.0812 3008 [ bf2466b3e18e970d8a976fb95fc1ca85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:48:30.0828 3008 PolicyAgent - ok
10:48:30.0843 3008 [ efeec01b1d3cf84f16ddd24d9d9d8f99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:48:30.0843 3008 PptpMiniport - ok
10:48:30.0843 3008 [ bf2466b3e18e970d8a976fb95fc1ca85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:48:30.0843 3008 ProtectedStorage - ok
10:48:30.0859 3008 [ 09298ec810b07e5d582cb3a3f9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:48:30.0859 3008 PSched - ok
10:48:30.0875 3008 [ 80d317bd1c3dbc5d4fe7b1678c60cadd ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:48:30.0875 3008 Ptilink - ok
10:48:30.0890 3008 [ 0a63fb54039eb5662433caba3b26dba7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
10:48:30.0890 3008 ql1080 - ok
10:48:30.0906 3008 [ 6503449e1d43a0ff0201ad5cb1b8c706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
10:48:30.0906 3008 Ql10wnt - ok
10:48:30.0906 3008 [ 156ed0ef20c15114ca097a34a30d8a01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
10:48:30.0906 3008 ql12160 - ok
10:48:30.0921 3008 [ 70f016bebde6d29e864c1230a07cc5e6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
10:48:30.0921 3008 ql1240 - ok
10:48:30.0937 3008 [ 907f0aeea6bc451011611e732bd31fcf ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
10:48:30.0937 3008 ql1280 - ok
10:48:30.0937 3008 [ fe0d99d6f31e4fad8159f690d68ded9c ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:48:30.0937 3008 RasAcd - ok
10:48:30.0984 3008 [ ad188be7bdf94e8df4ca0a55c00a5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:48:30.0984 3008 RasAuto - ok
10:48:31.0000 3008 [ 11b4a627bc9614b885c4969bfa5ff8a6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:48:31.0015 3008 Rasl2tp - ok
10:48:31.0078 3008 [ 76a9a3cbeadd68cc57cda5e1d7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:48:31.0078 3008 RasMan - ok
10:48:31.0078 3008 [ 5bc962f2654137c9909c3d4603587dee ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:48:31.0093 3008 RasPppoe - ok
10:48:31.0109 3008 [ fdbb1d60066fcfbb7452fd8f9829b242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:48:31.0109 3008 Raspti - ok
10:48:31.0125 3008 [ 7ad224ad1a1437fe28d89cf22b17780a ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:48:31.0125 3008 Rdbss - ok
10:48:31.0140 3008 [ 4912d5b403614ce99c28420f75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:48:31.0140 3008 RDPCDD - ok
10:48:31.0156 3008 [ 15cabd0f7c00c47c70124907916af3f1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:48:31.0156 3008 rdpdr - ok
10:48:31.0203 3008 [ fc105dd312ed64eb66bff111e8ec6eac ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:48:31.0203 3008 RDPWD - ok
10:48:31.0250 3008 [ 3c37bf86641bda977c3bf8a840f3b7fa ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:48:31.0250 3008 RDSessMgr - ok
10:48:31.0265 3008 [ f828dd7e1419b6653894a8f97a0094c5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:48:31.0265 3008 redbook - ok
10:48:31.0296 3008 [ 7e699ff5f59b5d9de5390e3c34c67cf5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:48:31.0296 3008 RemoteAccess - ok
10:48:31.0296 3008 [ 5b19b557b0c188210a56a6b699d90b8f ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
10:48:31.0312 3008 RemoteRegistry - ok
10:48:31.0343 3008 [ aaed593f84afa419bbae8572af87cf6a ] RpcLocator C:\WINDOWS\system32\locator.exe
10:48:31.0343 3008 RpcLocator - ok
10:48:31.0375 3008 [ 6b27a5c03dfb94b4245739065431322c ] RpcSs C:\WINDOWS\System32\rpcss.dll
10:48:31.0390 3008 RpcSs - ok
10:48:31.0437 3008 [ 471b3f9741d762abe75e9deea4787e47 ] RSVP C:\WINDOWS\system32\rsvp.exe
10:48:31.0437 3008 RSVP - ok
10:48:31.0453 3008 [ bf2466b3e18e970d8a976fb95fc1ca85 ] SamSs C:\WINDOWS\system32\lsass.exe
10:48:31.0453 3008 SamSs - ok
10:48:31.0468 3008 [ 86d007e7a654b9a71d1d7d856b104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:48:31.0484 3008 SCardSvr - ok
10:48:31.0531 3008 [ 0a9a7365a1ca4319aa7c1d6cd8e4eafa ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:48:31.0531 3008 Schedule - ok
10:48:31.0578 3008 [ 90a3935d05b494a5a39d37e71f09a677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:48:31.0578 3008 Secdrv - ok
10:48:31.0625 3008 [ cbe612e2bb6a10e3563336191eda1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
10:48:31.0625 3008 seclogon - ok
10:48:31.0687 3008 [ b6a6b409fda9d9ebd3aadb838d3d7173 ] SenFiltService C:\WINDOWS\system32\drivers\Senfilt.sys
10:48:31.0687 3008 SenFiltService - ok
10:48:31.0703 3008 [ 7fdd5d0684eca8c1f68b4d99d124dcd0 ] SENS C:\WINDOWS\system32\sens.dll
10:48:31.0703 3008 SENS - ok
10:48:31.0750 3008 [ 0f29512ccd6bead730039fb4bd2c85ce ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
10:48:31.0765 3008 serenum - ok
10:48:31.0781 3008 [ cca207a8896d4c6a0c9ce29a4ae411a7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
10:48:31.0781 3008 Serial - ok
10:48:31.0796 3008 [ 8e6b8c671615d126fdc553d1e2de5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
10:48:31.0796 3008 Sfloppy - ok
10:48:31.0859 3008 [ 83f41d0d89645d7235c051ab1d9523ac ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:48:31.0859 3008 SharedAccess - ok
10:48:31.0875 3008 [ 99bc0b50f511924348be19c7c7313bbf ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:48:31.0875 3008 ShellHWDetection - ok
10:48:31.0890 3008 Simbad - ok
10:48:31.0921 3008 [ 6b33d0ebd30db32e27d1d78fe946a754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
10:48:31.0921 3008 sisagp - ok
10:48:31.0937 3008 [ 83c0f71f86d3bdaf915685f3d568b20e ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
10:48:31.0937 3008 Sparrow - ok
10:48:31.0937 3008 [ ab8b92451ecb048a4d1de7c3ffcb4a9f ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:48:31.0953 3008 splitter - ok
10:48:32.0000 3008 [ 60784f891563fb1b767f70117fc2428f ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:48:32.0000 3008 Spooler - ok
10:48:32.0046 3008 [ 76bb022c2fb6902fd5bdd4f78fc13a5d ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:48:32.0046 3008 sr - ok
10:48:32.0109 3008 [ 3805df0ac4296a34ba4bf93b346cc378 ] srservice C:\WINDOWS\system32\srsvc.dll
10:48:32.0109 3008 srservice - ok
10:48:32.0171 3008 [ 47ddfc2f003f7f9f0592c6874962a2e7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:48:32.0171 3008 Srv - ok
10:48:32.0187 3008 [ 0a5679b3714edab99e357057ee88fca6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:48:32.0187 3008 SSDPSRV - ok
10:48:32.0218 3008 [ 8bad69cbac032d4bbacfce0306174c30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:48:32.0218 3008 stisvc - ok
10:48:32.0234 3008 [ 3941d127aef12e93addf6fe6ee027e0f ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:48:32.0234 3008 swenum - ok
10:48:32.0250 3008 [ 8ce882bcc6cf8a62f2b2323d95cb3d01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:48:32.0250 3008 swmidi - ok
10:48:32.0265 3008 SwPrv - ok
10:48:32.0281 3008 [ 1ff3217614018630d0a6758630fc698c ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
10:48:32.0281 3008 symc810 - ok
10:48:32.0281 3008 [ 070e001d95cf725186ef8b20335f933c ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
10:48:32.0281 3008 symc8xx - ok
10:48:32.0296 3008 [ 80ac1c4abbe2df3b738bf15517a51f2c ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
10:48:32.0296 3008 sym_hi - ok
10:48:32.0296 3008 [ bf4fab949a382a8e105f46ebb4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
10:48:32.0312 3008 sym_u3 - ok
10:48:32.0328 3008 [ 8b83f3ed0f1688b4958f77cd6d2bf290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:48:32.0328 3008 sysaudio - ok
10:48:32.0343 3008 [ c7abbc59b43274b1109df6b24d617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:48:32.0343 3008 SysmonLog - ok
10:48:32.0375 3008 [ 3cb78c17bb664637787c9a1c98f79c38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:48:32.0375 3008 TapiSrv - ok
10:48:32.0437 3008 [ 9aefa14bd6b182d61e3119fa5f436d3d ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:48:32.0437 3008 Tcpip - ok
10:48:32.0468 3008 [ 6471a66807f5e104e4885f5b67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:48:32.0468 3008 TDPIPE - ok
10:48:32.0484 3008 [ c56b6d0402371cf3700eb322ef3aaf61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:48:32.0484 3008 TDTCP - ok
10:48:32.0515 3008 [ 88155247177638048422893737429d9e ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:48:32.0515 3008 TermDD - ok
10:48:32.0531 3008 [ ff3477c03be7201c294c35f684b3479f ] TermService C:\WINDOWS\System32\termsrv.dll
10:48:32.0546 3008 TermService - ok
10:48:32.0562 3008 [ 99bc0b50f511924348be19c7c7313bbf ] Themes C:\WINDOWS\System32\shsvcs.dll
10:48:32.0562 3008 Themes - ok
10:48:32.0609 3008 [ db7205804759ff62c34e3efd8a4cc76a ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
10:48:32.0609 3008 TlntSvr - ok
10:48:32.0625 3008 [ f2790f6af01321b172aa62f8e1e187d9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
10:48:32.0625 3008 TosIde - ok
10:48:32.0656 3008 [ 55bca12f7f523d35ca3cb833c725f54e ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:48:32.0656 3008 TrkWks - ok
10:48:32.0687 3008 [ 5787b80c2e3c5e2f56c2a233d91fa2c9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:48:32.0687 3008 Udfs - ok
10:48:32.0687 3008 [ 1b698a51cd528d8da4ffaed66dfc51b9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
10:48:32.0703 3008 ultra - ok
10:48:32.0750 3008 [ 402ddc88356b1bac0ee3dd1580c76a31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:48:32.0765 3008 Update - ok
10:48:32.0812 3008 [ 1ebafeb9a3fbdc41b8d9c7f0f687ad91 ] upnphost C:\WINDOWS\System32\upnphost.dll
10:48:32.0812 3008 upnphost - ok
10:48:32.0828 3008 [ 05365fb38fca1e98f7a566aaaf5d1815 ] UPS C:\WINDOWS\System32\ups.exe
10:48:32.0843 3008 UPS - ok
10:48:32.0843 3008 [ 173f317ce0db8e21322e71b7e60a27e8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:48:32.0843 3008 usbccgp - ok
10:48:32.0875 3008 [ 65dcf09d0e37d4c6b11b5b0b76d470a7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:48:32.0875 3008 usbehci - ok
10:48:32.0890 3008 [ 1ab3cdde553b6e064d2e754efe20285c ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:48:32.0890 3008 usbhub - ok
10:48:32.0906 3008 [ 0daecce65366ea32b162f85f07c6753b ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
10:48:32.0906 3008 usbohci - ok
10:48:32.0906 3008 [ a717c8721046828520c9edf31288fc00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:48:32.0921 3008 usbprint - ok
10:48:32.0921 3008 [ a0b8cf9deb1184fbdd20784a58fa75d4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:48:32.0921 3008 usbscan - ok
10:48:32.0937 3008 [ a32426d9b14a089eaa1d922e0c5801a9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:48:32.0937 3008 USBSTOR - ok
10:48:32.0937 3008 [ 26496f9dee2d787fc3e61ad54821ffe6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:48:32.0937 3008 usbuhci - ok
10:48:32.0953 3008 [ 0d3a8fafceacd8b7625cd549757a7df1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:48:32.0953 3008 VgaSave - ok
10:48:32.0968 3008 [ 754292ce5848b3738281b4f3607eaef4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
10:48:32.0968 3008 viaagp - ok
10:48:33.0000 3008 [ 3b3efcda263b8ac14fdf9cbdd0791b2e ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
10:48:33.0000 3008 ViaIde - ok
10:48:33.0031 3008 [ 4c8fcb5cc53aab716d810740fe59d025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:48:33.0031 3008 VolSnap - ok
10:48:33.0062 3008 [ 7a9db3a67c333bf0bd42e42b8596854b ] VSS C:\WINDOWS\System32\vssvc.exe
10:48:33.0062 3008 VSS - ok
10:48:33.0093 3008 [ 54af4b1d5459500ef0937f6d33b1914f ] w32time C:\WINDOWS\system32\w32time.dll
10:48:33.0093 3008 w32time - ok
10:48:33.0109 3008 [ e20b95baedb550f32dd489265c1da1f6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:48:33.0109 3008 Wanarp - ok
10:48:33.0109 3008 WDICA - ok
10:48:33.0140 3008 [ 6768acf64b18196494413695f0c3a00f ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:48:33.0140 3008 wdmaud - ok
10:48:33.0140 3008 [ 77a354e28153ad2d5e120a5a8687bc06 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:48:33.0156 3008 WebClient - ok
10:48:33.0250 3008 [ 2d0e4ed081963804ccc196a0929275b5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:48:33.0250 3008 winmgmt - ok
10:48:33.0312 3008 [ c51b4a5c05a5475708e3c81c7765b71d ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
10:48:33.0312 3008 WmdmPmSN - ok
10:48:33.0359 3008 [ e76f8807070ed04e7408a86d6d3a6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
10:48:33.0359 3008 Wmi - ok
10:48:33.0390 3008 [ e0673f1106e62a68d2257e376079f821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:48:33.0390 3008 WmiApSrv - ok
10:48:33.0500 3008 [ f74e3d9a7fa9556c3bbb14d4e5e63d3b ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
10:48:33.0500 3008 WMPNetworkSvc - ok
10:48:33.0531 3008 [ 6abe6e225adb5a751622a9cc3bc19ce8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
10:48:33.0531 3008 WS2IFSL - ok
10:48:33.0546 3008 [ f15feafffbb3644ccc80c5da584e6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:48:33.0562 3008 WudfPf - ok
10:48:33.0562 3008 [ 28b524262bce6de1f7ef9f510ba3985b ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:48:33.0562 3008 WudfRd - ok
10:48:33.0578 3008 [ 05231c04253c5bc30b26cbaae680ed89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
10:48:33.0593 3008 WudfSvc - ok
10:48:33.0640 3008 [ 81dc3f549f44b1c1fff022dec9ecf30b ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:48:33.0640 3008 WZCSVC - ok
10:48:33.0687 3008 [ 295d21f14c335b53cb8154e5b1f892b9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:48:33.0687 3008 xmlprov - ok
10:48:33.0687 3008 ================ Scan global ===============================
10:48:33.0734 3008 (42f1f4c0afb08410e5f02d4b13ebb623) C:\WINDOWS\system32\basesrv.dll
10:48:33.0796 3008 (95cf3446911a6e25ee4086df8a45b2aa) C:\WINDOWS\system32\winsrv.dll
10:48:33.0812 3008 (95cf3446911a6e25ee4086df8a45b2aa) C:\WINDOWS\system32\winsrv.dll
10:48:33.0812 3008 (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
10:48:33.0828 3008 [Global] - ok
10:48:33.0828 3008 ================ Scan MBR ==================================
10:48:33.0843 3008 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
10:48:34.0203 3008 \Device\Harddisk0\DR0 - ok
10:48:34.0218 3008 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR7
10:48:37.0406 3008 \Device\Harddisk1\DR7 - ok
10:48:37.0406 3008 ================ Scan VBR ==================================
10:48:37.0437 3008 Boot (0x1200) (acc0bec2dcb7e35b47e1e28ccc1684a2) \Device\Harddisk0\DR0\Partition1
10:48:37.0437 3008 \Device\Harddisk0\DR0\Partition1 - ok
10:48:37.0437 3008 Boot (0x1200) (3f63953f6ba837b246e13facccbbb989) \Device\Harddisk1\DR7\Partition1
10:48:37.0453 3008 \Device\Harddisk1\DR7\Partition1 - ok
10:48:37.0453 3008 ============================================================
10:48:37.0453 3008 Scan finished
10:48:37.0453 3008 ============================================================
10:48:37.0468 3352 Detected object count: 0
10:48:37.0468 3352 Actual detected object count: 0

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:23 AM

Posted 16 August 2012 - 11:11 AM

Launch FSS again and type

netbt.sys in search BOX

and click on search files

Post the generated log

#5 jss8381

jss8381
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 16 August 2012 - 11:51 AM

Here is the new FSS log:

Farbar Service Scanner Version: 06-08-2012
Ran by Cooper (administrator) on 16-08-2012 at 11:50:01
Microsoft Windows XP Professional Service Pack 3 (X86)

************************************************
======== Search: "netbt.sys" =========

C:\WINDOWS\system32\dllcache\netbt.sys
[2004-08-11 17:00] - [2008-04-13 14:21] - 0162816 ____A (Microsoft Corporation) 74B2B2F5BEA5E9A3DC021D685551BD3D

C:\WINDOWS\ServicePackFiles\i386\netbt.sys
[2008-04-13 14:21] - [2008-04-13 14:21] - 0162816 ____N (Microsoft Corporation) 74B2B2F5BEA5E9A3DC021D685551BD3D

C:\WINDOWS\$NtServicePackUninstall$\netbt.sys
[2009-01-16 12:48] - [2004-08-04 05:00] - 0162816 ____C (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\i386\netbt.sys
[2007-02-21 16:27] - [2004-08-04 05:00] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

====== End Of Search ======


By the way, I neglected to answer your other questions before. It was the posters at TechSupportForums that suggested that it was malware-related. I tried the Restore Points previously, but had no luck with it.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:23 AM

Posted 16 August 2012 - 12:32 PM

Copy the file

C:\WINDOWS\ServicePackFiles\i386\netbt.sys

Paste it in

C:\WINDOWS\system32\drivers folder

Download

NetBT
wscsvc
wuauserv

launch them,click YES

Restart the PC,post the new FSS log

Edited by narenxp, 16 August 2012 - 12:33 PM.


#7 jss8381

jss8381
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 16 August 2012 - 02:16 PM

Well, this just took a turn in a new direction....

I followed those instructions and restarted the PC. The connection was working for a few glorious minutes. Before I could run the new FSS log, Microsoft Security Essentials detected the following processes:

Exploit:JS/Blacole.CX
Exploit:JS/Blacole.AD
Trtojan:JS/Iframeref

I tried to kill them, but MSE locked up and I was forced to restart. Now everything on the desktop appears to lock up when I attempt to open it.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:23 AM

Posted 16 August 2012 - 02:20 PM

Boot into safemode with networking


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#9 jss8381

jss8381
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 16 August 2012 - 04:09 PM

TKSSKiller log:

14:39:27.0546 1464 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
14:39:28.0250 1464 ============================================================
14:39:28.0250 1464 Current date / time: 2012/08/16 14:39:28.0250
14:39:28.0250 1464 SystemInfo:
14:39:28.0250 1464
14:39:28.0250 1464 OS Version: 5.1.2600 ServicePack: 3.0
14:39:28.0250 1464 Product type: Workstation
14:39:28.0250 1464 ComputerName: JUSTIN
14:39:28.0250 1464 UserName: Administrator
14:39:28.0250 1464 Windows directory: C:\WINDOWS
14:39:28.0250 1464 System windows directory: C:\WINDOWS
14:39:28.0250 1464 Processor architecture: Intel x86
14:39:28.0250 1464 Number of processors: 2
14:39:28.0250 1464 Page size: 0x1000
14:39:28.0250 1464 Boot type: Safe boot with network
14:39:28.0250 1464 ============================================================
14:39:29.0656 1464 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:39:29.0671 1464 ============================================================
14:39:29.0671 1464 \Device\Harddisk0\DR0:
14:39:29.0671 1464 MBR partitions:
14:39:29.0671 1464 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x129ED876
14:39:29.0671 1464 ============================================================
14:39:29.0703 1464 C: <-> \Device\Harddisk0\DR0\Partition1
14:39:29.0703 1464 ============================================================
14:39:29.0703 1464 Initialize success
14:39:29.0703 1464 ============================================================
14:39:48.0968 1440 ============================================================
14:39:48.0968 1440 Scan started
14:39:48.0968 1440 Mode: Manual; TDLFS;
14:39:48.0968 1440 ============================================================
14:39:49.0500 1440 ================ Scan services =============================
14:39:49.0515 1440 .mrxsmb - ok
14:39:49.0671 1440 Abiosdsk - ok
14:39:49.0718 1440 [ 6abb91494fe6c59089b9336452ab2ea3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
14:39:49.0718 1440 abp480n5 - ok
14:39:49.0796 1440 [ 8fd99680a539792a30e97944fdaecf17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:39:49.0796 1440 ACPI - ok
14:39:49.0843 1440 [ 9859c0f6936e723e4892d7141b1327d5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:39:49.0843 1440 ACPIEC - ok
14:39:49.0890 1440 [ f959f333a01f5c109e9d644c3bd8301c ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
14:39:49.0890 1440 ADIHdAudAddService - ok
14:39:49.0937 1440 [ 9a11864873da202c996558b2106b0bbc ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
14:39:49.0937 1440 adpu160m - ok
14:39:50.0000 1440 [ 8bed39e3c35d6a489438b8141717a557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:39:50.0000 1440 aec - ok
14:39:50.0062 1440 [ 1e44bc1e83d8fd2305f8d452db109cf9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:39:50.0062 1440 AFD - ok
14:39:50.0109 1440 [ 08fd04aa961bdc77fb983f328334e3d7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
14:39:50.0109 1440 agp440 - ok
14:39:50.0140 1440 [ 03a7e0922acfe1b07d5db2eeb0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
14:39:50.0140 1440 agpCPQ - ok
14:39:50.0156 1440 [ c23ea9b5f46c7f7910db3eab648ff013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
14:39:50.0156 1440 Aha154x - ok
14:39:50.0187 1440 [ 19dd0fb48b0c18892f70e2e7d61a1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
14:39:50.0203 1440 aic78u2 - ok
14:39:50.0218 1440 [ b7fe594a7468aa0132deb03fb8e34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
14:39:50.0218 1440 aic78xx - ok
14:39:50.0265 1440 [ a9a3daa780ca6c9671a19d52456705b4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:39:50.0281 1440 Alerter - ok
14:39:50.0312 1440 [ 8c515081584a38aa007909cd02020b3d ] ALG C:\WINDOWS\System32\alg.exe
14:39:50.0312 1440 ALG - ok
14:39:50.0359 1440 [ 1140ab9938809700b46bb88e46d72a96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
14:39:50.0359 1440 AliIde - ok
14:39:50.0390 1440 [ cb08aed0de2dd889a8a820cd8082d83c ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
14:39:50.0406 1440 alim1541 - ok
14:39:50.0421 1440 [ 95b4fb835e28aa1336ceeb07fd5b9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
14:39:50.0421 1440 amdagp - ok
14:39:50.0468 1440 [ 79f5add8d24bd6893f2903a3e2f3fad6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
14:39:50.0468 1440 amsint - ok
14:39:50.0515 1440 [ d8849f77c0b66226335a59d26cb4edc6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:39:50.0515 1440 AppMgmt - ok
14:39:50.0546 1440 [ 62d318e9a0c8fc9b780008e724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
14:39:50.0546 1440 asc - ok
14:39:50.0562 1440 [ 69eb0cc7714b32896ccbfd5edcbea447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
14:39:50.0562 1440 asc3350p - ok
14:39:50.0593 1440 [ 5d8de112aa0254b907861e9e9c31d597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
14:39:50.0593 1440 asc3550 - ok
14:39:50.0750 1440 [ e1a1206a4fb19b675e947b29ccd25fba ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
14:39:50.0750 1440 aspnet_state - ok
14:39:50.0828 1440 [ b153affac761e7f5fcfa822b9c4e97bc ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:39:50.0828 1440 AsyncMac - ok
14:39:50.0859 1440 [ 9f3a2f5aa6875c72bf062c712cfa2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:39:50.0859 1440 atapi - ok
14:39:50.0875 1440 Atdisk - ok
14:39:50.0953 1440 [ c23082b890f21267037ca6111c385ff3 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
14:39:50.0968 1440 Ati HotKey Poller - ok
14:39:51.0046 1440 [ f5fc6ac1e7bc776871361d463fc86be2 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
14:39:51.0062 1440 ati2mtag - ok
14:39:51.0125 1440 [ 1842b56b3d3f195c36f62708d266b95e ] atiide C:\WINDOWS\system32\DRIVERS\atiide.sys
14:39:51.0125 1440 atiide - ok
14:39:51.0171 1440 [ 9916c1225104ba14794209cfa8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:39:51.0171 1440 Atmarpc - ok
14:39:51.0218 1440 [ def7a7882bec100fe0b2ce2549188f9d ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:39:51.0218 1440 AudioSrv - ok
14:39:51.0250 1440 [ d9f724aa26c010a217c97606b160ed68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:39:51.0250 1440 audstub - ok
14:39:51.0281 1440 [ 78e7b52da292fa90bad2f887bbf22159 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
14:39:51.0281 1440 bcm4sbxp - ok
14:39:51.0312 1440 [ da1f27d85e0d1525f6621372e7b685e9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:39:51.0312 1440 Beep - ok
14:39:51.0390 1440 [ 574738f61fca2935f5265dc4e5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
14:39:51.0437 1440 BITS - ok
14:39:51.0484 1440 [ a06ce3399d16db864f55faeb1f1927a9 ] Browser C:\WINDOWS\System32\browser.dll
14:39:51.0484 1440 Browser - ok
14:39:51.0500 1440 catchme - ok
14:39:51.0531 1440 [ 90a673fc8e12a79afbed2576f6a7aaf9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
14:39:51.0531 1440 cbidf - ok
14:39:51.0562 1440 [ 90a673fc8e12a79afbed2576f6a7aaf9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:39:51.0562 1440 cbidf2k - ok
14:39:51.0609 1440 [ f3ec03299634490e97bbce94cd2954c7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
14:39:51.0609 1440 cd20xrnt - ok
14:39:51.0640 1440 [ c1b486a7658353d33a10cc15211a873b ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:39:51.0640 1440 Cdaudio - ok
14:39:51.0656 1440 [ c885b02847f5d2fd45a24e219ed93b32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:39:51.0656 1440 Cdfs - ok
14:39:51.0687 1440 [ 1f4260cc5b42272d71f79e570a27a4fe ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:39:51.0687 1440 Cdrom - ok
14:39:51.0718 1440 Changer - ok
14:39:51.0750 1440 [ 1cfe720eb8d93a7158a4ebc3ab178bde ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:39:51.0750 1440 CiSvc - ok
14:39:51.0796 1440 [ 34cbe729f38138217f9c80212a2a0c82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:39:51.0796 1440 ClipSrv - ok
14:39:51.0812 1440 [ e5dcb56c533014ecbc556a8357c929d5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
14:39:51.0812 1440 CmdIde - ok
14:39:51.0828 1440 COMSysApp - ok
14:39:51.0890 1440 [ 3ee529119eed34cd212a215e8c40d4b6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
14:39:51.0890 1440 Cpqarray - ok
14:39:51.0921 1440 [ 3d4e199942e29207970e04315d02ad3b ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:39:51.0921 1440 CryptSvc - ok
14:39:51.0953 1440 [ e550e7418984b65a78299d248f0a7f36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
14:39:51.0953 1440 dac2w2k - ok
14:39:51.0968 1440 [ 683789caa3864eb46125ae86ff677d34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
14:39:51.0968 1440 dac960nt - ok
14:39:52.0046 1440 [ 6b27a5c03dfb94b4245739065431322c ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:39:52.0062 1440 DcomLaunch - ok
14:39:52.0078 1440 [ 5e38d7684a49cacfb752b046357e0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:39:52.0078 1440 Dhcp - ok
14:39:52.0109 1440 [ 044452051f3e02e7963599fc8f4f3e25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:39:52.0109 1440 Disk - ok
14:39:52.0125 1440 dmadmin - ok
14:39:52.0187 1440 [ d992fe1274bde0f84ad826acae022a41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:39:52.0203 1440 dmboot - ok
14:39:52.0250 1440 [ 7c824cf7bbde77d95c08005717a95f6f ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:39:52.0250 1440 dmio - ok
14:39:52.0265 1440 [ e9317282a63ca4d188c0df5e09c6ac5f ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:39:52.0265 1440 dmload - ok
14:39:52.0328 1440 [ 57edec2e5f59f0335e92f35184bc8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:39:52.0328 1440 dmserver - ok
14:39:52.0359 1440 [ 8a208dfcf89792a484e76c40e5f50b45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:39:52.0359 1440 DMusic - ok
14:39:52.0421 1440 [ 5f7e24fa9eab896051ffb87f840730d2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:39:52.0421 1440 Dnscache - ok
14:39:52.0453 1440 [ 0f0f6e687e5e15579ef4da8dd6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:39:52.0468 1440 Dot3svc - ok
14:39:52.0484 1440 [ 40f3b93b4e5b0126f2f5c0a7a5e22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
14:39:52.0484 1440 dpti2o - ok
14:39:52.0531 1440 [ 8f5fcff8e8848afac920905fbd9d33c8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:39:52.0531 1440 drmkaud - ok
14:39:52.0609 1440 DSproct - ok
14:39:52.0625 1440 [ 3fca03cbca11269f973b70fa483c88ef ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
14:39:52.0625 1440 E100B - ok
14:39:52.0656 1440 [ 3b2e8f97b6869c29da023ee75bf585d5 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
14:39:52.0671 1440 eamon - ok
14:39:52.0703 1440 [ 2187855a7703adef0cef9ee4285182cc ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:39:52.0703 1440 EapHost - ok
14:39:52.0750 1440 [ 4fad054cbcaa296be7bd2cb77da9d9b4 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
14:39:52.0750 1440 ehdrv - ok
14:39:52.0875 1440 [ a292d2284353af1350a6a3c20d231098 ] EhttpSrv C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
14:39:52.0875 1440 EhttpSrv - ok
14:39:52.0937 1440 [ 8791f03854611deac8d2967c1c958a7e ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
14:39:52.0953 1440 ekrn - ok
14:39:52.0984 1440 [ d2a915b725845c3eda5a68ed2da74700 ] epfwtdir C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
14:39:52.0984 1440 epfwtdir - ok
14:39:53.0015 1440 [ bc93b4a066477954555966d77fec9ecb ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:39:53.0031 1440 ERSvc - ok
14:39:53.0078 1440 [ 65df52f5b8b6e9bbd183505225c37315 ] Eventlog C:\WINDOWS\system32\services.exe
14:39:53.0125 1440 Eventlog - ok
14:39:53.0187 1440 [ d4991d98f2db73c60d042f1aef79efae ] EventSystem C:\WINDOWS\system32\es.dll
14:39:53.0187 1440 EventSystem - ok
14:39:53.0218 1440 [ 38d332a6d56af32635675f132548343e ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:39:53.0218 1440 Fastfat - ok
14:39:53.0296 1440 [ 99bc0b50f511924348be19c7c7313bbf ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:39:53.0296 1440 FastUserSwitchingCompatibility - ok
14:39:53.0359 1440 [ e97d6a8684466df94ff3bc24fb787a07 ] Fax C:\WINDOWS\system32\fxssvc.exe
14:39:53.0375 1440 Fax - ok
14:39:53.0390 1440 fbyntuep - ok
14:39:53.0421 1440 [ 92cdd60b6730b9f50f6a1a0c1f8cdc81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
14:39:53.0421 1440 Fdc - ok
14:39:53.0484 1440 [ d45926117eb9fa946a6af572fbe1caa3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:39:53.0484 1440 Fips - ok
14:39:53.0578 1440 [ 227846995afeefa70d328bf5334a86a5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:39:53.0593 1440 FLEXnet Licensing Service - ok
14:39:53.0609 1440 [ 9d27e7b80bfcdf1cdd9b555862d5e7f0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:39:53.0609 1440 Flpydisk - ok
14:39:53.0687 1440 [ b2cf4b0786f8212cb92ed2b50c6db6b0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
14:39:53.0687 1440 FltMgr - ok
14:39:53.0718 1440 [ 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:39:53.0718 1440 Fs_Rec - ok
14:39:53.0750 1440 [ 6ac26732762483366c3969c9e4d2259d ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:39:53.0750 1440 Ftdisk - ok
14:39:53.0890 1440 [ 9f5f2f0fb0a7f5aa9f16b9a7b6dad89f ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
14:39:53.0890 1440 GoogleDesktopManager-051210-111108 - ok
14:39:53.0921 1440 [ 0a02c63c8b144bd8c86b103dee7c86a2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:39:53.0921 1440 Gpc - ok
14:39:53.0984 1440 [ 626a24ed1228580b9518c01930936df9 ] gupdate1ca00077466cf0a C:\Program Files\Google\Update\GoogleUpdate.exe
14:39:53.0984 1440 gupdate1ca00077466cf0a - ok
14:39:54.0015 1440 [ 626a24ed1228580b9518c01930936df9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:39:54.0015 1440 gupdatem - ok
14:39:54.0093 1440 [ 408ddd80eede47175f6844817b90213e ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:39:54.0109 1440 gusvc - ok
14:39:54.0140 1440 [ 573c7d0a32852b48f3058cfd8026f511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:39:54.0140 1440 HDAudBus - ok
14:39:54.0234 1440 [ 4fcca060dfe0c51a09dd5c3843888bcd ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:39:54.0234 1440 helpsvc - ok
14:39:54.0296 1440 [ deb04da35cc871b6d309b77e1443c796 ] HidServ C:\WINDOWS\System32\hidserv.dll
14:39:54.0296 1440 HidServ - ok
14:39:54.0328 1440 [ ccf82c5ec8a7326c3066de870c06daf1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:39:54.0328 1440 HidUsb - ok
14:39:54.0359 1440 [ 8878bd685e490239777bfe51320b88e9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:39:54.0359 1440 hkmsvc - ok
14:39:54.0578 1440 hpdj - ok
14:39:54.0609 1440 [ b028377dea0546a5fcfba928a8aefae0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
14:39:54.0609 1440 hpn - ok
14:39:54.0671 1440 [ f80a415ef82cd06ffaf0d971528ead38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:39:54.0671 1440 HTTP - ok
14:39:54.0703 1440 [ 6100a808600f44d999cebdef8841c7a3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:39:54.0718 1440 HTTPFilter - ok
14:39:54.0734 1440 [ 9368670bd426ebea5e8b18a62416ec28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
14:39:54.0734 1440 i2omgmt - ok
14:39:54.0750 1440 [ f10863bf1ccc290babd1a09188ae49e0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
14:39:54.0765 1440 i2omp - ok
14:39:54.0812 1440 [ 4a0b06aa8943c1e332520f7440c0aa30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:39:54.0812 1440 i8042prt - ok
14:39:54.0828 1440 [ 083a052659f5310dd8b6a6cb05edcf8e ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:39:54.0843 1440 Imapi - ok
14:39:54.0859 1440 [ 30deaf54a9755bb8546168cfe8a6b5e1 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:39:54.0875 1440 ImapiService - ok
14:39:54.0890 1440 [ 4a40e045faee58631fd8d91afc620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
14:39:54.0890 1440 ini910u - ok
14:39:54.0968 1440 [ b5466a9250342a7aa0cd1fba13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
14:39:54.0968 1440 IntelIde - ok
14:39:54.0984 1440 [ 8c953733d8f36eb2133f5bb58808b66b ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:39:54.0984 1440 intelppm - ok
14:39:55.0015 1440 [ 3bb22519a194418d5fec05d800a19ad0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
14:39:55.0015 1440 Ip6Fw - ok
14:39:55.0046 1440 [ 731f22ba402ee4b62748adaf6363c182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:39:55.0046 1440 IpFilterDriver - ok
14:39:55.0062 1440 [ b87ab476dcf76e72010632b5550955f5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:39:55.0062 1440 IpInIp - ok
14:39:55.0109 1440 [ cc748ea12c6effde940ee98098bf96bb ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:39:55.0109 1440 IpNat - ok
14:39:55.0140 1440 [ 23c74d75e36e7158768dd63d92789a91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:39:55.0140 1440 IPSec - ok
14:39:55.0187 1440 [ c93c9ff7b04d772627a3646d89f7bf89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:39:55.0187 1440 IRENUM - ok
14:39:55.0234 1440 [ 05a299ec56e52649b1cf2fc52d20f2d7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:39:55.0234 1440 isapnp - ok
14:39:55.0250 1440 jcowysay - ok
14:39:55.0281 1440 [ 463c1ec80cd17420a542b7f36a36f128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:39:55.0281 1440 Kbdclass - ok
14:39:55.0312 1440 [ 9ef487a186dea361aa06913a75b3fa99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:39:55.0312 1440 kbdhid - ok
14:39:55.0343 1440 [ 692bcf44383d056aed41b045a323d378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:39:55.0343 1440 kmixer - ok
14:39:55.0390 1440 [ b467646c54cc746128904e1654c750c1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:39:55.0390 1440 KSecDD - ok
14:39:55.0437 1440 [ 3a7c3cbe5d96b8ae96ce81f0b22fb527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
14:39:55.0437 1440 lanmanserver - ok
14:39:55.0500 1440 [ a8888a5327621856c0cec4e385f69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:39:55.0500 1440 lanmanworkstation - ok
14:39:55.0515 1440 lbrtfdc - ok
14:39:55.0578 1440 [ a7db739ae99a796d91580147e919cc59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:39:55.0593 1440 LmHosts - ok
14:39:55.0640 1440 [ 7ffd29fafcde7aaf89b689b6e156d5b0 ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
14:39:55.0640 1440 mbamchameleon - ok
14:39:55.0765 1440 [ 7cf1b716372b89568ae4c0fe769f5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
14:39:55.0765 1440 MDM - ok
14:39:55.0796 1440 [ 986b1ff5814366d71e0ac5755c88f2d3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:39:55.0796 1440 Messenger - ok
14:39:55.0859 1440 [ 4ae068242760a1fb6e1a44bf4e16afa6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:39:55.0859 1440 mnmdd - ok
14:39:55.0921 1440 [ d18f1f0c101d06a1c1adf26eed16fcdd ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:39:55.0921 1440 mnmsrvc - ok
14:39:55.0984 1440 [ dfcbad3cec1c5f964962ae10e0bcc8e1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:39:55.0984 1440 Modem - ok
14:39:56.0015 1440 [ 35c9e97194c8cfb8430125f8dbc34d04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:39:56.0015 1440 Mouclass - ok
14:39:56.0062 1440 [ b1c303e17fb9d46e87a98e4ba6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:39:56.0062 1440 mouhid - ok
14:39:56.0093 1440 [ a80b9a0bad1b73637dbcbba7df72d3fd ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:39:56.0093 1440 MountMgr - ok
14:39:56.0140 1440 [ fee0baded54222e9f1dae9541212aab1 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
14:39:56.0140 1440 MpFilter - ok
14:39:56.0265 1440 [ a69630d039c38018689190234f866d77 ] MpKsl582c8cd5 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A050A479-1CAB-4F8E-8322-517EF3C46218}\MpKsl582c8cd5.sys
14:39:56.0265 1440 MpKsl582c8cd5 - ok
14:39:56.0296 1440 [ 3f4bb95e5a44f3be34824e8e7caf0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
14:39:56.0296 1440 mraid35x - ok
14:39:56.0343 1440 [ 11d42bb6206f33fbb3ba0288d3ef81bd ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:39:56.0343 1440 MRxDAV - ok
14:39:56.0375 1440 [ a137f1470499a205abbb9aafb3b6f2b1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:39:56.0375 1440 MSDTC - ok
14:39:56.0390 1440 [ c941ea2454ba8350021d774daf0f1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:39:56.0390 1440 Msfs - ok
14:39:56.0421 1440 MSIServer - ok
14:39:56.0453 1440 [ d1575e71568f4d9e14ca56b7b0453bf1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:39:56.0468 1440 MSKSSRV - ok
14:39:56.0578 1440 [ cfce43b70ca0cc4dcc8adb62b792b173 ] MsMpSvc c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
14:39:56.0578 1440 MsMpSvc - ok
14:39:56.0609 1440 [ 325bb26842fc7ccc1fcce2c457317f3e ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:39:56.0609 1440 MSPCLOCK - ok
14:39:56.0640 1440 [ bad59648ba099da4a17680b39730cb3d ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:39:56.0640 1440 MSPQM - ok
14:39:56.0687 1440 [ af5f4f3f14a8ea2c26de30f7a1e17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:39:56.0687 1440 mssmbios - ok
14:39:56.0718 1440 [ de6a75f5c270e756c5508d94b6cf68f5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:39:56.0718 1440 Mup - ok
14:39:56.0812 1440 [ 0102140028fad045756796e1c685d695 ] napagent C:\WINDOWS\System32\qagentrt.dll
14:39:56.0812 1440 napagent - ok
14:39:56.0828 1440 [ 1df7f42665c94b825322fae71721130d ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:39:56.0843 1440 NDIS - ok
14:39:56.0890 1440 [ 0109c4f3850dfbab279542515386ae22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:39:56.0890 1440 NdisTapi - ok
14:39:56.0953 1440 [ f927a4434c5028758a842943ef1a3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:39:56.0953 1440 Ndisuio - ok
14:39:56.0984 1440 [ edc1531a49c80614b2cfda43ca8659ab ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:39:56.0984 1440 NdisWan - ok
14:39:57.0015 1440 [ 9282bd12dfb069d3889eb3fcc1000a9b ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:39:57.0031 1440 NDProxy - ok
14:39:57.0046 1440 NecUsb - ok
14:39:57.0093 1440 [ 51c6d8bfbd4ea5b62a1ba7f4469250d3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
14:39:57.0093 1440 Net Driver HPZ12 - ok
14:39:57.0109 1440 [ 5d81cf9a2f1a3a756b66cf684911cdf0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:39:57.0109 1440 NetBIOS - ok
14:39:57.0171 1440 [ 74b2b2f5bea5e9a3dc021d685551bd3d ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:39:57.0171 1440 NetBT - ok
14:39:57.0187 1440 [ b857ba82860d7ff85ae29b095645563b ] NetDDE C:\WINDOWS\system32\netdde.exe
14:39:57.0187 1440 NetDDE - ok
14:39:57.0218 1440 [ b857ba82860d7ff85ae29b095645563b ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:39:57.0218 1440 NetDDEdsdm - ok
14:39:57.0265 1440 [ bf2466b3e18e970d8a976fb95fc1ca85 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:39:57.0265 1440 Netlogon - ok
14:39:57.0328 1440 [ 13e67b55b3abd7bf3fe7aae5a0f9a9de ] Netman C:\WINDOWS\System32\netman.dll
14:39:57.0328 1440 Netman - ok
14:39:57.0375 1440 [ 943337d786a56729263071623bbb9de5 ] Nla C:\WINDOWS\System32\mswsock.dll
14:39:57.0375 1440 Nla - ok
14:39:57.0406 1440 [ 3182d64ae053d6fb034f44b6def8034a ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:39:57.0406 1440 Npfs - ok
14:39:57.0437 1440 [ 78a08dd6a8d65e697c18e1db01c5cdca ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:39:57.0453 1440 Ntfs - ok
14:39:57.0468 1440 [ bf2466b3e18e970d8a976fb95fc1ca85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:39:57.0484 1440 NtLmSsp - ok
14:39:57.0546 1440 [ 156f64a3345bd23c600655fb4d10bc08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:39:57.0546 1440 NtmsSvc - ok
14:39:57.0578 1440 [ 73c1e1f395918bc2c6dd67af7591a3ad ] Null C:\WINDOWS\system32\drivers\Null.sys
14:39:57.0578 1440 Null - ok
14:39:57.0671 1440 [ 2b298519edbfcf451d43e0f1e8f1006d ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:39:57.0687 1440 nv - ok
14:39:57.0734 1440 [ b305f3fad35083837ef46a0bbce2fc57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:39:57.0734 1440 NwlnkFlt - ok
14:39:57.0750 1440 [ c99b3415198d1aab7227f2c88fd664b9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:39:57.0750 1440 NwlnkFwd - ok
14:39:57.0828 1440 [ 1f0e05dff4f5a833168e49be1256f002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:39:57.0843 1440 odserv - ok
14:39:57.0859 1440 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:39:57.0859 1440 ose - ok
14:39:57.0921 1440 [ 5575faf8f97ce5e713d108c2a58d7c7c ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
14:39:57.0921 1440 Parport - ok
14:39:57.0937 1440 [ beb3ba25197665d82ec7065b724171c6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:39:57.0937 1440 PartMgr - ok
14:39:57.0984 1440 [ 70e98b3fd8e963a6a46a2e6247e0bea1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:39:57.0984 1440 ParVdm - ok
14:39:58.0015 1440 [ a219903ccf74233761d92bef471a07b1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:39:58.0015 1440 PCI - ok
14:39:58.0031 1440 PCIDump - ok
14:39:58.0062 1440 [ ccf5f451bb1a5a2a522a76e670000ff0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:39:58.0062 1440 PCIIde - ok
14:39:58.0093 1440 [ 9e89ef60e9ee05e3f2eef2da7397f1c1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:39:58.0093 1440 Pcmcia - ok
14:39:58.0109 1440 PDCOMP - ok
14:39:58.0140 1440 PDFRAME - ok
14:39:58.0156 1440 PDRELI - ok
14:39:58.0187 1440 PDRFRAME - ok
14:39:58.0218 1440 [ 6c14b9c19ba84f73d3a86dba11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
14:39:58.0218 1440 perc2 - ok
14:39:58.0250 1440 [ f50f7c27f131afe7beba13e14a3b9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
14:39:58.0250 1440 perc2hib - ok
14:39:58.0343 1440 [ 65df52f5b8b6e9bbd183505225c37315 ] PlugPlay C:\WINDOWS\system32\services.exe
14:39:58.0343 1440 PlugPlay - ok
14:39:58.0375 1440 [ 79834aa2fbf9fe81eebb229024f6f7fc ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
14:39:58.0375 1440 Pml Driver HPZ12 - ok
14:39:58.0390 1440 [ bf2466b3e18e970d8a976fb95fc1ca85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:39:58.0406 1440 PolicyAgent - ok
14:39:58.0421 1440 [ efeec01b1d3cf84f16ddd24d9d9d8f99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:39:58.0421 1440 PptpMiniport - ok
14:39:58.0437 1440 [ bf2466b3e18e970d8a976fb95fc1ca85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:39:58.0437 1440 ProtectedStorage - ok
14:39:58.0468 1440 [ 09298ec810b07e5d582cb3a3f9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:39:58.0468 1440 PSched - ok
14:39:58.0500 1440 [ 80d317bd1c3dbc5d4fe7b1678c60cadd ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:39:58.0500 1440 Ptilink - ok
14:39:58.0515 1440 [ 0a63fb54039eb5662433caba3b26dba7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
14:39:58.0531 1440 ql1080 - ok
14:39:58.0546 1440 [ 6503449e1d43a0ff0201ad5cb1b8c706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
14:39:58.0546 1440 Ql10wnt - ok
14:39:58.0593 1440 [ 156ed0ef20c15114ca097a34a30d8a01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
14:39:58.0593 1440 ql12160 - ok
14:39:58.0609 1440 [ 70f016bebde6d29e864c1230a07cc5e6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
14:39:58.0609 1440 ql1240 - ok
14:39:58.0640 1440 [ 907f0aeea6bc451011611e732bd31fcf ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
14:39:58.0640 1440 ql1280 - ok
14:39:58.0656 1440 [ fe0d99d6f31e4fad8159f690d68ded9c ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:39:58.0656 1440 RasAcd - ok
14:39:58.0703 1440 [ ad188be7bdf94e8df4ca0a55c00a5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:39:58.0703 1440 RasAuto - ok
14:39:58.0750 1440 [ 11b4a627bc9614b885c4969bfa5ff8a6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:39:58.0750 1440 Rasl2tp - ok
14:39:58.0812 1440 [ 76a9a3cbeadd68cc57cda5e1d7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:39:58.0812 1440 RasMan - ok
14:39:58.0843 1440 [ 5bc962f2654137c9909c3d4603587dee ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:39:58.0843 1440 RasPppoe - ok
14:39:58.0859 1440 [ fdbb1d60066fcfbb7452fd8f9829b242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:39:58.0859 1440 Raspti - ok
14:39:58.0890 1440 [ 7ad224ad1a1437fe28d89cf22b17780a ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:39:58.0890 1440 Rdbss - ok
14:39:58.0906 1440 [ 4912d5b403614ce99c28420f75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:39:58.0906 1440 RDPCDD - ok
14:39:58.0953 1440 [ 15cabd0f7c00c47c70124907916af3f1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:39:58.0953 1440 rdpdr - ok
14:39:59.0031 1440 [ fc105dd312ed64eb66bff111e8ec6eac ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:39:59.0031 1440 RDPWD - ok
14:39:59.0062 1440 [ 3c37bf86641bda977c3bf8a840f3b7fa ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:39:59.0078 1440 RDSessMgr - ok
14:39:59.0093 1440 [ f828dd7e1419b6653894a8f97a0094c5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:39:59.0093 1440 redbook - ok
14:39:59.0140 1440 [ 7e699ff5f59b5d9de5390e3c34c67cf5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:39:59.0140 1440 RemoteAccess - ok
14:39:59.0156 1440 [ 5b19b557b0c188210a56a6b699d90b8f ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:39:59.0156 1440 RemoteRegistry - ok
14:39:59.0203 1440 [ aaed593f84afa419bbae8572af87cf6a ] RpcLocator C:\WINDOWS\system32\locator.exe
14:39:59.0218 1440 RpcLocator - ok
14:39:59.0250 1440 [ 6b27a5c03dfb94b4245739065431322c ] RpcSs C:\WINDOWS\System32\rpcss.dll
14:39:59.0250 1440 RpcSs - ok
14:39:59.0312 1440 [ 471b3f9741d762abe75e9deea4787e47 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:39:59.0328 1440 RSVP - ok
14:39:59.0343 1440 [ bf2466b3e18e970d8a976fb95fc1ca85 ] SamSs C:\WINDOWS\system32\lsass.exe
14:39:59.0359 1440 SamSs - ok
14:39:59.0375 1440 [ 86d007e7a654b9a71d1d7d856b104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:39:59.0390 1440 SCardSvr - ok
14:39:59.0453 1440 [ 0a9a7365a1ca4319aa7c1d6cd8e4eafa ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:39:59.0453 1440 Schedule - ok
14:39:59.0531 1440 [ 90a3935d05b494a5a39d37e71f09a677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:39:59.0531 1440 Secdrv - ok
14:39:59.0546 1440 [ cbe612e2bb6a10e3563336191eda1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:39:59.0562 1440 seclogon - ok
14:39:59.0625 1440 [ b6a6b409fda9d9ebd3aadb838d3d7173 ] SenFiltService C:\WINDOWS\system32\drivers\Senfilt.sys
14:39:59.0625 1440 SenFiltService - ok
14:39:59.0656 1440 [ 7fdd5d0684eca8c1f68b4d99d124dcd0 ] SENS C:\WINDOWS\system32\sens.dll
14:39:59.0656 1440 SENS - ok
14:39:59.0718 1440 [ 0f29512ccd6bead730039fb4bd2c85ce ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:39:59.0718 1440 serenum - ok
14:39:59.0734 1440 [ cca207a8896d4c6a0c9ce29a4ae411a7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:39:59.0734 1440 Serial - ok
14:39:59.0765 1440 [ 8e6b8c671615d126fdc553d1e2de5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:39:59.0765 1440 Sfloppy - ok
14:39:59.0828 1440 [ 83f41d0d89645d7235c051ab1d9523ac ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:39:59.0843 1440 SharedAccess - ok
14:39:59.0875 1440 [ 99bc0b50f511924348be19c7c7313bbf ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:39:59.0875 1440 ShellHWDetection - ok
14:39:59.0890 1440 Simbad - ok
14:39:59.0921 1440 [ 6b33d0ebd30db32e27d1d78fe946a754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
14:39:59.0921 1440 sisagp - ok
14:39:59.0968 1440 [ 83c0f71f86d3bdaf915685f3d568b20e ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
14:39:59.0968 1440 Sparrow - ok
14:39:59.0984 1440 [ ab8b92451ecb048a4d1de7c3ffcb4a9f ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:39:59.0984 1440 splitter - ok
14:40:00.0046 1440 [ 60784f891563fb1b767f70117fc2428f ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:40:00.0046 1440 Spooler - ok
14:40:00.0109 1440 [ 76bb022c2fb6902fd5bdd4f78fc13a5d ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:40:00.0109 1440 sr - ok
14:40:00.0171 1440 [ 3805df0ac4296a34ba4bf93b346cc378 ] srservice C:\WINDOWS\system32\srsvc.dll
14:40:00.0187 1440 srservice - ok
14:40:00.0250 1440 [ 47ddfc2f003f7f9f0592c6874962a2e7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:40:00.0250 1440 Srv - ok
14:40:00.0281 1440 [ 0a5679b3714edab99e357057ee88fca6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:40:00.0281 1440 SSDPSRV - ok
14:40:00.0312 1440 [ 8bad69cbac032d4bbacfce0306174c30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:40:00.0328 1440 stisvc - ok
14:40:00.0375 1440 [ 3941d127aef12e93addf6fe6ee027e0f ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:40:00.0375 1440 swenum - ok
14:40:00.0406 1440 [ 8ce882bcc6cf8a62f2b2323d95cb3d01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:40:00.0406 1440 swmidi - ok
14:40:00.0437 1440 SwPrv - ok
14:40:00.0468 1440 [ 1ff3217614018630d0a6758630fc698c ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
14:40:00.0468 1440 symc810 - ok
14:40:00.0500 1440 [ 070e001d95cf725186ef8b20335f933c ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
14:40:00.0500 1440 symc8xx - ok
14:40:00.0531 1440 [ 80ac1c4abbe2df3b738bf15517a51f2c ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
14:40:00.0531 1440 sym_hi - ok
14:40:00.0546 1440 [ bf4fab949a382a8e105f46ebb4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
14:40:00.0546 1440 sym_u3 - ok
14:40:00.0593 1440 [ 8b83f3ed0f1688b4958f77cd6d2bf290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:40:00.0593 1440 sysaudio - ok
14:40:00.0656 1440 [ c7abbc59b43274b1109df6b24d617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:40:00.0671 1440 SysmonLog - ok
14:40:00.0687 1440 [ 3cb78c17bb664637787c9a1c98f79c38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:40:00.0703 1440 TapiSrv - ok
14:40:00.0781 1440 [ 9aefa14bd6b182d61e3119fa5f436d3d ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:40:00.0781 1440 Tcpip - ok
14:40:00.0812 1440 [ 6471a66807f5e104e4885f5b67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:40:00.0812 1440 TDPIPE - ok
14:40:00.0828 1440 [ c56b6d0402371cf3700eb322ef3aaf61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:40:00.0843 1440 TDTCP - ok
14:40:00.0890 1440 [ 88155247177638048422893737429d9e ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:40:00.0890 1440 TermDD - ok
14:40:00.0921 1440 [ ff3477c03be7201c294c35f684b3479f ] TermService C:\WINDOWS\System32\termsrv.dll
14:40:00.0921 1440 TermService - ok
14:40:00.0953 1440 [ 99bc0b50f511924348be19c7c7313bbf ] Themes C:\WINDOWS\System32\shsvcs.dll
14:40:00.0953 1440 Themes - ok
14:40:01.0015 1440 [ db7205804759ff62c34e3efd8a4cc76a ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
14:40:01.0015 1440 TlntSvr - ok
14:40:01.0046 1440 [ f2790f6af01321b172aa62f8e1e187d9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
14:40:01.0046 1440 TosIde - ok
14:40:01.0093 1440 [ 55bca12f7f523d35ca3cb833c725f54e ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:40:01.0093 1440 TrkWks - ok
14:40:01.0140 1440 [ 5787b80c2e3c5e2f56c2a233d91fa2c9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:40:01.0140 1440 Udfs - ok
14:40:01.0156 1440 [ 1b698a51cd528d8da4ffaed66dfc51b9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
14:40:01.0156 1440 ultra - ok
14:40:01.0250 1440 [ 402ddc88356b1bac0ee3dd1580c76a31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:40:01.0250 1440 Update - ok
14:40:01.0312 1440 [ 1ebafeb9a3fbdc41b8d9c7f0f687ad91 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:40:01.0328 1440 upnphost - ok
14:40:01.0390 1440 [ 05365fb38fca1e98f7a566aaaf5d1815 ] UPS C:\WINDOWS\System32\ups.exe
14:40:01.0390 1440 UPS - ok
14:40:01.0421 1440 [ 173f317ce0db8e21322e71b7e60a27e8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:40:01.0421 1440 usbccgp - ok
14:40:01.0453 1440 [ 65dcf09d0e37d4c6b11b5b0b76d470a7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:40:01.0453 1440 usbehci - ok
14:40:01.0484 1440 [ 1ab3cdde553b6e064d2e754efe20285c ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:40:01.0484 1440 usbhub - ok
14:40:01.0500 1440 [ 0daecce65366ea32b162f85f07c6753b ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
14:40:01.0500 1440 usbohci - ok
14:40:01.0531 1440 [ a717c8721046828520c9edf31288fc00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:40:01.0531 1440 usbprint - ok
14:40:01.0546 1440 [ a0b8cf9deb1184fbdd20784a58fa75d4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:40:01.0546 1440 usbscan - ok
14:40:01.0578 1440 [ a32426d9b14a089eaa1d922e0c5801a9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:40:01.0578 1440 USBSTOR - ok
14:40:01.0609 1440 [ 26496f9dee2d787fc3e61ad54821ffe6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:40:01.0609 1440 usbuhci - ok
14:40:01.0640 1440 [ 0d3a8fafceacd8b7625cd549757a7df1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:40:01.0640 1440 VgaSave - ok
14:40:01.0656 1440 [ 754292ce5848b3738281b4f3607eaef4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
14:40:01.0656 1440 viaagp - ok
14:40:01.0703 1440 [ 3b3efcda263b8ac14fdf9cbdd0791b2e ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
14:40:01.0703 1440 ViaIde - ok
14:40:01.0750 1440 [ 4c8fcb5cc53aab716d810740fe59d025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:40:01.0750 1440 VolSnap - ok
14:40:01.0781 1440 [ 7a9db3a67c333bf0bd42e42b8596854b ] VSS C:\WINDOWS\System32\vssvc.exe
14:40:01.0796 1440 VSS - ok
14:40:01.0828 1440 [ 54af4b1d5459500ef0937f6d33b1914f ] w32time C:\WINDOWS\system32\w32time.dll
14:40:01.0828 1440 w32time - ok
14:40:01.0859 1440 [ e20b95baedb550f32dd489265c1da1f6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:40:01.0859 1440 Wanarp - ok
14:40:01.0890 1440 WDICA - ok
14:40:01.0921 1440 [ 6768acf64b18196494413695f0c3a00f ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:40:01.0921 1440 wdmaud - ok
14:40:01.0953 1440 [ 77a354e28153ad2d5e120a5a8687bc06 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:40:01.0953 1440 WebClient - ok
14:40:02.0062 1440 [ 2d0e4ed081963804ccc196a0929275b5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:40:02.0078 1440 winmgmt - ok
14:40:02.0156 1440 [ c51b4a5c05a5475708e3c81c7765b71d ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:40:02.0156 1440 WmdmPmSN - ok
14:40:02.0218 1440 [ e76f8807070ed04e7408a86d6d3a6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
14:40:02.0234 1440 Wmi - ok
14:40:02.0281 1440 [ e0673f1106e62a68d2257e376079f821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:40:02.0281 1440 WmiApSrv - ok
14:40:02.0406 1440 [ f74e3d9a7fa9556c3bbb14d4e5e63d3b ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
14:40:02.0421 1440 WMPNetworkSvc - ok
14:40:02.0453 1440 [ 6abe6e225adb5a751622a9cc3bc19ce8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:40:02.0453 1440 WS2IFSL - ok
14:40:02.0515 1440 [ 7c278e6408d1dce642230c0585a854d5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:40:02.0515 1440 wscsvc - ok
14:40:02.0562 1440 [ 35321fb577cdc98ce3eb3a3eb9e4610a ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:40:02.0578 1440 wuauserv - ok
14:40:02.0609 1440 [ f15feafffbb3644ccc80c5da584e6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:40:02.0609 1440 WudfPf - ok
14:40:02.0625 1440 [ 28b524262bce6de1f7ef9f510ba3985b ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:40:02.0625 1440 WudfRd - ok
14:40:02.0656 1440 [ 05231c04253c5bc30b26cbaae680ed89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:40:02.0656 1440 WudfSvc - ok
14:40:02.0718 1440 [ 81dc3f549f44b1c1fff022dec9ecf30b ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:40:02.0734 1440 WZCSVC - ok
14:40:02.0781 1440 [ 295d21f14c335b53cb8154e5b1f892b9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:40:02.0781 1440 xmlprov - ok
14:40:02.0796 1440 ================ Scan global ===============================
14:40:02.0828 1440 (42f1f4c0afb08410e5f02d4b13ebb623) C:\WINDOWS\system32\basesrv.dll
14:40:02.0890 1440 (95cf3446911a6e25ee4086df8a45b2aa) C:\WINDOWS\system32\winsrv.dll
14:40:02.0890 1440 (95cf3446911a6e25ee4086df8a45b2aa) C:\WINDOWS\system32\winsrv.dll
14:40:02.0921 1440 (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
14:40:02.0921 1440 [Global] - ok
14:40:02.0921 1440 ================ Scan MBR ==================================
14:40:02.0953 1440 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
14:40:03.0296 1440 \Device\Harddisk0\DR0 - ok
14:40:03.0296 1440 ================ Scan VBR ==================================
14:40:03.0343 1440 Boot (0x1200) (acc0bec2dcb7e35b47e1e28ccc1684a2) \Device\Harddisk0\DR0\Partition1
14:40:03.0343 1440 \Device\Harddisk0\DR0\Partition1 - ok
14:40:03.0343 1440 ============================================================
14:40:03.0343 1440 Scan finished
14:40:03.0343 1440 ============================================================
14:40:03.0375 1584 Detected object count: 0
14:40:03.0375 1584 Actual detected object count: 0
14:40:08.0156 1412 Deinitialize success

aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-16 14:46:14
-----------------------------
14:46:14.156 OS Version: Windows 5.1.2600 Service Pack 3
14:46:14.156 Number of processors: 2 586 0x407
14:46:14.156 ComputerName: JUSTIN UserName:
14:46:14.781 Initialize success
14:49:10.015 AVAST engine defs: 12081600
14:51:14.218 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
14:51:14.234 Disk 0 Vendor: SAMSUNG_HD160JJ/P ZM100-34 Size: 152587MB BusType: 3
14:51:14.265 Disk 0 MBR read successfully
14:51:14.281 Disk 0 MBR scan
14:51:14.312 Disk 0 Windows XP default MBR code
14:51:14.328 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
14:51:14.359 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 152539 MB offset 80325
14:51:14.375 Disk 0 scanning sectors +312480315
14:51:14.484 Disk 0 scanning C:\WINDOWS\system32\drivers
14:51:24.375 Service scanning
14:51:25.437 Service .mrxsmb \* **LOCKED** 123
14:51:38.625 Modules scanning
14:51:43.468 Disk 0 trace - called modules:
14:51:45.078 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll atiide.sys PCIIDEX.SYS
14:51:45.156 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b75958]
14:51:45.234 3 CLASSPNP.SYS[f7677fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x86b7dd98]
14:51:45.796 AVAST engine scan C:\WINDOWS
14:51:51.281 AVAST engine scan C:\WINDOWS\system32
14:53:16.421 File: C:\WINDOWS\system32\USB3Nw32.dll **INFECTED** Win32:Malware-gen
14:53:47.812 AVAST engine scan C:\WINDOWS\system32\drivers
14:54:04.515 AVAST engine scan C:\Documents and Settings\Administrator
14:54:27.531 AVAST engine scan C:\Documents and Settings\All Users
14:54:54.484 Scan finished successfully
14:58:18.546 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
14:58:18.578 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR.txt"

ESET:

C:\Documents and Settings\NetworkService\Local Settings\Application Data\hretywa.dll Win32/TrojanProxy.Agent.NIF trojan cleaned by deleting (after the next restart) - quarantined
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\7DLHB4WU\xxxd[1].htm HTML/IFrame.L trojan cleaned by deleting - quarantined
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP1881\A0086700.dll Win32/TrojanProxy.Agent.NIF trojan cleaned by deleting - quarantined
C:\WINDOWS\system32\USB3Nw32.dll a variant of Win32/Wimpixo.AU trojan cleaned by deleting (after the next restart) - quarantined

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:23 AM

Posted 16 August 2012 - 04:10 PM

Reboot to normal mode

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



Download

adware cleaner

Launch it click on Delete

post the generated log

#11 jss8381

jss8381
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 16 August 2012 - 04:17 PM

TKSSKiller log:

14:39:27.0546 1464 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
14:39:28.0250 1464 ============================================================
14:39:28.0250 1464 Current date / time: 2012/08/16 14:39:28.0250
14:39:28.0250 1464 SystemInfo:
14:39:28.0250 1464
14:39:28.0250 1464 OS Version: 5.1.2600 ServicePack: 3.0
14:39:28.0250 1464 Product type: Workstation
14:39:28.0250 1464 ComputerName: JUSTIN
14:39:28.0250 1464 UserName: Administrator
14:39:28.0250 1464 Windows directory: C:\WINDOWS
14:39:28.0250 1464 System windows directory: C:\WINDOWS
14:39:28.0250 1464 Processor architecture: Intel x86
14:39:28.0250 1464 Number of processors: 2
14:39:28.0250 1464 Page size: 0x1000
14:39:28.0250 1464 Boot type: Safe boot with network
14:39:28.0250 1464 ============================================================
14:39:29.0656 1464 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:39:29.0671 1464 ============================================================
14:39:29.0671 1464 \Device\Harddisk0\DR0:
14:39:29.0671 1464 MBR partitions:
14:39:29.0671 1464 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x129ED876
14:39:29.0671 1464 ============================================================
14:39:29.0703 1464 C: <-> \Device\Harddisk0\DR0\Partition1
14:39:29.0703 1464 ============================================================
14:39:29.0703 1464 Initialize success
14:39:29.0703 1464 ============================================================
14:39:48.0968 1440 ============================================================
14:39:48.0968 1440 Scan started
14:39:48.0968 1440 Mode: Manual; TDLFS;
14:39:48.0968 1440 ============================================================
14:39:49.0500 1440 ================ Scan services =============================
14:39:49.0515 1440 .mrxsmb - ok
14:39:49.0671 1440 Abiosdsk - ok
14:39:49.0718 1440 [ 6abb91494fe6c59089b9336452ab2ea3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
14:39:49.0718 1440 abp480n5 - ok
14:39:49.0796 1440 [ 8fd99680a539792a30e97944fdaecf17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:39:49.0796 1440 ACPI - ok
14:39:49.0843 1440 [ 9859c0f6936e723e4892d7141b1327d5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:39:49.0843 1440 ACPIEC - ok
14:39:49.0890 1440 [ f959f333a01f5c109e9d644c3bd8301c ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
14:39:49.0890 1440 ADIHdAudAddService - ok
14:39:49.0937 1440 [ 9a11864873da202c996558b2106b0bbc ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
14:39:49.0937 1440 adpu160m - ok
14:39:50.0000 1440 [ 8bed39e3c35d6a489438b8141717a557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:39:50.0000 1440 aec - ok
14:39:50.0062 1440 [ 1e44bc1e83d8fd2305f8d452db109cf9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:39:50.0062 1440 AFD - ok
14:39:50.0109 1440 [ 08fd04aa961bdc77fb983f328334e3d7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
14:39:50.0109 1440 agp440 - ok
14:39:50.0140 1440 [ 03a7e0922acfe1b07d5db2eeb0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
14:39:50.0140 1440 agpCPQ - ok
14:39:50.0156 1440 [ c23ea9b5f46c7f7910db3eab648ff013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
14:39:50.0156 1440 Aha154x - ok
14:39:50.0187 1440 [ 19dd0fb48b0c18892f70e2e7d61a1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
14:39:50.0203 1440 aic78u2 - ok
14:39:50.0218 1440 [ b7fe594a7468aa0132deb03fb8e34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
14:39:50.0218 1440 aic78xx - ok
14:39:50.0265 1440 [ a9a3daa780ca6c9671a19d52456705b4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:39:50.0281 1440 Alerter - ok
14:39:50.0312 1440 [ 8c515081584a38aa007909cd02020b3d ] ALG C:\WINDOWS\System32\alg.exe
14:39:50.0312 1440 ALG - ok
14:39:50.0359 1440 [ 1140ab9938809700b46bb88e46d72a96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
14:39:50.0359 1440 AliIde - ok
14:39:50.0390 1440 [ cb08aed0de2dd889a8a820cd8082d83c ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
14:39:50.0406 1440 alim1541 - ok
14:39:50.0421 1440 [ 95b4fb835e28aa1336ceeb07fd5b9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
14:39:50.0421 1440 amdagp - ok
14:39:50.0468 1440 [ 79f5add8d24bd6893f2903a3e2f3fad6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
14:39:50.0468 1440 amsint - ok
14:39:50.0515 1440 [ d8849f77c0b66226335a59d26cb4edc6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:39:50.0515 1440 AppMgmt - ok
14:39:50.0546 1440 [ 62d318e9a0c8fc9b780008e724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
14:39:50.0546 1440 asc - ok
14:39:50.0562 1440 [ 69eb0cc7714b32896ccbfd5edcbea447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
14:39:50.0562 1440 asc3350p - ok
14:39:50.0593 1440 [ 5d8de112aa0254b907861e9e9c31d597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
14:39:50.0593 1440 asc3550 - ok
14:39:50.0750 1440 [ e1a1206a4fb19b675e947b29ccd25fba ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
14:39:50.0750 1440 aspnet_state - ok
14:39:50.0828 1440 [ b153affac761e7f5fcfa822b9c4e97bc ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:39:50.0828 1440 AsyncMac - ok
14:39:50.0859 1440 [ 9f3a2f5aa6875c72bf062c712cfa2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:39:50.0859 1440 atapi - ok
14:39:50.0875 1440 Atdisk - ok
14:39:50.0953 1440 [ c23082b890f21267037ca6111c385ff3 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
14:39:50.0968 1440 Ati HotKey Poller - ok
14:39:51.0046 1440 [ f5fc6ac1e7bc776871361d463fc86be2 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
14:39:51.0062 1440 ati2mtag - ok
14:39:51.0125 1440 [ 1842b56b3d3f195c36f62708d266b95e ] atiide C:\WINDOWS\system32\DRIVERS\atiide.sys
14:39:51.0125 1440 atiide - ok
14:39:51.0171 1440 [ 9916c1225104ba14794209cfa8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:39:51.0171 1440 Atmarpc - ok
14:39:51.0218 1440 [ def7a7882bec100fe0b2ce2549188f9d ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:39:51.0218 1440 AudioSrv - ok
14:39:51.0250 1440 [ d9f724aa26c010a217c97606b160ed68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:39:51.0250 1440 audstub - ok
14:39:51.0281 1440 [ 78e7b52da292fa90bad2f887bbf22159 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
14:39:51.0281 1440 bcm4sbxp - ok
14:39:51.0312 1440 [ da1f27d85e0d1525f6621372e7b685e9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:39:51.0312 1440 Beep - ok
14:39:51.0390 1440 [ 574738f61fca2935f5265dc4e5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
14:39:51.0437 1440 BITS - ok
14:39:51.0484 1440 [ a06ce3399d16db864f55faeb1f1927a9 ] Browser C:\WINDOWS\System32\browser.dll
14:39:51.0484 1440 Browser - ok
14:39:51.0500 1440 catchme - ok
14:39:51.0531 1440 [ 90a673fc8e12a79afbed2576f6a7aaf9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
14:39:51.0531 1440 cbidf - ok
14:39:51.0562 1440 [ 90a673fc8e12a79afbed2576f6a7aaf9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:39:51.0562 1440 cbidf2k - ok
14:39:51.0609 1440 [ f3ec03299634490e97bbce94cd2954c7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
14:39:51.0609 1440 cd20xrnt - ok
14:39:51.0640 1440 [ c1b486a7658353d33a10cc15211a873b ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:39:51.0640 1440 Cdaudio - ok
14:39:51.0656 1440 [ c885b02847f5d2fd45a24e219ed93b32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:39:51.0656 1440 Cdfs - ok
14:39:51.0687 1440 [ 1f4260cc5b42272d71f79e570a27a4fe ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:39:51.0687 1440 Cdrom - ok
14:39:51.0718 1440 Changer - ok
14:39:51.0750 1440 [ 1cfe720eb8d93a7158a4ebc3ab178bde ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:39:51.0750 1440 CiSvc - ok
14:39:51.0796 1440 [ 34cbe729f38138217f9c80212a2a0c82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:39:51.0796 1440 ClipSrv - ok
14:39:51.0812 1440 [ e5dcb56c533014ecbc556a8357c929d5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
14:39:51.0812 1440 CmdIde - ok
14:39:51.0828 1440 COMSysApp - ok
14:39:51.0890 1440 [ 3ee529119eed34cd212a215e8c40d4b6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
14:39:51.0890 1440 Cpqarray - ok
14:39:51.0921 1440 [ 3d4e199942e29207970e04315d02ad3b ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:39:51.0921 1440 CryptSvc - ok
14:39:51.0953 1440 [ e550e7418984b65a78299d248f0a7f36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
14:39:51.0953 1440 dac2w2k - ok
14:39:51.0968 1440 [ 683789caa3864eb46125ae86ff677d34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
14:39:51.0968 1440 dac960nt - ok
14:39:52.0046 1440 [ 6b27a5c03dfb94b4245739065431322c ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:39:52.0062 1440 DcomLaunch - ok
14:39:52.0078 1440 [ 5e38d7684a49cacfb752b046357e0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:39:52.0078 1440 Dhcp - ok
14:39:52.0109 1440 [ 044452051f3e02e7963599fc8f4f3e25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:39:52.0109 1440 Disk - ok
14:39:52.0125 1440 dmadmin - ok
14:39:52.0187 1440 [ d992fe1274bde0f84ad826acae022a41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:39:52.0203 1440 dmboot - ok
14:39:52.0250 1440 [ 7c824cf7bbde77d95c08005717a95f6f ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:39:52.0250 1440 dmio - ok
14:39:52.0265 1440 [ e9317282a63ca4d188c0df5e09c6ac5f ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:39:52.0265 1440 dmload - ok
14:39:52.0328 1440 [ 57edec2e5f59f0335e92f35184bc8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:39:52.0328 1440 dmserver - ok
14:39:52.0359 1440 [ 8a208dfcf89792a484e76c40e5f50b45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:39:52.0359 1440 DMusic - ok
14:39:52.0421 1440 [ 5f7e24fa9eab896051ffb87f840730d2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:39:52.0421 1440 Dnscache - ok
14:39:52.0453 1440 [ 0f0f6e687e5e15579ef4da8dd6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:39:52.0468 1440 Dot3svc - ok
14:39:52.0484 1440 [ 40f3b93b4e5b0126f2f5c0a7a5e22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
14:39:52.0484 1440 dpti2o - ok
14:39:52.0531 1440 [ 8f5fcff8e8848afac920905fbd9d33c8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:39:52.0531 1440 drmkaud - ok
14:39:52.0609 1440 DSproct - ok
14:39:52.0625 1440 [ 3fca03cbca11269f973b70fa483c88ef ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
14:39:52.0625 1440 E100B - ok
14:39:52.0656 1440 [ 3b2e8f97b6869c29da023ee75bf585d5 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
14:39:52.0671 1440 eamon - ok
14:39:52.0703 1440 [ 2187855a7703adef0cef9ee4285182cc ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:39:52.0703 1440 EapHost - ok
14:39:52.0750 1440 [ 4fad054cbcaa296be7bd2cb77da9d9b4 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
14:39:52.0750 1440 ehdrv - ok
14:39:52.0875 1440 [ a292d2284353af1350a6a3c20d231098 ] EhttpSrv C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
14:39:52.0875 1440 EhttpSrv - ok
14:39:52.0937 1440 [ 8791f03854611deac8d2967c1c958a7e ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
14:39:52.0953 1440 ekrn - ok
14:39:52.0984 1440 [ d2a915b725845c3eda5a68ed2da74700 ] epfwtdir C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
14:39:52.0984 1440 epfwtdir - ok
14:39:53.0015 1440 [ bc93b4a066477954555966d77fec9ecb ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:39:53.0031 1440 ERSvc - ok
14:39:53.0078 1440 [ 65df52f5b8b6e9bbd183505225c37315 ] Eventlog C:\WINDOWS\system32\services.exe
14:39:53.0125 1440 Eventlog - ok
14:39:53.0187 1440 [ d4991d98f2db73c60d042f1aef79efae ] EventSystem C:\WINDOWS\system32\es.dll
14:39:53.0187 1440 EventSystem - ok
14:39:53.0218 1440 [ 38d332a6d56af32635675f132548343e ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:39:53.0218 1440 Fastfat - ok
14:39:53.0296 1440 [ 99bc0b50f511924348be19c7c7313bbf ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:39:53.0296 1440 FastUserSwitchingCompatibility - ok
14:39:53.0359 1440 [ e97d6a8684466df94ff3bc24fb787a07 ] Fax C:\WINDOWS\system32\fxssvc.exe
14:39:53.0375 1440 Fax - ok
14:39:53.0390 1440 fbyntuep - ok
14:39:53.0421 1440 [ 92cdd60b6730b9f50f6a1a0c1f8cdc81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
14:39:53.0421 1440 Fdc - ok
14:39:53.0484 1440 [ d45926117eb9fa946a6af572fbe1caa3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:39:53.0484 1440 Fips - ok
14:39:53.0578 1440 [ 227846995afeefa70d328bf5334a86a5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:39:53.0593 1440 FLEXnet Licensing Service - ok
14:39:53.0609 1440 [ 9d27e7b80bfcdf1cdd9b555862d5e7f0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:39:53.0609 1440 Flpydisk - ok
14:39:53.0687 1440 [ b2cf4b0786f8212cb92ed2b50c6db6b0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
14:39:53.0687 1440 FltMgr - ok
14:39:53.0718 1440 [ 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:39:53.0718 1440 Fs_Rec - ok
14:39:53.0750 1440 [ 6ac26732762483366c3969c9e4d2259d ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:39:53.0750 1440 Ftdisk - ok
14:39:53.0890 1440 [ 9f5f2f0fb0a7f5aa9f16b9a7b6dad89f ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
14:39:53.0890 1440 GoogleDesktopManager-051210-111108 - ok
14:39:53.0921 1440 [ 0a02c63c8b144bd8c86b103dee7c86a2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:39:53.0921 1440 Gpc - ok
14:39:53.0984 1440 [ 626a24ed1228580b9518c01930936df9 ] gupdate1ca00077466cf0a C:\Program Files\Google\Update\GoogleUpdate.exe
14:39:53.0984 1440 gupdate1ca00077466cf0a - ok
14:39:54.0015 1440 [ 626a24ed1228580b9518c01930936df9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:39:54.0015 1440 gupdatem - ok
14:39:54.0093 1440 [ 408ddd80eede47175f6844817b90213e ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:39:54.0109 1440 gusvc - ok
14:39:54.0140 1440 [ 573c7d0a32852b48f3058cfd8026f511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:39:54.0140 1440 HDAudBus - ok
14:39:54.0234 1440 [ 4fcca060dfe0c51a09dd5c3843888bcd ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:39:54.0234 1440 helpsvc - ok
14:39:54.0296 1440 [ deb04da35cc871b6d309b77e1443c796 ] HidServ C:\WINDOWS\System32\hidserv.dll
14:39:54.0296 1440 HidServ - ok
14:39:54.0328 1440 [ ccf82c5ec8a7326c3066de870c06daf1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:39:54.0328 1440 HidUsb - ok
14:39:54.0359 1440 [ 8878bd685e490239777bfe51320b88e9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:39:54.0359 1440 hkmsvc - ok
14:39:54.0578 1440 hpdj - ok
14:39:54.0609 1440 [ b028377dea0546a5fcfba928a8aefae0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
14:39:54.0609 1440 hpn - ok
14:39:54.0671 1440 [ f80a415ef82cd06ffaf0d971528ead38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:39:54.0671 1440 HTTP - ok
14:39:54.0703 1440 [ 6100a808600f44d999cebdef8841c7a3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:39:54.0718 1440 HTTPFilter - ok
14:39:54.0734 1440 [ 9368670bd426ebea5e8b18a62416ec28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
14:39:54.0734 1440 i2omgmt - ok
14:39:54.0750 1440 [ f10863bf1ccc290babd1a09188ae49e0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
14:39:54.0765 1440 i2omp - ok
14:39:54.0812 1440 [ 4a0b06aa8943c1e332520f7440c0aa30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:39:54.0812 1440 i8042prt - ok
14:39:54.0828 1440 [ 083a052659f5310dd8b6a6cb05edcf8e ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:39:54.0843 1440 Imapi - ok
14:39:54.0859 1440 [ 30deaf54a9755bb8546168cfe8a6b5e1 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:39:54.0875 1440 ImapiService - ok
14:39:54.0890 1440 [ 4a40e045faee58631fd8d91afc620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
14:39:54.0890 1440 ini910u - ok
14:39:54.0968 1440 [ b5466a9250342a7aa0cd1fba13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
14:39:54.0968 1440 IntelIde - ok
14:39:54.0984 1440 [ 8c953733d8f36eb2133f5bb58808b66b ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:39:54.0984 1440 intelppm - ok
14:39:55.0015 1440 [ 3bb22519a194418d5fec05d800a19ad0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
14:39:55.0015 1440 Ip6Fw - ok
14:39:55.0046 1440 [ 731f22ba402ee4b62748adaf6363c182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:39:55.0046 1440 IpFilterDriver - ok
14:39:55.0062 1440 [ b87ab476dcf76e72010632b5550955f5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:39:55.0062 1440 IpInIp - ok
14:39:55.0109 1440 [ cc748ea12c6effde940ee98098bf96bb ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:39:55.0109 1440 IpNat - ok
14:39:55.0140 1440 [ 23c74d75e36e7158768dd63d92789a91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:39:55.0140 1440 IPSec - ok
14:39:55.0187 1440 [ c93c9ff7b04d772627a3646d89f7bf89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:39:55.0187 1440 IRENUM - ok
14:39:55.0234 1440 [ 05a299ec56e52649b1cf2fc52d20f2d7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:39:55.0234 1440 isapnp - ok
14:39:55.0250 1440 jcowysay - ok
14:39:55.0281 1440 [ 463c1ec80cd17420a542b7f36a36f128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:39:55.0281 1440 Kbdclass - ok
14:39:55.0312 1440 [ 9ef487a186dea361aa06913a75b3fa99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:39:55.0312 1440 kbdhid - ok
14:39:55.0343 1440 [ 692bcf44383d056aed41b045a323d378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:39:55.0343 1440 kmixer - ok
14:39:55.0390 1440 [ b467646c54cc746128904e1654c750c1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:39:55.0390 1440 KSecDD - ok
14:39:55.0437 1440 [ 3a7c3cbe5d96b8ae96ce81f0b22fb527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
14:39:55.0437 1440 lanmanserver - ok
14:39:55.0500 1440 [ a8888a5327621856c0cec4e385f69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:39:55.0500 1440 lanmanworkstation - ok
14:39:55.0515 1440 lbrtfdc - ok
14:39:55.0578 1440 [ a7db739ae99a796d91580147e919cc59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:39:55.0593 1440 LmHosts - ok
14:39:55.0640 1440 [ 7ffd29fafcde7aaf89b689b6e156d5b0 ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
14:39:55.0640 1440 mbamchameleon - ok
14:39:55.0765 1440 [ 7cf1b716372b89568ae4c0fe769f5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
14:39:55.0765 1440 MDM - ok
14:39:55.0796 1440 [ 986b1ff5814366d71e0ac5755c88f2d3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:39:55.0796 1440 Messenger - ok
14:39:55.0859 1440 [ 4ae068242760a1fb6e1a44bf4e16afa6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:39:55.0859 1440 mnmdd - ok
14:39:55.0921 1440 [ d18f1f0c101d06a1c1adf26eed16fcdd ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:39:55.0921 1440 mnmsrvc - ok
14:39:55.0984 1440 [ dfcbad3cec1c5f964962ae10e0bcc8e1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:39:55.0984 1440 Modem - ok
14:39:56.0015 1440 [ 35c9e97194c8cfb8430125f8dbc34d04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:39:56.0015 1440 Mouclass - ok
14:39:56.0062 1440 [ b1c303e17fb9d46e87a98e4ba6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:39:56.0062 1440 mouhid - ok
14:39:56.0093 1440 [ a80b9a0bad1b73637dbcbba7df72d3fd ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:39:56.0093 1440 MountMgr - ok
14:39:56.0140 1440 [ fee0baded54222e9f1dae9541212aab1 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
14:39:56.0140 1440 MpFilter - ok
14:39:56.0265 1440 [ a69630d039c38018689190234f866d77 ] MpKsl582c8cd5 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A050A479-1CAB-4F8E-8322-517EF3C46218}\MpKsl582c8cd5.sys
14:39:56.0265 1440 MpKsl582c8cd5 - ok
14:39:56.0296 1440 [ 3f4bb95e5a44f3be34824e8e7caf0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
14:39:56.0296 1440 mraid35x - ok
14:39:56.0343 1440 [ 11d42bb6206f33fbb3ba0288d3ef81bd ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:39:56.0343 1440 MRxDAV - ok
14:39:56.0375 1440 [ a137f1470499a205abbb9aafb3b6f2b1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:39:56.0375 1440 MSDTC - ok
14:39:56.0390 1440 [ c941ea2454ba8350021d774daf0f1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:39:56.0390 1440 Msfs - ok
14:39:56.0421 1440 MSIServer - ok
14:39:56.0453 1440 [ d1575e71568f4d9e14ca56b7b0453bf1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:39:56.0468 1440 MSKSSRV - ok
14:39:56.0578 1440 [ cfce43b70ca0cc4dcc8adb62b792b173 ] MsMpSvc c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
14:39:56.0578 1440 MsMpSvc - ok
14:39:56.0609 1440 [ 325bb26842fc7ccc1fcce2c457317f3e ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:39:56.0609 1440 MSPCLOCK - ok
14:39:56.0640 1440 [ bad59648ba099da4a17680b39730cb3d ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:39:56.0640 1440 MSPQM - ok
14:39:56.0687 1440 [ af5f4f3f14a8ea2c26de30f7a1e17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:39:56.0687 1440 mssmbios - ok
14:39:56.0718 1440 [ de6a75f5c270e756c5508d94b6cf68f5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:39:56.0718 1440 Mup - ok
14:39:56.0812 1440 [ 0102140028fad045756796e1c685d695 ] napagent C:\WINDOWS\System32\qagentrt.dll
14:39:56.0812 1440 napagent - ok
14:39:56.0828 1440 [ 1df7f42665c94b825322fae71721130d ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:39:56.0843 1440 NDIS - ok
14:39:56.0890 1440 [ 0109c4f3850dfbab279542515386ae22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:39:56.0890 1440 NdisTapi - ok
14:39:56.0953 1440 [ f927a4434c5028758a842943ef1a3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:39:56.0953 1440 Ndisuio - ok
14:39:56.0984 1440 [ edc1531a49c80614b2cfda43ca8659ab ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:39:56.0984 1440 NdisWan - ok
14:39:57.0015 1440 [ 9282bd12dfb069d3889eb3fcc1000a9b ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:39:57.0031 1440 NDProxy - ok
14:39:57.0046 1440 NecUsb - ok
14:39:57.0093 1440 [ 51c6d8bfbd4ea5b62a1ba7f4469250d3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
14:39:57.0093 1440 Net Driver HPZ12 - ok
14:39:57.0109 1440 [ 5d81cf9a2f1a3a756b66cf684911cdf0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:39:57.0109 1440 NetBIOS - ok
14:39:57.0171 1440 [ 74b2b2f5bea5e9a3dc021d685551bd3d ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:39:57.0171 1440 NetBT - ok
14:39:57.0187 1440 [ b857ba82860d7ff85ae29b095645563b ] NetDDE C:\WINDOWS\system32\netdde.exe
14:39:57.0187 1440 NetDDE - ok
14:39:57.0218 1440 [ b857ba82860d7ff85ae29b095645563b ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:39:57.0218 1440 NetDDEdsdm - ok
14:39:57.0265 1440 [ bf2466b3e18e970d8a976fb95fc1ca85 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:39:57.0265 1440 Netlogon - ok
14:39:57.0328 1440 [ 13e67b55b3abd7bf3fe7aae5a0f9a9de ] Netman C:\WINDOWS\System32\netman.dll
14:39:57.0328 1440 Netman - ok
14:39:57.0375 1440 [ 943337d786a56729263071623bbb9de5 ] Nla C:\WINDOWS\System32\mswsock.dll
14:39:57.0375 1440 Nla - ok
14:39:57.0406 1440 [ 3182d64ae053d6fb034f44b6def8034a ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:39:57.0406 1440 Npfs - ok
14:39:57.0437 1440 [ 78a08dd6a8d65e697c18e1db01c5cdca ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:39:57.0453 1440 Ntfs - ok
14:39:57.0468 1440 [ bf2466b3e18e970d8a976fb95fc1ca85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:39:57.0484 1440 NtLmSsp - ok
14:39:57.0546 1440 [ 156f64a3345bd23c600655fb4d10bc08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:39:57.0546 1440 NtmsSvc - ok
14:39:57.0578 1440 [ 73c1e1f395918bc2c6dd67af7591a3ad ] Null C:\WINDOWS\system32\drivers\Null.sys
14:39:57.0578 1440 Null - ok
14:39:57.0671 1440 [ 2b298519edbfcf451d43e0f1e8f1006d ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:39:57.0687 1440 nv - ok
14:39:57.0734 1440 [ b305f3fad35083837ef46a0bbce2fc57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:39:57.0734 1440 NwlnkFlt - ok
14:39:57.0750 1440 [ c99b3415198d1aab7227f2c88fd664b9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:39:57.0750 1440 NwlnkFwd - ok
14:39:57.0828 1440 [ 1f0e05dff4f5a833168e49be1256f002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:39:57.0843 1440 odserv - ok
14:39:57.0859 1440 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:39:57.0859 1440 ose - ok
14:39:57.0921 1440 [ 5575faf8f97ce5e713d108c2a58d7c7c ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
14:39:57.0921 1440 Parport - ok
14:39:57.0937 1440 [ beb3ba25197665d82ec7065b724171c6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:39:57.0937 1440 PartMgr - ok
14:39:57.0984 1440 [ 70e98b3fd8e963a6a46a2e6247e0bea1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:39:57.0984 1440 ParVdm - ok
14:39:58.0015 1440 [ a219903ccf74233761d92bef471a07b1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:39:58.0015 1440 PCI - ok
14:39:58.0031 1440 PCIDump - ok
14:39:58.0062 1440 [ ccf5f451bb1a5a2a522a76e670000ff0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:39:58.0062 1440 PCIIde - ok
14:39:58.0093 1440 [ 9e89ef60e9ee05e3f2eef2da7397f1c1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:39:58.0093 1440 Pcmcia - ok
14:39:58.0109 1440 PDCOMP - ok
14:39:58.0140 1440 PDFRAME - ok
14:39:58.0156 1440 PDRELI - ok
14:39:58.0187 1440 PDRFRAME - ok
14:39:58.0218 1440 [ 6c14b9c19ba84f73d3a86dba11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
14:39:58.0218 1440 perc2 - ok
14:39:58.0250 1440 [ f50f7c27f131afe7beba13e14a3b9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
14:39:58.0250 1440 perc2hib - ok
14:39:58.0343 1440 [ 65df52f5b8b6e9bbd183505225c37315 ] PlugPlay C:\WINDOWS\system32\services.exe
14:39:58.0343 1440 PlugPlay - ok
14:39:58.0375 1440 [ 79834aa2fbf9fe81eebb229024f6f7fc ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
14:39:58.0375 1440 Pml Driver HPZ12 - ok
14:39:58.0390 1440 [ bf2466b3e18e970d8a976fb95fc1ca85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:39:58.0406 1440 PolicyAgent - ok
14:39:58.0421 1440 [ efeec01b1d3cf84f16ddd24d9d9d8f99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:39:58.0421 1440 PptpMiniport - ok
14:39:58.0437 1440 [ bf2466b3e18e970d8a976fb95fc1ca85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:39:58.0437 1440 ProtectedStorage - ok
14:39:58.0468 1440 [ 09298ec810b07e5d582cb3a3f9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:39:58.0468 1440 PSched - ok
14:39:58.0500 1440 [ 80d317bd1c3dbc5d4fe7b1678c60cadd ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:39:58.0500 1440 Ptilink - ok
14:39:58.0515 1440 [ 0a63fb54039eb5662433caba3b26dba7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
14:39:58.0531 1440 ql1080 - ok
14:39:58.0546 1440 [ 6503449e1d43a0ff0201ad5cb1b8c706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
14:39:58.0546 1440 Ql10wnt - ok
14:39:58.0593 1440 [ 156ed0ef20c15114ca097a34a30d8a01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
14:39:58.0593 1440 ql12160 - ok
14:39:58.0609 1440 [ 70f016bebde6d29e864c1230a07cc5e6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
14:39:58.0609 1440 ql1240 - ok
14:39:58.0640 1440 [ 907f0aeea6bc451011611e732bd31fcf ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
14:39:58.0640 1440 ql1280 - ok
14:39:58.0656 1440 [ fe0d99d6f31e4fad8159f690d68ded9c ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:39:58.0656 1440 RasAcd - ok
14:39:58.0703 1440 [ ad188be7bdf94e8df4ca0a55c00a5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:39:58.0703 1440 RasAuto - ok
14:39:58.0750 1440 [ 11b4a627bc9614b885c4969bfa5ff8a6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:39:58.0750 1440 Rasl2tp - ok
14:39:58.0812 1440 [ 76a9a3cbeadd68cc57cda5e1d7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:39:58.0812 1440 RasMan - ok
14:39:58.0843 1440 [ 5bc962f2654137c9909c3d4603587dee ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:39:58.0843 1440 RasPppoe - ok
14:39:58.0859 1440 [ fdbb1d60066fcfbb7452fd8f9829b242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:39:58.0859 1440 Raspti - ok
14:39:58.0890 1440 [ 7ad224ad1a1437fe28d89cf22b17780a ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:39:58.0890 1440 Rdbss - ok
14:39:58.0906 1440 [ 4912d5b403614ce99c28420f75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:39:58.0906 1440 RDPCDD - ok
14:39:58.0953 1440 [ 15cabd0f7c00c47c70124907916af3f1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:39:58.0953 1440 rdpdr - ok
14:39:59.0031 1440 [ fc105dd312ed64eb66bff111e8ec6eac ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:39:59.0031 1440 RDPWD - ok
14:39:59.0062 1440 [ 3c37bf86641bda977c3bf8a840f3b7fa ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:39:59.0078 1440 RDSessMgr - ok
14:39:59.0093 1440 [ f828dd7e1419b6653894a8f97a0094c5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:39:59.0093 1440 redbook - ok
14:39:59.0140 1440 [ 7e699ff5f59b5d9de5390e3c34c67cf5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:39:59.0140 1440 RemoteAccess - ok
14:39:59.0156 1440 [ 5b19b557b0c188210a56a6b699d90b8f ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:39:59.0156 1440 RemoteRegistry - ok
14:39:59.0203 1440 [ aaed593f84afa419bbae8572af87cf6a ] RpcLocator C:\WINDOWS\system32\locator.exe
14:39:59.0218 1440 RpcLocator - ok
14:39:59.0250 1440 [ 6b27a5c03dfb94b4245739065431322c ] RpcSs C:\WINDOWS\System32\rpcss.dll
14:39:59.0250 1440 RpcSs - ok
14:39:59.0312 1440 [ 471b3f9741d762abe75e9deea4787e47 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:39:59.0328 1440 RSVP - ok
14:39:59.0343 1440 [ bf2466b3e18e970d8a976fb95fc1ca85 ] SamSs C:\WINDOWS\system32\lsass.exe
14:39:59.0359 1440 SamSs - ok
14:39:59.0375 1440 [ 86d007e7a654b9a71d1d7d856b104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:39:59.0390 1440 SCardSvr - ok
14:39:59.0453 1440 [ 0a9a7365a1ca4319aa7c1d6cd8e4eafa ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:39:59.0453 1440 Schedule - ok
14:39:59.0531 1440 [ 90a3935d05b494a5a39d37e71f09a677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:39:59.0531 1440 Secdrv - ok
14:39:59.0546 1440 [ cbe612e2bb6a10e3563336191eda1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:39:59.0562 1440 seclogon - ok
14:39:59.0625 1440 [ b6a6b409fda9d9ebd3aadb838d3d7173 ] SenFiltService C:\WINDOWS\system32\drivers\Senfilt.sys
14:39:59.0625 1440 SenFiltService - ok
14:39:59.0656 1440 [ 7fdd5d0684eca8c1f68b4d99d124dcd0 ] SENS C:\WINDOWS\system32\sens.dll
14:39:59.0656 1440 SENS - ok
14:39:59.0718 1440 [ 0f29512ccd6bead730039fb4bd2c85ce ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:39:59.0718 1440 serenum - ok
14:39:59.0734 1440 [ cca207a8896d4c6a0c9ce29a4ae411a7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:39:59.0734 1440 Serial - ok
14:39:59.0765 1440 [ 8e6b8c671615d126fdc553d1e2de5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:39:59.0765 1440 Sfloppy - ok
14:39:59.0828 1440 [ 83f41d0d89645d7235c051ab1d9523ac ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:39:59.0843 1440 SharedAccess - ok
14:39:59.0875 1440 [ 99bc0b50f511924348be19c7c7313bbf ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:39:59.0875 1440 ShellHWDetection - ok
14:39:59.0890 1440 Simbad - ok
14:39:59.0921 1440 [ 6b33d0ebd30db32e27d1d78fe946a754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
14:39:59.0921 1440 sisagp - ok
14:39:59.0968 1440 [ 83c

#12 jss8381

jss8381
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:23 AM

Posted 17 August 2012 - 08:23 AM

MalwareBytes log:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.16.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Cooper :: JUSTIN [administrator]

08/16/12 4:29
mbam-log-2012-08-16 (16-29-31).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 357393
Time elapsed: 2 hour(s), 40 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

MiniToolbox Log

MiniToolBox by Farbar Version: 23-07-2012
Ran by Cooper (administrator) on 17-08-2012 at 08:04:37
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : Justin Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : gateway.2wire.netEthernet adapter Local Area Connection: Connection-specific DNS Suffix . : gateway.2wire.net Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller Physical Address. . . . . . . . . : 00-1A-A0-07-31-F9 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.1.65 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.254 DHCP Server . . . . . . . . . . . : 192.168.1.254 DNS Servers . . . . . . . . . . . : 192.168.1.254 NetBIOS over Tcpip. . . . . . . . : Disabled Lease Obtained. . . . . . . . . . : August 17, 2012 3:48 Lease Expires . . . . . . . . . . : August 18, 2012 3:48Server: home
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.225.73, 74.125.225.78, 74.125.225.64, 74.125.225.65
74.125.225.66, 74.125.225.67, 74.125.225.68, 74.125.225.69, 74.125.225.70
74.125.225.71, 74.125.225.72

Pinging google.com [74.125.225.69] with 32 bytes of data:Reply from 74.125.225.69: bytes=32 time=48ms TTL=55Reply from 74.125.225.69: bytes=32 time=46ms TTL=55Ping statistics for 74.125.225.69: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 46ms, Maximum = 48ms, Average = 47msServer: home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.138.253.109, 98.139.183.24, 72.30.38.140

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:Reply from 98.139.183.24: bytes=32 time=153ms TTL=47Reply from 98.139.183.24: bytes=32 time=103ms TTL=49Ping statistics for 98.139.183.24: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 103ms, Maximum = 153ms, Average = 128msServer: home
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:Reply from 208.43.87.2: Destination host unreachable.Reply from 208.43.87.2: Destination host unreachable.Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 1a a0 07 31 f9 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.65 20
64.208.138.214 255.255.255.255 192.168.1.254 192.168.1.65 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
157.238.75.40 255.255.255.255 192.168.1.254 192.168.1.65 20
192.168.1.0 255.255.255.0 192.168.1.65 192.168.1.65 20
192.168.1.65 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.65 192.168.1.65 20
204.236.158.184 255.255.255.255 192.168.1.254 192.168.1.65 20
207.46.193.179 255.255.255.255 192.168.1.254 192.168.1.65 20
224.0.0.0 240.0.0.0 192.168.1.65 192.168.1.65 20
255.255.255.255 255.255.255.255 192.168.1.65 192.168.1.65 1
Default Gateway: 192.168.1.254
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/17/2012 03:50:23 AM) (Source: PerfNet) (User: )
Description: Unable to open the Redirector service. Redirector performance data
will not be returned. Error code returned is in data DWORD 0.

Error: (08/17/2012 03:49:56 AM) (Source: PerfNet) (User: )
Description: Unable to open the Redirector service. Redirector performance data
will not be returned. Error code returned is in data DWORD 0.

Error: (08/17/2012 03:08:36 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.0.1526.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (08/16/2012 06:52:44 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 3.0.8402.0, P3 timeout, P4 1.1.8601.0, P5 fixed, P6 2 _ 1024, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (08/16/2012 06:52:43 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 3.0.8402.0, P3 timeout, P4 1.1.8601.0, P5 fixed, P6 2 _ 1024, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (08/16/2012 06:52:40 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 3.0.8402.0, P3 timeout, P4 1.1.8601.0, P5 fixed, P6 2 _ 1024, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (08/16/2012 06:52:39 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 3.0.8402.0, P3 timeout, P4 1.1.8601.0, P5 fixed, P6 2 _ 1024, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (08/16/2012 05:26:56 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 3.0.8402.0, P3 timeout, P4 1.1.8601.0, P5 fixed, P6 2 _ 1024, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (08/16/2012 05:26:53 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 3.0.8402.0, P3 timeout, P4 1.1.8601.0, P5 fixed, P6 2 _ 1024, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (08/16/2012 05:26:52 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 3.0.8402.0, P3 timeout, P4 1.1.8601.0, P5 fixed, P6 2 _ 1024, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.


System errors:
=============
Error: (08/16/2012 04:26:44 PM) (Source: Workstation) (User: )
Description: Could not load RDR device driver.

Error: (08/16/2012 04:25:53 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/16/2012 03:57:01 PM) (Source: DCOM) (User: JUSTIN)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (08/16/2012 03:56:52 PM) (Source: DCOM) (User: JUSTIN)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (08/16/2012 02:23:19 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/16/2012 02:21:06 PM) (Source: DCOM) (User: JUSTIN)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (08/16/2012 00:16:04 PM) (Source: Service Control Manager) (User: )
Description: The USB Service service terminated with the following error:
%%126

Error: (08/16/2012 10:16:04 AM) (Source: Service Control Manager) (User: )
Description: The USB Service service terminated with the following error:
%%126

Error: (08/16/2012 09:16:04 AM) (Source: Service Control Manager) (User: )
Description: The USB Service service terminated with the following error:
%%126

Error: (08/16/2012 08:16:05 AM) (Source: Service Control Manager) (User: )
Description: The USB Service service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

2007 Microsoft Office Suite Service Pack 2 (SP2)
2007 Microsoft Office system (Version: 12.0.6425.1000)
32 Bit HP BiDi Channel Components Installer (Version: 1.1.0.2)
Adobe Acrobat 8 Standard (Version: 8.1.3)
Adobe Acrobat 8.1.3 Standard (Version: 8.1.3)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.11)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 1.2.2400.31026)
ATI Display Driver (Version: 8.263.5.1-060607a-035983C-Dell)
AudibleManager (Version: 1309592.1378168.1310188.2089871648)
Broadcom Management Programs (Version: 9.02.04)
CCleaner (Version: 3.14)
Copernic Agent Personal
Copernic Desktop Search - Home
Critical Update for Windows Media Player 11 (KB959772)
ESET NOD32 Antivirus (Version: 4.0.424.0)
ESET Online Scanner v3
ffdshow [rev 610] [2006-12-01] (Version: 1.0)
FLV Player 2.0 (build 25) (Version: 2.0 (build 25))
Google Chrome (Version: 21.0.1180.79)
Google Desktop (Version: 5.9.1005.12335)
Google Earth (Version: 6.1.0.5001)
Google Talk Plugin (Version: 3.4.2.8800)
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer (Version: 4.0.0.002)
Google Update Helper (Version: 1.3.21.115)
Google Updater (Version: 2.4.2432.1652)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
HijackThis 2.0.2 (Version: 2.0.2)
hp deskjet 5100 series
hp print screen utility
J2SE Runtime Environment 5.0 Update 11 (Version: 1.5.0.110)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6425.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
Pagis Viewer 2.0
PowerDVD OD
QuickTime (Version: 7.71.80.42)
RealLegal E-Transcript Viewer (Version: 8.3)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealUpgrade 1.1 (Version: 1.1.0)
Sothink FLV Player (Version: 2.3)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
WordPerfect Office 12 (Version: 12.01)
Yahoo! BrowserPlus 2.9.8
Zoom Player (remove only)

========================= Memory info: ===================================

Percentage of memory in use: 62%
Total physical RAM: 989.9 MB
Available physical RAM: 368.19 MB
Total Pagefile: 2386.04 MB
Available Pagefile: 1863.46 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.76 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:148.96 GB) (Free:122.93 GB) NTFS
3 Drive e: () (Removable) (Total:0.12 GB) (Free:0.07 GB) FAT

========================= Users: ========================================

User accounts for \\

Administrator Guest HelpAssistant
SUPPORT_388945a0 Cooper


**** End of log ****

FSS Log:

Farbar Service Scanner Version: 06-08-2012
Ran by Cooper (administrator) on 17-08-2012 at 08:08:47
Running from "C:\Documents and Settings\Cooper\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
epfwtdir(8) Gpc(6) IPSec(4) NetBT(6) PSched(7) Tcpip(3)
0x080000000400000001000000020000000300000005000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****

adwCleaner log:

# AdwCleaner v1.801 - Logfile created 08/17/2012 at 08:12:40
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Cooper - JUSTIN
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Cooper\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v9.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\Cooper\Application Data\Mozilla\Firefox\Profiles\ujhzrknn.default\prefs.js

C:\Documents and Settings\Cooper\Application Data\Mozilla\Firefox\Profiles\ujhzrknn.default\user.js ... Deleted !

[OK] File is clean.

Profile name : default
File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\t7v3s227.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.79

File : C:\Documents and Settings\Cooper\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [340 octets] - [17/08/2012 08:09:48]
AdwCleaner[S2].txt - [1346 octets] - [17/08/2012 08:12:40]

########## EOF - C:\AdwCleaner[S2].txt - [1474 octets] ##########

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:23 AM

Posted 17 August 2012 - 08:32 AM

Download

Hosts

Save it to

C:\windows\system32\drivers\etc folder

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users