Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan horse Generic29.GJG?


  • Please log in to reply
22 replies to this topic

#1 bill_1001

bill_1001

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:26 AM

Posted 23 August 2012 - 08:57 PM

I've looked through previous posts, and found one that is close to my problem. Here's the post:

http://www.bleepingcomputer.com/forums/topic457727.html

Google Search is screwed up (it never returns). And, a scan using AVG (before running Malwarebytes) came back with:

"";"C:\WINDOWS\system32\svchost.exe (1304)";"Trojan horse Generic29.GJG";"Deleted"
"";"C:\WINDOWS\system32\svchost.exe (1304):\memory_001a0000";"Trojan horse Generic29.GJG";"Infected"

I downloaded Malwarebytes and ran it. Below is the log. It deleted some garbage, however when I scanned my system again with AVG (after Malwarebytes was run), it came back with similar results to the two lines above. And, Google Search is still screwed up.

In addition, when I logged into my Hotmail email account, a different screen came up telling me that a password is no longer enough....blah, blah, blah (phishing?) so I closed the screen and my email account showed up. Anyway, can someone help me kill this stuff?


Thanks,
Bill

====================================



Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.23.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Bill :: BILL_S [administrator]

8/23/2012 9:54:23 AM
mbam-log-2012-08-23 (09-54-23).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 376901
Time elapsed: 1 hour(s), 21 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:5555 -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Documents and Settings\Bill\Junk Files\PyScripter\ADLSoft_UnCompressor_v2.exe (PUP.Adware.InstallCore) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP1236\A0092367.exe (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP1262\A0098404.exe (Trojan.Phex.THAGen8) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\0.9850456673042863.exe (Exploit.Drop.UR.2) -> Quarantined and deleted successfully.

(end)

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:26 AM

Posted 23 August 2012 - 09:09 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 bill_1001

bill_1001
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:26 AM

Posted 23 August 2012 - 09:37 PM

narenxp,

Thanks for the fast response. I downloaded and ran TDSSkiller. It gave me two log files (listed below), but your post implied one file, so I'm posting this reply before I proceed, just in case. Is it OK to continue with the next step (aswMBR)?




====================================

First TDSSkiller file:

21:18:06.0937 5436 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
21:18:07.0484 5436 ============================================================
21:18:07.0484 5436 Current date / time: 2012/08/23 21:18:07.0484
21:18:07.0484 5436 SystemInfo:
21:18:07.0484 5436
21:18:07.0484 5436 OS Version: 5.1.2600 ServicePack: 3.0
21:18:07.0484 5436 Product type: Workstation
21:18:07.0484 5436 ComputerName: BILL_S
21:18:07.0484 5436 UserName: Bill
21:18:07.0484 5436 Windows directory: C:\WINDOWS
21:18:07.0484 5436 System windows directory: C:\WINDOWS
21:18:07.0484 5436 Processor architecture: Intel x86
21:18:07.0484 5436 Number of processors: 4
21:18:07.0484 5436 Page size: 0x1000
21:18:07.0484 5436 Boot type: Normal boot
21:18:07.0484 5436 ============================================================
21:18:07.0937 5436 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:18:07.0937 5436 ============================================================
21:18:07.0937 5436 \Device\Harddisk0\DR0:
21:18:07.0937 5436 MBR partitions:
21:18:07.0937 5436 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x2541A2B0
21:18:07.0937 5436 ============================================================
21:18:07.0984 5436 C: <-> \Device\Harddisk0\DR0\Partition1
21:18:07.0984 5436 ============================================================
21:18:07.0984 5436 Initialize success
21:18:07.0984 5436 ============================================================
21:18:24.0437 6220 ============================================================
21:18:24.0437 6220 Scan started
21:18:24.0437 6220 Mode: Manual;
21:18:24.0437 6220 ============================================================
21:18:25.0265 6220 ================ Scan system memory ========================
21:18:25.0265 6220 System memory - ok
21:18:25.0265 6220 ================ Scan services =============================
21:18:25.0546 6220 Abiosdsk - ok
21:18:25.0578 6220 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
21:18:25.0578 6220 abp480n5 - ok
21:18:25.0609 6220 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:18:25.0609 6220 ACPI - ok
21:18:25.0656 6220 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:18:25.0656 6220 ACPIEC - ok
21:18:25.0671 6220 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
21:18:25.0671 6220 adpu160m - ok
21:18:25.0703 6220 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:18:25.0703 6220 aec - ok
21:18:25.0765 6220 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:18:25.0765 6220 AFD - ok
21:18:25.0781 6220 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
21:18:25.0781 6220 agp440 - ok
21:18:25.0796 6220 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
21:18:25.0796 6220 agpCPQ - ok
21:18:25.0812 6220 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
21:18:25.0812 6220 Aha154x - ok
21:18:25.0828 6220 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
21:18:25.0828 6220 aic78u2 - ok
21:18:25.0828 6220 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
21:18:25.0828 6220 aic78xx - ok
21:18:25.0859 6220 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:18:25.0859 6220 Alerter - ok
21:18:25.0890 6220 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
21:18:25.0890 6220 ALG - ok
21:18:25.0906 6220 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
21:18:25.0906 6220 AliIde - ok
21:18:25.0937 6220 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
21:18:25.0937 6220 alim1541 - ok
21:18:25.0953 6220 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
21:18:25.0953 6220 amdagp - ok
21:18:25.0968 6220 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
21:18:25.0968 6220 amsint - ok
21:18:25.0984 6220 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:18:25.0984 6220 AppMgmt - ok
21:18:26.0015 6220 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
21:18:26.0015 6220 asc - ok
21:18:26.0015 6220 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
21:18:26.0015 6220 asc3350p - ok
21:18:26.0031 6220 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
21:18:26.0031 6220 asc3550 - ok
21:18:26.0187 6220 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:18:26.0187 6220 aspnet_state - ok
21:18:26.0218 6220 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:18:26.0218 6220 AsyncMac - ok
21:18:26.0234 6220 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:18:26.0234 6220 atapi - ok
21:18:26.0234 6220 Atdisk - ok
21:18:26.0296 6220 [ 5CEDA44447A28DB469DE28AFC0950650 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
21:18:26.0312 6220 Ati HotKey Poller - ok
21:18:26.0375 6220 [ B63516824DA0D8B9AD136E6E044A795F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:18:26.0406 6220 ati2mtag - ok
21:18:26.0468 6220 [ EAECE4A0D90D6E1FBE068CCE9EFD73A0 ] AtiHdmiService C:\WINDOWS\system32\drivers\AtiHdmi.sys
21:18:26.0468 6220 AtiHdmiService - ok
21:18:26.0500 6220 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:18:26.0500 6220 Atmarpc - ok
21:18:26.0531 6220 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:18:26.0531 6220 AudioSrv - ok
21:18:26.0593 6220 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:18:26.0593 6220 audstub - ok
21:18:26.0781 6220 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
21:18:26.0843 6220 AVGIDSAgent - ok
21:18:26.0875 6220 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
21:18:26.0875 6220 AVGIDSDriver - ok
21:18:26.0890 6220 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
21:18:26.0890 6220 AVGIDSFilter - ok
21:18:26.0953 6220 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
21:18:26.0953 6220 AVGIDSHX - ok
21:18:27.0000 6220 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
21:18:27.0000 6220 AVGIDSShim - ok
21:18:27.0015 6220 [ DDA6A2A18841E4C9172BB85958B8D948 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
21:18:27.0015 6220 Avgldx86 - ok
21:18:27.0015 6220 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
21:18:27.0015 6220 Avgmfx86 - ok
21:18:27.0062 6220 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
21:18:27.0062 6220 Avgrkx86 - ok
21:18:27.0078 6220 [ 1263F2554ACE925C237A40B4C568D815 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
21:18:27.0078 6220 Avgtdix - ok
21:18:27.0125 6220 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
21:18:27.0125 6220 avgwd - ok
21:18:27.0187 6220 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:18:27.0187 6220 Beep - ok
21:18:27.0234 6220 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
21:18:27.0265 6220 BITS - ok
21:18:27.0296 6220 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
21:18:27.0296 6220 Browser - ok
21:18:27.0328 6220 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
21:18:27.0328 6220 cbidf - ok
21:18:27.0328 6220 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:18:27.0328 6220 cbidf2k - ok
21:18:27.0359 6220 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:18:27.0359 6220 CCDECODE - ok
21:18:27.0375 6220 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
21:18:27.0375 6220 cd20xrnt - ok
21:18:27.0375 6220 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:18:27.0375 6220 Cdaudio - ok
21:18:27.0390 6220 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:18:27.0390 6220 Cdfs - ok
21:18:27.0421 6220 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:18:27.0421 6220 Cdrom - ok
21:18:27.0421 6220 Changer - ok
21:18:27.0484 6220 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:18:27.0484 6220 CiSvc - ok
21:18:27.0484 6220 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:18:27.0484 6220 ClipSrv - ok
21:18:27.0562 6220 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:18:27.0562 6220 clr_optimization_v2.0.50727_32 - ok
21:18:27.0609 6220 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:18:27.0609 6220 clr_optimization_v4.0.30319_32 - ok
21:18:27.0625 6220 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
21:18:27.0625 6220 CmdIde - ok
21:18:27.0640 6220 COMSysApp - ok
21:18:27.0656 6220 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
21:18:27.0656 6220 Cpqarray - ok
21:18:27.0703 6220 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:18:27.0703 6220 CryptSvc - ok
21:18:27.0734 6220 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
21:18:27.0734 6220 dac2w2k - ok
21:18:27.0750 6220 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
21:18:27.0750 6220 dac960nt - ok
21:18:27.0781 6220 [ 5118EA8A2F55FA4D4295516500B78229 ] DCamUSBEMPIA C:\WINDOWS\system32\DRIVERS\emDevice.sys
21:18:27.0781 6220 DCamUSBEMPIA - ok
21:18:27.0828 6220 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:18:27.0828 6220 DcomLaunch - ok
21:18:27.0875 6220 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:18:27.0890 6220 Dhcp - ok
21:18:27.0921 6220 [ A22D5A027F397E412CBB2D97E8661BFF ] Diag69xp C:\WINDOWS\system32\Drivers\Diag69xp.sys
21:18:27.0921 6220 Diag69xp - ok
21:18:27.0937 6220 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:18:27.0953 6220 Disk - ok
21:18:27.0968 6220 [ A0500678A33802D8954153839301D539 ] DLABMFSM C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
21:18:27.0968 6220 DLABMFSM - ok
21:18:27.0968 6220 [ B8D2F68CAC54D46281399F9092644794 ] DLABOIOM C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
21:18:27.0968 6220 DLABOIOM - ok
21:18:27.0984 6220 [ 0EE93AB799D1CB4EC90B36F3612FE907 ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
21:18:27.0984 6220 DLACDBHM - ok
21:18:28.0000 6220 [ 87413B94AE1FABC117C4E8AE6725134E ] DLADResM C:\WINDOWS\system32\Drivers\DLADResM.SYS
21:18:28.0000 6220 DLADResM - ok
21:18:28.0015 6220 [ 766A148235BE1C0039C974446E4C0EDC ] DLAIFS_M C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
21:18:28.0015 6220 DLAIFS_M - ok
21:18:28.0031 6220 [ 38267CCA177354F1C64450A43A4F7627 ] DLAOPIOM C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
21:18:28.0031 6220 DLAOPIOM - ok
21:18:28.0031 6220 [ FD363369FD313B46B5AEAB1A688B52E9 ] DLAPoolM C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
21:18:28.0031 6220 DLAPoolM - ok
21:18:28.0046 6220 [ 336AE18F0912EF4FBE5518849E004D74 ] DLARTL_M C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
21:18:28.0046 6220 DLARTL_M - ok
21:18:28.0078 6220 [ FD85F682C1CC2A7CA878C7A448E6D87E ] DLAUDFAM C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
21:18:28.0078 6220 DLAUDFAM - ok
21:18:28.0093 6220 [ AF389CE587B6BF5BBDCD6F6ABE5EABC0 ] DLAUDF_M C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
21:18:28.0093 6220 DLAUDF_M - ok
21:18:28.0093 6220 dmadmin - ok
21:18:28.0125 6220 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:18:28.0140 6220 dmboot - ok
21:18:28.0140 6220 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:18:28.0140 6220 dmio - ok
21:18:28.0156 6220 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:18:28.0156 6220 dmload - ok
21:18:28.0171 6220 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:18:28.0171 6220 dmserver - ok
21:18:28.0218 6220 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:18:28.0218 6220 DMusic - ok
21:18:28.0265 6220 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:18:28.0265 6220 Dnscache - ok
21:18:28.0296 6220 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:18:28.0312 6220 Dot3svc - ok
21:18:28.0328 6220 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
21:18:28.0328 6220 dpti2o - ok
21:18:28.0343 6220 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:18:28.0343 6220 drmkaud - ok
21:18:28.0343 6220 [ 5D3B71BB2BB0009D65D290E2EF374BD3 ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
21:18:28.0343 6220 DRVMCDB - ok
21:18:28.0359 6220 [ C591BA9F96F40A1FD6494DAFDCD17185 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
21:18:28.0359 6220 DRVNDDM - ok
21:18:28.0406 6220 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:18:28.0406 6220 EapHost - ok
21:18:28.0406 6220 [ 200DA4F1964C11B3C19A07F937394624 ] emAudio C:\WINDOWS\system32\drivers\emAudio.sys
21:18:28.0406 6220 emAudio - ok
21:18:28.0421 6220 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:18:28.0421 6220 ERSvc - ok
21:18:28.0468 6220 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
21:18:28.0468 6220 Eventlog - ok
21:18:28.0531 6220 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
21:18:28.0531 6220 EventSystem - ok
21:18:28.0578 6220 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:18:28.0578 6220 Fastfat - ok
21:18:28.0625 6220 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:18:28.0625 6220 FastUserSwitchingCompatibility - ok
21:18:28.0687 6220 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
21:18:28.0687 6220 Fax - ok
21:18:28.0687 6220 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
21:18:28.0687 6220 Fdc - ok
21:18:28.0718 6220 [ 6F87E4706F59463B74BC4FAD0F67338F ] FiltUSBEMPIA C:\WINDOWS\system32\DRIVERS\emFilter.sys
21:18:28.0718 6220 FiltUSBEMPIA - ok
21:18:28.0750 6220 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:18:28.0750 6220 Fips - ok
21:18:28.0750 6220 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
21:18:28.0750 6220 Flpydisk - ok
21:18:28.0812 6220 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:18:28.0812 6220 FltMgr - ok
21:18:28.0875 6220 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:18:28.0875 6220 FontCache3.0.0.0 - ok
21:18:28.0875 6220 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:18:28.0875 6220 Fs_Rec - ok
21:18:28.0906 6220 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:18:28.0906 6220 Ftdisk - ok
21:18:29.0031 6220 [ F0187E45268E86AAAA932CBD9087BEA8 ] GoogleDesktopManager-110309-193829 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
21:18:29.0031 6220 GoogleDesktopManager-110309-193829 - ok
21:18:29.0062 6220 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:18:29.0062 6220 Gpc - ok
21:18:29.0125 6220 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:18:29.0125 6220 gupdate - ok
21:18:29.0125 6220 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:18:29.0125 6220 gupdatem - ok
21:18:29.0171 6220 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:18:29.0171 6220 HDAudBus - ok
21:18:29.0234 6220 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:18:29.0234 6220 helpsvc - ok
21:18:29.0281 6220 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
21:18:29.0281 6220 HidServ - ok
21:18:29.0296 6220 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:18:29.0296 6220 hidusb - ok
21:18:29.0328 6220 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:18:29.0328 6220 hkmsvc - ok
21:18:29.0343 6220 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
21:18:29.0343 6220 hpn - ok
21:18:29.0390 6220 [ AC04FC91B57B27086CCF02086FD3F4CB ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
21:18:29.0390 6220 HSFHWBS2 - ok
21:18:29.0437 6220 [ F362C0B442337DA8AB0608DFAA4CA076 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
21:18:29.0453 6220 HSF_DPV - ok
21:18:29.0546 6220 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:18:29.0562 6220 HTTP - ok
21:18:29.0593 6220 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:18:29.0593 6220 HTTPFilter - ok
21:18:29.0640 6220 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
21:18:29.0640 6220 i2omgmt - ok
21:18:29.0656 6220 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
21:18:29.0656 6220 i2omp - ok
21:18:29.0765 6220 [ 3E42C4691AAD4B1E8D0466F9CBF05CBE ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:18:29.0765 6220 IAANTMON - ok
21:18:29.0828 6220 [ 707C1692214B1C290271067197F075F6 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
21:18:29.0828 6220 iaStor - ok
21:18:29.0875 6220 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:18:29.0890 6220 idsvc - ok
21:18:29.0921 6220 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:18:29.0921 6220 Imapi - ok
21:18:29.0984 6220 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
21:18:29.0984 6220 ImapiService - ok
21:18:30.0015 6220 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
21:18:30.0015 6220 ini910u - ok
21:18:30.0140 6220 [ 5C8F36CDCB489111B24003AF4DFE1FDC ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:18:30.0203 6220 IntcAzAudAddService - ok
21:18:30.0234 6220 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
21:18:30.0234 6220 IntelIde - ok
21:18:30.0281 6220 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:18:30.0281 6220 intelppm - ok
21:18:30.0312 6220 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:18:30.0312 6220 Ip6Fw - ok
21:18:30.0312 6220 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:18:30.0312 6220 IpFilterDriver - ok
21:18:30.0343 6220 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:18:30.0343 6220 IpInIp - ok
21:18:30.0359 6220 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:18:30.0359 6220 IpNat - ok
21:18:30.0375 6220 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:18:30.0375 6220 IPSec - ok
21:18:30.0375 6220 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:18:30.0375 6220 IRENUM - ok
21:18:30.0453 6220 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:18:30.0453 6220 isapnp - ok
21:18:30.0453 6220 [ B07084095F8C03AADB9811C9DF14B5E4 ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
21:18:30.0453 6220 JRAID - ok
21:18:30.0515 6220 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:18:30.0515 6220 Kbdclass - ok
21:18:30.0515 6220 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:18:30.0515 6220 kbdhid - ok
21:18:30.0578 6220 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:18:30.0593 6220 kmixer - ok
21:18:30.0609 6220 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:18:30.0625 6220 KSecDD - ok
21:18:30.0687 6220 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
21:18:30.0687 6220 LanmanServer - ok
21:18:30.0734 6220 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:18:30.0734 6220 lanmanworkstation - ok
21:18:30.0781 6220 [ 8F5795B166CBB50966E29982F8CDB310 ] LANPkt C:\WINDOWS\system32\DRIVERS\LANPkt.sys
21:18:30.0781 6220 LANPkt - ok
21:18:30.0796 6220 lbrtfdc - ok
21:18:30.0859 6220 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:18:30.0859 6220 LmHosts - ok
21:18:30.0906 6220 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
21:18:30.0906 6220 MarvinBus - ok
21:18:31.0046 6220 [ EEE1EA23C4777ADB268A36196A631200 ] McciServiceHost C:\Program Files\Common Files\Motive\McciServiceHost.exe
21:18:31.0046 6220 McciServiceHost - ok
21:18:31.0093 6220 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
21:18:31.0093 6220 mdmxsdk - ok
21:18:31.0140 6220 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:18:31.0140 6220 Messenger - ok
21:18:31.0171 6220 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:18:31.0171 6220 mnmdd - ok
21:18:31.0187 6220 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
21:18:31.0187 6220 mnmsrvc - ok
21:18:31.0218 6220 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:18:31.0218 6220 Modem - ok
21:18:31.0265 6220 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:18:31.0265 6220 Mouclass - ok
21:18:31.0281 6220 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:18:31.0281 6220 mouhid - ok
21:18:31.0281 6220 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:18:31.0281 6220 MountMgr - ok
21:18:31.0312 6220 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
21:18:31.0312 6220 MPE - ok
21:18:31.0328 6220 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
21:18:31.0328 6220 mraid35x - ok
21:18:31.0343 6220 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
21:18:31.0343 6220 MREMP50 - ok
21:18:31.0343 6220 MREMPR5 - ok
21:18:31.0359 6220 MRENDIS5 - ok
21:18:31.0390 6220 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
21:18:31.0390 6220 MRESP50 - ok
21:18:31.0390 6220 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:18:31.0390 6220 MRxDAV - ok
21:18:31.0453 6220 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:18:31.0453 6220 MRxSmb - ok
21:18:31.0500 6220 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
21:18:31.0500 6220 MSDTC - ok
21:18:31.0500 6220 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:18:31.0500 6220 Msfs - ok
21:18:31.0515 6220 MSIServer - ok
21:18:31.0531 6220 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:18:31.0531 6220 MSKSSRV - ok
21:18:31.0546 6220 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:18:31.0546 6220 MSPCLOCK - ok
21:18:31.0546 6220 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:18:31.0546 6220 MSPQM - ok
21:18:31.0593 6220 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:18:31.0593 6220 mssmbios - ok
21:18:31.0609 6220 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:18:31.0609 6220 MSTEE - ok
21:18:31.0625 6220 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:18:31.0625 6220 Mup - ok
21:18:31.0640 6220 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:18:31.0640 6220 NABTSFEC - ok
21:18:31.0671 6220 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
21:18:31.0687 6220 napagent - ok
21:18:31.0703 6220 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:18:31.0703 6220 NDIS - ok
21:18:31.0750 6220 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:18:31.0750 6220 NdisIP - ok
21:18:31.0781 6220 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:18:31.0781 6220 NdisTapi - ok
21:18:31.0828 6220 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:18:31.0828 6220 Ndisuio - ok
21:18:31.0828 6220 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:18:31.0828 6220 NdisWan - ok
21:18:31.0859 6220 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:18:31.0875 6220 NDProxy - ok
21:18:31.0906 6220 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:18:31.0906 6220 NetBIOS - ok
21:18:31.0921 6220 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:18:31.0921 6220 NetBT - ok
21:18:31.0937 6220 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
21:18:31.0953 6220 NetDDE - ok
21:18:31.0953 6220 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:18:31.0953 6220 NetDDEdsdm - ok
21:18:32.0031 6220 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:18:32.0031 6220 Netlogon - ok
21:18:32.0046 6220 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
21:18:32.0046 6220 Netman - ok
21:18:32.0078 6220 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:18:32.0078 6220 NetTcpPortSharing - ok
21:18:32.0125 6220 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
21:18:32.0125 6220 Nla - ok
21:18:32.0187 6220 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\WINDOWS\system32\drivers\npf.sys
21:18:32.0187 6220 NPF - ok
21:18:32.0203 6220 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:18:32.0203 6220 Npfs - ok
21:18:32.0265 6220 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:18:32.0296 6220 Ntfs - ok
21:18:32.0312 6220 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
21:18:32.0312 6220 NtLmSsp - ok
21:18:32.0359 6220 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:18:32.0359 6220 NtmsSvc - ok
21:18:32.0390 6220 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:18:32.0390 6220 Null - ok
21:18:32.0406 6220 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:18:32.0406 6220 NwlnkFlt - ok
21:18:32.0421 6220 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:18:32.0421 6220 NwlnkFwd - ok
21:18:32.0562 6220 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:18:32.0562 6220 odserv - ok
21:18:32.0609 6220 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:18:32.0609 6220 ose - ok
21:18:32.0625 6220 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
21:18:32.0625 6220 Parport - ok
21:18:32.0656 6220 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:18:32.0656 6220 PartMgr - ok
21:18:32.0703 6220 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:18:32.0703 6220 ParVdm - ok
21:18:32.0750 6220 [ BAE04007A679893E975A2B75E9E001E9 ] pcCMService C:\Program Files\Common Files\Motive\pcCMService.exe
21:18:32.0750 6220 pcCMService - ok
21:18:32.0765 6220 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:18:32.0765 6220 PCI - ok
21:18:32.0765 6220 PCIDump - ok
21:18:32.0812 6220 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:18:32.0812 6220 PCIIde - ok
21:18:32.0828 6220 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:18:32.0828 6220 Pcmcia - ok
21:18:32.0906 6220 [ A792405E6C84C3DEBC02B1CF29A928F0 ] pcServiceHost C:\Program Files\Common Files\Motive\pcServiceHost.exe
21:18:32.0921 6220 pcServiceHost - ok
21:18:32.0921 6220 PDCOMP - ok
21:18:32.0937 6220 PDFRAME - ok
21:18:32.0937 6220 PDRELI - ok
21:18:32.0953 6220 PDRFRAME - ok
21:18:32.0984 6220 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
21:18:32.0984 6220 perc2 - ok
21:18:33.0000 6220 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
21:18:33.0000 6220 perc2hib - ok
21:18:33.0046 6220 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
21:18:33.0062 6220 PlugPlay - ok
21:18:33.0062 6220 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:18:33.0062 6220 PolicyAgent - ok
21:18:33.0109 6220 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:18:33.0109 6220 PptpMiniport - ok
21:18:33.0125 6220 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:18:33.0125 6220 ProtectedStorage - ok
21:18:33.0125 6220 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:18:33.0125 6220 PSched - ok
21:18:33.0125 6220 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:18:33.0125 6220 Ptilink - ok
21:18:33.0171 6220 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:18:33.0171 6220 PxHelp20 - ok
21:18:33.0203 6220 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
21:18:33.0203 6220 ql1080 - ok
21:18:33.0203 6220 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
21:18:33.0203 6220 Ql10wnt - ok
21:18:33.0234 6220 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
21:18:33.0234 6220 ql12160 - ok
21:18:33.0250 6220 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
21:18:33.0250 6220 ql1240 - ok
21:18:33.0250 6220 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
21:18:33.0250 6220 ql1280 - ok
21:18:33.0281 6220 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:18:33.0281 6220 RasAcd - ok
21:18:33.0312 6220 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:18:33.0312 6220 RasAuto - ok
21:18:33.0343 6220 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:18:33.0343 6220 Rasl2tp - ok
21:18:33.0359 6220 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:18:33.0359 6220 RasMan - ok
21:18:33.0359 6220 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:18:33.0359 6220 RasPppoe - ok
21:18:33.0375 6220 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:18:33.0375 6220 Raspti - ok
21:18:33.0406 6220 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:18:33.0406 6220 Rdbss - ok
21:18:33.0406 6220 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:18:33.0406 6220 RDPCDD - ok
21:18:33.0437 6220 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:18:33.0453 6220 rdpdr - ok
21:18:33.0484 6220 [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:18:33.0484 6220 RDPWD - ok
21:18:33.0515 6220 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:18:33.0531 6220 RDSessMgr - ok
21:18:33.0531 6220 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:18:33.0531 6220 redbook - ok
21:18:33.0546 6220 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:18:33.0546 6220 RemoteAccess - ok
21:18:33.0562 6220 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:18:33.0578 6220 RemoteRegistry - ok
21:18:33.0640 6220 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
21:18:33.0640 6220 rpcapd - ok
21:18:33.0656 6220 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
21:18:33.0656 6220 RpcLocator - ok
21:18:33.0703 6220 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:18:33.0703 6220 RpcSs - ok
21:18:33.0734 6220 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
21:18:33.0734 6220 RSVP - ok
21:18:33.0765 6220 [ 7174F20AD9B7B7878A51ECCA03C499C2 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
21:18:33.0765 6220 RTLE8023xp - ok
21:18:33.0796 6220 [ B9CA69921379EA2931C4450FE975BCE7 ] RTLVLAN C:\WINDOWS\system32\DRIVERS\RTLVLAN.SYS
21:18:33.0796 6220 RTLVLAN - ok
21:18:33.0828 6220 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
21:18:33.0828 6220 SamSs - ok
21:18:33.0921 6220 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:18:33.0921 6220 SASDIFSV - ok
21:18:33.0921 6220 [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:18:33.0921 6220 SASKUTIL - ok
21:18:33.0968 6220 [ F5A633609777C212EC5FF19927FC5955 ] ScanUSBEMPIA C:\WINDOWS\system32\DRIVERS\emScan.sys
21:18:33.0968 6220 ScanUSBEMPIA - ok
21:18:33.0984 6220 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:18:33.0984 6220 SCardSvr - ok
21:18:34.0000 6220 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:18:34.0015 6220 Schedule - ok
21:18:34.0046 6220 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:18:34.0046 6220 Secdrv - ok
21:18:34.0062 6220 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
21:18:34.0062 6220 seclogon - ok
21:18:34.0078 6220 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
21:18:34.0078 6220 SENS - ok
21:18:34.0125 6220 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
21:18:34.0125 6220 Serenum - ok
21:18:34.0125 6220 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
21:18:34.0125 6220 Serial - ok
21:18:34.0203 6220 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:18:34.0203 6220 Sfloppy - ok
21:18:34.0250 6220 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:18:34.0265 6220 SharedAccess - ok
21:18:34.0281 6220 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:18:34.0281 6220 ShellHWDetection - ok
21:18:34.0281 6220 Simbad - ok
21:18:34.0312 6220 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
21:18:34.0312 6220 sisagp - ok
21:18:34.0328 6220 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:18:34.0328 6220 SLIP - ok
21:18:34.0343 6220 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
21:18:34.0343 6220 Sparrow - ok
21:18:34.0375 6220 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:18:34.0375 6220 splitter - ok
21:18:34.0421 6220 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:18:34.0421 6220 Spooler - ok
21:18:34.0484 6220 sprtsvc_dellsupportcenter - ok
21:18:34.0500 6220 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:18:34.0500 6220 sr - ok
21:18:34.0546 6220 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
21:18:34.0562 6220 srservice - ok
21:18:34.0593 6220 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:18:34.0593 6220 Srv - ok
21:18:34.0609 6220 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:18:34.0640 6220 SSDPSRV - ok
21:18:34.0671 6220 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:18:34.0671 6220 stisvc - ok
21:18:34.0703 6220 [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
21:18:34.0703 6220 stllssvr - ok
21:18:34.0703 6220 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:18:34.0703 6220 streamip - ok
21:18:34.0750 6220 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:18:34.0750 6220 swenum - ok
21:18:34.0750 6220 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:18:34.0750 6220 swmidi - ok
21:18:34.0765 6220 SwPrv - ok
21:18:34.0796 6220 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
21:18:34.0796 6220 symc810 - ok
21:18:34.0812 6220 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
21:18:34.0812 6220 symc8xx - ok
21:18:34.0828 6220 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
21:18:34.0828 6220 sym_hi - ok
21:18:34.0843 6220 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
21:18:34.0843 6220 sym_u3 - ok
21:18:34.0875 6220 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:18:34.0875 6220 sysaudio - ok
21:18:34.0906 6220 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:18:34.0906 6220 SysmonLog - ok
21:18:34.0937 6220 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:18:34.0937 6220 TapiSrv - ok
21:18:35.0015 6220 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:18:35.0015 6220 Tcpip - ok
21:18:35.0031 6220 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:18:35.0046 6220 TDPIPE - ok
21:18:35.0046 6220 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:18:35.0046 6220 TDTCP - ok
21:18:35.0093 6220 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:18:35.0093 6220 TermDD - ok
21:18:35.0109 6220 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
21:18:35.0109 6220 TermService - ok
21:18:35.0156 6220 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
21:18:35.0156 6220 Themes - ok
21:18:35.0187 6220 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
21:18:35.0187 6220 TlntSvr - ok
21:18:35.0203 6220 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
21:18:35.0203 6220 TosIde - ok
21:18:35.0234 6220 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:18:35.0234 6220 TrkWks - ok
21:18:35.0296 6220 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:18:35.0296 6220 Udfs - ok
21:18:35.0328 6220 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
21:18:35.0328 6220 ultra - ok
21:18:35.0359 6220 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:18:35.0359 6220 Update - ok
21:18:35.0406 6220 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:18:35.0406 6220 upnphost - ok
21:18:35.0421 6220 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
21:18:35.0421 6220 UPS - ok
21:18:35.0468 6220 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
21:18:35.0468 6220 usbaudio - ok
21:18:35.0484 6220 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:18:35.0484 6220 usbccgp - ok
21:18:35.0500 6220 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:18:35.0500 6220 usbehci - ok
21:18:35.0546 6220 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:18:35.0546 6220 usbhub - ok
21:18:35.0562 6220 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:18:35.0562 6220 usbprint - ok
21:18:35.0578 6220 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:18:35.0593 6220 USBSTOR - ok
21:18:35.0593 6220 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:18:35.0593 6220 usbuhci - ok
21:18:35.0625 6220 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:18:35.0625 6220 VgaSave - ok
21:18:35.0671 6220 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
21:18:35.0671 6220 viaagp - ok
21:18:35.0671 6220 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
21:18:35.0671 6220 ViaIde - ok
21:18:35.0703 6220 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:18:35.0703 6220 VolSnap - ok
21:18:35.0765 6220 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
21:18:35.0765 6220 VSS - ok
21:18:35.0796 6220 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
21:18:35.0796 6220 w32time - ok
21:18:35.0843 6220 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:18:35.0843 6220 Wanarp - ok
21:18:35.0843 6220 WDICA - ok
21:18:35.0859 6220 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:18:35.0859 6220 wdmaud - ok
21:18:35.0906 6220 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:18:35.0906 6220 WebClient - ok
21:18:35.0968 6220 [ 92CE6497076EAC3083185C44157B3A46 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
21:18:35.0968 6220 winachsf - ok
21:18:36.0062 6220 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
21:18:36.0062 6220 WinDefend - ok
21:18:36.0171 6220 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:18:36.0171 6220 winmgmt - ok
21:18:36.0203 6220 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:18:36.0203 6220 WmdmPmSN - ok
21:18:36.0234 6220 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:18:36.0250 6220 Wmi - ok
21:18:36.0281 6220 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:18:36.0281 6220 WmiApSrv - ok
21:18:36.0328 6220 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
21:18:36.0343 6220 WMPNetworkSvc - ok
21:18:36.0500 6220 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:18:36.0515 6220 WPFFontCache_v0400 - ok
21:18:36.0562 6220 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:18:36.0562 6220 wscsvc - ok
21:18:36.0593 6220 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:18:36.0593 6220 WSTCODEC - ok
21:18:36.0625 6220 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:18:36.0625 6220 wuauserv - ok
21:18:36.0656 6220 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:18:36.0671 6220 WudfPf - ok
21:18:36.0671 6220 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:18:36.0671 6220 WudfRd - ok
21:18:36.0687 6220 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
21:18:36.0703 6220 WudfSvc - ok
21:18:36.0734 6220 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:18:36.0734 6220 WZCSVC - ok
21:18:36.0781 6220 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:18:36.0781 6220 xmlprov - ok
21:18:36.0796 6220 ================ Scan global ===============================
21:18:36.0859 6220 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
21:18:36.0937 6220 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:18:36.0953 6220 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:18:36.0984 6220 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
21:18:36.0984 6220 [Global] - ok
21:18:36.0984 6220 ================ Scan MBR ==================================
21:18:37.0000 6220 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
21:18:37.0000 6220 Suspicious mbr (Forged): \Device\Harddisk0\DR0
21:18:37.0031 6220 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
21:18:37.0031 6220 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
21:18:37.0031 6220 ================ Scan VBR ==================================
21:18:37.0062 6220 [ 38C8AC3250B6FFB5B9C869C8AD6F37D2 ] \Device\Harddisk0\DR0\Partition1
21:18:37.0062 6220 \Device\Harddisk0\DR0\Partition1 - ok
21:18:37.0062 6220 ============================================================
21:18:37.0062 6220 Scan finished
21:18:37.0062 6220 ============================================================
21:18:37.0109 6536 Detected object count: 1
21:18:37.0109 6536 Actual detected object count: 1
21:19:06.0531 6536 \Device\Harddisk0\DR0\# - copied to quarantine
21:19:06.0531 6536 \Device\Harddisk0\DR0 - copied to quarantine
21:19:06.0546 6536 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
21:19:06.0562 6536 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
21:19:06.0562 6536 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
21:19:06.0562 6536 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
21:19:06.0562 6536 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
21:19:06.0593 6536 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
21:19:06.0593 6536 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
21:19:06.0593 6536 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
21:19:06.0593 6536 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
21:19:06.0609 6536 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
21:19:06.0609 6536 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
21:19:06.0609 6536 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
21:19:06.0609 6536 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
21:19:06.0609 6536 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
21:19:06.0640 6536 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
21:19:06.0640 6536 \Device\Harddisk0\DR0 - ok
21:19:06.0703 6536 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
21:19:24.0062 7464 Deinitialize success




===================================================

Second TDSSkiller file:

21:22:21.0578 2924 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
21:22:23.0625 2924 ============================================================
21:22:23.0625 2924 Current date / time: 2012/08/23 21:22:23.0625
21:22:23.0625 2924 SystemInfo:
21:22:23.0625 2924
21:22:23.0625 2924 OS Version: 5.1.2600 ServicePack: 3.0
21:22:23.0625 2924 Product type: Workstation
21:22:23.0625 2924 ComputerName: BILL_S
21:22:23.0625 2924 UserName: Bill
21:22:23.0625 2924 Windows directory: C:\WINDOWS
21:22:23.0625 2924 System windows directory: C:\WINDOWS
21:22:23.0625 2924 Processor architecture: Intel x86
21:22:23.0625 2924 Number of processors: 4
21:22:23.0625 2924 Page size: 0x1000
21:22:23.0625 2924 Boot type: Normal boot
21:22:23.0625 2924 ============================================================
21:22:27.0562 2924 BG loaded
21:22:28.0312 2924 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:22:28.0359 2924 ============================================================
21:22:28.0359 2924 \Device\Harddisk0\DR0:
21:22:28.0375 2924 MBR partitions:
21:22:28.0375 2924 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x2541A2B0
21:22:28.0375 2924 ============================================================
21:22:28.0453 2924 C: <-> \Device\Harddisk0\DR0\Partition1
21:22:28.0453 2924 ============================================================
21:22:28.0468 2924 Initialize success
21:22:28.0468 2924 ============================================================
21:23:43.0593 3348 ============================================================
21:23:43.0593 3348 Scan started
21:23:43.0593 3348 Mode: Manual; TDLFS;
21:23:43.0593 3348 ============================================================
21:23:43.0687 3348 ================ Scan system memory ========================
21:23:43.0687 3348 System memory - ok
21:23:43.0687 3348 ================ Scan services =============================
21:23:43.0859 3348 Abiosdsk - ok
21:23:43.0875 3348 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
21:23:43.0875 3348 abp480n5 - ok
21:23:43.0906 3348 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:23:43.0921 3348 ACPI - ok
21:23:43.0937 3348 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:23:43.0937 3348 ACPIEC - ok
21:23:43.0968 3348 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
21:23:43.0968 3348 adpu160m - ok
21:23:44.0000 3348 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:23:44.0000 3348 aec - ok
21:23:44.0062 3348 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:23:44.0062 3348 AFD - ok
21:23:44.0078 3348 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
21:23:44.0078 3348 agp440 - ok
21:23:44.0093 3348 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
21:23:44.0093 3348 agpCPQ - ok
21:23:44.0109 3348 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
21:23:44.0109 3348 Aha154x - ok
21:23:44.0125 3348 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
21:23:44.0125 3348 aic78u2 - ok
21:23:44.0125 3348 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
21:23:44.0125 3348 aic78xx - ok
21:23:44.0156 3348 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:23:44.0156 3348 Alerter - ok
21:23:44.0187 3348 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
21:23:44.0187 3348 ALG - ok
21:23:44.0203 3348 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
21:23:44.0203 3348 AliIde - ok
21:23:44.0234 3348 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
21:23:44.0234 3348 alim1541 - ok
21:23:44.0250 3348 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
21:23:44.0250 3348 amdagp - ok
21:23:44.0265 3348 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
21:23:44.0265 3348 amsint - ok
21:23:44.0281 3348 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:23:44.0281 3348 AppMgmt - ok
21:23:44.0296 3348 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
21:23:44.0296 3348 asc - ok
21:23:44.0312 3348 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
21:23:44.0312 3348 asc3350p - ok
21:23:44.0312 3348 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
21:23:44.0312 3348 asc3550 - ok
21:23:44.0437 3348 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:23:44.0453 3348 aspnet_state - ok
21:23:44.0484 3348 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:23:44.0484 3348 AsyncMac - ok
21:23:44.0500 3348 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:23:44.0500 3348 atapi - ok
21:23:44.0500 3348 Atdisk - ok
21:23:44.0578 3348 [ 5CEDA44447A28DB469DE28AFC0950650 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
21:23:44.0578 3348 Ati HotKey Poller - ok
21:23:44.0671 3348 [ B63516824DA0D8B9AD136E6E044A795F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:23:44.0703 3348 ati2mtag - ok
21:23:44.0765 3348 [ EAECE4A0D90D6E1FBE068CCE9EFD73A0 ] AtiHdmiService C:\WINDOWS\system32\drivers\AtiHdmi.sys
21:23:44.0765 3348 AtiHdmiService - ok
21:23:44.0781 3348 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:23:44.0781 3348 Atmarpc - ok
21:23:44.0843 3348 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:23:44.0843 3348 AudioSrv - ok
21:23:44.0906 3348 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:23:44.0906 3348 audstub - ok
21:23:45.0109 3348 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
21:23:45.0140 3348 AVGIDSAgent - ok
21:23:45.0203 3348 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
21:23:45.0203 3348 AVGIDSDriver - ok
21:23:45.0218 3348 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
21:23:45.0218 3348 AVGIDSFilter - ok
21:23:45.0265 3348 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
21:23:45.0265 3348 AVGIDSHX - ok
21:23:45.0296 3348 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
21:23:45.0296 3348 AVGIDSShim - ok
21:23:45.0359 3348 [ DDA6A2A18841E4C9172BB85958B8D948 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
21:23:45.0375 3348 Avgldx86 - ok
21:23:45.0375 3348 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
21:23:45.0375 3348 Avgmfx86 - ok
21:23:45.0406 3348 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
21:23:45.0406 3348 Avgrkx86 - ok
21:23:45.0437 3348 [ 1263F2554ACE925C237A40B4C568D815 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
21:23:45.0437 3348 Avgtdix - ok
21:23:45.0500 3348 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
21:23:45.0500 3348 avgwd - ok
21:23:45.0546 3348 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:23:45.0546 3348 Beep - ok
21:23:45.0609 3348 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
21:23:45.0625 3348 BITS - ok
21:23:45.0656 3348 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
21:23:45.0656 3348 Browser - ok
21:23:45.0687 3348 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
21:23:45.0687 3348 cbidf - ok
21:23:45.0703 3348 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:23:45.0703 3348 cbidf2k - ok
21:23:45.0734 3348 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:23:45.0734 3348 CCDECODE - ok
21:23:45.0750 3348 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
21:23:45.0750 3348 cd20xrnt - ok
21:23:45.0750 3348 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:23:45.0750 3348 Cdaudio - ok
21:23:45.0781 3348 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:23:45.0781 3348 Cdfs - ok
21:23:45.0796 3348 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:23:45.0796 3348 Cdrom - ok
21:23:45.0796 3348 Changer - ok
21:23:45.0828 3348 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:23:45.0828 3348 CiSvc - ok
21:23:45.0843 3348 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:23:45.0859 3348 ClipSrv - ok
21:23:45.0937 3348 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:23:45.0968 3348 clr_optimization_v2.0.50727_32 - ok
21:23:46.0000 3348 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:23:46.0046 3348 clr_optimization_v4.0.30319_32 - ok
21:23:46.0062 3348 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
21:23:46.0062 3348 CmdIde - ok
21:23:46.0078 3348 COMSysApp - ok
21:23:46.0109 3348 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
21:23:46.0109 3348 Cpqarray - ok
21:23:46.0140 3348 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:23:46.0140 3348 CryptSvc - ok
21:23:46.0171 3348 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
21:23:46.0171 3348 dac2w2k - ok
21:23:46.0171 3348 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
21:23:46.0171 3348 dac960nt - ok
21:23:46.0203 3348 [ 5118EA8A2F55FA4D4295516500B78229 ] DCamUSBEMPIA C:\WINDOWS\system32\DRIVERS\emDevice.sys
21:23:46.0203 3348 DCamUSBEMPIA - ok
21:23:46.0250 3348 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:23:46.0250 3348 DcomLaunch - ok
21:23:46.0296 3348 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:23:46.0296 3348 Dhcp - ok
21:23:46.0328 3348 [ A22D5A027F397E412CBB2D97E8661BFF ] Diag69xp C:\WINDOWS\system32\Drivers\Diag69xp.sys
21:23:46.0328 3348 Diag69xp - ok
21:23:46.0359 3348 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:23:46.0359 3348 Disk - ok
21:23:46.0390 3348 [ A0500678A33802D8954153839301D539 ] DLABMFSM C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
21:23:46.0390 3348 DLABMFSM - ok
21:23:46.0390 3348 [ B8D2F68CAC54D46281399F9092644794 ] DLABOIOM C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
21:23:46.0390 3348 DLABOIOM - ok
21:23:46.0406 3348 [ 0EE93AB799D1CB4EC90B36F3612FE907 ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
21:23:46.0406 3348 DLACDBHM - ok
21:23:46.0406 3348 [ 87413B94AE1FABC117C4E8AE6725134E ] DLADResM C:\WINDOWS\system32\Drivers\DLADResM.SYS
21:23:46.0421 3348 DLADResM - ok
21:23:46.0421 3348 [ 766A148235BE1C0039C974446E4C0EDC ] DLAIFS_M C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
21:23:46.0421 3348 DLAIFS_M - ok
21:23:46.0468 3348 [ 38267CCA177354F1C64450A43A4F7627 ] DLAOPIOM C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
21:23:46.0468 3348 DLAOPIOM - ok
21:23:46.0468 3348 [ FD363369FD313B46B5AEAB1A688B52E9 ] DLAPoolM C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
21:23:46.0468 3348 DLAPoolM - ok
21:23:46.0484 3348 [ 336AE18F0912EF4FBE5518849E004D74 ] DLARTL_M C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
21:23:46.0484 3348 DLARTL_M - ok
21:23:46.0484 3348 [ FD85F682C1CC2A7CA878C7A448E6D87E ] DLAUDFAM C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
21:23:46.0484 3348 DLAUDFAM - ok
21:23:46.0500 3348 [ AF389CE587B6BF5BBDCD6F6ABE5EABC0 ] DLAUDF_M C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
21:23:46.0500 3348 DLAUDF_M - ok
21:23:46.0515 3348 dmadmin - ok
21:23:46.0546 3348 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:23:46.0562 3348 dmboot - ok
21:23:46.0578 3348 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:23:46.0578 3348 dmio - ok
21:23:46.0578 3348 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:23:46.0578 3348 dmload - ok
21:23:46.0625 3348 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:23:46.0625 3348 dmserver - ok
21:23:46.0671 3348 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:23:46.0671 3348 DMusic - ok
21:23:46.0703 3348 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:23:46.0718 3348 Dnscache - ok
21:23:46.0734 3348 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:23:46.0734 3348 Dot3svc - ok
21:23:46.0750 3348 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
21:23:46.0750 3348 dpti2o - ok
21:23:46.0781 3348 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:23:46.0781 3348 drmkaud - ok
21:23:46.0781 3348 [ 5D3B71BB2BB0009D65D290E2EF374BD3 ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
21:23:46.0781 3348 DRVMCDB - ok
21:23:46.0796 3348 [ C591BA9F96F40A1FD6494DAFDCD17185 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
21:23:46.0796 3348 DRVNDDM - ok
21:23:46.0828 3348 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:23:46.0828 3348 EapHost - ok
21:23:46.0843 3348 [ 200DA4F1964C11B3C19A07F937394624 ] emAudio C:\WINDOWS\system32\drivers\emAudio.sys
21:23:46.0843 3348 emAudio - ok
21:23:46.0843 3348 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:23:46.0843 3348 ERSvc - ok
21:23:46.0890 3348 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
21:23:46.0890 3348 Eventlog - ok
21:23:46.0953 3348 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
21:23:46.0953 3348 EventSystem - ok
21:23:47.0000 3348 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:23:47.0000 3348 Fastfat - ok
21:23:47.0046 3348 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:23:47.0046 3348 FastUserSwitchingCompatibility - ok
21:23:47.0109 3348 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
21:23:47.0109 3348 Fax - ok
21:23:47.0109 3348 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
21:23:47.0109 3348 Fdc - ok
21:23:47.0140 3348 [ 6F87E4706F59463B74BC4FAD0F67338F ] FiltUSBEMPIA C:\WINDOWS\system32\DRIVERS\emFilter.sys
21:23:47.0140 3348 FiltUSBEMPIA - ok
21:23:47.0171 3348 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:23:47.0171 3348 Fips - ok
21:23:47.0171 3348 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
21:23:47.0171 3348 Flpydisk - ok
21:23:47.0187 3348 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:23:47.0187 3348 FltMgr - ok
21:23:47.0250 3348 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:23:47.0250 3348 FontCache3.0.0.0 - ok
21:23:47.0250 3348 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:23:47.0250 3348 Fs_Rec - ok
21:23:47.0281 3348 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:23:47.0296 3348 Ftdisk - ok
21:23:47.0406 3348 [ F0187E45268E86AAAA932CBD9087BEA8 ] GoogleDesktopManager-110309-193829 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
21:23:47.0421 3348 GoogleDesktopManager-110309-193829 - ok
21:23:47.0453 3348 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:23:47.0453 3348 Gpc - ok
21:23:47.0515 3348 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:23:47.0515 3348 gupdate - ok
21:23:47.0515 3348 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:23:47.0515 3348 gupdatem - ok
21:23:47.0562 3348 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:23:47.0562 3348 HDAudBus - ok
21:23:47.0625 3348 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:23:47.0625 3348 helpsvc - ok
21:23:47.0671 3348 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
21:23:47.0671 3348 HidServ - ok
21:23:47.0671 3348 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:23:47.0671 3348 hidusb - ok
21:23:47.0718 3348 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:23:47.0718 3348 hkmsvc - ok
21:23:47.0734 3348 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
21:23:47.0734 3348 hpn - ok
21:23:47.0765 3348 [ AC04FC91B57B27086CCF02086FD3F4CB ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
21:23:47.0781 3348 HSFHWBS2 - ok
21:23:47.0828 3348 [ F362C0B442337DA8AB0608DFAA4CA076 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
21:23:47.0843 3348 HSF_DPV - ok
21:23:47.0906 3348 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:23:47.0906 3348 HTTP - ok
21:23:47.0937 3348 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:23:47.0937 3348 HTTPFilter - ok
21:23:47.0984 3348 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
21:23:47.0984 3348 i2omgmt - ok
21:23:48.0000 3348 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
21:23:48.0000 3348 i2omp - ok
21:23:48.0093 3348 [ 3E42C4691AAD4B1E8D0466F9CBF05CBE ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:23:48.0093 3348 IAANTMON - ok
21:23:48.0109 3348 [ 707C1692214B1C290271067197F075F6 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
21:23:48.0109 3348 iaStor - ok
21:23:48.0171 3348 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:23:48.0187 3348 idsvc - ok
21:23:48.0218 3348 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:23:48.0218 3348 Imapi - ok
21:23:48.0265 3348 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
21:23:48.0265 3348 ImapiService - ok
21:23:48.0296 3348 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
21:23:48.0296 3348 ini910u - ok
21:23:48.0437 3348 [ 5C8F36CDCB489111B24003AF4DFE1FDC ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:23:48.0468 3348 IntcAzAudAddService - ok
21:23:48.0468 3348 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
21:23:48.0484 3348 IntelIde - ok
21:23:48.0531 3348 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:23:48.0531 3348 intelppm - ok
21:23:48.0562 3348 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:23:48.0562 3348 Ip6Fw - ok
21:23:48.0578 3348 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:23:48.0578 3348 IpFilterDriver - ok
21:23:48.0625 3348 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:23:48.0625 3348 IpInIp - ok
21:23:48.0640 3348 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:23:48.0640 3348 IpNat - ok
21:23:48.0656 3348 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:23:48.0656 3348 IPSec - ok
21:23:48.0656 3348 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:23:48.0656 3348 IRENUM - ok
21:23:48.0718 3348 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:23:48.0718 3348 isapnp - ok
21:23:48.0718 3348 [ B07084095F8C03AADB9811C9DF14B5E4 ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
21:23:48.0718 3348 JRAID - ok
21:23:48.0781 3348 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:23:48.0781 3348 Kbdclass - ok
21:23:48.0781 3348 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:23:48.0781 3348 kbdhid - ok
21:23:48.0796 3348 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:23:48.0796 3348 kmixer - ok
21:23:48.0828 3348 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:23:48.0828 3348 KSecDD - ok
21:23:48.0859 3348 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
21:23:48.0859 3348 LanmanServer - ok
21:23:48.0906 3348 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:23:48.0921 3348 lanmanworkstation - ok
21:23:48.0953 3348 [ 8F5795B166CBB50966E29982F8CDB310 ] LANPkt C:\WINDOWS\system32\DRIVERS\LANPkt.sys
21:23:48.0953 3348 LANPkt - ok
21:23:48.0968 3348 lbrtfdc - ok
21:23:49.0031 3348 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:23:49.0031 3348 LmHosts - ok
21:23:49.0078 3348 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
21:23:49.0078 3348 MarvinBus - ok
21:23:49.0218 3348 [ EEE1EA23C4777ADB268A36196A631200 ] McciServiceHost C:\Program Files\Common Files\Motive\McciServiceHost.exe
21:23:49.0218 3348 McciServiceHost - ok
21:23:49.0234 3348 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
21:23:49.0234 3348 mdmxsdk - ok
21:23:49.0281 3348 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:23:49.0296 3348 Messenger - ok
21:23:49.0328 3348 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:23:49.0328 3348 mnmdd - ok
21:23:49.0359 3348 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
21:23:49.0375 3348 mnmsrvc - ok
21:23:49.0390 3348 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:23:49.0390 3348 Modem - ok
21:23:49.0437 3348 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:23:49.0437 3348 Mouclass - ok
21:23:49.0453 3348 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:23:49.0453 3348 mouhid - ok
21:23:49.0468 3348 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:23:49.0468 3348 MountMgr - ok
21:23:49.0500 3348 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
21:23:49.0500 3348 MPE - ok
21:23:49.0500 3348 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
21:23:49.0500 3348 mraid35x - ok
21:23:49.0546 3348 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
21:23:49.0546 3348 MREMP50 - ok
21:23:49.0546 3348 MREMPR5 - ok
21:23:49.0562 3348 MRENDIS5 - ok
21:23:49.0578 3348 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
21:23:49.0578 3348 MRESP50 - ok
21:23:49.0578 3348 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:23:49.0593 3348 MRxDAV - ok
21:23:49.0640 3348 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:23:49.0640 3348 MRxSmb - ok
21:23:49.0687 3348 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
21:23:49.0687 3348 MSDTC - ok
21:23:49.0687 3348 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:23:49.0687 3348 Msfs - ok
21:23:49.0703 3348 MSIServer - ok
21:23:49.0718 3348 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:23:49.0718 3348 MSKSSRV - ok
21:23:49.0734 3348 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:23:49.0734 3348 MSPCLOCK - ok
21:23:49.0734 3348 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:23:49.0734 3348 MSPQM - ok
21:23:49.0781 3348 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:23:49.0781 3348 mssmbios - ok
21:23:49.0796 3348 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:23:49.0796 3348 MSTEE - ok
21:23:49.0812 3348 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:23:49.0812 3348 Mup - ok
21:23:49.0828 3348 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:23:49.0828 3348 NABTSFEC - ok
21:23:49.0859 3348 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
21:23:49.0875 3348 napagent - ok
21:23:49.0890 3348 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:23:49.0890 3348 NDIS - ok
21:23:49.0921 3348 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:23:49.0921 3348 NdisIP - ok
21:23:49.0953 3348 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:23:49.0953 3348 NdisTapi - ok
21:23:50.0000 3348 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:23:50.0000 3348 Ndisuio - ok
21:23:50.0000 3348 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:23:50.0000 3348 NdisWan - ok
21:23:50.0046 3348 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:23:50.0046 3348 NDProxy - ok
21:23:50.0062 3348 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:23:50.0062 3348 NetBIOS - ok
21:23:50.0078 3348 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:23:50.0078 3348 NetBT - ok
21:23:50.0109 3348 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
21:23:50.0109 3348 NetDDE - ok
21:23:50.0109 3348 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:23:50.0109 3348 NetDDEdsdm - ok
21:23:50.0156 3348 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:23:50.0156 3348 Netlogon - ok
21:23:50.0171 3348 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
21:23:50.0171 3348 Netman - ok
21:23:50.0203 3348 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:23:50.0203 3348 NetTcpPortSharing - ok
21:23:50.0234 3348 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
21:23:50.0250 3348 Nla - ok
21:23:50.0281 3348 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\WINDOWS\system32\drivers\npf.sys
21:23:50.0281 3348 NPF - ok
21:23:50.0296 3348 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:23:50.0296 3348 Npfs - ok
21:23:50.0343 3348 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:23:50.0343 3348 Ntfs - ok
21:23:50.0359 3348 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
21:23:50.0359 3348 NtLmSsp - ok
21:23:50.0406 3348 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:23:50.0421 3348 NtmsSvc - ok
21:23:50.0453 3348 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:23:50.0453 3348 Null - ok
21:23:50.0468 3348 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:23:50.0468 3348 NwlnkFlt - ok
21:23:50.0484 3348 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:23:50.0484 3348 NwlnkFwd - ok
21:23:50.0625 3348 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:23:50.0625 3348 odserv - ok
21:23:50.0671 3348 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:23:50.0671 3348 ose - ok
21:23:50.0703 3348 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
21:23:50.0703 3348 Parport - ok
21:23:50.0734 3348 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:23:50.0734 3348 PartMgr - ok
21:23:50.0765 3348 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:23:50.0765 3348 ParVdm - ok
21:23:50.0812 3348 [ BAE04007A679893E975A2B75E9E001E9 ] pcCMService C:\Program Files\Common Files\Motive\pcCMService.exe
21:23:50.0812 3348 pcCMService - ok
21:23:50.0812 3348 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:23:50.0812 3348 PCI - ok
21:23:50.0828 3348 PCIDump - ok
21:23:50.0859 3348 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:23:50.0859 3348 PCIIde - ok
21:23:50.0875 3348 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:23:50.0875 3348 Pcmcia - ok
21:23:50.0921 3348 [ A792405E6C84C3DEBC02B1CF29A928F0 ] pcServiceHost C:\Program Files\Common Files\Motive\pcServiceHost.exe
21:23:50.0921 3348 pcServiceHost - ok
21:23:50.0921 3348 PDCOMP - ok
21:23:50.0937 3348 PDFRAME - ok
21:23:50.0937 3348 PDRELI - ok
21:23:50.0953 3348 PDRFRAME - ok
21:23:50.0984 3348 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
21:23:50.0984 3348 perc2 - ok
21:23:51.0000 3348 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
21:23:51.0000 3348 perc2hib - ok
21:23:51.0046 3348 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
21:23:51.0046 3348 PlugPlay - ok
21:23:51.0062 3348 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:23:51.0062 3348 PolicyAgent - ok
21:23:51.0109 3348 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:23:51.0109 3348 PptpMiniport - ok
21:23:51.0109 3348 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:23:51.0125 3348 ProtectedStorage - ok
21:23:51.0125 3348 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:23:51.0125 3348 PSched - ok
21:23:51.0125 3348 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:23:51.0125 3348 Ptilink - ok
21:23:51.0171 3348 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:23:51.0171 3348 PxHelp20 - ok
21:23:51.0203 3348 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
21:23:51.0203 3348 ql1080 - ok
21:23:51.0203 3348 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
21:23:51.0203 3348 Ql10wnt - ok
21:23:51.0218 3348 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
21:23:51.0218 3348 ql12160 - ok
21:23:51.0234 3348 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
21:23:51.0234 3348 ql1240 - ok
21:23:51.0250 3348 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
21:23:51.0250 3348 ql1280 - ok
21:23:51.0265 3348 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:23:51.0265 3348 RasAcd - ok
21:23:51.0312 3348 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:23:51.0312 3348 RasAuto - ok
21:23:51.0343 3348 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:23:51.0343 3348 Rasl2tp - ok
21:23:51.0359 3348 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:23:51.0359 3348 RasMan - ok
21:23:51.0359 3348 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:23:51.0359 3348 RasPppoe - ok
21:23:51.0375 3348 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:23:51.0375 3348 Raspti - ok
21:23:51.0421 3348 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:23:51.0437 3348 Rdbss - ok
21:23:51.0437 3348 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:23:51.0437 3348 RDPCDD - ok
21:23:51.0484 3348 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:23:51.0500 3348 rdpdr - ok
21:23:51.0546 3348 [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:23:51.0546 3348 RDPWD - ok
21:23:51.0578 3348 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:23:51.0593 3348 RDSessMgr - ok
21:23:51.0609 3348 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:23:51.0609 3348 redbook - ok
21:23:51.0609 3348 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:23:51.0625 3348 RemoteAccess - ok
21:23:51.0671 3348 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:23:51.0671 3348 RemoteRegistry - ok
21:23:51.0734 3348 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
21:23:51.0734 3348 rpcapd - ok
21:23:51.0750 3348 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
21:23:51.0750 3348 RpcLocator - ok
21:23:51.0781 3348 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:23:51.0781 3348 RpcSs - ok
21:23:51.0812 3348 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
21:23:51.0828 3348 RSVP - ok
21:23:51.0859 3348 [ 7174F20AD9B7B7878A51ECCA03C499C2 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
21:23:51.0859 3348 RTLE8023xp - ok
21:23:51.0890 3348 [ B9CA69921379EA2931C4450FE975BCE7 ] RTLVLAN C:\WINDOWS\system32\DRIVERS\RTLVLAN.SYS
21:23:51.0890 3348 RTLVLAN - ok
21:23:51.0921 3348 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
21:23:51.0921 3348 SamSs - ok
21:23:52.0015 3348 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:23:52.0015 3348 SASDIFSV - ok
21:23:52.0015 3348 [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:23:52.0015 3348 SASKUTIL - ok
21:23:52.0046 3348 [ F5A633609777C212EC5FF19927FC5955 ] ScanUSBEMPIA C:\WINDOWS\system32\DRIVERS\emScan.sys
21:23:52.0046 3348 ScanUSBEMPIA - ok
21:23:52.0062 3348 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:23:52.0078 3348 SCardSvr - ok
21:23:52.0109 3348 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:23:52.0109 3348 Schedule - ok
21:23:52.0140 3348 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:23:52.0140 3348 Secdrv - ok
21:23:52.0156 3348 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
21:23:52.0156 3348 seclogon - ok
21:23:52.0171 3348 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
21:23:52.0171 3348 SENS - ok
21:23:52.0187 3348 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
21:23:52.0187 3348 Serenum - ok
21:23:52.0187 3348 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
21:23:52.0187 3348 Serial - ok
21:23:52.0250 3348 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:23:52.0250 3348 Sfloppy - ok
21:23:52.0296 3348 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:23:52.0296 3348 SharedAccess - ok
21:23:52.0312 3348 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:23:52.0312 3348 ShellHWDetection - ok
21:23:52.0312 3348 Simbad - ok
21:23:52.0343 3348 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
21:23:52.0343 3348 sisagp - ok
21:23:52.0359 3348 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:23:52.0359 3348 SLIP - ok
21:23:52.0375 3348 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
21:23:52.0375 3348 Sparrow - ok
21:23:52.0390 3348 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:23:52.0406 3348 splitter - ok
21:23:52.0437 3348 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:23:52.0453 3348 Spooler - ok
21:23:52.0500 3348 sprtsvc_dellsupportcenter - ok
21:23:52.0531 3348 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:23:52.0531 3348 sr - ok
21:23:52.0578 3348 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
21:23:52.0578 3348 srservice - ok
21:23:52.0609 3348 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:23:52.0609 3348 Srv - ok
21:23:52.0640 3348 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:23:52.0640 3348 SSDPSRV - ok
21:23:52.0687 3348 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:23:52.0703 3348 stisvc - ok
21:23:52.0734 3348 [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
21:23:52.0734 3348 stllssvr - ok
21:23:52.0750 3348 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:23:52.0750 3348 streamip - ok
21:23:52.0796 3348 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:23:52.0796 3348 swenum - ok
21:23:52.0796 3348 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:23:52.0796 3348 swmidi - ok
21:23:52.0812 3348 SwPrv - ok
21:23:52.0859 3348 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
21:23:52.0859 3348 symc810 - ok
21:23:52.0875 3348 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
21:23:52.0875 3348 symc8xx - ok
21:23:52.0875 3348 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
21:23:52.0875 3348 sym_hi - ok
21:23:52.0890 3348 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
21:23:52.0890 3348 sym_u3 - ok
21:23:52.0921 3348 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:23:52.0921 3348 sysaudio - ok
21:23:52.0968 3348 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:23:52.0968 3348 SysmonLog - ok
21:23:53.0000 3348 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:23:53.0000 3348 TapiSrv - ok
21:23:53.0046 3348 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:23:53.0046 3348 Tcpip - ok
21:23:53.0078 3348 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:23:53.0078 3348 TDPIPE - ok
21:23:53.0093 3348 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:23:53.0093 3348 TDTCP - ok
21:23:53.0125 3348 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:23:53.0125 3348 TermDD - ok
21:23:53.0140 3348 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
21:23:53.0140 3348 TermService - ok
21:23:53.0156 3348 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
21:23:53.0156 3348 Themes - ok
21:23:53.0187 3348 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
21:23:53.0187 3348 TlntSvr - ok
21:23:53.0203 3348 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
21:23:53.0203 3348 TosIde - ok
21:23:53.0234 3348 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:23:53.0234 3348 TrkWks - ok
21:23:53.0281 3348 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:23:53.0281 3348 Udfs - ok
21:23:53.0312 3348 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
21:23:53.0312 3348 ultra - ok
21:23:53.0343 3348 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:23:53.0359 3348 Update - ok
21:23:53.0390 3348 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:23:53.0390 3348 upnphost - ok
21:23:53.0421 3348 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
21:23:53.0421 3348 UPS - ok
21:23:53.0468 3348 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
21:23:53.0468 3348 usbaudio - ok
21:23:53.0484 3348 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:23:53.0484 3348 usbccgp - ok
21:23:53.0500 3348 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:23:53.0500 3348 usbehci - ok
21:23:53.0546 3348 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:23:53.0546 3348 usbhub - ok
21:23:53.0578 3348 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:23:53.0578 3348 usbprint - ok
21:23:53.0593 3348 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:23:53.0609 3348 USBSTOR - ok
21:23:53.0625 3348 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:23:53.0625 3348 usbuhci - ok
21:23:53.0671 3348 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:23:53.0671 3348 VgaSave - ok
21:23:53.0703 3348 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
21:23:53.0703 3348 viaagp - ok
21:23:53.0718 3348 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
21:23:53.0718 3348 ViaIde - ok
21:23:53.0750 3348 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:23:53.0750 3348 VolSnap - ok
21:23:53.0781 3348 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
21:23:53.0781 3348 VSS - ok
21:23:53.0812 3348 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
21:23:53.0828 3348 w32time - ok
21:23:53.0843 3348 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:23:53.0843 3348 Wanarp - ok
21:23:53.0843 3348 WDICA - ok
21:23:53.0859 3348 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:23:53.0859 3348 wdmaud - ok
21:23:53.0875 3348 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:23:53.0875 3348 WebClient - ok
21:23:53.0906 3348 [ 92CE6497076EAC3083185C44157B3A46 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
21:23:53.0906 3348 winachsf - ok
21:23:54.0000 3348 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
21:23:54.0000 3348 WinDefend - ok
21:23:54.0109 3348 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:23:54.0125 3348 winmgmt - ok
21:23:54.0171 3348 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:23:54.0171 3348 WmdmPmSN - ok
21:23:54.0203 3348 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:23:54.0203 3348 Wmi - ok
21:23:54.0250 3348 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:23:54.0250 3348 WmiApSrv - ok
21:23:54.0296 3348 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
21:23:54.0312 3348 WMPNetworkSvc - ok
21:23:54.0468 3348 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:23:54.0484 3348 WPFFontCache_v0400 - ok
21:23:54.0531 3348 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:23:54.0531 3348 wscsvc - ok
21:23:54.0562 3348 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:23:54.0562 3348 WSTCODEC - ok
21:23:54.0593 3348 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:23:54.0593 3348 wuauserv - ok
21:23:54.0625 3348 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:23:54.0640 3348 WudfPf - ok
21:23:54.0671 3348 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:23:54.0671 3348 WudfRd - ok
21:23:54.0687 3348 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
21:23:54.0687 3348 WudfSvc - ok
21:23:54.0734 3348 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:23:54.0734 3348 WZCSVC - ok
21:23:54.0765 3348 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:23:54.0781 3348 xmlprov - ok
21:23:54.0781 3348 ================ Scan global ===============================
21:23:54.0828 3348 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
21:23:54.0875 3348 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:23:54.0890 3348 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
21:23:54.0906 3348 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
21:23:54.0906 3348 [Global] - ok
21:23:54.0906 3348 ================ Scan MBR ==================================
21:23:54.0921 3348 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
21:23:55.0156 3348 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:23:55.0156 3348 \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:23:55.0156 3348 ================ Scan VBR ==================================
21:23:55.0156 3348 [ 38C8AC3250B6FFB5B9C869C8AD6F37D2 ] \Device\Harddisk0\DR0\Partition1
21:23:55.0156 3348 \Device\Harddisk0\DR0\Partition1 - ok
21:23:55.0171 3348 ============================================================
21:23:55.0171 3348 Scan finished
21:23:55.0171 3348 ============================================================
21:23:55.0218 2884 Detected object count: 1
21:23:55.0218 2884 Actual detected object count: 1
21:24:33.0984 2884 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
21:24:33.0984 2884 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
21:24:48.0125 2892 Deinitialize success

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:26 AM

Posted 23 August 2012 - 09:38 PM

Restart the PC and continue with other scans

#5 bill_1001

bill_1001
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:26 AM

Posted 23 August 2012 - 11:40 PM

Below are the log files from aswMBR and ESET.

I noticed that ESET deleted and quarantined UVRealtime.exe. That is a program that I downloaded to monitor my internet gateway (I have AT&T U-verse). It's not required, but I would be surprised if it's malware.




aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-23 21:43:31
-----------------------------
21:43:31.781 OS Version: Windows 5.1.2600 Service Pack 3
21:43:31.781 Number of processors: 4 586 0xF0B
21:43:31.781 ComputerName: BILL_S UserName: Bill
21:43:48.687 Initialize success
21:47:07.343 AVAST engine defs: 12082400
21:47:30.437 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2
21:47:30.437 Disk 0 Vendor: Hitachi_ GM3O Size: 305245MB BusType: 3
21:47:30.453 Disk 0 MBR read successfully
21:47:30.453 Disk 0 MBR scan
21:47:30.484 Disk 0 Windows VISTA default MBR code
21:47:30.484 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
21:47:30.515 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 305204 MB offset 81920
21:47:30.515 Disk 0 scanning sectors +625140400
21:47:30.609 Disk 0 scanning C:\WINDOWS\system32\drivers
21:47:38.671 Service scanning
21:47:56.453 Modules scanning
21:48:16.843 Disk 0 trace - called modules:
21:48:16.875 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
21:48:16.875 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ad3bab8]
21:48:16.890 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0x8a73d028]
21:48:17.703 AVAST engine scan C:\WINDOWS
21:48:22.531 AVAST engine scan C:\WINDOWS\system32
21:50:35.250 AVAST engine scan C:\WINDOWS\system32\drivers
21:50:49.703 AVAST engine scan C:\Documents and Settings\Bill
21:56:01.218 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Bill\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\MBR.dat"
21:56:01.234 The log file has been saved successfully to "C:\Documents and Settings\Bill\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\aswMBR.txt"
22:03:45.828 AVAST engine scan C:\Documents and Settings\All Users
22:10:15.281 Scan finished successfully
22:13:54.375 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Bill\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\MBR.dat"
22:13:54.375 The log file has been saved successfully to "C:\Documents and Settings\Bill\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\aswMBR.txt"









C:\Program Files\UV Realtime\UV Realtime.exe a variant of MSIL/Packed.CryptoObfuscator.C application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\23.08.2012_21.18.07\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\23.08.2012_21.18.07\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\23.08.2012_21.18.07\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\23.08.2012_21.18.07\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\23.08.2012_21.18.07\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.LA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\23.08.2012_21.18.07\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\23.08.2012_21.18.07\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\23.08.2012_21.18.07\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:26 AM

Posted 23 August 2012 - 11:43 PM

21:24:33.0984 2884 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


Run TDSSkiller again and select DELETE

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#7 bill_1001

bill_1001
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:26 AM

Posted 23 August 2012 - 11:45 PM

ESET is still up. There are two check boxes on ESET (Uninstall application on close, and Delete quarantined files). Do I check either of these before I click the Finish button?

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:26 AM

Posted 23 August 2012 - 11:46 PM

ESET is still up. There are two check boxes on ESET (Uninstall application on close, and Delete quarantined files). Do I check either of these before I click the Finish button?


Checkmark both and click finish

#9 bill_1001

bill_1001
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:26 AM

Posted 23 August 2012 - 11:49 PM

Is it OK to continue this in the morning? I'm beat. If so, should I leave the computer running or shut it down?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:26 AM

Posted 23 August 2012 - 11:51 PM

Yes,we can continue in the morning :thumbsup:

#11 bill_1001

bill_1001
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:26 AM

Posted 24 August 2012 - 01:19 PM

narenxp,

I performed your second set of instructions. Here are my 7 comments, and below are the 6 log files.

1. I ran TDSSkiller again and selected "delete". To be clear, the reason that "skip" was used in the first scan is that your instructions said "Do not change the default options on scan results". "Skip" was the default when I ran the program. For future users, it might be helpful to change your instructions to make sure they select "delete".

2. Malwarebytes ran fine.

3. minitoolbox ran fine

4. FSS ran fine

5. adware cleaner was flagged as a threat by AVG, I had to "allow it" to finish. Is that OK?

6. rkill ran fine

7. While I was typing this reply (at approx 12:54 PM, 8/24/2012), my printer que popped up in the taskbar and told me that I was out of paper. My printer is currently turned off. I looked in the que and here what is waiting to print:

http://www.bleepingcomputer.com/forums/index.php?s=3f932fe67de9
Pages: 36
Size: 63.8 KB/5.52 MB
Submitted: 12:54:36 PM 8/24/2012


Is that supposed to happen? Is that a virus/trojan? I didn't print anything, that entry is still in my print que. Should I delete it, run something to check it?






Below are the 6 log files.



Bill

=========================================




1. TDSSkiller ================================

23:56:07.0265 0964 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
23:56:07.0875 0964 ============================================================
23:56:07.0875 0964 Current date / time: 2012/08/23 23:56:07.0875
23:56:07.0875 0964 SystemInfo:
23:56:07.0875 0964
23:56:07.0875 0964 OS Version: 5.1.2600 ServicePack: 3.0
23:56:07.0875 0964 Product type: Workstation
23:56:07.0875 0964 ComputerName: BILL_S
23:56:07.0875 0964 UserName: Bill
23:56:07.0875 0964 Windows directory: C:\WINDOWS
23:56:07.0875 0964 System windows directory: C:\WINDOWS
23:56:07.0875 0964 Processor architecture: Intel x86
23:56:07.0875 0964 Number of processors: 4
23:56:07.0875 0964 Page size: 0x1000
23:56:07.0875 0964 Boot type: Normal boot
23:56:07.0875 0964 ============================================================
23:56:08.0640 0964 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:56:08.0640 0964 ============================================================
23:56:08.0640 0964 \Device\Harddisk0\DR0:
23:56:08.0640 0964 MBR partitions:
23:56:08.0640 0964 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x2541A2B0
23:56:08.0640 0964 ============================================================
23:56:08.0687 0964 C: <-> \Device\Harddisk0\DR0\Partition1
23:56:08.0687 0964 ============================================================
23:56:08.0687 0964 Initialize success
23:56:08.0687 0964 ============================================================
23:56:47.0546 5064 ============================================================
23:56:47.0546 5064 Scan started
23:56:47.0546 5064 Mode: Manual; TDLFS;
23:56:47.0546 5064 ============================================================
23:56:49.0171 5064 ================ Scan system memory ========================
23:56:49.0171 5064 System memory - ok
23:56:49.0171 5064 ================ Scan services =============================
23:56:49.0359 5064 Abiosdsk - ok
23:56:49.0375 5064 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
23:56:49.0375 5064 abp480n5 - ok
23:56:49.0406 5064 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:56:49.0406 5064 ACPI - ok
23:56:49.0437 5064 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
23:56:49.0437 5064 ACPIEC - ok
23:56:49.0453 5064 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
23:56:49.0453 5064 adpu160m - ok
23:56:49.0484 5064 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
23:56:49.0500 5064 aec - ok
23:56:49.0546 5064 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
23:56:49.0546 5064 AFD - ok
23:56:49.0562 5064 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
23:56:49.0578 5064 agp440 - ok
23:56:49.0578 5064 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
23:56:49.0578 5064 agpCPQ - ok
23:56:49.0593 5064 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
23:56:49.0593 5064 Aha154x - ok
23:56:49.0609 5064 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
23:56:49.0609 5064 aic78u2 - ok
23:56:49.0625 5064 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
23:56:49.0625 5064 aic78xx - ok
23:56:49.0640 5064 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
23:56:49.0640 5064 Alerter - ok
23:56:49.0671 5064 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
23:56:49.0671 5064 ALG - ok
23:56:49.0687 5064 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
23:56:49.0687 5064 AliIde - ok
23:56:49.0703 5064 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
23:56:49.0703 5064 alim1541 - ok
23:56:49.0718 5064 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
23:56:49.0718 5064 amdagp - ok
23:56:49.0750 5064 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
23:56:49.0750 5064 amsint - ok
23:56:49.0750 5064 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
23:56:49.0750 5064 AppMgmt - ok
23:56:49.0765 5064 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
23:56:49.0765 5064 asc - ok
23:56:49.0781 5064 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
23:56:49.0781 5064 asc3350p - ok
23:56:49.0781 5064 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
23:56:49.0781 5064 asc3550 - ok
23:56:49.0921 5064 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:56:49.0921 5064 aspnet_state - ok
23:56:49.0953 5064 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:56:49.0953 5064 AsyncMac - ok
23:56:49.0968 5064 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
23:56:49.0968 5064 atapi - ok
23:56:49.0968 5064 Atdisk - ok
23:56:50.0031 5064 [ 5CEDA44447A28DB469DE28AFC0950650 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
23:56:50.0031 5064 Ati HotKey Poller - ok
23:56:50.0093 5064 [ B63516824DA0D8B9AD136E6E044A795F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
23:56:50.0125 5064 ati2mtag - ok
23:56:50.0171 5064 [ EAECE4A0D90D6E1FBE068CCE9EFD73A0 ] AtiHdmiService C:\WINDOWS\system32\drivers\AtiHdmi.sys
23:56:50.0171 5064 AtiHdmiService - ok
23:56:50.0203 5064 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:56:50.0203 5064 Atmarpc - ok
23:56:50.0234 5064 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
23:56:50.0234 5064 AudioSrv - ok
23:56:50.0265 5064 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
23:56:50.0265 5064 audstub - ok
23:56:50.0468 5064 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
23:56:50.0484 5064 AVGIDSAgent - ok
23:56:50.0531 5064 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
23:56:50.0531 5064 AVGIDSDriver - ok
23:56:50.0546 5064 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
23:56:50.0546 5064 AVGIDSFilter - ok
23:56:50.0609 5064 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
23:56:50.0609 5064 AVGIDSHX - ok
23:56:50.0656 5064 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
23:56:50.0656 5064 AVGIDSShim - ok
23:56:50.0656 5064 [ DDA6A2A18841E4C9172BB85958B8D948 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
23:56:50.0656 5064 Avgldx86 - ok
23:56:50.0671 5064 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
23:56:50.0671 5064 Avgmfx86 - ok
23:56:50.0718 5064 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
23:56:50.0718 5064 Avgrkx86 - ok
23:56:50.0734 5064 [ 1263F2554ACE925C237A40B4C568D815 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
23:56:50.0734 5064 Avgtdix - ok
23:56:50.0781 5064 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
23:56:50.0796 5064 avgwd - ok
23:56:50.0843 5064 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:56:50.0843 5064 Beep - ok
23:56:50.0906 5064 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
23:56:50.0906 5064 BITS - ok
23:56:50.0953 5064 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
23:56:50.0953 5064 Browser - ok
23:56:50.0984 5064 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
23:56:50.0984 5064 cbidf - ok
23:56:50.0984 5064 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
23:56:50.0984 5064 cbidf2k - ok
23:56:51.0015 5064 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:56:51.0015 5064 CCDECODE - ok
23:56:51.0031 5064 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
23:56:51.0031 5064 cd20xrnt - ok
23:56:51.0031 5064 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
23:56:51.0031 5064 Cdaudio - ok
23:56:51.0046 5064 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
23:56:51.0046 5064 Cdfs - ok
23:56:51.0078 5064 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:56:51.0078 5064 Cdrom - ok
23:56:51.0078 5064 Changer - ok
23:56:51.0125 5064 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
23:56:51.0125 5064 CiSvc - ok
23:56:51.0125 5064 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
23:56:51.0125 5064 ClipSrv - ok
23:56:51.0203 5064 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:56:51.0203 5064 clr_optimization_v2.0.50727_32 - ok
23:56:51.0265 5064 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:56:51.0265 5064 clr_optimization_v4.0.30319_32 - ok
23:56:51.0281 5064 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
23:56:51.0281 5064 CmdIde - ok
23:56:51.0281 5064 COMSysApp - ok
23:56:51.0312 5064 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
23:56:51.0328 5064 Cpqarray - ok
23:56:51.0359 5064 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
23:56:51.0359 5064 CryptSvc - ok
23:56:51.0390 5064 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
23:56:51.0390 5064 dac2w2k - ok
23:56:51.0406 5064 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
23:56:51.0406 5064 dac960nt - ok
23:56:51.0421 5064 [ 5118EA8A2F55FA4D4295516500B78229 ] DCamUSBEMPIA C:\WINDOWS\system32\DRIVERS\emDevice.sys
23:56:51.0421 5064 DCamUSBEMPIA - ok
23:56:51.0468 5064 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:56:51.0484 5064 DcomLaunch - ok
23:56:51.0531 5064 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
23:56:51.0531 5064 Dhcp - ok
23:56:51.0562 5064 [ A22D5A027F397E412CBB2D97E8661BFF ] Diag69xp C:\WINDOWS\system32\Drivers\Diag69xp.sys
23:56:51.0562 5064 Diag69xp - ok
23:56:51.0593 5064 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
23:56:51.0593 5064 Disk - ok
23:56:51.0625 5064 [ A0500678A33802D8954153839301D539 ] DLABMFSM C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
23:56:51.0625 5064 DLABMFSM - ok
23:56:51.0656 5064 [ B8D2F68CAC54D46281399F9092644794 ] DLABOIOM C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
23:56:51.0656 5064 DLABOIOM - ok
23:56:51.0656 5064 [ 0EE93AB799D1CB4EC90B36F3612FE907 ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
23:56:51.0656 5064 DLACDBHM - ok
23:56:51.0671 5064 [ 87413B94AE1FABC117C4E8AE6725134E ] DLADResM C:\WINDOWS\system32\Drivers\DLADResM.SYS
23:56:51.0671 5064 DLADResM - ok
23:56:51.0671 5064 [ 766A148235BE1C0039C974446E4C0EDC ] DLAIFS_M C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
23:56:51.0671 5064 DLAIFS_M - ok
23:56:51.0687 5064 [ 38267CCA177354F1C64450A43A4F7627 ] DLAOPIOM C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
23:56:51.0687 5064 DLAOPIOM - ok
23:56:51.0703 5064 [ FD363369FD313B46B5AEAB1A688B52E9 ] DLAPoolM C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
23:56:51.0703 5064 DLAPoolM - ok
23:56:51.0718 5064 [ 336AE18F0912EF4FBE5518849E004D74 ] DLARTL_M C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
23:56:51.0718 5064 DLARTL_M - ok
23:56:51.0734 5064 [ FD85F682C1CC2A7CA878C7A448E6D87E ] DLAUDFAM C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
23:56:51.0734 5064 DLAUDFAM - ok
23:56:51.0734 5064 [ AF389CE587B6BF5BBDCD6F6ABE5EABC0 ] DLAUDF_M C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
23:56:51.0734 5064 DLAUDF_M - ok
23:56:51.0734 5064 dmadmin - ok
23:56:51.0781 5064 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
23:56:51.0781 5064 dmboot - ok
23:56:51.0781 5064 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
23:56:51.0796 5064 dmio - ok
23:56:51.0796 5064 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
23:56:51.0796 5064 dmload - ok
23:56:51.0828 5064 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
23:56:51.0828 5064 dmserver - ok
23:56:51.0875 5064 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
23:56:51.0875 5064 DMusic - ok
23:56:51.0921 5064 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:56:51.0921 5064 Dnscache - ok
23:56:51.0953 5064 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
23:56:51.0953 5064 Dot3svc - ok
23:56:51.0968 5064 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
23:56:51.0968 5064 dpti2o - ok
23:56:51.0984 5064 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:56:51.0984 5064 drmkaud - ok
23:56:51.0984 5064 [ 5D3B71BB2BB0009D65D290E2EF374BD3 ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
23:56:52.0000 5064 DRVMCDB - ok
23:56:52.0000 5064 [ C591BA9F96F40A1FD6494DAFDCD17185 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
23:56:52.0000 5064 DRVNDDM - ok
23:56:52.0046 5064 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
23:56:52.0046 5064 EapHost - ok
23:56:52.0046 5064 [ 200DA4F1964C11B3C19A07F937394624 ] emAudio C:\WINDOWS\system32\drivers\emAudio.sys
23:56:52.0046 5064 emAudio - ok
23:56:52.0062 5064 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
23:56:52.0062 5064 ERSvc - ok
23:56:52.0093 5064 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
23:56:52.0093 5064 Eventlog - ok
23:56:52.0156 5064 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
23:56:52.0156 5064 EventSystem - ok
23:56:52.0203 5064 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
23:56:52.0203 5064 Fastfat - ok
23:56:52.0250 5064 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:56:52.0250 5064 FastUserSwitchingCompatibility - ok
23:56:52.0312 5064 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
23:56:52.0312 5064 Fax - ok
23:56:52.0312 5064 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
23:56:52.0312 5064 Fdc - ok
23:56:52.0359 5064 [ 6F87E4706F59463B74BC4FAD0F67338F ] FiltUSBEMPIA C:\WINDOWS\system32\DRIVERS\emFilter.sys
23:56:52.0359 5064 FiltUSBEMPIA - ok
23:56:52.0390 5064 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
23:56:52.0390 5064 Fips - ok
23:56:52.0390 5064 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
23:56:52.0390 5064 Flpydisk - ok
23:56:52.0406 5064 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
23:56:52.0406 5064 FltMgr - ok
23:56:52.0468 5064 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:56:52.0468 5064 FontCache3.0.0.0 - ok
23:56:52.0468 5064 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:56:52.0468 5064 Fs_Rec - ok
23:56:52.0515 5064 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:56:52.0515 5064 Ftdisk - ok
23:56:52.0625 5064 [ F0187E45268E86AAAA932CBD9087BEA8 ] GoogleDesktopManager-110309-193829 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
23:56:52.0625 5064 GoogleDesktopManager-110309-193829 - ok
23:56:52.0656 5064 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:56:52.0656 5064 Gpc - ok
23:56:52.0718 5064 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:56:52.0718 5064 gupdate - ok
23:56:52.0734 5064 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:56:52.0734 5064 gupdatem - ok
23:56:52.0750 5064 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:56:52.0750 5064 HDAudBus - ok
23:56:52.0812 5064 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:56:52.0812 5064 helpsvc - ok
23:56:52.0859 5064 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
23:56:52.0859 5064 HidServ - ok
23:56:52.0859 5064 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:56:52.0859 5064 hidusb - ok
23:56:52.0906 5064 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
23:56:52.0906 5064 hkmsvc - ok
23:56:52.0921 5064 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
23:56:52.0921 5064 hpn - ok
23:56:52.0953 5064 [ AC04FC91B57B27086CCF02086FD3F4CB ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
23:56:52.0953 5064 HSFHWBS2 - ok
23:56:52.0984 5064 [ F362C0B442337DA8AB0608DFAA4CA076 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
23:56:52.0984 5064 HSF_DPV - ok
23:56:53.0031 5064 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
23:56:53.0046 5064 HTTP - ok
23:56:53.0078 5064 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
23:56:53.0078 5064 HTTPFilter - ok
23:56:53.0109 5064 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
23:56:53.0109 5064 i2omgmt - ok
23:56:53.0140 5064 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
23:56:53.0140 5064 i2omp - ok
23:56:53.0234 5064 [ 3E42C4691AAD4B1E8D0466F9CBF05CBE ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
23:56:53.0234 5064 IAANTMON - ok
23:56:53.0250 5064 [ 707C1692214B1C290271067197F075F6 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
23:56:53.0250 5064 iaStor - ok
23:56:53.0312 5064 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:56:53.0312 5064 idsvc - ok
23:56:53.0359 5064 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
23:56:53.0359 5064 Imapi - ok
23:56:53.0406 5064 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
23:56:53.0406 5064 ImapiService - ok
23:56:53.0453 5064 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
23:56:53.0453 5064 ini910u - ok
23:56:53.0562 5064 [ 5C8F36CDCB489111B24003AF4DFE1FDC ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:56:53.0593 5064 IntcAzAudAddService - ok
23:56:53.0609 5064 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
23:56:53.0609 5064 IntelIde - ok
23:56:53.0625 5064 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:56:53.0625 5064 intelppm - ok
23:56:53.0656 5064 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
23:56:53.0656 5064 Ip6Fw - ok
23:56:53.0671 5064 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:56:53.0671 5064 IpFilterDriver - ok
23:56:53.0687 5064 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:56:53.0687 5064 IpInIp - ok
23:56:53.0718 5064 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:56:53.0718 5064 IpNat - ok
23:56:53.0718 5064 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:56:53.0718 5064 IPSec - ok
23:56:53.0734 5064 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
23:56:53.0734 5064 IRENUM - ok
23:56:53.0796 5064 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:56:53.0796 5064 isapnp - ok
23:56:53.0796 5064 [ B07084095F8C03AADB9811C9DF14B5E4 ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
23:56:53.0796 5064 JRAID - ok
23:56:53.0859 5064 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:56:53.0859 5064 Kbdclass - ok
23:56:53.0859 5064 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:56:53.0859 5064 kbdhid - ok
23:56:53.0875 5064 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
23:56:53.0875 5064 kmixer - ok
23:56:53.0906 5064 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
23:56:53.0906 5064 KSecDD - ok
23:56:53.0937 5064 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
23:56:53.0937 5064 LanmanServer - ok
23:56:53.0984 5064 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:56:54.0000 5064 lanmanworkstation - ok
23:56:54.0031 5064 [ 8F5795B166CBB50966E29982F8CDB310 ] LANPkt C:\WINDOWS\system32\DRIVERS\LANPkt.sys
23:56:54.0031 5064 LANPkt - ok
23:56:54.0046 5064 lbrtfdc - ok
23:56:54.0109 5064 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
23:56:54.0109 5064 LmHosts - ok
23:56:54.0156 5064 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
23:56:54.0156 5064 MarvinBus - ok
23:56:54.0296 5064 [ EEE1EA23C4777ADB268A36196A631200 ] McciServiceHost C:\Program Files\Common Files\Motive\McciServiceHost.exe
23:56:54.0296 5064 McciServiceHost - ok
23:56:54.0312 5064 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
23:56:54.0312 5064 mdmxsdk - ok
23:56:54.0375 5064 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
23:56:54.0375 5064 Messenger - ok
23:56:54.0406 5064 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
23:56:54.0406 5064 mnmdd - ok
23:56:54.0421 5064 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
23:56:54.0421 5064 mnmsrvc - ok
23:56:54.0453 5064 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
23:56:54.0453 5064 Modem - ok
23:56:54.0500 5064 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:56:54.0500 5064 Mouclass - ok
23:56:54.0515 5064 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:56:54.0515 5064 mouhid - ok
23:56:54.0515 5064 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
23:56:54.0515 5064 MountMgr - ok
23:56:54.0546 5064 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
23:56:54.0546 5064 MPE - ok
23:56:54.0562 5064 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
23:56:54.0562 5064 mraid35x - ok
23:56:54.0578 5064 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
23:56:54.0578 5064 MREMP50 - ok
23:56:54.0578 5064 MREMPR5 - ok
23:56:54.0593 5064 MRENDIS5 - ok
23:56:54.0609 5064 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
23:56:54.0609 5064 MRESP50 - ok
23:56:54.0625 5064 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:56:54.0625 5064 MRxDAV - ok
23:56:54.0671 5064 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:56:54.0671 5064 MRxSmb - ok
23:56:54.0703 5064 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
23:56:54.0703 5064 MSDTC - ok
23:56:54.0718 5064 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:56:54.0718 5064 Msfs - ok
23:56:54.0718 5064 MSIServer - ok
23:56:54.0734 5064 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:56:54.0734 5064 MSKSSRV - ok
23:56:54.0750 5064 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:56:54.0750 5064 MSPCLOCK - ok
23:56:54.0765 5064 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:56:54.0765 5064 MSPQM - ok
23:56:54.0796 5064 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:56:54.0796 5064 mssmbios - ok
23:56:54.0828 5064 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
23:56:54.0828 5064 MSTEE - ok
23:56:54.0843 5064 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
23:56:54.0843 5064 Mup - ok
23:56:54.0859 5064 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:56:54.0859 5064 NABTSFEC - ok
23:56:54.0890 5064 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
23:56:54.0890 5064 napagent - ok
23:56:54.0921 5064 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
23:56:54.0921 5064 NDIS - ok
23:56:54.0937 5064 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:56:54.0937 5064 NdisIP - ok
23:56:54.0968 5064 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:56:54.0968 5064 NdisTapi - ok
23:56:55.0015 5064 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:56:55.0015 5064 Ndisuio - ok
23:56:55.0031 5064 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:56:55.0031 5064 NdisWan - ok
23:56:55.0062 5064 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:56:55.0062 5064 NDProxy - ok
23:56:55.0078 5064 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:56:55.0078 5064 NetBIOS - ok
23:56:55.0093 5064 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:56:55.0093 5064 NetBT - ok
23:56:55.0125 5064 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
23:56:55.0125 5064 NetDDE - ok
23:56:55.0125 5064 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
23:56:55.0125 5064 NetDDEdsdm - ok
23:56:55.0171 5064 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:56:55.0171 5064 Netlogon - ok
23:56:55.0187 5064 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
23:56:55.0187 5064 Netman - ok
23:56:55.0218 5064 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:56:55.0218 5064 NetTcpPortSharing - ok
23:56:55.0265 5064 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
23:56:55.0265 5064 Nla - ok
23:56:55.0312 5064 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\WINDOWS\system32\drivers\npf.sys
23:56:55.0312 5064 NPF - ok
23:56:55.0312 5064 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:56:55.0312 5064 Npfs - ok
23:56:55.0359 5064 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:56:55.0375 5064 Ntfs - ok
23:56:55.0375 5064 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
23:56:55.0375 5064 NtLmSsp - ok
23:56:55.0421 5064 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
23:56:55.0421 5064 NtmsSvc - ok
23:56:55.0453 5064 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
23:56:55.0453 5064 Null - ok
23:56:55.0468 5064 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:56:55.0468 5064 NwlnkFlt - ok
23:56:55.0484 5064 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:56:55.0484 5064 NwlnkFwd - ok
23:56:55.0625 5064 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:56:55.0640 5064 odserv - ok
23:56:55.0656 5064 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:56:55.0656 5064 ose - ok
23:56:55.0687 5064 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
23:56:55.0687 5064 Parport - ok
23:56:55.0718 5064 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
23:56:55.0734 5064 PartMgr - ok
23:56:55.0750 5064 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
23:56:55.0750 5064 ParVdm - ok
23:56:55.0796 5064 [ BAE04007A679893E975A2B75E9E001E9 ] pcCMService C:\Program Files\Common Files\Motive\pcCMService.exe
23:56:55.0796 5064 pcCMService - ok
23:56:55.0796 5064 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
23:56:55.0796 5064 PCI - ok
23:56:55.0812 5064 PCIDump - ok
23:56:55.0843 5064 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
23:56:55.0843 5064 PCIIde - ok
23:56:55.0859 5064 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
23:56:55.0859 5064 Pcmcia - ok
23:56:55.0890 5064 [ A792405E6C84C3DEBC02B1CF29A928F0 ] pcServiceHost C:\Program Files\Common Files\Motive\pcServiceHost.exe
23:56:55.0890 5064 pcServiceHost - ok
23:56:55.0906 5064 PDCOMP - ok
23:56:55.0906 5064 PDFRAME - ok
23:56:55.0921 5064 PDRELI - ok
23:56:55.0937 5064 PDRFRAME - ok
23:56:55.0968 5064 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
23:56:55.0968 5064 perc2 - ok
23:56:55.0968 5064 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
23:56:55.0968 5064 perc2hib - ok
23:56:56.0015 5064 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
23:56:56.0015 5064 PlugPlay - ok
23:56:56.0031 5064 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
23:56:56.0031 5064 PolicyAgent - ok
23:56:56.0046 5064 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:56:56.0046 5064 PptpMiniport - ok
23:56:56.0046 5064 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:56:56.0046 5064 ProtectedStorage - ok
23:56:56.0046 5064 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
23:56:56.0046 5064 PSched - ok
23:56:56.0078 5064 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:56:56.0078 5064 Ptilink - ok
23:56:56.0109 5064 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:56:56.0109 5064 PxHelp20 - ok
23:56:56.0140 5064 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
23:56:56.0140 5064 ql1080 - ok
23:56:56.0140 5064 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
23:56:56.0140 5064 Ql10wnt - ok
23:56:56.0156 5064 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
23:56:56.0156 5064 ql12160 - ok
23:56:56.0171 5064 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
23:56:56.0171 5064 ql1240 - ok
23:56:56.0171 5064 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
23:56:56.0171 5064 ql1280 - ok
23:56:56.0203 5064 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:56:56.0203 5064 RasAcd - ok
23:56:56.0234 5064 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:56:56.0250 5064 RasAuto - ok
23:56:56.0265 5064 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:56:56.0265 5064 Rasl2tp - ok
23:56:56.0281 5064 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:56:56.0281 5064 RasMan - ok
23:56:56.0296 5064 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:56:56.0296 5064 RasPppoe - ok
23:56:56.0312 5064 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
23:56:56.0312 5064 Raspti - ok
23:56:56.0328 5064 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:56:56.0328 5064 Rdbss - ok
23:56:56.0328 5064 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:56:56.0328 5064 RDPCDD - ok
23:56:56.0390 5064 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:56:56.0390 5064 rdpdr - ok
23:56:56.0437 5064 [ 6589DB6E5969F8EEE594CF71171C5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
23:56:56.0453 5064 RDPWD - ok
23:56:56.0484 5064 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
23:56:56.0484 5064 RDSessMgr - ok
23:56:56.0500 5064 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
23:56:56.0500 5064 redbook - ok
23:56:56.0515 5064 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:56:56.0515 5064 RemoteAccess - ok
23:56:56.0531 5064 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
23:56:56.0531 5064 RemoteRegistry - ok
23:56:56.0593 5064 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
23:56:56.0609 5064 rpcapd - ok
23:56:56.0625 5064 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
23:56:56.0625 5064 RpcLocator - ok
23:56:56.0656 5064 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
23:56:56.0656 5064 RpcSs - ok
23:56:56.0687 5064 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
23:56:56.0687 5064 RSVP - ok
23:56:56.0718 5064 [ 7174F20AD9B7B7878A51ECCA03C499C2 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
23:56:56.0718 5064 RTLE8023xp - ok
23:56:56.0750 5064 [ B9CA69921379EA2931C4450FE975BCE7 ] RTLVLAN C:\WINDOWS\system32\DRIVERS\RTLVLAN.SYS
23:56:56.0750 5064 RTLVLAN - ok
23:56:56.0781 5064 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
23:56:56.0781 5064 SamSs - ok
23:56:56.0859 5064 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
23:56:56.0859 5064 SASDIFSV - ok
23:56:56.0859 5064 [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
23:56:56.0875 5064 SASKUTIL - ok
23:56:56.0906 5064 [ F5A633609777C212EC5FF19927FC5955 ] ScanUSBEMPIA C:\WINDOWS\system32\DRIVERS\emScan.sys
23:56:56.0906 5064 ScanUSBEMPIA - ok
23:56:56.0921 5064 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
23:56:56.0921 5064 SCardSvr - ok
23:56:56.0953 5064 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:56:56.0953 5064 Schedule - ok
23:56:56.0984 5064 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:56:56.0984 5064 Secdrv - ok
23:56:57.0000 5064 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
23:56:57.0015 5064 seclogon - ok
23:56:57.0015 5064 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
23:56:57.0015 5064 SENS - ok
23:56:57.0031 5064 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
23:56:57.0031 5064 Serenum - ok
23:56:57.0031 5064 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
23:56:57.0031 5064 Serial - ok
23:56:57.0093 5064 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
23:56:57.0093 5064 Sfloppy - ok
23:56:57.0140 5064 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:56:57.0156 5064 SharedAccess - ok
23:56:57.0171 5064 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:56:57.0171 5064 ShellHWDetection - ok
23:56:57.0171 5064 Simbad - ok
23:56:57.0203 5064 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
23:56:57.0203 5064 sisagp - ok
23:56:57.0203 5064 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:56:57.0203 5064 SLIP - ok
23:56:57.0218 5064 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
23:56:57.0218 5064 Sparrow - ok
23:56:57.0250 5064 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
23:56:57.0250 5064 splitter - ok
23:56:57.0296 5064 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
23:56:57.0296 5064 Spooler - ok
23:56:57.0359 5064 sprtsvc_dellsupportcenter - ok
23:56:57.0375 5064 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
23:56:57.0375 5064 sr - ok
23:56:57.0421 5064 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
23:56:57.0437 5064 srservice - ok
23:56:57.0468 5064 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:56:57.0468 5064 Srv - ok
23:56:57.0484 5064 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:56:57.0500 5064 SSDPSRV - ok
23:56:57.0531 5064 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
23:56:57.0546 5064 stisvc - ok
23:56:57.0562 5064 [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
23:56:57.0562 5064 stllssvr - ok
23:56:57.0578 5064 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:56:57.0578 5064 streamip - ok
23:56:57.0609 5064 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
23:56:57.0609 5064 swenum - ok
23:56:57.0625 5064 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
23:56:57.0625 5064 swmidi - ok
23:56:57.0625 5064 SwPrv - ok
23:56:57.0671 5064 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
23:56:57.0671 5064 symc810 - ok
23:56:57.0687 5064 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
23:56:57.0687 5064 symc8xx - ok
23:56:57.0687 5064 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
23:56:57.0687 5064 sym_hi - ok
23:56:57.0703 5064 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
23:56:57.0703 5064 sym_u3 - ok
23:56:57.0734 5064 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
23:56:57.0734 5064 sysaudio - ok
23:56:57.0781 5064 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
23:56:57.0781 5064 SysmonLog - ok
23:56:57.0812 5064 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:56:57.0812 5064 TapiSrv - ok
23:56:57.0875 5064 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:56:57.0875 5064 Tcpip - ok
23:56:57.0906 5064 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
23:56:57.0906 5064 TDPIPE - ok
23:56:57.0906 5064 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
23:56:57.0906 5064 TDTCP - ok
23:56:57.0968 5064 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
23:56:57.0968 5064 TermDD - ok
23:56:57.0984 5064 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
23:56:57.0984 5064 TermService - ok
23:56:58.0015 5064 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
23:56:58.0015 5064 Themes - ok
23:56:58.0046 5064 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
23:56:58.0046 5064 TlntSvr - ok
23:56:58.0062 5064 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
23:56:58.0062 5064 TosIde - ok
23:56:58.0078 5064 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
23:56:58.0078 5064 TrkWks - ok
23:56:58.0140 5064 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
23:56:58.0140 5064 Udfs - ok
23:56:58.0156 5064 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
23:56:58.0156 5064 ultra - ok
23:56:58.0203 5064 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
23:56:58.0203 5064 Update - ok
23:56:58.0234 5064 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:56:58.0234 5064 upnphost - ok
23:56:58.0250 5064 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
23:56:58.0250 5064 UPS - ok
23:56:58.0296 5064 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
23:56:58.0296 5064 usbaudio - ok
23:56:58.0312 5064 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:56:58.0312 5064 usbccgp - ok
23:56:58.0312 5064 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:56:58.0312 5064 usbehci - ok
23:56:58.0375 5064 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:56:58.0375 5064 usbhub - ok
23:56:58.0390 5064 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:56:58.0390 5064 usbprint - ok
23:56:58.0406 5064 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:56:58.0406 5064 USBSTOR - ok
23:56:58.0421 5064 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:56:58.0421 5064 usbuhci - ok
23:56:58.0453 5064 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
23:56:58.0453 5064 VgaSave - ok
23:56:58.0484 5064 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
23:56:58.0484 5064 viaagp - ok
23:56:58.0500 5064 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
23:56:58.0500 5064 ViaIde - ok
23:56:58.0531 5064 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
23:56:58.0531 5064 VolSnap - ok
23:56:58.0562 5064 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
23:56:58.0578 5064 VSS - ok
23:56:58.0609 5064 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
23:56:58.0625 5064 w32time - ok
23:56:58.0656 5064 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:56:58.0656 5064 Wanarp - ok
23:56:58.0656 5064 WDICA - ok
23:56:58.0671 5064 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
23:56:58.0671 5064 wdmaud - ok
23:56:58.0687 5064 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:56:58.0687 5064 WebClient - ok
23:56:58.0718 5064 [ 92CE6497076EAC3083185C44157B3A46 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
23:56:58.0718 5064 winachsf - ok
23:56:58.0812 5064 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
23:56:58.0812 5064 WinDefend - ok
23:56:58.0921 5064 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:56:58.0937 5064 winmgmt - ok
23:56:58.0984 5064 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
23:56:58.0984 5064 WmdmPmSN - ok
23:56:59.0015 5064 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
23:56:59.0015 5064 Wmi - ok
23:56:59.0062 5064 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:56:59.0062 5064 WmiApSrv - ok
23:56:59.0109 5064 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
23:56:59.0125 5064 WMPNetworkSvc - ok
23:56:59.0265 5064 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:56:59.0281 5064 WPFFontCache_v0400 - ok
23:56:59.0359 5064 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
23:56:59.0359 5064 wscsvc - ok
23:56:59.0375 5064 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:56:59.0375 5064 WSTCODEC - ok
23:56:59.0406 5064 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
23:56:59.0406 5064 wuauserv - ok
23:56:59.0437 5064 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:56:59.0437 5064 WudfPf - ok
23:56:59.0453 5064 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:56:59.0453 5064 WudfRd - ok
23:56:59.0468 5064 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
23:56:59.0468 5064 WudfSvc - ok
23:56:59.0515 5064 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
23:56:59.0531 5064 WZCSVC - ok
23:56:59.0546 5064 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
23:56:59.0546 5064 xmlprov - ok
23:56:59.0562 5064 ================ Scan global ===============================
23:56:59.0609 5064 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
23:56:59.0656 5064 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:56:59.0671 5064 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:56:59.0671 5064 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
23:56:59.0687 5064 [Global] - ok
23:56:59.0687 5064 ================ Scan MBR ==================================
23:56:59.0703 5064 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
23:56:59.0937 5064 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
23:56:59.0937 5064 \Device\Harddisk0\DR0 - detected TDSS File System (1)
23:56:59.0937 5064 ================ Scan VBR ==================================
23:56:59.0937 5064 [ 38C8AC3250B6FFB5B9C869C8AD6F37D2 ] \Device\Harddisk0\DR0\Partition1
23:56:59.0937 5064 \Device\Harddisk0\DR0\Partition1 - ok
23:56:59.0953 5064 ============================================================
23:56:59.0953 5064 Scan finished
23:56:59.0953 5064 ============================================================
23:57:00.0015 4800 Detected object count: 1
23:57:00.0015 4800 Actual detected object count: 1
23:57:14.0234 4800 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
23:57:14.0250 4800 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
23:57:14.0250 4800 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
23:57:14.0250 4800 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
23:57:14.0265 4800 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
23:57:14.0265 4800 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
23:57:14.0281 4800 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
23:57:14.0281 4800 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
23:57:14.0281 4800 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
23:57:14.0281 4800 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
23:57:14.0312 4800 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
23:57:14.0328 4800 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
23:57:14.0343 4800 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
23:57:14.0343 4800 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
23:57:14.0359 4800 \Device\Harddisk0\DR0\TDLFS - deleted
23:57:14.0359 4800 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
23:58:15.0359 4160 Deinitialize success





2. Malwarebytes ================================


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.24.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Bill :: BILL_S [administrator]

8/24/2012 8:18:15 AM
mbam-log-2012-08-24 (08-18-15).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 391314
Time elapsed: 1 hour(s), 18 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




3. MiniToolBox ================================


MiniToolBox by Farbar Version: 23-07-2012
Ran by Bill (administrator) on 24-08-2012 at 10:45:39
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com

There are 14134 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : Bill_S

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : gateway.2wire.net



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : gateway.2wire.net

Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC

Physical Address. . . . . . . . . : 00-21-9B-20-7D-67

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.64

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.254

DHCP Server . . . . . . . . . . . : 192.168.1.254

DNS Servers . . . . . . . . . . . : 192.168.1.254

Lease Obtained. . . . . . . . . . : Friday, August 24, 2012 10:18:51 AM

Lease Expires . . . . . . . . . . : Saturday, August 25, 2012 10:18:51 AM

Server: homeportal
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.227.128, 74.125.227.129, 74.125.227.130, 74.125.227.131
74.125.227.132, 74.125.227.133, 74.125.227.134, 74.125.227.135, 74.125.227.136
74.125.227.137, 74.125.227.142



Pinging google.com [74.125.227.101] with 32 bytes of data:



Reply from 74.125.227.101: bytes=32 time=28ms TTL=52

Reply from 74.125.227.101: bytes=32 time=27ms TTL=52



Ping statistics for 74.125.227.101:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 27ms, Maximum = 28ms, Average = 27ms

Server: homeportal
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24, 72.30.38.140, 98.138.253.109



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=65ms TTL=46

Reply from 98.138.253.109: bytes=32 time=72ms TTL=46



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 65ms, Maximum = 72ms, Average = 68ms

Server: homeportal
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 21 9b 20 7d 67 ...... Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.64 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.64 192.168.1.64 20
192.168.1.64 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.64 192.168.1.64 20
224.0.0.0 240.0.0.0 192.168.1.64 192.168.1.64 20
255.255.255.255 255.255.255.255 192.168.1.64 192.168.1.64 1
Default Gateway: 192.168.1.254
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/23/2012 02:41:08 PM) (Source: MsiInstaller) (User: BILL_S)BILL_S
Description: Product: Google Talk Plugin -- Error 1704. An installation for Microsoft Office 2000 Professional is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?

Error: (08/23/2012 09:25:16 AM) (Source: Application Error) (User: )
Description: Fault bucket -1232610341.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (08/23/2012 09:23:31 AM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.62.0.87, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00036822.
Processing media-specific event for [mbam.exe!ws!]

Error: (08/22/2012 09:49:26 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft Office Home and Student 2007 -- Error 1704.An installation for Microsoft Office 2000 Professional is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?

Error: (08/22/2012 04:52:10 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: DWG TrueView 2013 -- Run Setup.exe to install DWG TrueView 2013.

Error: (08/22/2012 04:38:37 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: DWG TrueView 2013 -- Run Setup.exe to install DWG TrueView 2013.

Error: (08/22/2012 10:17:42 AM) (Source: Application Error) (User: )
Description: Faulting application spybotsd.exe, version 1.6.2.46, faulting module spybotsd.exe, version 1.6.2.46, fault address 0x00004d8a.
Processing media-specific event for [spybotsd.exe!ws!]

Error: (08/22/2012 09:19:38 AM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 1704. SA_Error1704: StandardAction(0xC00706A8): An installation for Microsoft Office 2000 Professional is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?

Error: (08/20/2012 08:43:04 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/18/2012 09:34:17 AM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft Office 2000 Professional -- Error 1706. No valid source could be found for product Microsoft Office 2000 Professional. The Windows installer cannot continue.


System errors:
=============
Error: (08/23/2012 09:22:27 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
atapi
PCIIde

Error: (08/23/2012 11:40:01 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
atapi
PCIIde

Error: (08/22/2012 10:24:13 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (08/20/2012 07:32:30 AM) (Source: Dhcp) (User: )
Description: Your computer was unable to initialize a Network Interface attached
to the system. The error code is: %%1450.

Error: (08/20/2012 07:32:12 AM) (Source: Dhcp) (User: )
Description: Your computer was unable to initialize a Network Interface attached
to the system. The error code is: %%1450.

Error: (08/18/2012 08:49:24 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (08/18/2012 08:49:24 AM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (08/18/2012 08:49:08 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (08/18/2012 08:49:08 AM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (08/11/2012 08:34:11 AM) (Source: Dhcp) (User: )
Description: Your computer was unable to initialize a Network Interface attached
to the system. The error code is: %%1450.


Microsoft Office Sessions:
=========================
Error: (07/20/2012 02:06:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 105 seconds with 60 seconds of active time. This session ended with a crash.

Error: (07/20/2012 02:03:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 165 seconds with 120 seconds of active time. This session ended with a crash.

Error: (07/19/2012 01:06:55 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19723 seconds with 2220 seconds of active time. This session ended with a crash.

Error: (06/29/2012 02:43:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 649 seconds with 600 seconds of active time. This session ended with a crash.

Error: (06/05/2012 02:26:08 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1536 seconds with 840 seconds of active time. This session ended with a crash.

Error: (01/30/2012 03:16:02 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 3363 seconds with 2820 seconds of active time. This session ended with a crash.

Error: (01/23/2012 07:58:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 30539 seconds with 8940 seconds of active time. This session ended with a crash.

Error: (01/22/2012 07:56:23 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 3066 seconds with 2940 seconds of active time. This session ended with a crash.

Error: (01/21/2012 10:31:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 701 seconds with 600 seconds of active time. This session ended with a crash.

Error: (01/21/2012 10:19:58 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 64 seconds with 60 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Reader 9.5.2 (Version: 9.5.2)
Adobe Shockwave Player 11 (Version: 11)
Any Video Converter 3.3.9
AT&T Troubleshoot & Resolve Tool
ATI Catalyst Control Center (Version: 1.2.2735.37383)
ATI Display Driver (Version: 8.493-080512a-064246C-Dell)
Audacity 1.3.13 (Unicode)
Audacity 2.0
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
Blender (Version: 2.63-release)
Browser Address Error Redirector (Version: 1.00.0000)
CamStudio Lossless Codec
CamStudio OSS Desktop Recorder (Version: 2.6 Beta r294)
CCleaner (Version: 3.21)
Conexant D850 PCI V.92 Modem (Version: 7.74.00)
Critical Update for Windows Media Player 11 (KB959772)
Dell Support Center (Support Software) (Version: 2.2.09085)
Diagnostics Utility (Version: 1.00.0000)
Digital Line Detect (Version: 1.21)
doPDF 6.3 printer
DVD Decrypter (Remove Only)
DWG TrueView 2013 (Version: 19.0.55.0)
eSpeak version 1.45.04
Eureqa (Version: 0.83.0)
Eureqa (Version: 0.84.1)
ffdshow v1.2.4422 [2012-04-09] (Version: 1.2.4422.0)
Formulize (Version: 0.97.0003)
GIMP 2.8.0 (Version: 2.8.0)
Google Desktop (Version: 5.8.0809.23506)
Google SketchUp 8 (Version: 3.0.14346)
Google Talk Plugin (Version: 3.5.1.8982)
Google Update Helper (Version: 1.3.21.115)
GoToMeeting 5.1.0.880 (Version: 5.1.0.880)
GPL Ghostscript 8.70
Gtk+ Runtime Environment 2.12.9-2 (Version: 2.12.9-2)
GTK2-Runtime (Version: 2.22.0-2010-10-21-ash)
HiJackThis (Version: 1.0.0)
Hijackthis 1.99.1
HijackThis 1.99.1 (Version: 1.99.1)
ImageMagick 6.7.8-7 Q16 (2012-08-01) (Version: 6.7.8)
Imagen 3.0.0
ImgBurn (Version: 2.4.2.0)
Intel® Matrix Storage Manager
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 21 (Version: 6.0.210)
Java™ 6 Update 7 (Version: 1.6.0.70)
Luminance HDR 2.3.0
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mbrola Tools 3.5 (Version: 3.5)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Expression Encoder 4 (Version: 4.0.1651.0)
Microsoft Expression Encoder 4 Screen Capture Codec (Version: 4.0.1651.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Professional (Version: 9.00.2720)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Modem Diagnostic Tool (Version: 1.0.24.0)
MSN Money Investment Toolbox (Version: 15)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (KB927977) (Version: 6.00.3890.0)
NetWaiting (Version: 2.5.53)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Pinnacle Studio 12 (Version: 12.0.1.6173)
Pinnacle Video Driver (Version: 12.00.0017)
PowerDVD (Version: 8.1)
Python 2.7.3 (Version: 2.7.3150)
R for Windows 2.12.1 (Version: 2.12.1)
R for Windows 2.14.0 (Version: 2.14.0)
Realtek High Definition Audio Driver
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.5.0)
Roxio Creator BDAV Plugin (Version: 3.5.0)
Roxio Creator Copy (Version: 3.5.0)
Roxio Creator Data (Version: 3.5.0)
Roxio Creator DE (Version: 3.5.0)
Roxio Creator Tools (Version: 3.5.0)
Roxio Drag-to-Disc (Version: 9.1)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
RRDtool (Version: 1.4.5.0)
RStudio (Version: 0.96.122)
Sizer 3.33 (Version: 1.0.0.0)
Sonic CinePlayer Decoder Pack (Version: 4.2.0)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.6 (Version: 4.6.0)
SUPERAntiSpyware (Version: 4.39.1002)
Tinn-R 2.3.2.3
Trader Workstation
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft Office Excel 2007 Help (KB957242)
Update for Windows Internet Explorer 8 (KB971930) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951618-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
UV Realtime (Version: 1.9.1)
VideoMach
WebFldrs XP (Version: 9.50.7523)
Windows Defender (Version: 1.1.1593.21)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Presentation Foundation (Version: 3.0.6920.0)
WinPcap 4.1.2 (Version: 4.1.0.2001)
Xiph.Org Ogg Codecs 0.82.16930 32-bit (Version: 0.82.16930)
XML Paper Specification Shared Components Pack 1.0
yacas 1.0.63

========================= Memory info: ===================================

Percentage of memory in use: 18%
Total physical RAM: 3070.91 MB
Available physical RAM: 2516.79 MB
Total Pagefile: 4955.77 MB
Available Pagefile: 4326.32 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.75 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:298.05 GB) (Free:168.99 GB) NTFS

========================= Users: ========================================

User accounts for \\BILL_S

Administrator ASPNET Bill
Guest HelpAssistant SUPPORT_388945a0


**** End of log ****








4. FSS ================================

Farbar Service Scanner Version: 06-08-2012
Ran by Bill (administrator) on 24-08-2012 at 12:25:10
Running from "C:\Documents and Settings\Bill\Junk Files\FSS"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Avgtdix(10) Gpc(6) IPSec(4) LANPkt(8) NetBT(5) PSched(7) RTLVLAN(9) Tcpip(3)
0x0A000000040000000100000002000000030000000A0000000500000006000000070000000800000009000000
IpSec Tag value is correct.

**** End of log ****






5. Adware Cleaner ================================


# AdwCleaner v1.801 - Logfile created 08/24/2012 at 12:28:00
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Bill - BILL_S
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Bill\Junk Files\adwcleaner\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [575 octets] - [24/08/2012 12:28:00]

########## EOF - C:\AdwCleaner[S1].txt - [702 octets] ##########








6. Rkill ================================


Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/24/2012 12:35:11 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/24/2012 12:35:35 PM
Execution time: 0 hours(s), 0 minute(s), and 24 seconds(s)

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:26 AM

Posted 24 August 2012 - 08:40 PM

1. I ran TDSSkiller again and selected "delete". To be clear, the reason that "skip" was used in the first scan is that your instructions said "Do not change the default options on scan results". "Skip" was the default when I ran the program. For future users, it might be helpful to change your instructions to make sure they select "delete".


TDSSkiller also detects false positives.It those cases deleting them would screw the system.

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#13 bill_1001

bill_1001
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:26 AM

Posted 24 August 2012 - 08:57 PM

7. While I was typing this reply (at approx 12:54 PM, 8/24/2012), my printer que popped up in the taskbar and told me that I was out of paper. My printer is currently turned off. I looked in the que and here what is waiting to print:

http://www.bleepingcomputer.com/forums/index.php?s=3f932fe67de9
Pages: 36
Size: 63.8 KB/5.52 MB
Submitted: 12:54:36 PM 8/24/2012


Is that supposed to happen? Is that a virus/trojan? I didn't print anything, that entry is still in my print que. Should I delete it, run something to check it?


The above is still in the printer que. Is that normal or is that an infection? To continue, I need to print out your next instructions, but the above 36 pages of "something" will try to print first (I clicked on "pause" in the que, but because it gave me the "Out of Paper" message, it will try to print whatever was ready before I clicked "pause").

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:26 AM

Posted 24 August 2012 - 09:02 PM

The above is still in the printer que. Is that normal or is that an infection? To continue, I need to print out your next instructions, but the above 36 pages of "something" will try to print first (I clicked on "pause" in the que, but because it gave me the "Out of Paper" message, it will try to print whatever was ready before I clicked "pause").


This is definitely not a part of infection.Remove it from printer que.

#15 bill_1001

bill_1001
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:26 AM

Posted 25 August 2012 - 09:35 AM

narenxp,

I followed your instructions, and the programs ran without a problem. When everything was complete, an AVG scan says everything is OK, Google seems to be working OK, Yahoo seems to be working OK, however there's still one potential problem (and I'm not sure it's a problem).

When I log into my hotmail account, I get the screen shown below. I'm not sure, but I think it is a phishing screen. When I close that screen (I don't fill anything in), I can access my hotmail account without any problems.

My question is, is this a known phishing screen? And, if so, how do I get rid of it?





[img]https://account.live.com/Proofs/Manage?mkt=EN-US&mpcxt=AFP&uiflavor=web&ru=https://login.live.com/login.srf%3flc%3d1033%26sf%3d1%26id%3d64855%26tw%3d18000%26fs%3d0%26ts%3d-14400%26cbcxt%3dmai%26ntprob%3d-1%26snsc%3d1%26sec%3d%26mspp_shared%3d1%26seclog%3d0%26wa%3dwsignin1.0%26wp%3dMBI%26ru%3dhttp://mail.live.com/default.aspx&oru=http://mail.live.com/default.aspx&id=64855&lqsp=ntprob%3d-1&lmif=100[/img]




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users