Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TR/ATRAPS.Gen2 infection


  • Please log in to reply
10 replies to this topic

#1 tpc1249

tpc1249

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:08 PM

Posted 04 September 2012 - 10:42 PM

I am infected with TR/ATRAPS.Gen2. OS is Windows XP home.

also TR/sirefef.

Avira (free version) apparently can't deal with it.

I would appreciate some guidance.

Thank you.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:08 PM

Posted 04 September 2012 - 11:14 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 tpc1249

tpc1249
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:08 PM

Posted 05 September 2012 - 05:14 AM

TDSkiller Log


05:04:06.0687 2392 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
05:04:07.0187 2392 ============================================================
05:04:07.0187 2392 Current date / time: 2012/09/05 05:04:07.0187
05:04:07.0187 2392 SystemInfo:
05:04:07.0187 2392
05:04:07.0187 2392 OS Version: 5.1.2600 ServicePack: 3.0
05:04:07.0187 2392 Product type: Workstation
05:04:07.0187 2392 ComputerName: MSU-U88MX8YIKZ0
05:04:07.0187 2392 UserName: Family
05:04:07.0187 2392 Windows directory: C:\WINDOWS
05:04:07.0187 2392 System windows directory: C:\WINDOWS
05:04:07.0187 2392 Processor architecture: Intel x86
05:04:07.0187 2392 Number of processors: 1
05:04:07.0187 2392 Page size: 0x1000
05:04:07.0187 2392 Boot type: Normal boot
05:04:07.0187 2392 ============================================================
05:04:09.0421 2392 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
05:04:09.0421 2392 ============================================================
05:04:09.0421 2392 \Device\Harddisk0\DR0:
05:04:09.0421 2392 MBR partitions:
05:04:09.0421 2392 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x6, StartLBA 0x3F00, BlocksNum 0xFAC5
05:04:09.0421 2392 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x94EAFF8
05:04:09.0421 2392 ============================================================
05:04:09.0453 2392 C: <-> \Device\Harddisk0\DR0\Partition2
05:04:09.0468 2392 ============================================================
05:04:09.0468 2392 Initialize success
05:04:09.0468 2392 ============================================================
05:04:24.0250 1316 ============================================================
05:04:24.0250 1316 Scan started
05:04:24.0250 1316 Mode: Manual;
05:04:24.0250 1316 ============================================================
05:04:25.0375 1316 ================ Scan system memory ========================
05:04:25.0375 1316 System memory - ok
05:04:25.0375 1316 ================ Scan services =============================
05:04:25.0484 1316 Abiosdsk - ok
05:04:25.0515 1316 abp480n5 - ok
05:04:25.0546 1316 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
05:04:25.0562 1316 ACPI - ok
05:04:25.0593 1316 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
05:04:25.0593 1316 ACPIEC - ok
05:04:25.0656 1316 [ E850B0A94E8703CCBC980B31594DC408 ] acsint C:\WINDOWS\system32\DRIVERS\acsint.sys
05:04:25.0671 1316 acsint - ok
05:04:25.0703 1316 [ EA2429C90AEAB09D7F3A99B16DA23CED ] acsmux C:\WINDOWS\system32\DRIVERS\acsmux.sys
05:04:25.0703 1316 acsmux - ok
05:04:25.0765 1316 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
05:04:25.0781 1316 AdobeFlashPlayerUpdateSvc - ok
05:04:25.0796 1316 adpu160m - ok
05:04:25.0828 1316 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
05:04:25.0875 1316 aec - ok
05:04:25.0921 1316 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
05:04:25.0921 1316 AFD - ok
05:04:25.0937 1316 Aha154x - ok
05:04:25.0953 1316 aic78u2 - ok
05:04:25.0968 1316 aic78xx - ok
05:04:26.0015 1316 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
05:04:26.0015 1316 Alerter - ok
05:04:26.0046 1316 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
05:04:26.0078 1316 ALG - ok
05:04:26.0109 1316 AliIde - ok
05:04:26.0125 1316 amsint - ok
05:04:26.0203 1316 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
05:04:26.0218 1316 AntiVirSchedulerService - ok
05:04:26.0250 1316 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
05:04:26.0250 1316 AntiVirService - ok
05:04:26.0312 1316 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:04:26.0328 1316 Apple Mobile Device - ok
05:04:26.0343 1316 AppMgmt - ok
05:04:26.0359 1316 asc - ok
05:04:26.0375 1316 asc3350p - ok
05:04:26.0390 1316 asc3550 - ok
05:04:26.0484 1316 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
05:04:26.0578 1316 aspnet_state - ok
05:04:26.0625 1316 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
05:04:26.0625 1316 AsyncMac - ok
05:04:26.0687 1316 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
05:04:26.0703 1316 atapi - ok
05:04:26.0718 1316 Atdisk - ok
05:04:26.0750 1316 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
05:04:26.0765 1316 Atmarpc - ok
05:04:26.0812 1316 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
05:04:26.0812 1316 AudioSrv - ok
05:04:26.0843 1316 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
05:04:26.0875 1316 audstub - ok
05:04:26.0906 1316 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
05:04:26.0921 1316 avgntflt - ok
05:04:26.0968 1316 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
05:04:27.0000 1316 avipbb - ok
05:04:27.0046 1316 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
05:04:27.0078 1316 avkmgr - ok
05:04:27.0125 1316 [ B9391A83F075351C923C3A37C53AF396 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
05:04:27.0140 1316 b57w2k - ok
05:04:27.0187 1316 [ B60F57B4D9CDBC663CC03EB8AF7EC34E ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
05:04:27.0203 1316 bcm4sbxp - ok
05:04:27.0250 1316 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
05:04:27.0250 1316 Beep - ok
05:04:27.0312 1316 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
05:04:27.0359 1316 BITS - ok
05:04:27.0437 1316 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
05:04:27.0453 1316 Bonjour Service - ok
05:04:27.0500 1316 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
05:04:27.0500 1316 Browser - ok
05:04:27.0562 1316 [ 3DC7B0C7BE6164D3152513C0C208AD3B ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
05:04:27.0625 1316 btaudio - ok
05:04:27.0656 1316 [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
05:04:27.0687 1316 BTDriver - ok
05:04:27.0734 1316 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
05:04:27.0750 1316 BthEnum - ok
05:04:27.0796 1316 [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys
05:04:27.0812 1316 BTHMODEM - ok
05:04:27.0859 1316 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
05:04:27.0875 1316 BthPan - ok
05:04:27.0921 1316 [ 662BFD909447DD9CC15B1A1C366583B4 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
05:04:27.0937 1316 BTHPORT - ok
05:04:27.0984 1316 [ F4C43C66471B87996D95DB7A3A664A37 ] BthServ C:\WINDOWS\System32\bthserv.dll
05:04:28.0015 1316 BthServ - ok
05:04:28.0046 1316 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
05:04:28.0046 1316 BTHUSB - ok
05:04:28.0125 1316 [ 9F704F40CD50AE05BBFC492C0342E765 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
05:04:28.0187 1316 BTKRNL - ok
05:04:28.0281 1316 [ 7F9450547C5C1BC1FA9FD7E1059796CC ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
05:04:28.0296 1316 btwdins - ok
05:04:28.0343 1316 [ 485020A1E1FC5C51A800CA69C618D881 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
05:04:28.0359 1316 BTWDNDIS - ok
05:04:28.0406 1316 [ C51D50CF24DA69A9C499E65B0EDB3BB7 ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
05:04:28.0421 1316 btwhid - ok
05:04:28.0484 1316 [ 5922BAE0CD84924B9CD7E6BB515EE070 ] btwmodem C:\WINDOWS\system32\DRIVERS\btwmodem.sys
05:04:28.0500 1316 btwmodem - ok
05:04:28.0515 1316 [ 1166CB501E1C34750A91600579EFEAB3 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
05:04:28.0531 1316 BTWUSB - ok
05:04:28.0578 1316 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
05:04:28.0593 1316 cbidf2k - ok
05:04:28.0609 1316 cd20xrnt - ok
05:04:28.0640 1316 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
05:04:28.0656 1316 Cdaudio - ok
05:04:28.0687 1316 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
05:04:28.0703 1316 Cdfs - ok
05:04:28.0750 1316 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
05:04:28.0750 1316 Cdrom - ok
05:04:28.0765 1316 Changer - ok
05:04:28.0812 1316 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
05:04:28.0828 1316 CiSvc - ok
05:04:28.0875 1316 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
05:04:28.0890 1316 ClipSrv - ok
05:04:28.0937 1316 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:04:29.0015 1316 clr_optimization_v2.0.50727_32 - ok
05:04:29.0109 1316 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:04:29.0125 1316 clr_optimization_v4.0.30319_32 - ok
05:04:29.0140 1316 CmdIde - ok
05:04:29.0156 1316 COMSysApp - ok
05:04:29.0187 1316 Cpqarray - ok
05:04:29.0234 1316 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
05:04:29.0234 1316 CryptSvc - ok
05:04:29.0250 1316 dac2w2k - ok
05:04:29.0265 1316 dac960nt - ok
05:04:29.0328 1316 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
05:04:29.0343 1316 DcomLaunch - ok
05:04:29.0390 1316 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
05:04:29.0406 1316 Dhcp - ok
05:04:29.0421 1316 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
05:04:29.0437 1316 Disk - ok
05:04:29.0453 1316 dmadmin - ok
05:04:29.0515 1316 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
05:04:29.0625 1316 dmboot - ok
05:04:29.0687 1316 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
05:04:29.0703 1316 dmio - ok
05:04:29.0734 1316 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
05:04:29.0750 1316 dmload - ok
05:04:29.0781 1316 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
05:04:29.0796 1316 dmserver - ok
05:04:29.0812 1316 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
05:04:29.0828 1316 DMusic - ok
05:04:29.0859 1316 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
05:04:29.0859 1316 Dnscache - ok
05:04:29.0906 1316 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
05:04:29.0921 1316 Dot3svc - ok
05:04:29.0937 1316 dpti2o - ok
05:04:29.0968 1316 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
05:04:29.0984 1316 drmkaud - ok
05:04:30.0015 1316 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
05:04:30.0031 1316 EapHost - ok
05:04:30.0078 1316 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
05:04:30.0093 1316 ERSvc - ok
05:04:30.0125 1316 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
05:04:30.0140 1316 Eventlog - ok
05:04:30.0187 1316 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
05:04:30.0187 1316 EventSystem - ok
05:04:30.0250 1316 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
05:04:30.0265 1316 Fastfat - ok
05:04:30.0328 1316 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
05:04:30.0328 1316 FastUserSwitchingCompatibility - ok
05:04:30.0359 1316 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
05:04:30.0375 1316 Fdc - ok
05:04:30.0406 1316 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
05:04:30.0421 1316 Fips - ok
05:04:30.0437 1316 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
05:04:30.0437 1316 Flpydisk - ok
05:04:30.0468 1316 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
05:04:30.0484 1316 FltMgr - ok
05:04:30.0562 1316 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
05:04:30.0578 1316 FontCache3.0.0.0 - ok
05:04:30.0609 1316 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
05:04:30.0625 1316 Fs_Rec - ok
05:04:30.0656 1316 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
05:04:30.0703 1316 Ftdisk - ok
05:04:30.0734 1316 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
05:04:30.0750 1316 GEARAspiWDM - ok
05:04:30.0796 1316 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
05:04:30.0812 1316 Gpc - ok
05:04:30.0906 1316 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1ca454eaf1013b4 C:\Program Files\Google\Update\GoogleUpdate.exe
05:04:30.0906 1316 gupdate1ca454eaf1013b4 - ok
05:04:30.0937 1316 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
05:04:30.0937 1316 gupdatem - ok
05:04:31.0000 1316 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
05:04:31.0015 1316 gusvc - ok
05:04:31.0078 1316 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
05:04:31.0078 1316 helpsvc - ok
05:04:31.0109 1316 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
05:04:31.0140 1316 HidServ - ok
05:04:31.0171 1316 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
05:04:31.0171 1316 HidUsb - ok
05:04:31.0218 1316 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
05:04:31.0234 1316 hkmsvc - ok
05:04:31.0250 1316 hpn - ok
05:04:31.0312 1316 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
05:04:31.0312 1316 HTTP - ok
05:04:31.0343 1316 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
05:04:31.0343 1316 HTTPFilter - ok
05:04:31.0359 1316 i2omgmt - ok
05:04:31.0375 1316 i2omp - ok
05:04:31.0406 1316 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
05:04:31.0421 1316 i8042prt - ok
05:04:31.0468 1316 [ 44B7D5A4F2BD9FE21AEA0BB0BACE38C4 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
05:04:31.0531 1316 ialm - ok
05:04:31.0656 1316 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
05:04:31.0828 1316 idsvc - ok
05:04:31.0859 1316 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
05:04:31.0875 1316 Imapi - ok
05:04:31.0921 1316 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
05:04:31.0937 1316 ImapiService - ok
05:04:31.0953 1316 ini910u - ok
05:04:32.0000 1316 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
05:04:32.0000 1316 IntelIde - ok
05:04:32.0015 1316 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
05:04:32.0031 1316 intelppm - ok
05:04:32.0109 1316 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
05:04:32.0125 1316 IntuitUpdateService - ok
05:04:32.0171 1316 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
05:04:32.0171 1316 IntuitUpdateServiceV4 - ok
05:04:32.0218 1316 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
05:04:32.0218 1316 ip6fw - ok
05:04:32.0265 1316 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
05:04:32.0296 1316 IpFilterDriver - ok
05:04:32.0343 1316 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
05:04:32.0359 1316 IpInIp - ok
05:04:32.0390 1316 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
05:04:32.0406 1316 IpNat - ok
05:04:32.0468 1316 [ 33642C17C232AA272C68E446A2619899 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
05:04:32.0515 1316 iPod Service - ok
05:04:32.0531 1316 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
05:04:32.0546 1316 IPSec - ok
05:04:32.0578 1316 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
05:04:32.0593 1316 IRENUM - ok
05:04:32.0640 1316 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
05:04:32.0656 1316 isapnp - ok
05:04:32.0718 1316 [ 9A68677CF3CB6B3804E57812A526EB6B ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
05:04:32.0734 1316 ISWKL - ok
05:04:32.0765 1316 [ 9723687A734A494E3A7512AACBECA625 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
05:04:32.0796 1316 IswSvc - ok
05:04:32.0890 1316 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
05:04:32.0890 1316 JavaQuickStarterService - ok
05:04:32.0921 1316 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
05:04:32.0953 1316 Kbdclass - ok
05:04:32.0984 1316 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
05:04:33.0000 1316 kbdhid - ok
05:04:33.0031 1316 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
05:04:33.0046 1316 kmixer - ok
05:04:33.0093 1316 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
05:04:33.0093 1316 KSecDD - ok
05:04:33.0125 1316 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
05:04:33.0125 1316 lanmanserver - ok
05:04:33.0171 1316 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
05:04:33.0171 1316 lanmanworkstation - ok
05:04:33.0187 1316 lbrtfdc - ok
05:04:33.0234 1316 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
05:04:33.0234 1316 LmHosts - ok
05:04:33.0281 1316 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
05:04:33.0281 1316 Messenger - ok
05:04:33.0328 1316 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
05:04:33.0343 1316 mnmdd - ok
05:04:33.0375 1316 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
05:04:33.0406 1316 mnmsrvc - ok
05:04:33.0437 1316 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
05:04:33.0453 1316 Modem - ok
05:04:33.0500 1316 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
05:04:33.0500 1316 Mouclass - ok
05:04:33.0531 1316 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
05:04:33.0531 1316 mouhid - ok
05:04:33.0578 1316 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
05:04:33.0578 1316 MountMgr - ok
05:04:33.0593 1316 mraid35x - ok
05:04:33.0625 1316 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
05:04:33.0656 1316 MRxDAV - ok
05:04:33.0703 1316 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
05:04:33.0703 1316 MRxSmb - ok
05:04:33.0750 1316 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
05:04:33.0750 1316 MSDTC - ok
05:04:33.0796 1316 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
05:04:33.0812 1316 Msfs - ok
05:04:33.0828 1316 MSIServer - ok
05:04:33.0859 1316 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
05:04:33.0859 1316 MSKSSRV - ok
05:04:33.0875 1316 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
05:04:33.0890 1316 MSPCLOCK - ok
05:04:33.0921 1316 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
05:04:33.0921 1316 MSPQM - ok
05:04:33.0937 1316 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
05:04:33.0937 1316 mssmbios - ok
05:04:33.0984 1316 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
05:04:33.0984 1316 Mup - ok
05:04:34.0046 1316 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
05:04:34.0078 1316 napagent - ok
05:04:34.0171 1316 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
05:04:34.0203 1316 NDIS - ok
05:04:34.0234 1316 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
05:04:34.0234 1316 NdisTapi - ok
05:04:34.0265 1316 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
05:04:34.0265 1316 Ndisuio - ok
05:04:34.0281 1316 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
05:04:34.0296 1316 NdisWan - ok
05:04:34.0328 1316 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
05:04:34.0343 1316 NDProxy - ok
05:04:34.0375 1316 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
05:04:34.0390 1316 NetBIOS - ok
05:04:34.0406 1316 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
05:04:34.0437 1316 NetBT - ok
05:04:34.0500 1316 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
05:04:34.0515 1316 NetDDE - ok
05:04:34.0515 1316 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
05:04:34.0531 1316 NetDDEdsdm - ok
05:04:34.0578 1316 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
05:04:34.0578 1316 Netlogon - ok
05:04:34.0593 1316 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
05:04:34.0625 1316 Netman - ok
05:04:34.0671 1316 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
05:04:34.0687 1316 NetTcpPortSharing - ok
05:04:34.0734 1316 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
05:04:34.0734 1316 Nla - ok
05:04:34.0781 1316 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
05:04:34.0796 1316 Npfs - ok
05:04:34.0843 1316 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
05:04:34.0937 1316 Ntfs - ok
05:04:34.0953 1316 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
05:04:34.0953 1316 NtLmSsp - ok
05:04:35.0015 1316 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
05:04:35.0062 1316 NtmsSvc - ok
05:04:35.0109 1316 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
05:04:35.0125 1316 NuidFltr - ok
05:04:35.0140 1316 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
05:04:35.0140 1316 Null - ok
05:04:35.0218 1316 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
05:04:35.0218 1316 NwlnkFlt - ok
05:04:35.0265 1316 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
05:04:35.0265 1316 NwlnkFwd - ok
05:04:35.0375 1316 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
05:04:35.0421 1316 odserv - ok
05:04:35.0468 1316 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:04:35.0484 1316 ose - ok
05:04:35.0546 1316 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
05:04:35.0546 1316 Parport - ok
05:04:35.0578 1316 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
05:04:35.0578 1316 PartMgr - ok
05:04:35.0625 1316 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
05:04:35.0625 1316 ParVdm - ok
05:04:35.0656 1316 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
05:04:35.0671 1316 PCI - ok
05:04:35.0687 1316 PCIDump - ok
05:04:35.0703 1316 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
05:04:35.0703 1316 PCIIde - ok
05:04:35.0750 1316 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
05:04:35.0781 1316 Pcmcia - ok
05:04:35.0828 1316 [ 807FF1DD6E1BDF8E7D2062FCA0DAECAF ] PCTCore C:\WINDOWS\system32\drivers\PCTCore.sys
05:04:35.0859 1316 PCTCore - ok
05:04:35.0875 1316 PDCOMP - ok
05:04:35.0890 1316 PDFRAME - ok
05:04:35.0906 1316 PDRELI - ok
05:04:35.0921 1316 PDRFRAME - ok
05:04:35.0937 1316 perc2 - ok
05:04:35.0953 1316 perc2hib - ok
05:04:36.0000 1316 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
05:04:36.0015 1316 PlugPlay - ok
05:04:36.0031 1316 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
05:04:36.0031 1316 PolicyAgent - ok
05:04:36.0078 1316 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
05:04:36.0078 1316 PptpMiniport - ok
05:04:36.0109 1316 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
05:04:36.0125 1316 Processor - ok
05:04:36.0156 1316 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
05:04:36.0171 1316 ProtectedStorage - ok
05:04:36.0218 1316 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
05:04:36.0234 1316 PSched - ok
05:04:36.0250 1316 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
05:04:36.0265 1316 Ptilink - ok
05:04:36.0312 1316 [ 87956355A564F0C7CE9ABE75E12B6AA1 ] PurgeIEservice C:\Program Files\PurgeIE\PurgeIE_Service.exe
05:04:36.0328 1316 PurgeIEservice - ok
05:04:36.0359 1316 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
05:04:36.0375 1316 PxHelp20 - ok
05:04:36.0390 1316 ql1080 - ok
05:04:36.0406 1316 Ql10wnt - ok
05:04:36.0421 1316 ql12160 - ok
05:04:36.0437 1316 ql1240 - ok
05:04:36.0453 1316 ql1280 - ok
05:04:36.0484 1316 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
05:04:36.0500 1316 RasAcd - ok
05:04:36.0531 1316 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
05:04:36.0546 1316 RasAuto - ok
05:04:36.0578 1316 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
05:04:36.0593 1316 Rasl2tp - ok
05:04:36.0625 1316 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
05:04:36.0640 1316 RasMan - ok
05:04:36.0656 1316 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
05:04:36.0671 1316 RasPppoe - ok
05:04:36.0687 1316 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
05:04:36.0703 1316 Raspti - ok
05:04:36.0718 1316 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
05:04:36.0765 1316 Rdbss - ok
05:04:36.0781 1316 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
05:04:36.0812 1316 RDPCDD - ok
05:04:36.0875 1316 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
05:04:36.0875 1316 RDPWD - ok
05:04:36.0921 1316 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
05:04:36.0953 1316 RDSessMgr - ok
05:04:36.0984 1316 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
05:04:37.0000 1316 redbook - ok
05:04:37.0046 1316 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
05:04:37.0062 1316 RemoteAccess - ok
05:04:37.0109 1316 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
05:04:37.0125 1316 RFCOMM - ok
05:04:37.0187 1316 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
05:04:37.0203 1316 RimVSerPort - ok
05:04:37.0250 1316 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
05:04:37.0250 1316 ROOTMODEM - ok
05:04:37.0312 1316 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
05:04:37.0328 1316 RpcLocator - ok
05:04:37.0359 1316 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
05:04:37.0375 1316 RpcSs - ok
05:04:37.0421 1316 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
05:04:37.0437 1316 RSVP - ok
05:04:37.0468 1316 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
05:04:37.0468 1316 SamSs - ok
05:04:37.0515 1316 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
05:04:37.0531 1316 SCardSvr - ok
05:04:37.0578 1316 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
05:04:37.0625 1316 Schedule - ok
05:04:37.0734 1316 [ A1089AC7683826E6C7C9FAB9723DD80F ] sdAuxService C:\Program Files\Spyware Doctor\pctsAuxs.exe
05:04:37.0875 1316 sdAuxService - ok
05:04:37.0968 1316 [ 06F95756353653C7D505361117186713 ] sdCoreService C:\Program Files\Spyware Doctor\pctsSvc.exe
05:04:38.0093 1316 sdCoreService - ok
05:04:38.0140 1316 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
05:04:38.0156 1316 Secdrv - ok
05:04:38.0203 1316 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
05:04:38.0203 1316 seclogon - ok
05:04:38.0281 1316 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys
05:04:38.0343 1316 senfilt - ok
05:04:38.0375 1316 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
05:04:38.0390 1316 SENS - ok
05:04:38.0406 1316 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
05:04:38.0421 1316 serenum - ok
05:04:38.0453 1316 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
05:04:38.0453 1316 Serial - ok
05:04:38.0531 1316 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
05:04:38.0531 1316 Sfloppy - ok
05:04:38.0562 1316 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
05:04:38.0562 1316 ShellHWDetection - ok
05:04:38.0578 1316 Simbad - ok
05:04:38.0640 1316 [ C6D9959E493682F872A639B6EC1B4A08 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
05:04:38.0687 1316 smwdm - ok
05:04:38.0703 1316 Sparrow - ok
05:04:38.0750 1316 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
05:04:38.0765 1316 splitter - ok
05:04:38.0796 1316 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
05:04:38.0812 1316 Spooler - ok
05:04:38.0843 1316 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
05:04:38.0859 1316 sr - ok
05:04:38.0906 1316 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
05:04:38.0921 1316 srservice - ok
05:04:38.0953 1316 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
05:04:38.0968 1316 Srv - ok
05:04:39.0000 1316 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
05:04:39.0015 1316 SSDPSRV - ok
05:04:39.0046 1316 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
05:04:39.0046 1316 ssmdrv - ok
05:04:39.0078 1316 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
05:04:39.0109 1316 stisvc - ok
05:04:39.0140 1316 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
05:04:39.0156 1316 swenum - ok
05:04:39.0171 1316 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
05:04:39.0187 1316 swmidi - ok
05:04:39.0203 1316 SwPrv - ok
05:04:39.0218 1316 symc810 - ok
05:04:39.0234 1316 symc8xx - ok
05:04:39.0250 1316 sym_hi - ok
05:04:39.0265 1316 sym_u3 - ok
05:04:39.0281 1316 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
05:04:39.0296 1316 sysaudio - ok
05:04:39.0343 1316 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
05:04:39.0375 1316 SysmonLog - ok
05:04:39.0421 1316 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
05:04:39.0437 1316 TapiSrv - ok
05:04:39.0500 1316 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
05:04:39.0500 1316 Tcpip - ok
05:04:39.0546 1316 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
05:04:39.0562 1316 TDPIPE - ok
05:04:39.0578 1316 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
05:04:39.0593 1316 TDTCP - ok
05:04:39.0625 1316 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
05:04:39.0640 1316 TermDD - ok
05:04:39.0703 1316 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
05:04:39.0734 1316 TermService - ok
05:04:39.0765 1316 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
05:04:39.0765 1316 Themes - ok
05:04:39.0781 1316 TosIde - ok
05:04:39.0828 1316 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
05:04:39.0843 1316 TrkWks - ok
05:04:39.0890 1316 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
05:04:39.0890 1316 Udfs - ok
05:04:39.0906 1316 ultra - ok
05:04:39.0953 1316 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
05:04:39.0984 1316 Update - ok
05:04:40.0046 1316 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
05:04:40.0062 1316 upnphost - ok
05:04:40.0109 1316 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
05:04:40.0109 1316 UPS - ok
05:04:40.0171 1316 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
05:04:40.0203 1316 USBAAPL - ok
05:04:40.0234 1316 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
05:04:40.0250 1316 usbehci - ok
05:04:40.0281 1316 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
05:04:40.0312 1316 usbhub - ok
05:04:40.0359 1316 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
05:04:40.0359 1316 usbprint - ok
05:04:40.0406 1316 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
05:04:40.0406 1316 usbscan - ok
05:04:40.0453 1316 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
05:04:40.0468 1316 USBSTOR - ok
05:04:40.0484 1316 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
05:04:40.0500 1316 usbuhci - ok
05:04:40.0531 1316 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
05:04:40.0531 1316 VgaSave - ok
05:04:40.0546 1316 ViaIde - ok
05:04:40.0593 1316 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
05:04:40.0593 1316 VolSnap - ok
05:04:40.0687 1316 [ 18507BDC6C15BD464DE9AB18B6AF1C23 ] vpnagent C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
05:04:40.0718 1316 vpnagent - ok
05:04:40.0750 1316 [ FDDAFA1C89B0B07494AF5879F7ECE857 ] vpnva C:\WINDOWS\system32\DRIVERS\vpnva.sys
05:04:40.0781 1316 vpnva - ok
05:04:40.0859 1316 [ 640EC880A448894E12D94089579E6668 ] Vsdatant C:\WINDOWS\system32\vsdatant.sys
05:04:40.0937 1316 Vsdatant - ok
05:04:40.0968 1316 vsmon - ok
05:04:41.0015 1316 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
05:04:41.0046 1316 VSS - ok
05:04:41.0078 1316 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
05:04:41.0093 1316 W32Time - ok
05:04:41.0140 1316 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
05:04:41.0156 1316 Wanarp - ok
05:04:41.0218 1316 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
05:04:41.0250 1316 Wdf01000 - ok
05:04:41.0265 1316 WDICA - ok
05:04:41.0312 1316 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
05:04:41.0328 1316 wdmaud - ok
05:04:41.0359 1316 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
05:04:41.0390 1316 WebClient - ok
05:04:41.0468 1316 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
05:04:41.0484 1316 winmgmt - ok
05:04:41.0546 1316 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
05:04:41.0562 1316 WmdmPmSN - ok
05:04:41.0609 1316 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
05:04:41.0640 1316 WmiApSrv - ok
05:04:41.0750 1316 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
05:04:42.0015 1316 WMPNetworkSvc - ok
05:04:42.0125 1316 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
05:04:42.0546 1316 WPFFontCache_v0400 - ok
05:04:42.0578 1316 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
05:04:42.0593 1316 wuauserv - ok
05:04:42.0671 1316 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
05:04:42.0718 1316 WudfPf - ok
05:04:42.0765 1316 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
05:04:42.0781 1316 WudfRd - ok
05:04:42.0796 1316 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
05:04:42.0843 1316 WudfSvc - ok
05:04:42.0984 1316 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
05:04:43.0000 1316 WZCSVC - ok
05:04:43.0093 1316 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
05:04:43.0156 1316 xmlprov - ok
05:04:43.0171 1316 xwwclm - ok
05:04:43.0203 1316 ================ Scan global ===============================
05:04:43.0250 1316 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
05:04:43.0390 1316 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
05:04:43.0484 1316 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
05:04:43.0515 1316 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
05:04:43.0515 1316 [Global] - ok
05:04:43.0531 1316 ================ Scan MBR ==================================
05:04:43.0546 1316 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
05:04:44.0031 1316 \Device\Harddisk0\DR0 - ok
05:04:44.0031 1316 ================ Scan VBR ==================================
05:04:44.0062 1316 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
05:04:44.0078 1316 \Device\Harddisk0\DR0\Partition1 - ok
05:04:44.0093 1316 [ 7396F42CF3CCC859EFF5362BBBB0311B ] \Device\Harddisk0\DR0\Partition2
05:04:44.0109 1316 \Device\Harddisk0\DR0\Partition2 - ok
05:04:44.0109 1316 ============================================================
05:04:44.0109 1316 Scan finished
05:04:44.0109 1316 ============================================================
05:04:44.0140 3312 Detected object count: 0
05:04:44.0140 3312 Actual detected object count: 0
05:05:24.0359 1560 ============================================================
05:05:24.0359 1560 Scan started
05:05:24.0359 1560 Mode: Manual; TDLFS;
05:05:24.0359 1560 ============================================================
05:05:24.0750 1560 ================ Scan system memory ========================
05:05:24.0750 1560 System memory - ok
05:05:24.0750 1560 ================ Scan services =============================
05:05:24.0875 1560 Abiosdsk - ok
05:05:24.0890 1560 abp480n5 - ok
05:05:24.0937 1560 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
05:05:24.0937 1560 ACPI - ok
05:05:24.0968 1560 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
05:05:24.0968 1560 ACPIEC - ok
05:05:25.0031 1560 [ E850B0A94E8703CCBC980B31594DC408 ] acsint C:\WINDOWS\system32\DRIVERS\acsint.sys
05:05:25.0031 1560 acsint - ok
05:05:25.0062 1560 [ EA2429C90AEAB09D7F3A99B16DA23CED ] acsmux C:\WINDOWS\system32\DRIVERS\acsmux.sys
05:05:25.0062 1560 acsmux - ok
05:05:25.0125 1560 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
05:05:25.0125 1560 AdobeFlashPlayerUpdateSvc - ok
05:05:25.0140 1560 adpu160m - ok
05:05:25.0171 1560 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
05:05:25.0187 1560 aec - ok
05:05:25.0218 1560 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
05:05:25.0218 1560 AFD - ok
05:05:25.0234 1560 Aha154x - ok
05:05:25.0250 1560 aic78u2 - ok
05:05:25.0265 1560 aic78xx - ok
05:05:25.0312 1560 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
05:05:25.0312 1560 Alerter - ok
05:05:25.0343 1560 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
05:05:25.0343 1560 ALG - ok
05:05:25.0359 1560 AliIde - ok
05:05:25.0375 1560 amsint - ok
05:05:25.0453 1560 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
05:05:25.0453 1560 AntiVirSchedulerService - ok
05:05:25.0484 1560 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
05:05:25.0484 1560 AntiVirService - ok
05:05:25.0546 1560 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:05:25.0546 1560 Apple Mobile Device - ok
05:05:25.0562 1560 AppMgmt - ok
05:05:25.0578 1560 asc - ok
05:05:25.0593 1560 asc3350p - ok
05:05:25.0609 1560 asc3550 - ok
05:05:25.0718 1560 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
05:05:25.0718 1560 aspnet_state - ok
05:05:25.0781 1560 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
05:05:25.0781 1560 AsyncMac - ok
05:05:25.0828 1560 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
05:05:25.0828 1560 atapi - ok
05:05:25.0843 1560 Atdisk - ok
05:05:25.0875 1560 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
05:05:25.0890 1560 Atmarpc - ok
05:05:25.0921 1560 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
05:05:25.0921 1560 AudioSrv - ok
05:05:25.0953 1560 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
05:05:25.0953 1560 audstub - ok
05:05:26.0000 1560 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
05:05:26.0000 1560 avgntflt - ok
05:05:26.0031 1560 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
05:05:26.0046 1560 avipbb - ok
05:05:26.0078 1560 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
05:05:26.0078 1560 avkmgr - ok
05:05:26.0125 1560 [ B9391A83F075351C923C3A37C53AF396 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
05:05:26.0125 1560 b57w2k - ok
05:05:26.0171 1560 [ B60F57B4D9CDBC663CC03EB8AF7EC34E ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
05:05:26.0171 1560 bcm4sbxp - ok
05:05:26.0203 1560 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
05:05:26.0203 1560 Beep - ok
05:05:26.0265 1560 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
05:05:26.0281 1560 BITS - ok
05:05:26.0328 1560 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
05:05:26.0343 1560 Bonjour Service - ok
05:05:26.0390 1560 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
05:05:26.0390 1560 Browser - ok
05:05:26.0453 1560 [ 3DC7B0C7BE6164D3152513C0C208AD3B ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
05:05:26.0468 1560 btaudio - ok
05:05:26.0500 1560 [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
05:05:26.0500 1560 BTDriver - ok
05:05:26.0531 1560 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
05:05:26.0531 1560 BthEnum - ok
05:05:26.0562 1560 [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys
05:05:26.0562 1560 BTHMODEM - ok
05:05:26.0593 1560 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
05:05:26.0593 1560 BthPan - ok
05:05:26.0656 1560 [ 662BFD909447DD9CC15B1A1C366583B4 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
05:05:26.0656 1560 BTHPORT - ok
05:05:26.0703 1560 [ F4C43C66471B87996D95DB7A3A664A37 ] BthServ C:\WINDOWS\System32\bthserv.dll
05:05:26.0703 1560 BthServ - ok
05:05:26.0750 1560 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
05:05:26.0750 1560 BTHUSB - ok
05:05:26.0812 1560 [ 9F704F40CD50AE05BBFC492C0342E765 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
05:05:26.0812 1560 BTKRNL - ok
05:05:26.0890 1560 [ 7F9450547C5C1BC1FA9FD7E1059796CC ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
05:05:26.0906 1560 btwdins - ok
05:05:26.0937 1560 [ 485020A1E1FC5C51A800CA69C618D881 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
05:05:26.0937 1560 BTWDNDIS - ok
05:05:27.0000 1560 [ C51D50CF24DA69A9C499E65B0EDB3BB7 ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
05:05:27.0000 1560 btwhid - ok
05:05:27.0046 1560 [ 5922BAE0CD84924B9CD7E6BB515EE070 ] btwmodem C:\WINDOWS\system32\DRIVERS\btwmodem.sys
05:05:27.0046 1560 btwmodem - ok
05:05:27.0062 1560 [ 1166CB501E1C34750A91600579EFEAB3 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
05:05:27.0062 1560 BTWUSB - ok
05:05:27.0109 1560 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
05:05:27.0109 1560 cbidf2k - ok
05:05:27.0125 1560 cd20xrnt - ok
05:05:27.0171 1560 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
05:05:27.0171 1560 Cdaudio - ok
05:05:27.0218 1560 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
05:05:27.0218 1560 Cdfs - ok
05:05:27.0250 1560 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
05:05:27.0265 1560 Cdrom - ok
05:05:27.0265 1560 Changer - ok
05:05:27.0312 1560 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
05:05:27.0312 1560 CiSvc - ok
05:05:27.0343 1560 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
05:05:27.0343 1560 ClipSrv - ok
05:05:27.0390 1560 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:05:27.0390 1560 clr_optimization_v2.0.50727_32 - ok
05:05:27.0484 1560 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:05:27.0484 1560 clr_optimization_v4.0.30319_32 - ok
05:05:27.0500 1560 CmdIde - ok
05:05:27.0515 1560 COMSysApp - ok
05:05:27.0531 1560 Cpqarray - ok
05:05:27.0578 1560 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
05:05:27.0578 1560 CryptSvc - ok
05:05:27.0593 1560 dac2w2k - ok
05:05:27.0609 1560 dac960nt - ok
05:05:27.0656 1560 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
05:05:27.0656 1560 DcomLaunch - ok
05:05:27.0703 1560 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
05:05:27.0703 1560 Dhcp - ok
05:05:27.0734 1560 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
05:05:27.0734 1560 Disk - ok
05:05:27.0750 1560 dmadmin - ok
05:05:27.0812 1560 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
05:05:27.0828 1560 dmboot - ok
05:05:27.0875 1560 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
05:05:27.0875 1560 dmio - ok
05:05:27.0921 1560 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
05:05:27.0921 1560 dmload - ok
05:05:27.0968 1560 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
05:05:27.0968 1560 dmserver - ok
05:05:28.0000 1560 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
05:05:28.0000 1560 DMusic - ok
05:05:28.0031 1560 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
05:05:28.0031 1560 Dnscache - ok
05:05:28.0078 1560 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
05:05:28.0078 1560 Dot3svc - ok
05:05:28.0093 1560 dpti2o - ok
05:05:28.0140 1560 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
05:05:28.0140 1560 drmkaud - ok
05:05:28.0187 1560 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
05:05:28.0187 1560 EapHost - ok
05:05:28.0234 1560 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
05:05:28.0234 1560 ERSvc - ok
05:05:28.0265 1560 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
05:05:28.0281 1560 Eventlog - ok
05:05:28.0312 1560 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
05:05:28.0328 1560 EventSystem - ok
05:05:28.0375 1560 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
05:05:28.0375 1560 Fastfat - ok
05:05:28.0421 1560 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
05:05:28.0421 1560 FastUserSwitchingCompatibility - ok
05:05:28.0453 1560 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
05:05:28.0453 1560 Fdc - ok
05:05:28.0468 1560 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
05:05:28.0468 1560 Fips - ok
05:05:28.0484 1560 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
05:05:28.0484 1560 Flpydisk - ok
05:05:28.0500 1560 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
05:05:28.0500 1560 FltMgr - ok
05:05:28.0578 1560 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
05:05:28.0578 1560 FontCache3.0.0.0 - ok
05:05:28.0609 1560 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
05:05:28.0609 1560 Fs_Rec - ok
05:05:28.0656 1560 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
05:05:28.0656 1560 Ftdisk - ok
05:05:28.0687 1560 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
05:05:28.0687 1560 GEARAspiWDM - ok
05:05:28.0734 1560 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
05:05:28.0734 1560 Gpc - ok
05:05:28.0781 1560 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1ca454eaf1013b4 C:\Program Files\Google\Update\GoogleUpdate.exe
05:05:28.0796 1560 gupdate1ca454eaf1013b4 - ok
05:05:28.0812 1560 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
05:05:28.0812 1560 gupdatem - ok
05:05:28.0859 1560 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
05:05:28.0859 1560 gusvc - ok
05:05:28.0906 1560 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
05:05:28.0921 1560 helpsvc - ok
05:05:28.0937 1560 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
05:05:28.0937 1560 HidServ - ok
05:05:28.0968 1560 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
05:05:28.0968 1560 HidUsb - ok
05:05:29.0015 1560 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
05:05:29.0031 1560 hkmsvc - ok
05:05:29.0046 1560 hpn - ok
05:05:29.0093 1560 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
05:05:29.0093 1560 HTTP - ok
05:05:29.0125 1560 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
05:05:29.0125 1560 HTTPFilter - ok
05:05:29.0156 1560 i2omgmt - ok
05:05:29.0156 1560 i2omp - ok
05:05:29.0187 1560 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
05:05:29.0187 1560 i8042prt - ok
05:05:29.0250 1560 [ 44B7D5A4F2BD9FE21AEA0BB0BACE38C4 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
05:05:29.0265 1560 ialm - ok
05:05:29.0375 1560 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
05:05:29.0390 1560 idsvc - ok
05:05:29.0437 1560 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
05:05:29.0453 1560 Imapi - ok
05:05:29.0468 1560 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
05:05:29.0484 1560 ImapiService - ok
05:05:29.0500 1560 ini910u - ok
05:05:29.0531 1560 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
05:05:29.0531 1560 IntelIde - ok
05:05:29.0546 1560 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
05:05:29.0546 1560 intelppm - ok
05:05:29.0609 1560 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
05:05:29.0609 1560 IntuitUpdateService - ok
05:05:29.0687 1560 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
05:05:29.0687 1560 IntuitUpdateServiceV4 - ok
05:05:29.0750 1560 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
05:05:29.0750 1560 ip6fw - ok
05:05:29.0796 1560 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
05:05:29.0796 1560 IpFilterDriver - ok
05:05:29.0828 1560 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
05:05:29.0843 1560 IpInIp - ok
05:05:29.0875 1560 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
05:05:29.0875 1560 IpNat - ok
05:05:29.0937 1560 [ 33642C17C232AA272C68E446A2619899 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
05:05:29.0953 1560 iPod Service - ok
05:05:29.0968 1560 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
05:05:29.0968 1560 IPSec - ok
05:05:30.0015 1560 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
05:05:30.0015 1560 IRENUM - ok
05:05:30.0062 1560 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
05:05:30.0062 1560 isapnp - ok
05:05:30.0125 1560 [ 9A68677CF3CB6B3804E57812A526EB6B ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
05:05:30.0125 1560 ISWKL - ok
05:05:30.0171 1560 [ 9723687A734A494E3A7512AACBECA625 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
05:05:30.0187 1560 IswSvc - ok
05:05:30.0265 1560 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
05:05:30.0265 1560 JavaQuickStarterService - ok
05:05:30.0296 1560 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
05:05:30.0312 1560 Kbdclass - ok
05:05:30.0343 1560 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
05:05:30.0343 1560 kbdhid - ok
05:05:30.0375 1560 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
05:05:30.0375 1560 kmixer - ok
05:05:30.0421 1560 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
05:05:30.0421 1560 KSecDD - ok
05:05:30.0453 1560 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
05:05:30.0453 1560 lanmanserver - ok
05:05:30.0500 1560 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
05:05:30.0500 1560 lanmanworkstation - ok
05:05:30.0515 1560 lbrtfdc - ok
05:05:30.0562 1560 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
05:05:30.0562 1560 LmHosts - ok
05:05:30.0593 1560 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
05:05:30.0593 1560 Messenger - ok
05:05:30.0640 1560 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
05:05:30.0640 1560 mnmdd - ok
05:05:30.0687 1560 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
05:05:30.0687 1560 mnmsrvc - ok
05:05:30.0750 1560 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
05:05:30.0750 1560 Modem - ok
05:05:30.0796 1560 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
05:05:30.0796 1560 Mouclass - ok
05:05:30.0828 1560 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
05:05:30.0828 1560 mouhid - ok
05:05:30.0875 1560 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
05:05:30.0875 1560 MountMgr - ok
05:05:30.0890 1560 mraid35x - ok
05:05:30.0906 1560 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
05:05:30.0906 1560 MRxDAV - ok
05:05:30.0968 1560 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
05:05:30.0968 1560 MRxSmb - ok
05:05:31.0000 1560 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
05:05:31.0000 1560 MSDTC - ok
05:05:31.0046 1560 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
05:05:31.0046 1560 Msfs - ok
05:05:31.0062 1560 MSIServer - ok
05:05:31.0093 1560 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
05:05:31.0093 1560 MSKSSRV - ok
05:05:31.0109 1560 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
05:05:31.0109 1560 MSPCLOCK - ok
05:05:31.0140 1560 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
05:05:31.0140 1560 MSPQM - ok
05:05:31.0156 1560 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
05:05:31.0156 1560 mssmbios - ok
05:05:31.0203 1560 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
05:05:31.0203 1560 Mup - ok
05:05:31.0250 1560 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
05:05:31.0265 1560 napagent - ok
05:05:31.0312 1560 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
05:05:31.0312 1560 NDIS - ok
05:05:31.0343 1560 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
05:05:31.0343 1560 NdisTapi - ok
05:05:31.0375 1560 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
05:05:31.0375 1560 Ndisuio - ok
05:05:31.0390 1560 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
05:05:31.0390 1560 NdisWan - ok
05:05:31.0421 1560 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
05:05:31.0421 1560 NDProxy - ok
05:05:31.0468 1560 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
05:05:31.0468 1560 NetBIOS - ok
05:05:31.0484 1560 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
05:05:31.0484 1560 NetBT - ok
05:05:31.0531 1560 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
05:05:31.0531 1560 NetDDE - ok
05:05:31.0546 1560 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
05:05:31.0562 1560 NetDDEdsdm - ok
05:05:31.0609 1560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
05:05:31.0609 1560 Netlogon - ok
05:05:31.0625 1560 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
05:05:31.0640 1560 Netman - ok
05:05:31.0671 1560 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
05:05:31.0687 1560 NetTcpPortSharing - ok
05:05:31.0734 1560 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
05:05:31.0734 1560 Nla - ok
05:05:31.0765 1560 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
05:05:31.0781 1560 Npfs - ok
05:05:31.0812 1560 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
05:05:31.0812 1560 Ntfs - ok
05:05:31.0843 1560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
05:05:31.0843 1560 NtLmSsp - ok
05:05:31.0906 1560 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
05:05:31.0921 1560 NtmsSvc - ok
05:05:31.0953 1560 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
05:05:31.0953 1560 NuidFltr - ok
05:05:31.0984 1560 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
05:05:31.0984 1560 Null - ok
05:05:32.0015 1560 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
05:05:32.0031 1560 NwlnkFlt - ok
05:05:32.0062 1560 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
05:05:32.0062 1560 NwlnkFwd - ok
05:05:32.0156 1560 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
05:05:32.0156 1560 odserv - ok
05:05:32.0203 1560 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:05:32.0218 1560 ose - ok
05:05:32.0265 1560 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
05:05:32.0265 1560 Parport - ok
05:05:32.0281 1560 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
05:05:32.0281 1560 PartMgr - ok
05:05:32.0328 1560 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
05:05:32.0328 1560 ParVdm - ok
05:05:32.0359 1560 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
05:05:32.0359 1560 PCI - ok
05:05:32.0375 1560 PCIDump - ok
05:05:32.0390 1560 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
05:05:32.0390 1560 PCIIde - ok
05:05:32.0437 1560 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
05:05:32.0437 1560 Pcmcia - ok
05:05:32.0468 1560 [ 807FF1DD6E1BDF8E7D2062FCA0DAECAF ] PCTCore C:\WINDOWS\system32\drivers\PCTCore.sys
05:05:32.0468 1560 PCTCore - ok
05:05:32.0484 1560 PDCOMP - ok
05:05:32.0500 1560 PDFRAME - ok
05:05:32.0515 1560 PDRELI - ok
05:05:32.0531 1560 PDRFRAME - ok
05:05:32.0546 1560 perc2 - ok
05:05:32.0562 1560 perc2hib - ok
05:05:32.0625 1560 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
05:05:32.0625 1560 PlugPlay - ok
05:05:32.0640 1560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
05:05:32.0640 1560 PolicyAgent - ok
05:05:32.0687 1560 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
05:05:32.0687 1560 PptpMiniport - ok
05:05:32.0703 1560 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
05:05:32.0703 1560 Processor - ok
05:05:32.0718 1560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
05:05:32.0734 1560 ProtectedStorage - ok
05:05:32.0734 1560 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
05:05:32.0734 1560 PSched - ok
05:05:32.0765 1560 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
05:05:32.0765 1560 Ptilink - ok
05:05:32.0828 1560 [ 87956355A564F0C7CE9ABE75E12B6AA1 ] PurgeIEservice C:\Program Files\PurgeIE\PurgeIE_Service.exe
05:05:32.0828 1560 PurgeIEservice - ok
05:05:32.0859 1560 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
05:05:32.0859 1560 PxHelp20 - ok
05:05:32.0875 1560 ql1080 - ok
05:05:32.0890 1560 Ql10wnt - ok
05:05:32.0906 1560 ql12160 - ok
05:05:32.0921 1560 ql1240 - ok
05:05:32.0921 1560 ql1280 - ok
05:05:32.0953 1560 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
05:05:32.0953 1560 RasAcd - ok
05:05:33.0000 1560 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
05:05:33.0000 1560 RasAuto - ok
05:05:33.0031 1560 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
05:05:33.0031 1560 Rasl2tp - ok
05:05:33.0062 1560 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
05:05:33.0078 1560 RasMan - ok
05:05:33.0093 1560 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
05:05:33.0093 1560 RasPppoe - ok
05:05:33.0109 1560 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
05:05:33.0109 1560 Raspti - ok
05:05:33.0140 1560 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
05:05:33.0156 1560 Rdbss - ok
05:05:33.0171 1560 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
05:05:33.0171 1560 RDPCDD - ok
05:05:33.0234 1560 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
05:05:33.0250 1560 RDPWD - ok
05:05:33.0296 1560 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
05:05:33.0312 1560 RDSessMgr - ok
05:05:33.0359 1560 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
05:05:33.0359 1560 redbook - ok
05:05:33.0406 1560 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
05:05:33.0406 1560 RemoteAccess - ok
05:05:33.0468 1560 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
05:05:33.0468 1560 RFCOMM - ok
05:05:33.0515 1560 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
05:05:33.0515 1560 RimVSerPort - ok
05:05:33.0546 1560 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
05:05:33.0546 1560 ROOTMODEM - ok
05:05:33.0593 1560 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
05:05:33.0609 1560 RpcLocator - ok
05:05:33.0656 1560 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
05:05:33.0656 1560 RpcSs - ok
05:05:33.0703 1560 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
05:05:33.0718 1560 RSVP - ok
05:05:33.0750 1560 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
05:05:33.0750 1560 SamSs - ok
05:05:33.0796 1560 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
05:05:33.0796 1560 SCardSvr - ok
05:05:33.0843 1560 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
05:05:33.0859 1560 Schedule - ok
05:05:33.0953 1560 [ A1089AC7683826E6C7C9FAB9723DD80F ] sdAuxService C:\Program Files\Spyware Doctor\pctsAuxs.exe
05:05:33.0968 1560 sdAuxService - ok
05:05:34.0031 1560 [ 06F95756353653C7D505361117186713 ] sdCoreService C:\Program Files\Spyware Doctor\pctsSvc.exe
05:05:34.0046 1560 sdCoreService - ok
05:05:34.0078 1560 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
05:05:34.0093 1560 Secdrv - ok
05:05:34.0125 1560 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
05:05:34.0125 1560 seclogon - ok
05:05:34.0171 1560 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys
05:05:34.0187 1560 senfilt - ok
05:05:34.0218 1560 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
05:05:34.0234 1560 SENS - ok
05:05:34.0250 1560 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
05:05:34.0250 1560 serenum - ok
05:05:34.0281 1560 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
05:05:34.0281 1560 Serial - ok
05:05:34.0343 1560 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
05:05:34.0343 1560 Sfloppy - ok
05:05:34.0375 1560 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
05:05:34.0375 1560 ShellHWDetection - ok
05:05:34.0390 1560 Simbad - ok
05:05:34.0453 1560 [ C6D9959E493682F872A639B6EC1B4A08 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
05:05:34.0468 1560 smwdm - ok
05:05:34.0484 1560 Sparrow - ok
05:05:34.0515 1560 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
05:05:34.0515 1560 splitter - ok
05:05:34.0562 1560 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
05:05:34.0562 1560 Spooler - ok
05:05:34.0593 1560 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
05:05:34.0593 1560 sr - ok
05:05:34.0640 1560 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
05:05:34.0640 1560 srservice - ok
05:05:34.0687 1560 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
05:05:34.0687 1560 Srv - ok
05:05:34.0734 1560 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
05:05:34.0734 1560 SSDPSRV - ok
05:05:34.0812 1560 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
05:05:34.0812 1560 ssmdrv - ok
05:05:34.0859 1560 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
05:05:34.0859 1560 stisvc - ok
05:05:34.0890 1560 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
05:05:34.0890 1560 swenum - ok
05:05:34.0921 1560 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
05:05:34.0921 1560 swmidi - ok
05:05:34.0953 1560 SwPrv - ok
05:05:34.0968 1560 symc810 - ok
05:05:34.0984 1560 symc8xx - ok
05:05:35.0000 1560 sym_hi - ok
05:05:35.0015 1560 sym_u3 - ok
05:05:35.0031 1560 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
05:05:35.0031 1560 sysaudio - ok
05:05:35.0078 1560 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
05:05:35.0093 1560 SysmonLog - ok
05:05:35.0125 1560 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
05:05:35.0125 1560 TapiSrv - ok
05:05:35.0187 1560 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
05:05:35.0187 1560 Tcpip - ok
05:05:35.0250 1560 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
05:05:35.0250 1560 TDPIPE - ok
05:05:35.0265 1560 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
05:05:35.0281 1560 TDTCP - ok
05:05:35.0296 1560 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
05:05:35.0312 1560 TermDD - ok
05:05:35.0343 1560 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
05:05:35.0359 1560 TermService - ok
05:05:35.0390 1560 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
05:05:35.0390 1560 Themes - ok
05:05:35.0406 1560 TosIde - ok
05:05:35.0437 1560 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
05:05:35.0437 1560 TrkWks - ok
05:05:35.0484 1560 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
05:05:35.0484 1560 Udfs - ok
05:05:35.0500 1560 ultra - ok
05:05:35.0546 1560 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
05:05:35.0546 1560 Update - ok
05:05:35.0609 1560 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
05:05:35.0609 1560 upnphost - ok
05:05:35.0640 1560 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
05:05:35.0656 1560 UPS - ok
05:05:35.0718 1560 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
05:05:35.0718 1560 USBAAPL - ok
05:05:35.0765 1560 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
05:05:35.0765 1560 usbehci - ok
05:05:35.0796 1560 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
05:05:35.0796 1560 usbhub - ok
05:05:35.0843 1560 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
05:05:35.0843 1560 usbprint - ok
05:05:35.0875 1560 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
05:05:35.0875 1560 usbscan - ok
05:05:35.0906 1560 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
05:05:35.0921 1560 USBSTOR - ok
05:05:35.0953 1560 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
05:05:35.0953 1560 usbuhci - ok
05:05:35.0984 1560 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
05:05:36.0000 1560 VgaSave - ok
05:05:36.0015 1560 ViaIde - ok
05:05:36.0046 1560 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
05:05:36.0046 1560 VolSnap - ok
05:05:36.0125 1560 [ 18507BDC6C15BD464DE9AB18B6AF1C23 ] vpnagent C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
05:05:36.0140 1560 vpnagent - ok
05:05:36.0171 1560 [ FDDAFA1C89B0B07494AF5879F7ECE857 ] vpnva C:\WINDOWS\system32\DRIVERS\vpnva.sys
05:05:36.0171 1560 vpnva - ok
05:05:36.0250 1560 [ 640EC880A448894E12D94089579E6668 ] Vsdatant C:\WINDOWS\system32\vsdatant.sys
05:05:36.0250 1560 Vsdatant - ok
05:05:36.0296 1560 vsmon - ok
05:05:36.0343 1560 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
05:05:36.0343 1560 VSS - ok
05:05:36.0390 1560 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
05:05:36.0390 1560 W32Time - ok
05:05:36.0421 1560 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
05:05:36.0437 1560 Wanarp - ok
05:05:36.0500 1560 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
05:05:36.0500 1560 Wdf01000 - ok
05:05:36.0515 1560 WDICA - ok
05:05:36.0546 1560 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
05:05:36.0546 1560 wdmaud - ok
05:05:36.0578 1560 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
05:05:36.0593 1560 WebClient - ok
05:05:36.0656 1560 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
05:05:36.0656 1560 winmgmt - ok
05:05:36.0734 1560 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
05:05:36.0734 1560 WmdmPmSN - ok
05:05:36.0781 1560 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
05:05:36.0781 1560 WmiApSrv - ok
05:05:36.0890 1560 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
05:05:36.0906 1560 WMPNetworkSvc - ok
05:05:36.0984 1560 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
05:05:36.0984 1560 WPFFontCache_v0400 - ok
05:05:37.0015 1560 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
05:05:37.0031 1560 wuauserv - ok
05:05:37.0078 1560 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
05:05:37.0078 1560 WudfPf - ok
05:05:37.0109 1560 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
05:05:37.0125 1560 WudfRd - ok
05:05:37.0171 1560 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
05:05:37.0171 1560 WudfSvc - ok
05:05:37.0234 1560 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
05:05:37.0234 1560 WZCSVC - ok
05:05:37.0281 1560 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
05:05:37.0296 1560 xmlprov - ok
05:05:37.0312 1560 xwwclm - ok
05:05:37.0343 1560 ================ Scan global ===============================
05:05:37.0390 1560 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
05:05:37.0437 1560 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
05:05:37.0468 1560 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
05:05:37.0484 1560 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
05:05:37.0484 1560 [Global] - ok
05:05:37.0500 1560 ================ Scan MBR ==================================
05:05:37.0515 1560 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
05:05:37.0703 1560 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
05:05:37.0718 1560 \Device\Harddisk0\DR0 - detected TDSS File System (1)
05:05:37.0718 1560 ================ Scan VBR ==================================
05:05:37.0750 1560 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
05:05:37.0750 1560 \Device\Harddisk0\DR0\Partition1 - ok
05:05:37.0765 1560 [ 7396F42CF3CCC859EFF5362BBBB0311B ] \Device\Harddisk0\DR0\Partition2
05:05:37.0765 1560 \Device\Harddisk0\DR0\Partition2 - ok
05:05:37.0765 1560 ============================================================
05:05:37.0765 1560 Scan finished
05:05:37.0765 1560 ============================================================
05:05:37.0796 1600 Detected object count: 1
05:05:37.0796 1600 Actual detected object count: 1
05:06:04.0859 1600 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
05:06:04.0859 1600 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#4 tpc1249

tpc1249
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:08 PM

Posted 05 September 2012 - 05:57 AM

aswMBR log


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-05 05:11:31
-----------------------------
05:11:31.171 OS Version: Windows 5.1.2600 Service Pack 3
05:11:31.171 Number of processors: 1 586 0x209
05:11:31.187 ComputerName: MSU-U88MX8YIKZ0 UserName: Family
05:11:31.687 Initialize success
05:18:17.453 AVAST engine defs: 12090500
05:18:48.968 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
05:18:48.968 Disk 0 Vendor: Maxtor_6Y080L0 YAR41BW0 Size: 76293MB BusType: 3
05:18:48.984 Disk 0 MBR read successfully
05:18:48.984 Disk 0 MBR scan
05:18:49.171 Disk 0 Windows XP default MBR code
05:18:49.187 Disk 0 Partition - 00 05 Extended 31 MB offset 16065
05:18:49.203 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76245 MB offset 80325
05:18:49.281 Disk 0 Partition 2 00 06 FAT16 31 MB offset 16128
05:18:49.312 Disk 0 scanning sectors +156232125
05:18:49.453 Disk 0 scanning C:\WINDOWS\system32\drivers
05:19:17.937 Service scanning
05:19:50.218 Modules scanning
05:20:02.500 Disk 0 trace - called modules:
05:20:03.015 ntoskrnl.exe CLASSPNP.SYS disk.sys PCTCore.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
05:20:03.031 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f83ab8]
05:20:03.031 3 CLASSPNP.SYS[f75b5fd7] -> nt!IofCallDriver -> [0x86fdc920]
05:20:03.031 5 PCTCore.sys[f7470eae] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86fc9d98]
05:20:04.218 AVAST engine scan C:\WINDOWS
05:20:16.109 AVAST engine scan C:\WINDOWS\system32
05:26:17.515 AVAST engine scan C:\WINDOWS\system32\drivers
05:26:43.843 AVAST engine scan C:\Documents and Settings\Family
05:45:10.750 AVAST engine scan C:\Documents and Settings\All Users
05:47:47.812 Scan finished successfully
05:51:42.859 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
05:51:42.875 The log file has been saved successfully to "C:\aswMBR.txt"

#5 tpc1249

tpc1249
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:08 PM

Posted 05 September 2012 - 11:20 AM

Ran ESET. Said that no threats were found but near the end (99% done) Avira found the virus again. Not sure what to make of that.

I am leaving on business until Friday afternoon. I can check the forum but will not have access to the infected computer.

Thank you!

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:08 PM

Posted 05 September 2012 - 12:48 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#7 tpc1249

tpc1249
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:08 PM

Posted 09 September 2012 - 06:12 AM

Ran Malwarebytes No malicious items.


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.08.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Family :: MSU-U88MX8YIKZ0 [administrator]

9/8/2012 2:38:53 PM
mbam-log-2012-09-08 (14-38-53).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 404126
Time elapsed: 4 hour(s), 46 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8 tpc1249

tpc1249
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:08 PM

Posted 09 September 2012 - 06:30 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Family (administrator) on 09-09-2012 at 06:13:32
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 14624 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows = Cisco AnyConnect Secure Mobility Client Connection (Disconnected)
Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : msu-u88mx8yikz0

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : msstate.edu

msstate.edu



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

Physical Address. . . . . . . . . : 00-0D-56-15-23-47

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 10.0.0.4

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 10.0.0.1

DHCP Server . . . . . . . . . . . : 10.0.0.1

DNS Servers . . . . . . . . . . . : 10.0.0.1

Lease Obtained. . . . . . . . . . : Sunday, September 09, 2012 3:30:56 AM

Lease Expires . . . . . . . . . . : Monday, September 10, 2012 3:30:56 AM

Server: UnKnown
Address: 10.0.0.1

Name: google.com.msstate.edu
Address: 92.242.144.7



Pinging google.com [74.125.228.98] with 32 bytes of data:



Reply from 74.125.228.98: bytes=32 time=35ms TTL=54

Reply from 74.125.228.98: bytes=32 time=35ms TTL=54



Ping statistics for 74.125.228.98:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 35ms, Maximum = 35ms, Average = 35ms

Server: UnKnown
Address: 10.0.0.1

Name: yahoo.com.msstate.edu
Address: 92.242.144.7



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=86ms TTL=48

Reply from 98.139.183.24: bytes=32 time=171ms TTL=47



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 86ms, Maximum = 171ms, Average = 128ms

Server: UnKnown
Address: 10.0.0.1

Name: bleepingcomputer.com.msstate.edu
Address: 92.242.144.7



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0d 56 15 23 47 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.4 20
10.0.0.0 255.255.255.0 10.0.0.4 10.0.0.4 20
10.0.0.4 255.255.255.255 127.0.0.1 127.0.0.1 20
10.255.255.255 255.255.255.255 10.0.0.4 10.0.0.4 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 10.0.0.4 10.0.0.4 20
224.0.0.0 240.0.0.0 10.0.0.4 10.0.0.4 20
255.255.255.255 255.255.255.255 10.0.0.4 10.0.0.4 1
Default Gateway: 10.0.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\wshbth.dll [108032] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/29/2012 05:23:25 AM) (Source: Application Hang) (User: )
Description: Hanging application ntvdm.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/28/2012 08:44:39 AM) (Source: Application Error) (User: )
Description: Faulting application netscape.exe, version 4.8.0.26, faulting module netscape.exe, version 4.8.0.26, fault address 0x0005813a.
Processing media-specific event for [netscape.exe!ws!]

Error: (08/28/2012 08:43:06 AM) (Source: Application Error) (User: )
Description: Faulting application netscape.exe, version 4.8.0.26, faulting module netscape.exe, version 4.8.0.26, fault address 0x00055163.
Processing media-specific event for [netscape.exe!ws!]

Error: (08/28/2012 08:40:44 AM) (Source: Application Error) (User: )
Description: Faulting application netscape.exe, version 4.8.0.26, faulting module netscape.exe, version 4.8.0.26, fault address 0x00055163.
Processing media-specific event for [netscape.exe!ws!]

Error: (08/28/2012 05:28:30 AM) (Source: MATLAB) (User: )
Description: MATLABSevere:
Error checking out license
The program '[3392] C:\Program Files\MATLAB\R2012a\bin\win32\MATLAB.exe: Native' has exited with code 1 (0x1).

Error: (08/28/2012 05:28:05 AM) (Source: MATLAB) (User: )
Description: MATLABSevere:
Error checking out license
The program '[3320] C:\Program Files\MATLAB\R2012a\bin\win32\MATLAB.exe: Native' has exited with code 1 (0x1).

Error: (08/28/2012 05:26:16 AM) (Source: MATLAB) (User: )
Description: MATLABSevere:
Error checking out license
The program '[2412] C:\Program Files\MATLAB\R2012a\bin\win32\MATLAB.exe: Native' has exited with code 1 (0x1).

Error: (08/28/2012 05:21:32 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (08/28/2012 05:18:47 AM) (Source: MATLAB) (User: )
Description: MATLABSevere:
Error checking out license
The program '[4744] C:\Program Files\MATLAB\R2012a\bin\win32\MATLAB.exe: Native' has exited with code 1 (0x1).

Error: (08/28/2012 05:18:32 AM) (Source: MATLAB) (User: )
Description: MATLABSevere:
Error checking out license
The program '[6604] C:\Program Files\MATLAB\R2012a\bin\win32\MATLAB.exe: Native' has exited with code 1 (0x1).


System errors:
=============
Error: (09/08/2012 10:39:05 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (09/08/2012 10:39:05 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (09/08/2012 10:39:05 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (09/08/2012 10:39:00 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (09/08/2012 10:39:00 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (09/08/2012 10:39:00 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (09/08/2012 00:32:07 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (09/08/2012 00:30:29 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (09/08/2012 00:30:29 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (09/08/2012 00:30:29 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D


Microsoft Office Sessions:
=========================
Error: (12/19/2010 03:59:56 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15236 seconds with 60 seconds of active time. This session ended with a crash.

Error: (11/29/2010 01:46:53 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 71133 seconds with 3480 seconds of active time. This session ended with a crash.

Error: (05/31/2010 10:28:17 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6527.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 84 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Adobe Flash Player 10 Plugin (Version: 10.0.22.87)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Shockwave Player 11.5 (Version: 11.5.6.606)
AIM 7
AIM Toolbar
Anti-Malware Toolkit 1.13.326 (Version: 1.13.326)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.96)
Apple Software Update (Version: 2.1.3.127)
Audible Download Manager (Version: 6.6.0.15)
AudibleManager (Version: 2089882838.2089882900.2090328352.2089882858)
AutoUpdate (Version: 1.1)
Avira Free Antivirus (Version: 12.0.0.1167)
BlackBerry Desktop Software 5.0.1 (Version: 5.0.1.37)
BlackBerry® Media Sync (Version: 3.0.0.39)
Bloggie Software (Version: 3.3.1.73)
Bonjour (Version: 3.0.0.10)
Broadcom 440x 10/100 Integrated Controller (Version: 3.29)
Broadcom Management Programs (Version: 4.01.0000)
CCleaner (Version: 2.33)
Cisco AnyConnect Secure Mobility Client (Version: 3.0.08057)
Cisco AnyConnect Secure Mobility Client (Version: 3.0.08057)
Convert AVI to MP4 1.3
CutePDF Writer 2.6
dBpoweramp FLAC Codec (Version: Release 13.1 (FLAC 1.2.1))
dBpoweramp Music Converter (Version: Release 13.3)
DivX (Version: 6.2.2)
DivX Player (Version: 6.2.0)
DivX Web Player (Version: 1.0.0)
Download Updater (AOL LLC)
eQUEST 3-63 (Version: 3.63b)
ESET Online Scanner v3
Foxit Reader
Google Chrome (Version: 21.0.1180.89)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3203.136)
Google Update Helper (Version: 1.3.21.115)
GrabIt 1.7.2 Beta 4 (build 997)
HydroCAD
Intel® Extreme Graphics Driver
Ipswitch WS_FTP LE
iSEEK AnswerWorks English Runtime (Version: 009.000.0002)
iTunes (Version: 10.5.0.142)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mathcad 14 (Version: 14.0.3.0)
Mathcad 14 Help (Version: 14)
Mathcad 14 Resource Center (Version: 14)
MATLAB R2012a (Version: 7.14)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
NavNet NG (Version: 5)
Nero MediaHome 4 Essentials
Netscape Communicator 4.8
Pictures Slideshow Maker
PurgeIE - 8.02 (Version: 8.02)
Python 2.7.2 (Version: 2.7.2150)
QuickTime (Version: 7.69.80.9)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
RealUpgrade 1.0 (Version: 1.0.0)
RealUpgrade 1.1 (Version: 1.1.0)
Safari (Version: 5.33.18.5)
SoundMAX (Version: 5.12.01.5246)
Spybot - Search & Destroy (Version: 1.6.2)
Spyware Doctor 7.0 (Version: 7.0)
SpywareBlaster 4.3 (Version: 4.3.0)
TurboTax 2009
TurboTax 2009 WinPerFedFormset (Version: 009.000.2881)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0245)
TurboTax 2009 wmsiper (Version: 009.000.0471)
TurboTax 2009 wrapper (Version: 009.000.0145)
TurboTax 2010
TurboTax 2010 WinPerFedFormset (Version: 010.000.4227)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0483)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0214)
TurboTax 2010 wkyiper (Version: 010.000.1269)
TurboTax 2010 wmsiper (Version: 010.000.1231)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.2999)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0495)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0214)
TurboTax 2011 wkyiper (Version: 011.000.1693)
TurboTax 2011 wmeiper (Version: 011.000.1582)
TurboTax 2011 wmsiper (Version: 011.000.1207)
TurboTax 2011 wrapper (Version: 011.000.0121)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VC 9.0 Runtime (Version: 1.0.0)
WebFldrs XP (Version: 9.50.6513)
WIDCOMM Bluetooth Software (Version: 5.5.0.7900)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
Yahoo! Detect
ZoneAlarm Firewall (Version: 10.2.068.000)
ZoneAlarm Free Firewall (Version: 10.2.068.000)
ZoneAlarm LTD Toolbar
ZoneAlarm Security (Version: 10.2.068.000)

========================= Memory info: ===================================

Percentage of memory in use: 57%
Total physical RAM: 1022 MB
Available physical RAM: 433 MB
Total Pagefile: 2463.69 MB
Available Pagefile: 1674.15 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.09 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:74.46 GB) (Free:11.05 GB) NTFS

========================= Users: ========================================

User accounts for \\MSU-U88MX8YIKZ0

Administrator Family Guest
HelpAssistant Owner SUPPORT_388945a0


**** End of log ****

#9 tpc1249

tpc1249
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:08 PM

Posted 09 September 2012 - 06:34 AM

Farbar Service Scanner Version: 06-08-2012
Ran by Family (administrator) on 09-09-2012 at 06:28:24
Running from "C:\Documents and Settings\Family\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
acsint(9) acsmux(12) Gpc(3) IPSec(5) NetBT(6) PSched(7) RFCOMM(8) Tcpip(4)
0x0C0000000500000001000000020000000300000004000000060000000700000008000000090000000A0000000B0000000C000000
IpSec Tag value is correct.

**** End of log ****

#10 tpc1249

tpc1249
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:08 PM

Posted 09 September 2012 - 06:37 AM

# AdwCleaner v2.001 - Logfile created 09/09/2012 at 06:31:14
# Updated 09/09/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Family - MSU-U88MX8YIKZ0
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Family\My Documents\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\DOCUME~1\Family\LOCALS~1\Temp\Uninstall.exe
File Found : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Found : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
File Found : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Found : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
Folder Found : C:\Documents and Settings\Family\Local Settings\Application Data\Conduit
Folder Found : C:\Documents and Settings\Owner\Local Settings\Application Data\Conduit
Folder Found : C:\Program Files\Common Files\Software Update Utility
Folder Found : C:\Program Files\Conduit

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\ConduitSearchScopes
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\Software\AskBarDis
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2611275
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2645238
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Found : HKU\S-1-5-21-1645522239-1563985344-839522115-1012\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Family\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [3813 octets] - [09/09/2012 06:31:14]

########## EOF - C:\AdwCleaner[R1].txt - [3873 octets] ##########

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:08 PM

Posted 09 September 2012 - 06:41 AM

Launch Adware cleaner and click on DELETE

Post the new log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users