Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

EXP/Pidief.djn exploit Virus


  • Please log in to reply
27 replies to this topic

#1 hunnybunny

hunnybunny

  • Members
  • 196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:44 AM

Posted 25 October 2012 - 02:53 PM

Avira caught the "EXP/Pidief.djn exploit" today which I quarantined and deleted. Should I take any further steps?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:44 AM

Posted 25 October 2012 - 04:04 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 hunnybunny

hunnybunny
  • Topic Starter

  • Members
  • 196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:44 AM

Posted 25 October 2012 - 04:28 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


narenxp: I won't be able to address this until tomorrow. Is my pc at risk until then? I only logged off and didn't shutdown.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:44 AM

Posted 25 October 2012 - 06:41 PM

Turn off your PC until you start scanning.

#5 hunnybunny

hunnybunny
  • Topic Starter

  • Members
  • 196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:44 AM

Posted 26 October 2012 - 02:27 PM


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


narenxp: I won't be able to address this until tomorrow. Is my pc at risk until then? I only logged off and didn't shutdown.

I have run everything but not sure where to find the ESET log.

#6 hunnybunny

hunnybunny
  • Topic Starter

  • Members
  • 196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:44 AM

Posted 26 October 2012 - 02:59 PM

I hope I've done this correctly:

11:39:40.0358 1820 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
11:39:40.0686 1820 ============================================================
11:39:40.0686 1820 Current date / time: 2012/10/26 11:39:40.0686
11:39:40.0686 1820 SystemInfo:
11:39:40.0686 1820
11:39:40.0686 1820 OS Version: 5.1.2600 ServicePack: 2.0
11:39:40.0686 1820 Product type: Workstation
11:39:40.0686 1820 ComputerName:
11:39:40.0686 1820 UserName:
11:39:40.0686 1820 Windows directory: C:\WINDOWS
11:39:40.0686 1820 System windows directory: C:\WINDOWS
11:39:40.0686 1820 Processor architecture: Intel x86
11:39:40.0686 1820 Number of processors: 2
11:39:40.0686 1820 Page size: 0x1000
11:39:40.0686 1820 Boot type: Normal boot
11:39:40.0686 1820 ============================================================
11:39:42.0139 1820 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:39:42.0139 1820 ============================================================
11:39:42.0139 1820 \Device\Harddisk0\DR0:
11:39:42.0139 1820 MBR partitions:
11:39:42.0139 1820 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x94D75F4
11:39:42.0139 1820 ============================================================
11:39:42.0155 1820 C: <-> \Device\Harddisk0\DR0\Partition1
11:39:42.0170 1820 ============================================================
11:39:42.0170 1820 Initialize success
11:39:42.0170 1820 ============================================================
11:40:34.0155 3320 ============================================================
11:40:34.0155 3320 Scan started
11:40:34.0155 3320 Mode: Manual; TDLFS;
11:40:34.0155 3320 ============================================================
11:40:34.0264 3320 ================ Scan system memory ========================
11:40:34.0264 3320 System memory - ok
11:40:34.0264 3320 ================ Scan services =============================
11:40:34.0373 3320 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
11:40:34.0373 3320 !SASCORE - ok
11:40:34.0436 3320 Abiosdsk - ok
11:40:34.0436 3320 abp480n5 - ok
11:40:34.0452 3320 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:40:34.0452 3320 ACPI - ok
11:40:34.0467 3320 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:40:34.0467 3320 ACPIEC - ok
11:40:34.0498 3320 [ 4E6E32DF81005355056A76491D29D05C ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
11:40:34.0498 3320 ADIHdAudAddService - ok
11:40:34.0498 3320 adpu160m - ok
11:40:34.0530 3320 [ 058CDC314672A28A90566A787D9876E7 ] AEAudio C:\WINDOWS\system32\drivers\AEAudio.sys
11:40:34.0545 3320 AEAudio - ok
11:40:34.0577 3320 [ 1EE7B434BA961EF845DE136224C30FEC ] aec C:\WINDOWS\system32\drivers\aec.sys
11:40:34.0592 3320 aec - ok
11:40:34.0623 3320 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:40:34.0639 3320 AFD - ok
11:40:34.0639 3320 Aha154x - ok
11:40:34.0639 3320 aic78u2 - ok
11:40:34.0639 3320 aic78xx - ok
11:40:34.0670 3320 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:40:34.0670 3320 Alerter - ok
11:40:34.0686 3320 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
11:40:34.0686 3320 ALG - ok
11:40:34.0702 3320 AliIde - ok
11:40:34.0702 3320 amsint - ok
11:40:34.0764 3320 [ B4837FE56D76B2E9EA90E5365CF6A2BE ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
11:40:34.0764 3320 AntiVirSchedulerService - ok
11:40:34.0811 3320 [ DF5A3016052755C910A206058B4A1729 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
11:40:34.0811 3320 AntiVirService - ok
11:40:34.0889 3320 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:40:34.0889 3320 Apple Mobile Device - ok
11:40:34.0920 3320 [ 9C3C12975C97119412802B181FBEEFFE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:40:34.0936 3320 AppMgmt - ok
11:40:34.0936 3320 asc - ok
11:40:34.0936 3320 asc3350p - ok
11:40:34.0936 3320 asc3550 - ok
11:40:35.0030 3320 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:40:35.0061 3320 aspnet_state - ok
11:40:35.0077 3320 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:40:35.0092 3320 AsyncMac - ok
11:40:35.0108 3320 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:40:35.0123 3320 atapi - ok
11:40:35.0123 3320 Atdisk - ok
11:40:35.0139 3320 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:40:35.0155 3320 Atmarpc - ok
11:40:35.0170 3320 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:40:35.0186 3320 AudioSrv - ok
11:40:35.0186 3320 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:40:35.0186 3320 audstub - ok
11:40:35.0217 3320 [ 0B497C79824F8E1BF22FA6AACD3DE3A0 ] avgio C:\Program Files\Avira\AntiVir Desktop\avgio.sys
11:40:35.0233 3320 avgio - ok
11:40:35.0248 3320 [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
11:40:35.0248 3320 avgntflt - ok
11:40:35.0264 3320 [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
11:40:35.0280 3320 avipbb - ok
11:40:35.0327 3320 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:40:35.0327 3320 Beep - ok
11:40:35.0358 3320 [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS C:\WINDOWS\system32\qmgr.dll
11:40:35.0389 3320 BITS - ok
11:40:35.0452 3320 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:40:35.0452 3320 Bonjour Service - ok
11:40:35.0498 3320 [ D3FACB34FFF5DB91ADB70987838F8BA7 ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe
11:40:35.0498 3320 Brother XP spl Service - ok
11:40:35.0545 3320 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser C:\WINDOWS\System32\browser.dll
11:40:35.0561 3320 Browser - ok
11:40:35.0592 3320 [ 2FE6D5BE0629F706197B30C0AA05DE30 ] BrPar C:\WINDOWS\System32\drivers\BrPar.sys
11:40:35.0592 3320 BrPar - ok
11:40:35.0639 3320 [ 3DC7B0C7BE6164D3152513C0C208AD3B ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
11:40:35.0639 3320 btaudio - ok
11:40:35.0670 3320 [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
11:40:35.0670 3320 BTDriver - ok
11:40:35.0686 3320 [ 9F704F40CD50AE05BBFC492C0342E765 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
11:40:35.0702 3320 BTKRNL - ok
11:40:35.0780 3320 [ 7F9450547C5C1BC1FA9FD7E1059796CC ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
11:40:35.0780 3320 btwdins - ok
11:40:35.0795 3320 [ 485020A1E1FC5C51A800CA69C618D881 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
11:40:35.0811 3320 BTWDNDIS - ok
11:40:35.0827 3320 [ C51D50CF24DA69A9C499E65B0EDB3BB7 ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
11:40:35.0842 3320 btwhid - ok
11:40:35.0873 3320 [ 1166CB501E1C34750A91600579EFEAB3 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
11:40:35.0873 3320 BTWUSB - ok
11:40:35.0905 3320 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:40:35.0905 3320 cbidf2k - ok
11:40:35.0952 3320 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:40:35.0952 3320 CCDECODE - ok
11:40:35.0952 3320 cd20xrnt - ok
11:40:35.0967 3320 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:40:35.0983 3320 Cdaudio - ok
11:40:36.0014 3320 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:40:36.0014 3320 Cdfs - ok
11:40:36.0045 3320 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:40:36.0061 3320 Cdrom - ok
11:40:36.0061 3320 Changer - ok
11:40:36.0077 3320 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:40:36.0077 3320 CiSvc - ok
11:40:36.0092 3320 [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:40:36.0092 3320 ClipSrv - ok
11:40:36.0123 3320 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:40:36.0186 3320 clr_optimization_v2.0.50727_32 - ok
11:40:36.0311 3320 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:40:36.0311 3320 clr_optimization_v4.0.30319_32 - ok
11:40:36.0436 3320 [ 907324001AE25AC5959C91EAA34CABAE ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
11:40:36.0452 3320 cmdAgent - ok
11:40:36.0483 3320 [ BEE235831F8E3F0BAACA18B39D285CF5 ] cmdGuard C:\WINDOWS\system32\DRIVERS\cmdguard.sys
11:40:36.0483 3320 cmdGuard - ok
11:40:36.0498 3320 [ DE548946F36CAB62FEC2E6AA0149A619 ] cmdHlp C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
11:40:36.0498 3320 cmdHlp - ok
11:40:36.0498 3320 CmdIde - ok
11:40:36.0498 3320 COMSysApp - ok
11:40:36.0498 3320 Cpqarray - ok
11:40:36.0545 3320 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:40:36.0545 3320 CryptSvc - ok
11:40:36.0561 3320 dac2w2k - ok
11:40:36.0561 3320 dac960nt - ok
11:40:36.0608 3320 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:40:36.0608 3320 DcomLaunch - ok
11:40:36.0655 3320 [ EF545E1A4B043DA4C84E230DD471C55F ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:40:36.0655 3320 Dhcp - ok
11:40:36.0670 3320 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:40:36.0670 3320 Disk - ok
11:40:36.0670 3320 dmadmin - ok
11:40:36.0702 3320 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:40:36.0717 3320 dmboot - ok
11:40:36.0717 3320 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:40:36.0717 3320 dmio - ok
11:40:36.0748 3320 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:40:36.0748 3320 dmload - ok
11:40:36.0748 3320 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
11:40:36.0764 3320 dmserver - ok
11:40:36.0795 3320 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:40:36.0795 3320 DMusic - ok
11:40:36.0827 3320 [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:40:36.0842 3320 Dnscache - ok
11:40:36.0842 3320 dpti2o - ok
11:40:36.0842 3320 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:40:36.0842 3320 drmkaud - ok
11:40:36.0858 3320 [ 34AAA3B298A852B3663E6E0D94D12945 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
11:40:36.0858 3320 e1express - ok
11:40:36.0889 3320 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:40:36.0905 3320 ERSvc - ok
11:40:36.0936 3320 [ 37561F8D4160D62DA86D24AE41FAE8DE ] Eventlog C:\WINDOWS\system32\services.exe
11:40:36.0936 3320 Eventlog - ok
11:40:36.0983 3320 [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem C:\WINDOWS\system32\es.dll
11:40:36.0998 3320 EventSystem - ok
11:40:37.0030 3320 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:40:37.0030 3320 Fastfat - ok
11:40:37.0077 3320 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:40:37.0092 3320 FastUserSwitchingCompatibility - ok
11:40:37.0092 3320 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
11:40:37.0108 3320 Fdc - ok
11:40:37.0139 3320 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:40:37.0139 3320 Fips - ok
11:40:37.0155 3320 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
11:40:37.0155 3320 Flpydisk - ok
11:40:37.0202 3320 [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:40:37.0202 3320 FltMgr - ok
11:40:37.0248 3320 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:40:37.0264 3320 FontCache3.0.0.0 - ok
11:40:37.0280 3320 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:40:37.0280 3320 Fs_Rec - ok
11:40:37.0295 3320 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:40:37.0295 3320 Ftdisk - ok
11:40:37.0327 3320 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:40:37.0342 3320 GEARAspiWDM - ok
11:40:37.0342 3320 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:40:37.0358 3320 Gpc - ok
11:40:37.0389 3320 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:40:37.0389 3320 HDAudBus - ok
11:40:37.0436 3320 [ C865D1F6D03595DF213DC3C67E4E4C58 ] HECI C:\WINDOWS\system32\DRIVERS\HECI.sys
11:40:37.0436 3320 HECI - ok
11:40:37.0498 3320 [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:40:37.0498 3320 helpsvc - ok
11:40:37.0530 3320 [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ C:\WINDOWS\System32\hidserv.dll
11:40:37.0530 3320 HidServ - ok
11:40:37.0545 3320 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:40:37.0545 3320 HidUsb - ok
11:40:37.0545 3320 hpn - ok
11:40:37.0592 3320 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:40:37.0592 3320 HTTP - ok
11:40:37.0623 3320 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:40:37.0623 3320 HTTPFilter - ok
11:40:37.0623 3320 i2omgmt - ok
11:40:37.0623 3320 i2omp - ok
11:40:37.0655 3320 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:40:37.0655 3320 i8042prt - ok
11:40:37.0748 3320 [ CD32607F1CC8AC67224334AE123F7B98 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
11:40:37.0795 3320 ialm - ok
11:40:37.0842 3320 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
11:40:37.0842 3320 iaStor - ok
11:40:37.0905 3320 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
11:40:37.0920 3320 IDriverT - ok
11:40:37.0967 3320 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:40:38.0014 3320 idsvc - ok
11:40:38.0030 3320 [ F67554DA27D5B55EFCB6C7CB4818FBFD ] IFXTPM C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
11:40:38.0030 3320 IFXTPM - ok
11:40:38.0077 3320 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:40:38.0077 3320 Imapi - ok
11:40:38.0108 3320 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:40:38.0123 3320 ImapiService - ok
11:40:38.0123 3320 ini910u - ok
11:40:38.0139 3320 [ F89849CF13805EF49DA64A8A63193AF7 ] Inspect C:\WINDOWS\system32\DRIVERS\inspect.sys
11:40:38.0155 3320 Inspect - ok
11:40:38.0155 3320 IntelIde - ok
11:40:38.0186 3320 [ 279FB78702454DFF2BB445F238C048D2 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:40:38.0186 3320 intelppm - ok
11:40:38.0202 3320 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:40:38.0217 3320 Ip6Fw - ok
11:40:38.0233 3320 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:40:38.0233 3320 IpFilterDriver - ok
11:40:38.0248 3320 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:40:38.0248 3320 IpInIp - ok
11:40:38.0280 3320 [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:40:38.0280 3320 IpNat - ok
11:40:38.0342 3320 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:40:38.0358 3320 iPod Service - ok
11:40:38.0389 3320 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:40:38.0389 3320 IPSec - ok
11:40:38.0420 3320 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:40:38.0420 3320 IRENUM - ok
11:40:38.0436 3320 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:40:38.0436 3320 isapnp - ok
11:40:38.0452 3320 JavaQuickStarterService - ok
11:40:38.0483 3320 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:40:38.0483 3320 Kbdclass - ok
11:40:38.0514 3320 [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:40:38.0530 3320 kbdhid - ok
11:40:38.0561 3320 [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:40:38.0561 3320 kmixer - ok
11:40:38.0592 3320 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:40:38.0592 3320 KSecDD - ok
11:40:38.0623 3320 [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:40:38.0639 3320 lanmanserver - ok
11:40:38.0655 3320 [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:40:38.0655 3320 lanmanworkstation - ok
11:40:38.0655 3320 lbrtfdc - ok
11:40:38.0702 3320 [ 4DD47B5AF0B24871EBB9EFC012A7474E ] LgBttPort C:\WINDOWS\system32\DRIVERS\lgbtport.sys
11:40:38.0702 3320 LgBttPort - ok
11:40:38.0733 3320 [ 1D038CA6C529203087A990E5E97887B4 ] lgbusenum C:\WINDOWS\system32\DRIVERS\lgbtbus.sys
11:40:38.0733 3320 lgbusenum - ok
11:40:38.0764 3320 [ 26F1976A330195D62A6224C76968CF0D ] LGVMODEM C:\WINDOWS\system32\DRIVERS\lgvmodem.sys
11:40:38.0764 3320 LGVMODEM - ok
11:40:38.0764 3320 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:40:38.0780 3320 LmHosts - ok
11:40:38.0811 3320 [ 4F74184920B2D6E33024409B4C5C57C1 ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
11:40:38.0827 3320 McciCMService - ok
11:40:38.0858 3320 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
11:40:38.0858 3320 MDM - ok
11:40:38.0873 3320 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:40:38.0889 3320 Messenger - ok
11:40:38.0920 3320 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:40:38.0920 3320 mnmdd - ok
11:40:38.0952 3320 [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:40:38.0952 3320 mnmsrvc - ok
11:40:38.0967 3320 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:40:38.0967 3320 Modem - ok
11:40:38.0983 3320 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:40:38.0983 3320 Mouclass - ok
11:40:38.0998 3320 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:40:38.0998 3320 mouhid - ok
11:40:39.0014 3320 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:40:39.0014 3320 MountMgr - ok
11:40:39.0030 3320 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:40:39.0045 3320 MozillaMaintenance - ok
11:40:39.0045 3320 mraid35x - ok
11:40:39.0061 3320 [ 80B2EC735495823AE5771A5F603E73BD ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
11:40:39.0061 3320 MREMP50 - ok
11:40:39.0077 3320 MREMP50a64 - ok
11:40:39.0077 3320 MREMPR5 - ok
11:40:39.0077 3320 MRENDIS5 - ok
11:40:39.0077 3320 [ 37D7C22F7E26DA90E2D2D260E5D27846 ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
11:40:39.0092 3320 MRESP50 - ok
11:40:39.0092 3320 MRESP50a64 - ok
11:40:39.0108 3320 [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:40:39.0108 3320 MRxDAV - ok
11:40:39.0139 3320 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:40:39.0155 3320 MRxSmb - ok
11:40:39.0186 3320 [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:40:39.0186 3320 MSDTC - ok
11:40:39.0217 3320 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:40:39.0217 3320 Msfs - ok
11:40:39.0217 3320 MSIServer - ok
11:40:39.0233 3320 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:40:39.0233 3320 MSKSSRV - ok
11:40:39.0233 3320 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:40:39.0248 3320 MSPCLOCK - ok
11:40:39.0248 3320 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:40:39.0248 3320 MSPQM - ok
11:40:39.0280 3320 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:40:39.0280 3320 mssmbios - ok
11:40:39.0311 3320 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
11:40:39.0327 3320 MSTEE - ok
11:40:39.0342 3320 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:40:39.0342 3320 Mup - ok
11:40:39.0373 3320 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:40:39.0389 3320 NABTSFEC - ok
11:40:39.0405 3320 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:40:39.0405 3320 NDIS - ok
11:40:39.0436 3320 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:40:39.0436 3320 NdisIP - ok
11:40:39.0452 3320 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:40:39.0452 3320 NdisTapi - ok
11:40:39.0498 3320 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:40:39.0498 3320 Ndisuio - ok
11:40:39.0514 3320 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:40:39.0530 3320 NdisWan - ok
11:40:39.0545 3320 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:40:39.0545 3320 NDProxy - ok
11:40:39.0561 3320 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:40:39.0561 3320 NetBIOS - ok
11:40:39.0577 3320 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:40:39.0577 3320 NetBT - ok
11:40:39.0608 3320 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
11:40:39.0623 3320 NetDDE - ok
11:40:39.0623 3320 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:40:39.0623 3320 NetDDEdsdm - ok
11:40:39.0639 3320 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:40:39.0639 3320 Netlogon - ok
11:40:39.0686 3320 [ 36739B39267914BA69AD0610A0299732 ] Netman C:\WINDOWS\System32\netman.dll
11:40:39.0686 3320 Netman - ok
11:40:39.0702 3320 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:40:39.0717 3320 NetTcpPortSharing - ok
11:40:39.0748 3320 [ 097722F235A1FB698BF9234E01B52637 ] Nla C:\WINDOWS\System32\mswsock.dll
11:40:39.0764 3320 Nla - ok
11:40:39.0780 3320 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:40:39.0780 3320 Npfs - ok
11:40:39.0811 3320 [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:40:39.0827 3320 Ntfs - ok
11:40:39.0827 3320 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:40:39.0827 3320 NtLmSsp - ok
11:40:39.0858 3320 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:40:39.0873 3320 NtmsSvc - ok
11:40:39.0889 3320 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:40:39.0889 3320 Null - ok
11:40:39.0936 3320 [ 0CB5B94EA315B3CAAE5A3E03F6A4AA69 ] NWCWorkstation C:\WINDOWS\System32\nwwks.dll
11:40:39.0936 3320 NWCWorkstation - ok
11:40:39.0952 3320 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:40:39.0967 3320 NwlnkFlt - ok
11:40:39.0967 3320 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:40:39.0983 3320 NwlnkFwd - ok
11:40:39.0998 3320 [ 79EA3FCDA7067977625B3363A2657C80 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
11:40:39.0998 3320 NwlnkIpx - ok
11:40:40.0014 3320 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
11:40:40.0014 3320 NwlnkNb - ok
11:40:40.0030 3320 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
11:40:40.0030 3320 NwlnkSpx - ok
11:40:40.0045 3320 [ 3F18D9365BE71C7B2E43B7CF4A0C1A10 ] NWRDR C:\WINDOWS\system32\DRIVERS\nwrdr.sys
11:40:40.0045 3320 NWRDR - ok
11:40:40.0077 3320 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:40:40.0092 3320 ose - ok
11:40:40.0186 3320 [ 7740D31B30D20E52F3427226891A4E05 ] PanService C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
11:40:40.0186 3320 PanService - ok
11:40:40.0202 3320 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:40:40.0202 3320 Parport - ok
11:40:40.0202 3320 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:40:40.0202 3320 PartMgr - ok
11:40:40.0233 3320 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:40:40.0248 3320 ParVdm - ok
11:40:40.0311 3320 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:40:40.0311 3320 PCI - ok
11:40:40.0311 3320 PCIDump - ok
11:40:40.0311 3320 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:40:40.0311 3320 PCIIde - ok
11:40:40.0342 3320 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:40:40.0342 3320 Pcmcia - ok
11:40:40.0358 3320 PDCOMP - ok
11:40:40.0358 3320 PDFRAME - ok
11:40:40.0358 3320 PDRELI - ok
11:40:40.0358 3320 PDRFRAME - ok
11:40:40.0358 3320 perc2 - ok
11:40:40.0358 3320 perc2hib - ok
11:40:40.0389 3320 [ 37561F8D4160D62DA86D24AE41FAE8DE ] PlugPlay C:\WINDOWS\system32\services.exe
11:40:40.0389 3320 PlugPlay - ok
11:40:40.0389 3320 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:40:40.0389 3320 PolicyAgent - ok
11:40:40.0405 3320 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:40:40.0405 3320 PptpMiniport - ok
11:40:40.0405 3320 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:40:40.0420 3320 ProtectedStorage - ok
11:40:40.0452 3320 [ 64E413BA0C529AA40C3924BBCC4153DB ] ProtexisLicensing C:\WINDOWS\system32\PSIService.exe
11:40:40.0452 3320 ProtexisLicensing - ok
11:40:40.0467 3320 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:40:40.0467 3320 Ptilink - ok
11:40:40.0467 3320 ql1080 - ok
11:40:40.0467 3320 Ql10wnt - ok
11:40:40.0467 3320 ql12160 - ok
11:40:40.0467 3320 ql1240 - ok
11:40:40.0483 3320 ql1280 - ok
11:40:40.0545 3320 RapportIaso - ok
11:40:40.0561 3320 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:40:40.0561 3320 RasAcd - ok
11:40:40.0592 3320 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:40:40.0608 3320 RasAuto - ok
11:40:40.0623 3320 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:40:40.0623 3320 Rasl2tp - ok
11:40:40.0670 3320 [ 49B5EED5FB89D39456A2F616CCD8BA5D ] RasMan C:\WINDOWS\System32\rasmans.dll
11:40:40.0686 3320 RasMan - ok
11:40:40.0686 3320 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:40:40.0686 3320 RasPppoe - ok
11:40:40.0702 3320 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:40:40.0702 3320 Raspti - ok
11:40:40.0733 3320 [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:40:40.0733 3320 Rdbss - ok
11:40:40.0733 3320 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:40:40.0748 3320 RDPCDD - ok
11:40:40.0764 3320 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:40:40.0780 3320 rdpdr - ok
11:40:40.0811 3320 [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:40:40.0811 3320 RDPWD - ok
11:40:40.0842 3320 [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:40:40.0842 3320 RDSessMgr - ok
11:40:40.0873 3320 [ B31B4588E4086D8D84ADBF9845C2402B ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:40:40.0873 3320 redbook - ok
11:40:40.0905 3320 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:40:40.0905 3320 RemoteAccess - ok
11:40:40.0936 3320 [ 3151427DB7D87107D1C5BE58FAC53960 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:40:40.0936 3320 RemoteRegistry - ok
11:40:40.0983 3320 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
11:40:40.0983 3320 RimUsb - ok
11:40:41.0014 3320 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\system32\locator.exe
11:40:41.0014 3320 RpcLocator - ok
11:40:41.0045 3320 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:40:41.0045 3320 RpcSs - ok
11:40:41.0077 3320 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:40:41.0092 3320 RSVP - ok
11:40:41.0108 3320 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
11:40:41.0108 3320 SamSs - ok
11:40:41.0139 3320 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
11:40:41.0139 3320 SASDIFSV - ok
11:40:41.0155 3320 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
11:40:41.0170 3320 SASKUTIL - ok
11:40:41.0186 3320 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:40:41.0202 3320 SCardSvr - ok
11:40:41.0217 3320 [ 92360854316611F6CC471612213C3D92 ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:40:41.0233 3320 Schedule - ok
11:40:41.0264 3320 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:40:41.0280 3320 Secdrv - ok
11:40:41.0311 3320 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
11:40:41.0311 3320 seclogon - ok
11:40:41.0311 3320 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
11:40:41.0327 3320 SENS - ok
11:40:41.0327 3320 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
11:40:41.0342 3320 serenum - ok
11:40:41.0342 3320 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
11:40:41.0342 3320 Serial - ok
11:40:41.0373 3320 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:40:41.0373 3320 Sfloppy - ok
11:40:41.0389 3320 [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:40:41.0389 3320 SharedAccess - ok
11:40:41.0405 3320 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:40:41.0405 3320 ShellHWDetection - ok
11:40:41.0405 3320 Simbad - ok
11:40:41.0436 3320 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:40:41.0436 3320 SLIP - ok
11:40:41.0452 3320 Sparrow - ok
11:40:41.0467 3320 [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:40:41.0467 3320 splitter - ok
11:40:41.0514 3320 [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:40:41.0514 3320 Spooler - ok
11:40:41.0561 3320 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:40:41.0561 3320 sr - ok
11:40:41.0577 3320 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice C:\WINDOWS\system32\srsvc.dll
11:40:41.0577 3320 srservice - ok
11:40:41.0623 3320 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:40:41.0623 3320 Srv - ok
11:40:41.0655 3320 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:40:41.0670 3320 SSDPSRV - ok
11:40:41.0686 3320 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
11:40:41.0702 3320 ssmdrv - ok
11:40:41.0733 3320 [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:40:41.0748 3320 stisvc - ok
11:40:41.0780 3320 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:40:41.0780 3320 streamip - ok
11:40:41.0795 3320 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:40:41.0811 3320 swenum - ok
11:40:41.0811 3320 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:40:41.0827 3320 swmidi - ok
11:40:41.0827 3320 SwPrv - ok
11:40:41.0827 3320 symc810 - ok
11:40:41.0827 3320 symc8xx - ok
11:40:41.0827 3320 sym_hi - ok
11:40:41.0842 3320 sym_u3 - ok
11:40:41.0842 3320 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:40:41.0858 3320 sysaudio - ok
11:40:41.0873 3320 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:40:41.0889 3320 SysmonLog - ok
11:40:41.0920 3320 [ FB78839B36025AA286A51289ED28B73E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:40:41.0936 3320 TapiSrv - ok
11:40:41.0983 3320 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:40:41.0998 3320 Tcpip - ok
11:40:42.0030 3320 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:40:42.0045 3320 TDPIPE - ok
11:40:42.0045 3320 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:40:42.0045 3320 TDTCP - ok
11:40:42.0077 3320 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:40:42.0077 3320 TermDD - ok
11:40:42.0108 3320 [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService C:\WINDOWS\System32\termsrv.dll
11:40:42.0108 3320 TermService - ok
11:40:42.0123 3320 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] Themes C:\WINDOWS\System32\shsvcs.dll
11:40:42.0123 3320 Themes - ok
11:40:42.0155 3320 [ 37DB0A7D097310E8B4DE803FC3119C78 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
11:40:42.0170 3320 TlntSvr - ok
11:40:42.0170 3320 TMPassthruMP - ok
11:40:42.0170 3320 TosIde - ok
11:40:42.0202 3320 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:40:42.0202 3320 TrkWks - ok
11:40:42.0233 3320 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:40:42.0233 3320 Udfs - ok
11:40:42.0233 3320 ultra - ok
11:40:42.0264 3320 [ CED744117E91BDC0BEB810F7D8608183 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:40:42.0280 3320 Update - ok
11:40:42.0311 3320 [ ACA5D98663D879C6BAAFCEA7E2F1B710 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:40:42.0327 3320 upnphost - ok
11:40:42.0342 3320 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
11:40:42.0342 3320 UPS - ok
11:40:42.0373 3320 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
11:40:42.0389 3320 USBAAPL - ok
11:40:42.0436 3320 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
11:40:42.0436 3320 usbaudio - ok
11:40:42.0467 3320 [ 9419FAAC6552A51542DBBA02971C841C ] usbbus C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
11:40:42.0467 3320 usbbus - ok
11:40:42.0498 3320 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:40:42.0498 3320 usbccgp - ok
11:40:42.0514 3320 [ C0A466FA4FFEC464320E159BC1BBDC0C ] UsbDiag C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
11:40:42.0514 3320 UsbDiag - ok
11:40:42.0561 3320 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:40:42.0561 3320 usbehci - ok
11:40:42.0577 3320 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:40:42.0577 3320 usbhub - ok
11:40:42.0608 3320 [ F74A54774A9B0AFEB3C40ADEC68AA600 ] USBModem C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
11:40:42.0608 3320 USBModem - ok
11:40:42.0639 3320 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:40:42.0655 3320 usbprint - ok
11:40:42.0670 3320 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:40:42.0670 3320 usbscan - ok
11:40:42.0702 3320 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:40:42.0702 3320 USBSTOR - ok
11:40:42.0717 3320 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:40:42.0717 3320 usbuhci - ok
11:40:42.0748 3320 [ 8968FF3973A883C49E8B564200F565B9 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
11:40:42.0764 3320 usbvideo - ok
11:40:42.0780 3320 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:40:42.0780 3320 VgaSave - ok
11:40:42.0780 3320 ViaIde - ok
11:40:42.0795 3320 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:40:42.0795 3320 VolSnap - ok
11:40:42.0827 3320 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
11:40:42.0842 3320 VSS - ok
11:40:42.0889 3320 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time C:\WINDOWS\system32\w32time.dll
11:40:42.0905 3320 W32Time - ok
11:40:42.0905 3320 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:40:42.0905 3320 Wanarp - ok
11:40:42.0905 3320 WDICA - ok
11:40:42.0920 3320 [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:40:42.0920 3320 wdmaud - ok
11:40:42.0952 3320 [ 265F534EF76832435AFBF771EC97176D ] WebClient C:\WINDOWS\System32\webclnt.dll
11:40:42.0967 3320 WebClient - ok
11:40:43.0045 3320 [ F399242A80C4066FD155EFA4CF96658E ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:40:43.0045 3320 winmgmt - ok
11:40:43.0077 3320 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
11:40:43.0092 3320 WmdmPmSN - ok
11:40:43.0123 3320 [ 1081C185AED0660B2B5F173C3E023B23 ] Wmi C:\WINDOWS\System32\advapi32.dll
11:40:43.0123 3320 Wmi - ok
11:40:43.0170 3320 [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
11:40:43.0170 3320 WmiAcpi - ok
11:40:43.0186 3320 [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:40:43.0202 3320 WmiApSrv - ok
11:40:43.0264 3320 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
11:40:43.0295 3320 WMPNetworkSvc - ok
11:40:43.0358 3320 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:40:43.0389 3320 WPFFontCache_v0400 - ok
11:40:43.0420 3320 [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:40:43.0420 3320 wscsvc - ok
11:40:43.0452 3320 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:40:43.0452 3320 WSTCODEC - ok
11:40:43.0483 3320 [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:40:43.0498 3320 wuauserv - ok
11:40:43.0514 3320 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:40:43.0530 3320 WudfPf - ok
11:40:43.0545 3320 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:40:43.0545 3320 WudfRd - ok
11:40:43.0561 3320 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
11:40:43.0561 3320 WudfSvc - ok
11:40:43.0592 3320 [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:40:43.0592 3320 WZCSVC - ok
11:40:43.0623 3320 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:40:43.0623 3320 xmlprov - ok
11:40:43.0655 3320 ================ Scan global ===============================
11:40:43.0686 3320 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
11:40:43.0702 3320 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
11:40:43.0733 3320 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
11:40:43.0748 3320 [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\system32\services.exe
11:40:43.0748 3320 [Global] - ok
11:40:43.0748 3320 ================ Scan MBR ==================================
11:40:43.0764 3320 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
11:40:43.0952 3320 \Device\Harddisk0\DR0 - ok
11:40:43.0952 3320 ================ Scan VBR ==================================
11:40:43.0952 3320 [ 26D3791915B1F49B67201FF0D9ACD709 ] \Device\Harddisk0\DR0\Partition1
11:40:43.0952 3320 \Device\Harddisk0\DR0\Partition1 - ok
11:40:43.0952 3320 ============================================================
11:40:43.0952 3320 Scan finished
11:40:43.0952 3320 ============================================================
11:40:43.0967 0356 Detected object count: 0
11:40:43.0967 0356 Actual detected object count: 0
11:41:52.0795 2944 Deinitialize success
11:39:40.0358 1820 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
11:39:40.0686 1820 ============================================================
11:39:40.0686 1820 Current date / time: 2012/10/26 11:39:40.0686
11:39:40.0686 1820 SystemInfo:
11:39:40.0686 1820
11:39:40.0686 1820 OS Version: 5.1.2600 ServicePack: 2.0
11:39:40.0686 1820 Product type: Workstation
11:39:40.0686 1820 ComputerName: SHARON-RAS
11:39:40.0686 1820 UserName: Sharon
11:39:40.0686 1820 Windows directory: C:\WINDOWS
11:39:40.0686 1820 System windows directory: C:\WINDOWS
11:39:40.0686 1820 Processor architecture: Intel x86
11:39:40.0686 1820 Number of processors: 2
11:39:40.0686 1820 Page size: 0x1000
11:39:40.0686 1820 Boot type: Normal boot
11:39:40.0686 1820 ============================================================
11:39:42.0139 1820 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:39:42.0139 1820 ============================================================
11:39:42.0139 1820 \Device\Harddisk0\DR0:
11:39:42.0139 1820 MBR partitions:
11:39:42.0139 1820 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x94D75F4
11:39:42.0139 1820 ============================================================
11:39:42.0155 1820 C: <-> \Device\Harddisk0\DR0\Partition1
11:39:42.0170 1820 ============================================================
11:39:42.0170 1820 Initialize success
11:39:42.0170 1820 ============================================================
11:40:34.0155 3320 ============================================================
11:40:34.0155 3320 Scan started
11:40:34.0155 3320 Mode: Manual; TDLFS;
11:40:34.0155 3320 ============================================================
11:40:34.0264 3320 ================ Scan system memory ========================
11:40:34.0264 3320 System memory - ok
11:40:34.0264 3320 ================ Scan services =============================
11:40:34.0373 3320 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
11:40:34.0373 3320 !SASCORE - ok
11:40:34.0436 3320 Abiosdsk - ok
11:40:34.0436 3320 abp480n5 - ok
11:40:34.0452 3320 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:40:34.0452 3320 ACPI - ok
11:40:34.0467 3320 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:40:34.0467 3320 ACPIEC - ok
11:40:34.0498 3320 [ 4E6E32DF81005355056A76491D29D05C ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
11:40:34.0498 3320 ADIHdAudAddService - ok
11:40:34.0498 3320 adpu160m - ok
11:40:34.0530 3320 [ 058CDC314672A28A90566A787D9876E7 ] AEAudio C:\WINDOWS\system32\drivers\AEAudio.sys
11:40:34.0545 3320 AEAudio - ok
11:40:34.0577 3320 [ 1EE7B434BA961EF845DE136224C30FEC ] aec C:\WINDOWS\system32\drivers\aec.sys
11:40:34.0592 3320 aec - ok
11:40:34.0623 3320 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:40:34.0639 3320 AFD - ok
11:40:34.0639 3320 Aha154x - ok
11:40:34.0639 3320 aic78u2 - ok
11:40:34.0639 3320 aic78xx - ok
11:40:34.0670 3320 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:40:34.0670 3320 Alerter - ok
11:40:34.0686 3320 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
11:40:34.0686 3320 ALG - ok
11:40:34.0702 3320 AliIde - ok
11:40:34.0702 3320 amsint - ok
11:40:34.0764 3320 [ B4837FE56D76B2E9EA90E5365CF6A2BE ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
11:40:34.0764 3320 AntiVirSchedulerService - ok
11:40:34.0811 3320 [ DF5A3016052755C910A206058B4A1729 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
11:40:34.0811 3320 AntiVirService - ok
11:40:34.0889 3320 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:40:34.0889 3320 Apple Mobile Device - ok
11:40:34.0920 3320 [ 9C3C12975C97119412802B181FBEEFFE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:40:34.0936 3320 AppMgmt - ok
11:40:34.0936 3320 asc - ok
11:40:34.0936 3320 asc3350p - ok
11:40:34.0936 3320 asc3550 - ok
11:40:35.0030 3320 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:40:35.0061 3320 aspnet_state - ok
11:40:35.0077 3320 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:40:35.0092 3320 AsyncMac - ok
11:40:35.0108 3320 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:40:35.0123 3320 atapi - ok
11:40:35.0123 3320 Atdisk - ok
11:40:35.0139 3320 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:40:35.0155 3320 Atmarpc - ok
11:40:35.0170 3320 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:40:35.0186 3320 AudioSrv - ok
11:40:35.0186 3320 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:40:35.0186 3320 audstub - ok
11:40:35.0217 3320 [ 0B497C79824F8E1BF22FA6AACD3DE3A0 ] avgio C:\Program Files\Avira\AntiVir Desktop\avgio.sys
11:40:35.0233 3320 avgio - ok
11:40:35.0248 3320 [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
11:40:35.0248 3320 avgntflt - ok
11:40:35.0264 3320 [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
11:40:35.0280 3320 avipbb - ok
11:40:35.0327 3320 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:40:35.0327 3320 Beep - ok
11:40:35.0358 3320 [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS C:\WINDOWS\system32\qmgr.dll
11:40:35.0389 3320 BITS - ok
11:40:35.0452 3320 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:40:35.0452 3320 Bonjour Service - ok
11:40:35.0498 3320 [ D3FACB34FFF5DB91ADB70987838F8BA7 ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe
11:40:35.0498 3320 Brother XP spl Service - ok
11:40:35.0545 3320 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser C:\WINDOWS\System32\browser.dll
11:40:35.0561 3320 Browser - ok
11:40:35.0592 3320 [ 2FE6D5BE0629F706197B30C0AA05DE30 ] BrPar C:\WINDOWS\System32\drivers\BrPar.sys
11:40:35.0592 3320 BrPar - ok
11:40:35.0639 3320 [ 3DC7B0C7BE6164D3152513C0C208AD3B ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
11:40:35.0639 3320 btaudio - ok
11:40:35.0670 3320 [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
11:40:35.0670 3320 BTDriver - ok
11:40:35.0686 3320 [ 9F704F40CD50AE05BBFC492C0342E765 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
11:40:35.0702 3320 BTKRNL - ok
11:40:35.0780 3320 [ 7F9450547C5C1BC1FA9FD7E1059796CC ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
11:40:35.0780 3320 btwdins - ok
11:40:35.0795 3320 [ 485020A1E1FC5C51A800CA69C618D881 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
11:40:35.0811 3320 BTWDNDIS - ok
11:40:35.0827 3320 [ C51D50CF24DA69A9C499E65B0EDB3BB7 ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
11:40:35.0842 3320 btwhid - ok
11:40:35.0873 3320 [ 1166CB501E1C34750A91600579EFEAB3 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
11:40:35.0873 3320 BTWUSB - ok
11:40:35.0905 3320 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:40:35.0905 3320 cbidf2k - ok
11:40:35.0952 3320 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:40:35.0952 3320 CCDECODE - ok
11:40:35.0952 3320 cd20xrnt - ok
11:40:35.0967 3320 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:40:35.0983 3320 Cdaudio - ok
11:40:36.0014 3320 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:40:36.0014 3320 Cdfs - ok
11:40:36.0045 3320 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:40:36.0061 3320 Cdrom - ok
11:40:36.0061 3320 Changer - ok
11:40:36.0077 3320 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:40:36.0077 3320 CiSvc - ok
11:40:36.0092 3320 [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:40:36.0092 3320 ClipSrv - ok
11:40:36.0123 3320 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:40:36.0186 3320 clr_optimization_v2.0.50727_32 - ok
11:40:36.0311 3320 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:40:36.0311 3320 clr_optimization_v4.0.30319_32 - ok
11:40:36.0436 3320 [ 907324001AE25AC5959C91EAA34CABAE ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
11:40:36.0452 3320 cmdAgent - ok
11:40:36.0483 3320 [ BEE235831F8E3F0BAACA18B39D285CF5 ] cmdGuard C:\WINDOWS\system32\DRIVERS\cmdguard.sys
11:40:36.0483 3320 cmdGuard - ok
11:40:36.0498 3320 [ DE548946F36CAB62FEC2E6AA0149A619 ] cmdHlp C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
11:40:36.0498 3320 cmdHlp - ok
11:40:36.0498 3320 CmdIde - ok
11:40:36.0498 3320 COMSysApp - ok
11:40:36.0498 3320 Cpqarray - ok
11:40:36.0545 3320 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:40:36.0545 3320 CryptSvc - ok
11:40:36.0561 3320 dac2w2k - ok
11:40:36.0561 3320 dac960nt - ok
11:40:36.0608 3320 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:40:36.0608 3320 DcomLaunch - ok
11:40:36.0655 3320 [ EF545E1A4B043DA4C84E230DD471C55F ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:40:36.0655 3320 Dhcp - ok
11:40:36.0670 3320 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:40:36.0670 3320 Disk - ok
11:40:36.0670 3320 dmadmin - ok
11:40:36.0702 3320 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:40:36.0717 3320 dmboot - ok
11:40:36.0717 3320 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:40:36.0717 3320 dmio - ok
11:40:36.0748 3320 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:40:36.0748 3320 dmload - ok
11:40:36.0748 3320 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
11:40:36.0764 3320 dmserver - ok
11:40:36.0795 3320 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:40:36.0795 3320 DMusic - ok
11:40:36.0827 3320 [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:40:36.0842 3320 Dnscache - ok
11:40:36.0842 3320 dpti2o - ok
11:40:36.0842 3320 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:40:36.0842 3320 drmkaud - ok
11:40:36.0858 3320 [ 34AAA3B298A852B3663E6E0D94D12945 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
11:40:36.0858 3320 e1express - ok
11:40:36.0889 3320 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:40:36.0905 3320 ERSvc - ok
11:40:36.0936 3320 [ 37561F8D4160D62DA86D24AE41FAE8DE ] Eventlog C:\WINDOWS\system32\services.exe
11:40:36.0936 3320 Eventlog - ok
11:40:36.0983 3320 [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem C:\WINDOWS\system32\es.dll
11:40:36.0998 3320 EventSystem - ok
11:40:37.0030 3320 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:40:37.0030 3320 Fastfat - ok
11:40:37.0077 3320 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:40:37.0092 3320 FastUserSwitchingCompatibility - ok
11:40:37.0092 3320 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
11:40:37.0108 3320 Fdc - ok
11:40:37.0139 3320 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:40:37.0139 3320 Fips - ok
11:40:37.0155 3320 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
11:40:37.0155 3320 Flpydisk - ok
11:40:37.0202 3320 [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:40:37.0202 3320 FltMgr - ok
11:40:37.0248 3320 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:40:37.0264 3320 FontCache3.0.0.0 - ok
11:40:37.0280 3320 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:40:37.0280 3320 Fs_Rec - ok
11:40:37.0295 3320 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:40:37.0295 3320 Ftdisk - ok
11:40:37.0327 3320 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:40:37.0342 3320 GEARAspiWDM - ok
11:40:37.0342 3320 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:40:37.0358 3320 Gpc - ok
11:40:37.0389 3320 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:40:37.0389 3320 HDAudBus - ok
11:40:37.0436 3320 [ C865D1F6D03595DF213DC3C67E4E4C58 ] HECI C:\WINDOWS\system32\DRIVERS\HECI.sys
11:40:37.0436 3320 HECI - ok
11:40:37.0498 3320 [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:40:37.0498 3320 helpsvc - ok
11:40:37.0530 3320 [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ C:\WINDOWS\System32\hidserv.dll
11:40:37.0530 3320 HidServ - ok
11:40:37.0545 3320 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:40:37.0545 3320 HidUsb - ok
11:40:37.0545 3320 hpn - ok
11:40:37.0592 3320 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:40:37.0592 3320 HTTP - ok
11:40:37.0623 3320 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:40:37.0623 3320 HTTPFilter - ok
11:40:37.0623 3320 i2omgmt - ok
11:40:37.0623 3320 i2omp - ok
11:40:37.0655 3320 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:40:37.0655 3320 i8042prt - ok
11:40:37.0748 3320 [ CD32607F1CC8AC67224334AE123F7B98 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
11:40:37.0795 3320 ialm - ok
11:40:37.0842 3320 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
11:40:37.0842 3320 iaStor - ok
11:40:37.0905 3320 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
11:40:37.0920 3320 IDriverT - ok
11:40:37.0967 3320 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:40:38.0014 3320 idsvc - ok
11:40:38.0030 3320 [ F67554DA27D5B55EFCB6C7CB4818FBFD ] IFXTPM C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
11:40:38.0030 3320 IFXTPM - ok
11:40:38.0077 3320 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:40:38.0077 3320 Imapi - ok
11:40:38.0108 3320 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:40:38.0123 3320 ImapiService - ok
11:40:38.0123 3320 ini910u - ok
11:40:38.0139 3320 [ F89849CF13805EF49DA64A8A63193AF7 ] Inspect C:\WINDOWS\system32\DRIVERS\inspect.sys
11:40:38.0155 3320 Inspect - ok
11:40:38.0155 3320 IntelIde - ok
11:40:38.0186 3320 [ 279FB78702454DFF2BB445F238C048D2 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:40:38.0186 3320 intelppm - ok
11:40:38.0202 3320 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:40:38.0217 3320 Ip6Fw - ok
11:40:38.0233 3320 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:40:38.0233 3320 IpFilterDriver - ok
11:40:38.0248 3320 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:40:38.0248 3320 IpInIp - ok
11:40:38.0280 3320 [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:40:38.0280 3320 IpNat - ok
11:40:38.0342 3320 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:40:38.0358 3320 iPod Service - ok
11:40:38.0389 3320 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:40:38.0389 3320 IPSec - ok
11:40:38.0420 3320 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:40:38.0420 3320 IRENUM - ok
11:40:38.0436 3320 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:40:38.0436 3320 isapnp - ok
11:40:38.0452 3320 JavaQuickStarterService - ok
11:40:38.0483 3320 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:40:38.0483 3320 Kbdclass - ok
11:40:38.0514 3320 [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:40:38.0530 3320 kbdhid - ok
11:40:38.0561 3320 [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:40:38.0561 3320 kmixer - ok
11:40:38.0592 3320 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:40:38.0592 3320 KSecDD - ok
11:40:38.0623 3320 [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:40:38.0639 3320 lanmanserver - ok
11:40:38.0655 3320 [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:40:38.0655 3320 lanmanworkstation - ok
11:40:38.0655 3320 lbrtfdc - ok
11:40:38.0702 3320 [ 4DD47B5AF0B24871EBB9EFC012A7474E ] LgBttPort C:\WINDOWS\system32\DRIVERS\lgbtport.sys
11:40:38.0702 3320 LgBttPort - ok
11:40:38.0733 3320 [ 1D038CA6C529203087A990E5E97887B4 ] lgbusenum C:\WINDOWS\system32\DRIVERS\lgbtbus.sys
11:40:38.0733 3320 lgbusenum - ok
11:40:38.0764 3320 [ 26F1976A330195D62A6224C76968CF0D ] LGVMODEM C:\WINDOWS\system32\DRIVERS\lgvmodem.sys
11:40:38.0764 3320 LGVMODEM - ok
11:40:38.0764 3320 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:40:38.0780 3320 LmHosts - ok
11:40:38.0811 3320 [ 4F74184920B2D6E33024409B4C5C57C1 ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
11:40:38.0827 3320 McciCMService - ok
11:40:38.0858 3320 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
11:40:38.0858 3320 MDM - ok
11:40:38.0873 3320 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:40:38.0889 3320 Messenger - ok
11:40:38.0920 3320 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:40:38.0920 3320 mnmdd - ok
11:40:38.0952 3320 [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:40:38.0952 3320 mnmsrvc - ok
11:40:38.0967 3320 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:40:38.0967 3320 Modem - ok
11:40:38.0983 3320 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:40:38.0983 3320 Mouclass - ok
11:40:38.0998 3320 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:40:38.0998 3320 mouhid - ok
11:40:39.0014 3320 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:40:39.0014 3320 MountMgr - ok
11:40:39.0030 3320 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:40:39.0045 3320 MozillaMaintenance - ok
11:40:39.0045 3320 mraid35x - ok
11:40:39.0061 3320 [ 80B2EC735495823AE5771A5F603E73BD ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
11:40:39.0061 3320 MREMP50 - ok
11:40:39.0077 3320 MREMP50a64 - ok
11:40:39.0077 3320 MREMPR5 - ok
11:40:39.0077 3320 MRENDIS5 - ok
11:40:39.0077 3320 [ 37D7C22F7E26DA90E2D2D260E5D27846 ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
11:40:39.0092 3320 MRESP50 - ok
11:40:39.0092 3320 MRESP50a64 - ok
11:40:39.0108 3320 [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:40:39.0108 3320 MRxDAV - ok
11:40:39.0139 3320 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:40:39.0155 3320 MRxSmb - ok
11:40:39.0186 3320 [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:40:39.0186 3320 MSDTC - ok
11:40:39.0217 3320 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:40:39.0217 3320 Msfs - ok
11:40:39.0217 3320 MSIServer - ok
11:40:39.0233 3320 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:40:39.0233 3320 MSKSSRV - ok
11:40:39.0233 3320 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:40:39.0248 3320 MSPCLOCK - ok
11:40:39.0248 3320 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:40:39.0248 3320 MSPQM - ok
11:40:39.0280 3320 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:40:39.0280 3320 mssmbios - ok
11:40:39.0311 3320 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
11:40:39.0327 3320 MSTEE - ok
11:40:39.0342 3320 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:40:39.0342 3320 Mup - ok
11:40:39.0373 3320 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:40:39.0389 3320 NABTSFEC - ok
11:40:39.0405 3320 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:40:39.0405 3320 NDIS - ok
11:40:39.0436 3320 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:40:39.0436 3320 NdisIP - ok
11:40:39.0452 3320 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:40:39.0452 3320 NdisTapi - ok
11:40:39.0498 3320 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:40:39.0498 3320 Ndisuio - ok
11:40:39.0514 3320 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:40:39.0530 3320 NdisWan - ok
11:40:39.0545 3320 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:40:39.0545 3320 NDProxy - ok
11:40:39.0561 3320 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:40:39.0561 3320 NetBIOS - ok
11:40:39.0577 3320 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:40:39.0577 3320 NetBT - ok
11:40:39.0608 3320 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
11:40:39.0623 3320 NetDDE - ok
11:40:39.0623 3320 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:40:39.0623 3320 NetDDEdsdm - ok
11:40:39.0639 3320 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:40:39.0639 3320 Netlogon - ok
11:40:39.0686 3320 [ 36739B39267914BA69AD0610A0299732 ] Netman C:\WINDOWS\System32\netman.dll
11:40:39.0686 3320 Netman - ok
11:40:39.0702 3320 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:40:39.0717 3320 NetTcpPortSharing - ok
11:40:39.0748 3320 [ 097722F235A1FB698BF9234E01B52637 ] Nla C:\WINDOWS\System32\mswsock.dll
11:40:39.0764 3320 Nla - ok
11:40:39.0780 3320 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:40:39.0780 3320 Npfs - ok
11:40:39.0811 3320 [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:40:39.0827 3320 Ntfs - ok
11:40:39.0827 3320 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:40:39.0827 3320 NtLmSsp - ok
11:40:39.0858 3320 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:40:39.0873 3320 NtmsSvc - ok
11:40:39.0889 3320 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:40:39.0889 3320 Null - ok
11:40:39.0936 3320 [ 0CB5B94EA315B3CAAE5A3E03F6A4AA69 ] NWCWorkstation C:\WINDOWS\System32\nwwks.dll
11:40:39.0936 3320 NWCWorkstation - ok
11:40:39.0952 3320 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:40:39.0967 3320 NwlnkFlt - ok
11:40:39.0967 3320 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:40:39.0983 3320 NwlnkFwd - ok
11:40:39.0998 3320 [ 79EA3FCDA7067977625B3363A2657C80 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
11:40:39.0998 3320 NwlnkIpx - ok
11:40:40.0014 3320 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
11:40:40.0014 3320 NwlnkNb - ok
11:40:40.0030 3320 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
11:40:40.0030 3320 NwlnkSpx - ok
11:40:40.0045 3320 [ 3F18D9365BE71C7B2E43B7CF4A0C1A10 ] NWRDR C:\WINDOWS\system32\DRIVERS\nwrdr.sys
11:40:40.0045 3320 NWRDR - ok
11:40:40.0077 3320 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:40:40.0092 3320 ose - ok
11:40:40.0186 3320 [ 7740D31B30D20E52F3427226891A4E05 ] PanService C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
11:40:40.0186 3320 PanService - ok
11:40:40.0202 3320 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:40:40.0202 3320 Parport - ok
11:40:40.0202 3320 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:40:40.0202 3320 PartMgr - ok
11:40:40.0233 3320 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:40:40.0248 3320 ParVdm - ok
11:40:40.0311 3320 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:40:40.0311 3320 PCI - ok
11:40:40.0311 3320 PCIDump - ok
11:40:40.0311 3320 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:40:40.0311 3320 PCIIde - ok
11:40:40.0342 3320 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:40:40.0342 3320 Pcmcia - ok
11:40:40.0358 3320 PDCOMP - ok
11:40:40.0358 3320 PDFRAME - ok
11:40:40.0358 3320 PDRELI - ok
11:40:40.0358 3320 PDRFRAME - ok
11:40:40.0358 3320 perc2 - ok
11:40:40.0358 3320 perc2hib - ok
11:40:40.0389 3320 [ 37561F8D4160D62DA86D24AE41FAE8DE ] PlugPlay C:\WINDOWS\system32\services.exe
11:40:40.0389 3320 PlugPlay - ok
11:40:40.0389 3320 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:40:40.0389 3320 PolicyAgent - ok
11:40:40.0405 3320 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:40:40.0405 3320 PptpMiniport - ok
11:40:40.0405 3320 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:40:40.0420 3320 ProtectedStorage - ok
11:40:40.0452 3320 [ 64E413BA0C529AA40C3924BBCC4153DB ] ProtexisLicensing C:\WINDOWS\system32\PSIService.exe
11:40:40.0452 3320 ProtexisLicensing - ok
11:40:40.0467 3320 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:40:40.0467 3320 Ptilink - ok
11:40:40.0467 3320 ql1080 - ok
11:40:40.0467 3320 Ql10wnt - ok
11:40:40.0467 3320 ql12160 - ok
11:40:40.0467 3320 ql1240 - ok
11:40:40.0483 3320 ql1280 - ok
11:40:40.0545 3320 RapportIaso - ok
11:40:40.0561 3320 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:40:40.0561 3320 RasAcd - ok
11:40:40.0592 3320 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:40:40.0608 3320 RasAuto - ok
11:40:40.0623 3320 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:40:40.0623 3320 Rasl2tp - ok
11:40:40.0670 3320 [ 49B5EED5FB89D39456A2F616CCD8BA5D ] RasMan C:\WINDOWS\System32\rasmans.dll
11:40:40.0686 3320 RasMan - ok
11:40:40.0686 3320 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:40:40.0686 3320 RasPppoe - ok
11:40:40.0702 3320 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:40:40.0702 3320 Raspti - ok
11:40:40.0733 3320 [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:40:40.0733 3320 Rdbss - ok
11:40:40.0733 3320 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:40:40.0748 3320 RDPCDD - ok
11:40:40.0764 3320 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:40:40.0780 3320 rdpdr - ok
11:40:40.0811 3320 [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:40:40.0811 3320 RDPWD - ok
11:40:40.0842 3320 [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:40:40.0842 3320 RDSessMgr - ok
11:40:40.0873 3320 [ B31B4588E4086D8D84ADBF9845C2402B ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:40:40.0873 3320 redbook - ok
11:40:40.0905 3320 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:40:40.0905 3320 RemoteAccess - ok
11:40:40.0936 3320 [ 3151427DB7D87107D1C5BE58FAC53960 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:40:40.0936 3320 RemoteRegistry - ok
11:40:40.0983 3320 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
11:40:40.0983 3320 RimUsb - ok
11:40:41.0014 3320 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\system32\locator.exe
11:40:41.0014 3320 RpcLocator - ok
11:40:41.0045 3320 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:40:41.0045 3320 RpcSs - ok
11:40:41.0077 3320 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:40:41.0092 3320 RSVP - ok
11:40:41.0108 3320 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
11:40:41.0108 3320 SamSs - ok
11:40:41.0139 3320 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
11:40:41.0139 3320 SASDIFSV - ok
11:40:41.0155 3320 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
11:40:41.0170 3320 SASKUTIL - ok
11:40:41.0186 3320 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:40:41.0202 3320 SCardSvr - ok
11:40:41.0217 3320 [ 92360854316611F6CC471612213C3D92 ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:40:41.0233 3320 Schedule - ok
11:40:41.0264 3320 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:40:41.0280 3320 Secdrv - ok
11:40:41.0311 3320 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
11:40:41.0311 3320 seclogon - ok
11:40:41.0311 3320 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
11:40:41.0327 3320 SENS - ok
11:40:41.0327 3320 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
11:40:41.0342 3320 serenum - ok
11:40:41.0342 3320 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
11:40:41.0342 3320 Serial - ok
11:40:41.0373 3320 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:40:41.0373 3320 Sfloppy - ok
11:40:41.0389 3320 [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:40:41.0389 3320 SharedAccess - ok
11:40:41.0405 3320 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:40:41.0405 3320 ShellHWDetection - ok
11:40:41.0405 3320 Simbad - ok
11:40:41.0436 3320 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:40:41.0436 3320 SLIP - ok
11:40:41.0452 3320 Sparrow - ok
11:40:41.0467 3320 [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:40:41.0467 3320 splitter - ok
11:40:41.0514 3320 [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:40:41.0514 3320 Spooler - ok
11:40:41.0561 3320 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:40:41.0561 3320 sr - ok
11:40:41.0577 3320 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice C:\WINDOWS\system32\srsvc.dll
11:40:41.0577 3320 srservice - ok
11:40:41.0623 3320 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:40:41.0623 3320 Srv - ok
11:40:41.0655 3320 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:40:41.0670 3320 SSDPSRV - ok
11:40:41.0686 3320 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
11:40:41.0702 3320 ssmdrv - ok
11:40:41.0733 3320 [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:40:41.0748 3320 stisvc - ok
11:40:41.0780 3320 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:40:41.0780 3320 streamip - ok
11:40:41.0795 3320 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:40:41.0811 3320 swenum - ok
11:40:41.0811 3320 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:40:41.0827 3320 swmidi - ok
11:40:41.0827 3320 SwPrv - ok
11:40:41.0827 3320 symc810 - ok
11:40:41.0827 3320 symc8xx - ok
11:40:41.0827 3320 sym_hi - ok
11:40:41.0842 3320 sym_u3 - ok
11:40:41.0842 3320 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:40:41.0858 3320 sysaudio - ok
11:40:41.0873 3320 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:40:41.0889 3320 SysmonLog - ok
11:40:41.0920 3320 [ FB78839B36025AA286A51289ED28B73E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:40:41.0936 3320 TapiSrv - ok
11:40:41.0983 3320 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:40:41.0998 3320 Tcpip - ok
11:40:42.0030 3320 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:40:42.0045 3320 TDPIPE - ok
11:40:42.0045 3320 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:40:42.0045 3320 TDTCP - ok
11:40:42.0077 3320 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:40:42.0077 3320 TermDD - ok
11:40:42.0108 3320 [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService C:\WINDOWS\System32\termsrv.dll
11:40:42.0108 3320 TermService - ok
11:40:42.0123 3320 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] Themes C:\WINDOWS\System32\shsvcs.dll
11:40:42.0123 3320 Themes - ok
11:40:42.0155 3320 [ 37DB0A7D097310E8B4DE803FC3119C78 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
11:40:42.0170 3320 TlntSvr - ok
11:40:42.0170 3320 TMPassthruMP - ok
11:40:42.0170 3320 TosIde - ok
11:40:42.0202 3320 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:40:42.0202 3320 TrkWks - ok
11:40:42.0233 3320 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:40:42.0233 3320 Udfs - ok
11:40:42.0233 3320 ultra - ok
11:40:42.0264 3320 [ CED744117E91BDC0BEB810F7D8608183 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:40:42.0280 3320 Update - ok
11:40:42.0311 3320 [ ACA5D98663D879C6BAAFCEA7E2F1B710 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:40:42.0327 3320 upnphost - ok
11:40:42.0342 3320 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
11:40:42.0342 3320 UPS - ok
11:40:42.0373 3320 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
11:40:42.0389 3320 USBAAPL - ok
11:40:42.0436 3320 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
11:40:42.0436 3320 usbaudio - ok
11:40:42.0467 3320 [ 9419FAAC6552A51542DBBA02971C841C ] usbbus C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
11:40:42.0467 3320 usbbus - ok
11:40:42.0498 3320 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:40:42.0498 3320 usbccgp - ok
11:40:42.0514 3320 [ C0A466FA4FFEC464320E159BC1BBDC0C ] UsbDiag C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
11:40:42.0514 3320 UsbDiag - ok
11:40:42.0561 3320 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:40:42.0561 3320 usbehci - ok
11:40:42.0577 3320 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:40:42.0577 3320 usbhub - ok
11:40:42.0608 3320 [ F74A54774A9B0AFEB3C40ADEC68AA600 ] USBModem C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
11:40:42.0608 3320 USBModem - ok
11:40:42.0639 3320 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:40:42.0655 3320 usbprint - ok
11:40:42.0670 3320 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:40:42.0670 3320 usbscan - ok
11:40:42.0702 3320 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:40:42.0702 3320 USBSTOR - ok
11:40:42.0717 3320 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:40:42.0717 3320 usbuhci - ok
11:40:42.0748 3320 [ 8968FF3973A883C49E8B564200F565B9 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
11:40:42.0764 3320 usbvideo - ok
11:40:42.0780 3320 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:40:42.0780 3320 VgaSave - ok
11:40:42.0780 3320 ViaIde - ok
11:40:42.0795 3320 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:40:42.0795 3320 VolSnap - ok
11:40:42.0827 3320 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
11:40:42.0842 3320 VSS - ok
11:40:42.0889 3320 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time C:\WINDOWS\system32\w32time.dll
11:40:42.0905 3320 W32Time - ok
11:40:42.0905 3320 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:40:42.0905 3320 Wanarp - ok
11:40:42.0905 3320 WDICA - ok
11:40:42.0920 3320 [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:40:42.0920 3320 wdmaud - ok
11:40:42.0952 3320 [ 265F534EF76832435AFBF771EC97176D ] WebClient C:\WINDOWS\System32\webclnt.dll
11:40:42.0967 3320 WebClient - ok
11:40:43.0045 3320 [ F399242A80C4066FD155EFA4CF96658E ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:40:43.0045 3320 winmgmt - ok
11:40:43.0077 3320 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
11:40:43.0092 3320 WmdmPmSN - ok
11:40:43.0123 3320 [ 1081C185AED0660B2B5F173C3E023B23 ] Wmi C:\WINDOWS\System32\advapi32.dll
11:40:43.0123 3320 Wmi - ok
11:40:43.0170 3320 [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
11:40:43.0170 3320 WmiAcpi - ok
11:40:43.0186 3320 [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:40:43.0202 3320 WmiApSrv - ok
11:40:43.0264 3320 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
11:40:43.0295 3320 WMPNetworkSvc - ok
11:40:43.0358 3320 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:40:43.0389 3320 WPFFontCache_v0400 - ok
11:40:43.0420 3320 [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:40:43.0420 3320 wscsvc - ok
11:40:43.0452 3320 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:40:43.0452 3320 WSTCODEC - ok
11:40:43.0483 3320 [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:40:43.0498 3320 wuauserv - ok
11:40:43.0514 3320 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:40:43.0530 3320 WudfPf - ok
11:40:43.0545 3320 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:40:43.0545 3320 WudfRd - ok
11:40:43.0561 3320 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
11:40:43.0561 3320 WudfSvc - ok
11:40:43.0592 3320 [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:40:43.0592 3320 WZCSVC - ok
11:40:43.0623 3320 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:40:43.0623 3320 xmlprov - ok
11:40:43.0655 3320 ================ Scan global ===============================
11:40:43.0686 3320 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
11:40:43.0702 3320 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
11:40:43.0733 3320 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
11:40:43.0748 3320 [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\system32\services.exe
11:40:43.0748 3320 [Global] - ok
11:40:43.0748 3320 ================ Scan MBR ==================================
11:40:43.0764 3320 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
11:40:43.0952 3320 \Device\Harddisk0\DR0 - ok
11:40:43.0952 3320 ================ Scan VBR ==================================
11:40:43.0952 3320 [ 26D3791915B1F49B67201FF0D9ACD709 ] \Device\Harddisk0\DR0\Partition1
11:40:43.0952 3320 \Device\Harddisk0\DR0\Partition1 - ok
11:40:43.0952 3320 ============================================================
11:40:43.0952 3320 Scan finished
11:40:43.0952 3320 ============================================================
11:40:43.0967 0356 Detected object count: 0
11:40:43.0967 0356 Actual detected object count: 0
11:41:52.0795 2944 Deinitialize success
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=a8b7a5a8485ebd46a5fe0f63a2162426
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-26 07:21:31
# local_time=2012-10-26 12:21:31 (-0800, Pacific Daylight Time)
# country="Canada"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1797 16775125 100 93 0 87695822 0 0
# compatibility_mode=3073 16777213 80 71 18755499 26874093 0 0
# compatibility_mode=6912 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=52664
# found=0
# cleaned=0
# scan_time=1229

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:44 AM

Posted 26 October 2012 - 06:14 PM

ASWMBR log?

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#8 hunnybunny

hunnybunny
  • Topic Starter

  • Members
  • 196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:44 AM

Posted 26 October 2012 - 06:34 PM

ASWMBR log?

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


I currently have MBAM installed - can I not update and use this?

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:44 AM

Posted 26 October 2012 - 06:36 PM

Yes you can

#10 hunnybunny

hunnybunny
  • Topic Starter

  • Members
  • 196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:44 AM

Posted 26 October 2012 - 06:38 PM

ok

#11 hunnybunny

hunnybunny
  • Topic Starter

  • Members
  • 196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:44 AM

Posted 26 October 2012 - 08:25 PM

ok

will post all logs tomorrow.

#12 hunnybunny

hunnybunny
  • Topic Starter

  • Members
  • 196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:44 AM

Posted 27 October 2012 - 01:02 PM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.26.13

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
Sharon :: [administrator]

26/10/2012 4:39:04 PM
mbam-log-2012-10-26 (16-39-04).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 291399
Time elapsed: 41 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)
MiniToolBox by Farbar Version: 23-07-2012
Ran by Sharon (administrator) on 26-10-2012 at 17:31:09
Microsoft Windows XP Professional Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15131 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® 82566DM Gigabit Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . :

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : canaccord.com



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® 82566DM Gigabit Network Connection

Physical Address. . . . . . . . . : 00-1E-0B-A2-21-B9

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 207.6.210.35

Subnet Mask . . . . . . . . . . . : 255.255.252.0

Default Gateway . . . . . . . . . : 207.6.208.254

DHCP Server . . . . . . . . . . . : 207.6.208.254

DNS Servers . . . . . . . . . . . : 75.153.176.9

75.153.176.1

Lease Obtained. . . . . . . . . . : October 26, 2012 5:17:31 PM

Lease Expires . . . . . . . . . . : October 26, 2012 7:17:31 PM

Server: ns2.dns.telus.com
Address: 75.153.176.9

Name: google.com
Addresses: 173.194.33.8, 173.194.33.5, 173.194.33.14, 173.194.33.1
173.194.33.3, 173.194.33.4, 173.194.33.0, 173.194.33.9, 173.194.33.2
173.194.33.6, 173.194.33.7



Pinging google.com [173.194.33.4] with 32 bytes of data:



Reply from 173.194.33.4: bytes=32 time=32ms TTL=58

Reply from 173.194.33.4: bytes=32 time=32ms TTL=58



Ping statistics for 173.194.33.4:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 32ms, Maximum = 32ms, Average = 32ms

Server: ns2.dns.telus.com
Address: 75.153.176.9

Name: yahoo.com
Addresses: 98.139.183.24, 98.138.253.109, 72.30.38.140



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=3916ms TTL=51

Reply from 98.139.183.24: bytes=32 time=115ms TTL=51



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 115ms, Maximum = 3916ms, Average = 2015ms

Server: ns2.dns.telus.com
Address: 75.153.176.9

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 1e 0b a2 21 b9 ...... Intel® 82566DM Gigabit Network Connection
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 207.6.208.254 207.6.210.35 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 207.6.210.35 207.6.210.35 20
207.6.208.0 255.255.252.0 207.6.210.35 207.6.210.35 20
207.6.210.35 255.255.255.255 127.0.0.1 127.0.0.1 20
207.6.210.255 255.255.255.255 207.6.210.35 207.6.210.35 20
224.0.0.0 240.0.0.0 207.6.210.35 207.6.210.35 20
255.255.255.255 255.255.255.255 207.6.210.35 207.6.210.35 1
Default Gateway: 207.6.208.254
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/26/2012 10:17:22 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved

Error: (10/26/2012 07:02:47 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (10/25/2012 05:18:50 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (10/25/2012 00:34:54 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (10/25/2012 10:25:05 AM) (Source: Microsoft Office 11) (User: )
Description: Accepted Safe Mode action : Microsoft Office Outlook.

Error: (10/25/2012 10:23:49 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (10/25/2012 10:19:26 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (10/24/2012 08:39:19 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (10/23/2012 02:32:39 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (10/22/2012 02:21:30 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.


System errors:
=============
Error: (10/26/2012 10:19:14 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt

Error: (10/26/2012 10:19:14 AM) (Source: Service Control Manager) (User: )
Description: The PandoraService service hung on starting.

Error: (10/26/2012 10:17:49 AM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service failed to start due to the following error:
%%3

Error: (10/26/2012 07:04:23 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt

Error: (10/26/2012 07:04:23 AM) (Source: Service Control Manager) (User: )
Description: The PandoraService service hung on starting.

Error: (10/26/2012 07:02:48 AM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service failed to start due to the following error:
%%3

Error: (10/25/2012 05:20:26 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt

Error: (10/25/2012 05:20:26 PM) (Source: Service Control Manager) (User: )
Description: The PandoraService service hung on starting.

Error: (10/25/2012 05:18:51 PM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service failed to start due to the following error:
%%3

Error: (10/25/2012 05:18:32 PM) (Source: Dhcp) (User: )
Description: The IP address lease 207.6.209.224 for the Network Card with network address 001E0BA221B9 has been
denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).


Microsoft Office Sessions:
=========================
Error: (10/26/2012 10:17:22 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe server name or address could not be resolved

Error: (10/26/2012 07:02:47 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (10/25/2012 05:18:50 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (10/25/2012 00:34:54 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (10/25/2012 10:25:05 AM) (Source: Microsoft Office 11)(User: )
Description: Microsoft Office OutlookOutlook failed to start correctly last time. Starting Outlook in safe mode will help you correct or isolate a startup problem in order to successfully start the program. Some functionality may be disabled in this mode.

Do you want to start Outlook in safe mode?

Error: (10/25/2012 10:23:49 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (10/25/2012 10:19:26 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (10/24/2012 08:39:19 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (10/23/2012 02:32:39 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (10/22/2012 02:21:30 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.


=========================== Installed Programs ============================

Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Avira AntiVir Personal - Free Antivirus (Version: 10.2.0.707)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.23)
COMODO Internet Security (Version: 5.0.32580.1142)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Critical Update for Windows Media Player 11 (KB959772)
ESET Online Scanner v3
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
iTunes (Version: 10.7.0.21)
LG Bluetooth Drivers (Version: 1.1)
LG United Mobile Drivers (Version: 2.2)
LG USB Modem Drivers (Version: 4.9.4)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Outlook Personal Folders Backup (Version: 1.10.0.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 16.0.1 (x86 en-US) (Version: 16.0.1)
Mozilla Maintenance Service (Version: 16.0.1)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
MSXML4SP2 (Version: 1.00.0000)
Octoshape add-in for Adobe Flash Player
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Pandora Service
PDF-Viewer (Version: 2.5.200.0)
QuickTime (Version: 7.72.80.56)
Safari (Version: 5.34.57.2)
Skype Toolbars (Version: 5.0.4126)
Skype™ 5.0 (Version: 5.0.152)
Soap 3.0 Toolkit (Version: 1.00.0000)
SpywareBlaster 4.6 (Version: 4.6.0)
SUPERAntiSpyware (Version: 5.0.1134)
TBS WMP Plug-in (Version: 1.00.676)
TELUS eProtect Advisor 1.5.12 (Version: 1.5.12)
TELUS Wireless Connection Manager
The KMPlayer (remove only)
UFile 2011 (Version: 15.20.0000)
Uninstall 1.0.0.1
Uninstall LG PC Suite III
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB980302) (Version: 1)
Update for Windows XP (KB896727) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB900485) (Version: 2)
Update for Windows XP (KB904942) (Version: 2)
Update for Windows XP (KB908531) (Version: 2)
Update for Windows XP (KB910437) (Version: 1)
Update for Windows XP (KB911280) (Version: 2)
Update for Windows XP (KB916595) (Version: 1)
Update for Windows XP (KB920342) (Version: 1)
Update for Windows XP (KB920872) (Version: 1)
Update for Windows XP (KB922582) (Version: 1)
Update for Windows XP (KB925720) (Version: 1)
Update for Windows XP (KB925876) (Version: 1)
Update for Windows XP (KB925877) (Version: 1)
Update for Windows XP (KB927891) (Version: 3)
Update for Windows XP (KB930916) (Version: 1)
Update for Windows XP (KB931836) (Version: 1)
Update for Windows XP (KB932823-v3) (Version: 3)
Update for Windows XP (KB936357) (Version: 1)
Update for Windows XP (KB938828) (Version: 1)
Update for Windows XP (KB942763) (Version: 1)
Update for Windows XP (KB943729)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
WebFldrs XP (Version: 9.50.7523)
WIDCOMM Bluetooth Software (Version: 5.5.0.7900)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.8.0031.9)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 7 Multilingual User Interface (MUI) (Version: 20071019.120000)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Messenger 5.1 (Version: 5.1.0701)
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows XP Hotfix - KB873333 (Version: 20050114.005213)
Windows XP Hotfix - KB873339 (Version: 20041117.092459)
Windows XP Hotfix - KB885250 (Version: 20050118.202711)
Windows XP Hotfix - KB885835 (Version: 20041027.181713)
Windows XP Hotfix - KB885836 (Version: 20041028.173203)
Windows XP Hotfix - KB886185 (Version: 20041021.090540)
Windows XP Hotfix - KB887742 (Version: 20041103.095002)
Windows XP Hotfix - KB888113 (Version: 20041116.131036)
Windows XP Hotfix - KB888302 (Version: 20041207.111426)
Windows XP Hotfix - KB890175 (Version: 20041201.233338)
Windows XP Hotfix - KB890859 (Version: 1)
Windows XP Hotfix - KB891781 (Version: 20050110.165439)
Windows XP Hotfix - KB893086 (Version: 1)
XML Paper Specification Shared Components Pack 1.0
XnView 1.97.8 (Version: 1.97.8)

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 2002.23 MB
Available physical RAM: 1380 MB
Total Pagefile: 3894.73 MB
Available Pagefile: 3404.71 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.29 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:74.42 GB) (Free:56.91 GB) NTFS

========================= Users: ========================================

User accounts for \\

Administrator ASPNET Guest
HelpAssistant Sharon SUPPORT_388945a0

========================= Restore Points ==================================

15-08-2012 22:02:56 System Checkpoint
16-08-2012 23:24:14 System Checkpoint
17-08-2012 23:40:24 System Checkpoint
19-08-2012 00:27:23 System Checkpoint
20-08-2012 00:45:04 System Checkpoint
21-08-2012 02:25:14 System Checkpoint
22-08-2012 02:59:34 System Checkpoint
23-08-2012 03:50:27 System Checkpoint
24-08-2012 04:29:13 System Checkpoint
25-08-2012 04:50:16 System Checkpoint
26-08-2012 05:49:11 System Checkpoint
27-08-2012 14:32:29 System Checkpoint
28-08-2012 14:44:28 System Checkpoint
29-08-2012 15:03:16 System Checkpoint
30-08-2012 16:02:11 System Checkpoint
31-08-2012 17:03:11 System Checkpoint
01-09-2012 20:46:26 System Checkpoint
03-09-2012 00:06:15 System Checkpoint
04-09-2012 00:42:02 System Checkpoint
05-09-2012 01:58:23 System Checkpoint
06-09-2012 02:15:37 System Checkpoint
07-09-2012 02:31:58 System Checkpoint
08-09-2012 02:33:37 System Checkpoint
09-09-2012 02:46:48 System Checkpoint
09-09-2012 21:22:22 Removed Java™ 6 Update 19
09-09-2012 21:23:21 Removed Java™ 6 Update 19
09-09-2012 21:47:16 Removed Java™ 6 Update 19
09-09-2012 21:50:56 Removed Java™ 6 Update 19
10-09-2012 22:09:55 System Checkpoint
11-09-2012 22:26:15 System Checkpoint
12-09-2012 20:24:28 Removed Java™ 6 Update 19
12-09-2012 20:37:19 Removed Java™ 6 Update 19
13-09-2012 22:00:46 System Checkpoint
14-09-2012 23:29:33 System Checkpoint
15-09-2012 16:06:29 Removed Java™ 6 Update 19
15-09-2012 18:55:39 Removed Java™ 6 Update 19
16-09-2012 19:04:35 System Checkpoint
17-09-2012 20:22:55 Revo Uninstaller's restore point - Java 2 Runtime Environment, SE v1.4.1_07
17-09-2012 20:25:33 Revo Uninstaller's restore point - Java™ 6 Update 29
17-09-2012 20:25:48 Removed Java™ 6 Update 19
17-09-2012 20:27:16 Revo Uninstaller's restore point - XnView 1.97.8
18-09-2012 20:34:38 System Checkpoint
19-09-2012 21:32:18 System Checkpoint
20-09-2012 21:40:59 restore files
20-09-2012 21:52:52 Restore Operation
21-09-2012 19:51:15 Software Distribution Service 3.0
21-09-2012 20:36:13 Software Distribution Service 3.0
23-09-2012 00:50:43 System Checkpoint
24-09-2012 01:22:02 System Checkpoint
25-09-2012 01:37:45 System Checkpoint
26-09-2012 01:51:22 System Checkpoint
27-09-2012 02:43:33 System Checkpoint
28-09-2012 03:03:48 System Checkpoint
29-09-2012 04:18:14 System Checkpoint
30-09-2012 04:59:19 System Checkpoint
01-10-2012 16:56:10 System Checkpoint
02-10-2012 20:23:40 System Checkpoint
03-10-2012 21:48:12 System Checkpoint
05-10-2012 01:10:05 System Checkpoint
06-10-2012 01:40:27 System Checkpoint
07-10-2012 01:42:59 System Checkpoint
08-10-2012 01:58:07 System Checkpoint
09-10-2012 02:40:26 System Checkpoint
10-10-2012 02:43:37 System Checkpoint
11-10-2012 03:43:37 System Checkpoint
12-10-2012 05:15:17 System Checkpoint
13-10-2012 05:43:31 System Checkpoint
14-10-2012 06:11:20 System Checkpoint
15-10-2012 07:10:14 System Checkpoint
16-10-2012 08:10:14 System Checkpoint
17-10-2012 09:10:14 System Checkpoint
18-10-2012 09:55:24 System Checkpoint
19-10-2012 10:55:23 System Checkpoint
20-10-2012 11:55:17 System Checkpoint
21-10-2012 12:55:17 System Checkpoint
22-10-2012 13:55:20 System Checkpoint
23-10-2012 14:25:04 System Checkpoint
24-10-2012 16:09:39 System Checkpoint
25-10-2012 16:43:57 System Checkpoint
26-10-2012 17:44:18 System Checkpoint

**** End of log ****
Farbar Service Scanner Version: 26-10-2012
Ran by (administrator) on 26-10-2012 at 17:42:19
Running from "C:\Documents and Settings\Sharon\Desktop"
Microsoft Windows XP Professional Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error: Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2007-02-26 08:45] - [2006-05-19 05:59] - 0111616 ____A (Microsoft Corporation) EF545E1A4B043DA4C84E230DD471C55F

C:\WINDOWS\system32\Drivers\afd.sys
[2007-02-26 08:44] - [2008-08-14 02:51] - 0138368 ___AC (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702

C:\WINDOWS\system32\Drivers\netbt.sys
[2007-02-26 08:47] - [2004-08-04 05:00] - 0162816 ___AC (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys
[2007-02-26 08:49] - [2008-06-20 03:45] - 0360320 ___AC (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9

C:\WINDOWS\system32\Drivers\ipsec.sys
[2007-02-26 08:46] - [2004-08-04 05:00] - 0074752 ___AC (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll
[2007-02-26 08:45] - [2008-02-19 22:32] - 0045568 ____A (Microsoft Corporation) AAC8FFBFD61E784FA3BAC851D4A0BD5F

C:\WINDOWS\system32\ipnathlp.dll
[2007-02-26 08:46] - [2004-08-04 05:00] - 0331264 ____A (Microsoft Corporation) 36CC8C01B5E50163037BEF56CB96DEFF

C:\WINDOWS\system32\netman.dll
[2007-02-26 08:47] - [2005-08-22 11:29] - 0197632 ____A (Microsoft Corporation) 36739B39267914BA69AD0610A0299732

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2008-04-15 13:39] - [2004-08-04 05:00] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\srsvc.dll
[2008-04-15 13:40] - [2004-08-04 05:00] - 0170496 ____A (Microsoft Corporation) 92BDF74F12D6CBEC43C94D4B7F804838

C:\WINDOWS\system32\Drivers\sr.sys
[2008-04-15 13:40] - [2004-08-04 05:00] - 0073472 ___AC (Microsoft Corporation) E41B6D037D6CD08461470AF04500DC24

C:\WINDOWS\system32\wscsvc.dll
[2007-02-26 08:50] - [2004-08-04 05:00] - 0081408 ____A (Microsoft Corporation) 4D59DAA66C60858CDF4F67A900F42D4A

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2008-04-15 13:39] - [2004-08-04 05:00] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\wuauserv.dll
[2008-04-15 13:40] - [2004-08-04 05:00] - 0006656 ____A (Microsoft Corporation) 13D72740963CBA12D9FF76A7F218BCD8

C:\WINDOWS\system32\qmgr.dll
[2008-04-15 13:40] - [2004-08-04 05:00] - 0382464 ___AC (Microsoft Corporation) 2C69EC7E5A311334D10DD95F338FCCEA

C:\WINDOWS\system32\es.dll
[2007-02-26 08:45] - [2008-07-07 13:32] - 0253952 ____A (Microsoft Corporation) 60D1A6342238378BFB7545C81EE3606C

C:\WINDOWS\system32\cryptsvc.dll
[2007-02-26 08:45] - [2004-08-04 05:00] - 0060416 ____A (Microsoft Corporation) 10654F9DDCEA9C46CFB77554231BE73B

C:\WINDOWS\system32\svchost.exe
[2007-02-26 08:49] - [2004-08-04 05:00] - 0014336 ____A (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716

C:\WINDOWS\system32\rpcss.dll
[2007-02-26 08:48] - [2009-02-09 03:20] - 0399360 ____A (Microsoft Corporation) 01095FEBF33BEEA00C2A0730B9B3EC28

C:\WINDOWS\system32\services.exe
[2007-02-26 08:48] - [2009-02-06 10:14] - 0110592 ____A (Microsoft Corporation) 37561F8D4160D62DA86D24AE41FAE8DE


Extra List:
=======
cmdHlp(10) Gpc(6) IPSec(4) NetBT(5) NwlnkIpx(1) NwlnkNb(2) Tcpip(3)
0x0800000004000000030000000A0000000500000006000000080000000100000002000000
IpSec Tag value is correct.

**** End of log ****

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
# AdwCleaner v2.005 - Logfile created 10/26/2012 at 17:45:22
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : Sharon - SHARON-RAS
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Sharon\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask
Folder Deleted : C:\Documents and Settings\Sharon\Local Settings\Application Data\Conduit
Folder Deleted : C:\Program Files\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\AskBarDis
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3041D03E-FD4B-44E0-B742-2D9B88305F98}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3041D03E-FD4B-44E0-B742-2D9B88305F98}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\Sharon\Application Data\Mozilla\Firefox\Profiles\nr5aa0az.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [3637 octets] - [26/10/2012 17:45:22]

########## EOF - C:\AdwCleaner[S2].txt - [3697 octets] ##########
Junkware Removal Tool (JRT) by Thisisu
Version: 2.2.1 (10.26.2012)
OS: Microsoft Windows XP x86
Ran by Sharon on 26/10/2012 at 17:50:55.18
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{9afb8248-617f-460d-9366-d71cdeda3179}



*** Files: 0 Detections



*** Folders:

Successfully deleted: [FOLDER] "C:\Program Files\Common Files\dvdvideosoft"



*** FireFox detected and repaired



*** Event Viewer Logs - NOT cleared





**************************************************************
Scan was completed on 26/10/2012 at 18:01:47.87
End of Report

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:44 AM

Posted 27 October 2012 - 05:34 PM

Current issues?


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#14 hunnybunny

hunnybunny
  • Topic Starter

  • Members
  • 196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:44 AM

Posted 27 October 2012 - 06:31 PM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/27/2012 04:04:37 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\system32\PSIService.exe (PID: 1412) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

20 out of 15151 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 10/27/2012 04:05:12 PM
Execution time: 0 hours(s), 0 minute(s), and 35 seconds(s)
SYSINTERNALS SOFTWARE LICENSE TERMS

These license terms are an agreement between Sysinternals (a wholly owned subsidiary of Microsoft Corporation) and you. Please read them. They apply to the software you are downloading from Systinternals.com, which includes the media on which you received it, if any. The terms also apply to any Sysinternals

* updates,
* supplements,
* Internet-based services, and
* support services

for this software, unless other terms accompany those items. If so, those terms apply.

BY USING THE SOFTWARE, YOU ACCEPT THESE TERMS. IF YOU DO NOT ACCEPT THEM, DO NOT USE THE SOFTWARE.

If you comply with these license terms, you have the rights below.

1. INSTALLATION AND USE RIGHTS. You may install and use any number of copies of the software on your devices.

2. SCOPE OF LICENSE. The software is licensed, not sold. This agreement only gives you some rights to use the software. Sysinternals reserves all other rights. Unless applicable law gives you more rights despite this limitation, you may use the software only as expressly permitted in this agreement. In doing so, you must comply with any technical limitations in the software that only allow you to use it in certain ways.

You may not:

* work around any technical limitations in the binary versions of the software;
* reverse engineer, decompile or disassemble the binary versions of the software, except and only to the extent that
applicable law expressly permits, despite this limitation;
* make more copies of the software than specified in this agreement or allowed by applicable law, despite this limitation;
* publish the software for others to copy;
* rent, lease or lend the software;
* transfer the software or this agreement to any third party; or
* use the software for commercial software hosting services.

3. DOCUMENTATION. Any person that has valid access to your computer or internal network may copy and use the documentation for your internal, reference purposes.

4. EXPORT RESTRICTIONS. The software is subject to United States export laws and regulations. You must comply with all domestic and international export laws and regulations that apply to the software. These laws include restrictions on destinations, end users and end use. For additional information, see www.microsoft.com/exporting.

5. SUPPORT SERVICES. Because this software is “as is,” we may not provide support services for it.

6. ENTIRE AGREEMENT. This agreement, and the terms for supplements, updates, Internet-based services and support services that you use, are the entire agreement for the software and support services.

7. APPLICABLE LAW.
a. United States. If you acquired the software in the United States, Washington state law governs the interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws principles. The laws of the state where you live govern all other claims, including claims under state consumer protection laws, unfair competition laws, and in tort.
b. Outside the United States. If you acquired the software in any other country, the laws of that country apply.

8. LEGAL EFFECT. This agreement describes certain legal rights. You may have other rights under the laws of your country. You may also have rights with respect to the party from whom you acquired the software. This agreement does not change your rights under the laws of your country if the laws of your country do not permit it to do so.

9. DISCLAIMER OF WARRANTY. THE SOFTWARE IS LICENSED “AS-IS.” YOU BEAR THE RISK OF USING IT. SYSINTERNALS GIVES NO EXPRESS WARRANTIES, GUARANTEES OR CONDITIONS. YOU MAY HAVE ADDITIONAL CONSUMER RIGHTS UNDER YOUR LOCAL LAWS WHICH THIS AGREEMENT CANNOT CHANGE. TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAWS, SYSINTERNALS EXCLUDES THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.

10. LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES. YOU CAN RECOVER FROM SYSINTERNALS AND ITS SUPPLIERS ONLY DIRECT DAMAGES UP TO U.S. $5.00. YOU CANNOT RECOVER ANY OTHER DAMAGES, INCLUDING CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT OR INCIDENTAL DAMAGES.

This limitation applies to
* anything related to the software, services, content (including code) on third party Internet sites, or third party programs; and
* claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law.
It also applies even if Sysinternals knew or should have known about the possibility of the damages. The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential or other damages.

Please note: As this software is distributed in Quebec, Canada, some of the clauses in this agreement are provided below in French.

Remarque : Ce logiciel étant distribué au Québec, Canada, certaines des clauses dans ce contrat sont fournies ci-dessous en français.

EXONÉRATION DE GARANTIE. Le logiciel visé par une licence est offert « tel quel ». Toute utilisation de ce logiciel est à votre seule risque et péril. Sysinternals n’accorde aucune autre garantie expresse. Vous pouvez bénéficier de droits additionnels en vertu du droit local sur la protection dues consommateurs, que ce contrat ne peut modifier. La ou elles sont permises par le droit locale, les garanties implicites de qualité marchande, d’adéquation à un usage particulier et d’absence de contrefaçon sont exclues.

LIMITATION DES DOMMAGES-INTÉRÊTS ET EXCLUSION DE RESPONSABILITÉ POUR LES DOMMAGES. Vous pouvez obtenir de Sysinternals et de ses fournisseurs une indemnisation en cas de dommages directs uniquement à hauteur de 5,00 $ US. Vous ne pouvez prétendre à aucune indemnisation pour les autres dommages, y compris les dommages spéciaux, indirects ou accessoires et pertes de bénéfices.
Cette limitation concerne :
* tout ce qui est relié au logiciel, aux services ou au contenu (y compris le code) figurant sur des sites Internet tiers ou dans des programmes tiers ; et
* les réclamations au titre de violation de contrat ou de garantie, ou au titre de responsabilité stricte, de négligence ou d’une autre faute dans la limite autorisée par la loi en vigueur.
Elle s’applique également, même si Sysinternals connaissait ou devrait connaître l’éventualité d’un tel dommage. Si votre pays n’autorise pas l’exclusion ou la limitation de responsabilité pour les dommages indirects, accessoires ou de quelque nature que ce soit, il se peut que la limitation ou l’exclusion ci-dessus ne s’appliquera pas à votre égard.

EFFET JURIDIQUE. Le présent contrat décrit certains droits juridiques. Vous pourriez avoir d’autres droits prévus par les lois de votre pays. Le présent contrat ne modifie pas les droits que vous confèrent les lois de votre pays si celles-ci ne le permettent pas.

Received the following error when logging on to Bleeping

[#10193] We encountered a problem processing your login request. Please try again.


#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:44 AM

Posted 27 October 2012 - 06:39 PM

Please follow the instructions for autoruns again.You are posting the EULA agreement log :mellow:

[#10193] We encountered a problem processing your login request. Please try again.


Do you still have issues?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users