Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop Crashing A lot!- Blue Screens!


  • Please log in to reply
18 replies to this topic

#1 kamelia

kamelia

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 01 August 2013 - 02:18 AM

Hello,

 

Since January, I have been having Blue Screens errors and I do not know how to fix this problem. I have screens shots of the last two times my laptop suddenly displayed Blue Screen and it happened also hours ago, but I did not take a picture. Thank you!

 

dscf0710.jpg

 

img_3010.jpg

 

======================================

 

My System Information is:

OS Name Microsoft Windows XP Professional
Version 5.1.2600 Service Pack 3 Build 2600
OS Manufacturer Microsoft Corporation
System Name KHALED
System Manufacturer Dell Inc.
System Model Inspiron 1520
System Type X86-based PC
Processor x86 Family 6 Model 15 Stepping 13 GenuineIntel ~1496 Mhz
BIOS Version/Date Dell Inc. A04, 11/5/2007
SMBIOS Version 2.4
Windows Directory C:\WINDOWS
System Directory C:\WINDOWS\system32
Boot Device \Device\HarddiskVolume2
Locale United States
Hardware Abstraction Layer Version = "5.1.2600.5512 (xpsp.080413-2111)"
User Name KHALED
Time Zone Pacific Standard Time
Total Physical Memory 2,048.00 MB
Available Physical Memory 1.15 GB
Total Virtual Memory 2.00 GB
Available Virtual Memory 1.96 GB
Page File Space 3.84 GB
Page File C:\pagefile.sys


Edited by kamelia, 01 August 2013 - 02:20 AM.


BC AdBot (Login to Remove)

 


#2 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 PM

Posted 01 August 2013 - 04:29 AM

:welcome:

 

The driver that has caused your BlueScreen is related to Trend Micro. Do you have a product of Trend Micro Installled?

 

Let's have a look for malware..

 

:step1:  Install and run MBAM

 

:step2:    Running TDSSKiller to obtain log

 

Note: Don't cure or delete a threat, but choose skip for all instead.

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters

tds2.jpg

  • In the Additional options: Check Detect TDLFS file system
  • Click Start Scan and allow the scan process to run

tds4-1.jpg

  • Choose for all threats to Skip for all of them.
  • Click Continue
  • Please post the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)

===================================================

 

:step2:  ESET Online Scanner

==================

Note: If your AV is blocking Eset online scanner, please temporarily disable your AV.

 

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and » UNCHECK "Remove found threats" <== Important
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. (If no malware was found you will not be presented with a log).
  • Click the Back button.
  • Click the Finish button.

===================================================


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#3 kamelia

kamelia
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 03 August 2013 - 05:52 PM

Thank you GodFatherking for answering. I will follow your steps and get back to you. Yes, I do have Trendmicro installed.



#4 kamelia

kamelia
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 04 August 2013 - 05:27 AM

GodFatherKing:

 

As I said before, I have trendmicro installed...

 

Below, please find, the logs of the scans of the three programs you recommended. ESET Online Scanner found two threats:

  • Win32/OpenCandy application
  • Multiple threats

 

Looking forward to removing these threats. After I read about openCandy, I understand now why Internet explorer keeps crashing and becomes  suddenly unresponsive. Also, my computer has been slower in the past few months. This is besides the frequent blue screens of death. 

 

Thank you again,

 

K.

 

==================================================================================

 

mbam-log-2013-08-03

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.08.03.06

 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

KHALED[administrator]

 

8/3/2013 4:03:52 PM

mbam-log-2013-08-03 (16-03-52).txt

 

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 397827

Time elapsed: 3 hour(s), 48 minute(s), 14 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

 

******************************************************************

 

TDSSKiller LOG

 

21:12:28.0516 3188  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

21:12:29.0344 3188  ============================================================

21:12:29.0344 3188  Current date / time: 2013/08/03 21:12:29.0344

21:12:29.0344 3188  SystemInfo:

21:12:29.0344 3188 

21:12:29.0344 3188  OS Version: 5.1.2600 ServicePack: 3.0

21:12:29.0344 3188  Product type: Workstation

21:12:29.0344 3188  ComputerName: KHALED

21:12:29.0344 3188  UserName: KHALED

21:12:29.0344 3188  Windows directory: C:\WINDOWS

21:12:29.0344 3188  System windows directory: C:\WINDOWS

21:12:29.0344 3188  Processor architecture: Intel x86

21:12:29.0344 3188  Number of processors: 2

21:12:29.0344 3188  Page size: 0x1000

21:12:29.0344 3188  Boot type: Normal boot

21:12:29.0344 3188  ============================================================

21:12:31.0673 3188  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

21:12:31.0673 3188  ============================================================

21:12:31.0673 3188  \Device\Harddisk0\DR0:

21:12:31.0673 3188  MBR partitions:

21:12:31.0673 3188  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2738A, BlocksNum 0x11EBA75B

21:12:31.0688 3188  ============================================================

21:12:31.0766 3188  C: <-> \Device\Harddisk0\DR0\Partition1

21:12:31.0766 3188  ============================================================

21:12:31.0766 3188  Initialize success

21:12:31.0766 3188  ============================================================

21:12:40.0985 2080  ============================================================

21:12:40.0985 2080  Scan started

21:12:40.0985 2080  Mode: Manual; TDLFS;

21:12:40.0985 2080  ============================================================

21:12:41.0329 2080  ================ Scan system memory ========================

21:12:41.0329 2080  System memory - ok

21:12:41.0329 2080  ================ Scan services =============================

21:12:41.0501 2080  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

21:12:41.0532 2080  !SASCORE - ok

21:12:41.0657 2080  Abiosdsk - ok

21:12:41.0704 2080  [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

21:12:41.0704 2080  abp480n5 - ok

21:12:41.0766 2080  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

21:12:41.0782 2080  ACPI - ok

21:12:41.0813 2080  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

21:12:41.0813 2080  ACPIEC - ok

21:12:41.0938 2080  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

21:12:41.0938 2080  AdobeFlashPlayerUpdateSvc - ok

21:12:41.0969 2080  [ 9A11864873DA202C996558B2106B0BBC ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys

21:12:41.0969 2080  adpu160m - ok

21:12:42.0016 2080  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys

21:12:42.0016 2080  aec - ok

21:12:42.0063 2080  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

21:12:42.0079 2080  AFD - ok

21:12:42.0126 2080  [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys

21:12:42.0126 2080  agp440 - ok

21:12:42.0141 2080  [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

21:12:42.0157 2080  agpCPQ - ok

21:12:42.0173 2080  [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys

21:12:42.0173 2080  Aha154x - ok

21:12:42.0204 2080  [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys

21:12:42.0204 2080  aic78u2 - ok

21:12:42.0219 2080  [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys

21:12:42.0219 2080  aic78xx - ok

21:12:42.0282 2080  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

21:12:42.0282 2080  Alerter - ok

21:12:42.0313 2080  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe

21:12:42.0329 2080  ALG - ok

21:12:42.0360 2080  [ 1140AB9938809700B46BB88E46D72A96 ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys

21:12:42.0360 2080  AliIde - ok

21:12:42.0391 2080  [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys

21:12:42.0391 2080  alim1541 - ok

21:12:42.0391 2080  [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys

21:12:42.0391 2080  amdagp - ok

21:12:42.0423 2080  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys

21:12:42.0423 2080  amsint - ok

21:12:42.0516 2080  [ FEB0B5022C012A4A68DABCB711FAFF03 ] Amsp            C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

21:12:42.0516 2080  Amsp - ok

21:12:42.0579 2080  [ EC94E05B76D033B74394E7B2175103CF ] APPDRV          C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS

21:12:42.0610 2080  APPDRV - ok

21:12:42.0673 2080  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll

21:12:42.0688 2080  AppMgmt - ok

21:12:42.0735 2080  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys

21:12:42.0735 2080  Arp1394 - ok

21:12:42.0798 2080  [ 62D318E9A0C8FC9B780008E724283707 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys

21:12:42.0798 2080  asc - ok

21:12:42.0860 2080  [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys

21:12:42.0860 2080  asc3350p - ok

21:12:42.0891 2080  [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys

21:12:42.0891 2080  asc3550 - ok

21:12:43.0032 2080  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

21:12:43.0032 2080  aspnet_state - ok

21:12:43.0063 2080  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

21:12:43.0063 2080  AsyncMac - ok

21:12:43.0094 2080  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

21:12:43.0094 2080  atapi - ok

21:12:43.0110 2080  Atdisk - ok

21:12:43.0157 2080  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

21:12:43.0157 2080  Atmarpc - ok

21:12:43.0251 2080  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

21:12:43.0251 2080  AudioSrv - ok

21:12:43.0266 2080  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

21:12:43.0282 2080  audstub - ok

21:12:43.0313 2080  [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys

21:12:43.0313 2080  BCM43XX - ok

21:12:43.0329 2080  [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp        C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys

21:12:43.0344 2080  bcm4sbxp - ok

21:12:43.0376 2080  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

21:12:43.0391 2080  Beep - ok

21:12:43.0438 2080  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll

21:12:43.0454 2080  BITS - ok

21:12:43.0501 2080  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll

21:12:43.0501 2080  Browser - ok

21:12:43.0532 2080  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

21:12:43.0532 2080  cbidf - ok

21:12:43.0548 2080  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

21:12:43.0548 2080  cbidf2k - ok

21:12:43.0610 2080  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

21:12:43.0610 2080  CCDECODE - ok

21:12:43.0641 2080  [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

21:12:43.0641 2080  cd20xrnt - ok

21:12:43.0688 2080  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

21:12:43.0688 2080  Cdaudio - ok

21:12:43.0704 2080  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

21:12:43.0704 2080  Cdfs - ok

21:12:43.0719 2080  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

21:12:43.0719 2080  Cdrom - ok

21:12:43.0766 2080  [ 84853B3FD012251690570E9E7E43343F ] cercsr6         C:\WINDOWS\system32\drivers\cercsr6.sys

21:12:43.0782 2080  cercsr6 - ok

21:12:43.0798 2080  Changer - ok

21:12:43.0860 2080  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe

21:12:43.0860 2080  CiSvc - ok

21:12:43.0923 2080  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

21:12:43.0923 2080  ClipSrv - ok

21:12:43.0969 2080  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:12:43.0969 2080  clr_optimization_v2.0.50727_32 - ok

21:12:44.0079 2080  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:12:44.0079 2080  clr_optimization_v4.0.30319_32 - ok

21:12:44.0141 2080  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys

21:12:44.0141 2080  CmBatt - ok

21:12:44.0188 2080  [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys

21:12:44.0188 2080  CmdIde - ok

21:12:44.0204 2080  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys

21:12:44.0219 2080  Compbatt - ok

21:12:44.0219 2080  COMSysApp - ok

21:12:44.0282 2080  [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys

21:12:44.0282 2080  Cpqarray - ok

21:12:44.0313 2080  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

21:12:44.0329 2080  CryptSvc - ok

21:12:44.0376 2080  [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

21:12:44.0376 2080  dac2w2k - ok

21:12:44.0407 2080  [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys

21:12:44.0407 2080  dac960nt - ok

21:12:44.0469 2080  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

21:12:44.0485 2080  DcomLaunch - ok

21:12:44.0548 2080  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

21:12:44.0548 2080  Dhcp - ok

21:12:44.0563 2080  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

21:12:44.0563 2080  Disk - ok

21:12:44.0641 2080  [ 0659E6E0A95564F958D9DF7313F7701E ] DLABMFSM        C:\WINDOWS\system32\DLA\DLABMFSM.SYS

21:12:44.0641 2080  DLABMFSM - ok

21:12:44.0657 2080  [ 8691C78908F0BD66170669DB268369F2 ] DLABOIOM        C:\WINDOWS\system32\DLA\DLABOIOM.SYS

21:12:44.0657 2080  DLABOIOM - ok

21:12:44.0673 2080  [ 76167B5EB2DFFC729EDC36386876B40B ] DLACDBHM        C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

21:12:44.0673 2080  DLACDBHM - ok

21:12:44.0688 2080  [ 5615744A1056933B90E6AC54FEB86F35 ] DLADResM        C:\WINDOWS\system32\DLA\DLADResM.SYS

21:12:44.0688 2080  DLADResM - ok

21:12:44.0751 2080  [ 1AECA2AFA5005CE4A550CF8EB55A8C88 ] DLAIFS_M        C:\WINDOWS\system32\DLA\DLAIFS_M.SYS

21:12:44.0751 2080  DLAIFS_M - ok

21:12:44.0766 2080  [ 840E7F6ABB885C72B9FFDDB022EF5B6D ] DLAOPIOM        C:\WINDOWS\system32\DLA\DLAOPIOM.SYS

21:12:44.0766 2080  DLAOPIOM - ok

21:12:44.0782 2080  [ 0294D18731AC05DA80132CE88F8A876B ] DLAPoolM        C:\WINDOWS\system32\DLA\DLAPoolM.SYS

21:12:44.0782 2080  DLAPoolM - ok

21:12:44.0813 2080  [ 91886FED52A3F9966207BCE46CFD794F ] DLARTL_M        C:\WINDOWS\system32\Drivers\DLARTL_M.SYS

21:12:44.0813 2080  DLARTL_M - ok

21:12:44.0829 2080  [ CCA4E121D599D7D1706A30F603731E59 ] DLAUDFAM        C:\WINDOWS\system32\DLA\DLAUDFAM.SYS

21:12:44.0844 2080  DLAUDFAM - ok

21:12:44.0860 2080  [ 7DAB85C33135DF24419951DA4E7D38E5 ] DLAUDF_M        C:\WINDOWS\system32\DLA\DLAUDF_M.SYS

21:12:44.0860 2080  DLAUDF_M - ok

21:12:44.0860 2080  dmadmin - ok

21:12:44.0938 2080  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

21:12:44.0954 2080  dmboot - ok

21:12:44.0969 2080  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\DRIVERS\dmio.sys

21:12:44.0969 2080  dmio - ok

21:12:45.0001 2080  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

21:12:45.0001 2080  dmload - ok

21:12:45.0048 2080  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll

21:12:45.0048 2080  dmserver - ok

21:12:45.0079 2080  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

21:12:45.0079 2080  DMusic - ok

21:12:45.0141 2080  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

21:12:45.0141 2080  Dnscache - ok

21:12:45.0204 2080  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

21:12:45.0204 2080  Dot3svc - ok

21:12:45.0251 2080  [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys

21:12:45.0251 2080  dpti2o - ok

21:12:45.0282 2080  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

21:12:45.0282 2080  drmkaud - ok

21:12:45.0313 2080  [ C00440385CF9F3D142917C63F989E244 ] DRVMCDB         C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

21:12:45.0313 2080  DRVMCDB - ok

21:12:45.0313 2080  [ 6E6AB29D3C06E64CE81FEACDA85394B5 ] DRVNDDM         C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

21:12:45.0313 2080  DRVNDDM - ok

21:12:45.0407 2080  [ 0C8762B91B967A91373E0E022B62ACFC ] DXEC02          C:\WINDOWS\system32\drivers\dxec02.sys

21:12:45.0407 2080  DXEC02 - ok

21:12:45.0438 2080  [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys

21:12:45.0438 2080  E100B - ok

21:12:45.0469 2080  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll

21:12:45.0469 2080  EapHost - ok

21:12:45.0516 2080  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll

21:12:45.0532 2080  ERSvc - ok

21:12:45.0579 2080  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe

21:12:45.0579 2080  Eventlog - ok

21:12:45.0626 2080  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll

21:12:45.0626 2080  EventSystem - ok

21:12:45.0688 2080  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

21:12:45.0688 2080  Fastfat - ok

21:12:45.0751 2080  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

21:12:45.0751 2080  FastUserSwitchingCompatibility - ok

21:12:45.0813 2080  [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax             C:\WINDOWS\system32\fxssvc.exe

21:12:45.0813 2080  Fax - ok

21:12:45.0844 2080  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys

21:12:45.0844 2080  Fdc - ok

21:12:45.0891 2080  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

21:12:45.0891 2080  Fips - ok

21:12:45.0923 2080  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys

21:12:45.0938 2080  Flpydisk - ok

21:12:45.0985 2080  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

21:12:45.0985 2080  FltMgr - ok

21:12:46.0110 2080  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

21:12:46.0126 2080  FontCache3.0.0.0 - ok

21:12:46.0173 2080  [ C6EE3A87FE609D3E1DB9DBD072A248DE ] fssfltr         C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys

21:12:46.0173 2080  fssfltr - ok

21:12:46.0298 2080  [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe

21:12:46.0298 2080  fsssvc - ok

21:12:46.0344 2080  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

21:12:46.0344 2080  Fs_Rec - ok

21:12:46.0344 2080  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

21:12:46.0360 2080  Ftdisk - ok

21:12:46.0360 2080  GEARAspiWDM - ok

21:12:46.0423 2080  [ B56EB0A2210980E76390BD670BCB618B ] gmer            C:\WINDOWS\system32\DRIVERS\gmer.sys

21:12:46.0423 2080  gmer - ok

21:12:46.0469 2080  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

21:12:46.0469 2080  Gpc - ok

21:12:46.0594 2080  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe

21:12:46.0594 2080  gupdate - ok

21:12:46.0610 2080  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe

21:12:46.0610 2080  gupdatem - ok

21:12:46.0704 2080  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

21:12:46.0719 2080  HDAudBus - ok

21:12:46.0829 2080  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

21:12:46.0829 2080  helpsvc - ok

21:12:46.0891 2080  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll

21:12:46.0891 2080  HidServ - ok

21:12:46.0923 2080  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

21:12:46.0923 2080  HidUsb - ok

21:12:46.0969 2080  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

21:12:46.0969 2080  hkmsvc - ok

21:12:47.0016 2080  [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys

21:12:47.0016 2080  hpn - ok

21:12:47.0063 2080  [ B1526810210980BED9D22315946C919D ] HSFHWAZL        C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys

21:12:47.0063 2080  HSFHWAZL - ok

21:12:47.0110 2080  [ DDBD528E60F5961C142A490DC4EA7780 ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys

21:12:47.0126 2080  HSF_DPV - ok

21:12:47.0188 2080  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

21:12:47.0188 2080  HTTP - ok

21:12:47.0219 2080  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

21:12:47.0219 2080  HTTPFilter - ok

21:12:47.0282 2080  [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys

21:12:47.0282 2080  i2omgmt - ok

21:12:47.0313 2080  [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys

21:12:47.0313 2080  i2omp - ok

21:12:47.0360 2080  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

21:12:47.0360 2080  i8042prt - ok

21:12:47.0501 2080  [ 200CCA76CD0E0F7EEC78FA56C29B4D67 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

21:12:47.0579 2080  ialm - ok

21:12:47.0641 2080  [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys

21:12:47.0641 2080  iaStor - ok

21:12:47.0782 2080  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

21:12:47.0813 2080  IDriverT - ok

21:12:47.0938 2080  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

21:12:47.0954 2080  idsvc - ok

21:12:47.0969 2080  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

21:12:47.0985 2080  Imapi - ok

21:12:48.0048 2080  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe

21:12:48.0048 2080  ImapiService - ok

21:12:48.0079 2080  [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys

21:12:48.0079 2080  ini910u - ok

21:12:48.0141 2080  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys

21:12:48.0141 2080  IntelIde - ok

21:12:48.0188 2080  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys

21:12:48.0188 2080  intelppm - ok

21:12:48.0235 2080  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys

21:12:48.0235 2080  Ip6Fw - ok

21:12:48.0266 2080  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

21:12:48.0266 2080  IpFilterDriver - ok

21:12:48.0282 2080  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

21:12:48.0282 2080  IpInIp - ok

21:12:48.0313 2080  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

21:12:48.0329 2080  IpNat - ok

21:12:48.0329 2080  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

21:12:48.0329 2080  IPSec - ok

21:12:48.0360 2080  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

21:12:48.0360 2080  IRENUM - ok

21:12:48.0391 2080  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

21:12:48.0391 2080  isapnp - ok

21:12:48.0516 2080  [ 0A5709543986843D37A92290B7838340 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe

21:12:48.0516 2080  JavaQuickStarterService - ok

21:12:48.0532 2080  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

21:12:48.0532 2080  Kbdclass - ok

21:12:48.0579 2080  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys

21:12:48.0579 2080  kbdhid - ok

21:12:48.0610 2080  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

21:12:48.0610 2080  kmixer - ok

21:12:48.0657 2080  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

21:12:48.0657 2080  KSecDD - ok

21:12:48.0704 2080  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

21:12:48.0704 2080  lanmanserver - ok

21:12:48.0813 2080  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

21:12:48.0813 2080  lanmanworkstation - ok

21:12:48.0813 2080  lbrtfdc - ok

21:12:48.0891 2080  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

21:12:48.0891 2080  LmHosts - ok

21:12:48.0954 2080  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

21:12:48.0969 2080  MDM - ok

21:12:48.0985 2080  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

21:12:48.0985 2080  mdmxsdk - ok

21:12:49.0016 2080  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

21:12:49.0016 2080  Messenger - ok

21:12:49.0063 2080  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

21:12:49.0063 2080  mnmdd - ok

21:12:49.0126 2080  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

21:12:49.0126 2080  mnmsrvc - ok

21:12:49.0173 2080  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

21:12:49.0173 2080  Modem - ok

21:12:49.0188 2080  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

21:12:49.0188 2080  Mouclass - ok

21:12:49.0266 2080  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys

21:12:49.0266 2080  mouhid - ok

21:12:49.0282 2080  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

21:12:49.0282 2080  MountMgr - ok

21:12:49.0344 2080  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

21:12:49.0360 2080  MozillaMaintenance - ok

21:12:49.0407 2080  [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys

21:12:49.0407 2080  mraid35x - ok

21:12:49.0438 2080  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

21:12:49.0438 2080  MRxDAV - ok

21:12:49.0516 2080  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

21:12:49.0516 2080  MRxSmb - ok

21:12:49.0563 2080  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe

21:12:49.0563 2080  MSDTC - ok

21:12:49.0610 2080  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

21:12:49.0626 2080  Msfs - ok

21:12:49.0626 2080  MSIServer - ok

21:12:49.0657 2080  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

21:12:49.0657 2080  MSKSSRV - ok

21:12:49.0673 2080  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

21:12:49.0673 2080  MSPCLOCK - ok

21:12:49.0735 2080  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

21:12:49.0735 2080  MSPQM - ok

21:12:49.0782 2080  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

21:12:49.0798 2080  mssmbios - ok

21:12:49.0813 2080  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys

21:12:49.0829 2080  MSTEE - ok

21:12:49.0876 2080  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

21:12:49.0891 2080  Mup - ok

21:12:49.0923 2080  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

21:12:49.0923 2080  NABTSFEC - ok

21:12:49.0985 2080  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll

21:12:49.0985 2080  napagent - ok

21:12:50.0032 2080  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

21:12:50.0032 2080  NDIS - ok

21:12:50.0079 2080  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys

21:12:50.0079 2080  NdisIP - ok

21:12:50.0126 2080  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

21:12:50.0126 2080  NdisTapi - ok

21:12:50.0141 2080  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

21:12:50.0157 2080  Ndisuio - ok

21:12:50.0173 2080  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

21:12:50.0173 2080  NdisWan - ok

21:12:50.0204 2080  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

21:12:50.0204 2080  NDProxy - ok

21:12:50.0219 2080  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

21:12:50.0235 2080  NetBIOS - ok

21:12:50.0266 2080  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

21:12:50.0282 2080  NetBT - ok

21:12:50.0344 2080  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe

21:12:50.0344 2080  NetDDE - ok

21:12:50.0344 2080  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

21:12:50.0360 2080  NetDDEdsdm - ok

21:12:50.0407 2080  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe

21:12:50.0407 2080  Netlogon - ok

21:12:50.0438 2080  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll

21:12:50.0438 2080  Netman - ok

21:12:50.0501 2080  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

21:12:50.0501 2080  NetTcpPortSharing - ok

21:12:50.0548 2080  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys

21:12:50.0548 2080  NIC1394 - ok

21:12:50.0610 2080  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll

21:12:50.0610 2080  Nla - ok

21:12:50.0626 2080  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

21:12:50.0626 2080  Npfs - ok

21:12:50.0735 2080  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

21:12:50.0735 2080  Ntfs - ok

21:12:50.0751 2080  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

21:12:50.0751 2080  NtLmSsp - ok

21:12:50.0798 2080  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

21:12:50.0798 2080  NtmsSvc - ok

21:12:50.0829 2080  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys

21:12:50.0829 2080  Null - ok

21:12:50.0923 2080  [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

21:12:50.0954 2080  nv - ok

21:12:50.0969 2080  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

21:12:50.0985 2080  NwlnkFlt - ok

21:12:51.0016 2080  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

21:12:51.0016 2080  NwlnkFwd - ok

21:12:51.0032 2080  [ 58F478FD0115012CEEC75FB73628901C ] OEM02Afx        C:\WINDOWS\system32\Drivers\OEM02Afx.sys

21:12:51.0032 2080  OEM02Afx - ok

21:12:51.0079 2080  [ 9D20FA5D8875F6063AA5E1C44446F698 ] OEM02Dev        C:\WINDOWS\system32\DRIVERS\OEM02Dev.sys

21:12:51.0094 2080  OEM02Dev - ok

21:12:51.0110 2080  [ 86326062A90494BDD79CE383511D7D69 ] OEM02Vfx        C:\WINDOWS\system32\DRIVERS\OEM02Vfx.sys

21:12:51.0110 2080  OEM02Vfx - ok

21:12:51.0157 2080  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys

21:12:51.0173 2080  ohci1394 - ok

21:12:51.0251 2080  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:12:51.0251 2080  ose - ok

21:12:51.0313 2080  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

21:12:51.0313 2080  Parport - ok

21:12:51.0344 2080  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

21:12:51.0344 2080  PartMgr - ok

21:12:51.0391 2080  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

21:12:51.0391 2080  ParVdm - ok

21:12:51.0407 2080  PCD5SRVC{3F6A8B78-EC003E00-05040000} - ok

21:12:51.0438 2080  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

21:12:51.0438 2080  PCI - ok

21:12:51.0454 2080  PCIDump - ok

21:12:51.0469 2080  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

21:12:51.0469 2080  PCIIde - ok

21:12:51.0501 2080  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

21:12:51.0516 2080  Pcmcia - ok

21:12:51.0516 2080  PDCOMP - ok

21:12:51.0532 2080  PDFRAME - ok

21:12:51.0532 2080  PDRELI - ok

21:12:51.0548 2080  PDRFRAME - ok

21:12:51.0579 2080  [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys

21:12:51.0579 2080  perc2 - ok

21:12:51.0594 2080  [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys

21:12:51.0594 2080  perc2hib - ok

21:12:51.0657 2080  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe

21:12:51.0657 2080  PlugPlay - ok

21:12:51.0673 2080  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

21:12:51.0688 2080  PolicyAgent - ok

21:12:51.0719 2080  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

21:12:51.0719 2080  PptpMiniport - ok

21:12:51.0735 2080  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

21:12:51.0735 2080  ProtectedStorage - ok

21:12:51.0735 2080  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

21:12:51.0751 2080  PSched - ok

21:12:51.0766 2080  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

21:12:51.0766 2080  Ptilink - ok

21:12:51.0798 2080  [ FEFFCFDC528764A04C8ED63D5FA6E711 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys

21:12:51.0813 2080  PxHelp20 - ok

21:12:51.0844 2080  [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys

21:12:51.0844 2080  ql1080 - ok

21:12:51.0876 2080  [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

21:12:51.0891 2080  Ql10wnt - ok

21:12:51.0891 2080  [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys

21:12:51.0907 2080  ql12160 - ok

21:12:51.0923 2080  [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys

21:12:51.0923 2080  ql1240 - ok

21:12:51.0938 2080  [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys

21:12:51.0938 2080  ql1280 - ok

21:12:51.0969 2080  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

21:12:51.0969 2080  RasAcd - ok

21:12:52.0032 2080  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

21:12:52.0048 2080  RasAuto - ok

21:12:52.0079 2080  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

21:12:52.0079 2080  Rasl2tp - ok

21:12:52.0126 2080  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll

21:12:52.0141 2080  RasMan - ok

21:12:52.0141 2080  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

21:12:52.0157 2080  RasPppoe - ok

21:12:52.0173 2080  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

21:12:52.0173 2080  Raspti - ok

21:12:52.0188 2080  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

21:12:52.0204 2080  Rdbss - ok

21:12:52.0204 2080  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

21:12:52.0204 2080  RDPCDD - ok

21:12:52.0235 2080  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

21:12:52.0235 2080  rdpdr - ok

21:12:52.0298 2080  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

21:12:52.0298 2080  RDPWD - ok

21:12:52.0313 2080  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

21:12:52.0329 2080  RDSessMgr - ok

21:12:52.0407 2080  [ B2D01290C0E0465ACA54C2088E947823 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

21:12:52.0407 2080  RealNetworks Downloader Resolver Service - ok

21:12:52.0454 2080  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

21:12:52.0454 2080  redbook - ok

21:12:52.0516 2080  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

21:12:52.0516 2080  RemoteAccess - ok

21:12:52.0563 2080  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

21:12:52.0579 2080  RemoteRegistry - ok

21:12:52.0626 2080  [ D85E3FA9F5B1F29BB4ED185C450D1470 ] rimmptsk        C:\WINDOWS\system32\DRIVERS\rimmptsk.sys

21:12:52.0641 2080  rimmptsk - ok

21:12:52.0641 2080  [ DB8EB01C58C9FADA00C70B1775278AE0 ] rimsptsk        C:\WINDOWS\system32\DRIVERS\rimsptsk.sys

21:12:52.0641 2080  rimsptsk - ok

21:12:52.0657 2080  [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp         C:\WINDOWS\system32\DRIVERS\rixdptsk.sys

21:12:52.0657 2080  rismxdp - ok

21:12:52.0969 2080  [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9     C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

21:12:53.0001 2080  RoxMediaDB9 - ok

21:12:53.0157 2080  [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9       C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

21:12:53.0219 2080  RoxWatch9 - ok

21:12:53.0298 2080  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe

21:12:53.0313 2080  RpcLocator - ok

21:12:53.0485 2080  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll

21:12:53.0485 2080  RpcSs - ok

21:12:53.0532 2080  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe

21:12:53.0532 2080  RSVP - ok

21:12:53.0563 2080  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe

21:12:53.0563 2080  SamSs - ok

21:12:53.0594 2080  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

21:12:53.0594 2080  SASDIFSV - ok

21:12:53.0610 2080  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

21:12:53.0610 2080  SASKUTIL - ok

21:12:53.0641 2080  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

21:12:53.0641 2080  SCardSvr - ok

21:12:53.0704 2080  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll

21:12:53.0704 2080  Schedule - ok

21:12:53.0766 2080  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys

21:12:53.0766 2080  sdbus - ok

21:12:53.0813 2080  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

21:12:53.0813 2080  Secdrv - ok

21:12:53.0844 2080  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll

21:12:53.0860 2080  seclogon - ok

21:12:53.0907 2080  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll

21:12:53.0907 2080  SENS - ok

21:12:53.0938 2080  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

21:12:53.0938 2080  serenum - ok

21:12:53.0969 2080  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

21:12:53.0985 2080  Serial - ok

21:12:54.0032 2080  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

21:12:54.0032 2080  Sfloppy - ok

21:12:54.0094 2080  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

21:12:54.0094 2080  SharedAccess - ok

21:12:54.0110 2080  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

21:12:54.0126 2080  ShellHWDetection - ok

21:12:54.0126 2080  Simbad - ok

21:12:54.0173 2080  [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys

21:12:54.0173 2080  sisagp - ok

21:12:54.0516 2080  [ 23E3C83DFF7B09A97B01A85ED8A44478 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

21:12:54.0594 2080  Skype C2C Service - ok

21:12:54.0673 2080  [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe

21:12:54.0673 2080  SkypeUpdate - ok

21:12:54.0688 2080  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys

21:12:54.0704 2080  SLIP - ok

21:12:54.0751 2080  [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys

21:12:54.0751 2080  Sparrow - ok

21:12:54.0876 2080  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

21:12:54.0876 2080  splitter - ok

21:12:54.0923 2080  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

21:12:54.0923 2080  Spooler - ok

21:12:54.0954 2080  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

21:12:54.0954 2080  sr - ok

21:12:55.0001 2080  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll

21:12:55.0016 2080  srservice - ok

21:12:55.0063 2080  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

21:12:55.0079 2080  Srv - ok

21:12:55.0110 2080  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

21:12:55.0110 2080  SSDPSRV - ok

21:12:55.0157 2080  [ 58F855684E163466A5C565ADF0865536 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys

21:12:55.0173 2080  STHDA - ok

21:12:55.0204 2080  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

21:12:55.0219 2080  stisvc - ok

21:12:55.0298 2080  [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

21:12:55.0329 2080  stllssvr - ok

21:12:55.0376 2080  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys

21:12:55.0376 2080  streamip - ok

21:12:55.0407 2080  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

21:12:55.0407 2080  swenum - ok

21:12:55.0423 2080  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

21:12:55.0423 2080  swmidi - ok

21:12:55.0438 2080  SwPrv - ok

21:12:55.0501 2080  [ 1FF3217614018630D0A6758630FC698C ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys

21:12:55.0501 2080  symc810 - ok

21:12:55.0516 2080  [ 070E001D95CF725186EF8B20335F933C ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys

21:12:55.0516 2080  symc8xx - ok

21:12:55.0532 2080  [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys

21:12:55.0532 2080  sym_hi - ok

21:12:55.0548 2080  [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys

21:12:55.0563 2080  sym_u3 - ok

21:12:55.0594 2080  [ 936CD58395D36659BB798B961EF7357F ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys

21:12:55.0610 2080  SynTP - ok

21:12:55.0626 2080  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

21:12:55.0626 2080  sysaudio - ok

21:12:55.0719 2080  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

21:12:55.0719 2080  SysmonLog - ok

21:12:55.0751 2080  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

21:12:55.0766 2080  TapiSrv - ok

21:12:55.0829 2080  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

21:12:55.0829 2080  Tcpip - ok

21:12:55.0876 2080  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

21:12:55.0876 2080  TDPIPE - ok

21:12:55.0907 2080  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

21:12:55.0907 2080  TDTCP - ok

21:12:55.0938 2080  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

21:12:55.0938 2080  TermDD - ok

21:12:55.0969 2080  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll

21:12:55.0985 2080  TermService - ok

21:12:56.0016 2080  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll

21:12:56.0016 2080  Themes - ok

21:12:56.0063 2080  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe

21:12:56.0079 2080  TlntSvr - ok

21:12:56.0126 2080  [ FB5DFD175E3BE936D87CCBA4A2B0EAAD ] tmactmon        C:\WINDOWS\system32\DRIVERS\tmactmon.sys

21:12:56.0126 2080  tmactmon - ok

21:12:56.0157 2080  [ 20AC031A8E2AC58EC9F04BD728071D43 ] tmcomm          C:\WINDOWS\system32\DRIVERS\tmcomm.sys

21:12:56.0157 2080  tmcomm - ok

21:12:56.0173 2080  [ 12755AB9039A91BF170C537D0C16A51B ] tmeext          C:\WINDOWS\system32\DRIVERS\tmeext.sys

21:12:56.0173 2080  tmeext - ok

21:12:56.0204 2080  [ 96132CF615891C05494F5321C8245086 ] tmevtmgr        C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys

21:12:56.0204 2080  tmevtmgr - ok

21:12:56.0219 2080  [ 2E078184034A179C47787F87F238D5BA ] tmnciesc        C:\WINDOWS\system32\DRIVERS\tmnciesc.sys

21:12:56.0235 2080  tmnciesc - ok

21:12:56.0251 2080  [ A6E20B094A8D3E3F46D10BBE7E1EBB82 ] tmtdi           C:\WINDOWS\system32\DRIVERS\tmtdi.sys

21:12:56.0251 2080  tmtdi - ok

21:12:56.0313 2080  [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys

21:12:56.0313 2080  TosIde - ok

21:12:56.0360 2080  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll

21:12:56.0376 2080  TrkWks - ok

21:12:56.0423 2080  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

21:12:56.0423 2080  Udfs - ok

21:12:56.0469 2080  [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys

21:12:56.0469 2080  ultra - ok

21:12:56.0501 2080  [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe

21:12:56.0501 2080  UMWdf - ok

21:12:56.0563 2080  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

21:12:56.0579 2080  Update - ok

21:12:56.0610 2080  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll

21:12:56.0626 2080  upnphost - ok

21:12:56.0641 2080  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe

21:12:56.0657 2080  UPS - ok

21:12:56.0719 2080  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

21:12:56.0719 2080  usbccgp - ok

21:12:56.0735 2080  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

21:12:56.0735 2080  usbehci - ok

21:12:56.0782 2080  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

21:12:56.0782 2080  usbhub - ok

21:12:56.0798 2080  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

21:12:56.0798 2080  USBSTOR - ok

21:12:56.0813 2080  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys

21:12:56.0813 2080  usbuhci - ok

21:12:56.0844 2080  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys

21:12:56.0844 2080  usbvideo - ok

21:12:56.0860 2080  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

21:12:56.0860 2080  VgaSave - ok

21:12:56.0891 2080  [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys

21:12:56.0891 2080  viaagp - ok

21:12:56.0907 2080  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys

21:12:56.0907 2080  ViaIde - ok

21:12:56.0954 2080  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

21:12:56.0954 2080  VolSnap - ok

21:12:57.0001 2080  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe

21:12:57.0001 2080  VSS - ok

21:12:57.0048 2080  [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time         C:\WINDOWS\system32\w32time.dll

21:12:57.0048 2080  w32time - ok

21:12:57.0063 2080  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

21:12:57.0063 2080  Wanarp - ok

21:12:57.0063 2080  WDICA - ok

21:12:57.0094 2080  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

21:12:57.0094 2080  wdmaud - ok

21:12:57.0141 2080  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll

21:12:57.0141 2080  WebClient - ok

21:12:57.0188 2080  [ 96AFF1738271755A39B52EEF7E35F98F ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

21:12:57.0204 2080  winachsf - ok

21:12:57.0329 2080  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

21:12:57.0329 2080  winmgmt - ok

21:12:57.0423 2080  [ 18F347402DA544A780949B8FDF83351B ] WinRM           C:\WINDOWS\system32\WsmSvc.dll

21:12:57.0438 2080  WinRM - ok

21:12:57.0454 2080  wltrysvc - ok

21:12:57.0501 2080  [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll

21:12:57.0516 2080  WmdmPmSN - ok

21:12:57.0579 2080  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll

21:12:57.0594 2080  Wmi - ok

21:12:57.0641 2080  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

21:12:57.0641 2080  WmiAcpi - ok

21:12:57.0673 2080  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

21:12:57.0673 2080  WmiApSrv - ok

21:12:57.0798 2080  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe

21:12:57.0829 2080  WMPNetworkSvc - ok

21:12:57.0938 2080  [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

21:12:57.0954 2080  WPFFontCache_v0400 - ok

21:12:57.0985 2080  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys

21:12:57.0985 2080  WS2IFSL - ok

21:12:58.0048 2080  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

21:12:58.0048 2080  wscsvc - ok

21:12:58.0079 2080  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

21:12:58.0079 2080  WSTCODEC - ok

21:12:58.0126 2080  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

21:12:58.0126 2080  wuauserv - ok

21:12:58.0173 2080  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys

21:12:58.0173 2080  WudfPf - ok

21:12:58.0204 2080  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys

21:12:58.0204 2080  WudfRd - ok

21:12:58.0235 2080  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll

21:12:58.0235 2080  WudfSvc - ok

21:12:58.0329 2080  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

21:12:58.0329 2080  WZCSVC - ok

21:12:58.0360 2080  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

21:12:58.0360 2080  xmlprov - ok

21:12:58.0376 2080  ================ Scan global ===============================

21:12:58.0407 2080  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

21:12:58.0485 2080  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll

21:12:58.0516 2080  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll

21:12:58.0548 2080  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

21:12:58.0548 2080  [Global] - ok

21:12:58.0548 2080  ================ Scan MBR ==================================

21:12:58.0579 2080  [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0

21:12:59.0048 2080  \Device\Harddisk0\DR0 - ok

21:12:59.0048 2080  ================ Scan VBR ==================================

21:12:59.0048 2080  [ 5E31574643736ED60CE134DA427FBA75 ] \Device\Harddisk0\DR0\Partition1

21:12:59.0048 2080  \Device\Harddisk0\DR0\Partition1 - ok

21:12:59.0063 2080  ============================================================

21:12:59.0063 2080  Scan finished

21:12:59.0063 2080  ============================================================

21:12:59.0079 1252  Detected object count: 0

21:12:59.0079 1252  Actual detected object count: 0

 

***************************************************************************************************

 

ESET ONLINE SCANNER LOG

 

C:\Documents and Settings\KHALED\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\stub_data\stubinst_pkg_en-us.cab            Win32/OpenCandy application

 

C:\Documents and Settings\KHALED\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\25\155a3259-4933851f          multiple threats


Edited by kamelia, 04 August 2013 - 05:39 AM.


#5 kamelia

kamelia
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 04 August 2013 - 05:36 AM

This was a duplicate of the previous post. So, I deleted it


Edited by kamelia, 04 August 2013 - 05:37 AM.


#6 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 PM

Posted 04 August 2013 - 07:35 AM

:step1: You'll need to empty the Java cache. ==> http://www.java.com/en/download/help/plugin_cache.xml (at this moment the website is offline/erroring, try it later again)

 

======

 

 

:step1: My advice is to keep your computer up to date with Windows Updates, Java and Adobe Reader and Flash Player.

 

:step2: Use WOT to inspect sites if they are safe or not :http://www.mywot.com/

 

:step3: A good working AntiVirus is also important. I personally advice Avast free or Avira. MSE it's detection is not so great.

 

:step4: Let's check how good your security is:

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#7 kamelia

kamelia
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 04 August 2013 - 06:16 PM

Thank you Godfatherking,

 

1- I emptied the java cache as instructed.

2- I have WOT installed before

3- I made sure I have the latest updates of Java, Adobe Reader, Windowns updates and Flash Player

4- Pleaser find below the log of the scan of the securitycheck program but before that, I would to ask  some questions:

 

-  How do we delete Win32/OpenCandy application because when I run the ESET Online Scanner, I unchecked "Remove found threats" per your instructionsAre we going to re-scan my laptop later to see all is right and that I have no threats?<== Important

 

- I do have trendmicro, If I install Avast free or Avira, do I need to uninstall Trendmicro?

 

- I have an external hard drive that I plugged into my laptop during all these months, What do you suggest me to do to make sure that my external hard drive is clean, i.e. What programs should I run on my external hard drive to keep it safe from any threats?<== Important

 

 

- Once we finish clearing my laptop problem, Do I have to uninstall the programs you mentioned (TDSSKiller,  ESET Online Scanner, Security Check). If so, what program would you suggest to make sure that these programs are uninstalled especially from the registry?

 

Thank you so  much for your help,

===============

Securitycheck LOG

 

 Results of screen317's Security Check version 0.99.71  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Trend Micro Titanium Maximum Security 2012   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 SUPERAntiSpyware     
 Gmer     
 Malwarebytes Anti-Malware version 1.75.0.1300  
 CCleaner     
 Java 7 Update 25  
 Adobe Flash Player     11.8.800.94  
 Adobe Reader XI  
 Mozilla Firefox (22.0)
 Mozilla Thunderbird 12.0. Thunderbird out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Trend Micro AMSP coreServiceShell.exe  
 Trend Micro UniClient UiFrmWrk uiWatchDog.exe
 Trend Micro AMSP coreFrameworkHost.exe  
 Trend Micro UniClient UiFrmWrk uiSeAgnt.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 6%
````````````````````End of Log``````````````````````
 


Edited by kamelia, 04 August 2013 - 07:55 PM.


#8 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 PM

Posted 05 August 2013 - 03:29 AM

== Remove the files ESET has found ==

 

  • Copy all text in the code box (below)...to Notepad.
    @echo off
    del /f /s /q "C:\Documents and Settings\KHALED\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\stub_data\stubinst_pkg_en-us.cab"
    del %0
  • Save the Notepad file on your desktop...as delfile.bat... save type as "All Files"
    It should look like this: batfileicon.gif<--XPvista_bat_icon.png<--vista
  • Double click on delfile.bat to execute it.
    A black CMD window will flash, then disappear...this is normal.
  • The files and folders, if found...will have been deleted and the "delfile.bat" file will also be deleted.

========================

 

Yes, If you install Avast, you'll first need to uninstall Trend Micro. I would just do it to see if the blue screen disappears, because the blue screen referred to the product.

We'll remove the tools we have used. 

========================

 

The security rapport indicates that Thunderbird is out of date. Update it.


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#9 kamelia

kamelia
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 05 August 2013 - 09:37 PM

Hello,

  •  I created and executed the file "delfile.bat" as instructed. I am happy that it took care of Win32/OpenCandy application
  •  I uninstalled Trendmicro and installed AVAST.
  •  I updated Mozilla Thunderbird.

================================

 

1- Shall I scan with ESET one more time to make sure no other threats are found. As you know, ESET was the only program that was able to detect the Win32/OpenCandy application

 

2- I have not removed yet the tools we used until you tell me to do so. By the way, I have SUPERAntiSpyware and Malwarebytes Anti-Malware installed before.

 

3- I am nervous about my external hard drive that it may be infected, is there a special program to scan it with?

 

4- In general, how to protect USB drives when a computer is infected and we do not know it is infected?

 

Thank you again,

 

K


Edited by kamelia, 06 August 2013 - 12:31 AM.


#10 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 PM

Posted 06 August 2013 - 03:11 AM

1. That's not a real threat, it's a low risk, so don't worry about it.

 

2. You may keep MBAM and SuperAntiSpyware. The other can just be deleted.

 

3. Got a AV on your OS is important so the infection can't spread and disable autorun on your computer.

 

4. For USB protection I use,  USB Immunizer ==> http://labs.bitdefender.com/projects/usb-immunizer/overview/

                                       ==> http://labs.bitdefender.com/wp-content/plugins/download-monitor/download.php?id=BDUSBImmunizerLauncher.exe


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#11 kamelia

kamelia
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 06 August 2013 - 04:37 AM

Thank you so much Godfatherking...

 

After I sent my last reply, I did a full scan of the laptop via AVAST.

 

25 files are infected. I do not know how to generate a report but they are all infected by this virus: JS:INCLUDER-OD (TRJ). I was tempted to click repair but thought to let you know first. So all what I did was to move the infected files to chest.

 

I have not plugged my external hard drive since we started this conversation. But the same 25 files in my laptop that are now infected are also saved in my USB drive.


Edited by kamelia, 06 August 2013 - 05:00 AM.


#12 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 PM

Posted 06 August 2013 - 05:00 AM

Can you take a screenshot of it?


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#13 kamelia

kamelia
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 06 August 2013 - 06:31 PM

Here it is:

 

img_3012.jpg

 

img_3014.jpg


Edited by kamelia, 06 August 2013 - 06:39 PM.


#14 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 PM

Posted 07 August 2013 - 02:23 AM

I think those files are located in the TEMP. Let's clean the temp files.

 

Download TFC from the download link above and save the file on your desktop.

 
Note 1: Depending on how much data is currently stored in the Temp folders, this process can take quite a while to remove all of the files, so please be patient.
 
Note 2: This program will not delete your Cookies or Browser History.
  • Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
  • Double-click on the TFC icon.
  • When the program starts, click on the Start button.  TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
  • When done, press OK to reboot your computer and finish the cleanup.

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#15 kamelia

kamelia
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 08 August 2013 - 04:17 AM

Hi,

 

 

I have TFC already installed. So, i just executed it.

 

By the way, the infected files were in the desktop part of a big folder I have there. After I run TFC, I did a Full scan (AVAST), no virues. After that, I went to Virus Chest (in Avast) where the infected files were moved and deleted them all. If I need these files in the future, They are availabe online and I can always retrieve them.

 

I also did a scan with ESET- No threat found!

 

The only tool I deleted is TDSSKiller . I still have the other tools.

 

 

Thank you again!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users