Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to create a restore point.


  • Please log in to reply
40 replies to this topic

#1 FXWG

FXWG

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South byGod Georgia
  • Local time:08:55 PM

Posted 31 August 2013 - 09:21 PM

I am trying to create a restore point in XP media center edition sp3. It keeps saying System restore is unable to create a restore point. Please restart the computer and then run system restore again. Well that does no good either. Anybody got any ideas? My hard drive was just replaced about a week ago and Comcrap claims I have a bot so I want to create a restore point before I start really doing a lot of work on this thing.


Edited by hamluis, 01 September 2013 - 06:19 AM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:55 AM

Posted 01 September 2013 - 08:27 AM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so.
    We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

step1.gif

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
  • Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.

step2.gif

Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

step3.gif

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.

step4.gif

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 FXWG

FXWG
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South byGod Georgia
  • Local time:08:55 PM

Posted 01 September 2013 - 10:08 AM

Hi. Thanks for your help.This is the first time I've done this so if I make a mistake please understand.

I got two TDSS reports. First one:

 

10:22:40.0500 0x1544  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
10:22:41.0812 0x1544  ============================================================
10:22:41.0812 0x1544  Current date / time: 2013/09/01 10:22:41.0812
10:22:41.0812 0x1544  SystemInfo:
10:22:41.0812 0x1544  
10:22:41.0812 0x1544  OS Version: 5.1.2600 ServicePack: 3.0
10:22:41.0812 0x1544  Product type: Workstation
10:22:41.0812 0x1544  ComputerName: OWNER
10:22:41.0812 0x1544  UserName: Rhodes
10:22:41.0812 0x1544  Windows directory: C:\WINDOWS
10:22:41.0812 0x1544  System windows directory: C:\WINDOWS
10:22:41.0812 0x1544  Processor architecture: Intel x86
10:22:41.0812 0x1544  Number of processors: 2
10:22:41.0812 0x1544  Page size: 0x1000
10:22:41.0812 0x1544  Boot type: Normal boot
10:22:41.0812 0x1544  ============================================================
10:22:43.0546 0x1544  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:22:43.0578 0x1544  Drive \Device\Harddisk1\DR2 - Size: 0x774488000 (29.82 Gb), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:22:43.0578 0x1544  ============================================================
10:22:43.0578 0x1544  \Device\Harddisk0\DR0:
10:22:43.0578 0x1544  MBR partitions:
10:22:43.0578 0x1544  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
10:22:43.0578 0x1544  \Device\Harddisk1\DR2:
10:22:43.0578 0x1544  MBR partitions:
10:22:43.0578 0x1544  \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x3BA2420
10:22:43.0578 0x1544  ============================================================
10:22:43.0625 0x1544  C: <-> \Device\Harddisk0\DR0\Partition1
10:22:43.0625 0x1544  F: <-> \Device\Harddisk1\DR2\Partition1
10:22:43.0625 0x1544  ============================================================
10:22:43.0625 0x1544  Initialize success
10:22:43.0625 0x1544  ============================================================
10:22:51.0718 0x07c4  ============================================================
10:22:51.0718 0x07c4  Scan started
10:22:51.0718 0x07c4  Mode: Manual;
10:22:51.0718 0x07c4  ============================================================
10:22:51.0984 0x07c4  ================ Scan system memory ========================
10:22:51.0984 0x07c4  System memory - ok
10:22:51.0984 0x07c4  ================ Scan services =============================
10:22:52.0140 0x07c4  Abiosdsk - ok
10:22:52.0156 0x07c4  abp480n5 - ok
10:22:52.0187 0x07c4  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:22:52.0203 0x07c4  ACPI - ok
10:22:52.0234 0x07c4  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
10:22:52.0234 0x07c4  ACPIEC - ok
10:22:52.0265 0x07c4  [ B05F2367F62552A2DE7E3C352B7B9885 ] ADM8511         C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
10:22:52.0265 0x07c4  ADM8511 - ok
10:22:52.0343 0x07c4  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:22:52.0343 0x07c4  AdobeFlashPlayerUpdateSvc - ok
10:22:52.0343 0x07c4  adpu160m - ok
10:22:52.0375 0x07c4  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
10:22:52.0375 0x07c4  aec - ok
10:22:52.0406 0x07c4  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
10:22:52.0406 0x07c4  AFD - ok
10:22:52.0406 0x07c4  Aha154x - ok
10:22:52.0421 0x07c4  aic78u2 - ok
10:22:52.0421 0x07c4  aic78xx - ok
10:22:52.0453 0x07c4  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
10:22:52.0453 0x07c4  Alerter - ok
10:22:52.0484 0x07c4  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
10:22:52.0484 0x07c4  ALG - ok
10:22:52.0500 0x07c4  AliIde - ok
10:22:52.0500 0x07c4  amsint - ok
10:22:52.0546 0x07c4  [ 2BFB30F04A8407B70AF6DF44767F27F7 ] AntiLog32       C:\WINDOWS\system32\drivers\AntiLog32.sys
10:22:52.0546 0x07c4  AntiLog32 - ok
10:22:52.0578 0x07c4  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
10:22:52.0578 0x07c4  AppMgmt - ok
10:22:52.0578 0x07c4  asc - ok
10:22:52.0593 0x07c4  asc3350p - ok
10:22:52.0593 0x07c4  asc3550 - ok
10:22:52.0734 0x07c4  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:22:52.0765 0x07c4  aspnet_state - ok
10:22:52.0781 0x07c4  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:22:52.0796 0x07c4  AsyncMac - ok
10:22:52.0828 0x07c4  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
10:22:52.0828 0x07c4  atapi - ok
10:22:52.0843 0x07c4  Atdisk - ok
10:22:52.0890 0x07c4  [ 40F02B8460AC817EA0CEA2E0CAB4C2ED ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
10:22:52.0906 0x07c4  Ati HotKey Poller - ok
10:22:52.0953 0x07c4  [ D41EB535E2B2D8872463E5F59F215D4E ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe
10:22:52.0953 0x07c4  ATI Smart - ok
10:22:53.0015 0x07c4  [ A7DD7088E2C987DBCB3F4D6D56F723BD ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
10:22:53.0031 0x07c4  ati2mtag - ok
10:22:53.0062 0x07c4  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:22:53.0062 0x07c4  Atmarpc - ok
10:22:53.0109 0x07c4  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
10:22:53.0109 0x07c4  AudioSrv - ok
10:22:53.0156 0x07c4  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
10:22:53.0156 0x07c4  audstub - ok
10:22:53.0171 0x07c4  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:22:53.0171 0x07c4  Beep - ok
10:22:53.0296 0x07c4  [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx86.sys
10:22:53.0312 0x07c4  BHDrvx86 - ok
10:22:53.0375 0x07c4  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
10:22:53.0390 0x07c4  BITS - ok
10:22:53.0437 0x07c4  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
10:22:53.0437 0x07c4  Browser - ok
10:22:53.0484 0x07c4  [ 68C82CA7237FED2EEAB0AF1D38BD74FD ] C771BUS         C:\WINDOWS\system32\DRIVERS\C771BUS.sys
10:22:53.0484 0x07c4  C771BUS - ok
10:22:53.0500 0x07c4  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
10:22:53.0500 0x07c4  cbidf2k - ok
10:22:53.0593 0x07c4  [ 3BEE52611F22C9C0023A98A4425E084F ] ccSet_N360      C:\WINDOWS\system32\drivers\N360\1404000.028\ccSetx86.sys
10:22:53.0593 0x07c4  ccSet_N360 - ok
10:22:53.0609 0x07c4  cd20xrnt - ok
10:22:53.0625 0x07c4  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
10:22:53.0625 0x07c4  Cdaudio - ok
10:22:53.0671 0x07c4  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
10:22:53.0671 0x07c4  Cdfs - ok
10:22:53.0703 0x07c4  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:22:53.0703 0x07c4  Cdrom - ok
10:22:53.0703 0x07c4  Changer - ok
10:22:53.0734 0x07c4  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
10:22:53.0734 0x07c4  CiSvc - ok
10:22:53.0750 0x07c4  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
10:22:53.0750 0x07c4  ClipSrv - ok
10:22:53.0796 0x07c4  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:22:53.0890 0x07c4  clr_optimization_v2.0.50727_32 - ok
10:22:53.0937 0x07c4  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:22:53.0968 0x07c4  clr_optimization_v4.0.30319_32 - ok
10:22:53.0968 0x07c4  CmdIde - ok
10:22:53.0984 0x07c4  Cpqarray - ok
10:22:54.0000 0x07c4  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
10:22:54.0015 0x07c4  CryptSvc - ok
10:22:54.0015 0x07c4  dac2w2k - ok
10:22:54.0015 0x07c4  dac960nt - ok
10:22:54.0078 0x07c4  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:22:54.0078 0x07c4  DcomLaunch - ok
10:22:54.0125 0x07c4  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
10:22:54.0140 0x07c4  Dhcp - ok
10:22:54.0187 0x07c4  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
10:22:54.0187 0x07c4  Disk - ok
10:22:54.0187 0x07c4  dmadmin - ok
10:22:54.0234 0x07c4  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
10:22:54.0250 0x07c4  dmboot - ok
10:22:54.0296 0x07c4  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
10:22:54.0296 0x07c4  dmio - ok
10:22:54.0296 0x07c4  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
10:22:54.0296 0x07c4  dmload - ok
10:22:54.0312 0x07c4  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
10:22:54.0312 0x07c4  dmserver - ok
10:22:54.0343 0x07c4  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
10:22:54.0343 0x07c4  DMusic - ok
10:22:54.0375 0x07c4  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:22:54.0375 0x07c4  Dnscache - ok
10:22:54.0437 0x07c4  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:22:54.0437 0x07c4  Dot3svc - ok
10:22:54.0453 0x07c4  dpti2o - ok
10:22:54.0468 0x07c4  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
10:22:54.0468 0x07c4  drmkaud - ok
10:22:54.0484 0x07c4  [ 0849EACDC01487573ADD86F5E470806C ] e1express       C:\WINDOWS\system32\DRIVERS\e1e5132.sys
10:22:54.0500 0x07c4  e1express - ok
10:22:54.0546 0x07c4  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
10:22:54.0546 0x07c4  EapHost - ok
10:22:54.0671 0x07c4  [ E1E3804F7C59EA3E14637C2A763F65E2 ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
10:22:54.0671 0x07c4  eeCtrl - ok
10:22:54.0796 0x07c4  [ 1BF9D6476061B31CD7FC2BF848529A56 ] EraserSvc11220  C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
10:22:54.0796 0x07c4  EraserSvc11220 - ok
10:22:54.0812 0x07c4  [ 6D84DFC3B5C5052881BF50470D0C03D1 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:22:54.0812 0x07c4  EraserUtilRebootDrv - ok
10:22:54.0843 0x07c4  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
10:22:54.0843 0x07c4  ERSvc - ok
10:22:54.0875 0x07c4  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
10:22:54.0875 0x07c4  Eventlog - ok
10:22:54.0906 0x07c4  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
10:22:54.0906 0x07c4  Fastfat - ok
10:22:54.0937 0x07c4  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:22:54.0937 0x07c4  FastUserSwitchingCompatibility - ok
10:22:54.0953 0x07c4  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
10:22:54.0953 0x07c4  Fdc - ok
10:22:54.0984 0x07c4  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
10:22:54.0984 0x07c4  Fips - ok
10:22:54.0984 0x07c4  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
10:22:54.0984 0x07c4  Flpydisk - ok
10:22:55.0000 0x07c4  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:22:55.0015 0x07c4  FltMgr - ok
10:22:55.0078 0x07c4  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:22:55.0078 0x07c4  FontCache3.0.0.0 - ok
10:22:55.0093 0x07c4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:22:55.0093 0x07c4  Fs_Rec - ok
10:22:55.0109 0x07c4  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:22:55.0109 0x07c4  Ftdisk - ok
10:22:55.0140 0x07c4  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:22:55.0140 0x07c4  Gpc - ok
10:22:55.0171 0x07c4  [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:22:55.0171 0x07c4  HDAudBus - ok
10:22:55.0265 0x07c4  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:22:55.0265 0x07c4  helpsvc - ok
10:22:55.0296 0x07c4  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
10:22:55.0296 0x07c4  HidServ - ok
10:22:55.0312 0x07c4  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:22:55.0312 0x07c4  hidusb - ok
10:22:55.0343 0x07c4  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
10:22:55.0343 0x07c4  hkmsvc - ok
10:22:55.0343 0x07c4  hpn - ok
10:22:55.0375 0x07c4  [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:22:55.0375 0x07c4  HPZid412 - ok
10:22:55.0390 0x07c4  [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:22:55.0390 0x07c4  HPZipr12 - ok
10:22:55.0406 0x07c4  [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:22:55.0406 0x07c4  HPZius12 - ok
10:22:55.0421 0x07c4  [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
10:22:55.0437 0x07c4  HSFHWBS2 - ok
10:22:55.0453 0x07c4  [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
10:22:55.0468 0x07c4  HSF_DP - ok
10:22:55.0515 0x07c4  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
10:22:55.0515 0x07c4  HTTP - ok
10:22:55.0562 0x07c4  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
10:22:55.0578 0x07c4  HTTPFilter - ok
10:22:55.0578 0x07c4  i2omgmt - ok
10:22:55.0578 0x07c4  i2omp - ok
10:22:55.0609 0x07c4  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
10:22:55.0609 0x07c4  i8042prt - ok
10:22:55.0656 0x07c4  [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor          C:\WINDOWS\system32\DRIVERS\iaStor.sys
10:22:55.0656 0x07c4  iaStor - ok
10:22:55.0734 0x07c4  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:22:55.0734 0x07c4  idsvc - ok
10:22:55.0812 0x07c4  [ E66112BA8090C121681A0D6A067ED73D ] IDSxpx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130830.001\IDSxpx86.sys
10:22:55.0828 0x07c4  IDSxpx86 - ok
10:22:55.0875 0x07c4  [ 243E03FFC1F54352C14289B03CB5578D ] IDVaultSvc      C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
10:22:55.0875 0x07c4  IDVaultSvc - ok
10:22:55.0906 0x07c4  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
10:22:55.0906 0x07c4  Imapi - ok
10:22:55.0953 0x07c4  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
10:22:55.0953 0x07c4  ImapiService - ok
10:22:55.0953 0x07c4  ini910u - ok
10:22:55.0968 0x07c4  IntelIde - ok
10:22:56.0015 0x07c4  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:22:56.0015 0x07c4  intelppm - ok
10:22:56.0046 0x07c4  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
10:22:56.0046 0x07c4  Ip6Fw - ok
10:22:56.0062 0x07c4  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:22:56.0078 0x07c4  IpFilterDriver - ok
10:22:56.0078 0x07c4  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:22:56.0093 0x07c4  IpInIp - ok
10:22:56.0109 0x07c4  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:22:56.0125 0x07c4  IpNat - ok
10:22:56.0140 0x07c4  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:22:56.0140 0x07c4  IPSec - ok
10:22:56.0140 0x07c4  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
10:22:56.0156 0x07c4  IRENUM - ok
10:22:56.0187 0x07c4  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:22:56.0187 0x07c4  isapnp - ok
10:22:56.0281 0x07c4  [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
10:22:56.0281 0x07c4  JavaQuickStarterService - ok
10:22:56.0312 0x07c4  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:22:56.0312 0x07c4  Kbdclass - ok
10:22:56.0312 0x07c4  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:22:56.0312 0x07c4  kbdhid - ok
10:22:56.0343 0x07c4  [ 548221EAB713064F5AB5F00B293141FA ] keycrypt        C:\WINDOWS\system32\DRIVERS\KeyCrypt32.sys
10:22:56.0359 0x07c4  keycrypt - ok
10:22:56.0359 0x07c4  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
10:22:56.0375 0x07c4  kmixer - ok
10:22:56.0390 0x07c4  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
10:22:56.0390 0x07c4  KSecDD - ok
10:22:56.0406 0x07c4  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
10:22:56.0421 0x07c4  lanmanserver - ok
10:22:56.0437 0x07c4  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:22:56.0437 0x07c4  lanmanworkstation - ok
10:22:56.0453 0x07c4  lbrtfdc - ok
10:22:56.0468 0x07c4  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
10:22:56.0484 0x07c4  LmHosts - ok
10:22:56.0500 0x07c4  [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
10:22:56.0500 0x07c4  mdmxsdk - ok
10:22:56.0515 0x07c4  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
10:22:56.0515 0x07c4  Messenger - ok
10:22:56.0578 0x07c4  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:22:56.0578 0x07c4  Microsoft Office Groove Audit Service - ok
10:22:56.0609 0x07c4  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
10:22:56.0609 0x07c4  mnmdd - ok
10:22:56.0640 0x07c4  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
10:22:56.0640 0x07c4  mnmsrvc - ok
10:22:56.0656 0x07c4  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
10:22:56.0656 0x07c4  Modem - ok
10:22:56.0671 0x07c4  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
10:22:56.0671 0x07c4  MODEMCSA - ok
10:22:56.0687 0x07c4  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:22:56.0687 0x07c4  Mouclass - ok
10:22:56.0703 0x07c4  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:22:56.0703 0x07c4  mouhid - ok
10:22:56.0734 0x07c4  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
10:22:56.0734 0x07c4  MountMgr - ok
10:22:56.0781 0x07c4  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:22:56.0796 0x07c4  MozillaMaintenance - ok
10:22:56.0796 0x07c4  mraid35x - ok
10:22:56.0796 0x07c4  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:22:56.0812 0x07c4  MRxDAV - ok
10:22:56.0875 0x07c4  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:22:56.0890 0x07c4  MRxSmb - ok
10:22:56.0890 0x07c4  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:22:56.0890 0x07c4  Msfs - ok
10:22:56.0906 0x07c4  MSIServer - ok
10:22:56.0953 0x07c4  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:22:56.0953 0x07c4  MSKSSRV - ok
10:22:56.0968 0x07c4  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:22:56.0968 0x07c4  MSPCLOCK - ok
10:22:56.0984 0x07c4  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
10:22:56.0984 0x07c4  MSPQM - ok
10:22:57.0000 0x07c4  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:22:57.0000 0x07c4  mssmbios - ok
10:22:57.0046 0x07c4  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
10:22:57.0046 0x07c4  Mup - ok
10:22:57.0062 0x07c4  [ 1BF9D6476061B31CD7FC2BF848529A56 ] N360            C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
10:22:57.0062 0x07c4  N360 - ok
10:22:57.0093 0x07c4  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
10:22:57.0109 0x07c4  napagent - ok
10:22:57.0187 0x07c4  [ 81E928EE3751FAF725C87CC17726C05D ] NAVENG          C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130831.007\NAVENG.SYS
10:22:57.0187 0x07c4  NAVENG - ok
10:22:57.0250 0x07c4  [ E0C39FA6C76AE8ED53ABF043F35ECDFF ] NAVEX15         C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130831.007\NAVEX15.SYS
10:22:57.0281 0x07c4  NAVEX15 - ok
10:22:57.0328 0x07c4  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
10:22:57.0328 0x07c4  NDIS - ok
10:22:57.0359 0x07c4  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:22:57.0359 0x07c4  NdisTapi - ok
10:22:57.0375 0x07c4  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:22:57.0375 0x07c4  Ndisuio - ok
10:22:57.0375 0x07c4  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:22:57.0375 0x07c4  NdisWan - ok
10:22:57.0390 0x07c4  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:22:57.0390 0x07c4  NDProxy - ok
10:22:57.0421 0x07c4  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:22:57.0421 0x07c4  NetBIOS - ok
10:22:57.0437 0x07c4  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:22:57.0453 0x07c4  NetBT - ok
10:22:57.0468 0x07c4  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
10:22:57.0468 0x07c4  NetDDE - ok
10:22:57.0468 0x07c4  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
10:22:57.0468 0x07c4  NetDDEdsdm - ok
10:22:57.0500 0x07c4  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:22:57.0500 0x07c4  Netlogon - ok
10:22:57.0531 0x07c4  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
10:22:57.0531 0x07c4  Netman - ok
10:22:57.0578 0x07c4  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:22:57.0593 0x07c4  NetTcpPortSharing - ok
10:22:57.0609 0x07c4  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
10:22:57.0609 0x07c4  Nla - ok
10:22:57.0656 0x07c4  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:22:57.0656 0x07c4  Npfs - ok
10:22:57.0671 0x07c4  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:22:57.0671 0x07c4  Ntfs - ok
10:22:57.0687 0x07c4  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
10:22:57.0687 0x07c4  NtLmSsp - ok
10:22:57.0734 0x07c4  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
10:22:57.0734 0x07c4  NtmsSvc - ok
10:22:57.0781 0x07c4  [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr        C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
10:22:57.0781 0x07c4  NuidFltr - ok
10:22:57.0796 0x07c4  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:22:57.0796 0x07c4  Null - ok
10:22:57.0812 0x07c4  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:22:57.0812 0x07c4  NwlnkFlt - ok
10:22:57.0828 0x07c4  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:22:57.0828 0x07c4  NwlnkFwd - ok
10:22:57.0890 0x07c4  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:22:57.0906 0x07c4  odserv - ok
10:22:57.0921 0x07c4  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:22:57.0921 0x07c4  ose - ok
10:22:57.0968 0x07c4  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
10:22:57.0968 0x07c4  Parport - ok
10:22:57.0984 0x07c4  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
10:22:57.0984 0x07c4  PartMgr - ok
10:22:58.0031 0x07c4  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
10:22:58.0031 0x07c4  ParVdm - ok
10:22:58.0046 0x07c4  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
10:22:58.0046 0x07c4  PCI - ok
10:22:58.0062 0x07c4  PCIDump - ok
10:22:58.0062 0x07c4  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
10:22:58.0062 0x07c4  PCIIde - ok
10:22:58.0109 0x07c4  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
10:22:58.0109 0x07c4  Pcmcia - ok
10:22:58.0109 0x07c4  perc2 - ok
10:22:58.0109 0x07c4  perc2hib - ok
10:22:58.0140 0x07c4  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
10:22:58.0156 0x07c4  PlugPlay - ok
10:22:58.0171 0x07c4  [ 2D091A99624FB9E7EEF0A86D872EC0C3 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
10:22:58.0171 0x07c4  Pml Driver HPZ12 - ok
10:22:58.0187 0x07c4  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
10:22:58.0187 0x07c4  PolicyAgent - ok
10:22:58.0187 0x07c4  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:22:58.0203 0x07c4  PptpMiniport - ok
10:22:58.0203 0x07c4  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:22:58.0203 0x07c4  ProtectedStorage - ok
10:22:58.0203 0x07c4  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
10:22:58.0218 0x07c4  PSched - ok
10:22:58.0234 0x07c4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:22:58.0234 0x07c4  Ptilink - ok
10:22:58.0234 0x07c4  ql1080 - ok
10:22:58.0250 0x07c4  Ql10wnt - ok
10:22:58.0250 0x07c4  ql12160 - ok
10:22:58.0265 0x07c4  ql1240 - ok
10:22:58.0265 0x07c4  ql1280 - ok
10:22:58.0296 0x07c4  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:22:58.0296 0x07c4  RasAcd - ok
10:22:58.0328 0x07c4  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:22:58.0328 0x07c4  RasAuto - ok
10:22:58.0343 0x07c4  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:22:58.0343 0x07c4  Rasl2tp - ok
10:22:58.0390 0x07c4  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:22:58.0390 0x07c4  RasMan - ok
10:22:58.0390 0x07c4  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:22:58.0390 0x07c4  RasPppoe - ok
10:22:58.0406 0x07c4  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
10:22:58.0406 0x07c4  Raspti - ok
10:22:58.0453 0x07c4  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:22:58.0453 0x07c4  Rdbss - ok
10:22:58.0484 0x07c4  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
10:22:58.0484 0x07c4  redbook - ok
10:22:58.0531 0x07c4  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:22:58.0531 0x07c4  RemoteAccess - ok
10:22:58.0546 0x07c4  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
10:22:58.0562 0x07c4  RemoteRegistry - ok
10:22:58.0578 0x07c4  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:22:58.0578 0x07c4  RpcLocator - ok
10:22:58.0609 0x07c4  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:22:58.0625 0x07c4  RpcSs - ok
10:22:58.0640 0x07c4  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
10:22:58.0640 0x07c4  RSVP - ok
10:22:58.0656 0x07c4  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:22:58.0671 0x07c4  SamSs - ok
10:22:58.0687 0x07c4  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
10:22:58.0687 0x07c4  SCardSvr - ok
10:22:58.0734 0x07c4  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:22:58.0734 0x07c4  Schedule - ok
10:22:58.0765 0x07c4  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:22:58.0765 0x07c4  Secdrv - ok
10:22:58.0765 0x07c4  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
10:22:58.0765 0x07c4  seclogon - ok
10:22:58.0781 0x07c4  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
10:22:58.0781 0x07c4  SENS - ok
10:22:58.0812 0x07c4  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
10:22:58.0828 0x07c4  Serial - ok
10:22:58.0890 0x07c4  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
10:22:58.0890 0x07c4  Sfloppy - ok
10:22:58.0921 0x07c4  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:22:58.0921 0x07c4  SharedAccess - ok
10:22:58.0937 0x07c4  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:22:58.0937 0x07c4  ShellHWDetection - ok
10:22:58.0937 0x07c4  Simbad - ok
10:22:58.0953 0x07c4  Sparrow - ok
10:22:58.0984 0x07c4  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
10:22:58.0984 0x07c4  splitter - ok
10:22:59.0000 0x07c4  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
10:22:59.0015 0x07c4  Spooler - ok
10:22:59.0046 0x07c4  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
10:22:59.0046 0x07c4  sr - ok
10:22:59.0078 0x07c4  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
10:22:59.0093 0x07c4  srservice - ok
10:22:59.0125 0x07c4  [ C743E384E9EFCA10B41C60D406DE39C0 ] SRTSP           C:\WINDOWS\System32\Drivers\N360\1404000.028\SRTSP.SYS
10:22:59.0140 0x07c4  SRTSP - ok
10:22:59.0140 0x07c4  [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX          C:\WINDOWS\system32\drivers\N360\1404000.028\SRTSPX.SYS
10:22:59.0140 0x07c4  SRTSPX - ok
10:22:59.0187 0x07c4  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:22:59.0187 0x07c4  Srv - ok
10:22:59.0234 0x07c4  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:22:59.0234 0x07c4  SSDPSRV - ok
10:22:59.0296 0x07c4  [ 2A2DC39623ADEF8AB3703AB9FAC4B440 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
10:22:59.0328 0x07c4  STHDA - ok
10:22:59.0390 0x07c4  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
10:22:59.0390 0x07c4  stisvc - ok
10:22:59.0421 0x07c4  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
10:22:59.0421 0x07c4  swenum - ok
10:22:59.0500 0x07c4  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
10:22:59.0515 0x07c4  SwitchBoard - ok
10:22:59.0531 0x07c4  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
10:22:59.0531 0x07c4  swmidi - ok
10:22:59.0546 0x07c4  symc810 - ok
10:22:59.0546 0x07c4  symc8xx - ok
10:22:59.0625 0x07c4  [ 5A193E5E0F0A776430E5D62A051C1E16 ] SymDS           C:\WINDOWS\system32\drivers\N360\1404000.028\SYMDS.SYS
10:22:59.0625 0x07c4  SymDS - ok
10:22:59.0656 0x07c4  [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA          C:\WINDOWS\system32\drivers\N360\1404000.028\SYMEFA.SYS
10:22:59.0671 0x07c4  SymEFA - ok
10:22:59.0718 0x07c4  [ F50D81D3E0C7A353F205562B89CD06D6 ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
10:22:59.0718 0x07c4  SymEvent - ok
10:22:59.0750 0x07c4  [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON         C:\WINDOWS\system32\drivers\N360\1404000.028\Ironx86.SYS
10:22:59.0750 0x07c4  SymIRON - ok
10:22:59.0796 0x07c4  [ E9C316262C48BF299E02FC8B1CE2B925 ] SYMTDI          C:\WINDOWS\System32\Drivers\N360\1404000.028\SYMTDI.SYS
10:22:59.0796 0x07c4  SYMTDI - ok
10:22:59.0812 0x07c4  sym_hi - ok
10:22:59.0812 0x07c4  sym_u3 - ok
10:22:59.0843 0x07c4  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
10:22:59.0859 0x07c4  sysaudio - ok
10:22:59.0890 0x07c4  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
10:22:59.0890 0x07c4  SysmonLog - ok
10:22:59.0937 0x07c4  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:22:59.0937 0x07c4  TapiSrv - ok
10:22:59.0968 0x07c4  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:22:59.0968 0x07c4  Tcpip - ok
10:23:00.0031 0x07c4  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
10:23:00.0031 0x07c4  TermService - ok
10:23:00.0062 0x07c4  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
10:23:00.0078 0x07c4  Themes - ok
10:23:00.0078 0x07c4  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
10:23:00.0093 0x07c4  TlntSvr - ok
10:23:00.0093 0x07c4  TosIde - ok
10:23:00.0125 0x07c4  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
10:23:00.0125 0x07c4  TrkWks - ok
10:23:00.0156 0x07c4  [ 81532F3628F8ACC80FD1264095960C3A ] TrueSight       C:\WINDOWS\system32\TrueSight.sys
10:23:00.0156 0x07c4  TrueSight - ok
10:23:00.0203 0x07c4  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
10:23:00.0203 0x07c4  Udfs - ok
10:23:00.0203 0x07c4  ultra - ok
10:23:00.0234 0x07c4  [ 1977313E362C8732C1AF4D1BCB9C06B7 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
10:23:00.0234 0x07c4  UMWdf - ok
10:23:00.0250 0x07c4  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
10:23:00.0265 0x07c4  Update - ok
10:23:00.0281 0x07c4  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:23:00.0281 0x07c4  upnphost - ok
10:23:00.0296 0x07c4  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
10:23:00.0296 0x07c4  UPS - ok
10:23:00.0328 0x07c4  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:23:00.0328 0x07c4  usbccgp - ok
10:23:00.0359 0x07c4  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:23:00.0359 0x07c4  usbehci - ok
10:23:00.0375 0x07c4  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:23:00.0375 0x07c4  usbhub - ok
10:23:00.0406 0x07c4  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:23:00.0406 0x07c4  usbprint - ok
10:23:00.0421 0x07c4  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:23:00.0421 0x07c4  usbscan - ok
10:23:00.0453 0x07c4  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:23:00.0453 0x07c4  USBSTOR - ok
10:23:00.0468 0x07c4  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:23:00.0468 0x07c4  usbuhci - ok
10:23:00.0484 0x07c4  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
10:23:00.0484 0x07c4  VgaSave - ok
10:23:00.0500 0x07c4  ViaIde - ok
10:23:00.0515 0x07c4  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
10:23:00.0515 0x07c4  VolSnap - ok
10:23:00.0578 0x07c4  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
10:23:00.0578 0x07c4  VSS - ok
10:23:00.0609 0x07c4  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
10:23:00.0609 0x07c4  W32Time - ok
10:23:00.0625 0x07c4  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:23:00.0625 0x07c4  Wanarp - ok
10:23:00.0656 0x07c4  [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
10:23:00.0671 0x07c4  Wdf01000 - ok
10:23:00.0687 0x07c4  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
10:23:00.0687 0x07c4  wdmaud - ok
10:23:00.0718 0x07c4  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:23:00.0734 0x07c4  WebClient - ok
10:23:00.0781 0x07c4  [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
10:23:00.0781 0x07c4  winachsf - ok
10:23:00.0875 0x07c4  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:23:00.0875 0x07c4  winmgmt - ok
10:23:00.0890 0x07c4  [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
10:23:00.0890 0x07c4  WinUSB - ok
10:23:00.0921 0x07c4  [ 6EAA72FD9EF993EC1FA9A06DE65105DA ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
10:23:00.0921 0x07c4  WmdmPmSN - ok
10:23:00.0968 0x07c4  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
10:23:00.0968 0x07c4  Wmi - ok
10:23:01.0015 0x07c4  [ D87EA9F191DF6731818FFD93659BADF4 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys
10:23:01.0015 0x07c4  WpdUsb - ok
10:23:01.0109 0x07c4  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:23:01.0109 0x07c4  WPFFontCache_v0400 - ok
10:23:01.0156 0x07c4  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
10:23:01.0156 0x07c4  wscsvc - ok
10:23:01.0187 0x07c4  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
10:23:01.0187 0x07c4  wuauserv - ok
10:23:01.0218 0x07c4  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
10:23:01.0234 0x07c4  WZCSVC - ok
10:23:01.0250 0x07c4  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
10:23:01.0265 0x07c4  xmlprov - ok
10:23:01.0265 0x07c4  ================ Scan global ===============================
10:23:01.0296 0x07c4  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
10:23:01.0343 0x07c4  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
10:23:01.0359 0x07c4  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
10:23:01.0375 0x07c4  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
10:23:01.0375 0x07c4  [Global] - ok
10:23:01.0375 0x07c4  ================ Scan MBR ==================================
10:23:01.0390 0x07c4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
10:23:01.0593 0x07c4  \Device\Harddisk0\DR0 - ok
10:23:01.0609 0x07c4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR2
10:23:01.0609 0x07c4  \Device\Harddisk1\DR2 - ok
10:23:01.0609 0x07c4  ================ Scan VBR ==================================
10:23:01.0609 0x07c4  [ 6E522C97DA272CBFA2243E19E1BF5690 ] \Device\Harddisk0\DR0\Partition1
10:23:01.0625 0x07c4  \Device\Harddisk0\DR0\Partition1 - ok
10:23:01.0625 0x07c4  [ BF217A473789618F0DE5A5C6EF405708 ] \Device\Harddisk1\DR2\Partition1
10:23:01.0625 0x07c4  \Device\Harddisk1\DR2\Partition1 - ok
10:23:01.0625 0x07c4  ============================================================
10:23:01.0625 0x07c4  Scan finished
10:23:01.0625 0x07c4  ============================================================
10:23:01.0640 0x1360  Detected object count: 0
10:23:01.0640 0x1360  Actual detected object count: 0
10:23:05.0921 0x1750  ============================================================
10:23:05.0921 0x1750  Scan started
10:23:05.0921 0x1750  Mode: Manual;
10:23:05.0921 0x1750  ============================================================
10:23:06.0015 0x1750  ================ Scan system memory ========================
10:23:06.0015 0x1750  System memory - ok
10:23:06.0015 0x1750  ================ Scan services =============================
10:23:06.0187 0x1750  Abiosdsk - ok
10:23:06.0187 0x1750  abp480n5 - ok
10:23:06.0234 0x1750  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:23:06.0234 0x1750  ACPI - ok
10:23:06.0265 0x1750  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
10:23:06.0265 0x1750  ACPIEC - ok
10:23:06.0296 0x1750  [ B05F2367F62552A2DE7E3C352B7B9885 ] ADM8511         C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
10:23:06.0296 0x1750  ADM8511 - ok
10:23:06.0359 0x1750  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:23:06.0359 0x1750  AdobeFlashPlayerUpdateSvc - ok
10:23:06.0375 0x1750  adpu160m - ok
10:23:06.0406 0x1750  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
10:23:06.0406 0x1750  aec - ok
10:23:06.0421 0x1750  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
10:23:06.0421 0x1750  AFD - ok
10:23:06.0437 0x1750  Aha154x - ok
10:23:06.0437 0x1750  aic78u2 - ok
10:23:06.0453 0x1750  aic78xx - ok
10:23:06.0484 0x1750  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
10:23:06.0484 0x1750  Alerter - ok
10:23:06.0515 0x1750  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
10:23:06.0515 0x1750  ALG - ok
10:23:06.0515 0x1750  AliIde - ok
10:23:06.0515 0x1750  amsint - ok
10:23:06.0562 0x1750  [ 2BFB30F04A8407B70AF6DF44767F27F7 ] AntiLog32       C:\WINDOWS\system32\drivers\AntiLog32.sys
10:23:06.0562 0x1750  AntiLog32 - ok
10:23:06.0578 0x1750  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
10:23:06.0578 0x1750  AppMgmt - ok
10:23:06.0593 0x1750  asc - ok
10:23:06.0593 0x1750  asc3350p - ok
10:23:06.0593 0x1750  asc3550 - ok
10:23:06.0750 0x1750  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:23:06.0750 0x1750  aspnet_state - ok
10:23:06.0781 0x1750  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:23:06.0781 0x1750  AsyncMac - ok
10:23:06.0812 0x1750  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
10:23:06.0828 0x1750  atapi - ok
10:23:06.0828 0x1750  Atdisk - ok
10:23:06.0890 0x1750  [ 40F02B8460AC817EA0CEA2E0CAB4C2ED ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
10:23:06.0890 0x1750  Ati HotKey Poller - ok
10:23:06.0937 0x1750  [ D41EB535E2B2D8872463E5F59F215D4E ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe
10:23:06.0953 0x1750  ATI Smart - ok
10:23:07.0000 0x1750  [ A7DD7088E2C987DBCB3F4D6D56F723BD ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
10:23:07.0015 0x1750  ati2mtag - ok
10:23:07.0046 0x1750  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:23:07.0046 0x1750  Atmarpc - ok
10:23:07.0078 0x1750  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
10:23:07.0078 0x1750  AudioSrv - ok
10:23:07.0125 0x1750  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
10:23:07.0125 0x1750  audstub - ok
10:23:07.0140 0x1750  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:23:07.0140 0x1750  Beep - ok
10:23:07.0343 0x1750  [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx86.sys
10:23:07.0343 0x1750  BHDrvx86 - ok
10:23:07.0406 0x1750  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
10:23:07.0406 0x1750  BITS - ok
10:23:07.0453 0x1750  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
10:23:07.0453 0x1750  Browser - ok
10:23:07.0500 0x1750  [ 68C82CA7237FED2EEAB0AF1D38BD74FD ] C771BUS         C:\WINDOWS\system32\DRIVERS\C771BUS.sys
10:23:07.0500 0x1750  C771BUS - ok
10:23:07.0515 0x1750  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
10:23:07.0515 0x1750  cbidf2k - ok
10:23:07.0578 0x1750  [ 3BEE52611F22C9C0023A98A4425E084F ] ccSet_N360      C:\WINDOWS\system32\drivers\N360\1404000.028\ccSetx86.sys
10:23:07.0578 0x1750  ccSet_N360 - ok
10:23:07.0578 0x1750  cd20xrnt - ok
10:23:07.0609 0x1750  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
10:23:07.0609 0x1750  Cdaudio - ok
10:23:07.0640 0x1750  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
10:23:07.0640 0x1750  Cdfs - ok
10:23:07.0671 0x1750  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:23:07.0671 0x1750  Cdrom - ok
10:23:07.0687 0x1750  Changer - ok
10:23:07.0703 0x1750  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
10:23:07.0703 0x1750  CiSvc - ok
10:23:07.0718 0x1750  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
10:23:07.0718 0x1750  ClipSrv - ok
10:23:07.0781 0x1750  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:23:07.0781 0x1750  clr_optimization_v2.0.50727_32 - ok
10:23:07.0812 0x1750  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:23:07.0812 0x1750  clr_optimization_v4.0.30319_32 - ok
10:23:07.0812 0x1750  CmdIde - ok
10:23:07.0828 0x1750  Cpqarray - ok
10:23:07.0875 0x1750  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
10:23:07.0875 0x1750  CryptSvc - ok
10:23:07.0890 0x1750  dac2w2k - ok
10:23:07.0890 0x1750  dac960nt - ok
10:23:07.0953 0x1750  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:23:07.0953 0x1750  DcomLaunch - ok
10:23:07.0968 0x1750  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
10:23:07.0968 0x1750  Dhcp - ok
10:23:08.0031 0x1750  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
10:23:08.0031 0x1750  Disk - ok
10:23:08.0031 0x1750  dmadmin - ok
10:23:08.0078 0x1750  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
10:23:08.0078 0x1750  dmboot - ok
10:23:08.0093 0x1750  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
10:23:08.0093 0x1750  dmio - ok
10:23:08.0125 0x1750  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
10:23:08.0125 0x1750  dmload - ok
10:23:08.0140 0x1750  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
10:23:08.0140 0x1750  dmserver - ok
10:23:08.0156 0x1750  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
10:23:08.0156 0x1750  DMusic - ok
10:23:08.0187 0x1750  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:23:08.0187 0x1750  Dnscache - ok
10:23:08.0218 0x1750  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:23:08.0218 0x1750  Dot3svc - ok
10:23:08.0234 0x1750  dpti2o - ok
10:23:08.0234 0x1750  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
10:23:08.0234 0x1750  drmkaud - ok
10:23:08.0281 0x1750  [ 0849EACDC01487573ADD86F5E470806C ] e1express       C:\WINDOWS\system32\DRIVERS\e1e5132.sys
10:23:08.0281 0x1750  e1express - ok
10:23:08.0296 0x1750  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
10:23:08.0296 0x1750  EapHost - ok
10:23:08.0406 0x1750  [ E1E3804F7C59EA3E14637C2A763F65E2 ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
10:23:08.0406 0x1750  eeCtrl - ok
10:23:08.0531 0x1750  [ 1BF9D6476061B31CD7FC2BF848529A56 ] EraserSvc11220  C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
10:23:08.0531 0x1750  EraserSvc11220 - ok
10:23:08.0546 0x1750  [ 6D84DFC3B5C5052881BF50470D0C03D1 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:23:08.0546 0x1750  EraserUtilRebootDrv - ok
10:23:08.0578 0x1750  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
10:23:08.0593 0x1750  ERSvc - ok
10:23:08.0609 0x1750  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
10:23:08.0609 0x1750  Eventlog - ok
10:23:08.0640 0x1750  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
10:23:08.0640 0x1750  Fastfat - ok
10:23:08.0671 0x1750  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:23:08.0671 0x1750  FastUserSwitchingCompatibility - ok
10:23:08.0703 0x1750  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
10:23:08.0703 0x1750  Fdc - ok
10:23:08.0718 0x1750  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
10:23:08.0718 0x1750  Fips - ok
10:23:08.0734 0x1750  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
10:23:08.0734 0x1750  Flpydisk - ok
10:23:08.0750 0x1750  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:23:08.0750 0x1750  FltMgr - ok
10:23:08.0765 0x1750  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:23:08.0765 0x1750  FontCache3.0.0.0 - ok
10:23:08.0796 0x1750  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:23:08.0796 0x1750  Fs_Rec - ok
10:23:08.0812 0x1750  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:23:08.0812 0x1750  Ftdisk - ok
10:23:08.0828 0x1750  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:23:08.0828 0x1750  Gpc - ok
10:23:08.0859 0x1750  [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:23:08.0859 0x1750  HDAudBus - ok
10:23:08.0953 0x1750  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:23:08.0953 0x1750  helpsvc - ok
10:23:08.0984 0x1750  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
10:23:08.0984 0x1750  HidServ - ok
10:23:08.0984 0x1750  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:23:08.0984 0x1750  hidusb - ok
10:23:09.0031 0x1750  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
10:23:09.0031 0x1750  hkmsvc - ok
10:23:09.0031 0x1750  hpn - ok
10:23:09.0062 0x1750  [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:23:09.0062 0x1750  HPZid412 - ok
10:23:09.0062 0x1750  [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:23:09.0062 0x1750  HPZipr12 - ok
10:23:09.0078 0x1750  [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:23:09.0078 0x1750  HPZius12 - ok
10:23:09.0109 0x1750  [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
10:23:09.0109 0x1750  HSFHWBS2 - ok
10:23:09.0140 0x1750  [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
10:23:09.0140 0x1750  HSF_DP - ok
10:23:09.0234 0x1750  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
10:23:09.0234 0x1750  HTTP - ok
10:23:09.0281 0x1750  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
10:23:09.0281 0x1750  HTTPFilter - ok
10:23:09.0281 0x1750  i2omgmt - ok
10:23:09.0296 0x1750  i2omp - ok
10:23:09.0296 0x1750  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
10:23:09.0296 0x1750  i8042prt - ok
10:23:09.0343 0x1750  [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor          C:\WINDOWS\system32\DRIVERS\iaStor.sys
10:23:09.0359 0x1750  iaStor - ok
10:23:09.0421 0x1750  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:23:09.0421 0x1750  idsvc - ok
10:23:09.0500 0x1750  [ E66112BA8090C121681A0D6A067ED73D ] IDSxpx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130830.001\IDSxpx86.sys
10:23:09.0500 0x1750  IDSxpx86 - ok
10:23:09.0531 0x1750  [ 243E03FFC1F54352C14289B03CB5578D ] IDVaultSvc      C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
10:23:09.0546 0x1750  IDVaultSvc - ok
10:23:09.0562 0x1750  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
10:23:09.0562 0x1750  Imapi - ok
10:23:09.0609 0x1750  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
10:23:09.0609 0x1750  ImapiService - ok
10:23:09.0625 0x1750  ini910u - ok
10:23:09.0625 0x1750  IntelIde - ok
10:23:09.0671 0x1750  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:23:09.0671 0x1750  intelppm - ok
10:23:09.0703 0x1750  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
10:23:09.0703 0x1750  Ip6Fw - ok
10:23:09.0734 0x1750  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:23:09.0734 0x1750  IpFilterDriver - ok
10:23:09.0750 0x1750  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:23:09.0750 0x1750  IpInIp - ok
10:23:09.0765 0x1750  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:23:09.0781 0x1750  IpNat - ok
10:23:09.0796 0x1750  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:23:09.0796 0x1750  IPSec - ok
10:23:09.0812 0x1750  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
10:23:09.0812 0x1750  IRENUM - ok
10:23:09.0843 0x1750  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:23:09.0843 0x1750  isapnp - ok
10:23:09.0937 0x1750  [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
10:23:09.0953 0x1750  JavaQuickStarterService - ok
10:23:09.0968 0x1750  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:23:09.0968 0x1750  Kbdclass - ok
10:23:09.0984 0x1750  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:23:09.0984 0x1750  kbdhid - ok
10:23:10.0015 0x1750  [ 548221EAB713064F5AB5F00B293141FA ] keycrypt        C:\WINDOWS\system32\DRIVERS\KeyCrypt32.sys
10:23:10.0015 0x1750  keycrypt - ok
10:23:10.0031 0x1750  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
10:23:10.0031 0x1750  kmixer - ok
10:23:10.0062 0x1750  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
10:23:10.0062 0x1750  KSecDD - ok
10:23:10.0078 0x1750  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
10:23:10.0078 0x1750  lanmanserver - ok
10:23:10.0109 0x1750  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:23:10.0109 0x1750  lanmanworkstation - ok
10:23:10.0109 0x1750  lbrtfdc - ok
10:23:10.0171 0x1750  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
10:23:10.0171 0x1750  LmHosts - ok
10:23:10.0203 0x1750  [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
10:23:10.0203 0x1750  mdmxsdk - ok
10:23:10.0218 0x1750  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
10:23:10.0218 0x1750  Messenger - ok
10:23:10.0265 0x1750  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:23:10.0265 0x1750  Microsoft Office Groove Audit Service - ok
10:23:10.0312 0x1750  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
10:23:10.0312 0x1750  mnmdd - ok
10:23:10.0343 0x1750  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
10:23:10.0343 0x1750  mnmsrvc - ok
10:23:10.0359 0x1750  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
10:23:10.0359 0x1750  Modem - ok
10:23:10.0390 0x1750  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
10:23:10.0390 0x1750  MODEMCSA - ok
10:23:10.0406 0x1750  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:23:10.0406 0x1750  Mouclass - ok
10:23:10.0406 0x1750  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:23:10.0406 0x1750  mouhid - ok
10:23:10.0453 0x1750  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
10:23:10.0453 0x1750  MountMgr - ok
10:23:10.0500 0x1750  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:23:10.0500 0x1750  MozillaMaintenance - ok
10:23:10.0515 0x1750  mraid35x - ok
10:23:10.0515 0x1750  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:23:10.0515 0x1750  MRxDAV - ok
10:23:10.0593 0x1750  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:23:10.0593 0x1750  MRxSmb - ok
10:23:10.0609 0x1750  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:23:10.0609 0x1750  Msfs - ok
10:23:10.0609 0x1750  MSIServer - ok
10:23:10.0656 0x1750  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:23:10.0656 0x1750  MSKSSRV - ok
10:23:10.0687 0x1750  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:23:10.0687 0x1750  MSPCLOCK - ok
10:23:10.0687 0x1750  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
10:23:10.0687 0x1750  MSPQM - ok
10:23:10.0718 0x1750  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:23:10.0718 0x1750  mssmbios - ok
10:23:10.0734 0x1750  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
10:23:10.0734 0x1750  Mup - ok
10:23:10.0765 0x1750  [ 1BF9D6476061B31CD7FC2BF848529A56 ] N360            C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
10:23:10.0765 0x1750  N360 - ok
10:23:10.0796 0x1750  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
10:23:10.0796 0x1750  napagent - ok
10:23:10.0890 0x1750  [ 81E928EE3751FAF725C87CC17726C05D ] NAVENG          C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130831.007\NAVENG.SYS
10:23:10.0890 0x1750  NAVENG - ok
10:23:10.0937 0x1750  [ E0C39FA6C76AE8ED53ABF043F35ECDFF ] NAVEX15         C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130831.007\NAVEX15.SYS
10:23:10.0953 0x1750  NAVEX15 - ok
10:23:11.0046 0x1750  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
10:23:11.0046 0x1750  NDIS - ok
10:23:11.0062 0x1750  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:23:11.0062 0x1750  NdisTapi - ok
10:23:11.0078 0x1750  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:23:11.0078 0x1750  Ndisuio - ok
10:23:11.0093 0x1750  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:23:11.0093 0x1750  NdisWan - ok
10:23:11.0171 0x1750  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:23:11.0171 0x1750  NDProxy - ok
10:23:11.0203 0x1750  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:23:11.0203 0x1750  NetBIOS - ok
10:23:11.0234 0x1750  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:23:11.0234 0x1750  NetBT - ok
10:23:11.0250 0x1750  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
10:23:11.0250 0x1750  NetDDE - ok
10:23:11.0250 0x1750  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
10:23:11.0250 0x1750  NetDDEdsdm - ok
10:23:11.0312 0x1750  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:23:11.0312 0x1750  Netlogon - ok
10:23:11.0343 0x1750  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
10:23:11.0359 0x1750  Netman - ok
10:23:11.0406 0x1750  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:23:11.0406 0x1750  NetTcpPortSharing - ok
10:23:11.0421 0x1750  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
10:23:11.0421 0x1750  Nla - ok
10:23:11.0453 0x1750  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:23:11.0453 0x1750  Npfs - ok
10:23:11.0468 0x1750  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:23:11.0468 0x1750  Ntfs - ok
10:23:11.0484 0x1750  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
10:23:11.0484 0x1750  NtLmSsp - ok
10:23:11.0531 0x1750  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
10:23:11.0531 0x1750  NtmsSvc - ok
10:23:11.0578 0x1750  [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr        C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
10:23:11.0578 0x1750  NuidFltr - ok
10:23:11.0593 0x1750  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:23:11.0593 0x1750  Null - ok
10:23:11.0609 0x1750  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:23:11.0609 0x1750  NwlnkFlt - ok
10:23:11.0625 0x1750  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:23:11.0625 0x1750  NwlnkFwd - ok
10:23:11.0687 0x1750  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:23:11.0703 0x1750  odserv - ok
10:23:11.0718 0x1750  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:23:11.0718 0x1750  ose - ok
10:23:11.0765 0x1750  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
10:23:11.0765 0x1750  Parport - ok
10:23:11.0781 0x1750  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
10:23:11.0781 0x1750  PartMgr - ok
10:23:11.0796 0x1750  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
10:23:11.0796 0x1750  ParVdm - ok
10:23:11.0843 0x1750  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
10:23:11.0843 0x1750  PCI - ok
10:23:11.0843 0x1750  PCIDump - ok
10:23:11.0843 0x1750  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
10:23:11.0859 0x1750  PCIIde - ok
10:23:11.0906 0x1750  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
10:23:11.0906 0x1750  Pcmcia - ok
10:23:11.0906 0x1750  perc2 - ok
10:23:11.0906 0x1750  perc2hib - ok
10:23:11.0953 0x1750  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
10:23:11.0953 0x1750  PlugPlay - ok
10:23:11.0968 0x1750  [ 2D091A99624FB9E7EEF0A86D872EC0C3 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
10:23:11.0968 0x1750  Pml Driver HPZ12 - ok
10:23:11.0984 0x1750  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
10:23:11.0984 0x1750  PolicyAgent - ok
10:23:12.0015 0x1750  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:23:12.0015 0x1750  PptpMiniport - ok
10:23:12.0015 0x1750  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:23:12.0015 0x1750  ProtectedStorage - ok
10:23:12.0031 0x1750  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
10:23:12.0031 0x1750  PSched - ok
10:23:12.0031 0x1750  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:23:12.0031 0x1750  Ptilink - ok
10:23:12.0031 0x1750  ql1080 - ok
10:23:12.0046 0x1750  Ql10wnt - ok
10:23:12.0046 0x1750  ql12160 - ok
10:23:12.0062 0x1750  ql1240 - ok
10:23:12.0062 0x1750  ql1280 - ok
10:23:12.0093 0x1750  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:23:12.0093 0x1750  RasAcd - ok
10:23:12.0109 0x1750  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:23:12.0125 0x1750  RasAuto - ok
10:23:12.0140 0x1750  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:23:12.0140 0x1750  Rasl2tp - ok
10:23:12.0171 0x1750  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:23:12.0171 0x1750  RasMan - ok
10:23:12.0171 0x1750  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:23:12.0171 0x1750  RasPppoe - ok
10:23:12.0187 0x1750  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
10:23:12.0187 0x1750  Raspti - ok
10:23:12.0218 0x1750  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:23:12.0218 0x1750  Rdbss - ok
10:23:12.0250 0x1750  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
10:23:12.0250 0x1750  redbook - ok
10:23:12.0281 0x1750  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:23:12.0281 0x1750  RemoteAccess - ok
10:23:12.0296 0x1750  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
10:23:12.0312 0x1750  RemoteRegistry - ok
10:23:12.0328 0x1750  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:23:12.0328 0x1750  RpcLocator - ok
10:23:12.0359 0x1750  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:23:12.0359 0x1750  RpcSs - ok
10:23:12.0359 0x1750  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
10:23:12.0375 0x1750  RSVP - ok
10:23:12.0390 0x1750  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:23:12.0390 0x1750  SamSs - ok
10:23:12.0406 0x1750  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
10:23:12.0421 0x1750  SCardSvr - ok
10:23:12.0437 0x1750  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:23:12.0437 0x1750  Schedule - ok
10:23:12.0453 0x1750  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:23:12.0453 0x1750  Secdrv - ok
10:23:12.0468 0x1750  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
10:23:12.0468 0x1750  seclogon - ok
10:23:12.0484 0x1750  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
10:23:12.0484 0x1750  SENS - ok
10:23:12.0515 0x1750  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
10:23:12.0515 0x1750  Serial - ok
10:23:12.0562 0x1750  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
10:23:12.0562 0x1750  Sfloppy - ok
10:23:12.0593 0x1750  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:23:12.0593 0x1750  SharedAccess - ok
10:23:12.0609 0x1750  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:23:12.0609 0x1750  ShellHWDetection - ok
10:23:12.0609 0x1750  Simbad - ok
10:23:12.0625 0x1750  Sparrow - ok
10:23:12.0656 0x1750  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
10:23:12.0656 0x1750  splitter - ok
10:23:12.0687 0x1750  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
10:23:12.0687 0x1750  Spooler - ok
10:23:12.0703 0x1750  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
10:23:12.0703 0x1750  sr - ok
10:23:12.0734 0x1750  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
10:23:12.0750 0x1750  srservice - ok
10:23:12.0781 0x1750  [ C743E384E9EFCA10B41C60D406DE39C0 ] SRTSP           C:\WINDOWS\System32\Drivers\N360\1404000.028\SRTSP.SYS
10:23:12.0781 0x1750  SRTSP - ok
10:23:12.0781 0x1750  [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX          C:\WINDOWS\system32\drivers\N360\1404000.028\SRTSPX.SYS
10:23:12.0796 0x1750  SRTSPX - ok
10:23:12.0812 0x1750  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:23:12.0812 0x1750  Srv - ok
10:23:12.0843 0x1750  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:23:12.0843 0x1750  SSDPSRV - ok
10:23:12.0921 0x1750  [ 2A2DC39623ADEF8AB3703AB9FAC4B440 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
10:23:12.0921 0x1750  STHDA - ok
10:23:12.0937 0x1750  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
10:23:12.0953 0x1750  stisvc - ok
10:23:12.0984 0x1750  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
10:23:12.0984 0x1750  swenum - ok
10:23:13.0062 0x1750  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
10:23:13.0062 0x1750  SwitchBoard - ok
10:23:13.0093 0x1750  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
10:23:13.0093 0x1750  swmidi - ok
10:23:13.0109 0x1750  symc810 - ok
10:23:13.0109 0x1750  symc8xx - ok
10:23:13.0156 0x1750  [ 5A193E5E0F0A776430E5D62A051C1E16 ] SymDS           C:\WINDOWS\system32\drivers\N360\1404000.028\SYMDS.SYS
10:23:13.0156 0x1750  SymDS - ok
10:23:13.0203 0x1750  [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA          C:\WINDOWS\system32\drivers\N360\1404000.028\SYMEFA.SYS
10:23:13.0203 0x1750  SymEFA - ok
10:23:13.0234 0x1750  [ F50D81D3E0C7A353F205562B89CD06D6 ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
10:23:13.0250 0x1750  SymEvent - ok
10:23:13.0265 0x1750  [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON         C:\WINDOWS\system32\drivers\N360\1404000.028\Ironx86.SYS
10:23:13.0265 0x1750  SymIRON - ok
10:23:13.0296 0x1750  [ E9C316262C48BF299E02FC8B1CE2B925 ] SYMTDI          C:\WINDOWS\System32\Drivers\N360\1404000.028\SYMTDI.SYS
10:23:13.0296 0x1750  SYMTDI - ok
10:23:13.0296 0x1750  sym_hi - ok
10:23:13.0296 0x1750  sym_u3 - ok
10:23:13.0328 0x1750  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
10:23:13.0328 0x1750  sysaudio - ok
10:23:13.0359 0x1750  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
10:23:13.0375 0x1750  SysmonLog - ok
10:23:13.0406 0x1750  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:23:13.0421 0x1750  TapiSrv - ok
10:23:13.0453 0x1750  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:23:13.0453 0x1750  Tcpip - ok
10:23:13.0484 0x1750  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
10:23:13.0500 0x1750  TermService - ok
10:23:13.0531 0x1750  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
10:23:13.0531 0x1750  Themes - ok
10:23:13.0546 0x1750  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
10:23:13.0546 0x1750  TlntSvr - ok
10:23:13.0546 0x1750  TosIde - ok
10:23:13.0562 0x1750  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
10:23:13.0562 0x1750  TrkWks - ok
10:23:13.0593 0x1750  [ 81532F3628F8ACC80FD1264095960C3A ] TrueSight       C:\WINDOWS\system32\TrueSight.sys
10:23:13.0593 0x1750  TrueSight - ok
10:23:13.0640 0x1750  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
10:23:13.0640 0x1750  Udfs - ok
10:23:13.0640 0x1750  ultra - ok
10:23:13.0671 0x1750  [ 1977313E362C8732C1AF4D1BCB9C06B7 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
10:23:13.0671 0x1750  UMWdf - ok
10:23:13.0687 0x1750  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
10:23:13.0687 0x1750  Update - ok
10:23:13.0718 0x1750  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:23:13.0718 0x1750  upnphost - ok
10:23:13.0718 0x1750  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
10:23:13.0718 0x1750  UPS - ok
10:23:13.0765 0x1750  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:23:13.0765 0x1750  usbccgp - ok
10:23:13.0796 0x1750  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:23:13.0796 0x1750  usbehci - ok
10:23:13.0812 0x1750  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:23:13.0812 0x1750  usbhub - ok
10:23:13.0843 0x1750  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:23:13.0843 0x1750  usbprint - ok
10:23:13.0875 0x1750  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:23:13.0875 0x1750  usbscan - ok
10:23:13.0906 0x1750  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:23:13.0906 0x1750  USBSTOR - ok
10:23:13.0937 0x1750  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:23:13.0937 0x1750  usbuhci - ok
10:23:13.0953 0x1750  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
10:23:13.0953 0x1750  VgaSave - ok
10:23:13.0953 0x1750  ViaIde - ok
10:23:13.0984 0x1750  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
10:23:13.0984 0x1750  VolSnap - ok
10:23:14.0000 0x1750  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
10:23:14.0000 0x1750  VSS - ok
10:23:14.0015 0x1750  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
10:23:14.0015 0x1750  W32Time - ok
10:23:14.0015 0x1750  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:23:14.0015 0x1750  Wanarp - ok
10:23:14.0046 0x1750  [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
10:23:14.0046 0x1750  Wdf01000 - ok
10:23:14.0078 0x1750  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
10:23:14.0078 0x1750  wdmaud - ok
10:23:14.0093 0x1750  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:23:14.0109 0x1750  WebClient - ok
10:23:14.0156 0x1750  [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
10:23:14.0156 0x1750  winachsf - ok
10:23:14.0250 0x1750  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:23:14.0250 0x1750  winmgmt - ok
10:23:14.0265 0x1750  [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
10:23:14.0265 0x1750  WinUSB - ok
10:23:14.0296 0x1750  [ 6EAA72FD9EF993EC1FA9A06DE65105DA ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
10:23:14.0296 0x1750  WmdmPmSN - ok
10:23:14.0328 0x1750  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
10:23:14.0343 0x1750  Wmi - ok
10:23:14.0375 0x1750  [ D87EA9F191DF6731818FFD93659BADF4 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys
10:23:14.0375 0x1750  WpdUsb - ok
10:23:14.0453 0x1750  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:23:14.0468 0x1750  WPFFontCache_v0400 - ok
10:23:14.0515 0x1750  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
10:23:14.0515 0x1750  wscsvc - ok
10:23:14.0531 0x1750  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
10:23:14.0531 0x1750  wuauserv - ok
10:23:14.0578 0x1750  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
10:23:14.0578 0x1750  WZCSVC - ok
10:23:14.0609 0x1750  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
10:23:14.0609 0x1750  xmlprov - ok
10:23:14.0609 0x1750  ================ Scan global ===============================
10:23:14.0656 0x1750  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
10:23:14.0687 0x1750  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
10:23:14.0703 0x1750  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
10:23:14.0718 0x1750  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
10:23:14.0718 0x1750  [Global] - ok
10:23:14.0718 0x1750  ================ Scan MBR ==================================
10:23:14.0734 0x1750  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
10:23:14.0937 0x1750  \Device\Harddisk0\DR0 - ok
10:23:14.0937 0x1750  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR2
10:23:14.0953 0x1750  \Device\Harddisk1\DR2 - ok
10:23:14.0953 0x1750  ================ Scan VBR ==================================
10:23:14.0953 0x1750  [ 6E522C97DA272CBFA2243E19E1BF5690 ] \Device\Harddisk0\DR0\Partition1
10:23:14.0953 0x1750  \Device\Harddisk0\DR0\Partition1 - ok
10:23:14.0953 0x1750  [ BF217A473789618F0DE5A5C6EF405708 ] \Device\Harddisk1\DR2\Partition1
10:23:14.0968 0x1750  \Device\Harddisk1\DR2\Partition1 - ok
10:23:14.0968 0x1750  ============================================================
10:23:14.0968 0x1750  Scan finished
10:23:14.0968 0x1750  ============================================================
10:23:14.0968 0x1678  Detected object count: 0
10:23:14.0968 0x1678  Actual detected object count: 0
10:25:03.0234 0x165c  ============================================================
10:25:03.0234 0x165c  Scan started
10:25:03.0234 0x165c  Mode: Manual; SigCheck; TDLFS;
10:25:03.0234 0x165c  ============================================================
10:25:03.0343 0x165c  ================ Scan system memory ========================
10:25:03.0343 0x165c  System memory - ok
10:25:03.0343 0x165c  ================ Scan services =============================
10:25:03.0468 0x165c  Abiosdsk - ok
10:25:03.0468 0x165c  abp480n5 - ok
10:25:03.0500 0x165c  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:25:04.0609 0x165c  ACPI - ok
10:25:04.0625 0x165c  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
10:25:04.0812 0x165c  ACPIEC - ok
10:25:04.0843 0x165c  [ B05F2367F62552A2DE7E3C352B7B9885 ] ADM8511         C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
10:25:05.0031 0x165c  ADM8511 - ok
10:25:05.0109 0x165c  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:25:05.0140 0x165c  AdobeFlashPlayerUpdateSvc - ok
10:25:05.0156 0x165c  adpu160m - ok
10:25:05.0187 0x165c  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
10:25:05.0328 0x165c  aec - ok
10:25:05.0343 0x165c  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
10:25:05.0421 0x165c  AFD - ok
10:25:05.0421 0x165c  Aha154x - ok
10:25:05.0437 0x165c  aic78u2 - ok
10:25:05.0437 0x165c  aic78xx - ok
10:25:05.0468 0x165c  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
10:25:05.0640 0x165c  Alerter - ok
10:25:05.0656 0x165c  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
10:25:05.0828 0x165c  ALG - ok
10:25:05.0828 0x165c  AliIde - ok
10:25:05.0843 0x165c  amsint - ok
10:25:05.0875 0x165c  [ 2BFB30F04A8407B70AF6DF44767F27F7 ] AntiLog32       C:\WINDOWS\system32\drivers\AntiLog32.sys
10:25:05.0906 0x165c  AntiLog32 - ok
10:25:05.0937 0x165c  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
10:25:06.0093 0x165c  AppMgmt - ok
10:25:06.0109 0x165c  asc - ok
10:25:06.0109 0x165c  asc3350p - ok
10:25:06.0109 0x165c  asc3550 - ok
10:25:06.0265 0x165c  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:25:06.0296 0x165c  aspnet_state - ok
10:25:06.0328 0x165c  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:25:06.0484 0x165c  AsyncMac - ok
10:25:06.0531 0x165c  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
10:25:06.0687 0x165c  atapi - ok
10:25:06.0703 0x165c  Atdisk - ok
10:25:06.0750 0x165c  [ 40F02B8460AC817EA0CEA2E0CAB4C2ED ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
10:25:06.0812 0x165c  Ati HotKey Poller - ok
10:25:06.0843 0x165c  [ D41EB535E2B2D8872463E5F59F215D4E ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe
10:25:06.0875 0x165c  ATI Smart ( UnsignedFile.Multi.Generic ) - warning
10:25:06.0875 0x165c  ATI Smart - detected UnsignedFile.Multi.Generic (1)
10:25:06.0921 0x165c  [ A7DD7088E2C987DBCB3F4D6D56F723BD ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
10:25:07.0015 0x165c  ati2mtag - ok
10:25:07.0046 0x165c  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:25:07.0218 0x165c  Atmarpc - ok
10:25:07.0265 0x165c  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
10:25:07.0421 0x165c  AudioSrv - ok
10:25:07.0468 0x165c  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
10:25:07.0609 0x165c  audstub - ok
10:25:07.0625 0x165c  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:25:07.0796 0x165c  Beep - ok
10:25:07.0921 0x165c  [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx86.sys
10:25:07.0968 0x165c  BHDrvx86 - ok
10:25:08.0015 0x165c  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
10:25:08.0171 0x165c  BITS - ok
10:25:08.0203 0x165c  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
10:25:08.0281 0x165c  Browser - ok
10:25:08.0296 0x165c  [ 68C82CA7237FED2EEAB0AF1D38BD74FD ] C771BUS         C:\WINDOWS\system32\DRIVERS\C771BUS.sys
10:25:08.0312 0x165c  C771BUS - ok
10:25:08.0343 0x165c  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
10:25:08.0531 0x165c  cbidf2k - ok
10:25:08.0625 0x165c  [ 3BEE52611F22C9C0023A98A4425E084F ] ccSet_N360      C:\WINDOWS\system32\drivers\N360\1404000.028\ccSetx86.sys
10:25:08.0656 0x165c  ccSet_N360 - ok
10:25:08.0656 0x165c  cd20xrnt - ok
10:25:08.0687 0x165c  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
10:25:08.0875 0x165c  Cdaudio - ok
10:25:08.0906 0x165c  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
10:25:09.0046 0x165c  Cdfs - ok
10:25:09.0062 0x165c  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:25:09.0203 0x165c  Cdrom - ok
10:25:09.0203 0x165c  Changer - ok
10:25:09.0218 0x165c  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
10:25:09.0359 0x165c  CiSvc - ok
10:25:09.0359 0x165c  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
10:25:09.0546 0x165c  ClipSrv - ok
10:25:09.0609 0x165c  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:25:09.0625 0x165c  clr_optimization_v2.0.50727_32 - ok
10:25:09.0671 0x165c  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:25:09.0687 0x165c  clr_optimization_v4.0.30319_32 - ok
10:25:09.0687 0x165c  CmdIde - ok
10:25:09.0703 0x165c  Cpqarray - ok
10:25:09.0734 0x165c  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
10:25:09.0906 0x165c  CryptSvc - ok
10:25:09.0906 0x165c  dac2w2k - ok
10:25:09.0906 0x165c  dac960nt - ok
10:25:09.0968 0x165c  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:25:10.0031 0x165c  DcomLaunch - ok
10:25:10.0062 0x165c  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
10:25:10.0203 0x165c  Dhcp - ok
10:25:10.0218 0x165c  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
10:25:10.0375 0x165c  Disk - ok
10:25:10.0375 0x165c  dmadmin - ok
10:25:10.0421 0x165c  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
10:25:10.0609 0x165c  dmboot - ok
10:25:10.0609 0x165c  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
10:25:10.0765 0x165c  dmio - ok
10:25:10.0796 0x165c  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
10:25:10.0968 0x165c  dmload - ok
10:25:10.0984 0x165c  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
10:25:11.0125 0x165c  dmserver - ok
10:25:11.0140 0x165c  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
10:25:11.0296 0x165c  DMusic - ok
10:25:11.0312 0x165c  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:25:11.0390 0x165c  Dnscache - ok
10:25:11.0437 0x165c  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:25:11.0609 0x165c  Dot3svc - ok
10:25:11.0625 0x165c  dpti2o - ok
10:25:11.0625 0x165c  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
10:25:11.0796 0x165c  drmkaud - ok
10:25:11.0812 0x165c  [ 0849EACDC01487573ADD86F5E470806C ] e1express       C:\WINDOWS\system32\DRIVERS\e1e5132.sys
10:25:11.0890 0x165c  e1express - ok
10:25:11.0890 0x165c  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
10:25:12.0062 0x165c  EapHost - ok
10:25:12.0171 0x165c  [ E1E3804F7C59EA3E14637C2A763F65E2 ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
10:25:12.0203 0x165c  eeCtrl - ok
10:25:12.0343 0x165c  [ 1BF9D6476061B31CD7FC2BF848529A56 ] EraserSvc11220  C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
10:25:12.0359 0x165c  EraserSvc11220 - ok
10:25:12.0375 0x165c  [ 6D84DFC3B5C5052881BF50470D0C03D1 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:25:12.0390 0x165c  EraserUtilRebootDrv - ok
10:25:12.0421 0x165c  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
10:25:12.0562 0x165c  ERSvc - ok
10:25:12.0593 0x165c  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
10:25:12.0640 0x165c  Eventlog - ok
10:25:12.0640 0x165c  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
10:25:12.0796 0x165c  Fastfat - ok
10:25:12.0828 0x165c  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:25:12.0875 0x165c  FastUserSwitchingCompatibility - ok
10:25:12.0906 0x165c  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
10:25:13.0046 0x165c  Fdc - ok
10:25:13.0062 0x165c  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
10:25:13.0203 0x165c  Fips - ok
10:25:13.0218 0x165c  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
10:25:13.0375 0x165c  Flpydisk - ok
10:25:13.0406 0x165c  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:25:13.0562 0x165c  FltMgr - ok
10:25:13.0625 0x165c  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:25:13.0656 0x165c  FontCache3.0.0.0 - ok
10:25:13.0671 0x165c  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:25:13.0859 0x165c  Fs_Rec - ok
10:25:13.0859 0x165c  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:25:14.0015 0x165c  Ftdisk - ok
10:25:14.0015 0x165c  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:25:14.0156 0x165c  Gpc - ok
10:25:14.0187 0x165c  [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:25:14.0218 0x165c  HDAudBus ( UnsignedFile.Multi.Generic ) - warning
10:25:14.0218 0x165c  HDAudBus - detected UnsignedFile.Multi.Generic (1)
10:25:14.0312 0x165c  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:25:14.0453 0x165c  helpsvc - ok
10:25:14.0484 0x165c  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
10:25:14.0625 0x165c  HidServ - ok
10:25:14.0640 0x165c  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:25:14.0765 0x165c  hidusb - ok
10:25:14.0796 0x165c  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
10:25:14.0953 0x165c  hkmsvc - ok
10:25:14.0968 0x165c  hpn - ok
10:25:14.0984 0x165c  [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:25:15.0031 0x165c  HPZid412 - ok
10:25:15.0046 0x165c  [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:25:15.0093 0x165c  HPZipr12 - ok
10:25:15.0109 0x165c  [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:25:15.0156 0x165c  HPZius12 - ok
10:25:15.0187 0x165c  [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
10:25:15.0234 0x165c  HSFHWBS2 - ok
10:25:15.0250 0x165c  [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
10:25:15.0312 0x165c  HSF_DP - ok
10:25:15.0359 0x165c  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
10:25:15.0421 0x165c  HTTP - ok
10:25:15.0468 0x165c  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
10:25:15.0609 0x165c  HTTPFilter - ok
10:25:15.0609 0x165c  i2omgmt - ok
10:25:15.0625 0x165c  i2omp - ok
10:25:15.0640 0x165c  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
10:25:15.0765 0x165c  i8042prt - ok
10:25:15.0812 0x165c  [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor          C:\WINDOWS\system32\DRIVERS\iaStor.sys
10:25:15.0843 0x165c  iaStor - ok
10:25:15.0921 0x165c  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:25:15.0953 0x165c  idsvc - ok
10:25:16.0046 0x165c  [ E66112BA8090C121681A0D6A067ED73D ] IDSxpx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130830.001\IDSxpx86.sys
10:25:16.0062 0x165c  IDSxpx86 - ok
10:25:16.0109 0x165c  [ 243E03FFC1F54352C14289B03CB5578D ] IDVaultSvc      C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
10:25:16.0125 0x165c  IDVaultSvc - ok
10:25:16.0156 0x165c  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
10:25:16.0312 0x165c  Imapi - ok
10:25:16.0359 0x165c  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
10:25:16.0484 0x165c  ImapiService - ok
10:25:16.0500 0x165c  ini910u - ok
10:25:16.0500 0x165c  IntelIde - ok
10:25:16.0546 0x165c  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:25:16.0671 0x165c  intelppm - ok
10:25:16.0703 0x165c  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
10:25:16.0843 0x165c  Ip6Fw - ok
10:25:16.0890 0x165c  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:25:17.0062 0x165c  IpFilterDriver - ok
10:25:17.0093 0x165c  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:25:17.0218 0x165c  IpInIp - ok
10:25:17.0250 0x165c  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:25:17.0390 0x165c  IpNat - ok
10:25:17.0421 0x165c  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:25:17.0578 0x165c  IPSec - ok
10:25:17.0593 0x165c  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
10:25:17.0750 0x165c  IRENUM - ok
10:25:17.0796 0x165c  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:25:17.0937 0x165c  isapnp - ok
10:25:18.0031 0x165c  [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
10:25:18.0062 0x165c  JavaQuickStarterService - ok
10:25:18.0093 0x165c  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:25:18.0218 0x165c  Kbdclass - ok
10:25:18.0234 0x165c  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:25:18.0390 0x165c  kbdhid - ok
10:25:18.0406 0x165c  [ 548221EAB713064F5AB5F00B293141FA ] keycrypt        C:\WINDOWS\system32\DRIVERS\KeyCrypt32.sys
10:25:18.0421 0x165c  keycrypt - ok
10:25:18.0437 0x165c  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
10:25:18.0578 0x165c  kmixer - ok
10:25:18.0593 0x165c  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
10:25:18.0640 0x165c  KSecDD - ok
10:25:18.0671 0x165c  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
10:25:18.0703 0x165c  lanmanserver - ok
10:25:18.0734 0x165c  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:25:18.0796 0x165c  lanmanworkstation - ok
10:25:18.0796 0x165c  lbrtfdc - ok
10:25:18.0843 0x165c  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
10:25:18.0984 0x165c  LmHosts - ok
10:25:19.0015 0x165c  [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
10:25:19.0046 0x165c  mdmxsdk - ok
10:25:19.0078 0x165c  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
10:25:19.0234 0x165c  Messenger - ok
10:25:19.0296 0x165c  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:25:19.0312 0x165c  Microsoft Office Groove Audit Service - ok
10:25:19.0343 0x165c  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
10:25:19.0515 0x165c  mnmdd - ok
10:25:19.0562 0x165c  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
10:25:19.0703 0x165c  mnmsrvc - ok
10:25:19.0734 0x165c  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
10:25:19.0890 0x165c  Modem - ok
10:25:19.0906 0x165c  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
10:25:20.0062 0x165c  MODEMCSA - ok
10:25:20.0078 0x165c  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:25:20.0203 0x165c  Mouclass - ok
10:25:20.0203 0x165c  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:25:20.0375 0x165c  mouhid - ok
10:25:20.0390 0x165c  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
10:25:20.0531 0x165c  MountMgr - ok
10:25:20.0593 0x165c  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:25:20.0625 0x165c  MozillaMaintenance - ok
10:25:20.0625 0x165c  mraid35x - ok
10:25:20.0625 0x165c  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:25:20.0781 0x165c  MRxDAV - ok
10:25:20.0796 0x165c  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:25:20.0875 0x165c  MRxSmb - ok
10:25:20.0890 0x165c  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:25:21.0031 0x165c  Msfs - ok
10:25:21.0046 0x165c  MSIServer - ok
10:25:21.0062 0x165c  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:25:21.0218 0x165c  MSKSSRV - ok
10:25:21.0234 0x165c  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:25:21.0359 0x165c  MSPCLOCK - ok
10:25:21.0375 0x165c  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
10:25:21.0531 0x165c  MSPQM - ok
10:25:21.0578 0x165c  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:25:21.0703 0x165c  mssmbios - ok
10:25:21.0718 0x165c  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
10:25:21.0781 0x165c  Mup - ok
10:25:21.0796 0x165c  [ 1BF9D6476061B31CD7FC2BF848529A56 ] N360            C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
10:25:21.0828 0x165c  N360 - ok
10:25:21.0859 0x165c  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
10:25:22.0015 0x165c  napagent - ok
10:25:22.0109 0x165c  [ 81E928EE3751FAF725C87CC17726C05D ] NAVENG          C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130831.007\NAVENG.SYS
10:25:22.0125 0x165c  NAVENG - ok
10:25:22.0187 0x165c  [ E0C39FA6C76AE8ED53ABF043F35ECDFF ] NAVEX15         C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130831.007\NAVEX15.SYS
10:25:22.0234 0x165c  NAVEX15 - ok
10:25:22.0281 0x165c  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
10:25:22.0406 0x165c  NDIS - ok
10:25:22.0421 0x165c  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:25:22.0484 0x165c  NdisTapi - ok
10:25:22.0515 0x165c  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:25:22.0671 0x165c  Ndisuio - ok
10:25:22.0687 0x165c  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:25:22.0843 0x165c  NdisWan - ok
10:25:22.0875 0x165c  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:25:22.0953 0x165c  NDProxy - ok
10:25:22.0953 0x165c  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:25:23.0109 0x165c  NetBIOS - ok
10:25:23.0156 0x165c  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:25:23.0281 0x165c  NetBT - ok
10:25:23.0312 0x165c  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
10:25:23.0453 0x165c  NetDDE - ok
10:25:23.0453 0x165c  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
10:25:23.0593 0x165c  NetDDEdsdm - ok
10:25:23.0609 0x165c  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:25:23.0734 0x165c  Netlogon - ok
10:25:23.0781 0x165c  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
10:25:23.0921 0x165c  Netman - ok
10:25:23.0968 0x165c  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:25:24.0000 0x165c  NetTcpPortSharing - ok
10:25:24.0015 0x165c  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
10:25:24.0046 0x165c  Nla - ok
10:25:24.0093 0x165c  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:25:24.0234 0x165c  Npfs - ok
10:25:24.0250 0x165c  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:25:24.0390 0x165c  Ntfs - ok
10:25:24.0390 0x165c  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
10:25:24.0531 0x165c  NtLmSsp - ok
10:25:24.0578 0x165c  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
10:25:24.0734 0x165c  NtmsSvc - ok
10:25:24.0781 0x165c  [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr        C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
10:25:24.0812 0x165c  NuidFltr - ok
10:25:24.0812 0x165c  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:25:24.0984 0x165c  Null - ok
10:25:25.0015 0x165c  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:25:25.0156 0x165c  NwlnkFlt - ok
10:25:25.0171 0x165c  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:25:25.0312 0x165c  NwlnkFwd - ok
10:25:25.0390 0x165c  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:25:25.0421 0x165c  odserv - ok
10:25:25.0468 0x165c  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:25:25.0500 0x165c  ose - ok
10:25:25.0546 0x165c  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
10:25:25.0687 0x165c  Parport - ok
10:25:25.0703 0x165c  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
10:25:25.0843 0x165c  PartMgr - ok
10:25:25.0859 0x165c  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
10:25:26.0031 0x165c  ParVdm - ok
10:25:26.0062 0x165c  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
10:25:26.0203 0x165c  PCI - ok
10:25:26.0218 0x165c  PCIDump - ok
10:25:26.0218 0x165c  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
10:25:26.0375 0x165c  PCIIde - ok
10:25:26.0421 0x165c  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
10:25:26.0562 0x165c  Pcmcia - ok
10:25:26.0562 0x165c  perc2 - ok
10:25:26.0578 0x165c  perc2hib - ok
10:25:26.0593 0x165c  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
10:25:26.0640 0x165c  PlugPlay - ok
10:25:26.0671 0x165c  [ 2D091A99624FB9E7EEF0A86D872EC0C3 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
10:25:26.0703 0x165c  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:25:26.0703 0x165c  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:25:26.0734 0x165c  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
10:25:26.0859 0x165c  PolicyAgent - ok
10:25:26.0890 0x165c  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:25:27.0031 0x165c  PptpMiniport - ok
10:25:27.0046 0x165c  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:25:27.0171 0x165c  ProtectedStorage - ok
10:25:27.0171 0x165c  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
10:25:27.0312 0x165c  PSched - ok
10:25:27.0328 0x165c  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:25:27.0484 0x165c  Ptilink - ok
10:25:27.0484 0x165c  ql1080 - ok
10:25:27.0500 0x165c  Ql10wnt - ok
10:25:27.0500 0x165c  ql12160 - ok
10:25:27.0500 0x165c  ql1240 - ok
10:25:27.0515 0x165c  ql1280 - ok
10:25:27.0531 0x165c  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:25:27.0703 0x165c  RasAcd - ok
10:25:27.0750 0x165c  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:25:27.0890 0x165c  RasAuto - ok
10:25:27.0921 0x165c  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:25:28.0046 0x165c  Rasl2tp - ok
10:25:28.0078 0x165c  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:25:28.0203 0x165c  RasMan - ok
10:25:28.0218 0x165c  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:25:28.0343 0x165c  RasPppoe - ok
10:25:28.0359 0x165c  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
10:25:28.0531 0x165c  Raspti - ok
10:25:28.0578 0x165c  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:25:28.0718 0x165c  Rdbss - ok
10:25:28.0734 0x165c  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
10:25:28.0859 0x165c  redbook - ok
10:25:28.0890 0x165c  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:25:29.0031 0x165c  RemoteAccess - ok
10:25:29.0046 0x165c  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
10:25:29.0187 0x165c  RemoteRegistry - ok
10:25:29.0218 0x165c  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:25:29.0375 0x165c  RpcLocator - ok
10:25:29.0390 0x165c  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:25:29.0437 0x165c  RpcSs - ok
10:25:29.0453 0x165c  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
10:25:29.0609 0x165c  RSVP - ok
10:25:29.0609 0x165c  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:25:29.0750 0x165c  SamSs - ok
10:25:29.0750 0x165c  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
10:25:29.0906 0x165c  SCardSvr - ok
10:25:29.0937 0x165c  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:25:30.0062 0x165c  Schedule - ok
10:25:30.0093 0x165c  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:25:30.0218 0x165c  Secdrv - ok
10:25:30.0234 0x165c  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
10:25:30.0390 0x165c  seclogon - ok
10:25:30.0406 0x165c  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
10:25:30.0562 0x165c  SENS - ok
10:25:30.0609 0x165c  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
10:25:30.0734 0x165c  Serial - ok
10:25:30.0781 0x165c  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
10:25:30.0937 0x165c  Sfloppy - ok
10:25:30.0968 0x165c  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:25:31.0109 0x165c  SharedAccess - ok
10:25:31.0125 0x165c  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:25:31.0171 0x165c  ShellHWDetection - ok
10:25:31.0187 0x165c  Simbad - ok
10:25:31.0187 0x165c  Sparrow - ok
10:25:31.0234 0x165c  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
10:25:31.0390 0x165c  splitter - ok
10:25:31.0421 0x165c  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
10:25:31.0484 0x165c  Spooler - ok
10:25:31.0500 0x165c  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
10:25:31.0625 0x165c  sr - ok
10:25:31.0671 0x165c  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
10:25:31.0812 0x165c  srservice - ok
10:25:31.0859 0x165c  [ C743E384E9EFCA10B41C60D406DE39C0 ] SRTSP           C:\WINDOWS\System32\Drivers\N360\1404000.028\SRTSP.SYS
10:25:31.0890 0x165c  SRTSP - ok
10:25:31.0906 0x165c  [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX          C:\WINDOWS\system32\drivers\N360\1404000.028\SRTSPX.SYS
10:25:31.0921 0x165c  SRTSPX - ok
10:25:31.0937 0x165c  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:25:31.0984 0x165c  Srv - ok
10:25:32.0031 0x165c  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:25:32.0171 0x165c  SSDPSRV - ok
10:25:32.0250 0x165c  [ 2A2DC39623ADEF8AB3703AB9FAC4B440 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
10:25:32.0375 0x165c  STHDA - ok
10:25:32.0406 0x165c  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
10:25:32.0562 0x165c  stisvc - ok
10:25:32.0578 0x165c  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
10:25:32.0703 0x165c  swenum - ok
10:25:32.0796 0x165c  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
10:25:32.0859 0x165c  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
10:25:32.0875 0x165c  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
10:25:32.0890 0x165c  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
10:25:33.0031 0x165c  swmidi - ok
10:25:33.0031 0x165c  symc810 - ok
10:25:33.0031 0x165c  symc8xx - ok
10:25:33.0078 0x165c  [ 5A193E5E0F0A776430E5D62A051C1E16 ] SymDS           C:\WINDOWS\system32\drivers\N360\1404000.028\SYMDS.SYS
10:25:33.0109 0x165c  SymDS - ok
10:25:33.0187 0x165c  [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA          C:\WINDOWS\system32\drivers\N360\1404000.028\SYMEFA.SYS
10:25:33.0218 0x165c  SymEFA - ok
10:25:33.0296 0x165c  [ F50D81D3E0C7A353F205562B89CD06D6 ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
10:25:33.0312 0x165c  SymEvent - ok
10:25:33.0343 0x165c  [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON         C:\WINDOWS\system32\drivers\N360\1404000.028\Ironx86.SYS
10:25:33.0375 0x165c  SymIRON - ok
10:25:33.0390 0x165c  [ E9C316262C48BF299E02FC8B1CE2B925 ] SYMTDI          C:\WINDOWS\System32\Drivers\N360\1404000.028\SYMTDI.SYS
10:25:33.0406 0x165c  SYMTDI - ok
10:25:33.0421 0x165c  sym_hi - ok
10:25:33.0421 0x165c  sym_u3 - ok
10:25:33.0453 0x165c  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
10:25:33.0609 0x165c  sysaudio - ok
10:25:33.0640 0x165c  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
10:25:33.0765 0x165c  SysmonLog - ok
10:25:33.0796 0x165c  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:25:33.0953 0x165c  TapiSrv - ok
10:25:33.0968 0x165c  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:25:34.0031 0x165c  Tcpip - ok
10:25:34.0078 0x165c  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
10:25:34.0234 0x165c  TermService - ok
10:25:34.0250 0x165c  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
10:25:34.0265 0x165c  Themes - ok
10:25:34.0296 0x165c  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
10:25:34.0421 0x165c  TlntSvr - ok
10:25:34.0421 0x165c  TosIde - ok
10:25:34.0437 0x165c  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
10:25:34.0593 0x165c  TrkWks - ok
10:25:34.0625 0x165c  [ 81532F3628F8ACC80FD1264095960C3A ] TrueSight       C:\WINDOWS\system32\TrueSight.sys
10:25:34.0656 0x165c  TrueSight ( UnsignedFile.Multi.Generic ) - warning
10:25:34.0656 0x165c  TrueSight - detected UnsignedFile.Multi.Generic (1)
10:25:34.0703 0x165c  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
10:25:34.0843 0x165c  Udfs - ok
10:25:34.0859 0x165c  ultra - ok
10:25:34.0875 0x165c  [ 1977313E362C8732C1AF4D1BCB9C06B7 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
10:25:34.0875 0x165c  UMWdf ( UnsignedFile.Multi.Generic ) - warning
10:25:34.0875 0x165c  UMWdf - detected UnsignedFile.Multi.Generic (1)
10:25:34.0906 0x165c  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
10:25:35.0031 0x165c  Update - ok
10:25:35.0062 0x165c  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:25:35.0218 0x165c  upnphost - ok
10:25:35.0218 0x165c  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
10:25:35.0359 0x165c  UPS - ok
10:25:35.0406 0x165c  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:25:35.0562 0x165c  usbccgp - ok
10:25:35.0578 0x165c  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:25:35.0734 0x165c  usbehci - ok
10:25:35.0750 0x165c  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:25:35.0875 0x165c  usbhub - ok
10:25:35.0890 0x165c  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:25:36.0015 0x165c  usbprint - ok
10:25:36.0046 0x165c  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:25:36.0203 0x165c  usbscan - ok
10:25:36.0218 0x165c  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:25:36.0359 0x165c  USBSTOR - ok
10:25:36.0375 0x165c  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:25:36.0515 0x165c  usbuhci - ok
10:25:36.0562 0x165c  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
10:25:36.0687 0x165c  VgaSave - ok
10:25:36.0703 0x165c  ViaIde - ok
10:25:36.0734 0x165c  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
10:25:36.0859 0x165c  VolSnap - ok
10:25:36.0921 0x165c  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
10:25:37.0046 0x165c  VSS - ok
10:25:37.0078 0x165c  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
10:25:37.0203 0x165c  W32Time - ok
10:25:37.0218 0x165c  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:25:37.0359 0x165c  Wanarp - ok
10:25:37.0437 0x165c  [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
10:25:37.0468 0x165c  Wdf01000 - ok
10:25:37.0484 0x165c  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
10:25:37.0625 0x165c  wdmaud - ok
10:25:37.0671 0x165c  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:25:37.0796 0x165c  WebClient - ok
10:25:37.0843 0x165c  [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
10:25:37.0875 0x165c  winachsf - ok
10:25:37.0953 0x165c  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:25:38.0078 0x165c  winmgmt - ok
10:25:38.0156 0x165c  [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
10:25:38.0187 0x165c  WinUSB - ok
10:25:38.0218 0x165c  [ 6EAA72FD9EF993EC1FA9A06DE65105DA ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
10:25:38.0312 0x165c  WmdmPmSN - ok
10:25:38.0343 0x165c  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
10:25:38.0375 0x165c  Wmi - ok
10:25:38.0406 0x165c  [ D87EA9F191DF6731818FFD93659BADF4 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys
10:25:38.0406 0x165c  WpdUsb ( UnsignedFile.Multi.Generic ) - warning
10:25:38.0406 0x165c  WpdUsb - detected UnsignedFile.Multi.Generic (1)
10:25:38.0500 0x165c  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:25:38.0531 0x165c  WPFFontCache_v0400 - ok
10:25:38.0562 0x165c  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
10:25:38.0718 0x165c  wscsvc - ok
10:25:38.0734 0x165c  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
10:25:38.0890 0x165c  wuauserv - ok
10:25:38.0921 0x165c  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
10:25:39.0078 0x165c  WZCSVC - ok
10:25:39.0093 0x165c  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
10:25:39.0250 0x165c  xmlprov - ok
10:25:39.0265 0x165c  ================ Scan global ===============================
10:25:39.0296 0x165c  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
10:25:39.0328 0x165c  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
10:25:39.0343 0x165c  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
10:25:39.0359 0x165c  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
10:25:39.0359 0x165c  [Global] - ok
10:25:39.0375 0x165c  ================ Scan MBR ==================================
10:25:39.0375 0x165c  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
10:25:39.0656 0x165c  \Device\Harddisk0\DR0 - ok
10:25:39.0656 0x165c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR2
10:25:39.0781 0x165c  \Device\Harddisk1\DR2 - ok
10:25:39.0781 0x165c  ================ Scan VBR ==================================
10:25:39.0781 0x165c  [ 6E522C97DA272CBFA2243E19E1BF5690 ] \Device\Harddisk0\DR0\Partition1
10:25:39.0796 0x165c  \Device\Harddisk0\DR0\Partition1 - ok
10:25:39.0796 0x165c  [ BF217A473789618F0DE5A5C6EF405708 ] \Device\Harddisk1\DR2\Partition1
10:25:39.0796 0x165c  \Device\Harddisk1\DR2\Partition1 - ok
10:25:39.0796 0x165c  ============================================================
10:25:39.0796 0x165c  Scan finished
10:25:39.0796 0x165c  ============================================================
10:25:39.0812 0x15a4  Detected object count: 7
10:25:39.0812 0x15a4  Actual detected object count: 7
10:28:18.0546 0x15a4  ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:18.0546 0x15a4  ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:18.0546 0x15a4  HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:18.0546 0x15a4  HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:18.0546 0x15a4  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:18.0546 0x15a4  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:18.0546 0x15a4  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:18.0546 0x15a4  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:18.0562 0x15a4  TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:18.0562 0x15a4  TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:18.0562 0x15a4  UMWdf ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:18.0562 0x15a4  UMWdf ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:18.0562 0x15a4  WpdUsb ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:18.0562 0x15a4  WpdUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:29:39.0171 0x096c  Deinitialize success
 


Edited by FXWG, 01 September 2013 - 10:16 AM.


#4 FXWG

FXWG
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South byGod Georgia
  • Local time:08:55 PM

Posted 01 September 2013 - 10:09 AM

Second one:

 

10:30:03.0218 0x14b4  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
10:30:03.0687 0x14b4  ============================================================
10:30:03.0687 0x14b4  Current date / time: 2013/09/01 10:30:03.0687
10:30:03.0687 0x14b4  SystemInfo:
10:30:03.0687 0x14b4  
10:30:03.0687 0x14b4  OS Version: 5.1.2600 ServicePack: 3.0
10:30:03.0687 0x14b4  Product type: Workstation
10:30:03.0687 0x14b4  ComputerName: OWNER
10:30:03.0687 0x14b4  UserName: Rhodes
10:30:03.0687 0x14b4  Windows directory: C:\WINDOWS
10:30:03.0687 0x14b4  System windows directory: C:\WINDOWS
10:30:03.0687 0x14b4  Processor architecture: Intel x86
10:30:03.0687 0x14b4  Number of processors: 2
10:30:03.0687 0x14b4  Page size: 0x1000
10:30:03.0687 0x14b4  Boot type: Normal boot
10:30:03.0687 0x14b4  ============================================================
10:30:04.0484 0x14b4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:30:04.0484 0x14b4  Drive \Device\Harddisk1\DR2 - Size: 0x774488000 (29.82 Gb), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:30:04.0484 0x14b4  ============================================================
10:30:04.0484 0x14b4  \Device\Harddisk0\DR0:
10:30:04.0484 0x14b4  MBR partitions:
10:30:04.0484 0x14b4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
10:30:04.0484 0x14b4  \Device\Harddisk1\DR2:
10:30:04.0484 0x14b4  MBR partitions:
10:30:04.0500 0x14b4  \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x3BA2420
10:30:04.0500 0x14b4  ============================================================
10:30:04.0531 0x14b4  C: <-> \Device\Harddisk0\DR0\Partition1
10:30:04.0531 0x14b4  F: <-> \Device\Harddisk1\DR2\Partition1
10:30:04.0531 0x14b4  ============================================================
10:30:04.0531 0x14b4  Initialize success
10:30:04.0531 0x14b4  ============================================================
10:30:18.0062 0x0d48  ============================================================
10:30:18.0062 0x0d48  Scan started
10:30:18.0062 0x0d48  Mode: Manual; SigCheck; TDLFS;
10:30:18.0062 0x0d48  ============================================================
10:30:18.0156 0x0d48  ================ Scan system memory ========================
10:30:18.0156 0x0d48  System memory - ok
10:30:18.0156 0x0d48  ================ Scan services =============================
10:30:18.0312 0x0d48  Abiosdsk - ok
10:30:18.0328 0x0d48  abp480n5 - ok
10:30:18.0359 0x0d48  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:30:18.0921 0x0d48  ACPI - ok
10:30:18.0937 0x0d48  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
10:30:19.0125 0x0d48  ACPIEC - ok
10:30:19.0156 0x0d48  [ B05F2367F62552A2DE7E3C352B7B9885 ] ADM8511         C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
10:30:19.0328 0x0d48  ADM8511 - ok
10:30:19.0421 0x0d48  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:30:19.0453 0x0d48  AdobeFlashPlayerUpdateSvc - ok
10:30:19.0453 0x0d48  adpu160m - ok
10:30:19.0484 0x0d48  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
10:30:19.0640 0x0d48  aec - ok
10:30:19.0671 0x0d48  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
10:30:19.0718 0x0d48  AFD - ok
10:30:19.0718 0x0d48  Aha154x - ok
10:30:19.0718 0x0d48  aic78u2 - ok
10:30:19.0734 0x0d48  aic78xx - ok
10:30:19.0765 0x0d48  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
10:30:19.0937 0x0d48  Alerter - ok
10:30:19.0953 0x0d48  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
10:30:20.0125 0x0d48  ALG - ok
10:30:20.0125 0x0d48  AliIde - ok
10:30:20.0140 0x0d48  amsint - ok
10:30:20.0187 0x0d48  [ 2BFB30F04A8407B70AF6DF44767F27F7 ] AntiLog32       C:\WINDOWS\system32\drivers\AntiLog32.sys
10:30:20.0218 0x0d48  AntiLog32 - ok
10:30:20.0250 0x0d48  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
10:30:20.0406 0x0d48  AppMgmt - ok
10:30:20.0421 0x0d48  asc - ok
10:30:20.0421 0x0d48  asc3350p - ok
10:30:20.0437 0x0d48  asc3550 - ok
10:30:20.0578 0x0d48  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:30:20.0593 0x0d48  aspnet_state - ok
10:30:20.0640 0x0d48  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:30:20.0796 0x0d48  AsyncMac - ok
10:30:20.0828 0x0d48  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
10:30:21.0000 0x0d48  atapi - ok
10:30:21.0000 0x0d48  Atdisk - ok
10:30:21.0046 0x0d48  [ 40F02B8460AC817EA0CEA2E0CAB4C2ED ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
10:30:21.0078 0x0d48  Ati HotKey Poller - ok
10:30:21.0140 0x0d48  [ D41EB535E2B2D8872463E5F59F215D4E ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe
10:30:21.0156 0x0d48  ATI Smart ( UnsignedFile.Multi.Generic ) - warning
10:30:21.0156 0x0d48  ATI Smart - detected UnsignedFile.Multi.Generic (1)
10:30:21.0203 0x0d48  [ A7DD7088E2C987DBCB3F4D6D56F723BD ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
10:30:21.0281 0x0d48  ati2mtag - ok
10:30:21.0328 0x0d48  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:30:21.0500 0x0d48  Atmarpc - ok
10:30:21.0531 0x0d48  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
10:30:21.0671 0x0d48  AudioSrv - ok
10:30:21.0718 0x0d48  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
10:30:21.0859 0x0d48  audstub - ok
10:30:21.0890 0x0d48  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:30:22.0062 0x0d48  Beep - ok
10:30:22.0203 0x0d48  [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx86.sys
10:30:22.0250 0x0d48  BHDrvx86 - ok
10:30:22.0296 0x0d48  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
10:30:22.0453 0x0d48  BITS - ok
10:30:22.0500 0x0d48  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
10:30:22.0531 0x0d48  Browser - ok
10:30:22.0578 0x0d48  [ 68C82CA7237FED2EEAB0AF1D38BD74FD ] C771BUS         C:\WINDOWS\system32\DRIVERS\C771BUS.sys
10:30:22.0593 0x0d48  C771BUS - ok
10:30:22.0609 0x0d48  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
10:30:22.0781 0x0d48  cbidf2k - ok
10:30:22.0843 0x0d48  [ 3BEE52611F22C9C0023A98A4425E084F ] ccSet_N360      C:\WINDOWS\system32\drivers\N360\1404000.028\ccSetx86.sys
10:30:22.0875 0x0d48  ccSet_N360 - ok
10:30:22.0875 0x0d48  cd20xrnt - ok
10:30:22.0906 0x0d48  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
10:30:23.0093 0x0d48  Cdaudio - ok
10:30:23.0156 0x0d48  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
10:30:23.0281 0x0d48  Cdfs - ok
10:30:23.0312 0x0d48  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:30:23.0453 0x0d48  Cdrom - ok
10:30:23.0468 0x0d48  Changer - ok
10:30:23.0484 0x0d48  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
10:30:23.0625 0x0d48  CiSvc - ok
10:30:23.0625 0x0d48  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
10:30:23.0796 0x0d48  ClipSrv - ok
10:30:23.0859 0x0d48  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:30:23.0875 0x0d48  clr_optimization_v2.0.50727_32 - ok
10:30:23.0921 0x0d48  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:30:23.0937 0x0d48  clr_optimization_v4.0.30319_32 - ok
10:30:23.0937 0x0d48  CmdIde - ok
10:30:23.0953 0x0d48  Cpqarray - ok
10:30:23.0984 0x0d48  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
10:30:24.0125 0x0d48  CryptSvc - ok
10:30:24.0140 0x0d48  dac2w2k - ok
10:30:24.0140 0x0d48  dac960nt - ok
10:30:24.0187 0x0d48  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:30:24.0218 0x0d48  DcomLaunch - ok
10:30:24.0265 0x0d48  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
10:30:24.0421 0x0d48  Dhcp - ok
10:30:24.0437 0x0d48  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
10:30:24.0593 0x0d48  Disk - ok
10:30:24.0593 0x0d48  dmadmin - ok
10:30:24.0640 0x0d48  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
10:30:24.0828 0x0d48  dmboot - ok
10:30:24.0843 0x0d48  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
10:30:24.0984 0x0d48  dmio - ok
10:30:25.0015 0x0d48  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
10:30:25.0171 0x0d48  dmload - ok
10:30:25.0187 0x0d48  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
10:30:25.0312 0x0d48  dmserver - ok
10:30:25.0343 0x0d48  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
10:30:25.0484 0x0d48  DMusic - ok
10:30:25.0515 0x0d48  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:30:25.0531 0x0d48  Dnscache - ok
10:30:25.0578 0x0d48  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:30:25.0734 0x0d48  Dot3svc - ok
10:30:25.0734 0x0d48  dpti2o - ok
10:30:25.0765 0x0d48  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
10:30:25.0906 0x0d48  drmkaud - ok
10:30:25.0937 0x0d48  [ 0849EACDC01487573ADD86F5E470806C ] e1express       C:\WINDOWS\system32\DRIVERS\e1e5132.sys
10:30:25.0968 0x0d48  e1express - ok
10:30:25.0984 0x0d48  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
10:30:26.0125 0x0d48  EapHost - ok
10:30:26.0218 0x0d48  [ E1E3804F7C59EA3E14637C2A763F65E2 ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
10:30:26.0250 0x0d48  eeCtrl - ok
10:30:26.0390 0x0d48  [ 1BF9D6476061B31CD7FC2BF848529A56 ] EraserSvc11220  C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
10:30:26.0421 0x0d48  EraserSvc11220 - ok
10:30:26.0453 0x0d48  [ 6D84DFC3B5C5052881BF50470D0C03D1 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:30:26.0468 0x0d48  EraserUtilRebootDrv - ok
10:30:26.0531 0x0d48  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
10:30:26.0687 0x0d48  ERSvc - ok
10:30:26.0703 0x0d48  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
10:30:26.0750 0x0d48  Eventlog - ok
10:30:26.0765 0x0d48  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
10:30:26.0921 0x0d48  Fastfat - ok
10:30:26.0937 0x0d48  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:30:26.0968 0x0d48  FastUserSwitchingCompatibility - ok
10:30:26.0984 0x0d48  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
10:30:27.0125 0x0d48  Fdc - ok
10:30:27.0140 0x0d48  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
10:30:27.0281 0x0d48  Fips - ok
10:30:27.0281 0x0d48  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
10:30:27.0437 0x0d48  Flpydisk - ok
10:30:27.0453 0x0d48  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:30:27.0625 0x0d48  FltMgr - ok
10:30:27.0671 0x0d48  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:30:27.0703 0x0d48  FontCache3.0.0.0 - ok
10:30:27.0734 0x0d48  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:30:27.0890 0x0d48  Fs_Rec - ok
10:30:27.0906 0x0d48  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:30:28.0062 0x0d48  Ftdisk - ok
10:30:28.0078 0x0d48  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:30:28.0218 0x0d48  Gpc - ok
10:30:28.0250 0x0d48  [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:30:28.0281 0x0d48  HDAudBus ( UnsignedFile.Multi.Generic ) - warning
10:30:28.0281 0x0d48  HDAudBus - detected UnsignedFile.Multi.Generic (1)
10:30:28.0375 0x0d48  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:30:28.0515 0x0d48  helpsvc - ok
10:30:28.0562 0x0d48  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
10:30:28.0703 0x0d48  HidServ - ok
10:30:28.0718 0x0d48  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:30:28.0843 0x0d48  hidusb - ok
10:30:28.0875 0x0d48  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
10:30:29.0031 0x0d48  hkmsvc - ok
10:30:29.0031 0x0d48  hpn - ok
10:30:29.0062 0x0d48  [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:30:29.0093 0x0d48  HPZid412 - ok
10:30:29.0109 0x0d48  [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:30:29.0156 0x0d48  HPZipr12 - ok
10:30:29.0187 0x0d48  [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:30:29.0203 0x0d48  HPZius12 - ok
10:30:29.0234 0x0d48  [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
10:30:29.0265 0x0d48  HSFHWBS2 - ok
10:30:29.0281 0x0d48  [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
10:30:29.0312 0x0d48  HSF_DP - ok
10:30:29.0359 0x0d48  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
10:30:29.0390 0x0d48  HTTP - ok
10:30:29.0437 0x0d48  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
10:30:29.0578 0x0d48  HTTPFilter - ok
10:30:29.0593 0x0d48  i2omgmt - ok
10:30:29.0593 0x0d48  i2omp - ok
10:30:29.0609 0x0d48  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
10:30:29.0734 0x0d48  i8042prt - ok
10:30:29.0781 0x0d48  [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor          C:\WINDOWS\system32\DRIVERS\iaStor.sys
10:30:29.0812 0x0d48  iaStor - ok
10:30:29.0890 0x0d48  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:30:29.0921 0x0d48  idsvc - ok
10:30:30.0015 0x0d48  [ E66112BA8090C121681A0D6A067ED73D ] IDSxpx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130830.001\IDSxpx86.sys
10:30:30.0046 0x0d48  IDSxpx86 - ok
10:30:30.0093 0x0d48  [ 243E03FFC1F54352C14289B03CB5578D ] IDVaultSvc      C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
10:30:30.0109 0x0d48  IDVaultSvc - ok
10:30:30.0140 0x0d48  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
10:30:30.0296 0x0d48  Imapi - ok
10:30:30.0343 0x0d48  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
10:30:30.0484 0x0d48  ImapiService - ok
10:30:30.0484 0x0d48  ini910u - ok
10:30:30.0500 0x0d48  IntelIde - ok
10:30:30.0531 0x0d48  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:30:30.0656 0x0d48  intelppm - ok
10:30:30.0687 0x0d48  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
10:30:30.0828 0x0d48  Ip6Fw - ok
10:30:30.0843 0x0d48  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:30:31.0015 0x0d48  IpFilterDriver - ok
10:30:31.0015 0x0d48  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:30:31.0156 0x0d48  IpInIp - ok
10:30:31.0171 0x0d48  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:30:31.0328 0x0d48  IpNat - ok
10:30:31.0359 0x0d48  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:30:31.0515 0x0d48  IPSec - ok
10:30:31.0531 0x0d48  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
10:30:31.0687 0x0d48  IRENUM - ok
10:30:31.0750 0x0d48  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:30:31.0906 0x0d48  isapnp - ok
10:30:31.0984 0x0d48  [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
10:30:32.0015 0x0d48  JavaQuickStarterService - ok
10:30:32.0062 0x0d48  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:30:32.0187 0x0d48  Kbdclass - ok
10:30:32.0203 0x0d48  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:30:32.0359 0x0d48  kbdhid - ok
10:30:32.0375 0x0d48  [ 548221EAB713064F5AB5F00B293141FA ] keycrypt        C:\WINDOWS\system32\DRIVERS\KeyCrypt32.sys
10:30:32.0390 0x0d48  keycrypt - ok
10:30:32.0406 0x0d48  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
10:30:32.0546 0x0d48  kmixer - ok
10:30:32.0593 0x0d48  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
10:30:32.0625 0x0d48  KSecDD - ok
10:30:32.0656 0x0d48  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
10:30:32.0671 0x0d48  lanmanserver - ok
10:30:32.0703 0x0d48  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:30:32.0750 0x0d48  lanmanworkstation - ok
10:30:32.0750 0x0d48  lbrtfdc - ok
10:30:32.0781 0x0d48  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
10:30:32.0937 0x0d48  LmHosts - ok
10:30:32.0968 0x0d48  [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
10:30:32.0984 0x0d48  mdmxsdk - ok
10:30:33.0000 0x0d48  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
10:30:33.0156 0x0d48  Messenger - ok
10:30:33.0187 0x0d48  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:30:33.0218 0x0d48  Microsoft Office Groove Audit Service - ok
10:30:33.0250 0x0d48  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
10:30:33.0421 0x0d48  mnmdd - ok
10:30:33.0453 0x0d48  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
10:30:33.0609 0x0d48  mnmsrvc - ok
10:30:33.0640 0x0d48  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
10:30:33.0796 0x0d48  Modem - ok
10:30:33.0812 0x0d48  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
10:30:33.0953 0x0d48  MODEMCSA - ok
10:30:33.0968 0x0d48  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:30:34.0093 0x0d48  Mouclass - ok
10:30:34.0125 0x0d48  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:30:34.0281 0x0d48  mouhid - ok
10:30:34.0312 0x0d48  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
10:30:34.0437 0x0d48  MountMgr - ok
10:30:34.0500 0x0d48  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:30:34.0531 0x0d48  MozillaMaintenance - ok
10:30:34.0531 0x0d48  mraid35x - ok
10:30:34.0546 0x0d48  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:30:34.0687 0x0d48  MRxDAV - ok
10:30:34.0703 0x0d48  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:30:34.0765 0x0d48  MRxSmb - ok
10:30:34.0781 0x0d48  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:30:34.0937 0x0d48  Msfs - ok
10:30:34.0953 0x0d48  MSIServer - ok
10:30:34.0984 0x0d48  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:30:35.0109 0x0d48  MSKSSRV - ok
10:30:35.0140 0x0d48  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:30:35.0265 0x0d48  MSPCLOCK - ok
10:30:35.0281 0x0d48  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
10:30:35.0406 0x0d48  MSPQM - ok
10:30:35.0421 0x0d48  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:30:35.0562 0x0d48  mssmbios - ok
10:30:35.0562 0x0d48  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
10:30:35.0609 0x0d48  Mup - ok
10:30:35.0625 0x0d48  [ 1BF9D6476061B31CD7FC2BF848529A56 ] N360            C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
10:30:35.0656 0x0d48  N360 - ok
10:30:35.0687 0x0d48  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
10:30:35.0843 0x0d48  napagent - ok
10:30:35.0921 0x0d48  [ 81E928EE3751FAF725C87CC17726C05D ] NAVENG          C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130831.007\NAVENG.SYS
10:30:35.0953 0x0d48  NAVENG - ok
10:30:36.0031 0x0d48  [ E0C39FA6C76AE8ED53ABF043F35ECDFF ] NAVEX15         C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130831.007\NAVEX15.SYS
10:30:36.0078 0x0d48  NAVEX15 - ok
10:30:36.0093 0x0d48  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
10:30:36.0234 0x0d48  NDIS - ok
10:30:36.0250 0x0d48  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:30:36.0296 0x0d48  NdisTapi - ok
10:30:36.0312 0x0d48  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:30:36.0468 0x0d48  Ndisuio - ok
10:30:36.0500 0x0d48  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:30:36.0640 0x0d48  NdisWan - ok
10:30:36.0687 0x0d48  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:30:36.0703 0x0d48  NDProxy - ok
10:30:36.0718 0x0d48  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:30:36.0875 0x0d48  NetBIOS - ok
10:30:36.0890 0x0d48  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:30:37.0015 0x0d48  NetBT - ok
10:30:37.0046 0x0d48  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
10:30:37.0171 0x0d48  NetDDE - ok
10:30:37.0187 0x0d48  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
10:30:37.0312 0x0d48  NetDDEdsdm - ok
10:30:37.0328 0x0d48  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:30:37.0453 0x0d48  Netlogon - ok
10:30:37.0484 0x0d48  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
10:30:37.0625 0x0d48  Netman - ok
10:30:37.0687 0x0d48  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:30:37.0703 0x0d48  NetTcpPortSharing - ok
10:30:37.0750 0x0d48  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
10:30:37.0781 0x0d48  Nla - ok
10:30:37.0843 0x0d48  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:30:37.0968 0x0d48  Npfs - ok
10:30:37.0984 0x0d48  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:30:38.0156 0x0d48  Ntfs - ok
10:30:38.0156 0x0d48  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
10:30:38.0296 0x0d48  NtLmSsp - ok
10:30:38.0312 0x0d48  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
10:30:38.0484 0x0d48  NtmsSvc - ok
10:30:38.0515 0x0d48  [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr        C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
10:30:38.0546 0x0d48  NuidFltr - ok
10:30:38.0546 0x0d48  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:30:38.0734 0x0d48  Null - ok
10:30:38.0750 0x0d48  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:30:38.0890 0x0d48  NwlnkFlt - ok
10:30:38.0890 0x0d48  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:30:39.0062 0x0d48  NwlnkFwd - ok
10:30:39.0140 0x0d48  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:30:39.0171 0x0d48  odserv - ok
10:30:39.0218 0x0d48  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:30:39.0234 0x0d48  ose - ok
10:30:39.0296 0x0d48  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
10:30:39.0421 0x0d48  Parport - ok
10:30:39.0437 0x0d48  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
10:30:39.0578 0x0d48  PartMgr - ok
10:30:39.0593 0x0d48  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
10:30:39.0765 0x0d48  ParVdm - ok
10:30:39.0781 0x0d48  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
10:30:39.0921 0x0d48  PCI - ok
10:30:39.0937 0x0d48  PCIDump - ok
10:30:39.0937 0x0d48  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
10:30:40.0093 0x0d48  PCIIde - ok
10:30:40.0140 0x0d48  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
10:30:40.0281 0x0d48  Pcmcia - ok
10:30:40.0281 0x0d48  perc2 - ok
10:30:40.0281 0x0d48  perc2hib - ok
10:30:40.0312 0x0d48  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
10:30:40.0343 0x0d48  PlugPlay - ok
10:30:40.0359 0x0d48  [ 2D091A99624FB9E7EEF0A86D872EC0C3 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
10:30:40.0390 0x0d48  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:30:40.0390 0x0d48  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:30:40.0390 0x0d48  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
10:30:40.0531 0x0d48  PolicyAgent - ok
10:30:40.0562 0x0d48  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:30:40.0703 0x0d48  PptpMiniport - ok
10:30:40.0703 0x0d48  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:30:40.0843 0x0d48  ProtectedStorage - ok
10:30:40.0843 0x0d48  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
10:30:40.0968 0x0d48  PSched - ok
10:30:40.0984 0x0d48  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:30:41.0140 0x0d48  Ptilink - ok
10:30:41.0140 0x0d48  ql1080 - ok
10:30:41.0140 0x0d48  Ql10wnt - ok
10:30:41.0156 0x0d48  ql12160 - ok
10:30:41.0156 0x0d48  ql1240 - ok
10:30:41.0171 0x0d48  ql1280 - ok
10:30:41.0171 0x0d48  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:30:41.0328 0x0d48  RasAcd - ok
10:30:41.0359 0x0d48  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:30:41.0515 0x0d48  RasAuto - ok
10:30:41.0546 0x0d48  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:30:41.0687 0x0d48  Rasl2tp - ok
10:30:41.0734 0x0d48  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:30:41.0859 0x0d48  RasMan - ok
10:30:41.0875 0x0d48  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:30:42.0000 0x0d48  RasPppoe - ok
10:30:42.0000 0x0d48  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
10:30:42.0156 0x0d48  Raspti - ok
10:30:42.0187 0x0d48  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:30:42.0328 0x0d48  Rdbss - ok
10:30:42.0343 0x0d48  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
10:30:42.0500 0x0d48  redbook - ok
10:30:42.0531 0x0d48  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:30:42.0671 0x0d48  RemoteAccess - ok
10:30:42.0687 0x0d48  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
10:30:42.0828 0x0d48  RemoteRegistry - ok
10:30:42.0859 0x0d48  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:30:42.0984 0x0d48  RpcLocator - ok
10:30:43.0015 0x0d48  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:30:43.0046 0x0d48  RpcSs - ok
10:30:43.0078 0x0d48  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
10:30:43.0234 0x0d48  RSVP - ok
10:30:43.0250 0x0d48  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:30:43.0375 0x0d48  SamSs - ok
10:30:43.0390 0x0d48  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
10:30:43.0531 0x0d48  SCardSvr - ok
10:30:43.0562 0x0d48  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:30:43.0703 0x0d48  Schedule - ok
10:30:43.0734 0x0d48  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:30:43.0859 0x0d48  Secdrv - ok
10:30:43.0890 0x0d48  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
10:30:44.0031 0x0d48  seclogon - ok
10:30:44.0062 0x0d48  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
10:30:44.0218 0x0d48  SENS - ok
10:30:44.0234 0x0d48  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
10:30:44.0375 0x0d48  Serial - ok
10:30:44.0406 0x0d48  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
10:30:44.0562 0x0d48  Sfloppy - ok
10:30:44.0609 0x0d48  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:30:44.0734 0x0d48  SharedAccess - ok
10:30:44.0750 0x0d48  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:30:44.0781 0x0d48  ShellHWDetection - ok
10:30:44.0781 0x0d48  Simbad - ok
10:30:44.0796 0x0d48  Sparrow - ok
10:30:44.0828 0x0d48  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
10:30:44.0984 0x0d48  splitter - ok
10:30:45.0015 0x0d48  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
10:30:45.0046 0x0d48  Spooler - ok
10:30:45.0078 0x0d48  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
10:30:45.0203 0x0d48  sr - ok
10:30:45.0234 0x0d48  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
10:30:45.0375 0x0d48  srservice - ok
10:30:45.0406 0x0d48  [ C743E384E9EFCA10B41C60D406DE39C0 ] SRTSP           C:\WINDOWS\System32\Drivers\N360\1404000.028\SRTSP.SYS
10:30:45.0437 0x0d48  SRTSP - ok
10:30:45.0437 0x0d48  [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX          C:\WINDOWS\system32\drivers\N360\1404000.028\SRTSPX.SYS
10:30:45.0453 0x0d48  SRTSPX - ok
10:30:45.0484 0x0d48  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:30:45.0500 0x0d48  Srv - ok
10:30:45.0546 0x0d48  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:30:45.0671 0x0d48  SSDPSRV - ok
10:30:45.0734 0x0d48  [ 2A2DC39623ADEF8AB3703AB9FAC4B440 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
10:30:45.0828 0x0d48  STHDA - ok
10:30:45.0921 0x0d48  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
10:30:46.0046 0x0d48  stisvc - ok
10:30:46.0062 0x0d48  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
10:30:46.0203 0x0d48  swenum - ok
10:30:46.0265 0x0d48  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
10:30:46.0343 0x0d48  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
10:30:46.0343 0x0d48  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
10:30:46.0375 0x0d48  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
10:30:46.0500 0x0d48  swmidi - ok
10:30:46.0515 0x0d48  symc810 - ok
10:30:46.0515 0x0d48  symc8xx - ok
10:30:46.0578 0x0d48  [ 5A193E5E0F0A776430E5D62A051C1E16 ] SymDS           C:\WINDOWS\system32\drivers\N360\1404000.028\SYMDS.SYS
10:30:46.0593 0x0d48  SymDS - ok
10:30:46.0671 0x0d48  [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA          C:\WINDOWS\system32\drivers\N360\1404000.028\SYMEFA.SYS
10:30:46.0703 0x0d48  SymEFA - ok
10:30:46.0765 0x0d48  [ F50D81D3E0C7A353F205562B89CD06D6 ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
10:30:46.0781 0x0d48  SymEvent - ok
10:30:46.0828 0x0d48  [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON         C:\WINDOWS\system32\drivers\N360\1404000.028\Ironx86.SYS
10:30:46.0843 0x0d48  SymIRON - ok
10:30:46.0875 0x0d48  [ E9C316262C48BF299E02FC8B1CE2B925 ] SYMTDI          C:\WINDOWS\System32\Drivers\N360\1404000.028\SYMTDI.SYS
10:30:46.0890 0x0d48  SYMTDI - ok
10:30:46.0906 0x0d48  sym_hi - ok
10:30:46.0906 0x0d48  sym_u3 - ok
10:30:46.0937 0x0d48  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
10:30:47.0078 0x0d48  sysaudio - ok
10:30:47.0125 0x0d48  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
10:30:47.0250 0x0d48  SysmonLog - ok
10:30:47.0281 0x0d48  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:30:47.0437 0x0d48  TapiSrv - ok
10:30:47.0468 0x0d48  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:30:47.0515 0x0d48  Tcpip - ok
10:30:47.0562 0x0d48  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
10:30:47.0718 0x0d48  TermService - ok
10:30:47.0750 0x0d48  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
10:30:47.0781 0x0d48  Themes - ok
10:30:47.0796 0x0d48  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
10:30:47.0937 0x0d48  TlntSvr - ok
10:30:47.0937 0x0d48  TosIde - ok
10:30:47.0953 0x0d48  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
10:30:48.0109 0x0d48  TrkWks - ok
10:30:48.0140 0x0d48  [ 81532F3628F8ACC80FD1264095960C3A ] TrueSight       C:\WINDOWS\system32\TrueSight.sys
10:30:48.0156 0x0d48  TrueSight ( UnsignedFile.Multi.Generic ) - warning
10:30:48.0156 0x0d48  TrueSight - detected UnsignedFile.Multi.Generic (1)
10:30:48.0218 0x0d48  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
10:30:48.0359 0x0d48  Udfs - ok
10:30:48.0359 0x0d48  ultra - ok
10:30:48.0375 0x0d48  [ 1977313E362C8732C1AF4D1BCB9C06B7 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
10:30:48.0375 0x0d48  UMWdf ( UnsignedFile.Multi.Generic ) - warning
10:30:48.0375 0x0d48  UMWdf - detected UnsignedFile.Multi.Generic (1)
10:30:48.0406 0x0d48  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
10:30:48.0546 0x0d48  Update - ok
10:30:48.0578 0x0d48  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:30:48.0734 0x0d48  upnphost - ok
10:30:48.0734 0x0d48  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
10:30:48.0859 0x0d48  UPS - ok
10:30:48.0921 0x0d48  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:30:49.0078 0x0d48  usbccgp - ok
10:30:49.0093 0x0d48  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:30:49.0250 0x0d48  usbehci - ok
10:30:49.0281 0x0d48  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:30:49.0437 0x0d48  usbhub - ok
10:30:49.0453 0x0d48  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:30:49.0593 0x0d48  usbprint - ok
10:30:49.0609 0x0d48  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:30:49.0765 0x0d48  usbscan - ok
10:30:49.0796 0x0d48  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:30:49.0921 0x0d48  USBSTOR - ok
10:30:49.0953 0x0d48  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:30:50.0093 0x0d48  usbuhci - ok
10:30:50.0125 0x0d48  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
10:30:50.0250 0x0d48  VgaSave - ok
10:30:50.0265 0x0d48  ViaIde - ok
10:30:50.0296 0x0d48  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
10:30:50.0421 0x0d48  VolSnap - ok
10:30:50.0468 0x0d48  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
10:30:50.0609 0x0d48  VSS - ok
10:30:50.0640 0x0d48  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
10:30:50.0765 0x0d48  W32Time - ok
10:30:50.0781 0x0d48  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:30:50.0937 0x0d48  Wanarp - ok
10:30:51.0000 0x0d48  [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
10:30:51.0031 0x0d48  Wdf01000 - ok
10:30:51.0031 0x0d48  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
10:30:51.0171 0x0d48  wdmaud - ok
10:30:51.0203 0x0d48  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:30:51.0328 0x0d48  WebClient - ok
10:30:51.0359 0x0d48  [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
10:30:51.0390 0x0d48  winachsf - ok
10:30:51.0468 0x0d48  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:30:51.0593 0x0d48  winmgmt - ok
10:30:51.0656 0x0d48  [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
10:30:51.0687 0x0d48  WinUSB - ok
10:30:51.0703 0x0d48  [ 6EAA72FD9EF993EC1FA9A06DE65105DA ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
10:30:51.0781 0x0d48  WmdmPmSN - ok
10:30:51.0812 0x0d48  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
10:30:51.0859 0x0d48  Wmi - ok
10:30:51.0890 0x0d48  [ D87EA9F191DF6731818FFD93659BADF4 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys
10:30:51.0906 0x0d48  WpdUsb ( UnsignedFile.Multi.Generic ) - warning
10:30:51.0906 0x0d48  WpdUsb - detected UnsignedFile.Multi.Generic (1)
10:30:52.0000 0x0d48  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:30:52.0031 0x0d48  WPFFontCache_v0400 - ok
10:30:52.0062 0x0d48  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
10:30:52.0218 0x0d48  wscsvc - ok
10:30:52.0250 0x0d48  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
10:30:52.0390 0x0d48  wuauserv - ok
10:30:52.0453 0x0d48  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
10:30:52.0593 0x0d48  WZCSVC - ok
10:30:52.0625 0x0d48  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
10:30:52.0750 0x0d48  xmlprov - ok
10:30:52.0765 0x0d48  ================ Scan global ===============================
10:30:52.0796 0x0d48  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
10:30:52.0828 0x0d48  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
10:30:52.0843 0x0d48  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
10:30:52.0859 0x0d48  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
10:30:52.0875 0x0d48  [Global] - ok
10:30:52.0875 0x0d48  ================ Scan MBR ==================================
10:30:52.0890 0x0d48  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
10:30:53.0140 0x0d48  \Device\Harddisk0\DR0 - ok
10:30:53.0140 0x0d48  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR2
10:30:53.0250 0x0d48  \Device\Harddisk1\DR2 - ok
10:30:53.0250 0x0d48  ================ Scan VBR ==================================
10:30:53.0250 0x0d48  [ 6E522C97DA272CBFA2243E19E1BF5690 ] \Device\Harddisk0\DR0\Partition1
10:30:53.0265 0x0d48  \Device\Harddisk0\DR0\Partition1 - ok
10:30:53.0265 0x0d48  [ BF217A473789618F0DE5A5C6EF405708 ] \Device\Harddisk1\DR2\Partition1
10:30:53.0265 0x0d48  \Device\Harddisk1\DR2\Partition1 - ok
10:30:53.0265 0x0d48  ============================================================
10:30:53.0265 0x0d48  Scan finished
10:30:53.0265 0x0d48  ============================================================
10:30:53.0281 0x0ddc  Detected object count: 7
10:30:53.0281 0x0ddc  Actual detected object count: 7
10:31:48.0140 0x0ddc  ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
10:31:48.0140 0x0ddc  ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:31:48.0140 0x0ddc  HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
10:31:48.0140 0x0ddc  HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:31:48.0156 0x0ddc  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:31:48.0156 0x0ddc  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:31:48.0156 0x0ddc  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
10:31:48.0156 0x0ddc  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:31:48.0156 0x0ddc  TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
10:31:48.0156 0x0ddc  TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:31:48.0156 0x0ddc  UMWdf ( UnsignedFile.Multi.Generic ) - skipped by user
10:31:48.0156 0x0ddc  UMWdf ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:31:48.0156 0x0ddc  WpdUsb ( UnsignedFile.Multi.Generic ) - skipped by user
10:31:48.0156 0x0ddc  WpdUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:01.0484 0x119c  Deinitialize success
 



#5 FXWG

FXWG
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South byGod Georgia
  • Local time:08:55 PM

Posted 01 September 2013 - 10:11 AM

AdwCleaner Report:

 

# AdwCleaner v3.001 - Report created 01/09/2013 at 10:46:11
# Updated 24/08/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Rhodes - OWNER
# Running from : C:\Documents and Settings\Rhodes\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Rhodes\Application Data\Mozilla\Firefox\Profiles\irkj2f1g.default\user.js
File Found : C:\END
File Found : C:\WINDOWS\system32\roboot.exe
Folder Found : C:\Documents and Settings\Rhodes\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kbpnbcabmoajglgcmopidlmijjglnjpe
Folder Found C:\Documents and Settings\All Users\Application Data\Babylon
Folder Found C:\Documents and Settings\All Users\Application Data\InstallMate
Folder Found C:\Documents and Settings\All Users\Application Data\SAAfe saVea
Folder Found C:\Documents and Settings\All Users\Application Data\SearchNewTab
Folder Found C:\Documents and Settings\All Users\Application Data\StarApp
Folder Found C:\Documents and Settings\Rhodes\Application Data\Babylon
Folder Found C:\Documents and Settings\Rhodes\IECompatCache
Folder Found C:\Documents and Settings\Rhodes\Local Settings\Application Data\PackageAware

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Delta
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\96dadeb038e940
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\Delta
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=B047001372144266&affID=121232&tsp=4983
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://websearch.simplesearches.info/?pid=500&r=2013/08/22&hid=3122983800&lg=EN&cc=US&unqvl=31
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs] - hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=B047001372144266&affID=121232&tsp=4983

-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Documents and Settings\Rhodes\Application Data\Mozilla\Firefox\Profiles\irkj2f1g.default\prefs.js ]

Line Found : user_pref("aol_toolbar.default.homepage.check", false);
Line Found : user_pref("aol_toolbar.default.search.check", false);
Line Found : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=B047001372144266&affID=121232&tsp=4983");
Line Found : user_pref("browser.search.defaulturl", "hxxp://websearch.simplesearches.info/?pid=500&r=2013/08/22&hid=3122983800&lg=EN&cc=US&unqvl=31&l=1&q=");
Line Found : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Line Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Line Found : user_pref("extensions.delta.admin", false);
Line Found : user_pref("extensions.delta.aflt", "babsst");
Line Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Found : user_pref("extensions.delta.autoRvrt", "false");
Line Found : user_pref("extensions.delta.dfltLng", "en");
Line Found : user_pref("extensions.delta.excTlbr", false);
Line Found : user_pref("extensions.delta.ffxUnstlRst", true);
Line Found : user_pref("extensions.delta.id", "b0474451000000000000001372144266");
Line Found : user_pref("extensions.delta.instlDay", "15940");
Line Found : user_pref("extensions.delta.instlRef", "sst");
Line Found : user_pref("extensions.delta.newTab", false);
Line Found : user_pref("extensions.delta.prdct", "delta");
Line Found : user_pref("extensions.delta.prtnrId", "delta");
Line Found : user_pref("extensions.delta.rvrt", "false");
Line Found : user_pref("extensions.delta.smplGrp", "none");
Line Found : user_pref("extensions.delta.tlbrId", "base");
Line Found : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Found : user_pref("extensions.delta.vrsn", "1.8.24.6");
Line Found : user_pref("extensions.delta.vrsnTs", "1.8.24.617:29:23");
Line Found : user_pref("extensions.delta.vrsni", "1.8.24.6");
Line Found : user_pref("extensions.delta_i.babExt", "");
Line Found : user_pref("extensions.delta_i.babTrack", "affID=121232&tsp=4983");
Line Found : user_pref("extensions.delta_i.srcExt", "ss");
Line Found : user_pref("extensions.mbyQ9.scode", "(function(){try{if(window.opener&&window.self==window.top&&-1==document.cookie.indexOf(\"xcddsa\")&&-1==window.self.location.href.indexOf(\"px.pluginh\")&&window.s[...]
Line Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Found : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v

[ File : C:\Documents and Settings\Rhodes\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [6083 octets] - [01/09/2013 10:46:11]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6143 octets] ##########
 



#6 FXWG

FXWG
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South byGod Georgia
  • Local time:08:55 PM

Posted 01 September 2013 - 10:13 AM

Farbar Service Scanner Report:

 

Farbar Service Scanner Version: 28-08-2013
Ran by Rhodes (administrator) on 01-09-2013 at 10:51:42
Running from "C:\Documents and Settings\Rhodes\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Attempt to access Google.com returned error: Google.com is offline
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============
EventSystem Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open EventSystem registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open EventSystem registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open EventSystem registry key. The service key does not exist.
Checking LEGACY_EventSystem: ATTENTION!=====> Unable to open LEGACY_EventSystem\0000 registry key. The key does not exist.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) SYMTDI(8) Tcpip(4)
0x080000000500000001000000020000000300000004000000080000000600000007000000
IpSec Tag value is correct.

**** End of log ****



#7 FXWG

FXWG
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South byGod Georgia
  • Local time:08:55 PM

Posted 01 September 2013 - 10:15 AM

MiniToolBox Report:

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Rhodes (administrator) on 01-09-2013 at 10:56:03
Running from "C:\Documents and Settings\Rhodes\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================


WARNING: Could not obtain host information from machine: [OWNER]. Some commands may not be available.


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : owner

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : hsd1.ga.comcast.net.



Ethernet adapter Local Area Connection 2:



        Connection-specific DNS Suffix  . : hsd1.ga.comcast.net.

        Description . . . . . . . . . . . : Intel® PRO/1000 PL Network Connection

        Physical Address. . . . . . . . . : 00-13-72-14-42-66

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 10.0.0.6

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 10.0.0.1

        DHCP Server . . . . . . . . . . . : 10.0.0.1

        DNS Servers . . . . . . . . . . . : 75.75.75.75

                                            75.75.76.76

        Lease Obtained. . . . . . . . . . : Sunday, September 01, 2013 5:15:33 AM

        Lease Expires . . . . . . . . . . : Sunday, September 08, 2013 5:15:33 AM

Server:  cdns01.comcast.net
Address:  75.75.75.75

Name:    google.com
Addresses:  74.125.140.101, 74.125.140.113, 74.125.140.100, 74.125.140.138
      74.125.140.102, 74.125.140.139



Pinging google.com [74.125.140.100] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 74.125.140.100:

    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Server:  cdns01.comcast.net
Address:  75.75.75.75

Name:    yahoo.com
Addresses:  98.138.253.109, 206.190.36.45, 98.139.183.24



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 72 14 42 66 ...... Intel® PRO/1000 PL Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.6      10
         10.0.0.0    255.255.255.0         10.0.0.6        10.0.0.6      10
         10.0.0.6  255.255.255.255        127.0.0.1       127.0.0.1      10
   10.255.255.255  255.255.255.255         10.0.0.6        10.0.0.6      10
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
        224.0.0.0        240.0.0.0         10.0.0.6        10.0.0.6      10
  255.255.255.255  255.255.255.255         10.0.0.6        10.0.0.6      1
Default Gateway:          10.0.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/01/2013 05:17:34 AM) (Source: IDVault) (User: )
Description: Interaction with the desktop is required. Enable desktop interaction flag in Properties->Log On.

Error: (09/01/2013 05:17:34 AM) (Source: IDVault) (User: )
Description: Display Flag Error Provider load failure

Error: (09/01/2013 05:16:42 AM) (Source: IDVault) (User: )
Description: Interaction with the desktop is required. Enable desktop interaction flag in Properties->Log On.

Error: (09/01/2013 05:16:42 AM) (Source: IDVault) (User: )
Description: Display Flag Error Provider load failure

Error: (09/01/2013 04:34:36 AM) (Source: IDVault) (User: )
Description: Interaction with the desktop is required. Enable desktop interaction flag in Properties->Log On.

Error: (09/01/2013 04:34:36 AM) (Source: IDVault) (User: )
Description: Display Flag Error Provider load failure

Error: (09/01/2013 04:33:19 AM) (Source: IDVault) (User: )
Description: Interaction with the desktop is required. Enable desktop interaction flag in Properties->Log On.

Error: (09/01/2013 04:33:19 AM) (Source: IDVault) (User: )
Description: Display Flag Error Provider load failure

Error: (08/31/2013 04:23:17 AM) (Source: TermService) (User: )
Description:

Error: (08/31/2013 03:59:18 AM) (Source: TermService) (User: )
Description:


System errors:
=============
Error: (08/30/2013 06:58:05 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (08/30/2013 06:57:51 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (08/30/2013 06:57:41 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (08/30/2013 06:57:26 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (08/30/2013 06:57:16 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (08/30/2013 06:55:20 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (08/30/2013 06:55:10 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (08/30/2013 06:54:57 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (08/30/2013 06:54:47 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (08/30/2013 06:54:47 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

5600 (Version: 50.0.206.000)
5600_Help (Version: 50.0.206.000)
5600Trb (Version: 50.0.206.000)
Adobe Acrobat XI Pro (Version: 11.0.01)
Adobe AIR (Version: 3.8.0.870)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Adobe Shockwave Player 12.0 (Version: 12.0.3.133)
AiO_Scan (Version: 50.0.206.000)
AiOSoftware (Version: 50.0.206.000)
Akamai NetSession Interface
AntiLogger SDK version 1.5.6.849 (Version: 1.5.6.849)
Apple Application Support (Version: 2.3.4)
Apple Software Update (Version: 2.1.3.127)
ATI - Software Uninstall Utility (Version: 6.14.10.1014)
ATI Control Panel (Version: 6.14.10.5183)
ATI Display Driver (Version: 8.23-060209a1-030546C-Dell)
BitLord 2.3 (Version: 2.3.2-239)
Bitlord Packages
BufferChm (Version: 53.0.13.000)
C771 USB Driver V1.0.11.0 (Version: 1.0.11.0)
CASIO USB Driver V1.4.200.0407 (Version: 1.4.200.0407)
CCleaner (Version: 3.28)
Cemetery Keeper
Conexant D850 56K V.9x DFVc Modem
Constant Guard Protection Suite (Version: 1.13.521.2)
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
Crypt Keeper Map Editor (Version: 1.0.0)
CustomerResearchQFolder (Version: 1.00.0000)
Destinations (Version: 53.0.13.000)
DeviceManagementQFolder (Version: 1.00.0000)
Digital Line Detect (Version: 1.10)
DocProc (Version: 5.2.0.0)
eSupportQFolder (Version: 1.00.0000)
Family Tree Maker 2012 (Version: 21.0.388)
Fax (Version: 50.0.206.000)
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
HP Extended Capabilities 5.3 (Version: 5.3)
HP Image Zone Express (Version: 1.5.1.29)
HP Imaging Device Functions 5.3 (Version: 5.3)
HP PSC & OfficeJet 5.3.B
HP Software Update (Version: 3.0.5.001)
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
HPProductAssistant (Version: 53.0.13.000)
Inkscape 0.48.4 (Version: 0.48.4)
Intel® PRO Network Connections Drivers
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
K-Lite Codec Pack 10.0.0 Full (Version: 10.0.0)
Map Maker Pro 3.5 (Version: 3.5)
MarketResearch (Version: 53.0.13.000)
MathType 6 (Version: 6.9)
Media Player Codec Pack 4.2.5 (Version: 4.2.5)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Download Manager (Version: 1.2.1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WinUsb 1.0
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
MOBILedit! Support Libraries (Version: 4.0.0)
MOBILedit! ver. 7.1.0.3719 (Version: 7.1.0.3719)
Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NewCopy (Version: 50.0.206.000)
Norton Security Suite (Version: 20.4.0.40)
PDF Settings CS6 (Version: 11.0)
ProductContext (Version: 50.0.206.000)
QuickTime (Version: 7.74.80.86)
Readme (Version: 50.0.206.000)
RoboForm 7-9-0-0 (All Users) (Version: 7-9-0-0)
SanDiskSecureAccess_Manager.exe (Version: 1.1.19755)
Scan (Version: 5.2.0.0)
ScannerCopy (Version: 5.2.0.0)
SigmaTel Audio (Version: 5.10.4600.0)
SolutionCenter (Version: 50.0.152.000)
Status (Version: 53.0.13.000)
swMSM (Version: 12.0.0.1)
The Crypt Keeper (Version: 1.0.0)
TrayApp (Version: 53.0.13.000)
Unload (Version: 5.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Verizon Cloud
VSO Batcher (Version: 1.1.9.26)
VSO ConvertXToDVD (Version: 5.0.0.64)
Watermark Factory 2
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 59%
Total physical RAM: 1022.09 MB
Available physical RAM: 414.12 MB
Total Pagefile: 2457.32 MB
Available Pagefile: 1682.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.46 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.75 GB) (Free:315.53 GB) NTFS
4 Drive f: () (Fixed) (Total:29.8 GB) (Free:24.53 GB) FAT32

========================= Users: ========================================

User accounts for \\OWNER

Administrator            ASPNET                   Guest                    
Rhodes                   SUPPORT_388945a0         

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

31-08-2013 05:27:03 System Checkpoint
01-09-2013 01:03:50 Restore Point 1
01-09-2013 02:17:47 1
01-09-2013 06:35:34 Configured Microsoft Office Enterprise 2007
01-09-2013 07:32:28 1
01-09-2013 08:35:07 1
01-09-2013 09:14:23 Malwarebytes Anti-Rootkit Restore Point
01-09-2013 14:14:48 Configured Microsoft Office Enterprise 2007

**** End of log ****
 



#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:55 AM

Posted 01 September 2013 - 04:46 PM

Hi
 
Please do the following next:
 
:step1:

Backup Your Registry with ERUNT

  • Please use the following link and scroll down to ERUNT and download it.
  • http://aumha.org/freeware/freeware.php
  • For version with the Installer:
  • Use the setup program to install ERUNT on your computer
  • For the zipped version:
  • Unzip all the files into a folder of your choice.

Open Erunt.exe (use the shortcut on your desktop if you used the installer). Follow the prompts leaving the values at default.
 
 
:step2:
 
Please download EventSystem.reg to your Desktop
Double click on EventSystem.reg, allow it to run, and allow it to be merged into the registry.
 
 
:step3:
 
Rerun FSS on your desktop.
Post the full contents of the file in your next reply.


Edited by dev00790, 01 September 2013 - 04:47 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 FXWG

FXWG
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South byGod Georgia
  • Local time:08:55 PM

Posted 01 September 2013 - 05:04 PM

Thanks for getting back to me. Here is the FSS report:

 

Farbar Service Scanner Version: 28-08-2013
Ran by Rhodes (administrator) on 01-09-2013 at 18:01:18
Running from "C:\Documents and Settings\Rhodes\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Attempt to access Google.com returned error: Google.com is offline
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============
EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is set to Auto. The default start type is 3.
The ImagePath of EventSystem: "%SystemRoot%\system32\svchost.exe -k LocalService".
The ServiceDll of EventSystem service is OK.
Checking LEGACY_EventSystem: ATTENTION!=====> Unable to open LEGACY_EventSystem\0000 registry key. The key does not exist.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) SYMTDI(8) Tcpip(4)
0x080000000500000001000000020000000300000004000000080000000600000007000000
IpSec Tag value is correct.

**** End of log ****



#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:55 AM

Posted 01 September 2013 - 06:18 PM

Hi
 
Please do the following next:
 
:step1:

Backup Your Registry with ERUNT

  • Please use the following link and scroll down to ERUNT and download it.
  • http://aumha.org/freeware/freeware.php
  • For version with the Installer:
  • Use the setup program to install ERUNT on your computer
  • For the zipped version:
  • Unzip all the files into a folder of your choice.

Open Erunt.exe (use the shortcut on your desktop if you used the installer). Follow the prompts leaving the values at default.
 
 
:step2:
 
Please download Legacy_EventSystem.reg to your Desktop
Double click on Legacy_EventSystem.reg, allow it to run, and allow it to be merged into the registry.
 
 
:step3:
 
Rerun FSS on your desktop.
Post the full contents of the file in your next reply.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 FXWG

FXWG
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South byGod Georgia
  • Local time:08:55 PM

Posted 01 September 2013 - 06:31 PM

Isn't that what I just did?

 

Ok I ran Erunt, Legacy Event and FSS again. Here is the FSS report:

 

Farbar Service Scanner Version: 28-08-2013
Ran by Rhodes (administrator) on 01-09-2013 at 19:39:34
Running from "C:\Documents and Settings\Rhodes\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Attempt to access Google.com returned error: Google.com is offline
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============
EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is set to Auto. The default start type is 3.
The ImagePath of EventSystem: "%SystemRoot%\system32\svchost.exe -k LocalService".
The ServiceDll of EventSystem service is OK.
Checking LEGACY_EventSystem: ATTENTION!=====> Unable to open LEGACY_EventSystem\0000 registry key. The key does not exist.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) SYMTDI(8) Tcpip(4)
0x080000000500000001000000020000000300000004000000080000000600000007000000
IpSec Tag value is correct.

**** End of log ****


Edited by FXWG, 01 September 2013 - 06:42 PM.


#12 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:55 AM

Posted 01 September 2013 - 07:20 PM

Hi for the first fix I asked for eventsystem.reg, which was a different file to legacy_eventsystem.reg
 
The 2nd FSS log still shows the legacy_eventsystem key is missing.
Can you confirm you followed :step2: of my previous post?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#13 FXWG

FXWG
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South byGod Georgia
  • Local time:08:55 PM

Posted 01 September 2013 - 07:38 PM

Sorry here you go:

 

Farbar Service Scanner Version: 28-08-2013
Ran by Rhodes (administrator) on 01-09-2013 at 20:37:15
Running from "C:\Documents and Settings\Rhodes\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Attempt to access Google.com returned error: Google.com is offline
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============
EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is set to Auto. The default start type is 3.
The ImagePath of EventSystem: "%SystemRoot%\system32\svchost.exe -k LocalService".
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) SYMTDI(8) Tcpip(4)
0x080000000500000001000000020000000300000004000000080000000600000007000000
IpSec Tag value is correct.

**** End of log ****



#14 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:55 AM

Posted 02 September 2013 - 03:35 AM

Hi

 

Please open a command prompt. Via Start > Run > type cmd and press enter

 

At the prompt copy and paste the below:

 

net start eventsystem

 

Did the eventsystem service successfully start?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#15 FXWG

FXWG
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South byGod Georgia
  • Local time:08:55 PM

Posted 02 September 2013 - 10:44 AM

Hi, No. It says

 

Microsoft Windows XP [Version 5.1.2600]
© Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Rhodes>net start eventsystem

The service name is invalid.

 

More help is available by typing NET HELPMSG 2185.

 

 

C:\Documents and Settings\Rhodes>

 

 

I thought maybe I needed to restart the computer before the registry change would take place, so I restarted it and tried again. Eventsystem still would not start but this time I got this message:

 

Microsoft Windows XP [Version 5.1.2600]
© Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Rhodes>net start eventsystem
System error 1290 has occurred.

The system cannot find message text for message number 0x50a in the message file
 for BASE.


C:\Documents and Settings\Rhodes>


Edited by FXWG, 02 September 2013 - 10:07 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users