Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Please check out my laptop for me?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Please check out my laptop for me?

Unread postby blackhillsgalsbff » November 16th, 2012, 3:08 am

Hello!
My laptop , when I booted up, went to a black screen, said, Resuming Windows" with a loading bar, but stalled and failed to load. Also, I have avast! and it's constantly popping up and dinging at me with messages such as: "MALICIOUS URL BLOCKED!" Please check out my laptop for me?

DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Louise at 1:56:19 on 2012-11-16
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1046 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Apoint\HidFind.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\PROGRA~1\DELLSU~1\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Common Files\SupportSoft\bin\bcont.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=114066 ... 197dbd54ff
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=4070312
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: AOL Toolbar Search Class: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - c:\program files\aol toolbar\aoltb.dll
mURLSearchHooks: AOL Toolbar Search Class: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - c:\program files\aol toolbar\aoltb.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - c:\program files\aol toolbar\aoltb.dll
BHO: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - c:\program files\xfin_portal\comcastdx.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - c:\program files\xfin_portal\auxi\comcastAu.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dll
BHO: Price Check by AOL: {D25B97E9-62B2-40CE-BECF-E43A7B879072} - c:\program files\price check by aol\aolpricecheck.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: AOL Toolbar: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - c:\program files\aol toolbar\aoltb.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - c:\program files\xfin_portal\comcastdx.dll
TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - c:\program files\aol toolbar\aoltb.dll
uRun: [ModemOnHold] c:\program files\netwaiting\netWaiting.exe
uRun: [DellSupport] "c:\progra~1\dellsu~1\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup
uRun: [Desktop Software] "c:\program files\common files\supportsoft\bin\bcont.exe" /ini "c:\program files\comcastui\desktop software\uinstaller.ini" /fromrun /starthidden
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
StartupFolder: c:\docume~1\louise\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Search - http://tbedits.televisionfanatic.com/on ... 2011081118
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/pub/s ... wflash.cab
TCP: NameServer = 192.168.2.1 75.75.75.75 75.75.76.76
TCP: Interfaces\{03FCBFDA-4AFB-474F-A6C9-E61CB8EBF347} : DHCPNameServer = 192.168.2.1 75.75.75.75 75.75.76.76
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\louise\application data\mozilla\firefox\profiles\i3nobu4a.default\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=114066 ... 197dbd54ff
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\livingplay games\nplplaypop.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10516.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - ExtSQL: 2012-09-26 19:38; ffxtlbr@babylon.com; c:\documents and settings\louise\application data\mozilla\firefox\profiles\i3nobu4a.default\extensions\ffxtlbr@babylon.com
FF - ExtSQL: 2012-10-19 20:35; {0153E448-190B-4987-BDE1-F256CADA672F}; c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112414&tt=3612_4
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_de ... dbd54ff&q=
FF - user.js: extensions.BabylonToolbar.id - 3cefb9b300000000000000197dbd54ff
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15633
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.820:37:43
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-8-6 721000]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-8-6 353688]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-8-6 21256]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-8-6 44808]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-3-12 30192]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-11-13 40776]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 SBRE;SBRE;\??\c:\windows\system32\drivers\sbredrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
.
=============== Created Last 30 ================
.
2012-11-13 18:33:57 -------- d-----w- c:\documents and settings\louise\application data\comcasttb
2012-11-13 17:19:18 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-10-20 23:21:41 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-20 00:35:57 -------- d-----w- c:\program files\common files\xing shared
2012-10-20 00:29:16 -------- d-----w- c:\documents and settings\louise\local settings\application data\Real
.
==================== Find3M ====================
.
2012-10-20 23:45:10 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-30 00:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14:53 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:15 385024 ----a-w- c:\windows\system32\html.iec
2012-08-24 13:53:22 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-21 13:33:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 12:58:09 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST96812AS rev.8.04 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A2F24B1]<<
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x8a2f993c]; MOV EAX, [0x8a2f9ab0]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
1 ntkrnlpa!IofCallDriver[0x804EF1F0] -> \Device\Harddisk0\DR0[0x8A67DAB8]
3 CLASSPNP[0xBA0E8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1F0] -> \Device\00000078[0x8A668510]
5 ACPI[0xB9F7F620] -> ntkrnlpa!IofCallDriver[0x804EF1F0] -> [0x8A680940]
\Driver\atapi[0x8A3181D0] -> IRP_MJ_CREATE -> 0x8A2F24B1
error: Read A device attached to the system is not functioning.
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
detected hooks:
\Driver\atapi DriverStartIo -> 0x8A2F22E2
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
.
============= FINISH: 1:57:27.68 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-07.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 3/19/2007 5:13:58 PM
System Uptime: 11/16/2012 1:41:45 AM (0 hours ago)
.
Motherboard: Dell Inc. | | 0NF743
Processor: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz | Microprocessor | 1664/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 56 GiB total, 29.893 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP387: 9/15/2012 2:48:42 PM - System Checkpoint
RP388: 9/22/2012 4:43:00 PM - Software Distribution Service 3.0
RP389: 9/24/2012 7:01:09 PM - System Checkpoint
RP390: 9/26/2012 8:03:55 PM - System Checkpoint
RP391: 9/30/2012 8:34:53 PM - System Checkpoint
RP392: 10/13/2012 12:07:22 PM - Software Distribution Service 3.0
RP393: 10/13/2012 8:34:06 PM - Software Distribution Service 3.0
RP394: 10/18/2012 6:29:18 AM - System Checkpoint
RP395: 10/19/2012 6:32:33 PM - System Checkpoint
RP396: 10/20/2012 7:42:22 PM - System Checkpoint
RP397: 10/25/2012 5:11:27 AM - System Checkpoint
RP398: 10/26/2012 6:22:35 AM - System Checkpoint
RP399: 10/27/2012 10:54:14 AM - System Checkpoint
RP400: 10/28/2012 6:17:16 PM - System Checkpoint
RP401: 11/2/2012 6:31:42 AM - System Checkpoint
RP402: 11/3/2012 5:31:17 PM - System Checkpoint
RP403: 11/4/2012 9:03:20 PM - System Checkpoint
RP404: 11/7/2012 8:37:22 PM - System Checkpoint
RP405: 11/10/2012 7:00:48 AM - System Checkpoint
RP406: 11/13/2012 1:46:00 PM - Removed BabylonObjectInstaller
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
Advanced SystemCare 3
ALPS Touch Pad Driver
AOL Toolbar
avast! Free Antivirus
Broadcom Management Programs
Comcast Desktop Software (v1.2.1)
Compatibility Pack for the 2007 Office system
Conexant HDA D110 MDC V.92 Modem
Dell Support 3.2.1
Dell Wireless WLAN Card
Digital Line Detect
Download Updater (AOL Inc.)
ExamView Pro
Google Desktop
GoToMeeting 5.1.0.880
High Definition Audio Driver Package - KB835221
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel(R) Graphics Media Accelerator Driver
InterActual Player
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 7
LivingPlay
Malwarebytes Anti-Malware version 1.65.1.1000
McAfee Security Scan Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Modem Helper
Mozilla Firefox 16.0.1 (x86 en-US)
Mozilla Maintenance Service
MSN
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NetWaiting
OpenOffice.org 3.3
PowerDVD 5.7
Price Check by AOL
QuickSet
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
SearchAssist
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB978506)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
URL Assistant
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
XFINITY Toolbar
.
==== Event Viewer Messages From Past Week ========
.
11/16/2012 1:56:22 AM, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.
11/16/2012 1:43:51 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Adobe Flash Player Update Service service to connect.
11/16/2012 1:43:51 AM, error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/13/2012 11:53:10 AM, error: Dhcp [1002] - The IP address lease 10.0.0.7 for the Network Card with network address 00197DBD54FF has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
11/13/2012 1:46:03 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
11/11/2012 8:53:44 AM, error: Dhcp [1002] - The IP address lease 10.0.0.7 for the Network Card with network address 00197DBD54FF has been denied by the DHCP server 172.16.0.1 (The DHCP Server sent a DHCPNACK message).
11/10/2012 7:07:24 AM, error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
11/10/2012 6:39:14 AM, error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
.
==== End Of File ===========================
blackhillsgalsbff
Regular Member
 
Posts: 21
Joined: November 13th, 2012, 3:20 pm
Advertisement
Register to Remove

Re: Please check out my laptop for me?

Unread postby nunped » November 19th, 2012, 4:42 pm

Hello blackhillsgalsbff, and welcome to the forum.

My name is nunped and I'll be helping you with any malware problems. I'm an Undergraduate trainee here, and as such my posts to you have to first be checked by a Teacher, because of this my replies to your posts may be slightly delayed. Please be patient and I'm sure we'll be able to resolve your problems.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Here are some guidelines for the cleaning process to run as easy as possible.

  1. Please read this topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
  2. The instructions being given are for YOUR computer and system only! Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  3. You must have Administrator rights permissions for this computer.
  4. DO NOT run any other fix or removal tools unless instructed to do so!
  5. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  6. Only post your problem at one help site. Applying fixes from multiple help sites can cause problems.
  7. Only reply to this thread. Do not start another thread.
  8. The absence of symptoms does not imply the absence of malware. Please continue responding until I give you the "All Clean".
  9. No Reply Within 3 Days will result in your topic being closed!


Read through these instructions with your full attention.
Please ask first if you have any doubts.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Please check out my laptop for me?

Unread postby blackhillsgalsbff » November 19th, 2012, 9:38 pm

Thank you, nunped.
I await your reply. :)
blackhillsgalsbff
Regular Member
 
Posts: 21
Joined: November 13th, 2012, 3:20 pm

Re: Please check out my laptop for me?

Unread postby nunped » November 20th, 2012, 11:28 am

Hi blackhillsgalsbff,


Warning


I see you have Advanced SystemCare 3 installed. The company of this program, IOBit, has a checkered past. Also, it functions as an antivirus and you already have avast!. So, I advise you to uninstall it.

Step 1 - OTL
Please download OTL by Old Timer. Save it to your Desktop.
If you can't download the exe file, try these links:
http://oldtimer.geekstogo.com/OTL.com
http://oldtimer.geekstogo.com/OTL.scr
  • Double click OTL.exe (or OTL.com or OTL.scr) to launch the programme.
  • Click the Scan All Users checkbox.
    Leave the remaining selections to the default settings.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  • Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Step 2 - TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com). If you don't see file extensions, please see: How to change the file extension.
  • Click the Start Scan button. Do not use the computer during the scan!
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Ensure SKIP is selected... DO NOT attempt to FIX anything yet!
    • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory. (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Please check out my laptop for me?

Unread postby blackhillsgalsbff » November 20th, 2012, 12:44 pm

Hello, nunped,
Thank you for your help!
I uninstalled Advanced SystemCare 3.
Here are the requested logs:

OTL logfile created on: 11/20/2012 11:22:12 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Louise\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.17 Gb Available Physical Memory | 59.03% Memory free
3.84 Gb Paging File | 3.21 Gb Available in Paging File | 83.52% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.83 Gb Total Space | 29.53 Gb Free Space | 52.90% Space Free | Partition Type: NTFS

Computer Name: DBH2RNC1 | User Name: Louise | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/20 11:17:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Louise\Desktop\OTL.exe
PRC - [2012/10/19 19:35:22 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/07/03 11:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 11:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/08/06 10:10:22 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2011/05/04 12:59:48 | 000,506,088 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/01/17 17:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 17:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/04/24 02:57:42 | 001,025,320 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Common Files\SupportSoft\bin\bcont.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/08/28 21:57:12 | 000,395,776 | ---- | M] (Gteko Ltd.) -- C:\Program Files\Dell Support\DSAgnt.exe
PRC - [2006/06/29 12:13:32 | 001,032,192 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/06/29 12:12:34 | 000,376,832 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/03/24 17:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2005/10/07 00:13:38 | 000,176,128 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2005/07/27 02:41:08 | 000,045,056 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2004/06/28 09:56:12 | 000,045,056 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\hidfind.exe
PRC - [2003/09/10 02:24:00 | 000,020,480 | ---- | M] () -- C:\Program Files\NetWaiting\netwaiting.exe


========== Modules (No Company Name) ==========

MOD - [2012/11/19 16:24:38 | 001,835,520 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12111901\algo.dll
MOD - [2012/09/03 08:11:03 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/03/30 16:06:02 | 000,087,512 | ---- | M] () -- C:\Program Files\xfin_portal\comcastdx.dll
MOD - [2010/08/01 06:56:48 | 000,034,816 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll
MOD - [2006/11/22 18:35:44 | 000,086,016 | ---- | M] () -- C:\WINDOWS\system32\preflib.dll
MOD - [2006/11/22 18:30:58 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2006/06/29 12:13:50 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2005/10/13 13:53:36 | 000,090,223 | ---- | M] () -- C:\Program Files\Dell\QuickSet\preflibcl.dll
MOD - [2003/09/10 02:24:00 | 000,020,480 | ---- | M] () -- C:\Program Files\NetWaiting\netwaiting.exe


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/10/28 17:08:27 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/20 18:45:11 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 11:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/08/06 10:10:22 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2006/06/29 12:12:34 | 000,376,832 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/11/13 12:20:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/07/03 11:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 11:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 11:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 11:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/07/03 11:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/07/03 11:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/03 11:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2006/11/22 18:34:36 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006/10/08 18:35:14 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/03/24 17:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/01/10 11:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/09/28 06:57:18 | 000,113,847 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&cli ... bd=4070312
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en&cli ... bd=4070312
IE - HKLM\..\URLSearchHook: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect.search.aol.com/red ... 843&query={searchTerms}&invocationType=tb50-ie-aolrt-chromesbox-en-us&tb_uuid=20120215104459265&tb_oid=15-02-2012&tb_mrud=30-04-2012
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&cli ... bd=4070312
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&cli ... bd=4070312
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&cli ... bd=4070312
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&cli ... bd=4070312
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&cli ... bd=4070312
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.50searchengines.com/?op [Binary data over 200 bytes]
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=114066 ... 197dbd54ff
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\URLSearchHook: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=114066&tt=4212_1&babsrc=SP_ss&mntrId=3cefb9b300000000000000197dbd54ff
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect.search.aol.com/red ... 843&query={searchTerms}&invocationType=tb50-ie-aol.r-chromesbox-en-us&tb_uuid=20120215104459265&tb_oid=15-02-2012&tb_mrud=15-02-2012
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7DMUS_enUS329&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=M-IOR_2m ... PEsg5jY?q={searchTerms}
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\SearchScopes\{B22C8CB2-F5BE-4EAE-AEEC-F5736A71EBAD}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DMUS_en
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\SearchScopes\Comcast: "URL" = http://search.xfinity.com/?cat=subweb&con=mmchrome&q={searchTerms}&cid=xfstart_tech_search
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\SearchScopes\Yahoo!: "URL" = http://us.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=iobit-trans
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=114066&tt=4212_1&babsrc=HP_ss&mntrId=3cefb9b300000000000000197dbd54ff"
FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.5.0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.CouponAlert_2p.com/Plugin: C:\Program Files\CouponAlert_2pEI\Installr\1.bin\NP2pEISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10516.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\npDisplayEngine: C:\Program Files\LivingPlay Games\nplplaypop.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/10 08:01:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/19 19:35:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/28 17:08:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/28 17:08:16 | 000,000,000 | ---D | M]

[2011/08/21 18:37:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Louise\Application Data\Mozilla\Extensions
[2012/11/13 14:15:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Louise\Application Data\Mozilla\Firefox\Profiles\i3nobu4a.default\extensions
[2012/10/28 17:08:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LOUISE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\I3NOBU4A.DEFAULT\EXTENSIONS\FFXTLBR@BABYLON.COM
[2012/10/28 17:08:28 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/08/06 10:10:22 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/10/19 19:35:30 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012/10/19 19:37:22 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/10/04 19:02:57 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/28 17:08:25 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://search.babylon.com/?affID=114066 ... 197dbd54ff
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://search.babylon.com/?affID=114066 ... 197dbd54ff
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\google\chrome\application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\google\chrome\application\23.0.1271.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\google\chrome\application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.0.147 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Display Engine v2 (Enabled) = C:\Program Files\LivingPlay Games\nplplaypop.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10516.0\npctrl.dll
CHR - Extension: YouTube = C:\Documents and Settings\Louise\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Documents and Settings\Louise\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Louise\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Louise\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Documents and Settings\Louise\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O2 - BHO: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files\xfin_portal\comcastdx.dll ()
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files\xfin_portal\auxi\comcastAu.dll (Visicom Media)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Price Check by AOL) - {D25B97E9-62B2-40CE-BECF-E43A7B879072} - C:\Program Files\Price Check by AOL\aolpricecheck.dll (AOL Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files\xfin_portal\comcastdx.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O3 - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\Toolbar\WebBrowser: (AOL Toolbar) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-1205570126-4147309066-707695593-1007..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\S-1-5-21-1205570126-4147309066-707695593-1007..\Run: [Desktop Software] C:\Program Files\Common Files\SupportSoft\bin\bcont.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-1205570126-4147309066-707695593-1007..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe" File not found
O4 - HKU\S-1-5-21-1205570126-4147309066-707695593-1007..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netwaiting.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\Louise\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - http://tbedits.televisionfanatic.com/on ... 2011081118 File not found
O15 - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03FCBFDA-4AFB-474F-A6C9-E61CB8EBF347}: DhcpNameServer = 192.168.2.1 75.75.75.75 75.75.76.76
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Louise\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Louise\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/20 11:17:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Louise\Desktop\OTL.exe
[2012/11/16 02:12:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Louise\Desktop\MRU postings by Kathy
[2012/11/16 01:56:19 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Louise\Start Menu\Programs\Administrative Tools
[2012/11/13 13:33:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Louise\Application Data\comcasttb
[2012/11/13 12:19:18 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/10/28 17:08:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/11/20 11:20:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1205570126-4147309066-707695593-1008UA.job
[2012/11/20 11:17:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Louise\Desktop\OTL.exe
[2012/11/20 11:14:00 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1205570126-4147309066-707695593-1009UA.job
[2012/11/20 10:57:01 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1205570126-4147309066-707695593-1007.job
[2012/11/20 10:56:53 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1205570126-4147309066-707695593-1007.job
[2012/11/20 10:56:52 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/11/20 10:56:17 | 2137,456,640 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/20 10:56:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/11/19 20:43:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/11/19 12:13:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1205570126-4147309066-707695593-1009Core.job
[2012/11/18 02:38:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/11/13 12:20:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/11/13 12:07:40 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/11 09:18:48 | 000,385,164 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/11/11 09:18:48 | 000,054,682 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/11/11 09:04:10 | 000,001,957 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Comcast Desktop Software.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/11/13 12:07:40 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/11 09:04:10 | 000,001,957 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Comcast Desktop Software.lnk
[2012/03/14 12:02:41 | 000,060,304 | ---- | C] () -- C:\Documents and Settings\Louise\g2mdlhlpx.exe
[2012/02/16 18:38:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/11/26 17:32:01 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/02/13 19:22:09 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Louise\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/25 17:21:54 | 000,000,040 | ---- | C] () -- C:\WINDOWS\BO5140.INI
[2010/12/25 17:19:51 | 000,000,410 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/12/25 17:19:51 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2010/12/25 17:19:50 | 000,000,026 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007/12/15 19:11:32 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\Louise\Application Data\evplay.prf
[2007/12/15 19:09:59 | 000,001,058 | ---- | C] () -- C:\Documents and Settings\Louise\Application Data\evmanage.prf
[2007/11/23 05:50:09 | 000,003,780 | ---- | C] () -- C:\Documents and Settings\Louise\Application Data\evpro32.prf
[2007/03/12 16:37:34 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare

========== ZeroAccess Check ==========

[2004/08/10 14:09:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >


OTL Extras logfile created on: 11/20/2012 11:22:12 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Louise\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.17 Gb Available Physical Memory | 59.03% Memory free
3.84 Gb Paging File | 3.21 Gb Available in Paging File | 83.52% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.83 Gb Total Space | 29.53 Gb Free Space | 52.90% Space Free | Partition Type: NTFS

Computer Name: DBH2RNC1 | User Name: Louise | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{118C3943-1683-42EF-824D-C22E70DB42E7}" = Comcast Desktop Software (v1.2.1)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217000FF}" = Java(TM) 7
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Management Programs
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.7
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEE2252C-4035-4B27-8EC6-0B085DD3A413}" = Dell Support 3.2.1
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AOL Toolbar" = AOL Toolbar
"avast" = avast! Free Antivirus
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"ExamView Pro" = ExamView Pro
"Google Desktop" = Google Desktop
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InterActual Player" = InterActual Player
"LivingPlay" = LivingPlay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 16.0.1 (x86 en-US)" = Mozilla Firefox 16.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Price Check by AOL" = Price Check by AOL
"RealPlayer 15.0" = RealPlayer
"SearchAssist" = SearchAssist
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"xfin_portal" = XFINITY Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1205570126-4147309066-707695593-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AOL Toolbar" = AOL Toolbar
"GoToMeeting" = GoToMeeting 5.1.0.880

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/13/2012 2:32:57 PM | Computer Name = DBH2RNC1 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ieframe.dll, version 8.0.6001.19328, fault address 0x000b78f9.

Error - 11/13/2012 2:34:33 PM | Computer Name = DBH2RNC1 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ieframe.dll, version 8.0.6001.19328, fault address 0x000b78f9.

Error - 11/13/2012 3:21:32 PM | Computer Name = DBH2RNC1 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ieframe.dll, version 8.0.6001.19328, fault address 0x000b78f9.

Error - 11/13/2012 3:22:05 PM | Computer Name = DBH2RNC1 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module ieframe.dll, version 8.0.6001.19328, fault address 0x000b78f9.

Error - 11/20/2012 12:07:47 PM | Computer Name = DBH2RNC1 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The server name or address could not be resolved

Error - 11/20/2012 12:07:47 PM | Computer Name = DBH2RNC1 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 11/20/2012 12:07:47 PM | Computer Name = DBH2RNC1 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 11/20/2012 12:07:47 PM | Computer Name = DBH2RNC1 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 11/20/2012 12:07:47 PM | Computer Name = DBH2RNC1 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 11/20/2012 12:07:47 PM | Computer Name = DBH2RNC1 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

[ System Events ]
Error - 11/19/2012 4:01:42 AM | Computer Name = DBH2RNC1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 11/19/2012 4:01:42 AM | Computer Name = DBH2RNC1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 11/19/2012 4:02:05 AM | Computer Name = DBH2RNC1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 11/19/2012 4:02:05 AM | Computer Name = DBH2RNC1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 11/19/2012 4:02:05 AM | Computer Name = DBH2RNC1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 11/19/2012 4:02:05 AM | Computer Name = DBH2RNC1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 11/19/2012 4:02:05 AM | Computer Name = DBH2RNC1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 11/19/2012 4:02:05 AM | Computer Name = DBH2RNC1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 11/20/2012 12:14:10 PM | Computer Name = DBH2RNC1 | Source = Service Control Manager | ID = 7031
Description = The avast! Antivirus service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.

Error - 11/20/2012 12:24:17 PM | Computer Name = DBH2RNC1 | Source = Service Control Manager | ID = 7031
Description = The avast! Antivirus service terminated unexpectedly. It has done
this 2 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.


< End of report >


11:32:19.0390 2588 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:32:19.0718 2588 ============================================================
11:32:19.0718 2588 Current date / time: 2012/11/20 11:32:19.0718
11:32:19.0718 2588 SystemInfo:
11:32:19.0718 2588
11:32:19.0718 2588 OS Version: 5.1.2600 ServicePack: 3.0
11:32:19.0718 2588 Product type: Workstation
11:32:19.0718 2588 ComputerName: DBH2RNC1
11:32:19.0718 2588 UserName: Louise
11:32:19.0718 2588 Windows directory: C:\WINDOWS
11:32:19.0718 2588 System windows directory: C:\WINDOWS
11:32:19.0718 2588 Processor architecture: Intel x86
11:32:19.0718 2588 Number of processors: 2
11:32:19.0718 2588 Page size: 0x1000
11:32:19.0734 2588 Boot type: Normal boot
11:32:19.0734 2588 ============================================================
11:32:20.0781 2588 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:32:20.0781 2588 ============================================================
11:32:20.0781 2588 \Device\Harddisk0\DR0:
11:32:20.0781 2588 MBR partitions:
11:32:20.0781 2588 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x6FA8678
11:32:20.0781 2588 ============================================================
11:32:20.0843 2588 C: <-> \Device\Harddisk0\DR0\Partition1
11:32:20.0843 2588 ============================================================
11:32:20.0843 2588 Initialize success
11:32:20.0843 2588 ============================================================
11:32:24.0109 1424 ============================================================
11:32:24.0109 1424 Scan started
11:32:24.0109 1424 Mode: Manual;
11:32:24.0109 1424 ============================================================
11:32:24.0921 1424 ================ Scan system memory ========================
11:32:24.0921 1424 System memory - ok
11:32:24.0921 1424 ================ Scan services =============================
11:32:25.0203 1424 [ 0B27AE82C113D3687024D18459440426 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
11:32:25.0203 1424 Aavmker4 - ok
11:32:25.0203 1424 Abiosdsk - ok
11:32:25.0250 1424 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
11:32:25.0250 1424 abp480n5 - ok
11:32:25.0296 1424 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:32:25.0312 1424 ACPI - ok
11:32:25.0328 1424 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:32:25.0328 1424 ACPIEC - ok
11:32:25.0453 1424 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:32:25.0578 1424 AdobeFlashPlayerUpdateSvc - ok
11:32:25.0765 1424 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
11:32:25.0796 1424 adpu160m - ok
11:32:25.0906 1424 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:32:25.0921 1424 aec - ok
11:32:26.0031 1424 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:32:26.0062 1424 AFD - ok
11:32:26.0109 1424 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
11:32:26.0109 1424 agp440 - ok
11:32:26.0156 1424 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
11:32:26.0156 1424 agpCPQ - ok
11:32:26.0203 1424 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
11:32:26.0203 1424 Aha154x - ok
11:32:26.0203 1424 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
11:32:26.0218 1424 aic78u2 - ok
11:32:26.0250 1424 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
11:32:26.0250 1424 aic78xx - ok
11:32:26.0296 1424 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:32:26.0296 1424 Alerter - ok
11:32:26.0343 1424 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
11:32:26.0375 1424 ALG - ok
11:32:26.0375 1424 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
11:32:26.0390 1424 AliIde - ok
11:32:26.0421 1424 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
11:32:26.0421 1424 alim1541 - ok
11:32:26.0421 1424 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
11:32:26.0421 1424 amdagp - ok
11:32:26.0437 1424 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
11:32:26.0437 1424 amsint - ok
11:32:26.0484 1424 [ 090880E9BF20F928BC341F96D27C019E ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
11:32:26.0484 1424 ApfiltrService - ok
11:32:26.0609 1424 [ EC94E05B76D033B74394E7B2175103CF ] APPDRV C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
11:32:26.0609 1424 APPDRV - ok
11:32:26.0609 1424 AppMgmt - ok
11:32:26.0671 1424 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:32:26.0671 1424 Arp1394 - ok
11:32:26.0687 1424 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
11:32:26.0687 1424 asc - ok
11:32:26.0703 1424 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
11:32:26.0703 1424 asc3350p - ok
11:32:26.0703 1424 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
11:32:26.0703 1424 asc3550 - ok
11:32:26.0859 1424 [ E1A1206A4FB19B675E947B29CCD25FBA ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
11:32:26.0859 1424 aspnet_state - ok
11:32:26.0937 1424 [ 1C1F3D6DDDC046C920C493A779649F66 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
11:32:26.0937 1424 aswFsBlk - ok
11:32:26.0968 1424 [ 9E912FE7B41650701EF2B227ACA440F3 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
11:32:26.0984 1424 aswMon2 - ok
11:32:27.0015 1424 [ 982E275D1C5801042FE94209FB0160FB ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
11:32:27.0031 1424 aswRdr - ok
11:32:27.0156 1424 [ 73DBCF808E00580F2A47F93DD9B03876 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
11:32:27.0171 1424 aswSnx - ok
11:32:27.0250 1424 [ 6CBD7D3A33F498D09C831CDD732DA2E0 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
11:32:27.0250 1424 aswSP - ok
11:32:27.0281 1424 [ 7109A9AA551F37CD168C02368465957E ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
11:32:27.0281 1424 aswTdi - ok
11:32:27.0296 1424 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:32:27.0296 1424 AsyncMac - ok
11:32:27.0312 1424 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:32:27.0312 1424 atapi - ok
11:32:27.0328 1424 Atdisk - ok
11:32:27.0375 1424 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:32:27.0375 1424 Atmarpc - ok
11:32:27.0437 1424 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:32:27.0468 1424 AudioSrv - ok
11:32:27.0515 1424 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:32:27.0515 1424 audstub - ok
11:32:27.0703 1424 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:32:27.0703 1424 avast! Antivirus - ok
11:32:27.0984 1424 [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
11:32:27.0984 1424 BCM43XX - ok
11:32:28.0062 1424 [ 6489310D11971F6BA6C7F49BE0BAF6E0 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
11:32:28.0062 1424 bcm4sbxp - ok
11:32:28.0296 1424 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:32:28.0296 1424 Beep - ok
11:32:28.0750 1424 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
11:32:28.0750 1424 BITS - ok
11:32:29.0031 1424 [ CAC61BDD786A6928989451871FBCEDB8 ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe
11:32:29.0031 1424 Brother XP spl Service - ok
11:32:29.0093 1424 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
11:32:29.0109 1424 Browser - ok
11:32:29.0187 1424 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
11:32:29.0187 1424 cbidf - ok
11:32:29.0203 1424 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:32:29.0203 1424 cbidf2k - ok
11:32:29.0281 1424 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
11:32:29.0281 1424 cd20xrnt - ok
11:32:29.0343 1424 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:32:29.0375 1424 Cdaudio - ok
11:32:29.0437 1424 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:32:29.0437 1424 Cdfs - ok
11:32:29.0500 1424 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:32:29.0500 1424 Cdrom - ok
11:32:29.0500 1424 Changer - ok
11:32:29.0546 1424 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:32:29.0546 1424 CiSvc - ok
11:32:29.0593 1424 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:32:29.0609 1424 ClipSrv - ok
11:32:29.0640 1424 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:32:29.0640 1424 CmBatt - ok
11:32:29.0703 1424 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
11:32:29.0703 1424 CmdIde - ok
11:32:29.0734 1424 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:32:29.0734 1424 Compbatt - ok
11:32:29.0750 1424 COMSysApp - ok
11:32:29.0765 1424 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
11:32:29.0765 1424 Cpqarray - ok
11:32:29.0812 1424 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:32:29.0812 1424 CryptSvc - ok
11:32:29.0890 1424 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
11:32:29.0984 1424 dac2w2k - ok
11:32:30.0015 1424 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
11:32:30.0031 1424 dac960nt - ok
11:32:30.0187 1424 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:32:30.0203 1424 DcomLaunch - ok
11:32:30.0265 1424 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:32:30.0265 1424 Dhcp - ok
11:32:30.0281 1424 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:32:30.0281 1424 Disk - ok
11:32:30.0296 1424 dmadmin - ok
11:32:30.0500 1424 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:32:30.0656 1424 dmboot - ok
11:32:30.0734 1424 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:32:30.0750 1424 dmio - ok
11:32:30.0765 1424 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:32:30.0765 1424 dmload - ok
11:32:30.0812 1424 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:32:30.0812 1424 dmserver - ok
11:32:30.0843 1424 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:32:30.0843 1424 DMusic - ok
11:32:30.0921 1424 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:32:30.0921 1424 Dnscache - ok
11:32:31.0015 1424 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:32:31.0015 1424 Dot3svc - ok
11:32:31.0015 1424 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
11:32:31.0015 1424 dpti2o - ok
11:32:31.0031 1424 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:32:31.0031 1424 drmkaud - ok
11:32:31.0187 1424 [ 2AC2372FFAD9ADC85672CC8E8AE14BE9 ] DSproct C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
11:32:31.0187 1424 DSproct - ok
11:32:31.0218 1424 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
11:32:31.0234 1424 E100B - ok
11:32:31.0265 1424 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:32:31.0281 1424 EapHost - ok
11:32:31.0312 1424 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:32:31.0328 1424 ERSvc - ok
11:32:31.0375 1424 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
11:32:31.0390 1424 Eventlog - ok
11:32:31.0453 1424 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
11:32:31.0468 1424 EventSystem - ok
11:32:31.0484 1424 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:32:31.0484 1424 Fastfat - ok
11:32:31.0562 1424 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:32:31.0578 1424 FastUserSwitchingCompatibility - ok
11:32:31.0609 1424 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
11:32:31.0625 1424 Fax - ok
11:32:31.0640 1424 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
11:32:31.0640 1424 Fdc - ok
11:32:31.0656 1424 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:32:31.0656 1424 Fips - ok
11:32:31.0656 1424 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:32:31.0671 1424 Flpydisk - ok
11:32:31.0734 1424 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:32:31.0750 1424 FltMgr - ok
11:32:31.0765 1424 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:32:31.0765 1424 Fs_Rec - ok
11:32:31.0781 1424 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:32:31.0796 1424 Ftdisk - ok
11:32:31.0890 1424 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
11:32:31.0890 1424 GoogleDesktopManager-051210-111108 - ok
11:32:31.0953 1424 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:32:31.0953 1424 Gpc - ok
11:32:32.0031 1424 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:32:32.0046 1424 HDAudBus - ok
11:32:32.0156 1424 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:32:32.0156 1424 helpsvc - ok
11:32:32.0156 1424 HidServ - ok
11:32:32.0218 1424 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:32:32.0218 1424 HidUsb - ok
11:32:32.0296 1424 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:32:32.0296 1424 hkmsvc - ok
11:32:32.0343 1424 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
11:32:32.0343 1424 hpn - ok
11:32:32.0515 1424 [ E8EC1767EA315A39A0DD8989952CA0E9 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
11:32:32.0515 1424 HSF_DPV - ok
11:32:32.0531 1424 [ 61478FA42EE04562E7F11F4DCA87E9C8 ] HSXHWAZL C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
11:32:32.0531 1424 HSXHWAZL - ok
11:32:32.0593 1424 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:32:32.0593 1424 HTTP - ok
11:32:32.0671 1424 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:32:32.0687 1424 HTTPFilter - ok
11:32:32.0703 1424 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
11:32:32.0718 1424 i2omgmt - ok
11:32:32.0734 1424 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
11:32:32.0750 1424 i2omp - ok
11:32:32.0765 1424 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:32:32.0765 1424 i8042prt - ok
11:32:33.0062 1424 [ CC449157474D5E43DAEA7E20F52C635A ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
11:32:33.0062 1424 ialm - ok
11:32:33.0093 1424 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:32:33.0093 1424 Imapi - ok
11:32:33.0140 1424 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:32:33.0156 1424 ImapiService - ok
11:32:33.0171 1424 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
11:32:33.0171 1424 ini910u - ok
11:32:33.0203 1424 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
11:32:33.0203 1424 IntelIde - ok
11:32:33.0218 1424 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:32:33.0218 1424 intelppm - ok
11:32:33.0234 1424 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
11:32:33.0234 1424 Ip6Fw - ok
11:32:33.0250 1424 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:32:33.0250 1424 IpFilterDriver - ok
11:32:33.0250 1424 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:32:33.0250 1424 IpInIp - ok
11:32:33.0281 1424 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:32:33.0281 1424 IpNat - ok
11:32:33.0312 1424 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:32:33.0312 1424 IPSec - ok
11:32:33.0312 1424 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:32:33.0312 1424 IRENUM - ok
11:32:33.0343 1424 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:32:33.0343 1424 isapnp - ok
11:32:33.0500 1424 [ A1509BA3A5FDC5366146E92B3D130EB5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
11:32:33.0515 1424 JavaQuickStarterService - ok
11:32:33.0531 1424 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:32:33.0531 1424 Kbdclass - ok
11:32:33.0562 1424 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:32:33.0562 1424 kmixer - ok
11:32:33.0640 1424 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:32:33.0640 1424 KSecDD - ok
11:32:33.0703 1424 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:32:33.0718 1424 lanmanserver - ok
11:32:33.0796 1424 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:32:33.0812 1424 lanmanworkstation - ok
11:32:33.0812 1424 lbrtfdc - ok
11:32:33.0859 1424 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:32:33.0875 1424 LmHosts - ok
11:32:33.0906 1424 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
11:32:33.0906 1424 MBAMSwissArmy - ok
11:32:34.0125 1424 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
11:32:34.0140 1424 McComponentHostService - ok
11:32:34.0171 1424 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
11:32:34.0171 1424 mdmxsdk - ok
11:32:34.0281 1424 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:32:34.0312 1424 Messenger - ok
11:32:34.0546 1424 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:32:34.0562 1424 mnmdd - ok
11:32:34.0640 1424 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:32:34.0656 1424 mnmsrvc - ok
11:32:34.0687 1424 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:32:34.0687 1424 Modem - ok
11:32:34.0718 1424 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:32:34.0718 1424 Mouclass - ok
11:32:34.0765 1424 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:32:34.0765 1424 mouhid - ok
11:32:34.0828 1424 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:32:34.0828 1424 MountMgr - ok
11:32:34.0906 1424 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:32:34.0937 1424 MozillaMaintenance - ok
11:32:34.0968 1424 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
11:32:34.0968 1424 mraid35x - ok
11:32:35.0078 1424 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:32:35.0109 1424 MRxDAV - ok
11:32:35.0218 1424 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:32:35.0218 1424 MRxSmb - ok
11:32:35.0281 1424 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:32:35.0281 1424 MSDTC - ok
11:32:35.0328 1424 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:32:35.0328 1424 Msfs - ok
11:32:35.0328 1424 MSIServer - ok
11:32:35.0359 1424 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:32:35.0359 1424 MSKSSRV - ok
11:32:35.0359 1424 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:32:35.0359 1424 MSPCLOCK - ok
11:32:35.0390 1424 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:32:35.0390 1424 MSPQM - ok
11:32:35.0421 1424 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:32:35.0421 1424 mssmbios - ok
11:32:35.0468 1424 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:32:35.0468 1424 Mup - ok
11:32:35.0562 1424 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
11:32:35.0609 1424 napagent - ok
11:32:35.0640 1424 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:32:35.0640 1424 NDIS - ok
11:32:35.0687 1424 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:32:35.0687 1424 NdisTapi - ok
11:32:35.0703 1424 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:32:35.0703 1424 Ndisuio - ok
11:32:35.0718 1424 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:32:35.0750 1424 NdisWan - ok
11:32:35.0828 1424 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:32:35.0828 1424 NDProxy - ok
11:32:35.0843 1424 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:32:35.0843 1424 NetBIOS - ok
11:32:35.0859 1424 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:32:35.0875 1424 NetBT - ok
11:32:35.0937 1424 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
11:32:35.0968 1424 NetDDE - ok
11:32:35.0968 1424 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:32:35.0984 1424 NetDDEdsdm - ok
11:32:36.0078 1424 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:32:36.0078 1424 Netlogon - ok
11:32:36.0109 1424 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
11:32:36.0109 1424 Netman - ok
11:32:36.0171 1424 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:32:36.0187 1424 NIC1394 - ok
11:32:36.0296 1424 [ 8A6FA8E0B302DF2496802AAFDA5CE810 ] NICCONFIGSVC C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
11:32:36.0296 1424 NICCONFIGSVC - ok
11:32:36.0359 1424 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
11:32:36.0359 1424 Nla - ok
11:32:36.0390 1424 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:32:36.0390 1424 Npfs - ok
11:32:36.0484 1424 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:32:36.0500 1424 Ntfs - ok
11:32:36.0515 1424 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:32:36.0515 1424 NtLmSsp - ok
11:32:36.0562 1424 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:32:36.0625 1424 NtmsSvc - ok
11:32:36.0640 1424 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:32:36.0640 1424 Null - ok
11:32:37.0031 1424 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:32:37.0453 1424 nv - ok
11:32:37.0500 1424 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:32:37.0500 1424 NwlnkFlt - ok
11:32:37.0515 1424 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:32:37.0515 1424 NwlnkFwd - ok
11:32:37.0546 1424 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:32:37.0546 1424 ohci1394 - ok
11:32:37.0609 1424 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:32:37.0640 1424 ose - ok
11:32:37.0656 1424 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:32:37.0671 1424 Parport - ok
11:32:37.0718 1424 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:32:37.0718 1424 PartMgr - ok
11:32:37.0734 1424 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:32:37.0734 1424 ParVdm - ok
11:32:37.0781 1424 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:32:37.0781 1424 PCI - ok
11:32:37.0781 1424 PCIDump - ok
11:32:37.0796 1424 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:32:37.0796 1424 PCIIde - ok
11:32:37.0812 1424 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:32:37.0812 1424 Pcmcia - ok
11:32:37.0812 1424 PDCOMP - ok
11:32:37.0828 1424 PDFRAME - ok
11:32:37.0828 1424 PDRELI - ok
11:32:37.0828 1424 PDRFRAME - ok
11:32:37.0843 1424 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
11:32:37.0843 1424 perc2 - ok
11:32:37.0859 1424 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
11:32:37.0859 1424 perc2hib - ok
11:32:37.0906 1424 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
11:32:37.0906 1424 PlugPlay - ok
11:32:37.0984 1424 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:32:37.0984 1424 PolicyAgent - ok
11:32:38.0031 1424 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:32:38.0046 1424 PptpMiniport - ok
11:32:38.0062 1424 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:32:38.0062 1424 ProtectedStorage - ok
11:32:38.0156 1424 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:32:38.0156 1424 PSched - ok
11:32:38.0203 1424 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:32:38.0203 1424 Ptilink - ok
11:32:38.0234 1424 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
11:32:38.0234 1424 ql1080 - ok
11:32:38.0296 1424 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
11:32:38.0296 1424 Ql10wnt - ok
11:32:38.0328 1424 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
11:32:38.0328 1424 ql12160 - ok
11:32:38.0359 1424 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
11:32:38.0359 1424 ql1240 - ok
11:32:38.0390 1424 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
11:32:38.0406 1424 ql1280 - ok
11:32:38.0421 1424 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:32:38.0421 1424 RasAcd - ok
11:32:38.0500 1424 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:32:38.0531 1424 RasAuto - ok
11:32:38.0531 1424 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:32:38.0531 1424 Rasl2tp - ok
11:32:38.0593 1424 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:32:38.0609 1424 RasMan - ok
11:32:38.0609 1424 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:32:38.0609 1424 RasPppoe - ok
11:32:38.0640 1424 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:32:38.0640 1424 Raspti - ok
11:32:38.0718 1424 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:32:38.0781 1424 Rdbss - ok
11:32:38.0781 1424 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:32:38.0796 1424 RDPCDD - ok
11:32:38.0812 1424 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:32:38.0828 1424 rdpdr - ok
11:32:38.0890 1424 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:32:38.0890 1424 RDPWD - ok
11:32:38.0968 1424 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:32:39.0078 1424 RDSessMgr - ok
11:32:39.0109 1424 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:32:39.0109 1424 redbook - ok
11:32:39.0156 1424 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:32:39.0156 1424 RemoteAccess - ok
11:32:39.0203 1424 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
11:32:39.0218 1424 RpcLocator - ok
11:32:39.0328 1424 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:32:39.0328 1424 RpcSs - ok
11:32:39.0453 1424 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:32:39.0468 1424 RSVP - ok
11:32:39.0468 1424 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
11:32:39.0484 1424 SamSs - ok
11:32:39.0484 1424 SBRE - ok
11:32:39.0562 1424 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:32:39.0578 1424 SCardSvr - ok
11:32:39.0671 1424 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:32:39.0687 1424 Schedule - ok
11:32:39.0750 1424 [ 8EDD7B9E4A4B4C16E2DAB9188CAA861B ] SDDMI2 C:\WINDOWS\system32\DDMI2.sys
11:32:39.0750 1424 SDDMI2 - ok
11:32:39.0906 1424 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:32:39.0906 1424 Secdrv - ok
11:32:39.0968 1424 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:32:39.0984 1424 seclogon - ok
11:32:40.0046 1424 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
11:32:40.0062 1424 SENS - ok
11:32:40.0140 1424 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
11:32:40.0140 1424 serenum - ok
11:32:40.0265 1424 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
11:32:40.0265 1424 Serial - ok
11:32:40.0437 1424 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:32:40.0437 1424 Sfloppy - ok
11:32:40.0531 1424 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:32:40.0562 1424 SharedAccess - ok
11:32:40.0609 1424 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:32:40.0625 1424 ShellHWDetection - ok
11:32:40.0625 1424 Simbad - ok
11:32:40.0640 1424 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
11:32:40.0656 1424 sisagp - ok
11:32:40.0671 1424 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
11:32:40.0671 1424 Sparrow - ok
11:32:40.0734 1424 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:32:40.0734 1424 splitter - ok
11:32:40.0812 1424 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:32:40.0828 1424 Spooler - ok
11:32:40.0843 1424 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:32:40.0843 1424 sr - ok
11:32:40.0953 1424 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
11:32:40.0968 1424 srservice - ok
11:32:41.0062 1424 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:32:41.0078 1424 Srv - ok
11:32:41.0109 1424 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:32:41.0109 1424 SSDPSRV - ok
11:32:41.0328 1424 [ 3AD78E22210D3FBD9F76DE84A8DF19B5 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
11:32:41.0343 1424 STHDA - ok
11:32:41.0421 1424 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:32:41.0421 1424 stisvc - ok
11:32:41.0484 1424 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:32:41.0484 1424 swenum - ok
11:32:41.0500 1424 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:32:41.0500 1424 swmidi - ok
11:32:41.0515 1424 SwPrv - ok
11:32:41.0531 1424 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
11:32:41.0546 1424 symc810 - ok
11:32:41.0546 1424 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
11:32:41.0546 1424 symc8xx - ok
11:32:41.0562 1424 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
11:32:41.0562 1424 sym_hi - ok
11:32:41.0578 1424 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
11:32:41.0578 1424 sym_u3 - ok
11:32:41.0593 1424 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:32:41.0593 1424 sysaudio - ok
11:32:41.0671 1424 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:32:41.0703 1424 SysmonLog - ok
11:32:41.0734 1424 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:32:41.0734 1424 TapiSrv - ok
11:32:41.0812 1424 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:32:41.0812 1424 Tcpip - ok
11:32:41.0875 1424 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:32:41.0875 1424 TDPIPE - ok
11:32:41.0906 1424 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:32:41.0906 1424 TDTCP - ok
11:32:41.0937 1424 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:32:41.0937 1424 TermDD - ok
11:32:42.0062 1424 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
11:32:42.0078 1424 TermService - ok
11:32:42.0156 1424 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
11:32:42.0171 1424 Themes - ok
11:32:42.0203 1424 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
11:32:42.0203 1424 TosIde - ok
11:32:42.0281 1424 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:32:42.0343 1424 TrkWks - ok
11:32:42.0406 1424 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:32:42.0406 1424 Udfs - ok
11:32:42.0437 1424 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
11:32:42.0453 1424 ultra - ok
11:32:42.0546 1424 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:32:42.0625 1424 Update - ok
11:32:42.0656 1424 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:32:42.0671 1424 upnphost - ok
11:32:42.0703 1424 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
11:32:42.0718 1424 UPS - ok
11:32:42.0750 1424 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:32:42.0750 1424 usbehci - ok
11:32:42.0812 1424 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:32:42.0828 1424 usbhub - ok
11:32:42.0875 1424 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:32:42.0875 1424 usbprint - ok
11:32:42.0968 1424 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:32:42.0968 1424 usbscan - ok
11:32:43.0000 1424 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:32:43.0015 1424 USBSTOR - ok
11:32:43.0031 1424 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:32:43.0031 1424 usbuhci - ok
11:32:43.0062 1424 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:32:43.0062 1424 VgaSave - ok
11:32:43.0078 1424 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
11:32:43.0093 1424 viaagp - ok
11:32:43.0093 1424 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
11:32:43.0093 1424 ViaIde - ok
11:32:43.0109 1424 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:32:43.0109 1424 VolSnap - ok
11:32:43.0203 1424 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
11:32:43.0203 1424 VSS - ok
11:32:43.0234 1424 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
11:32:43.0250 1424 w32time - ok
11:32:43.0296 1424 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:32:43.0312 1424 Wanarp - ok
11:32:43.0312 1424 WDICA - ok
11:32:43.0328 1424 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:32:43.0343 1424 wdmaud - ok
11:32:43.0359 1424 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:32:43.0375 1424 WebClient - ok
11:32:43.0593 1424 [ BA6B6FB242A6BA4068C8B763063BEB63 ] winachsf C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
11:32:43.0593 1424 winachsf - ok
11:32:43.0828 1424 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:32:43.0828 1424 winmgmt - ok
11:32:43.0843 1424 wltrysvc - ok
11:32:43.0906 1424 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
11:32:43.0921 1424 WmdmPmSN - ok
11:32:43.0984 1424 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
11:32:43.0984 1424 WmiAcpi - ok
11:32:44.0015 1424 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:32:44.0031 1424 WmiApSrv - ok
11:32:44.0437 1424 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
11:32:44.0437 1424 WMPNetworkSvc - ok
11:32:44.0515 1424 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:32:44.0531 1424 wscsvc - ok
11:32:44.0546 1424 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:32:44.0546 1424 wuauserv - ok
11:32:44.0609 1424 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:32:44.0609 1424 WudfPf - ok
11:32:44.0640 1424 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:32:44.0640 1424 WudfRd - ok
11:32:44.0734 1424 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
11:32:44.0734 1424 WudfSvc - ok
11:32:44.0812 1424 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:32:44.0828 1424 WZCSVC - ok
11:32:44.0906 1424 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:32:44.0953 1424 xmlprov - ok
11:32:44.0968 1424 ================ Scan global ===============================
11:32:45.0031 1424 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
11:32:45.0109 1424 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:32:45.0140 1424 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:32:45.0171 1424 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
11:32:45.0171 1424 [Global] - ok
11:32:45.0171 1424 ================ Scan MBR ==================================
11:32:45.0203 1424 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
11:32:45.0203 1424 Suspicious mbr (Forged): \Device\Harddisk0\DR0
11:32:45.0250 1424 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
11:32:45.0250 1424 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
11:32:45.0250 1424 ================ Scan VBR ==================================
11:32:45.0296 1424 [ FD06A1FBB023C1EE460D983B551866BB ] \Device\Harddisk0\DR0\Partition1
11:32:45.0343 1424 \Device\Harddisk0\DR0\Partition1 - ok
11:32:45.0343 1424 ============================================================
11:32:45.0343 1424 Scan finished
11:32:45.0343 1424 ============================================================
11:32:45.0343 3384 Detected object count: 1
11:32:45.0343 3384 Actual detected object count: 1
11:34:06.0093 3384 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user
11:34:06.0093 3384 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip
blackhillsgalsbff
Regular Member
 
Posts: 21
Joined: November 13th, 2012, 3:20 pm

Re: Please check out my laptop for me?

Unread postby nunped » November 20th, 2012, 7:34 pm

I'm sorry I have some bad news:

Your logs show signs of a Remote Access Infection on your computer.

11:32:45.0203 1424 Suspicious mbr (Forged): \Device\Harddisk0\DR0
11:32:45.0250 1424 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
11:32:45.0250 1424 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)


These indicate you are infected with ....



Please take time to carefully read THIS topic, then let me know how you want to proceed.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Please check out my laptop for me?

Unread postby blackhillsgalsbff » November 22nd, 2012, 2:26 am

Hello, nunped,
My first choice was to repave, but when I pressed ctrl, f11 at the Dell splash screen, nothing happened, so I think I'll have to go with cleaning. I appreciate your help with this, thank you very much!
blackhillsgalsbff
Regular Member
 
Posts: 21
Joined: November 13th, 2012, 3:20 pm

Re: Please check out my laptop for me?

Unread postby nunped » November 23rd, 2012, 5:46 pm

Hi blackhillsgalsbff!

Try to look at this link of Dell Suport. Look at the PC Restore section, print the instructions so you have them available when you are offline.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Please check out my laptop for me?

Unread postby blackhillsgalsbff » November 24th, 2012, 4:08 pm

Hello, nunped,
Thank you, but I tried that already and the ctrl, f11 keystrokes are not working. May we clean my laptop, instead?
blackhillsgalsbff
Regular Member
 
Posts: 21
Joined: November 13th, 2012, 3:20 pm

Re: Please check out my laptop for me?

Unread postby nunped » November 25th, 2012, 12:27 pm

HI blackhillsgalsbff.

Ok, lets try to clean.

TDSSKiller - Rootkit Removal Tool
  1. Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Ensure Cure (default) is selected... then click Continue > Reboot now to finish the cleaning process.
  5. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory. (usually Local Disk C:).
  6. Copy and paste the contents of that file in your next reply.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Please check out my laptop for me?

Unread postby blackhillsgalsbff » November 25th, 2012, 1:27 pm

Hello, nunped,
Thank you for helping me!
After reboot, Kaspersky popped up again, so I let it run. It generated a second log which I was going to include in this post, but could not as this error message was generated: "Your message contains 129587 characters. The maximum number of allowed characters is 100000." I will include the second log in another post.
Here is the requested log:


12:06:09.0062 4024 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:06:09.0390 4024 ============================================================
12:06:09.0390 4024 Current date / time: 2012/11/25 12:06:09.0390
12:06:09.0390 4024 SystemInfo:
12:06:09.0390 4024
12:06:09.0390 4024 OS Version: 5.1.2600 ServicePack: 3.0
12:06:09.0390 4024 Product type: Workstation
12:06:09.0390 4024 ComputerName: DBH2RNC1
12:06:09.0390 4024 UserName: Louise
12:06:09.0390 4024 Windows directory: C:\WINDOWS
12:06:09.0390 4024 System windows directory: C:\WINDOWS
12:06:09.0390 4024 Processor architecture: Intel x86
12:06:09.0390 4024 Number of processors: 2
12:06:09.0390 4024 Page size: 0x1000
12:06:09.0390 4024 Boot type: Normal boot
12:06:09.0390 4024 ============================================================
12:06:10.0531 4024 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:06:10.0546 4024 ============================================================
12:06:10.0546 4024 \Device\Harddisk0\DR0:
12:06:10.0578 4024 MBR partitions:
12:06:10.0578 4024 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x6FA8678
12:06:10.0578 4024 ============================================================
12:06:10.0687 4024 C: <-> \Device\Harddisk0\DR0\Partition1
12:06:10.0687 4024 ============================================================
12:06:10.0687 4024 Initialize success
12:06:10.0687 4024 ============================================================
12:06:13.0046 1840 ============================================================
12:06:13.0046 1840 Scan started
12:06:13.0046 1840 Mode: Manual;
12:06:13.0046 1840 ============================================================
12:06:14.0281 1840 ================ Scan system memory ========================
12:06:14.0281 1840 System memory - ok
12:06:14.0281 1840 ================ Scan services =============================
12:06:14.0500 1840 [ 0B27AE82C113D3687024D18459440426 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
12:06:14.0515 1840 Aavmker4 - ok
12:06:14.0515 1840 Abiosdsk - ok
12:06:14.0562 1840 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:06:14.0562 1840 abp480n5 - ok
12:06:14.0609 1840 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:06:14.0609 1840 ACPI - ok
12:06:14.0640 1840 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
12:06:14.0640 1840 ACPIEC - ok
12:06:14.0750 1840 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:06:14.0765 1840 AdobeFlashPlayerUpdateSvc - ok
12:06:14.0843 1840 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:06:14.0859 1840 adpu160m - ok
12:06:14.0875 1840 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
12:06:14.0875 1840 aec - ok
12:06:14.0937 1840 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
12:06:14.0937 1840 AFD - ok
12:06:14.0968 1840 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
12:06:14.0968 1840 agp440 - ok
12:06:15.0000 1840 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:06:15.0000 1840 agpCPQ - ok
12:06:15.0000 1840 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:06:15.0015 1840 Aha154x - ok
12:06:15.0046 1840 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:06:15.0062 1840 aic78u2 - ok
12:06:15.0093 1840 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:06:15.0093 1840 aic78xx - ok
12:06:15.0140 1840 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
12:06:15.0140 1840 Alerter - ok
12:06:15.0156 1840 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
12:06:15.0171 1840 ALG - ok
12:06:15.0171 1840 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
12:06:15.0171 1840 AliIde - ok
12:06:15.0187 1840 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:06:15.0187 1840 alim1541 - ok
12:06:15.0187 1840 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:06:15.0203 1840 amdagp - ok
12:06:15.0218 1840 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
12:06:15.0218 1840 amsint - ok
12:06:15.0250 1840 [ 090880E9BF20F928BC341F96D27C019E ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
12:06:15.0250 1840 ApfiltrService - ok
12:06:15.0312 1840 [ EC94E05B76D033B74394E7B2175103CF ] APPDRV C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
12:06:15.0312 1840 APPDRV - ok
12:06:15.0312 1840 AppMgmt - ok
12:06:15.0359 1840 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:06:15.0359 1840 Arp1394 - ok
12:06:15.0375 1840 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
12:06:15.0375 1840 asc - ok
12:06:15.0375 1840 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:06:15.0406 1840 asc3350p - ok
12:06:15.0421 1840 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:06:15.0421 1840 asc3550 - ok
12:06:15.0531 1840 [ E1A1206A4FB19B675E947B29CCD25FBA ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
12:06:15.0546 1840 aspnet_state - ok
12:06:15.0593 1840 [ 1C1F3D6DDDC046C920C493A779649F66 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
12:06:15.0593 1840 aswFsBlk - ok
12:06:15.0625 1840 [ 9E912FE7B41650701EF2B227ACA440F3 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
12:06:15.0625 1840 aswMon2 - ok
12:06:15.0656 1840 [ 982E275D1C5801042FE94209FB0160FB ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
12:06:15.0671 1840 aswRdr - ok
12:06:15.0718 1840 [ 73DBCF808E00580F2A47F93DD9B03876 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
12:06:15.0734 1840 aswSnx - ok
12:06:15.0781 1840 [ 6CBD7D3A33F498D09C831CDD732DA2E0 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
12:06:15.0796 1840 aswSP - ok
12:06:15.0812 1840 [ 7109A9AA551F37CD168C02368465957E ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
12:06:15.0812 1840 aswTdi - ok
12:06:15.0843 1840 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:06:15.0843 1840 AsyncMac - ok
12:06:15.0843 1840 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
12:06:15.0843 1840 atapi - ok
12:06:15.0859 1840 Atdisk - ok
12:06:15.0921 1840 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:06:15.0921 1840 Atmarpc - ok
12:06:15.0968 1840 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
12:06:15.0968 1840 AudioSrv - ok
12:06:16.0031 1840 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
12:06:16.0031 1840 audstub - ok
12:06:16.0187 1840 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:06:16.0187 1840 avast! Antivirus - ok
12:06:16.0234 1840 [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
12:06:16.0250 1840 BCM43XX - ok
12:06:16.0296 1840 [ 6489310D11971F6BA6C7F49BE0BAF6E0 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
12:06:16.0296 1840 bcm4sbxp - ok
12:06:16.0312 1840 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:06:16.0312 1840 Beep - ok
12:06:16.0390 1840 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
12:06:16.0468 1840 BITS - ok
12:06:16.0500 1840 [ CAC61BDD786A6928989451871FBCEDB8 ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe
12:06:16.0515 1840 Brother XP spl Service - ok
12:06:16.0562 1840 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
12:06:16.0562 1840 Browser - ok
12:06:16.0578 1840 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:06:16.0578 1840 cbidf - ok
12:06:16.0578 1840 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
12:06:16.0578 1840 cbidf2k - ok
12:06:16.0609 1840 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:06:16.0609 1840 cd20xrnt - ok
12:06:16.0671 1840 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
12:06:16.0671 1840 Cdaudio - ok
12:06:16.0718 1840 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
12:06:16.0734 1840 Cdfs - ok
12:06:16.0734 1840 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:06:16.0750 1840 Cdrom - ok
12:06:16.0750 1840 Changer - ok
12:06:16.0796 1840 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
12:06:16.0796 1840 CiSvc - ok
12:06:16.0812 1840 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
12:06:16.0812 1840 ClipSrv - ok
12:06:16.0843 1840 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:06:16.0843 1840 CmBatt - ok
12:06:16.0906 1840 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:06:16.0906 1840 CmdIde - ok
12:06:16.0921 1840 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:06:16.0921 1840 Compbatt - ok
12:06:16.0921 1840 COMSysApp - ok
12:06:16.0937 1840 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:06:16.0937 1840 Cpqarray - ok
12:06:16.0984 1840 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
12:06:16.0984 1840 CryptSvc - ok
12:06:17.0000 1840 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:06:17.0000 1840 dac2w2k - ok
12:06:17.0000 1840 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:06:17.0015 1840 dac960nt - ok
12:06:17.0093 1840 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:06:17.0109 1840 DcomLaunch - ok
12:06:17.0171 1840 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
12:06:17.0171 1840 Dhcp - ok
12:06:17.0187 1840 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
12:06:17.0187 1840 Disk - ok
12:06:17.0187 1840 dmadmin - ok
12:06:17.0281 1840 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
12:06:17.0359 1840 dmboot - ok
12:06:17.0421 1840 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
12:06:17.0421 1840 dmio - ok
12:06:17.0421 1840 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
12:06:17.0468 1840 dmload - ok
12:06:17.0500 1840 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
12:06:17.0500 1840 dmserver - ok
12:06:17.0531 1840 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
12:06:17.0531 1840 DMusic - ok
12:06:17.0578 1840 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:06:17.0578 1840 Dnscache - ok
12:06:17.0625 1840 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
12:06:17.0640 1840 Dot3svc - ok
12:06:17.0640 1840 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:06:17.0640 1840 dpti2o - ok
12:06:17.0656 1840 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:06:17.0656 1840 drmkaud - ok
12:06:17.0765 1840 [ 2AC2372FFAD9ADC85672CC8E8AE14BE9 ] DSproct C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
12:06:17.0765 1840 DSproct - ok
12:06:17.0765 1840 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
12:06:17.0781 1840 E100B - ok
12:06:17.0812 1840 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
12:06:17.0812 1840 EapHost - ok
12:06:17.0859 1840 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
12:06:17.0859 1840 ERSvc - ok
12:06:17.0921 1840 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
12:06:17.0937 1840 Eventlog - ok
12:06:18.0015 1840 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
12:06:18.0031 1840 EventSystem - ok
12:06:18.0093 1840 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
12:06:18.0093 1840 Fastfat - ok
12:06:18.0156 1840 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:06:18.0171 1840 FastUserSwitchingCompatibility - ok
12:06:18.0234 1840 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
12:06:18.0250 1840 Fax - ok
12:06:18.0265 1840 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
12:06:18.0265 1840 Fdc - ok
12:06:18.0312 1840 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
12:06:18.0312 1840 Fips - ok
12:06:18.0312 1840 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:06:18.0328 1840 Flpydisk - ok
12:06:18.0390 1840 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:06:18.0390 1840 FltMgr - ok
12:06:18.0437 1840 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:06:18.0453 1840 Fs_Rec - ok
12:06:18.0515 1840 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:06:18.0531 1840 Ftdisk - ok
12:06:18.0625 1840 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
12:06:18.0625 1840 GoogleDesktopManager-051210-111108 - ok
12:06:18.0640 1840 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:06:18.0656 1840 Gpc - ok
12:06:18.0671 1840 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:06:18.0671 1840 HDAudBus - ok
12:06:18.0796 1840 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:06:18.0796 1840 helpsvc - ok
12:06:18.0828 1840 HidServ - ok
12:06:18.0890 1840 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:06:18.0890 1840 HidUsb - ok
12:06:18.0953 1840 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
12:06:18.0953 1840 hkmsvc - ok
12:06:18.0984 1840 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
12:06:18.0984 1840 hpn - ok
12:06:19.0093 1840 [ E8EC1767EA315A39A0DD8989952CA0E9 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
12:06:19.0156 1840 HSF_DPV - ok
12:06:19.0218 1840 [ 61478FA42EE04562E7F11F4DCA87E9C8 ] HSXHWAZL C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
12:06:19.0250 1840 HSXHWAZL - ok
12:06:19.0359 1840 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
12:06:19.0468 1840 HTTP - ok
12:06:19.0484 1840 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
12:06:19.0531 1840 HTTPFilter - ok
12:06:19.0546 1840 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
12:06:19.0562 1840 i2omgmt - ok
12:06:19.0609 1840 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:06:19.0609 1840 i2omp - ok
12:06:19.0625 1840 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:06:19.0640 1840 i8042prt - ok
12:06:19.0765 1840 [ CC449157474D5E43DAEA7E20F52C635A ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
12:06:19.0843 1840 ialm - ok
12:06:19.0859 1840 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
12:06:19.0875 1840 Imapi - ok
12:06:19.0921 1840 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
12:06:19.0937 1840 ImapiService - ok
12:06:19.0937 1840 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:06:19.0953 1840 ini910u - ok
12:06:19.0953 1840 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
12:06:19.0953 1840 IntelIde - ok
12:06:20.0000 1840 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:06:20.0015 1840 intelppm - ok
12:06:20.0015 1840 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
12:06:20.0015 1840 Ip6Fw - ok
12:06:20.0062 1840 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:06:20.0062 1840 IpFilterDriver - ok
12:06:20.0078 1840 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:06:20.0078 1840 IpInIp - ok
12:06:20.0125 1840 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:06:20.0125 1840 IpNat - ok
12:06:20.0156 1840 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:06:20.0171 1840 IPSec - ok
12:06:20.0171 1840 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
12:06:20.0171 1840 IRENUM - ok
12:06:20.0187 1840 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:06:20.0203 1840 isapnp - ok
12:06:20.0312 1840 [ A1509BA3A5FDC5366146E92B3D130EB5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
12:06:20.0312 1840 JavaQuickStarterService - ok
12:06:20.0328 1840 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:06:20.0328 1840 Kbdclass - ok
12:06:20.0359 1840 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
12:06:20.0359 1840 kmixer - ok
12:06:20.0390 1840 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
12:06:20.0390 1840 KSecDD - ok
12:06:20.0421 1840 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
12:06:20.0437 1840 lanmanserver - ok
12:06:20.0468 1840 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:06:20.0484 1840 lanmanworkstation - ok
12:06:20.0484 1840 lbrtfdc - ok
12:06:20.0562 1840 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
12:06:20.0578 1840 LmHosts - ok
12:06:20.0625 1840 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
12:06:20.0625 1840 MBAMSwissArmy - ok
12:06:20.0734 1840 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
12:06:20.0734 1840 McComponentHostService - ok
12:06:20.0750 1840 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:06:20.0765 1840 mdmxsdk - ok
12:06:20.0812 1840 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
12:06:20.0843 1840 Messenger - ok
12:06:20.0921 1840 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
12:06:20.0921 1840 mnmdd - ok
12:06:21.0000 1840 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
12:06:21.0000 1840 mnmsrvc - ok
12:06:21.0031 1840 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
12:06:21.0031 1840 Modem - ok
12:06:21.0046 1840 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:06:21.0046 1840 Mouclass - ok
12:06:21.0109 1840 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:06:21.0109 1840 mouhid - ok
12:06:21.0140 1840 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
12:06:21.0156 1840 MountMgr - ok
12:06:21.0203 1840 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:06:21.0203 1840 MozillaMaintenance - ok
12:06:21.0265 1840 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:06:21.0265 1840 mraid35x - ok
12:06:21.0296 1840 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:06:21.0296 1840 MRxDAV - ok
12:06:21.0359 1840 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:06:21.0375 1840 MRxSmb - ok
12:06:21.0406 1840 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
12:06:21.0421 1840 MSDTC - ok
12:06:21.0421 1840 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:06:21.0421 1840 Msfs - ok
12:06:21.0437 1840 MSIServer - ok
12:06:21.0468 1840 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:06:21.0468 1840 MSKSSRV - ok
12:06:21.0468 1840 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:06:21.0468 1840 MSPCLOCK - ok
12:06:21.0484 1840 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:06:21.0484 1840 MSPQM - ok
12:06:21.0515 1840 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:06:21.0531 1840 mssmbios - ok
12:06:21.0562 1840 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
12:06:21.0562 1840 Mup - ok
12:06:21.0609 1840 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
12:06:21.0640 1840 napagent - ok
12:06:21.0687 1840 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
12:06:21.0687 1840 NDIS - ok
12:06:21.0734 1840 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:06:21.0734 1840 NdisTapi - ok
12:06:21.0750 1840 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:06:21.0750 1840 Ndisuio - ok
12:06:21.0765 1840 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:06:21.0765 1840 NdisWan - ok
12:06:21.0796 1840 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:06:21.0796 1840 NDProxy - ok
12:06:21.0828 1840 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:06:21.0828 1840 NetBIOS - ok
12:06:21.0843 1840 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:06:21.0859 1840 NetBT - ok
12:06:21.0890 1840 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
12:06:21.0937 1840 NetDDE - ok
12:06:21.0968 1840 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
12:06:21.0968 1840 NetDDEdsdm - ok
12:06:22.0031 1840 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:06:22.0046 1840 Netlogon - ok
12:06:22.0109 1840 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
12:06:22.0218 1840 Netman - ok
12:06:22.0312 1840 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:06:22.0328 1840 NIC1394 - ok
12:06:22.0546 1840 [ 8A6FA8E0B302DF2496802AAFDA5CE810 ] NICCONFIGSVC C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
12:06:22.0796 1840 NICCONFIGSVC - ok
12:06:22.0921 1840 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
12:06:22.0937 1840 Nla - ok
12:06:22.0968 1840 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:06:22.0968 1840 Npfs - ok
12:06:22.0984 1840 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:06:23.0000 1840 Ntfs - ok
12:06:23.0031 1840 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
12:06:23.0031 1840 NtLmSsp - ok
12:06:23.0093 1840 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
12:06:23.0109 1840 NtmsSvc - ok
12:06:23.0140 1840 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
12:06:23.0140 1840 Null - ok
12:06:23.0250 1840 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:06:23.0359 1840 nv - ok
12:06:23.0406 1840 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:06:23.0406 1840 NwlnkFlt - ok
12:06:23.0406 1840 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:06:23.0421 1840 NwlnkFwd - ok
12:06:23.0468 1840 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:06:23.0468 1840 ohci1394 - ok
12:06:23.0578 1840 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:06:23.0609 1840 ose - ok
12:06:23.0671 1840 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
12:06:23.0671 1840 Parport - ok
12:06:23.0687 1840 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
12:06:23.0687 1840 PartMgr - ok
12:06:23.0734 1840 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
12:06:23.0734 1840 ParVdm - ok
12:06:23.0750 1840 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
12:06:23.0750 1840 PCI - ok
12:06:23.0765 1840 PCIDump - ok
12:06:23.0765 1840 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
12:06:23.0781 1840 PCIIde - ok
12:06:23.0812 1840 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
12:06:23.0812 1840 Pcmcia - ok
12:06:23.0828 1840 PDCOMP - ok
12:06:23.0828 1840 PDFRAME - ok
12:06:23.0828 1840 PDRELI - ok
12:06:23.0843 1840 PDRFRAME - ok
12:06:23.0843 1840 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
12:06:23.0843 1840 perc2 - ok
12:06:23.0859 1840 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:06:23.0859 1840 perc2hib - ok
12:06:23.0921 1840 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
12:06:23.0921 1840 PlugPlay - ok
12:06:23.0937 1840 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
12:06:23.0937 1840 PolicyAgent - ok
12:06:23.0953 1840 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:06:23.0953 1840 PptpMiniport - ok
12:06:23.0968 1840 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:06:23.0968 1840 ProtectedStorage - ok
12:06:23.0968 1840 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
12:06:23.0968 1840 PSched - ok
12:06:24.0015 1840 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:06:24.0015 1840 Ptilink - ok
12:06:24.0031 1840 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:06:24.0031 1840 ql1080 - ok
12:06:24.0062 1840 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:06:24.0062 1840 Ql10wnt - ok
12:06:24.0062 1840 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:06:24.0062 1840 ql12160 - ok
12:06:24.0093 1840 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:06:24.0093 1840 ql1240 - ok
12:06:24.0093 1840 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:06:24.0093 1840 ql1280 - ok
12:06:24.0125 1840 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:06:24.0125 1840 RasAcd - ok
12:06:24.0171 1840 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:06:24.0171 1840 RasAuto - ok
12:06:24.0218 1840 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:06:24.0218 1840 Rasl2tp - ok
12:06:24.0281 1840 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:06:24.0281 1840 RasMan - ok
12:06:24.0296 1840 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:06:24.0296 1840 RasPppoe - ok
12:06:24.0296 1840 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
12:06:24.0312 1840 Raspti - ok
12:06:24.0328 1840 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:06:24.0328 1840 Rdbss - ok
12:06:24.0343 1840 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:06:24.0343 1840 RDPCDD - ok
12:06:24.0406 1840 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:06:24.0406 1840 rdpdr - ok
12:06:24.0453 1840 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
12:06:24.0453 1840 RDPWD - ok
12:06:24.0484 1840 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
12:06:24.0500 1840 RDSessMgr - ok
12:06:24.0531 1840 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
12:06:24.0546 1840 redbook - ok
12:06:24.0578 1840 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:06:24.0593 1840 RemoteAccess - ok
12:06:24.0609 1840 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
12:06:24.0609 1840 RpcLocator - ok
12:06:24.0703 1840 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:06:24.0718 1840 RpcSs - ok
12:06:24.0796 1840 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
12:06:24.0812 1840 RSVP - ok
12:06:24.0875 1840 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
12:06:24.0875 1840 SamSs - ok
12:06:24.0890 1840 SBRE - ok
12:06:24.0921 1840 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
12:06:24.0937 1840 SCardSvr - ok
12:06:24.0984 1840 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:06:25.0015 1840 Schedule - ok
12:06:25.0062 1840 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:06:25.0062 1840 Secdrv - ok
12:06:25.0078 1840 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
12:06:25.0093 1840 seclogon - ok
12:06:25.0156 1840 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
12:06:25.0171 1840 SENS - ok
12:06:25.0187 1840 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
12:06:25.0187 1840 serenum - ok
12:06:25.0203 1840 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
12:06:25.0203 1840 Serial - ok
12:06:25.0218 1840 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
12:06:25.0218 1840 Sfloppy - ok
12:06:25.0281 1840 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:06:25.0296 1840 SharedAccess - ok
12:06:25.0359 1840 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:06:25.0375 1840 ShellHWDetection - ok
12:06:25.0375 1840 Simbad - ok
12:06:25.0437 1840 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:06:25.0453 1840 sisagp - ok
12:06:25.0484 1840 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:06:25.0500 1840 Sparrow - ok
12:06:25.0562 1840 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
12:06:25.0562 1840 splitter - ok
12:06:25.0625 1840 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
12:06:25.0625 1840 Spooler - ok
12:06:25.0640 1840 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
12:06:25.0656 1840 sr - ok
12:06:25.0734 1840 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
12:06:25.0750 1840 srservice - ok
12:06:25.0812 1840 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:06:25.0859 1840 Srv - ok
12:06:25.0906 1840 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:06:25.0921 1840 SSDPSRV - ok
12:06:26.0062 1840 [ 3AD78E22210D3FBD9F76DE84A8DF19B5 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
12:06:26.0140 1840 STHDA - ok
12:06:26.0203 1840 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
12:06:26.0234 1840 stisvc - ok
12:06:26.0281 1840 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
12:06:26.0281 1840 swenum - ok
12:06:26.0312 1840 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
12:06:26.0312 1840 swmidi - ok
12:06:26.0312 1840 SwPrv - ok
12:06:26.0343 1840 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
12:06:26.0359 1840 symc810 - ok
12:06:26.0359 1840 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:06:26.0359 1840 symc8xx - ok
12:06:26.0375 1840 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:06:26.0375 1840 sym_hi - ok
12:06:26.0390 1840 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:06:26.0390 1840 sym_u3 - ok
12:06:26.0437 1840 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
12:06:26.0453 1840 sysaudio - ok
12:06:26.0484 1840 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
12:06:26.0500 1840 SysmonLog - ok
12:06:26.0515 1840 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:06:26.0531 1840 TapiSrv - ok
12:06:26.0578 1840 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:06:26.0593 1840 Tcpip - ok
12:06:26.0625 1840 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
12:06:26.0625 1840 TDPIPE - ok
12:06:26.0640 1840 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
12:06:26.0640 1840 TDTCP - ok
12:06:26.0687 1840 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
12:06:26.0687 1840 TermDD - ok
12:06:26.0781 1840 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
12:06:26.0875 1840 TermService - ok
12:06:26.0890 1840 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
12:06:26.0906 1840 Themes - ok
12:06:26.0937 1840 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
12:06:26.0953 1840 TosIde - ok
12:06:27.0000 1840 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
12:06:27.0015 1840 TrkWks - ok
12:06:27.0078 1840 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
12:06:27.0078 1840 Udfs - ok
12:06:27.0125 1840 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
12:06:27.0125 1840 ultra - ok
12:06:27.0203 1840 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
12:06:27.0218 1840 Update - ok
12:06:27.0265 1840 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:06:27.0281 1840 upnphost - ok
12:06:27.0312 1840 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
12:06:27.0328 1840 UPS - ok
12:06:27.0359 1840 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:06:27.0375 1840 usbehci - ok
12:06:27.0390 1840 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:06:27.0390 1840 usbhub - ok
12:06:27.0437 1840 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:06:27.0437 1840 usbprint - ok
12:06:27.0484 1840 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:06:27.0484 1840 usbscan - ok
12:06:27.0515 1840 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:06:27.0515 1840 USBSTOR - ok
12:06:27.0546 1840 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:06:27.0546 1840 usbuhci - ok
12:06:27.0562 1840 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
12:06:27.0578 1840 VgaSave - ok
12:06:27.0625 1840 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:06:27.0640 1840 viaagp - ok
12:06:27.0640 1840 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
12:06:27.0640 1840 ViaIde - ok
12:06:27.0703 1840 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
12:06:27.0703 1840 VolSnap - ok
12:06:27.0796 1840 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
12:06:27.0812 1840 VSS - ok
12:06:27.0843 1840 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
12:06:27.0859 1840 w32time - ok
12:06:27.0921 1840 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:06:27.0921 1840 Wanarp - ok
12:06:27.0921 1840 WDICA - ok
12:06:27.0953 1840 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
12:06:27.0953 1840 wdmaud - ok
12:06:27.0968 1840 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:06:28.0000 1840 WebClient - ok
12:06:28.0078 1840 [ BA6B6FB242A6BA4068C8B763063BEB63 ] winachsf C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
12:06:28.0156 1840 winachsf - ok
12:06:28.0281 1840 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:06:28.0281 1840 winmgmt - ok
12:06:28.0296 1840 wltrysvc - ok
12:06:28.0359 1840 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
12:06:28.0375 1840 WmdmPmSN - ok
12:06:28.0437 1840 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
12:06:28.0437 1840 WmiAcpi - ok
12:06:28.0484 1840 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:06:28.0484 1840 WmiApSrv - ok
12:06:28.0609 1840 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
12:06:28.0671 1840 WMPNetworkSvc - ok
12:06:28.0718 1840 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
12:06:28.0734 1840 wscsvc - ok
12:06:28.0812 1840 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
12:06:28.0828 1840 wuauserv - ok
12:06:28.0875 1840 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:06:28.0890 1840 WudfPf - ok
12:06:28.0921 1840 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:06:28.0937 1840 WudfRd - ok
12:06:28.0968 1840 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
12:06:28.0984 1840 WudfSvc - ok
12:06:29.0062 1840 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
12:06:29.0078 1840 WZCSVC - ok
12:06:29.0125 1840 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
12:06:29.0156 1840 xmlprov - ok
12:06:29.0156 1840 ================ Scan global ===============================
12:06:29.0203 1840 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
12:06:29.0265 1840 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:06:29.0296 1840 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:06:29.0328 1840 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
12:06:29.0343 1840 [Global] - ok
12:06:29.0343 1840 ================ Scan MBR ==================================
12:06:29.0375 1840 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
12:06:29.0375 1840 Suspicious mbr (Forged): \Device\Harddisk0\DR0
12:06:29.0406 1840 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
12:06:29.0406 1840 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
12:06:29.0406 1840 ================ Scan VBR ==================================
12:06:29.0437 1840 [ FD06A1FBB023C1EE460D983B551866BB ] \Device\Harddisk0\DR0\Partition1
12:06:29.0437 1840 \Device\Harddisk0\DR0\Partition1 - ok
12:06:29.0437 1840 ============================================================
12:06:29.0437 1840 Scan finished
12:06:29.0437 1840 ============================================================
12:06:29.0453 1764 Detected object count: 1
12:06:29.0453 1764 Actual detected object count: 1
12:06:55.0500 1764 \Device\Harddisk0\DR0\# - copied to quarantine
12:06:55.0500 1764 \Device\Harddisk0\DR0 - copied to quarantine
12:06:55.0859 1764 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
12:06:56.0546 1764 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
12:06:56.0562 1764 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
12:06:56.0593 1764 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
12:06:59.0125 1764 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
12:06:59.0171 1764 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
12:06:59.0218 1764 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
12:06:59.0218 1764 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
12:06:59.0218 1764 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
12:06:59.0265 1764 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
12:06:59.0328 1764 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
12:06:59.0328 1764 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
12:06:59.0390 1764 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
12:06:59.0421 1764 \Device\Harddisk0\DR0 - ok
12:06:59.0437 1764 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
12:07:29.0062 1296 Deinitialize success
blackhillsgalsbff
Regular Member
 
Posts: 21
Joined: November 13th, 2012, 3:20 pm

Re: Please check out my laptop for me?

Unread postby blackhillsgalsbff » November 25th, 2012, 1:28 pm

Second scan log

12:09:49.0625 3212 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:09:51.0718 3212 ============================================================
12:09:51.0718 3212 Current date / time: 2012/11/25 12:09:51.0718
12:09:51.0718 3212 SystemInfo:
12:09:51.0718 3212
12:09:51.0718 3212 OS Version: 5.1.2600 ServicePack: 3.0
12:09:51.0718 3212 Product type: Workstation
12:09:51.0718 3212 ComputerName: DBH2RNC1
12:09:51.0718 3212 UserName: Louise
12:09:51.0718 3212 Windows directory: C:\WINDOWS
12:09:51.0718 3212 System windows directory: C:\WINDOWS
12:09:51.0718 3212 Processor architecture: Intel x86
12:09:51.0718 3212 Number of processors: 2
12:09:51.0718 3212 Page size: 0x1000
12:09:51.0718 3212 Boot type: Normal boot
12:09:51.0718 3212 ============================================================
12:09:54.0750 3212 BG loaded
12:09:55.0421 3212 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:09:55.0468 3212 ============================================================
12:09:55.0468 3212 \Device\Harddisk0\DR0:
12:09:55.0531 3212 MBR partitions:
12:09:55.0546 3212 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x6FA8678
12:09:55.0546 3212 ============================================================
12:09:55.0718 3212 C: <-> \Device\Harddisk0\DR0\Partition1
12:09:55.0765 3212 ============================================================
12:09:55.0765 3212 Initialize success
12:09:55.0781 3212 ============================================================
12:10:24.0781 1348 ============================================================
12:10:24.0781 1348 Scan started
12:10:24.0781 1348 Mode: Manual;
12:10:24.0781 1348 ============================================================
12:10:34.0046 1348 ================ Scan system memory ========================
12:10:34.0046 1348 System memory - ok
12:10:34.0046 1348 ================ Scan services =============================
12:10:50.0937 1348 [ 0B27AE82C113D3687024D18459440426 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
12:10:50.0953 1348 Aavmker4 - ok
12:10:50.0953 1348 Abiosdsk - ok
12:10:51.0031 1348 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:10:51.0062 1348 abp480n5 - ok
12:10:51.0156 1348 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:10:51.0187 1348 ACPI - ok
12:10:51.0218 1348 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
12:10:51.0234 1348 ACPIEC - ok
12:10:51.0359 1348 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:10:51.0359 1348 AdobeFlashPlayerUpdateSvc - ok
12:10:51.0421 1348 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:10:51.0437 1348 adpu160m - ok
12:10:51.0453 1348 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
12:10:51.0453 1348 aec - ok
12:10:51.0562 1348 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
12:10:51.0562 1348 AFD - ok
12:10:51.0625 1348 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
12:10:51.0625 1348 agp440 - ok
12:10:51.0656 1348 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:10:51.0656 1348 agpCPQ - ok
12:10:51.0671 1348 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:10:51.0687 1348 Aha154x - ok
12:10:51.0734 1348 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:10:51.0750 1348 aic78u2 - ok
12:10:51.0765 1348 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:10:51.0781 1348 aic78xx - ok
12:10:51.0812 1348 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
12:10:51.0828 1348 Alerter - ok
12:10:51.0843 1348 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
12:10:51.0843 1348 ALG - ok
12:10:51.0859 1348 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
12:10:51.0859 1348 AliIde - ok
12:10:51.0875 1348 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:10:51.0890 1348 alim1541 - ok
12:10:51.0906 1348 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:10:51.0921 1348 amdagp - ok
12:10:51.0937 1348 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
12:10:51.0953 1348 amsint - ok
12:10:52.0015 1348 [ 090880E9BF20F928BC341F96D27C019E ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
12:10:52.0015 1348 ApfiltrService - ok
12:10:52.0078 1348 [ EC94E05B76D033B74394E7B2175103CF ] APPDRV C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
12:10:52.0078 1348 APPDRV - ok
12:10:52.0078 1348 AppMgmt - ok
12:10:52.0109 1348 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:10:52.0109 1348 Arp1394 - ok
12:10:52.0125 1348 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
12:10:52.0125 1348 asc - ok
12:10:52.0140 1348 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:10:52.0156 1348 asc3350p - ok
12:10:52.0171 1348 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:10:52.0171 1348 asc3550 - ok
12:10:52.0500 1348 [ E1A1206A4FB19B675E947B29CCD25FBA ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
12:10:52.0531 1348 aspnet_state - ok
12:10:52.0578 1348 [ 1C1F3D6DDDC046C920C493A779649F66 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
12:10:52.0593 1348 aswFsBlk - ok
12:10:52.0656 1348 [ 9E912FE7B41650701EF2B227ACA440F3 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
12:10:52.0656 1348 aswMon2 - ok
12:10:52.0671 1348 [ 982E275D1C5801042FE94209FB0160FB ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
12:10:52.0671 1348 aswRdr - ok
12:10:52.0859 1348 [ 73DBCF808E00580F2A47F93DD9B03876 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
12:10:52.0875 1348 aswSnx - ok
12:10:52.0906 1348 [ 6CBD7D3A33F498D09C831CDD732DA2E0 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
12:10:52.0906 1348 aswSP - ok
12:10:52.0937 1348 [ 7109A9AA551F37CD168C02368465957E ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
12:10:52.0937 1348 aswTdi - ok
12:10:52.0968 1348 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:10:52.0984 1348 AsyncMac - ok
12:10:53.0000 1348 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
12:10:53.0000 1348 atapi - ok
12:10:53.0015 1348 Atdisk - ok
12:10:53.0031 1348 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:10:53.0046 1348 Atmarpc - ok
12:10:53.0078 1348 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
12:10:53.0093 1348 AudioSrv - ok
12:10:53.0171 1348 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
12:10:53.0171 1348 audstub - ok
12:10:53.0500 1348 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:10:53.0515 1348 avast! Antivirus - ok
12:10:53.0640 1348 [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
12:10:53.0656 1348 BCM43XX - ok
12:10:53.0718 1348 [ 6489310D11971F6BA6C7F49BE0BAF6E0 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
12:10:53.0718 1348 bcm4sbxp - ok
12:10:53.0734 1348 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:10:53.0734 1348 Beep - ok
12:10:53.0906 1348 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
12:10:54.0015 1348 BITS - ok
12:10:54.0343 1348 [ CAC61BDD786A6928989451871FBCEDB8 ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe
12:10:54.0343 1348 Brother XP spl Service - ok
12:10:54.0531 1348 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
12:10:54.0531 1348 Browser - ok
12:10:54.0781 1348 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:10:54.0828 1348 cbidf - ok
12:10:54.0859 1348 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
12:10:54.0859 1348 cbidf2k - ok
12:10:54.0875 1348 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:10:54.0890 1348 cd20xrnt - ok
12:10:54.0906 1348 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
12:10:54.0906 1348 Cdaudio - ok
12:10:54.0937 1348 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
12:10:54.0953 1348 Cdfs - ok
12:10:54.0968 1348 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:10:54.0968 1348 Cdrom - ok
12:10:54.0984 1348 Changer - ok
12:10:55.0015 1348 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
12:10:55.0046 1348 CiSvc - ok
12:10:55.0093 1348 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
12:10:55.0109 1348 ClipSrv - ok
12:10:55.0140 1348 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:10:55.0140 1348 CmBatt - ok
12:10:55.0218 1348 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:10:55.0234 1348 CmdIde - ok
12:10:55.0250 1348 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:10:55.0265 1348 Compbatt - ok
12:10:55.0265 1348 COMSysApp - ok
12:10:55.0281 1348 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:10:55.0296 1348 Cpqarray - ok
12:10:55.0328 1348 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
12:10:55.0328 1348 CryptSvc - ok
12:10:55.0390 1348 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:10:55.0468 1348 dac2w2k - ok
12:10:55.0500 1348 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:10:55.0515 1348 dac960nt - ok
12:10:55.0625 1348 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:10:55.0640 1348 DcomLaunch - ok
12:10:55.0671 1348 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
12:10:55.0671 1348 Dhcp - ok
12:10:55.0687 1348 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
12:10:55.0703 1348 Disk - ok
12:10:55.0703 1348 dmadmin - ok
12:10:55.0765 1348 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
12:10:56.0109 1348 dmboot - ok
12:10:56.0125 1348 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
12:10:56.0140 1348 dmio - ok
12:10:56.0140 1348 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
12:10:56.0140 1348 dmload - ok
12:10:56.0171 1348 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
12:10:56.0203 1348 dmserver - ok
12:10:56.0218 1348 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
12:10:56.0218 1348 DMusic - ok
12:10:56.0281 1348 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:10:56.0296 1348 Dnscache - ok
12:10:56.0421 1348 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
12:10:56.0562 1348 Dot3svc - ok
12:10:56.0562 1348 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:10:56.0593 1348 dpti2o - ok
12:10:56.0609 1348 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:10:56.0609 1348 drmkaud - ok
12:10:56.0765 1348 [ 2AC2372FFAD9ADC85672CC8E8AE14BE9 ] DSproct C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
12:10:56.0781 1348 DSproct - ok
12:10:56.0812 1348 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
12:10:56.0828 1348 E100B - ok
12:10:56.0859 1348 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
12:10:56.0890 1348 EapHost - ok
12:10:56.0906 1348 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
12:10:56.0906 1348 ERSvc - ok
12:10:56.0984 1348 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
12:10:57.0000 1348 Eventlog - ok
12:10:57.0109 1348 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
12:10:57.0125 1348 EventSystem - ok
12:10:57.0250 1348 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
12:10:57.0328 1348 Fastfat - ok
12:10:57.0453 1348 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:10:57.0468 1348 FastUserSwitchingCompatibility - ok
12:10:57.0531 1348 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
12:10:57.0546 1348 Fax - ok
12:10:57.0546 1348 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
12:10:57.0562 1348 Fdc - ok
12:10:57.0578 1348 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
12:10:57.0578 1348 Fips - ok
12:10:57.0593 1348 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:10:57.0593 1348 Flpydisk - ok
12:10:57.0687 1348 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:10:57.0687 1348 FltMgr - ok
12:10:57.0718 1348 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:10:57.0718 1348 Fs_Rec - ok
12:10:57.0812 1348 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:10:57.0812 1348 Ftdisk - ok
12:10:57.0953 1348 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
12:10:57.0953 1348 GoogleDesktopManager-051210-111108 - ok
12:10:57.0984 1348 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:10:57.0984 1348 Gpc - ok
12:10:58.0015 1348 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:10:58.0031 1348 HDAudBus - ok
12:10:58.0140 1348 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:10:58.0140 1348 helpsvc - ok
12:10:58.0156 1348 HidServ - ok
12:10:58.0203 1348 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:10:58.0203 1348 HidUsb - ok
12:10:58.0265 1348 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
12:10:58.0296 1348 hkmsvc - ok
12:10:58.0328 1348 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
12:10:58.0328 1348 hpn - ok
12:10:58.0546 1348 [ E8EC1767EA315A39A0DD8989952CA0E9 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
12:10:58.0546 1348 HSF_DPV - ok
12:10:58.0593 1348 [ 61478FA42EE04562E7F11F4DCA87E9C8 ] HSXHWAZL C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
12:10:58.0593 1348 HSXHWAZL - ok
12:10:58.0734 1348 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
12:10:58.0750 1348 HTTP - ok
12:10:58.0781 1348 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
12:10:58.0796 1348 HTTPFilter - ok
12:10:58.0828 1348 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
12:10:58.0828 1348 i2omgmt - ok
12:10:58.0921 1348 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:10:58.0953 1348 i2omp - ok
12:10:58.0968 1348 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:10:58.0984 1348 i8042prt - ok
12:10:59.0312 1348 [ CC449157474D5E43DAEA7E20F52C635A ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
12:10:59.0328 1348 ialm - ok
12:10:59.0359 1348 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
12:10:59.0359 1348 Imapi - ok
12:10:59.0468 1348 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
12:10:59.0468 1348 ImapiService - ok
12:10:59.0500 1348 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:10:59.0515 1348 ini910u - ok
12:10:59.0531 1348 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
12:10:59.0562 1348 IntelIde - ok
12:10:59.0625 1348 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:10:59.0625 1348 intelppm - ok
12:10:59.0640 1348 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
12:10:59.0640 1348 Ip6Fw - ok
12:10:59.0718 1348 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:10:59.0734 1348 IpFilterDriver - ok
12:11:00.0250 1348 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:11:00.0265 1348 IpInIp - ok
12:11:00.0890 1348 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:11:00.0890 1348 IpNat - ok
12:11:00.0937 1348 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:11:00.0937 1348 IPSec - ok
12:11:00.0968 1348 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
12:11:00.0984 1348 IRENUM - ok
12:11:01.0015 1348 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:11:01.0015 1348 isapnp - ok
12:11:01.0234 1348 [ A1509BA3A5FDC5366146E92B3D130EB5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
12:11:01.0234 1348 JavaQuickStarterService - ok
12:11:01.0250 1348 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:11:01.0250 1348 Kbdclass - ok
12:11:01.0328 1348 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
12:11:01.0328 1348 kmixer - ok
12:11:01.0359 1348 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
12:11:01.0390 1348 KSecDD - ok
12:11:01.0437 1348 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
12:11:01.0453 1348 lanmanserver - ok
12:11:01.0546 1348 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:11:01.0578 1348 lanmanworkstation - ok
12:11:01.0578 1348 lbrtfdc - ok
12:11:01.0656 1348 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
12:11:01.0671 1348 LmHosts - ok
12:11:01.0750 1348 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
12:11:01.0765 1348 MBAMSwissArmy - ok
12:11:01.0890 1348 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
12:11:01.0890 1348 McComponentHostService - ok
12:11:01.0921 1348 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:11:01.0937 1348 mdmxsdk - ok
12:11:01.0984 1348 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
12:11:02.0015 1348 Messenger - ok
12:11:02.0062 1348 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
12:11:02.0078 1348 mnmdd - ok
12:11:02.0140 1348 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
12:11:02.0187 1348 mnmsrvc - ok
12:11:02.0234 1348 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
12:11:02.0250 1348 Modem - ok
12:11:02.0281 1348 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:11:02.0296 1348 Mouclass - ok
12:11:02.0343 1348 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:11:02.0343 1348 mouhid - ok
12:11:02.0406 1348 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
12:11:02.0421 1348 MountMgr - ok
12:11:02.0500 1348 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:11:02.0500 1348 MozillaMaintenance - ok
12:11:02.0609 1348 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:11:02.0609 1348 mraid35x - ok
12:11:02.0671 1348 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:11:02.0671 1348 MRxDAV - ok
12:11:02.0781 1348 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:11:02.0781 1348 MRxSmb - ok
12:11:02.0843 1348 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
12:11:02.0875 1348 MSDTC - ok
12:11:02.0890 1348 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:11:02.0890 1348 Msfs - ok
12:11:02.0906 1348 MSIServer - ok
12:11:02.0921 1348 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:11:02.0937 1348 MSKSSRV - ok
12:11:02.0953 1348 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:11:02.0953 1348 MSPCLOCK - ok
12:11:02.0953 1348 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:11:02.0984 1348 MSPQM - ok
12:11:03.0062 1348 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:11:03.0062 1348 mssmbios - ok
12:11:03.0140 1348 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
12:11:03.0171 1348 Mup - ok
12:11:03.0296 1348 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
12:11:03.0328 1348 napagent - ok
12:11:03.0390 1348 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
12:11:03.0453 1348 NDIS - ok
12:11:03.0515 1348 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:11:03.0515 1348 NdisTapi - ok
12:11:03.0562 1348 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:11:03.0562 1348 Ndisuio - ok
12:11:03.0593 1348 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:11:03.0593 1348 NdisWan - ok
12:11:03.0656 1348 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:11:03.0671 1348 NDProxy - ok
12:11:03.0687 1348 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:11:03.0687 1348 NetBIOS - ok
12:11:03.0734 1348 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:11:03.0750 1348 NetBT - ok
12:11:03.0812 1348 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
12:11:03.0828 1348 NetDDE - ok
12:11:03.0843 1348 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
12:11:03.0859 1348 NetDDEdsdm - ok
12:11:03.0968 1348 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:11:03.0968 1348 Netlogon - ok
12:11:04.0015 1348 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
12:11:04.0031 1348 Netman - ok
12:11:04.0046 1348 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:11:04.0046 1348 NIC1394 - ok
12:11:04.0234 1348 [ 8A6FA8E0B302DF2496802AAFDA5CE810 ] NICCONFIGSVC C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
12:11:04.0234 1348 NICCONFIGSVC - ok
12:11:04.0359 1348 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
12:11:04.0359 1348 Nla - ok
12:11:04.0390 1348 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:11:04.0390 1348 Npfs - ok
12:11:04.0609 1348 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:11:04.0937 1348 Ntfs - ok
12:11:04.0968 1348 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
12:11:04.0968 1348 NtLmSsp - ok
12:11:05.0109 1348 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
12:11:05.0171 1348 NtmsSvc - ok
12:11:05.0203 1348 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
12:11:05.0203 1348 Null - ok
12:11:05.0453 1348 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:11:05.0875 1348 nv - ok
12:11:05.0937 1348 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:11:05.0937 1348 NwlnkFlt - ok
12:11:05.0953 1348 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:11:05.0968 1348 NwlnkFwd - ok
12:11:06.0031 1348 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:11:06.0031 1348 ohci1394 - ok
12:11:06.0203 1348 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:11:06.0234 1348 ose - ok
12:11:06.0250 1348 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
12:11:06.0265 1348 Parport - ok
12:11:06.0296 1348 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
12:11:06.0296 1348 PartMgr - ok
12:11:06.0328 1348 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
12:11:06.0359 1348 ParVdm - ok
12:11:06.0375 1348 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
12:11:06.0390 1348 PCI - ok
12:11:06.0421 1348 PCIDump - ok
12:11:06.0421 1348 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
12:11:06.0421 1348 PCIIde - ok
12:11:06.0453 1348 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
12:11:06.0468 1348 Pcmcia - ok
12:11:06.0484 1348 PDCOMP - ok
12:11:06.0484 1348 PDFRAME - ok
12:11:06.0484 1348 PDRELI - ok
12:11:06.0500 1348 PDRFRAME - ok
12:11:06.0531 1348 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
12:11:06.0546 1348 perc2 - ok
12:11:06.0578 1348 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:11:06.0609 1348 perc2hib - ok
12:11:06.0640 1348 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
12:11:06.0640 1348 PlugPlay - ok
12:11:06.0671 1348 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
12:11:06.0671 1348 PolicyAgent - ok
12:11:06.0703 1348 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:11:06.0718 1348 PptpMiniport - ok
12:11:06.0734 1348 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:11:06.0734 1348 ProtectedStorage - ok
12:11:06.0765 1348 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
12:11:06.0765 1348 PSched - ok
12:11:06.0828 1348 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:11:06.0828 1348 Ptilink - ok
12:11:06.0906 1348 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:11:06.0921 1348 ql1080 - ok
12:11:06.0953 1348 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:11:06.0984 1348 Ql10wnt - ok
12:11:07.0000 1348 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:11:07.0031 1348 ql12160 - ok
12:11:07.0046 1348 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:11:07.0078 1348 ql1240 - ok
12:11:07.0093 1348 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:11:07.0125 1348 ql1280 - ok
12:11:07.0140 1348 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:11:07.0156 1348 RasAcd - ok
12:11:07.0218 1348 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:11:07.0250 1348 RasAuto - ok
12:11:07.0265 1348 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:11:07.0265 1348 Rasl2tp - ok
12:11:07.0375 1348 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:11:07.0390 1348 RasMan - ok
12:11:07.0406 1348 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:11:07.0406 1348 RasPppoe - ok
12:11:07.0437 1348 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
12:11:07.0437 1348 Raspti - ok
12:11:07.0515 1348 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:11:07.0515 1348 Rdbss - ok
12:11:07.0531 1348 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:11:07.0531 1348 RDPCDD - ok
12:11:07.0609 1348 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:11:07.0640 1348 rdpdr - ok
12:11:07.0750 1348 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
12:11:07.0765 1348 RDPWD - ok
12:11:07.0812 1348 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
12:11:07.0828 1348 RDSessMgr - ok
12:11:07.0859 1348 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
12:11:07.0859 1348 redbook - ok
12:11:07.0921 1348 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:11:07.0953 1348 RemoteAccess - ok
12:11:07.0984 1348 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
12:11:08.0000 1348 RpcLocator - ok
12:11:08.0109 1348 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:11:08.0125 1348 RpcSs - ok
12:11:08.0234 1348 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
12:11:08.0312 1348 RSVP - ok
12:11:08.0343 1348 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
12:11:08.0343 1348 SamSs - ok
12:11:08.0343 1348 SBRE - ok
12:11:08.0390 1348 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
12:11:08.0406 1348 SCardSvr - ok
12:11:08.0437 1348 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:11:08.0437 1348 Schedule - ok
12:11:08.0500 1348 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:11:08.0531 1348 Secdrv - ok
12:11:08.0546 1348 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
12:11:08.0562 1348 seclogon - ok
12:11:08.0625 1348 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
12:11:08.0625 1348 SENS - ok
12:11:08.0656 1348 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
12:11:08.0656 1348 serenum - ok
12:11:08.0703 1348 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
12:11:08.0703 1348 Serial - ok
12:11:08.0734 1348 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
12:11:08.0750 1348 Sfloppy - ok
12:11:08.0828 1348 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:11:08.0828 1348 SharedAccess - ok
12:11:08.0890 1348 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:11:08.0906 1348 ShellHWDetection - ok
12:11:08.0906 1348 Simbad - ok
12:11:08.0937 1348 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:11:08.0953 1348 sisagp - ok
12:11:09.0015 1348 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:11:09.0031 1348 Sparrow - ok
12:11:09.0078 1348 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
12:11:09.0078 1348 splitter - ok
12:11:09.0156 1348 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
12:11:09.0156 1348 Spooler - ok
12:11:09.0187 1348 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
12:11:09.0218 1348 sr - ok
12:11:09.0296 1348 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
12:11:09.0312 1348 srservice - ok
12:11:09.0453 1348 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:11:09.0453 1348 Srv - ok
12:11:09.0484 1348 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:11:09.0500 1348 SSDPSRV - ok
12:11:09.0703 1348 [ 3AD78E22210D3FBD9F76DE84A8DF19B5 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
12:11:09.0718 1348 STHDA - ok
12:11:09.0781 1348 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
12:11:09.0781 1348 stisvc - ok
12:11:09.0859 1348 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
12:11:09.0859 1348 swenum - ok
12:11:09.0875 1348 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
12:11:09.0875 1348 swmidi - ok
12:11:09.0890 1348 SwPrv - ok
12:11:09.0921 1348 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
12:11:09.0937 1348 symc810 - ok
12:11:09.0968 1348 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:11:10.0000 1348 symc8xx - ok
12:11:10.0015 1348 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:11:10.0046 1348 sym_hi - ok
12:11:10.0062 1348 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:11:10.0078 1348 sym_u3 - ok
12:11:10.0093 1348 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
12:11:10.0109 1348 sysaudio - ok
12:11:10.0187 1348 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
12:11:10.0203 1348 SysmonLog - ok
12:11:10.0250 1348 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:11:10.0265 1348 TapiSrv - ok
12:11:10.0343 1348 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:11:10.0343 1348 Tcpip - ok
12:11:10.0375 1348 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
12:11:10.0406 1348 TDPIPE - ok
12:11:10.0453 1348 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
12:11:10.0468 1348 TDTCP - ok
12:11:10.0484 1348 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
12:11:10.0484 1348 TermDD - ok
12:11:10.0593 1348 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
12:11:10.0609 1348 TermService - ok
12:11:10.0625 1348 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
12:11:10.0640 1348 Themes - ok
12:11:10.0671 1348 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
12:11:10.0687 1348 TosIde - ok
12:11:10.0703 1348 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
12:11:10.0718 1348 TrkWks - ok
12:11:10.0750 1348 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
12:11:10.0765 1348 Udfs - ok
12:11:10.0796 1348 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
12:11:10.0828 1348 ultra - ok
12:11:10.0984 1348 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
12:11:10.0984 1348 Update - ok
12:11:11.0031 1348 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:11:11.0125 1348 upnphost - ok
12:11:11.0171 1348 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
12:11:11.0187 1348 UPS - ok
12:11:11.0218 1348 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:11:11.0218 1348 usbehci - ok
12:11:11.0234 1348 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:11:11.0234 1348 usbhub - ok
12:11:11.0281 1348 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:11:11.0296 1348 usbprint - ok
12:11:11.0343 1348 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:11:11.0359 1348 usbscan - ok
12:11:11.0375 1348 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:11:11.0390 1348 USBSTOR - ok
12:11:11.0421 1348 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:11:11.0421 1348 usbuhci - ok
12:11:11.0453 1348 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
12:11:11.0468 1348 VgaSave - ok
12:11:11.0531 1348 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:11:11.0546 1348 viaagp - ok
12:11:11.0562 1348 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
12:11:11.0578 1348 ViaIde - ok
12:11:12.0218 1348 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
12:11:12.0234 1348 VolSnap - ok
12:11:12.0546 1348 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
12:11:12.0937 1348 VSS - ok
12:11:13.0156 1348 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
12:11:13.0171 1348 w32time - ok
12:11:13.0234 1348 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:11:13.0234 1348 Wanarp - ok
12:11:13.0234 1348 WDICA - ok
12:11:13.0343 1348 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
12:11:13.0343 1348 wdmaud - ok
12:11:13.0421 1348 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:11:13.0437 1348 WebClient - ok
12:11:13.0593 1348 [ BA6B6FB242A6BA4068C8B763063BEB63 ] winachsf C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
12:11:13.0609 1348 winachsf - ok
12:11:13.0828 1348 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:11:13.0828 1348 winmgmt - ok
12:11:13.0843 1348 wltrysvc - ok
12:11:13.0921 1348 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
12:11:13.0953 1348 WmdmPmSN - ok
12:11:14.0015 1348 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
12:11:14.0015 1348 WmiAcpi - ok
12:11:14.0062 1348 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:11:14.0078 1348 WmiApSrv - ok
12:11:14.0562 1348 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
12:11:15.0234 1348 WMPNetworkSvc - ok
12:11:15.0312 1348 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
12:11:15.0328 1348 wscsvc - ok
12:11:15.0343 1348 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
12:11:15.0359 1348 wuauserv - ok
12:11:15.0406 1348 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:11:15.0421 1348 WudfPf - ok
12:11:15.0484 1348 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:11:15.0500 1348 WudfRd - ok
12:11:15.0531 1348 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
12:11:15.0562 1348 WudfSvc - ok
12:11:15.0640 1348 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
12:11:15.0656 1348 WZCSVC - ok
12:11:15.0687 1348 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
12:11:15.0703 1348 xmlprov - ok
12:11:15.0718 1348 ================ Scan global ===============================
12:11:15.0765 1348 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
12:11:15.0906 1348 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:11:16.0000 1348 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:11:16.0031 1348 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
12:11:16.0046 1348 [Global] - ok
12:11:16.0046 1348 ================ Scan MBR ==================================
12:11:16.0078 1348 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
12:11:17.0093 1348 \Device\Harddisk0\DR0 - ok
12:11:17.0093 1348 ================ Scan VBR ==================================
12:11:17.0125 1348 [ FD06A1FBB023C1EE460D983B551866BB ] \Device\Harddisk0\DR0\Partition1
12:11:17.0140 1348 \Device\Harddisk0\DR0\Partition1 - ok
12:11:17.0140 1348 ============================================================
12:11:17.0140 1348 Scan finished
12:11:17.0140 1348 ============================================================
12:11:17.0140 2632 Detected object count: 0
12:11:17.0140 2632 Actual detected object count: 0
12:11:22.0312 1452 ============================================================
12:11:22.0312 1452 Scan started
12:11:22.0312 1452 Mode: Manual;
12:11:22.0312 1452 ============================================================
12:11:23.0140 1452 ================ Scan system memory ========================
12:11:23.0140 1452 System memory - ok
12:11:23.0140 1452 ================ Scan services =============================
12:11:23.0812 1452 [ 0B27AE82C113D3687024D18459440426 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
12:11:23.0812 1452 Aavmker4 - ok
12:11:23.0812 1452 Abiosdsk - ok
12:11:23.0921 1452 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:11:23.0921 1452 abp480n5 - ok
12:11:24.0031 1452 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:11:24.0031 1452 ACPI - ok
12:11:24.0062 1452 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
12:11:24.0062 1452 ACPIEC - ok
12:11:24.0218 1452 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:11:24.0234 1452 AdobeFlashPlayerUpdateSvc - ok
12:11:24.0250 1452 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:11:24.0250 1452 adpu160m - ok
12:11:24.0296 1452 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
12:11:24.0312 1452 aec - ok
12:11:24.0406 1452 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
12:11:24.0406 1452 AFD - ok
12:11:24.0484 1452 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
12:11:24.0484 1452 agp440 - ok
12:11:24.0515 1452 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:11:24.0531 1452 agpCPQ - ok
12:11:24.0562 1452 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:11:24.0562 1452 Aha154x - ok
12:11:24.0593 1452 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:11:24.0593 1452 aic78u2 - ok
12:11:24.0859 1452 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:11:24.0875 1452 aic78xx - ok
12:11:25.0312 1452 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
12:11:25.0328 1452 Alerter - ok
12:11:25.0406 1452 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
12:11:25.0406 1452 ALG - ok
12:11:25.0421 1452 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
12:11:25.0421 1452 AliIde - ok
12:11:25.0421 1452 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:11:25.0421 1452 alim1541 - ok
12:11:25.0437 1452 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:11:25.0437 1452 amdagp - ok
12:11:25.0437 1452 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
12:11:25.0453 1452 amsint - ok
12:11:25.0500 1452 [ 090880E9BF20F928BC341F96D27C019E ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
12:11:25.0500 1452 ApfiltrService - ok
12:11:25.0578 1452 [ EC94E05B76D033B74394E7B2175103CF ] APPDRV C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
12:11:25.0578 1452 APPDRV - ok
12:11:25.0578 1452 AppMgmt - ok
12:11:25.0625 1452 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:11:25.0640 1452 Arp1394 - ok
12:11:25.0656 1452 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
12:11:25.0656 1452 asc - ok
12:11:25.0671 1452 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:11:25.0687 1452 asc3350p - ok
12:11:25.0703 1452 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:11:25.0703 1452 asc3550 - ok
12:11:25.0968 1452 [ E1A1206A4FB19B675E947B29CCD25FBA ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
12:11:25.0968 1452 aspnet_state - ok
12:11:26.0046 1452 [ 1C1F3D6DDDC046C920C493A779649F66 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
12:11:26.0046 1452 aswFsBlk - ok
12:11:26.0078 1452 [ 9E912FE7B41650701EF2B227ACA440F3 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
12:11:26.0078 1452 aswMon2 - ok
12:11:26.0109 1452 [ 982E275D1C5801042FE94209FB0160FB ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
12:11:26.0109 1452 aswRdr - ok
12:11:26.0265 1452 [ 73DBCF808E00580F2A47F93DD9B03876 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
12:11:26.0265 1452 aswSnx - ok
12:11:26.0296 1452 [ 6CBD7D3A33F498D09C831CDD732DA2E0 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
12:11:26.0296 1452 aswSP - ok
12:11:26.0312 1452 [ 7109A9AA551F37CD168C02368465957E ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
12:11:26.0312 1452 aswTdi - ok
12:11:26.0343 1452 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:11:26.0343 1452 AsyncMac - ok
12:11:26.0359 1452 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
12:11:26.0359 1452 atapi - ok
12:11:26.0359 1452 Atdisk - ok
12:11:26.0390 1452 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:11:26.0390 1452 Atmarpc - ok
12:11:26.0437 1452 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
12:11:26.0437 1452 AudioSrv - ok
12:11:26.0531 1452 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
12:11:26.0531 1452 audstub - ok
12:11:26.0781 1452 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:11:26.0781 1452 avast! Antivirus - ok
12:11:26.0906 1452 [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
12:11:26.0906 1452 BCM43XX - ok
12:11:26.0968 1452 [ 6489310D11971F6BA6C7F49BE0BAF6E0 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
12:11:26.0968 1452 bcm4sbxp - ok
12:11:27.0000 1452 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:11:27.0000 1452 Beep - ok
12:11:27.0140 1452 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
12:11:27.0156 1452 BITS - ok
12:11:27.0203 1452 [ CAC61BDD786A6928989451871FBCEDB8 ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe
12:11:27.0203 1452 Brother XP spl Service - ok
12:11:27.0265 1452 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
12:11:27.0265 1452 Browser - ok
12:11:27.0312 1452 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:11:27.0312 1452 cbidf - ok
12:11:27.0312 1452 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
12:11:27.0328 1452 cbidf2k - ok
12:11:27.0328 1452 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:11:27.0328 1452 cd20xrnt - ok
12:11:27.0390 1452 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
12:11:27.0390 1452 Cdaudio - ok
12:11:27.0468 1452 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
12:11:27.0468 1452 Cdfs - ok
12:11:27.0484 1452 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:11:27.0484 1452 Cdrom - ok
12:11:27.0500 1452 Changer - ok
12:11:27.0562 1452 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
12:11:27.0578 1452 CiSvc - ok
12:11:27.0656 1452 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
12:11:27.0656 1452 ClipSrv - ok
12:11:27.0687 1452 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:11:27.0687 1452 CmBatt - ok
12:11:27.0750 1452 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:11:27.0750 1452 CmdIde - ok
12:11:27.0765 1452 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:11:27.0765 1452 Compbatt - ok
12:11:27.0781 1452 COMSysApp - ok
12:11:27.0796 1452 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:11:27.0796 1452 Cpqarray - ok
12:11:27.0828 1452 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
12:11:27.0828 1452 CryptSvc - ok
12:11:27.0859 1452 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:11:27.0859 1452 dac2w2k - ok
12:11:27.0859 1452 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:11:27.0875 1452 dac960nt - ok
12:11:27.0937 1452 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:11:27.0953 1452 DcomLaunch - ok
12:11:28.0031 1452 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
12:11:28.0031 1452 Dhcp - ok
12:11:28.0078 1452 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
12:11:28.0078 1452 Disk - ok
12:11:28.0078 1452 dmadmin - ok
12:11:28.0203 1452 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
12:11:28.0218 1452 dmboot - ok
12:11:28.0234 1452 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
12:11:28.0250 1452 dmio - ok
12:11:28.0250 1452 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
12:11:28.0250 1452 dmload - ok
12:11:28.0312 1452 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
12:11:28.0312 1452 dmserver - ok
12:11:28.0359 1452 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
12:11:28.0359 1452 DMusic - ok
12:11:28.0406 1452 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:11:28.0421 1452 Dnscache - ok
12:11:28.0468 1452 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
12:11:28.0468 1452 Dot3svc - ok
12:11:28.0484 1452 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:11:28.0484 1452 dpti2o - ok
12:11:28.0515 1452 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:11:28.0515 1452 drmkaud - ok
12:11:28.0625 1452 [ 2AC2372FFAD9ADC85672CC8E8AE14BE9 ] DSproct C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
12:11:28.0625 1452 DSproct - ok
12:11:28.0640 1452 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
12:11:28.0640 1452 E100B - ok
12:11:28.0687 1452 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
12:11:28.0687 1452 EapHost - ok
12:11:28.0718 1452 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
12:11:28.0718 1452 ERSvc - ok
12:11:28.0781 1452 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
12:11:28.0796 1452 Eventlog - ok
12:11:28.0875 1452 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
12:11:28.0875 1452 EventSystem - ok
12:11:28.0968 1452 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
12:11:28.0968 1452 Fastfat - ok
12:11:29.0031 1452 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:11:29.0046 1452 FastUserSwitchingCompatibility - ok
12:11:29.0093 1452 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
12:11:29.0109 1452 Fax - ok
12:11:29.0109 1452 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
12:11:29.0109 1452 Fdc - ok
12:11:29.0171 1452 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
12:11:29.0171 1452 Fips - ok
12:11:29.0171 1452 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:11:29.0171 1452 Flpydisk - ok
12:11:29.0203 1452 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:11:29.0203 1452 FltMgr - ok
12:11:29.0218 1452 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:11:29.0218 1452 Fs_Rec - ok
12:11:29.0281 1452 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:11:29.0281 1452 Ftdisk - ok
12:11:29.0390 1452 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
12:11:29.0390 1452 GoogleDesktopManager-051210-111108 - ok
12:11:29.0406 1452 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:11:29.0406 1452 Gpc - ok
12:11:29.0421 1452 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:11:29.0421 1452 HDAudBus - ok
12:11:29.0546 1452 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:11:29.0546 1452 helpsvc - ok
12:11:29.0546 1452 HidServ - ok
12:11:29.0609 1452 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:11:29.0609 1452 HidUsb - ok
12:11:29.0671 1452 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
12:11:29.0671 1452 hkmsvc - ok
12:11:29.0687 1452 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
12:11:29.0687 1452 hpn - ok
12:11:29.0781 1452 [ E8EC1767EA315A39A0DD8989952CA0E9 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
12:11:29.0796 1452 HSF_DPV - ok
12:11:29.0828 1452 [ 61478FA42EE04562E7F11F4DCA87E9C8 ] HSXHWAZL C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
12:11:29.0828 1452 HSXHWAZL - ok
12:11:29.0906 1452 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
12:11:29.0921 1452 HTTP - ok
12:11:29.0953 1452 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
12:11:29.0968 1452 HTTPFilter - ok
12:11:30.0000 1452 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
12:11:30.0000 1452 i2omgmt - ok
12:11:30.0046 1452 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:11:30.0062 1452 i2omp - ok
12:11:30.0078 1452 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:11:30.0078 1452 i8042prt - ok
12:11:30.0203 1452 [ CC449157474D5E43DAEA7E20F52C635A ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
12:11:30.0218 1452 ialm - ok
12:11:30.0265 1452 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
12:11:30.0265 1452 Imapi - ok
12:11:30.0328 1452 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
12:11:30.0328 1452 ImapiService - ok
12:11:30.0343 1452 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:11:30.0343 1452 ini910u - ok
12:11:30.0343 1452 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
12:11:30.0359 1452 IntelIde - ok
12:11:30.0390 1452 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:11:30.0406 1452 intelppm - ok
12:11:30.0421 1452 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
12:11:30.0437 1452 Ip6Fw - ok
12:11:30.0437 1452 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:11:30.0437 1452 IpFilterDriver - ok
12:11:30.0453 1452 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:11:30.0453 1452 IpInIp - ok
12:11:30.0500 1452 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:11:30.0500 1452 IpNat - ok
12:11:30.0531 1452 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:11:30.0531 1452 IPSec - ok
12:11:30.0546 1452 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
12:11:30.0546 1452 IRENUM - ok
12:11:30.0578 1452 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:11:30.0578 1452 isapnp - ok
12:11:30.0656 1452 [ A1509BA3A5FDC5366146E92B3D130EB5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
12:11:30.0656 1452 JavaQuickStarterService - ok
12:11:30.0671 1452 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:11:30.0671 1452 Kbdclass - ok
12:11:30.0703 1452 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
12:11:30.0703 1452 kmixer - ok
12:11:30.0734 1452 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
12:11:30.0750 1452 KSecDD - ok
12:11:30.0781 1452 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
12:11:30.0796 1452 lanmanserver - ok
12:11:30.0828 1452 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:11:30.0843 1452 lanmanworkstation - ok
12:11:30.0859 1452 lbrtfdc - ok
12:11:30.0906 1452 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
12:11:30.0921 1452 LmHosts - ok
12:11:30.0984 1452 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
12:11:30.0984 1452 MBAMSwissArmy - ok
12:11:31.0093 1452 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
12:11:31.0109 1452 McComponentHostService - ok
12:11:31.0156 1452 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:11:31.0156 1452 mdmxsdk - ok
12:11:31.0203 1452 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
12:11:31.0203 1452 Messenger - ok
12:11:31.0250 1452 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
12:11:31.0250 1452 mnmdd - ok
12:11:31.0296 1452 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
12:11:31.0296 1452 mnmsrvc - ok
12:11:31.0343 1452 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
12:11:31.0359 1452 Modem - ok
12:11:31.0375 1452 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:11:31.0375 1452 Mouclass - ok
12:11:31.0421 1452 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:11:31.0421 1452 mouhid - ok
12:11:31.0437 1452 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
12:11:31.0453 1452 MountMgr - ok
12:11:31.0500 1452 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:11:31.0500 1452 MozillaMaintenance - ok
12:11:31.0562 1452 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:11:31.0562 1452 mraid35x - ok
12:11:31.0562 1452 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:11:31.0578 1452 MRxDAV - ok
12:11:31.0640 1452 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:11:31.0656 1452 MRxSmb - ok
12:11:31.0703 1452 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
12:11:31.0718 1452 MSDTC - ok
12:11:31.0718 1452 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:11:31.0718 1452 Msfs - ok
12:11:31.0734 1452 MSIServer - ok
12:11:31.0750 1452 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:11:31.0765 1452 MSKSSRV - ok
12:11:31.0765 1452 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:11:31.0765 1452 MSPCLOCK - ok
12:11:31.0781 1452 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:11:31.0781 1452 MSPQM - ok
12:11:31.0843 1452 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:11:31.0843 1452 mssmbios - ok
12:11:31.0859 1452 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
12:11:31.0875 1452 Mup - ok
12:11:31.0906 1452 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
12:11:31.0921 1452 napagent - ok
12:11:31.0968 1452 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
12:11:31.0968 1452 NDIS - ok
12:11:32.0015 1452 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:11:32.0031 1452 NdisTapi - ok
12:11:32.0031 1452 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:11:32.0031 1452 Ndisuio - ok
12:11:32.0046 1452 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:11:32.0046 1452 NdisWan - ok
12:11:32.0109 1452 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:11:32.0109 1452 NDProxy - ok
12:11:32.0125 1452 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:11:32.0125 1452 NetBIOS - ok
12:11:32.0140 1452 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:11:32.0140 1452 NetBT - ok
12:11:32.0187 1452 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
12:11:32.0203 1452 NetDDE - ok
12:11:32.0203 1452 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
12:11:32.0218 1452 NetDDEdsdm - ok
12:11:32.0250 1452 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:11:32.0265 1452 Netlogon - ok
12:11:32.0281 1452 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
12:11:32.0296 1452 Netman - ok
12:11:32.0375 1452 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:11:32.0375 1452 NIC1394 - ok
12:11:32.0484 1452 [ 8A6FA8E0B302DF2496802AAFDA5CE810 ] NICCONFIGSVC C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
12:11:32.0484 1452 NICCONFIGSVC - ok
12:11:32.0578 1452 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
12:11:32.0593 1452 Nla - ok
12:11:32.0609 1452 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:11:32.0609 1452 Npfs - ok
12:11:32.0640 1452 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:11:32.0640 1452 Ntfs - ok
12:11:32.0687 1452 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
12:11:32.0703 1452 NtLmSsp - ok
12:11:32.0765 1452 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
12:11:32.0781 1452 NtmsSvc - ok
12:11:32.0812 1452 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
12:11:32.0812 1452 Null - ok
12:11:32.0906 1452 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:11:32.0937 1452 nv - ok
12:11:33.0000 1452 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:11:33.0000 1452 NwlnkFlt - ok
12:11:33.0000 1452 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:11:33.0000 1452 NwlnkFwd - ok
12:11:33.0046 1452 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:11:33.0062 1452 ohci1394 - ok
12:11:33.0125 1452 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:11:33.0125 1452 ose - ok
12:11:33.0156 1452 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
12:11:33.0156 1452 Parport - ok
12:11:33.0171 1452 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
12:11:33.0171 1452 PartMgr - ok
12:11:33.0187 1452 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
12:11:33.0187 1452 ParVdm - ok
12:11:33.0203 1452 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
12:11:33.0203 1452 PCI - ok
12:11:33.0218 1452 PCIDump - ok
12:11:33.0218 1452 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
12:11:33.0218 1452 PCIIde - ok
12:11:33.0281 1452 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
12:11:33.0281 1452 Pcmcia - ok
12:11:33.0281 1452 PDCOMP - ok
12:11:33.0296 1452 PDFRAME - ok
12:11:33.0296 1452 PDRELI - ok
12:11:33.0312 1452 PDRFRAME - ok
12:11:33.0312 1452 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
12:11:33.0312 1452 perc2 - ok
12:11:33.0328 1452 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:11:33.0328 1452 perc2hib - ok
12:11:33.0359 1452 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
12:11:33.0375 1452 PlugPlay - ok
12:11:33.0390 1452 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
12:11:33.0390 1452 PolicyAgent - ok
12:11:33.0406 1452 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:11:33.0421 1452 PptpMiniport - ok
12:11:33.0421 1452 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:11:33.0437 1452 ProtectedStorage - ok
12:11:33.0437 1452 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
12:11:33.0437 1452 PSched - ok
12:11:33.0468 1452 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:11:33.0468 1452 Ptilink - ok
12:11:33.0484 1452 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:11:33.0484 1452 ql1080 - ok
12:11:33.0484 1452 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:11:33.0500 1452 Ql10wnt - ok
12:11:33.0500 1452 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:11:33.0500 1452 ql12160 - ok
12:11:33.0546 1452 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:11:33.0546 1452 ql1240 - ok
12:11:33.0562 1452 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:11:33.0562 1452 ql1280 - ok
12:11:33.0578 1452 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:11:33.0593 1452 RasAcd - ok
12:11:33.0625 1452 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:11:33.0640 1452 RasAuto - ok
12:11:33.0687 1452 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:11:33.0703 1452 Rasl2tp - ok
12:11:33.0750 1452 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:11:33.0765 1452 RasMan - ok
12:11:33.0781 1452 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:11:33.0781 1452 RasPppoe - ok
12:11:33.0796 1452 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
12:11:33.0796 1452 Raspti - ok
12:11:33.0828 1452 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:11:33.0828 1452 Rdbss - ok
12:11:33.0828 1452 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:11:33.0843 1452 RDPCDD - ok
12:11:33.0875 1452 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:11:33.0875 1452 rdpdr - ok
12:11:33.0937 1452 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
12:11:33.0937 1452 RDPWD - ok
12:11:33.0968 1452 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
12:11:33.0984 1452 RDSessMgr - ok
12:11:34.0015 1452 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
12:11:34.0031 1452 redbook - ok
12:11:34.0062 1452 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:11:34.0078 1452 RemoteAccess - ok
12:11:34.0078 1452 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
12:11:34.0093 1452 RpcLocator - ok
12:11:34.0140 1452 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:11:34.0156 1452 RpcSs - ok
12:11:34.0234 1452 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
12:11:34.0250 1452 RSVP - ok
12:11:34.0281 1452 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
12:11:34.0296 1452 SamSs - ok
12:11:34.0296 1452 SBRE - ok
12:11:34.0312 1452 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
12:11:34.0328 1452 SCardSvr - ok
12:11:34.0375 1452 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:11:34.0390 1452 Schedule - ok
12:11:34.0437 1452 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:11:34.0453 1452 Secdrv - ok
12:11:34.0468 1452 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
12:11:34.0484 1452 seclogon - ok
12:11:34.0515 1452 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
12:11:34.0531 1452 SENS - ok
12:11:34.0562 1452 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
12:11:34.0562 1452 serenum - ok
12:11:34.0578 1452 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
12:11:34.0578 1452 Serial - ok
12:11:34.0609 1452 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
12:11:34.0609 1452 Sfloppy - ok
12:11:34.0718 1452 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:11:34.0734 1452 SharedAccess - ok
12:11:34.0812 1452 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:11:34.0828 1452 ShellHWDetection - ok
12:11:34.0828 1452 Simbad - ok
12:11:34.0906 1452 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:11:34.0906 1452 sisagp - ok
12:11:34.0937 1452 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:11:34.0937 1452 Sparrow - ok
12:11:35.0015 1452 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
12:11:35.0015 1452 splitter - ok
12:11:35.0078 1452 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
12:11:35.0093 1452 Spooler - ok
12:11:35.0109 1452 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
12:11:35.0109 1452 sr - ok
12:11:35.0187 1452 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
12:11:35.0203 1452 srservice - ok
12:11:35.0406 1452 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:11:35.0406 1452 Srv - ok
12:11:35.0515 1452 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:11:35.0625 1452 SSDPSRV - ok
12:11:35.0921 1452 [ 3AD78E22210D3FBD9F76DE84A8DF19B5 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
12:11:35.0921 1452 STHDA - ok
12:11:36.0156 1452 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
12:11:36.0171 1452 stisvc - ok
12:11:36.0265 1452 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
12:11:36.0265 1452 swenum - ok
12:11:36.0343 1452 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
12:11:36.0343 1452 swmidi - ok
12:11:36.0343 1452 SwPrv - ok
12:11:36.0390 1452 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
12:11:36.0406 1452 symc810 - ok
12:11:36.0718 1452 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:11:36.0718 1452 symc8xx - ok
12:11:36.0828 1452 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:11:36.0828 1452 sym_hi - ok
12:11:36.0859 1452 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:11:36.0859 1452 sym_u3 - ok
12:11:36.0984 1452 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
12:11:36.0984 1452 sysaudio - ok
12:11:37.0078 1452 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
12:11:37.0093 1452 SysmonLog - ok
12:11:37.0125 1452 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:11:37.0140 1452 TapiSrv - ok
12:11:37.0265 1452 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:11:37.0281 1452 Tcpip - ok
12:11:37.0312 1452 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
12:11:37.0312 1452 TDPIPE - ok
12:11:37.0328 1452 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
12:11:37.0343 1452 TDTCP - ok
12:11:37.0375 1452 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
12:11:37.0375 1452 TermDD - ok
12:11:37.0921 1452 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
12:11:37.0921 1452 TermService - ok
12:11:37.0984 1452 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
12:11:38.0000 1452 Themes - ok
12:11:38.0046 1452 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
12:11:38.0046 1452 TosIde - ok
12:11:38.0187 1452 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
12:11:38.0203 1452 TrkWks - ok
12:11:38.0281 1452 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
12:11:38.0281 1452 Udfs - ok
12:11:38.0312 1452 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
12:11:38.0312 1452 ultra - ok
12:11:38.0578 1452 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
12:11:38.0578 1452 Update - ok
12:11:38.0656 1452 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:11:38.0656 1452 upnphost - ok
12:11:38.0703 1452 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
12:11:38.0703 1452 UPS - ok
12:11:38.0734 1452 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:11:38.0734 1452 usbehci - ok
12:11:38.0765 1452 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:11:38.0765 1452 usbhub - ok
12:11:38.0843 1452 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:11:38.0843 1452 usbprint - ok
12:11:38.0906 1452 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:11:38.0921 1452 usbscan - ok
12:11:39.0031 1452 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:11:39.0031 1452 USBSTOR - ok
12:11:39.0062 1452 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:11:39.0062 1452 usbuhci - ok
12:11:39.0078 1452 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
12:11:39.0078 1452 VgaSave - ok
12:11:39.0156 1452 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:11:39.0156 1452 viaagp - ok
12:11:39.0171 1452 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
12:11:39.0171 1452 ViaIde - ok
12:11:39.0203 1452 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
12:11:39.0203 1452 VolSnap - ok
12:11:39.0453 1452 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
12:11:39.0453 1452 VSS - ok
12:11:39.0500 1452 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
12:11:39.0500 1452 w32time - ok
12:11:39.0562 1452 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:11:39.0562 1452 Wanarp - ok
12:11:39.0578 1452 WDICA - ok
12:11:39.0593 1452 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
12:11:39.0593 1452 wdmaud - ok
12:11:39.0656 1452 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:11:39.0671 1452 WebClient - ok
12:11:39.0828 1452 [ BA6B6FB242A6BA4068C8B763063BEB63 ] winachsf C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
12:11:39.0843 1452 winachsf - ok
12:11:40.0218 1452 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:11:40.0218 1452 winmgmt - ok
12:11:40.0234 1452 wltrysvc - ok
12:11:40.0406 1452 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
12:11:40.0421 1452 WmdmPmSN - ok
12:11:40.0484 1452 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
12:11:40.0484 1452 WmiAcpi - ok
12:11:40.0531 1452 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:11:40.0531 1452 WmiApSrv - ok
12:11:41.0125 1452 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
12:11:41.0140 1452 WMPNetworkSvc - ok
12:11:41.0203 1452 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
12:11:41.0218 1452 wscsvc - ok
12:11:41.0218 1452 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
12:11:41.0234 1452 wuauserv - ok
12:11:41.0296 1452 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:11:41.0296 1452 WudfPf - ok
12:11:41.0375 1452 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:11:41.0375 1452 WudfRd - ok
12:11:41.0421 1452 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
12:11:41.0421 1452 WudfSvc - ok
12:11:41.0546 1452 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
12:11:41.0578 1452 WZCSVC - ok
12:11:41.0625 1452 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
12:11:41.0640 1452 xmlprov - ok
12:11:41.0640 1452 ================ Scan global ===============================
12:11:41.0718 1452 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
12:11:41.0781 1452 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:11:41.0796 1452 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:11:41.0828 1452 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
12:11:41.0843 1452 [Global] - ok
12:11:41.0843 1452 ================ Scan MBR ==================================
12:11:41.0875 1452 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
12:11:42.0125 1452 \Device\Harddisk0\DR0 - ok
12:11:42.0125 1452 ================ Scan VBR ==================================
12:11:42.0140 1452 [ FD06A1FBB023C1EE460D983B551866BB ] \Device\Harddisk0\DR0\Partition1
12:11:42.0140 1452 \Device\Harddisk0\DR0\Partition1 - ok
12:11:42.0140 1452 ============================================================
12:11:42.0140 1452 Scan finished
12:11:42.0140 1452 ============================================================
12:11:42.0156 1448 Detected object count: 0
12:11:42.0156 1448 Actual detected object count: 0
blackhillsgalsbff
Regular Member
 
Posts: 21
Joined: November 13th, 2012, 3:20 pm

Re: Please check out my laptop for me?

Unread postby nunped » November 25th, 2012, 7:03 pm

Hi blackhillsgalsbff,

Let's confirm it's clean with another scan
Step 1 - aswMBR - Scan

Please download aswMBR.exe ... © Avast Software ( 511KB ). Save it to your desktop.
  1. Double click the aswMBR.exe icon to run it.
  2. aswmbr uses Avast's virus definition, if prompted to download definitions, reply Yes.
    It may take some time for these definitions to download, please be patient.
  3. Make sure Quick Scan is set in the options, then click the "Scan" button to start the scan.
    The scan wil take a few minutes, please be patient.
  4. On completion, "Scan finished successfully" will be displayed. Press the "Save log" button.
  5. You'll be prompted to save a file named "aswMBR.txt". Save it to your desktop.
  6. Please copy and paste the contents of aswMBR.txt in your next reply.
Note: A file will be created and placed on your desktop when you execute aswMBR, named MBR.dat
This is a copy of your MBR record, before any changes, to be used to recover MBR to previous condition, if problem exist after changes.

Step 2 - OTL fix
  • Double click OTL.exe to launch the program.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:commands
[createrestorepoint]

:OTL
IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.50searchengines.com/?op [Binary data over 200 bytes]
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=114066 ... 197dbd54ff
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=114066&tt=4212_1&babsrc=SP_ss&mntrId=3cefb9b300000000000000197dbd54ff
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}
IE - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\SearchScopes\Comcast: "URL" = http://search.xfinity.com/?cat=subweb&con=mmchrome&q={searchTerms}&cid=xfstart_tech_search
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=114066&tt=4212_1&babsrc=HP_ss&mntrId=3cefb9b300000000000000197dbd54ff"
FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.5.0
[2012/10/19 19:37:22 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
CHR - homepage: http://search.babylon.com/?affID=114066 ... 197dbd54ff
CHR - homepage: http://search.babylon.com/?affID=114066 ... 197dbd54ff
O8 - Extra context menu item: &Search - http://tbedits.televisionfanatic.com/on ... 2011081118 File not found
O15 - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)

:commands
[emptytemp]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Please, post both logs in your next answer.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Please check out my laptop for me?

Unread postby blackhillsgalsbff » November 26th, 2012, 2:51 am

Hello, nunped,
When I open IE, it opens one window with several tabs. The first tab is MSN.com (hxxp://www.msn.com/?ocid=iehp), the rest are weird aol searches Here is an example of one of the other tabs: hxxp://search.aol.com/aol/search?&query=%EF%A0%B0%CF%B9S&tb_oid=15-02-2012&invocationType=tb50-ie-aolrt-ab-en-us&tb_mrud=30-04-2012&tb_uuid=20120215104459265
Thank you!
Here are the requested logs:
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-26 01:08:44
-----------------------------
01:08:44.562 OS Version: Windows 5.1.2600 Service Pack 3
01:08:44.562 Number of processors: 2 586 0xF02
01:08:44.562 ComputerName: DBH2RNC1 UserName: Louise
01:08:45.250 Initialize success
01:08:45.406 AVAST engine defs: 12112500
01:09:55.515 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
01:09:55.515 Disk 0 Vendor: ST96812AS 8.04 Size: 57231MB BusType: 3
01:09:55.593 Disk 0 MBR read successfully
01:09:55.593 Disk 0 MBR scan
01:09:55.609 Disk 0 Windows XP default MBR code
01:09:55.609 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
01:09:55.609 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 57168 MB offset 96390
01:09:55.609 Disk 0 scanning sectors +117178110
01:09:55.687 Disk 0 scanning C:\WINDOWS\system32\drivers
01:10:03.312 Service scanning
01:10:16.921 Modules scanning
01:10:41.312 Disk 0 trace - called modules:
01:10:41.390 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
01:10:41.890 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a668ab8]
01:10:41.890 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000078[0x8a667f18]
01:10:41.890 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a67d940]
01:10:42.281 AVAST engine scan C:\WINDOWS
01:11:00.578 AVAST engine scan C:\WINDOWS\system32
01:12:33.000 AVAST engine scan C:\WINDOWS\system32\drivers
01:12:45.359 AVAST engine scan C:\Documents and Settings\Louise
01:18:34.734 AVAST engine scan C:\Documents and Settings\All Users
01:19:15.953 Scan finished successfully
01:21:00.750 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Louise\Desktop\MBR.dat"
01:21:00.750 The log file has been saved successfully to "C:\Documents and Settings\Louise\Desktop\aswMBR.txt"


All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}\ not found.
HKU\S-1-5-21-1205570126-4147309066-707695593-1007\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-1205570126-4147309066-707695593-1007\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1205570126-4147309066-707695593-1007\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-1205570126-4147309066-707695593-1007\Software\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}\ not found.
Registry key HKEY_USERS\S-1-5-21-1205570126-4147309066-707695593-1007\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
Prefs.js: "Search the web (Babylon)" removed from browser.search.selectedEngine
Prefs.js: "http://search.babylon.com/?affID=114066&tt=4212_1&babsrc=HP_ss&mntrId=3cefb9b300000000000000197dbd54ff" removed from browser.startup.homepage
Prefs.js: ffxtlbr@babylon.com:1.5.0 removed from extensions.enabledAddons
C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
Use Chrome's Settings page to change the HomePage.
Use Chrome's Settings page to change the HomePage.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1205570126-4147309066-707695593-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1205570126-4147309066-707695593-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 56468 bytes

User: joey

User: joey.DBH2RNC1
->Temp folder emptied: 2055431 bytes
->Temporary Internet Files folder emptied: 6249352 bytes
->FireFox cache emptied: 112459064 bytes
->Google Chrome cache emptied: 352498630 bytes
->Flash cache emptied: 57316 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 633387 bytes

User: Louise
->Temp folder emptied: 518602316 bytes
->Temporary Internet Files folder emptied: 13002619 bytes
->Java cache emptied: 141623 bytes
->FireFox cache emptied: 67392156 bytes
->Google Chrome cache emptied: 90883919 bytes
->Flash cache emptied: 506 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 56978 bytes

User: ROBIN

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 28188711 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 9228824 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 44562 bytes
RecycleBin emptied: 56046 bytes

Total Files Cleaned = 1,146.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11262012_012451

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Louise\Local Settings\Temp\~DF8236.tmp not found!
File\Folder C:\Documents and Settings\Louise\Local Settings\Temp\~DF879F.tmp not found!
File\Folder C:\Documents and Settings\Louise\Local Settings\Temp\~DF891A.tmp not found!
File\Folder C:\Documents and Settings\Louise\Local Settings\Temp\~DF8A13.tmp not found!
File\Folder C:\Documents and Settings\Louise\Local Settings\Temp\~DF8C26.tmp not found!
File\Folder C:\Documents and Settings\Louise\Local Settings\Temp\~DF8C4F.tmp not found!
C:\Documents and Settings\Louise\Local Settings\Temporary Internet Files\Content.IE5\3AL9J4A3\viewtopic[1].htm moved successfully.
C:\Documents and Settings\Louise\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
blackhillsgalsbff
Regular Member
 
Posts: 21
Joined: November 13th, 2012, 3:20 pm

Re: Please check out my laptop for me?

Unread postby nunped » November 27th, 2012, 4:00 pm

Hi blackhillsgalsbff!

Let's try to fix that AOL stuff:

Step 1 - Add/Remove programs
  • Click on start
  • Then Run
  • In the open text entry box please copy/paste appwiz.cpl Then click enter.
  • Press the "Remove" or "Change/Remove"...button to uninstall the following if present.
AOL Toolbar
Price Check by AOL



Step 2 - OTL fix
  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Image textbox. Do not include the word Code.

    Code: Select all
    :commands
    [createrestorepoint]
    
    :otl
    IE - HKLM\..\URLSearchHook: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
    IE  - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" =  http://slirsredirect.search.aol.com/red ...  843&query={searchTerms}&invocationType=tb50-ie-aolrt-chromesbox-en-us&tb_uuid=20120215104459265&tb_oid=15-02-2012&tb_mrud=30-04-2012
    IE  - HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\URLSearchHook:  {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL  Toolbar\aoltb.dll (AOL Inc.)
    IE -  HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}:  "URL" = http://slirsredirect.search.aol.com/red ...  843&query={searchTerms}&invocationType=tb50-ie-aol.r-chromesbox-en-us&tb_uuid=20120215104459265&tb_oid=15-02-2012&tb_mrud=15-02-2012
    O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
    O2  - BHO: (Price Check by AOL) - {D25B97E9-62B2-40CE-BECF-E43A7B879072} -  C:\Program Files\Price Check by AOL\aolpricecheck.dll (AOL Inc.)
    O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
    O3  -  HKU\S-1-5-21-1205570126-4147309066-707695593-1007\..\Toolbar\WebBrowser:  (AOL Toolbar) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program  Files\AOL Toolbar\aoltb.dll (AOL Inc.)
    
    :commands
    [REBOOT]

  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Step 3 - ESET online scannner
Note: You can use either Internet Explorer or Mozilla FireFox for this scan.


  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scannner
  • Select the option YES, I accept the Terms of Use then click on Start.
    Quote:
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:

    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

For the next post:
  • OTL log
  • ESET log
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 25 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware