Page 6 of 7 FirstFirst ... 234567 LastLast
Results 51 to 60 of 69

Thread: Malware redirects Google Search Results

  1. #51
    Security Expert jeffce's Avatar
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,039

    Default

    Hi,

    Please download TDSSKiller.zip
    • Extract it to your desktop
    • Double click TDSSKiller.exe
    • when the window opens, click on Change Parameters
    • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
    • click OK
    • Press Start Scan
      • Only if Malicious objects are found then ensure Cure is selected
      • Then click Continue > Reboot now
    • Copy and paste the log in your next reply
      • A copy of the log will be saved automatically to the root of the drive (typically C:\)
    http://i1224.photobucket.com/albums/ee380/jeffce74/Bleedingbanner2.jpg

  2. #52
    Member
    Join Date
    Apr 2012
    Posts
    46

    Default

    Hi Jeff. Here is the log. The tool said it found a suspicious object, but not a malicious object, so I did not cure it as instructed.

    04:31:42.0625 2772 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
    04:31:43.0250 2772 ============================================================
    04:31:43.0250 2772 Current date / time: 2012/04/19 04:31:43.0250
    04:31:43.0250 2772 SystemInfo:
    04:31:43.0250 2772
    04:31:43.0250 2772 OS Version: 5.1.2600 ServicePack: 3.0
    04:31:43.0250 2772 Product type: Workstation
    04:31:43.0250 2772 ComputerName: MJH
    04:31:43.0265 2772 UserName: Mike Hoover
    04:31:43.0265 2772 Windows directory: C:\WINDOWS
    04:31:43.0265 2772 System windows directory: C:\WINDOWS
    04:31:43.0265 2772 Processor architecture: Intel x86
    04:31:43.0265 2772 Number of processors: 1
    04:31:43.0265 2772 Page size: 0x1000
    04:31:43.0265 2772 Boot type: Normal boot
    04:31:43.0265 2772 ============================================================
    04:31:53.0296 2772 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
    04:31:53.0328 2772 Drive \Device\Harddisk1\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
    04:31:53.0328 2772 \Device\Harddisk0\DR0:
    04:31:53.0328 2772 MBR partitions:
    04:31:53.0328 2772 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x94EAFF8
    04:31:53.0328 2772 \Device\Harddisk1\DR3:
    04:31:53.0375 2772 MBR partitions:
    04:31:53.0375 2772 \Device\Harddisk1\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
    04:31:53.0437 2772 C: <-> \Device\Harddisk0\DR0\Partition0
    04:31:53.0484 2772 F: <-> \Device\Harddisk1\DR3\Partition0
    04:31:53.0484 2772 Initialize success
    04:31:53.0484 2772 ============================================================
    04:33:20.0843 1792 ============================================================
    04:33:20.0843 1792 Scan started
    04:33:20.0843 1792 Mode: Manual; TDLFS;
    04:33:20.0843 1792 ============================================================
    04:33:21.0265 1792 6to4 (c07d5197410aab28d0d93f943f59656d) C:\WINDOWS\System32\6to4svc.dll
    04:33:21.0265 1792 6to4 - ok
    04:33:21.0484 1792 Abiosdsk - ok
    04:33:21.0718 1792 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
    04:33:21.0718 1792 abp480n5 - ok
    04:33:21.0968 1792 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    04:33:21.0968 1792 ACPI - ok
    04:33:22.0234 1792 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
    04:33:22.0234 1792 ACPIEC - ok
    04:33:22.0484 1792 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
    04:33:22.0484 1792 adpu160m - ok
    04:33:22.0718 1792 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
    04:33:22.0718 1792 aeaudio - ok
    04:33:22.0953 1792 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    04:33:22.0953 1792 aec - ok
    04:33:23.0125 1792 aegisp - ok
    04:33:23.0359 1792 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
    04:33:23.0359 1792 AFD - ok
    04:33:23.0578 1792 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
    04:33:23.0578 1792 agp440 - ok
    04:33:23.0828 1792 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
    04:33:23.0828 1792 agpCPQ - ok
    04:33:24.0046 1792 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
    04:33:24.0062 1792 Aha154x - ok
    04:33:24.0296 1792 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
    04:33:24.0296 1792 aic78u2 - ok
    04:33:24.0515 1792 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
    04:33:24.0515 1792 aic78xx - ok
    04:33:24.0718 1792 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
    04:33:24.0718 1792 Alerter - ok
    04:33:24.0921 1792 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
    04:33:24.0921 1792 ALG - ok
    04:33:25.0156 1792 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
    04:33:25.0156 1792 AliIde - ok
    04:33:25.0375 1792 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
    04:33:25.0390 1792 alim1541 - ok
    04:33:25.0656 1792 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
    04:33:25.0671 1792 amdagp - ok
    04:33:26.0156 1792 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
    04:33:26.0171 1792 amsint - ok
    04:33:26.0562 1792 AppMgmt - ok
    04:33:27.0062 1792 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    04:33:27.0078 1792 Arp1394 - ok
    04:33:27.0593 1792 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
    04:33:27.0609 1792 asc - ok
    04:33:28.0125 1792 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
    04:33:28.0125 1792 asc3350p - ok
    04:33:28.0703 1792 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
    04:33:28.0718 1792 asc3550 - ok
    04:33:29.0218 1792 Aspi32 - ok
    04:33:29.0578 1792 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
    04:33:29.0781 1792 aspnet_state - ok
    04:33:30.0328 1792 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    04:33:30.0343 1792 AsyncMac - ok
    04:33:30.0890 1792 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    04:33:30.0890 1792 atapi - ok
    04:33:34.0078 1792 Atdisk - ok
    04:33:37.0812 1792 atikmdag - ok
    04:33:45.0750 1792 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    04:33:45.0859 1792 Atmarpc - ok
    04:33:50.0359 1792 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
    04:33:50.0375 1792 AudioSrv - ok
    04:33:54.0218 1792 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    04:33:54.0218 1792 audstub - ok
    04:33:54.0468 1792 Basics Service (55fed228fe147ecb9c47a1c55388896e) C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
    04:33:54.0484 1792 Basics Service - ok
    04:33:55.0156 1792 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    04:33:55.0156 1792 Beep - ok
    04:33:55.0656 1792 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
    04:33:55.0796 1792 BITS - ok
    04:33:56.0500 1792 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
    04:33:56.0500 1792 Bridge - ok
    04:33:56.0515 1792 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
    04:33:56.0515 1792 BridgeMP - ok
    04:33:56.0906 1792 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
    04:33:56.0906 1792 Browser - ok
    04:33:57.0125 1792 catchme - ok
    04:33:57.0515 1792 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
    04:33:57.0531 1792 cbidf - ok
    04:33:57.0937 1792 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    04:33:57.0937 1792 cbidf2k - ok
    04:33:58.0250 1792 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    04:33:58.0250 1792 CCDECODE - ok
    04:33:58.0500 1792 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
    04:33:58.0500 1792 cd20xrnt - ok
    04:33:58.0812 1792 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    04:33:58.0812 1792 Cdaudio - ok
    04:33:59.0171 1792 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    04:33:59.0187 1792 Cdfs - ok
    04:33:59.0390 1792 Cdr4_xp (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
    04:33:59.0406 1792 Cdr4_xp - ok
    04:33:59.0625 1792 Cdralw2k (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
    04:33:59.0625 1792 Cdralw2k - ok
    04:34:00.0031 1792 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    04:34:00.0031 1792 Cdrom - ok
    04:34:00.0281 1792 cdudf_xp (cfd81f2140193fc7f1812e6d6eaf6795) C:\WINDOWS\system32\drivers\cdudf_xp.sys
    04:34:00.0343 1792 cdudf_xp - ok
    04:34:00.0546 1792 Changer - ok
    04:34:00.0718 1792 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
    04:34:00.0718 1792 CiSvc - ok
    04:34:00.0937 1792 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
    04:34:00.0937 1792 ClipSrv - ok
    04:34:01.0156 1792 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    04:34:01.0312 1792 clr_optimization_v2.0.50727_32 - ok
    04:34:03.0078 1792 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
    04:34:03.0109 1792 CmdIde - ok
    04:34:03.0968 1792 COMSysApp - ok
    04:34:06.0062 1792 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
    04:34:06.0062 1792 Cpqarray - ok
    04:34:07.0281 1792 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
    04:34:07.0281 1792 CryptSvc - ok
    04:34:07.0453 1792 ctdvda2k - ok
    04:34:07.0640 1792 CVirtA - ok
    04:34:08.0046 1792 CVPND (7e1a89338d8b7e1fde676fc2df0b399f) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    04:34:08.0109 1792 CVPND - ok
    04:34:08.0312 1792 CVPNDRVA - ok
    04:34:08.0562 1792 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
    04:34:08.0593 1792 dac2w2k - ok
    04:34:09.0093 1792 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
    04:34:09.0093 1792 dac960nt - ok
    04:34:09.0296 1792 DCamUSBEMPIA - ok
    04:34:09.0765 1792 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
    04:34:09.0796 1792 DcomLaunch - ok
    04:34:10.0203 1792 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
    04:34:10.0203 1792 Dhcp - ok
    04:34:10.0531 1792 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\DISK.SYS
    04:34:10.0531 1792 Disk - ok
    04:34:10.0687 1792 dmadmin - ok
    04:34:11.0281 1792 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
    04:34:11.0359 1792 dmboot - ok
    04:34:11.0609 1792 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
    04:34:11.0609 1792 dmio - ok
    04:34:12.0046 1792 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    04:34:12.0046 1792 dmload - ok
    04:34:12.0406 1792 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
    04:34:12.0421 1792 dmserver - ok
    04:34:12.0640 1792 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    04:34:12.0640 1792 DMusic - ok
    04:34:13.0015 1792 DNE - ok
    04:34:13.0734 1792 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
    04:34:13.0734 1792 Dnscache - ok
    04:34:13.0953 1792 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
    04:34:13.0953 1792 Dot3svc - ok
    04:34:14.0234 1792 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
    04:34:14.0234 1792 dpti2o - ok
    04:34:14.0468 1792 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    04:34:14.0468 1792 drmkaud - ok
    04:34:14.0578 1792 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
    04:34:14.0578 1792 DSBrokerService - ok
    04:34:14.0640 1792 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
    04:34:14.0640 1792 DSproct - ok
    04:34:14.0906 1792 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
    04:34:14.0906 1792 dsunidrv - ok
    04:34:15.0109 1792 dvd_2K - ok
    04:34:15.0328 1792 E100B (98b46b331404a951cabad8b4877e1276) C:\WINDOWS\system32\DRIVERS\e100b325.sys
    04:34:15.0328 1792 E100B - ok
    04:34:15.0515 1792 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
    04:34:15.0515 1792 EapHost - ok
    04:34:15.0671 1792 efs - ok
    04:34:15.0890 1792 EL90XBC - ok
    04:34:16.0125 1792 emAudio (e63252dc23558bacadcd2d1767bd8c47) C:\WINDOWS\system32\drivers\emAudio.sys
    04:34:16.0125 1792 emAudio - ok
    04:34:16.0343 1792 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
    04:34:16.0343 1792 ERSvc - ok
    04:34:16.0546 1792 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
    04:34:16.0562 1792 Eventlog - ok
    04:34:16.0765 1792 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
    04:34:16.0765 1792 EventSystem - ok
    04:34:17.0015 1792 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    04:34:17.0015 1792 Fastfat - ok
    04:34:17.0281 1792 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    04:34:17.0296 1792 FastUserSwitchingCompatibility - ok
    04:34:17.0500 1792 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
    04:34:17.0515 1792 Fdc - ok
    04:34:17.0750 1792 FilterService (50104c5f1ee1e295781caf9521ca2e56) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
    04:34:17.0750 1792 FilterService - ok
    04:34:17.0953 1792 FiltUSBEMPIA - ok
    04:34:18.0187 1792 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
    04:34:18.0187 1792 Fips - ok
    04:34:18.0406 1792 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    04:34:18.0406 1792 Flpydisk - ok
    04:34:18.0640 1792 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    04:34:18.0656 1792 FltMgr - ok
    04:34:18.0906 1792 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    04:34:18.0906 1792 FontCache3.0.0.0 - ok
    04:34:19.0156 1792 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    04:34:19.0156 1792 Fs_Rec - ok
    04:34:19.0390 1792 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    04:34:19.0390 1792 Ftdisk - ok
    04:34:19.0609 1792 fwdrv (3a3929b7a0eeef83df3a6c81e43a1fa9) C:\WINDOWS\system32\drivers\fwdrv.sys
    04:34:19.0640 1792 fwdrv - ok
    04:34:19.0859 1792 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    04:34:19.0859 1792 Gpc - ok
    04:34:20.0031 1792 GT680x - ok
    04:34:20.0187 1792 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
    04:34:20.0187 1792 helpsvc - ok
    04:34:20.0343 1792 HFACSVC - ok
    04:34:20.0484 1792 HidServ - ok
    04:34:20.0640 1792 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
    04:34:20.0656 1792 hkmsvc - ok
    04:34:20.0796 1792 houdiniserver - ok
    04:34:21.0031 1792 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
    04:34:21.0031 1792 hpn - ok
    04:34:21.0281 1792 HSFHWBS2 (96fae6dc24574b1cb08dcf9d984a5be4) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
    04:34:21.0312 1792 HSFHWBS2 - ok
    04:34:21.0578 1792 HSF_DP (2efa8dd8b0270a3a7202ce5f4da465b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
    04:34:21.0640 1792 HSF_DP - ok
    04:34:21.0859 1792 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    04:34:21.0875 1792 HTTP - ok
    04:34:22.0078 1792 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
    04:34:22.0078 1792 HTTPFilter - ok
    04:34:22.0296 1792 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
    04:34:22.0312 1792 i2omgmt - ok
    04:34:22.0531 1792 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
    04:34:22.0531 1792 i2omp - ok
    04:34:22.0765 1792 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    04:34:22.0765 1792 i8042prt - ok
    04:34:22.0968 1792 i81x - ok
    04:34:23.0171 1792 iAimFP0 - ok
    04:34:23.0375 1792 iAimFP1 - ok
    04:34:23.0578 1792 iAimFP2 - ok
    04:34:23.0781 1792 iAimFP3 - ok
    04:34:23.0984 1792 iAimFP4 - ok
    04:34:24.0187 1792 iAimTV0 - ok
    04:34:24.0406 1792 iAimTV1 - ok
    04:34:24.0593 1792 iAimTV2 - ok
    04:34:24.0812 1792 iAimTV3 - ok
    04:34:25.0015 1792 iAimTV4 - ok
    04:34:25.0250 1792 icm10blk - ok
    04:34:25.0406 1792 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    04:34:25.0406 1792 IDriverT - ok
    04:34:25.0640 1792 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    04:34:25.0718 1792 idsvc - ok
    04:34:26.0046 1792 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    04:34:26.0046 1792 Imapi - ok
    04:34:26.0234 1792 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
    04:34:26.0234 1792 ImapiService - ok
    04:34:26.0468 1792 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
    04:34:26.0468 1792 ini910u - ok
    04:34:26.0718 1792 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
    04:34:26.0718 1792 IntelIde - ok
    04:34:27.0046 1792 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    04:34:27.0046 1792 intelppm - ok
    04:34:27.0218 1792 IomegaAccess - ok
    04:34:27.0406 1792 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    04:34:27.0406 1792 ip6fw - ok
    04:34:27.0640 1792 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    04:34:27.0640 1792 IpFilterDriver - ok
    04:34:27.0859 1792 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    04:34:27.0859 1792 IpInIp - ok
    04:34:28.0093 1792 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    04:34:28.0093 1792 IpNat - ok
    04:34:28.0343 1792 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    04:34:28.0343 1792 IPSec - ok
    04:34:28.0593 1792 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    04:34:28.0593 1792 IRENUM - ok
    04:34:28.0843 1792 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    04:34:28.0843 1792 isapnp - ok
    04:34:29.0031 1792 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
    04:34:29.0031 1792 JavaQuickStarterService - ok
    04:34:29.0296 1792 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    04:34:29.0296 1792 Kbdclass - ok
    04:34:29.0531 1792 khips (d44c0f4fc254344bad74581632339963) C:\WINDOWS\system32\drivers\khips.sys
    04:34:29.0562 1792 khips - ok
    04:34:29.0796 1792 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    04:34:29.0796 1792 kmixer - ok
    04:34:30.0015 1792 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    04:34:30.0015 1792 KSecDD - ok
    04:34:30.0203 1792 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
    04:34:30.0218 1792 lanmanserver - ok
    04:34:30.0421 1792 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
    04:34:30.0453 1792 lanmanworkstation - ok
    04:34:30.0609 1792 lanusb - ok
    04:34:30.0796 1792 lbrtfdc - ok
    04:34:31.0000 1792 LexBceS (adcc087837f30e257ba794a50817aa9e) C:\WINDOWS\system32\LEXBCES.EXE
    04:34:31.0031 1792 LexBceS - ok
    04:34:31.0234 1792 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
    04:34:31.0234 1792 LmHosts - ok
    04:34:31.0390 1792 LVCOMSer (38440fe1a65b1fe3d246c5c4cad22f53) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    04:34:31.0406 1792 LVCOMSer - ok
    04:34:31.0640 1792 LVPr2Mon (a6919138f29ae45e90e99fa94737e04c) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
    04:34:31.0640 1792 LVPr2Mon - ok
    04:34:31.0781 1792 LVPrcSrv (28bd0e4b6c050b591b8cb35b9ad284e6) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    04:34:31.0796 1792 LVPrcSrv - ok
    04:34:32.0046 1792 LVRS (b895839b8743e400d7c7dae156f74e7e) C:\WINDOWS\system32\DRIVERS\lvrs.sys
    04:34:32.0078 1792 LVRS - ok
    04:34:32.0312 1792 LVUSBSta (23f8ef78bb9553e465a476f3cee5ca18) C:\WINDOWS\system32\drivers\LVUSBSta.sys
    04:34:32.0312 1792 LVUSBSta - ok
    04:34:32.0703 1792 LVUVC (8bc0d5f6e3898f465a94c6d03afb5a20) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
    04:34:32.0875 1792 LVUVC - ok
    04:34:33.0125 1792 mdmxsdk (aeb54ef22cb7c7e3f405f69f048d696c) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
    04:34:33.0125 1792 mdmxsdk - ok
    04:34:33.0281 1792 MemeoBackgroundService (9547f37d0e899fd71b52b2afd4437c79) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
    04:34:33.0281 1792 MemeoBackgroundService - ok
    04:34:33.0484 1792 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
    04:34:33.0484 1792 Messenger - ok
    04:34:33.0671 1792 mmc_2K - ok
    04:34:33.0921 1792 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    04:34:33.0921 1792 mnmdd - ok
    04:34:34.0109 1792 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
    04:34:34.0109 1792 mnmsrvc - ok
    04:34:34.0312 1792 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
    04:34:34.0312 1792 Modem - ok
    04:34:34.0515 1792 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    04:34:34.0515 1792 Mouclass - ok
    04:34:34.0734 1792 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    04:34:34.0734 1792 MountMgr - ok
    04:34:34.0953 1792 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
    04:34:34.0953 1792 mraid35x - ok
    04:34:35.0218 1792 MRENDIS5 - ok
    04:34:35.0671 1792 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    04:34:35.0687 1792 MRxDAV - ok
    04:34:35.0968 1792 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    04:34:36.0000 1792 MRxSmb - ok
    04:34:36.0296 1792 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
    04:34:36.0296 1792 MSDTC - ok
    04:34:36.0531 1792 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    04:34:36.0531 1792 Msfs - ok
    04:34:36.0687 1792 MSIServer - ok
    04:34:37.0281 1792 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    04:34:37.0296 1792 MSKSSRV - ok
    04:34:38.0093 1792 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    04:34:38.0125 1792 MSPCLOCK - ok
    04:34:38.0890 1792 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    04:34:38.0906 1792 MSPQM - ok
    04:34:39.0671 1792 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    04:34:39.0703 1792 mssmbios - ok
    04:34:40.0078 1792 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    04:34:40.0078 1792 MSTEE - ok
    04:34:40.0265 1792 MTK - ok
    04:34:40.0531 1792 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
    04:34:40.0531 1792 Mup - ok
    04:34:40.0796 1792 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    04:34:40.0796 1792 NABTSFEC - ok
    04:34:41.0031 1792 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
    04:34:41.0343 1792 napagent - ok
    04:34:41.0843 1792 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    04:34:41.0843 1792 NDIS - ok
    04:34:42.0093 1792 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    04:34:42.0093 1792 NdisIP - ok
    04:34:42.0484 1792 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    04:34:42.0484 1792 NdisTapi - ok
    04:34:42.0718 1792 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    04:34:42.0718 1792 Ndisuio - ok
    04:34:42.0937 1792 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    04:34:42.0937 1792 NdisWan - ok
    04:34:43.0250 1792 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    04:34:43.0281 1792 NDProxy - ok
    04:34:43.0484 1792 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    04:34:43.0484 1792 NetBIOS - ok
    04:34:43.0703 1792 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    04:34:43.0703 1792 NetBT - ok
    04:34:43.0906 1792 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
    04:34:43.0906 1792 NetDDE - ok
    04:34:43.0921 1792 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
    04:34:43.0921 1792 NetDDEdsdm - ok
    04:34:44.0125 1792 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    04:34:44.0125 1792 Netlogon - ok
    04:34:44.0312 1792 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
    04:34:44.0312 1792 Netman - ok
    04:34:44.0515 1792 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    04:34:44.0515 1792 NetTcpPortSharing - ok
    04:34:44.0765 1792 NgFilter (19cadea89c6577315b76f016f6da802d) C:\WINDOWS\system32\DRIVERS\ngfilter.sys
    04:34:44.0765 1792 NgFilter - ok
    04:34:44.0984 1792 NgLog (3608c65f0db2fc2d73d859d1c192c575) C:\WINDOWS\system32\DRIVERS\nglog.sys
    04:34:44.0984 1792 NgLog - ok
    04:34:45.0218 1792 NgVpn (83d5bc84a9ab622170eea134c2087121) C:\WINDOWS\system32\DRIVERS\ngvpn.sys
    04:34:45.0218 1792 NgVpn - ok
    04:34:46.0453 1792 NgVpnMgr (891fe6fe51a495502d272e3c34627f65) C:\WINDOWS\system32\ngvpnmgr.exe
    04:34:46.0640 1792 NgVpnMgr - ok
    04:34:47.0781 1792 NgWfp (833fedde4a87a744d9400f6cda35737c) C:\WINDOWS\system32\DRIVERS\ngwfp.sys
    04:34:47.0796 1792 NgWfp - ok
    04:34:49.0031 1792 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
    04:34:49.0031 1792 NIC1394 - ok
    04:34:49.0765 1792 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
    04:34:49.0781 1792 Nla - ok
    04:34:50.0015 1792 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
    04:34:50.0031 1792 nm - ok
    04:34:50.0250 1792 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    04:34:50.0250 1792 Npfs - ok
    04:34:50.0406 1792 nsm1bus - ok
    04:34:50.0640 1792 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    04:34:50.0671 1792 Ntfs - ok
    04:34:50.0890 1792 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
    04:34:50.0890 1792 NtLmSsp - ok
    04:34:51.0109 1792 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
    04:34:51.0140 1792 NtmsSvc - ok
    04:34:51.0375 1792 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    04:34:51.0375 1792 Null - ok
    04:34:51.0578 1792 nv - ok
    04:34:51.0781 1792 NVSvc (26712cf8be48bc767854927435c0b6a9) C:\WINDOWS\System32\nvsvc32.exe
    04:34:51.0781 1792 NVSvc - ok
    04:34:52.0000 1792 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    04:34:52.0000 1792 NwlnkFlt - ok
    04:34:52.0234 1792 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    04:34:52.0234 1792 NwlnkFwd - ok
    04:34:52.0453 1792 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
    04:34:52.0453 1792 NwlnkIpx - ok
    04:34:52.0687 1792 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
    04:34:52.0687 1792 NwlnkNb - ok
    04:34:52.0890 1792 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
    04:34:52.0906 1792 NwlnkSpx - ok
    04:34:53.0078 1792 NwSapAgent (4b83fcbbe72af5f99d109798653e8b78) C:\WINDOWS\System32\ipxsap.dll
    04:34:53.0078 1792 NwSapAgent - ok
    04:34:53.0265 1792 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    04:34:53.0281 1792 ohci1394 - ok
    04:34:53.0515 1792 omci (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\system32\DRIVERS\omci.sys
    04:34:53.0515 1792 omci - ok
    04:34:53.0703 1792 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
    04:34:53.0703 1792 P3 - ok
    04:34:53.0937 1792 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
    04:34:53.0937 1792 Parport - ok
    04:34:57.0843 1792 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    04:34:57.0843 1792 PartMgr - ok
    04:35:02.0890 1792 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
    04:35:02.0953 1792 ParVdm - ok
    04:35:03.0593 1792 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
    04:35:03.0593 1792 PCI - ok
    04:35:04.0234 1792 PCIDump - ok
    04:35:04.0546 1792 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
    04:35:04.0562 1792 PCIIde - ok
    04:35:04.0859 1792 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
    04:35:04.0859 1792 Pcmcia - ok
    04:35:05.0093 1792 PDCOMP - ok
    04:35:05.0328 1792 PDFRAME - ok
    04:35:05.0500 1792 PDRELI - ok
    04:35:05.0921 1792 PDRFRAME - ok
    04:35:06.0296 1792 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
    04:35:06.0296 1792 perc2 - ok
    04:35:06.0500 1792 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
    04:35:06.0500 1792 perc2hib - ok
    04:35:06.0875 1792 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
    04:35:06.0875 1792 pfc - ok
    04:35:07.0265 1792 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
    04:35:07.0265 1792 PlugPlay - ok
    04:35:07.0500 1792 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    04:35:07.0500 1792 PolicyAgent - ok
    04:35:07.0812 1792 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    04:35:07.0812 1792 PptpMiniport - ok
    04:35:08.0062 1792 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
    04:35:08.0078 1792 Processor - ok
    04:35:08.0296 1792 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    04:35:08.0296 1792 ProtectedStorage - ok
    04:35:08.0531 1792 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    04:35:08.0531 1792 PSched - ok
    04:35:08.0906 1792 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    04:35:08.0906 1792 Ptilink - ok
    04:35:09.0093 1792 pwd_2k - ok
    04:35:09.0296 1792 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    04:35:09.0296 1792 PxHelp20 - ok
    04:35:09.0531 1792 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
    04:35:09.0531 1792 ql1080 - ok
    04:35:09.0781 1792 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
    04:35:09.0781 1792 Ql10wnt - ok
    04:35:10.0062 1792 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
    04:35:10.0093 1792 ql12160 - ok
    04:35:10.0375 1792 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
    04:35:10.0375 1792 ql1240 - ok
    04:35:10.0625 1792 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
    04:35:10.0625 1792 ql1280 - ok
    04:35:11.0046 1792 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    04:35:11.0046 1792 RasAcd - ok
    04:35:11.0265 1792 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
    04:35:11.0281 1792 RasAuto - ok
    04:35:11.0515 1792 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    04:35:11.0515 1792 Rasl2tp - ok
    04:35:11.0859 1792 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
    04:35:11.0859 1792 RasMan - ok
    04:35:12.0234 1792 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    04:35:12.0234 1792 RasPppoe - ok
    04:35:12.0468 1792 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    04:35:12.0468 1792 Raspti - ok
    04:35:12.0671 1792 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    04:35:12.0671 1792 Rdbss - ok
    04:35:13.0140 1792 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    04:35:13.0140 1792 RDPCDD - ok
    04:35:13.0375 1792 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    04:35:13.0375 1792 rdpdr - ok
    04:35:13.0625 1792 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
    04:35:13.0625 1792 RDPWD - ok
    04:35:13.0953 1792 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
    04:35:13.0953 1792 RDSessMgr - ok
    04:35:14.0250 1792 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
    04:35:14.0250 1792 redbook - ok
    04:35:14.0453 1792 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
    04:35:14.0453 1792 RemoteAccess - ok
    04:35:14.0671 1792 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
    04:35:14.0671 1792 RpcLocator - ok
    04:35:15.0390 1792 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
    04:35:15.0390 1792 RpcSs - ok
    04:35:15.0593 1792 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
    04:35:15.0609 1792 RSVP - ok
    04:35:16.0187 1792 s117bus - ok
    04:35:16.0546 1792 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    04:35:16.0546 1792 SamSs - ok
    04:35:17.0171 1792 SbcpHid (30d94039a729571146eb9d736ec1aadd) C:\WINDOWS\system32\Drivers\SbcpHid.sys
    04:35:17.0171 1792 SbcpHid - ok
    04:35:17.0437 1792 ScanUSBEMPIA - ok
    04:35:17.0640 1792 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
    04:35:17.0640 1792 SCardSvr - ok
    04:35:18.0062 1792 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
    04:35:18.0078 1792 Schedule - ok
    04:35:18.0343 1792 SeagateDashboardService (16b44d246835eac156f8daf0aa4f530c) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
    04:35:18.0359 1792 SeagateDashboardService - ok
    04:35:18.0593 1792 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    04:35:18.0593 1792 Secdrv - ok
    04:35:19.0140 1792 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
    04:35:19.0140 1792 seclogon - ok
    04:35:19.0343 1792 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
    04:35:19.0343 1792 SENS - ok
    04:35:19.0562 1792 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    04:35:19.0562 1792 serenum - ok
    04:35:19.0750 1792 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
    04:35:19.0750 1792 Serial - ok
    04:35:20.0218 1792 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    04:35:20.0218 1792 Sfloppy - ok
    04:35:20.0437 1792 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
    04:35:20.0468 1792 SharedAccess - ok
    04:35:20.0703 1792 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    04:35:20.0703 1792 ShellHWDetection - ok
    04:35:21.0406 1792 Simbad - ok
    04:35:22.0468 1792 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
    04:35:22.0484 1792 sisagp - ok
    04:35:23.0875 1792 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    04:35:23.0968 1792 SLIP - ok
    04:35:25.0515 1792 smwdm (31fd0707c7dbe715234f2823b27214fe) C:\WINDOWS\system32\drivers\smwdm.sys
    04:35:25.0578 1792 smwdm - ok
    04:35:25.0968 1792 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
    04:35:25.0968 1792 Sparrow - ok
    04:35:26.0093 1792 SPF4 (7234e4b852f8fa0c48ff0e4fd7394490) C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    04:35:26.0156 1792 SPF4 - ok
    04:35:26.0359 1792 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    04:35:26.0359 1792 splitter - ok
    04:35:26.0593 1792 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
    04:35:26.0593 1792 Spooler - ok
    04:35:26.0703 1792 sprtsvc_dellsupportcenter - ok
    04:35:26.0937 1792 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
    04:35:26.0937 1792 sr - ok
    04:35:27.0171 1792 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
    04:35:27.0171 1792 srservice - ok
    04:35:27.0718 1792 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    04:35:27.0750 1792 Srv - ok
    04:35:27.0937 1792 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
    04:35:27.0953 1792 SSDPSRV - ok
    04:35:28.0140 1792 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
    04:35:28.0171 1792 stisvc - ok
    04:35:28.0406 1792 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    04:35:28.0406 1792 streamip - ok
    04:35:28.0609 1792 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    04:35:28.0609 1792 swenum - ok
    04:35:28.0859 1792 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    04:35:28.0859 1792 swmidi - ok
    04:35:29.0000 1792 SwPrv - ok
    04:35:29.0265 1792 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
    04:35:29.0265 1792 symc810 - ok
    04:35:29.0484 1792 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
    04:35:29.0484 1792 symc8xx - ok
    04:35:29.0703 1792 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
    04:35:29.0703 1792 sym_hi - ok
    04:35:29.0937 1792 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
    04:35:29.0937 1792 sym_u3 - ok
    04:35:30.0125 1792 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    04:35:30.0125 1792 sysaudio - ok
    04:35:30.0312 1792 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
    04:35:30.0328 1792 SysmonLog - ok
    04:35:30.0515 1792 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
    04:35:30.0531 1792 TapiSrv - ok
    04:35:30.0781 1792 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    04:35:30.0812 1792 Tcpip - ok
    04:35:31.0062 1792 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
    04:35:31.0078 1792 Tcpip6 - ok
    04:35:31.0296 1792 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    04:35:31.0296 1792 TDPIPE - ok
    04:35:31.0515 1792 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    04:35:31.0515 1792 TDTCP - ok
    04:35:31.0750 1792 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    04:35:31.0750 1792 TermDD - ok
    04:35:31.0937 1792 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
    04:35:31.0968 1792 TermService - ok
    04:35:32.0187 1792 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    04:35:32.0187 1792 Themes - ok
    04:35:32.0421 1792 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
    04:35:32.0421 1792 TosIde - ok
    04:35:32.0625 1792 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
    04:35:32.0625 1792 TrkWks - ok
    04:35:32.0843 1792 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
    04:35:32.0843 1792 tunmp - ok
    04:35:33.0078 1792 UdfReadr_xp (4e75005b74be901c30f2636df40b0c15) C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
    04:35:33.0093 1792 UdfReadr_xp - ok
    04:35:33.0312 1792 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    04:35:33.0312 1792 Udfs - ok
    04:35:33.0546 1792 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
    04:35:33.0546 1792 ultra - ok
    04:35:33.0812 1792 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    04:35:33.0859 1792 Update - ok
    04:35:34.0078 1792 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
    04:35:34.0078 1792 upnphost - ok
    04:35:34.0265 1792 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
    04:35:34.0265 1792 UPS - ok
    04:35:34.0468 1792 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
    04:35:34.0484 1792 usbaudio - ok
    04:35:34.0703 1792 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    04:35:34.0718 1792 usbccgp - ok
    04:35:34.0921 1792 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    04:35:34.0921 1792 usbehci - ok
    04:35:35.0140 1792 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    04:35:35.0140 1792 usbhub - ok
    04:35:35.0359 1792 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    04:35:35.0359 1792 usbprint - ok
    04:35:35.0609 1792 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    04:35:35.0625 1792 usbscan - ok
    04:35:35.0921 1792 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    04:35:35.0921 1792 USBSTOR - ok
    04:35:36.0156 1792 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    04:35:36.0171 1792 usbuhci - ok
    04:35:36.0421 1792 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
    04:35:36.0421 1792 usbvideo - ok
    04:35:36.0656 1792 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    04:35:36.0656 1792 VgaSave - ok
    04:35:36.0890 1792 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
    04:35:36.0890 1792 viaagp - ok
    04:35:37.0109 1792 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
    04:35:37.0109 1792 ViaIde - ok
    04:35:37.0328 1792 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
    04:35:37.0328 1792 VolSnap - ok
    04:35:37.0515 1792 vsdatant (d658e49302c382b88c8e9a08e20b2e82) C:\WINDOWS\system32\vsdatant.sys
    04:35:37.0531 1792 vsdatant - ok
    04:35:37.0734 1792 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
    04:35:37.0750 1792 VSS - ok
    04:35:37.0906 1792 vstor2-ws60 - ok
    04:35:38.0078 1792 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
    04:35:38.0093 1792 w32time - ok
    04:35:38.0234 1792 w810bus - ok
    04:35:38.0437 1792 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    04:35:38.0437 1792 Wanarp - ok
    04:35:38.0640 1792 wanatw - ok
    04:35:38.0812 1792 WDICA - ok
    04:35:39.0015 1792 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    04:35:39.0015 1792 wdmaud - ok
    04:35:39.0562 1792 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
    04:35:39.0562 1792 WebClient - ok
    04:35:39.0796 1792 winachsf (b3133dc158e59e80f5498484b0c2d558) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
    04:35:39.0828 1792 winachsf - ok
    04:35:40.0046 1792 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
    04:35:40.0046 1792 winmgmt - ok
    04:35:40.0156 1792 winvnc - ok
    04:35:40.0343 1792 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
    04:35:40.0359 1792 WmdmPmSN - ok
    04:35:40.0578 1792 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
    04:35:40.0578 1792 WmiApSrv - ok
    04:35:40.0703 1792 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
    04:35:40.0750 1792 WMPNetworkSvc - ok
    04:35:41.0000 1792 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
    04:35:41.0000 1792 WS2IFSL - ok
    04:35:41.0203 1792 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
    04:35:41.0203 1792 wscsvc - ok
    04:35:41.0437 1792 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    04:35:41.0437 1792 WSTCODEC - ok
    04:35:41.0625 1792 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
    04:35:41.0656 1792 wuauserv - ok
    04:35:41.0921 1792 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    04:35:41.0921 1792 WudfPf - ok
    04:35:42.0156 1792 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    04:35:42.0156 1792 WudfRd - ok
    04:35:42.0390 1792 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
    04:35:42.0406 1792 WudfSvc - ok
    04:35:42.0609 1792 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
    04:35:42.0640 1792 WZCSVC - ok
    04:35:42.0843 1792 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
    04:35:42.0843 1792 xmlprov - ok
    04:35:42.0984 1792 ZipToA - ok
    04:35:43.0140 1792 zntport - ok
    04:35:43.0187 1792 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
    04:35:43.0390 1792 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
    04:35:43.0390 1792 \Device\Harddisk0\DR0 - detected TDSS File System (1)
    04:35:43.0421 1792 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR3
    04:35:43.0656 1792 \Device\Harddisk1\DR3 - ok
    04:35:43.0656 1792 Boot (0x1200) (55cd1445d417b298309f5f2904f56d8e) \Device\Harddisk0\DR0\Partition0
    04:35:43.0656 1792 \Device\Harddisk0\DR0\Partition0 - ok
    04:35:43.0671 1792 Boot (0x1200) (c45049ff86f03609c04f2db21fe9b167) \Device\Harddisk1\DR3\Partition0
    04:35:43.0671 1792 \Device\Harddisk1\DR3\Partition0 - ok
    04:35:43.0671 1792 ============================================================
    04:35:43.0671 1792 Scan finished
    04:35:43.0671 1792 ============================================================
    04:35:43.0703 4084 Detected object count: 1
    04:35:43.0703 4084 Actual detected object count: 1
    04:36:21.0593 4084 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
    04:36:21.0593 4084 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
    04:37:00.0796 2604 Deinitialize success

  3. #53
    Security Expert jeffce's Avatar
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,039

    Default

    Hi,

    That was a bad one there. Run TDSSKiller again and then when you get to this entry >> \Device\Harddisk0\DR0 ( TDSS File System ) be sure to Delete that one. Then run a new scan with TDSSKiller.
    http://i1224.photobucket.com/albums/ee380/jeffce74/Bleedingbanner2.jpg

  4. #54
    Member
    Join Date
    Apr 2012
    Posts
    46

    Default

    I rescanned, chose delete, and then rebooted. Then I ran the scan again. Here is the log:

    07:57:05.0140 2948 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
    07:57:05.0625 2948 ============================================================
    07:57:05.0625 2948 Current date / time: 2012/04/19 07:57:05.0625
    07:57:05.0625 2948 SystemInfo:
    07:57:05.0625 2948
    07:57:05.0625 2948 OS Version: 5.1.2600 ServicePack: 3.0
    07:57:05.0625 2948 Product type: Workstation
    07:57:05.0625 2948 ComputerName: MJH
    07:57:05.0625 2948 UserName: Mike Hoover
    07:57:05.0625 2948 Windows directory: C:\WINDOWS
    07:57:05.0625 2948 System windows directory: C:\WINDOWS
    07:57:05.0625 2948 Processor architecture: Intel x86
    07:57:05.0625 2948 Number of processors: 1
    07:57:05.0625 2948 Page size: 0x1000
    07:57:05.0625 2948 Boot type: Normal boot
    07:57:05.0625 2948 ============================================================
    07:57:09.0703 2948 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
    07:57:09.0734 2948 Drive \Device\Harddisk1\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
    07:57:09.0734 2948 \Device\Harddisk0\DR0:
    07:57:09.0750 2948 MBR partitions:
    07:57:09.0750 2948 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x94EAFF8
    07:57:09.0750 2948 \Device\Harddisk1\DR3:
    07:57:09.0750 2948 MBR partitions:
    07:57:09.0750 2948 \Device\Harddisk1\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
    07:57:09.0906 2948 C: <-> \Device\Harddisk0\DR0\Partition0
    07:57:09.0968 2948 F: <-> \Device\Harddisk1\DR3\Partition0
    07:57:09.0968 2948 Initialize success
    07:57:09.0968 2948 ============================================================
    07:57:21.0062 3608 ============================================================
    07:57:21.0062 3608 Scan started
    07:57:21.0062 3608 Mode: Manual; TDLFS;
    07:57:21.0062 3608 ============================================================
    07:57:24.0218 3608 6to4 (c07d5197410aab28d0d93f943f59656d) C:\WINDOWS\System32\6to4svc.dll
    07:57:24.0312 3608 6to4 - ok
    07:57:25.0296 3608 Abiosdsk - ok
    07:57:27.0062 3608 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
    07:57:27.0250 3608 abp480n5 - ok
    07:57:28.0937 3608 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    07:57:29.0343 3608 ACPI - ok
    07:57:30.0328 3608 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
    07:57:30.0343 3608 ACPIEC - ok
    07:57:31.0046 3608 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
    07:57:31.0156 3608 adpu160m - ok
    07:57:32.0171 3608 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
    07:57:32.0203 3608 aeaudio - ok
    07:57:33.0609 3608 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    07:57:33.0640 3608 aec - ok
    07:57:34.0156 3608 aegisp - ok
    07:57:35.0531 3608 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
    07:57:35.0531 3608 AFD - ok
    07:57:36.0390 3608 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
    07:57:36.0421 3608 agp440 - ok
    07:57:37.0093 3608 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
    07:57:37.0156 3608 agpCPQ - ok
    07:57:38.0437 3608 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
    07:57:38.0484 3608 Aha154x - ok
    07:57:39.0953 3608 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
    07:57:40.0000 3608 aic78u2 - ok
    07:57:40.0312 3608 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
    07:57:40.0312 3608 aic78xx - ok
    07:57:40.0515 3608 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
    07:57:40.0515 3608 Alerter - ok
    07:57:40.0734 3608 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
    07:57:40.0734 3608 ALG - ok
    07:57:41.0000 3608 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
    07:57:41.0000 3608 AliIde - ok
    07:57:41.0265 3608 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
    07:57:41.0265 3608 alim1541 - ok
    07:57:41.0531 3608 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
    07:57:41.0546 3608 amdagp - ok
    07:57:42.0078 3608 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
    07:57:42.0078 3608 amsint - ok
    07:57:42.0265 3608 AppMgmt - ok
    07:57:42.0500 3608 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    07:57:42.0515 3608 Arp1394 - ok
    07:57:42.0750 3608 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
    07:57:42.0750 3608 asc - ok
    07:57:43.0015 3608 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
    07:57:43.0031 3608 asc3350p - ok
    07:57:43.0296 3608 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
    07:57:43.0296 3608 asc3550 - ok
    07:57:43.0515 3608 Aspi32 - ok
    07:57:43.0718 3608 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
    07:57:43.0750 3608 aspnet_state - ok
    07:57:44.0000 3608 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    07:57:44.0015 3608 AsyncMac - ok
    07:57:44.0281 3608 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    07:57:44.0281 3608 atapi - ok
    07:57:44.0484 3608 Atdisk - ok
    07:57:44.0625 3608 atikmdag - ok
    07:57:44.0968 3608 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    07:57:44.0968 3608 Atmarpc - ok
    07:57:45.0312 3608 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
    07:57:45.0328 3608 AudioSrv - ok
    07:57:45.0781 3608 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    07:57:45.0796 3608 audstub - ok
    07:57:45.0968 3608 Basics Service (55fed228fe147ecb9c47a1c55388896e) C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
    07:57:46.0093 3608 Basics Service - ok
    07:57:46.0484 3608 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    07:57:46.0484 3608 Beep - ok
    07:57:47.0656 3608 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
    07:57:48.0281 3608 BITS - ok
    07:57:48.0656 3608 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
    07:57:48.0671 3608 Bridge - ok
    07:57:48.0687 3608 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
    07:57:48.0687 3608 BridgeMP - ok
    07:57:49.0062 3608 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
    07:57:49.0078 3608 Browser - ok
    07:57:49.0343 3608 catchme - ok
    07:57:49.0890 3608 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
    07:57:49.0921 3608 cbidf - ok
    07:57:50.0562 3608 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    07:57:50.0562 3608 cbidf2k - ok
    07:57:51.0078 3608 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    07:57:51.0109 3608 CCDECODE - ok
    07:57:51.0875 3608 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
    07:57:51.0937 3608 cd20xrnt - ok
    07:57:52.0531 3608 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    07:57:52.0546 3608 Cdaudio - ok
    07:57:52.0968 3608 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    07:57:53.0000 3608 Cdfs - ok
    07:57:53.0578 3608 Cdr4_xp (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
    07:57:53.0578 3608 Cdr4_xp - ok
    07:57:54.0078 3608 Cdralw2k (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
    07:57:54.0078 3608 Cdralw2k - ok
    07:57:54.0546 3608 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    07:57:54.0546 3608 Cdrom - ok
    07:57:54.0906 3608 cdudf_xp (cfd81f2140193fc7f1812e6d6eaf6795) C:\WINDOWS\system32\drivers\cdudf_xp.sys
    07:57:54.0937 3608 cdudf_xp - ok
    07:57:55.0359 3608 Changer - ok
    07:57:55.0906 3608 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
    07:57:55.0968 3608 CiSvc - ok
    07:57:56.0562 3608 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
    07:57:56.0578 3608 ClipSrv - ok
    07:57:56.0953 3608 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    07:57:57.0453 3608 clr_optimization_v2.0.50727_32 - ok
    07:57:58.0031 3608 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
    07:57:58.0031 3608 CmdIde - ok
    07:57:58.0593 3608 COMSysApp - ok
    07:57:59.0187 3608 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
    07:57:59.0187 3608 Cpqarray - ok
    07:57:59.0796 3608 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
    07:57:59.0796 3608 CryptSvc - ok
    07:58:00.0218 3608 ctdvda2k - ok
    07:58:00.0593 3608 CVirtA - ok
    07:58:01.0046 3608 CVPND (7e1a89338d8b7e1fde676fc2df0b399f) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    07:58:01.0312 3608 CVPND - ok
    07:58:01.0593 3608 CVPNDRVA - ok
    07:58:02.0328 3608 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
    07:58:02.0375 3608 dac2w2k - ok
    07:58:03.0500 3608 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
    07:58:03.0515 3608 dac960nt - ok
    07:58:03.0953 3608 DCamUSBEMPIA - ok
    07:58:04.0421 3608 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
    07:58:04.0453 3608 DcomLaunch - ok
    07:58:04.0859 3608 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
    07:58:04.0875 3608 Dhcp - ok
    07:58:05.0578 3608 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\DISK.SYS
    07:58:05.0593 3608 Disk - ok
    07:58:06.0203 3608 dmadmin - ok
    07:58:07.0265 3608 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
    07:58:07.0484 3608 dmboot - ok
    07:58:08.0109 3608 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
    07:58:08.0125 3608 dmio - ok
    07:58:08.0843 3608 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    07:58:08.0843 3608 dmload - ok
    07:58:09.0312 3608 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
    07:58:09.0328 3608 dmserver - ok
    07:58:10.0031 3608 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    07:58:10.0046 3608 DMusic - ok
    07:58:10.0453 3608 DNE - ok
    07:58:11.0234 3608 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
    07:58:11.0234 3608 Dnscache - ok
    07:58:11.0656 3608 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
    07:58:11.0687 3608 Dot3svc - ok
    07:58:12.0281 3608 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
    07:58:12.0328 3608 dpti2o - ok
    07:58:12.0984 3608 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    07:58:12.0984 3608 drmkaud - ok
    07:58:13.0328 3608 DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
    07:58:13.0437 3608 DSBrokerService - ok
    07:58:13.0828 3608 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
    07:58:13.0859 3608 DSproct - ok
    07:58:14.0453 3608 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
    07:58:14.0468 3608 dsunidrv - ok
    07:58:14.0953 3608 dvd_2K - ok
    07:58:15.0687 3608 E100B (98b46b331404a951cabad8b4877e1276) C:\WINDOWS\system32\DRIVERS\e100b325.sys
    07:58:15.0718 3608 E100B - ok
    07:58:16.0359 3608 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
    07:58:16.0359 3608 EapHost - ok
    07:58:17.0000 3608 efs - ok
    07:58:17.0750 3608 EL90XBC - ok
    07:58:18.0375 3608 emAudio (e63252dc23558bacadcd2d1767bd8c47) C:\WINDOWS\system32\drivers\emAudio.sys
    07:58:18.0390 3608 emAudio - ok
    07:58:19.0140 3608 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
    07:58:19.0140 3608 ERSvc - ok
    07:58:19.0750 3608 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
    07:58:19.0796 3608 Eventlog - ok
    07:58:20.0562 3608 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
    07:58:20.0625 3608 EventSystem - ok
    07:58:21.0406 3608 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    07:58:21.0421 3608 Fastfat - ok
    07:58:21.0812 3608 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    07:58:21.0843 3608 FastUserSwitchingCompatibility - ok
    07:58:22.0296 3608 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
    07:58:22.0296 3608 Fdc - ok
    07:58:22.0718 3608 FilterService (50104c5f1ee1e295781caf9521ca2e56) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
    07:58:22.0718 3608 FilterService - ok
    07:58:23.0109 3608 FiltUSBEMPIA - ok
    07:58:23.0515 3608 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
    07:58:23.0515 3608 Fips - ok
    07:58:23.0828 3608 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    07:58:23.0828 3608 Flpydisk - ok
    07:58:24.0250 3608 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    07:58:24.0250 3608 FltMgr - ok
    07:58:24.0937 3608 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    07:58:24.0968 3608 FontCache3.0.0.0 - ok
    07:58:25.0640 3608 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    07:58:25.0640 3608 Fs_Rec - ok
    07:58:26.0296 3608 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    07:58:26.0328 3608 Ftdisk - ok
    07:58:26.0906 3608 fwdrv (3a3929b7a0eeef83df3a6c81e43a1fa9) C:\WINDOWS\system32\drivers\fwdrv.sys
    07:58:26.0968 3608 fwdrv - ok
    07:58:27.0593 3608 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    07:58:27.0609 3608 Gpc - ok
    07:58:28.0000 3608 GT680x - ok
    07:58:28.0375 3608 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
    07:58:28.0390 3608 helpsvc - ok
    07:58:28.0812 3608 HFACSVC - ok
    07:58:29.0140 3608 HidServ - ok
    07:58:29.0656 3608 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
    07:58:29.0671 3608 hkmsvc - ok
    07:58:30.0031 3608 houdiniserver - ok
    07:58:30.0609 3608 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
    07:58:30.0625 3608 hpn - ok
    07:58:31.0109 3608 HSFHWBS2 (96fae6dc24574b1cb08dcf9d984a5be4) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
    07:58:31.0140 3608 HSFHWBS2 - ok
    07:58:31.0890 3608 HSF_DP (2efa8dd8b0270a3a7202ce5f4da465b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
    07:58:32.0343 3608 HSF_DP - ok
    07:58:32.0859 3608 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    07:58:32.0890 3608 HTTP - ok
    07:58:33.0375 3608 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
    07:58:33.0390 3608 HTTPFilter - ok
    07:58:33.0937 3608 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
    07:58:33.0937 3608 i2omgmt - ok
    07:58:34.0421 3608 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
    07:58:34.0437 3608 i2omp - ok
    07:58:34.0906 3608 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    07:58:34.0921 3608 i8042prt - ok
    07:58:35.0468 3608 i81x - ok
    07:58:35.0984 3608 iAimFP0 - ok
    07:58:36.0531 3608 iAimFP1 - ok
    07:58:37.0140 3608 iAimFP2 - ok
    07:58:37.0562 3608 iAimFP3 - ok
    07:58:38.0046 3608 iAimFP4 - ok
    07:58:38.0531 3608 iAimTV0 - ok
    07:58:38.0890 3608 iAimTV1 - ok
    07:58:39.0359 3608 iAimTV2 - ok
    07:58:39.0906 3608 iAimTV3 - ok
    07:58:40.0484 3608 iAimTV4 - ok
    07:58:41.0015 3608 icm10blk - ok
    07:58:41.0375 3608 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    07:58:41.0500 3608 IDriverT - ok
    07:58:42.0203 3608 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    07:58:42.0437 3608 idsvc - ok
    07:58:42.0953 3608 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    07:58:43.0000 3608 Imapi - ok
    07:58:43.0546 3608 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
    07:58:43.0562 3608 ImapiService - ok
    07:58:44.0078 3608 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
    07:58:44.0093 3608 ini910u - ok
    07:58:45.0093 3608 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
    07:58:45.0140 3608 IntelIde - ok
    07:58:46.0500 3608 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    07:58:46.0531 3608 intelppm - ok
    07:58:48.0375 3608 IomegaAccess - ok
    07:58:52.0687 3608 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    07:58:52.0734 3608 ip6fw - ok
    07:58:57.0312 3608 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    07:58:57.0343 3608 IpFilterDriver - ok
    07:59:00.0843 3608 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    07:59:00.0859 3608 IpInIp - ok
    07:59:01.0968 3608 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    07:59:01.0984 3608 IpNat - ok
    07:59:02.0359 3608 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    07:59:02.0375 3608 IPSec - ok
    07:59:02.0562 3608 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    07:59:02.0562 3608 IRENUM - ok
    07:59:02.0765 3608 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    07:59:02.0765 3608 isapnp - ok
    07:59:02.0953 3608 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
    07:59:02.0953 3608 JavaQuickStarterService - ok
    07:59:03.0218 3608 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    07:59:03.0218 3608 Kbdclass - ok
    07:59:03.0406 3608 khips (d44c0f4fc254344bad74581632339963) C:\WINDOWS\system32\drivers\khips.sys
    07:59:03.0406 3608 khips - ok
    07:59:03.0843 3608 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    07:59:03.0859 3608 kmixer - ok
    07:59:04.0265 3608 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    07:59:04.0265 3608 KSecDD - ok
    07:59:04.0609 3608 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
    07:59:04.0609 3608 lanmanserver - ok
    07:59:05.0078 3608 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
    07:59:05.0109 3608 lanmanworkstation - ok
    07:59:05.0390 3608 lanusb - ok
    07:59:05.0718 3608 lbrtfdc - ok
    07:59:06.0046 3608 LexBceS (adcc087837f30e257ba794a50817aa9e) C:\WINDOWS\system32\LEXBCES.EXE
    07:59:06.0046 3608 LexBceS - ok
    07:59:06.0375 3608 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
    07:59:06.0390 3608 LmHosts - ok
    07:59:07.0203 3608 LVCOMSer (38440fe1a65b1fe3d246c5c4cad22f53) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    07:59:07.0218 3608 LVCOMSer - ok
    07:59:07.0578 3608 LVPr2Mon (a6919138f29ae45e90e99fa94737e04c) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
    07:59:07.0578 3608 LVPr2Mon - ok
    07:59:07.0750 3608 LVPrcSrv (28bd0e4b6c050b591b8cb35b9ad284e6) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    07:59:07.0765 3608 LVPrcSrv - ok
    07:59:08.0171 3608 LVRS (b895839b8743e400d7c7dae156f74e7e) C:\WINDOWS\system32\DRIVERS\lvrs.sys
    07:59:08.0203 3608 LVRS - ok
    07:59:08.0625 3608 LVUSBSta (23f8ef78bb9553e465a476f3cee5ca18) C:\WINDOWS\system32\drivers\LVUSBSta.sys
    07:59:08.0640 3608 LVUSBSta - ok
    07:59:09.0609 3608 LVUVC (8bc0d5f6e3898f465a94c6d03afb5a20) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
    07:59:10.0796 3608 LVUVC - ok
    07:59:11.0140 3608 mdmxsdk (aeb54ef22cb7c7e3f405f69f048d696c) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
    07:59:11.0156 3608 mdmxsdk - ok
    07:59:11.0734 3608 MemeoBackgroundService (9547f37d0e899fd71b52b2afd4437c79) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
    07:59:11.0750 3608 MemeoBackgroundService - ok
    07:59:12.0375 3608 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
    07:59:12.0390 3608 Messenger - ok
    07:59:13.0187 3608 mmc_2K - ok
    07:59:14.0406 3608 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    07:59:14.0421 3608 mnmdd - ok
    07:59:15.0531 3608 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
    07:59:15.0578 3608 mnmsrvc - ok
    07:59:16.0781 3608 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
    07:59:16.0796 3608 Modem - ok
    07:59:18.0812 3608 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    07:59:18.0828 3608 Mouclass - ok
    07:59:19.0734 3608 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    07:59:19.0750 3608 MountMgr - ok
    07:59:20.0109 3608 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
    07:59:20.0125 3608 mraid35x - ok
    07:59:20.0375 3608 MRENDIS5 - ok
    07:59:20.0843 3608 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    07:59:20.0859 3608 MRxDAV - ok
    07:59:21.0296 3608 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    07:59:21.0328 3608 MRxSmb - ok
    07:59:21.0734 3608 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
    07:59:21.0734 3608 MSDTC - ok
    07:59:22.0125 3608 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    07:59:22.0125 3608 Msfs - ok
    07:59:22.0437 3608 MSIServer - ok
    07:59:22.0765 3608 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    07:59:22.0781 3608 MSKSSRV - ok
    07:59:23.0062 3608 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    07:59:23.0062 3608 MSPCLOCK - ok
    07:59:23.0375 3608 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    07:59:23.0375 3608 MSPQM - ok
    07:59:23.0656 3608 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    07:59:23.0687 3608 mssmbios - ok
    07:59:24.0046 3608 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    07:59:24.0046 3608 MSTEE - ok
    07:59:24.0218 3608 MTK - ok
    07:59:24.0406 3608 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
    07:59:24.0406 3608 Mup - ok
    07:59:24.0609 3608 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    07:59:24.0609 3608 NABTSFEC - ok
    07:59:24.0921 3608 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
    07:59:24.0953 3608 napagent - ok
    07:59:25.0250 3608 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    07:59:25.0265 3608 NDIS - ok
    07:59:25.0453 3608 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    07:59:25.0453 3608 NdisIP - ok
    07:59:25.0640 3608 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    07:59:25.0640 3608 NdisTapi - ok
    07:59:25.0843 3608 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    07:59:25.0843 3608 Ndisuio - ok
    07:59:26.0062 3608 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    07:59:26.0062 3608 NdisWan - ok
    07:59:26.0250 3608 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    07:59:26.0250 3608 NDProxy - ok
    07:59:26.0468 3608 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    07:59:26.0468 3608 NetBIOS - ok
    07:59:26.0656 3608 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    07:59:26.0656 3608 NetBT - ok
    07:59:26.0843 3608 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
    07:59:26.0843 3608 NetDDE - ok
    07:59:26.0843 3608 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
    07:59:26.0843 3608 NetDDEdsdm - ok
    07:59:27.0046 3608 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    07:59:27.0046 3608 Netlogon - ok
    07:59:27.0218 3608 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
    07:59:27.0218 3608 Netman - ok
    07:59:27.0359 3608 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    07:59:27.0359 3608 NetTcpPortSharing - ok
    07:59:27.0562 3608 NgFilter (19cadea89c6577315b76f016f6da802d) C:\WINDOWS\system32\DRIVERS\ngfilter.sys
    07:59:27.0562 3608 NgFilter - ok
    07:59:27.0750 3608 NgLog (3608c65f0db2fc2d73d859d1c192c575) C:\WINDOWS\system32\DRIVERS\nglog.sys
    07:59:27.0750 3608 NgLog - ok
    07:59:27.0953 3608 NgVpn (83d5bc84a9ab622170eea134c2087121) C:\WINDOWS\system32\DRIVERS\ngvpn.sys
    07:59:27.0968 3608 NgVpn - ok
    07:59:28.0203 3608 NgVpnMgr (891fe6fe51a495502d272e3c34627f65) C:\WINDOWS\system32\ngvpnmgr.exe
    07:59:28.0218 3608 NgVpnMgr - ok
    07:59:28.0421 3608 NgWfp (833fedde4a87a744d9400f6cda35737c) C:\WINDOWS\system32\DRIVERS\ngwfp.sys
    07:59:28.0421 3608 NgWfp - ok
    07:59:28.0609 3608 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
    07:59:28.0609 3608 NIC1394 - ok
    07:59:28.0796 3608 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
    07:59:28.0796 3608 Nla - ok
    07:59:29.0000 3608 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
    07:59:29.0000 3608 nm - ok
    07:59:29.0203 3608 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    07:59:29.0203 3608 Npfs - ok
    07:59:29.0312 3608 nsm1bus - ok
    07:59:29.0546 3608 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    07:59:29.0593 3608 Ntfs - ok
    07:59:29.0750 3608 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
    07:59:29.0750 3608 NtLmSsp - ok
    07:59:29.0937 3608 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
    07:59:29.0968 3608 NtmsSvc - ok
    07:59:30.0187 3608 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    07:59:30.0187 3608 Null - ok
    07:59:30.0437 3608 nv (1685a86ce8dc5a70d307dca625fb50e7) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    07:59:30.0515 3608 nv - ok
    07:59:30.0703 3608 NVSvc (697a09635e30d3722e1124ec33face15) C:\WINDOWS\system32\nvsvc32.exe
    07:59:30.0703 3608 NVSvc - ok
    07:59:30.0921 3608 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    07:59:30.0921 3608 NwlnkFlt - ok
    07:59:31.0140 3608 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    07:59:31.0140 3608 NwlnkFwd - ok
    07:59:31.0343 3608 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
    07:59:31.0343 3608 NwlnkIpx - ok
    07:59:31.0546 3608 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
    07:59:31.0546 3608 NwlnkNb - ok
    07:59:31.0750 3608 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
    07:59:31.0765 3608 NwlnkSpx - ok
    07:59:31.0937 3608 NwSapAgent (4b83fcbbe72af5f99d109798653e8b78) C:\WINDOWS\System32\ipxsap.dll
    07:59:31.0968 3608 NwSapAgent - ok
    07:59:32.0187 3608 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    07:59:32.0187 3608 ohci1394 - ok
    07:59:32.0359 3608 omci (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\system32\DRIVERS\omci.sys
    07:59:32.0375 3608 omci - ok
    07:59:32.0562 3608 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
    07:59:32.0562 3608 P3 - ok
    07:59:32.0765 3608 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
    07:59:32.0765 3608 Parport - ok
    07:59:32.0968 3608 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    07:59:32.0968 3608 PartMgr - ok
    07:59:33.0171 3608 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
    07:59:33.0171 3608 ParVdm - ok
    07:59:33.0390 3608 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
    07:59:33.0390 3608 PCI - ok
    07:59:33.0546 3608 PCIDump - ok
    07:59:33.0781 3608 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
    07:59:33.0781 3608 PCIIde - ok
    07:59:33.0984 3608 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
    07:59:34.0000 3608 Pcmcia - ok
    07:59:34.0203 3608 PDCOMP - ok
    07:59:34.0406 3608 PDFRAME - ok
    07:59:34.0593 3608 PDRELI - ok
    07:59:34.0781 3608 PDRFRAME - ok
    07:59:35.0015 3608 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
    07:59:35.0031 3608 perc2 - ok
    07:59:35.0218 3608 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
    07:59:35.0218 3608 perc2hib - ok
    07:59:35.0421 3608 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
    07:59:35.0421 3608 pfc - ok
    07:59:35.0593 3608 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
    07:59:35.0593 3608 PlugPlay - ok
    07:59:35.0781 3608 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    07:59:35.0781 3608 PolicyAgent - ok
    07:59:36.0031 3608 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    07:59:36.0046 3608 PptpMiniport - ok
    07:59:36.0250 3608 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
    07:59:36.0250 3608 Processor - ok
    07:59:36.0484 3608 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    07:59:36.0484 3608 ProtectedStorage - ok
    07:59:36.0671 3608 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    07:59:36.0671 3608 PSched - ok
    07:59:36.0828 3608 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    07:59:36.0843 3608 Ptilink - ok
    07:59:37.0000 3608 pwd_2k - ok
    07:59:37.0218 3608 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    07:59:37.0218 3608 PxHelp20 - ok
    07:59:37.0437 3608 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
    07:59:37.0437 3608 ql1080 - ok
    07:59:37.0687 3608 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
    07:59:37.0687 3608 Ql10wnt - ok
    07:59:37.0937 3608 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
    07:59:37.0937 3608 ql12160 - ok
    07:59:38.0187 3608 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
    07:59:38.0187 3608 ql1240 - ok
    07:59:38.0406 3608 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
    07:59:38.0406 3608 ql1280 - ok
    07:59:38.0609 3608 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    07:59:38.0609 3608 RasAcd - ok
    07:59:38.0765 3608 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
    07:59:38.0765 3608 RasAuto - ok
    07:59:38.0968 3608 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    07:59:38.0968 3608 Rasl2tp - ok
    07:59:39.0125 3608 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
    07:59:39.0140 3608 RasMan - ok
    07:59:39.0343 3608 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    07:59:39.0359 3608 RasPppoe - ok
    07:59:39.0546 3608 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    07:59:39.0546 3608 Raspti - ok
    07:59:39.0781 3608 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    07:59:39.0781 3608 Rdbss - ok
    07:59:40.0000 3608 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    07:59:40.0000 3608 RDPCDD - ok
    07:59:40.0203 3608 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    07:59:40.0218 3608 rdpdr - ok
    07:59:40.0453 3608 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
    07:59:40.0453 3608 RDPWD - ok
    07:59:40.0656 3608 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
    07:59:40.0656 3608 RDSessMgr - ok
    07:59:40.0875 3608 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
    07:59:40.0875 3608 redbook - ok
    07:59:41.0031 3608 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
    07:59:41.0046 3608 RemoteAccess - ok
    07:59:41.0234 3608 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
    07:59:41.0234 3608 RpcLocator - ok
    07:59:41.0453 3608 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
    07:59:41.0500 3608 RpcSs - ok
    07:59:41.0687 3608 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
    07:59:41.0703 3608 RSVP - ok
    07:59:41.0812 3608 s117bus - ok
    07:59:42.0000 3608 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    07:59:42.0000 3608 SamSs - ok
    07:59:42.0296 3608 SbcpHid (30d94039a729571146eb9d736ec1aadd) C:\WINDOWS\system32\Drivers\SbcpHid.sys
    07:59:42.0296 3608 SbcpHid - ok
    07:59:42.0468 3608 ScanUSBEMPIA - ok
    07:59:42.0656 3608 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
    07:59:42.0656 3608 SCardSvr - ok
    07:59:42.0828 3608 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
    07:59:42.0828 3608 Schedule - ok
    07:59:42.0937 3608 SeagateDashboardService (16b44d246835eac156f8daf0aa4f530c) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
    07:59:42.0937 3608 SeagateDashboardService - ok
    07:59:43.0156 3608 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    07:59:43.0156 3608 Secdrv - ok
    07:59:43.0328 3608 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
    07:59:43.0328 3608 seclogon - ok
    07:59:43.0484 3608 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
    07:59:43.0484 3608 SENS - ok
    07:59:43.0656 3608 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    07:59:43.0656 3608 serenum - ok
    07:59:43.0875 3608 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
    07:59:43.0890 3608 Serial - ok
    07:59:44.0078 3608 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    07:59:44.0078 3608 Sfloppy - ok
    07:59:44.0234 3608 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
    07:59:44.0281 3608 SharedAccess - ok
    07:59:44.0468 3608 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    07:59:44.0484 3608 ShellHWDetection - ok
    07:59:44.0656 3608 Simbad - ok
    07:59:44.0921 3608 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
    07:59:44.0921 3608 sisagp - ok
    07:59:45.0140 3608 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    07:59:45.0140 3608 SLIP - ok
    07:59:45.0375 3608 smwdm (31fd0707c7dbe715234f2823b27214fe) C:\WINDOWS\system32\drivers\smwdm.sys
    07:59:45.0390 3608 smwdm - ok
    07:59:45.0609 3608 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
    07:59:45.0609 3608 Sparrow - ok
    07:59:45.0750 3608 SPF4 (7234e4b852f8fa0c48ff0e4fd7394490) C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    07:59:45.0781 3608 SPF4 - ok
    07:59:46.0000 3608 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    07:59:46.0000 3608 splitter - ok
    07:59:46.0203 3608 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
    07:59:46.0203 3608 Spooler - ok
    07:59:46.0296 3608 sprtsvc_dellsupportcenter - ok
    07:59:46.0500 3608 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
    07:59:46.0500 3608 sr - ok
    07:59:46.0687 3608 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
    07:59:46.0703 3608 srservice - ok
    07:59:46.0921 3608 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    07:59:46.0953 3608 Srv - ok
    07:59:47.0125 3608 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
    07:59:47.0125 3608 SSDPSRV - ok
    07:59:47.0296 3608 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
    07:59:47.0343 3608 stisvc - ok
    07:59:47.0562 3608 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    07:59:47.0562 3608 streamip - ok
    07:59:47.0765 3608 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    07:59:47.0781 3608 swenum - ok
    07:59:48.0000 3608 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    07:59:48.0000 3608 swmidi - ok
    07:59:48.0187 3608 SwPrv - ok
    07:59:48.0406 3608 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
    07:59:48.0406 3608 symc810 - ok
    07:59:48.0609 3608 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
    07:59:48.0609 3608 symc8xx - ok
    07:59:48.0812 3608 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
    07:59:48.0812 3608 sym_hi - ok
    07:59:49.0031 3608 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
    07:59:49.0031 3608 sym_u3 - ok
    07:59:49.0250 3608 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    07:59:49.0250 3608 sysaudio - ok
    07:59:49.0437 3608 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
    07:59:49.0437 3608 SysmonLog - ok
    07:59:49.0625 3608 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
    07:59:49.0656 3608 TapiSrv - ok
    07:59:49.0937 3608 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    07:59:49.0984 3608 Tcpip - ok
    07:59:50.0234 3608 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
    07:59:50.0250 3608 Tcpip6 - ok
    07:59:50.0515 3608 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    07:59:50.0515 3608 TDPIPE - ok
    07:59:50.0718 3608 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    07:59:50.0718 3608 TDTCP - ok
    07:59:50.0921 3608 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    07:59:50.0921 3608 TermDD - ok
    07:59:51.0093 3608 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
    07:59:51.0125 3608 TermService - ok
    07:59:51.0328 3608 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    07:59:51.0343 3608 Themes - ok
    07:59:51.0546 3608 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
    07:59:51.0546 3608 TosIde - ok
    07:59:51.0750 3608 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
    07:59:51.0750 3608 TrkWks - ok
    07:59:51.0968 3608 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
    07:59:51.0968 3608 tunmp - ok
    07:59:52.0203 3608 UdfReadr_xp (4e75005b74be901c30f2636df40b0c15) C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
    07:59:52.0218 3608 UdfReadr_xp - ok
    07:59:52.0437 3608 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    07:59:52.0437 3608 Udfs - ok
    07:59:52.0656 3608 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
    07:59:52.0656 3608 ultra - ok
    07:59:52.0906 3608 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    07:59:52.0937 3608 Update - ok
    07:59:53.0125 3608 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
    07:59:53.0140 3608 upnphost - ok
    07:59:53.0328 3608 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
    07:59:53.0343 3608 UPS - ok
    07:59:53.0546 3608 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
    07:59:53.0546 3608 usbaudio - ok
    07:59:53.0765 3608 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    07:59:53.0765 3608 usbccgp - ok
    07:59:53.0984 3608 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    07:59:53.0984 3608 usbehci - ok
    07:59:54.0218 3608 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    07:59:54.0218 3608 usbhub - ok
    07:59:54.0437 3608 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    07:59:54.0437 3608 usbprint - ok
    07:59:54.0656 3608 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    07:59:54.0656 3608 usbscan - ok
    07:59:54.0890 3608 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    07:59:54.0890 3608 USBSTOR - ok
    07:59:55.0937 3608 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    07:59:55.0953 3608 usbuhci - ok
    07:59:57.0000 3608 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
    07:59:57.0046 3608 usbvideo - ok
    07:59:58.0234 3608 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    07:59:58.0250 3608 VgaSave - ok
    07:59:59.0421 3608 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
    07:59:59.0421 3608 viaagp - ok
    07:59:59.0640 3608 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
    07:59:59.0640 3608 ViaIde - ok
    07:59:59.0875 3608 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
    07:59:59.0875 3608 VolSnap - ok
    08:00:00.0062 3608 vsdatant (d658e49302c382b88c8e9a08e20b2e82) C:\WINDOWS\system32\vsdatant.sys
    08:00:00.0062 3608 vsdatant - ok
    08:00:00.0296 3608 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
    08:00:00.0296 3608 VSS - ok
    08:00:00.0453 3608 vstor2-ws60 - ok
    08:00:00.0625 3608 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
    08:00:00.0640 3608 w32time - ok
    08:00:00.0781 3608 w810bus - ok
    08:00:01.0031 3608 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    08:00:01.0031 3608 Wanarp - ok
    08:00:01.0218 3608 wanatw - ok
    08:00:01.0453 3608 WDICA - ok
    08:00:01.0734 3608 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    08:00:01.0734 3608 wdmaud - ok
    08:00:01.0890 3608 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
    08:00:01.0906 3608 WebClient - ok
    08:00:02.0125 3608 winachsf (b3133dc158e59e80f5498484b0c2d558) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
    08:00:02.0171 3608 winachsf - ok
    08:00:02.0421 3608 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
    08:00:02.0437 3608 winmgmt - ok
    08:00:02.0515 3608 winvnc - ok
    08:00:02.0671 3608 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
    08:00:02.0687 3608 WmdmPmSN - ok
    08:00:02.0875 3608 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
    08:00:02.0875 3608 WmiApSrv - ok
    08:00:03.0000 3608 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
    08:00:03.0046 3608 WMPNetworkSvc - ok
    08:00:03.0281 3608 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
    08:00:03.0281 3608 WS2IFSL - ok
    08:00:03.0453 3608 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
    08:00:03.0453 3608 wscsvc - ok
    08:00:03.0656 3608 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    08:00:03.0656 3608 WSTCODEC - ok
    08:00:03.0828 3608 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
    08:00:03.0843 3608 wuauserv - ok
    08:00:04.0046 3608 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    08:00:04.0046 3608 WudfPf - ok
    08:00:04.0375 3608 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    08:00:04.0375 3608 WudfRd - ok
    08:00:04.0546 3608 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
    08:00:04.0546 3608 WudfSvc - ok
    08:00:04.0750 3608 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
    08:00:04.0781 3608 WZCSVC - ok
    08:00:04.0984 3608 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
    08:00:04.0984 3608 xmlprov - ok
    08:00:05.0125 3608 ZipToA - ok
    08:00:05.0281 3608 zntport - ok
    08:00:05.0296 3608 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
    08:00:05.0578 3608 \Device\Harddisk0\DR0 - ok
    08:00:05.0578 3608 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR3
    08:00:05.0781 3608 \Device\Harddisk1\DR3 - ok
    08:00:05.0781 3608 Boot (0x1200) (55cd1445d417b298309f5f2904f56d8e) \Device\Harddisk0\DR0\Partition0
    08:00:05.0781 3608 \Device\Harddisk0\DR0\Partition0 - ok
    08:00:05.0796 3608 Boot (0x1200) (c45049ff86f03609c04f2db21fe9b167) \Device\Harddisk1\DR3\Partition0
    08:00:05.0812 3608 \Device\Harddisk1\DR3\Partition0 - ok
    08:00:05.0812 3608 ============================================================
    08:00:05.0812 3608 Scan finished
    08:00:05.0812 3608 ============================================================
    08:00:05.0812 2248 Detected object count: 0
    08:00:05.0812 2248 Actual detected object count: 0
    08:00:57.0937 1780 Deinitialize success

  5. #55
    Security Expert jeffce's Avatar
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,039

    Default

    There we go...that is what I wanted to see.

    How is your system behaving?
    http://i1224.photobucket.com/albums/ee380/jeffce74/Bleedingbanner2.jpg

  6. #56
    Member
    Join Date
    Apr 2012
    Posts
    46

    Default

    Quote Originally Posted by jeffce View Post
    How is your system behaving?
    It is behaving pretty well. The last two times I booted it this morning, it did not recognize my new external hard drive. I'm not sure what going on there. I had to unplug and replug the USB jack for the system to recognize it.

    I'm getting a message from Outlook when I try to send email that someone is trying to access my Contact List and warns it could be a virus. I say continue anyway. This might be related to the new external harddrive software as well. It's very intrusive by default and somewhat obnoxious. I'll have to see if I can turn off some of the great features I have no interest in.

    But yeah, everything's good. System performance is pretty good, internet access is good. I only have 3 drivers that aren't found and two relate to software that allows me to VPN into my work PC. I can always reload that software if I need to.

    Overall, things are back to normal and running well.

  7. #57
    Security Expert jeffce's Avatar
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,039

    Default

    Glad to hear things are now running better.
    ----------

    Let's check for anything else left hiding and get some updates.

    I see that you have Malwarebytes on your computer. Please open Malwarebytes, update it and then run a Quick Scan. There will be a log created that I will need in your next reply.
    ----------

    ESET Online Scanner:

    Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

    Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

    • Please go here then click on:
    • [quote]Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
      All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
    • Select the option YES, I accept the Terms of Use then click on:
    • When prompted allow the Add-On/Active X to install.
    • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
    • Now click on Advanced Settings and select the following:
      • Scan for potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth Technology
    • Now click on:
    • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
    • When completed the Online Scan will begin automatically.
    • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
    • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
    • Now click on:
    • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    • Copy and paste that log as a reply to this topic.


    Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
    ----------


    You have an older version of Adobe Reader. You can download the current version HERE

    You may want to consider Foxit Reader instead. It may be a bit lighter on resources.

    Visit their support forum
    Foxit Forum

    In either case you should uninstall Adobe Reader 8.3.1 first. Be sure to move any PDF documents to another folder first though.
    ----------

    Please download JavaRa to your desktop and unzip it to its own
    folder
    • Run JavaRa.exe (double-click for XP/right-click and Run as Administrator for Vista), pick the language of your choice and click Select. Then
      click Remove Older Versions.
    • Accept any prompts.
    • Open JavaRa.exe (double-click for XP/right-click and Run as Administrator for Vista) again and select Search For Updates.
    • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest
      Java Runtime Environment (JRE) version for your computer using the Offline version of either x86 (32bit operating system) or x64 (64bit operating system).

    ----------

    In your next reply let me know if you had any problems with the instructions and also post the logs made by Malwarebytes and ESET online scanner.
    http://i1224.photobucket.com/albums/ee380/jeffce74/Bleedingbanner2.jpg

  8. #58
    Member
    Join Date
    Apr 2012
    Posts
    46

    Default

    Here is the Malwarebytes log and it was a full scan, not a quick scan:

    Malwarebytes Anti-Malware 1.61.0.1400
    www.malwarebytes.org

    Database version: v2012.04.19.04

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 7.0.5730.13
    Mike Hoover :: MJH [administrator]

    4/19/2012 6:00:27 PM
    mbam-log-2012-04-19 (18-00-27).txt

    Scan type: Full scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 216194
    Time elapsed: 2 minute(s), 37 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

  9. #59
    Security Expert jeffce's Avatar
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,039

    Default

    When you get the ESET scan please post that to your next reply.
    http://i1224.photobucket.com/albums/ee380/jeffce74/Bleedingbanner2.jpg

  10. #60
    Member
    Join Date
    Apr 2012
    Posts
    46

    Default

    This took a looooooooooooooong time to run:

    ESETSmartInstaller@High as CAB hook log:
    OnlineScanner.ocx - registred OK
    # version=7
    # iexplore.exe=7.00.6000.17109 (vista_gdr.120227-1644)
    # OnlineScanner.ocx=1.0.0.6583
    # api_version=3.0.2
    # EOSSerial=c4da946094499c4ea077f3cf2f7c76bd
    # end=finished
    # remove_checked=false
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2012-04-20 02:20:17
    # local_time=2012-04-19 10:20:17 (-0500, Eastern Daylight Time)
    # country="United States"
    # lang=1033
    # osver=5.1.2600 NT Service Pack 3
    # compatibility_mode=256 16777215 100 0 154057987 154057987 0 0
    # compatibility_mode=512 16777215 100 0 128277821 128277821 0 0
    # compatibility_mode=768 16777215 100 0 0 0 0 0
    # compatibility_mode=8192 67108863 100 0 0 0 0 0
    # scanned=160479
    # found=9
    # cleaned=0
    # scan_time=9696
    C:\Documents and Settings\Mike Hoover\Desktop\SmitfraudFix.exe multiple threats (unable to clean) 00000000000000000000000000000000 I
    C:\Documents and Settings\Mike Hoover\Desktop\SmitfraudFix\Process.exe Win32/PrcView application (unable to clean) 00000000000000000000000000000000 I
    C:\Documents and Settings\Mike Hoover\Desktop\SmitfraudFix\restart.exe Win32/Shutdown.NAA application (unable to clean) 00000000000000000000000000000000 I
    C:\Documents and Settings\Mike Hoover\Desktop\SmitfraudFix\SmitfraudFix.zip multiple threats (unable to clean) 00000000000000000000000000000000 I
    C:\Qoobox\Quarantine\C\WINDOWS\system32\Process.exe.vir Win32/PrcView application (unable to clean) 00000000000000000000000000000000 I
    C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\afd.sys.vir a variant of Win32/Sirefef.DA trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\fwdrv.sys.vir a variant of Win32/Rootkit.Kryptik.KW trojan (unable to clean) 00000000000000000000000000000000 I
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP5\A0006858.exe Win32/PrcView application (unable to clean) 00000000000000000000000000000000 I
    C:\TDSSKiller_Quarantine\19.04.2012_07.44.28\tdlfs0000\tsk0004.dta a variant of Win32/Olmarik.ADZ trojan (unable to clean) 00000000000000000000000000000000 I

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •