Page 5 of 7 FirstFirst 1234567 LastLast
Results 41 to 50 of 68

Thread: Hangs during bootup

  1. 2013-03-15, 23:05 #41
    Specba
    Specba is offline
    Member
    Join Date
    Apr 2009
    Location
    Pittsburgh, PA
    Posts
    74

    Default OTL log 3-15-13

    User: LocalService
    ->Temp folder emptied: 66016 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 2113384 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 1042432 bytes

    Total Files Cleaned = 216.00 mb


    OTL by OldTimer - Version 3.2.69.0 log created on 03152013_173033

    Files\Folders moved on Reboot...
    File\Folder C:\WINDOWS\temp\Perflib_Perfdata_1480.dat not found!
    File\Folder C:\WINDOWS\temp\Perflib_Perfdata_814.dat not found!

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
  2. 2013-03-15, 23:06 #42
    Specba
    Specba is offline
    Member
    Join Date
    Apr 2009
    Location
    Pittsburgh, PA
    Posts
    74

    Default MalwareBytes Log 3-15-13

    Malwarebytes Anti-Malware 1.70.0.1100
    www.malwarebytes.org

    Database version: v2013.03.15.08

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 7.0.5730.13
    Dan Kamin :: DAN [administrator]

    3/15/2013 5:41:24 PM
    mbam-log-2013-03-15 (17-41-24).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 209080
    Time elapsed: 7 minute(s), 24 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
  3. 2013-03-15, 23:08 #43
    Specba
    Specba is offline
    Member
    Join Date
    Apr 2009
    Location
    Pittsburgh, PA
    Posts
    74

    Default TDSKiller Log 3-15-2013

    17:52:36.0734 5400 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
    17:52:38.0734 5400 ============================================================
    17:52:38.0734 5400 Current date / time: 2013/03/15 17:52:38.0734
    17:52:38.0734 5400 SystemInfo:
    17:52:38.0734 5400
    17:52:38.0734 5400 OS Version: 5.1.2600 ServicePack: 3.0
    17:52:38.0734 5400 Product type: Workstation
    17:52:38.0734 5400 ComputerName: DAN
    17:52:38.0734 5400 UserName: Dan Kamin
    17:52:38.0734 5400 Windows directory: C:\WINDOWS
    17:52:38.0734 5400 System windows directory: C:\WINDOWS
    17:52:38.0734 5400 Processor architecture: Intel x86
    17:52:38.0734 5400 Number of processors: 2
    17:52:38.0734 5400 Page size: 0x1000
    17:52:38.0734 5400 Boot type: Normal boot
    17:52:38.0734 5400 ============================================================
    17:52:41.0906 5400 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
    17:52:41.0906 5400 ============================================================
    17:52:41.0906 5400 \Device\Harddisk0\DR0:
    17:52:41.0906 5400 MBR partitions:
    17:52:41.0906 5400 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
    17:52:41.0906 5400 ============================================================
    17:52:41.0968 5400 C: <-> \Device\Harddisk0\DR0\Partition1
    17:52:41.0984 5400 ============================================================
    17:52:41.0984 5400 Initialize success
    17:52:41.0984 5400 ============================================================
    17:52:46.0750 4908 ============================================================
    17:52:46.0750 4908 Scan started
    17:52:46.0750 4908 Mode: Manual;
    17:52:46.0750 4908 ============================================================
    17:52:51.0781 4908 ================ Scan system memory ========================
    17:52:51.0796 4908 System memory - ok
    17:52:51.0796 4908 ================ Scan services =============================
    17:52:52.0781 4908 Abiosdsk - ok
    17:52:52.0796 4908 abp480n5 - ok
    17:52:52.0859 4908 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
    17:52:52.0859 4908 ACPI - ok
    17:52:52.0937 4908 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
    17:52:52.0937 4908 ACPIEC - ok
    17:52:53.0046 4908 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    17:52:53.0171 4908 AdobeFlashPlayerUpdateSvc - ok
    17:52:53.0171 4908 adpu160m - ok
    17:52:53.0265 4908 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
    17:52:53.0265 4908 aec - ok
    17:52:53.0359 4908 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
    17:52:53.0359 4908 AFD - ok
    17:52:53.0375 4908 Aha154x - ok
    17:52:53.0375 4908 aic78u2 - ok
    17:52:53.0390 4908 aic78xx - ok
    17:52:53.0484 4908 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
    17:52:53.0484 4908 Alerter - ok
    17:52:53.0562 4908 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
    17:52:53.0562 4908 ALG - ok
    17:52:53.0578 4908 AliIde - ok
    17:52:53.0593 4908 amsint - ok
    17:52:53.0687 4908 [ 350F19EB5FE4EC37A2414DF56CDE1AA8 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
    17:52:53.0687 4908 ApfiltrService - ok
    17:52:53.0921 4908 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    17:52:53.0937 4908 Apple Mobile Device - ok
    17:52:54.0046 4908 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
    17:52:54.0046 4908 AppMgmt - ok
    17:52:54.0125 4908 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
    17:52:54.0125 4908 Arp1394 - ok
    17:52:54.0140 4908 asc - ok
    17:52:54.0156 4908 asc3350p - ok
    17:52:54.0156 4908 asc3550 - ok
    17:52:54.0375 4908 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
    17:52:54.0390 4908 aspnet_state - ok
    17:52:54.0500 4908 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    17:52:54.0500 4908 AsyncMac - ok
    17:52:54.0546 4908 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
    17:52:54.0546 4908 atapi - ok
    17:52:54.0546 4908 Atdisk - ok
    17:52:54.0640 4908 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    17:52:54.0640 4908 Atmarpc - ok
    17:52:54.0828 4908 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
    17:52:54.0843 4908 AudioSrv - ok
    17:52:54.0968 4908 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
    17:52:54.0968 4908 audstub - ok
    17:52:55.0140 4908 [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
    17:52:55.0140 4908 b57w2k - ok
    17:52:55.0578 4908 [ 345D38F298368DD6B0DF5C4F37457A22 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
    17:52:55.0609 4908 BCM43XX - ok
    17:52:55.0687 4908 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
    17:52:55.0687 4908 Beep - ok
    17:52:55.0968 4908 [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20130301.001\BHDrvx86.sys
    17:52:56.0046 4908 BHDrvx86 - ok
    17:52:56.0109 4908 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
    17:52:56.0125 4908 BITS - ok
    17:52:56.0281 4908 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    17:52:56.0296 4908 Bonjour Service - ok
    17:52:56.0359 4908 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
    17:52:56.0359 4908 Browser - ok
    17:52:56.0718 4908 [ 8A7BE4B3E6DD4687CF849B70EBDBCFF0 ] CarboniteService C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
    17:52:57.0078 4908 CarboniteService - ok
    17:52:57.0125 4908 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
    17:52:57.0125 4908 cbidf2k - ok
    17:52:57.0390 4908 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    17:52:57.0390 4908 CCDECODE - ok
    17:52:57.0390 4908 cd20xrnt - ok
    17:52:57.0609 4908 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
    17:52:57.0609 4908 Cdaudio - ok
    17:52:57.0671 4908 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
    17:52:57.0671 4908 Cdfs - ok
    17:52:57.0718 4908 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
    17:52:57.0718 4908 Cdrom - ok
    17:52:57.0750 4908 [ 84853B3FD012251690570E9E7E43343F ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys
    17:52:57.0750 4908 cercsr6 - ok
    17:52:57.0765 4908 Changer - ok
    17:52:57.0843 4908 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
    17:52:57.0843 4908 CiSvc - ok
    17:52:57.0890 4908 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
    17:52:57.0890 4908 ClipSrv - ok
    17:52:57.0953 4908 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    17:52:57.0968 4908 clr_optimization_v2.0.50727_32 - ok
    17:52:58.0000 4908 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    17:52:58.0000 4908 CmBatt - ok
    17:52:58.0015 4908 CmdIde - ok
    17:52:58.0046 4908 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
    17:52:58.0046 4908 Compbatt - ok
    17:52:58.0046 4908 COMSysApp - ok
    17:52:58.0062 4908 Cpqarray - ok
    17:52:58.0125 4908 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
    17:52:58.0140 4908 CryptSvc - ok
    17:52:58.0156 4908 dac2w2k - ok
    17:52:58.0156 4908 dac960nt - ok
    17:52:58.0359 4908 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
    17:52:58.0484 4908 DcomLaunch - ok
    17:52:58.0593 4908 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
    17:52:58.0593 4908 Dhcp - ok
    17:52:58.0656 4908 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
    17:52:58.0656 4908 Disk - ok
    17:52:58.0671 4908 dmadmin - ok
    17:52:58.0750 4908 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
    17:52:58.0750 4908 dmboot - ok
    17:52:58.0828 4908 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
    17:52:58.0828 4908 dmio - ok
    17:52:58.0859 4908 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
    17:52:58.0859 4908 dmload - ok
    17:52:58.0937 4908 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
    17:52:58.0953 4908 dmserver - ok
    17:52:58.0984 4908 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
    17:52:58.0984 4908 DMusic - ok
    17:52:59.0093 4908 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
    17:52:59.0093 4908 Dnscache - ok
    17:52:59.0156 4908 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
    17:52:59.0171 4908 Dot3svc - ok
    17:52:59.0171 4908 dpti2o - ok
    17:52:59.0234 4908 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
    17:52:59.0234 4908 drmkaud - ok
    17:52:59.0375 4908 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
    17:52:59.0375 4908 EapHost - ok
    17:52:59.0765 4908 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
    17:52:59.0812 4908 eeCtrl - ok
    17:52:59.0859 4908 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    17:52:59.0953 4908 EraserUtilRebootDrv - ok
    17:52:59.0968 4908 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
    17:52:59.0968 4908 ERSvc - ok
    17:53:00.0093 4908 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
    17:53:00.0171 4908 Eventlog - ok
    17:53:00.0375 4908 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
    17:53:00.0468 4908 EventSystem - ok
    17:53:00.0531 4908 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
    17:53:00.0531 4908 Fastfat - ok
    17:53:00.0609 4908 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
    17:53:00.0609 4908 FastUserSwitchingCompatibility - ok
    17:53:00.0656 4908 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
    17:53:00.0656 4908 Fdc - ok
    17:53:00.0703 4908 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
    17:53:00.0703 4908 Fips - ok
    17:53:00.0718 4908 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
    17:53:00.0718 4908 Flpydisk - ok
    17:53:00.0796 4908 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
    17:53:00.0796 4908 FltMgr - ok
    17:53:00.0921 4908 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    17:53:00.0953 4908 FontCache3.0.0.0 - ok
    17:53:01.0078 4908 [ 9513B437B7ADB1E6065B7F0D83D11ECF ] FreeAgentGoNext Service C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
    17:53:01.0093 4908 FreeAgentGoNext Service - ok
    17:53:01.0109 4908 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
    17:53:01.0109 4908 Fs_Rec - ok
    17:53:01.0140 4908 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    17:53:01.0140 4908 Ftdisk - ok
    17:53:01.0281 4908 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
    17:53:01.0281 4908 GEARAspiWDM - ok
    17:53:01.0453 4908 [ 8F6AE606EB0CC884EE12C41948424422 ] GoToAssist C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
    17:53:01.0468 4908 GoToAssist - ok
    17:53:01.0500 4908 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
    17:53:01.0500 4908 Gpc - ok
    17:53:01.0562 4908 [ C0BDAB85F3E8B2138C513255E2BCC4D8 ] guardian2 C:\WINDOWS\system32\Drivers\oz776.sys
    17:53:01.0562 4908 guardian2 - ok
    17:53:01.0625 4908 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    17:53:01.0625 4908 HDAudBus - ok
    17:53:01.0765 4908 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
    17:53:01.0765 4908 helpsvc - ok
    17:53:01.0781 4908 HidServ - ok
    17:53:01.0843 4908 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
    17:53:01.0843 4908 hidusb - ok
    17:53:01.0937 4908 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
    17:53:01.0937 4908 hkmsvc - ok
    17:53:02.0109 4908 [ 53DCA61931847E35C950504BFB7559C6 ] HP LaserJet Service C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
    17:53:02.0125 4908 HP LaserJet Service - ok
    17:53:02.0125 4908 hpn - ok
    17:53:02.0484 4908 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
    17:53:02.0546 4908 hpqcxs08 - ok
    17:53:02.0609 4908 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
    17:53:02.0609 4908 hpqddsvc - ok
    17:53:02.0671 4908 [ 94D23D4F096F12CA42C2FE4196631F46 ] HPSIService C:\WINDOWS\system32\HPSIsvc.exe
    17:53:02.0671 4908 HPSIService - ok
    17:53:02.0781 4908 [ 6F9CB6539A1B2508BD1C53D29334431A ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
    17:53:02.0890 4908 HPSLPSVC - ok
    17:53:02.0984 4908 [ 290CDBB05903742EA06B7203C5A662F5 ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
    17:53:02.0984 4908 HSFHWAZL - ok
    17:53:03.0062 4908 [ 7AB812355F98858B9ECDD46E6FCC221F ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
    17:53:03.0078 4908 HSF_DPV - ok
    17:53:03.0140 4908 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
    17:53:03.0156 4908 HTTP - ok
    17:53:03.0484 4908 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
    17:53:03.0484 4908 HTTPFilter - ok
    17:53:03.0500 4908 i2omgmt - ok
    17:53:03.0500 4908 i2omp - ok
    17:53:03.0609 4908 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    17:53:03.0609 4908 i8042prt - ok
    17:53:04.0078 4908 [ 37EB2DC75D8F6451AE55071610DC24E1 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
    17:53:04.0140 4908 ialm - ok
    17:53:04.0562 4908 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    17:53:04.0765 4908 idsvc - ok
    17:53:04.0968 4908 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20130313.003\IDSxpx86.sys
    17:53:05.0000 4908 IDSxpx86 - ok
    17:53:05.0062 4908 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
    17:53:05.0062 4908 Imapi - ok
    17:53:05.0125 4908 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
    17:53:05.0156 4908 ImapiService - ok
    17:53:05.0171 4908 ini910u - ok
    17:53:05.0187 4908 IntelIde - ok
    17:53:05.0343 4908 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
    17:53:05.0359 4908 intelppm - ok
    17:53:05.0406 4908 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
    17:53:05.0421 4908 Ip6Fw - ok
    17:53:05.0468 4908 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    17:53:05.0468 4908 IpFilterDriver - ok
    17:53:05.0531 4908 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
    17:53:05.0531 4908 IpInIp - ok
    17:53:05.0593 4908 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
    17:53:05.0593 4908 IpNat - ok
    17:53:05.0703 4908 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    17:53:05.0796 4908 iPod Service - ok
    17:53:05.0843 4908 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
    17:53:05.0843 4908 IPSec - ok
    17:53:05.0890 4908 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
    17:53:05.0890 4908 IRENUM - ok
    17:53:05.0921 4908 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
    17:53:05.0921 4908 isapnp - ok
    17:53:05.0984 4908 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    17:53:05.0984 4908 Kbdclass - ok
    17:53:06.0015 4908 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
    17:53:06.0015 4908 kmixer - ok
    17:53:06.0078 4908 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
    17:53:06.0078 4908 KSecDD - ok
    17:53:06.0203 4908 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
    17:53:06.0234 4908 lanmanserver - ok
    17:53:06.0296 4908 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
    17:53:06.0328 4908 lanmanworkstation - ok
    17:53:06.0343 4908 lbrtfdc - ok
    17:53:06.0421 4908 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
    17:53:06.0437 4908 LmHosts - ok
    17:53:06.0609 4908 [ 2D0AB9D29E6B0C42CCE955B5A8E0D62D ] LVcKap C:\WINDOWS\system32\DRIVERS\LVcKap.sys
    17:53:06.0625 4908 LVcKap - ok
    17:53:06.0734 4908 [ A3963E3D997C3646E1D3338EB88A48E9 ] LVMVDrv C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
    17:53:06.0750 4908 LVMVDrv - ok
    17:53:06.0828 4908 [ 39C767BD6D99C23D28E71B6E0CBA3129 ] LVPr2Mon C:\WINDOWS\system32\drivers\LVPr2Mon.sys
    17:53:06.0828 4908 LVPr2Mon - ok
    17:53:07.0187 4908 [ 44B3B997E25C5D9A81D6C501451A96D7 ] LVPrcSrv c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    17:53:07.0250 4908 LVPrcSrv - ok
    17:53:07.0609 4908 [ 7B4607C0C664DA98753508F85BB10694 ] LVSrvLauncher C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
    17:53:07.0625 4908 LVSrvLauncher - ok
    17:53:07.0656 4908 [ 6AD3F5275F117F08C12EAB2233A9E3FB ] LVUSBSta C:\WINDOWS\system32\drivers\lvusbsta.sys
    17:53:07.0656 4908 LVUSBSta - ok
    17:53:07.0718 4908 [ 494DAAD7DAB01D160C37AE7D99B00DE6 ] mam4410c C:\WINDOWS\system32\Drivers\mam4410c.sys
    17:53:07.0734 4908 mam4410c - ok
    17:53:07.0765 4908 [ B2434B4F7827798ABECD2103FB8F64A5 ] mam4410m C:\WINDOWS\system32\Drivers\mam4410m.sys
    17:53:07.0765 4908 mam4410m - ok
    17:53:07.0796 4908 [ 5020E06AD2C3551A1F37CF2D48EBC418 ] mam4410u C:\WINDOWS\system32\Drivers\mam4410u.sys
    17:53:07.0796 4908 mam4410u - ok
    17:53:07.0859 4908 [ B51E7EAB4BAF13B492AA3299BCF52A35 ] MaRdPnp C:\WINDOWS\system32\DRIVERS\MaRdP2K.sys
    17:53:07.0875 4908 MaRdPnp - ok
    17:53:07.0906 4908 [ 8181CEB341CBB2F7F893F85B915D5E15 ] MaVctrl C:\WINDOWS\system32\DRIVERS\MaVc2K.sys
    17:53:07.0906 4908 MaVctrl - ok
    17:53:07.0921 4908 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
    17:53:07.0921 4908 mdmxsdk - ok
    17:53:07.0968 4908 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
    17:53:07.0968 4908 Messenger - ok
    17:53:08.0000 4908 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
    17:53:08.0015 4908 mnmdd - ok
    17:53:08.0078 4908 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
    17:53:08.0093 4908 mnmsrvc - ok
    17:53:08.0171 4908 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
    17:53:08.0171 4908 Modem - ok
    17:53:08.0281 4908 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
    17:53:08.0343 4908 Mouclass - ok
    17:53:08.0406 4908 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
    17:53:08.0421 4908 mouhid - ok
    17:53:08.0515 4908 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
    17:53:08.0546 4908 MountMgr - ok
    17:53:08.0640 4908 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    17:53:08.0656 4908 MozillaMaintenance - ok
    17:53:08.0656 4908 mraid35x - ok
    17:53:08.0718 4908 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    17:53:08.0734 4908 MRxDAV - ok
    17:53:08.0812 4908 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    17:53:08.0843 4908 MRxSmb - ok
    17:53:08.0875 4908 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
    17:53:08.0906 4908 MSDTC - ok
    17:53:08.0968 4908 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
    17:53:08.0968 4908 Msfs - ok
    17:53:08.0968 4908 MSIServer - ok
    17:53:09.0000 4908 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
    17:53:09.0031 4908 MSKSSRV - ok
    17:53:09.0062 4908 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    17:53:09.0093 4908 MSPCLOCK - ok
    17:53:09.0156 4908 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
    17:53:09.0171 4908 MSPQM - ok
    17:53:09.0218 4908 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    17:53:09.0218 4908 mssmbios - ok
    17:53:09.0375 4908 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
    17:53:09.0390 4908 MSTEE - ok
    17:53:09.0406 4908 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
    17:53:09.0453 4908 Mup - ok
    17:53:09.0500 4908 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    17:53:09.0500 4908 NABTSFEC - ok
    17:53:09.0593 4908 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
    17:53:09.0671 4908 napagent - ok
    17:53:09.0828 4908 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130315.004\NAVENG.SYS
    17:53:09.0828 4908 NAVENG - ok
    17:53:10.0062 4908 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130315.004\NAVEX15.SYS
    17:53:10.0265 4908 NAVEX15 - ok
    17:53:10.0484 4908 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
    17:53:10.0593 4908 NDIS - ok
    17:53:10.0656 4908 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    17:53:10.0656 4908 NdisIP - ok
    17:53:10.0750 4908 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    17:53:10.0765 4908 NdisTapi - ok
    17:53:10.0828 4908 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    17:53:10.0843 4908 Ndisuio - ok
    17:53:10.0937 4908 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    17:53:10.0937 4908 NdisWan - ok
    17:53:11.0000 4908 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
    17:53:11.0015 4908 NDProxy - ok
    17:53:11.0093 4908 [ 949941E4DE88DF1FAF49A4B3CFFB756F ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
    17:53:11.0109 4908 Net Driver HPZ12 - ok
    17:53:11.0125 4908 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
    17:53:11.0125 4908 NetBIOS - ok
    17:53:11.0234 4908 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
    17:53:11.0359 4908 NetBT - ok
    17:53:11.0406 4908 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
    17:53:11.0421 4908 NetDDE - ok
    17:53:11.0437 4908 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
    17:53:11.0437 4908 NetDDEdsdm - ok
    17:53:11.0468 4908 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
    17:53:11.0484 4908 Netlogon - ok
    17:53:11.0625 4908 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
    17:53:11.0671 4908 Netman - ok
    17:53:11.0781 4908 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    17:53:11.0796 4908 NetTcpPortSharing - ok
    17:53:11.0843 4908 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
    17:53:11.0859 4908 NIC1394 - ok
    17:53:12.0218 4908 [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
    17:53:12.0218 4908 NIS - ok
    17:53:12.0437 4908 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
    17:53:12.0609 4908 Nla - ok
    17:53:12.0656 4908 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
    17:53:12.0671 4908 Npfs - ok
    17:53:12.0828 4908 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
    17:53:12.0890 4908 Ntfs - ok
    17:53:12.0937 4908 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
    17:53:12.0937 4908 NtLmSsp - ok
    17:53:12.0968 4908 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
    17:53:12.0984 4908 NtmsSvc - ok
    17:53:13.0015 4908 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
    17:53:13.0046 4908 Null - ok
    17:53:13.0093 4908 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    17:53:13.0093 4908 NwlnkFlt - ok
    17:53:13.0109 4908 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    17:53:13.0109 4908 NwlnkFwd - ok
    17:53:13.0156 4908 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    17:53:13.0187 4908 ohci1394 - ok
    17:53:13.0359 4908 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    17:53:13.0375 4908 ose - ok
    17:53:13.0734 4908 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    17:53:13.0875 4908 osppsvc - ok
    17:53:13.0953 4908 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
    17:53:13.0984 4908 Parport - ok
    17:53:14.0031 4908 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
    17:53:14.0046 4908 PartMgr - ok
    17:53:14.0093 4908 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
    17:53:14.0093 4908 ParVdm - ok
    17:53:14.0109 4908 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
    17:53:14.0125 4908 PCI - ok
    17:53:14.0125 4908 PCIDump - ok
    17:53:14.0187 4908 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
    17:53:14.0187 4908 PCIIde - ok
    17:53:14.0406 4908 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
    17:53:14.0546 4908 Pcmcia - ok
    17:53:14.0687 4908 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
    17:53:14.0703 4908 pcouffin - ok
    17:53:14.0703 4908 PDCOMP - ok
    17:53:14.0703 4908 PDFRAME - ok
    17:53:14.0718 4908 PDRELI - ok
    17:53:14.0718 4908 PDRFRAME - ok
    17:53:14.0796 4908 [ 4350CB255AD546F4668C8B8AFD6A00A4 ] pepifilter C:\WINDOWS\system32\DRIVERS\lv302af.sys
    17:53:14.0796 4908 pepifilter - ok
    17:53:14.0796 4908 perc2 - ok
    17:53:14.0812 4908 perc2hib - ok
    17:53:14.0953 4908 [ 6B310DE726E1A0DEFD66718A7F79B5D2 ] PID_08A0 C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
    17:53:15.0093 4908 PID_08A0 - ok
    17:53:15.0140 4908 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
    17:53:15.0140 4908 PlugPlay - ok
    17:53:15.0234 4908 [ 2F4CA141A609CAF5C98F6E4760EF1B9B ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
    17:53:15.0234 4908 Pml Driver HPZ12 - ok
    17:53:15.0281 4908 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
    17:53:15.0281 4908 PolicyAgent - ok
    17:53:15.0375 4908 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
    17:53:15.0375 4908 PptpMiniport - ok
    17:53:15.0375 4908 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
    17:53:15.0375 4908 ProtectedStorage - ok
    17:53:15.0390 4908 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
    17:53:15.0390 4908 PSched - ok
    17:53:15.0453 4908 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
    17:53:15.0453 4908 Ptilink - ok
    17:53:15.0453 4908 ql1080 - ok
    17:53:15.0453 4908 Ql10wnt - ok
    17:53:15.0468 4908 ql12160 - ok
    17:53:15.0468 4908 ql1240 - ok
    17:53:15.0468 4908 ql1280 - ok
    17:53:15.0531 4908 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
    17:53:15.0531 4908 RasAcd - ok
    17:53:15.0578 4908 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
    17:53:15.0593 4908 RasAuto - ok
    17:53:15.0625 4908 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    17:53:15.0640 4908 Rasl2tp - ok
    17:53:15.0718 4908 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
    17:53:15.0718 4908 RasMan - ok
    17:53:15.0734 4908 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    17:53:15.0734 4908 RasPppoe - ok
    17:53:15.0734 4908 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
    17:53:15.0734 4908 Raspti - ok
    17:53:15.0765 4908 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
    17:53:15.0765 4908 Rdbss - ok
    17:53:15.0765 4908 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    17:53:15.0765 4908 RDPCDD - ok
    17:53:15.0796 4908 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    17:53:15.0796 4908 rdpdr - ok
    17:53:15.0843 4908 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
    17:53:15.0843 4908 RDPWD - ok
    17:53:15.0875 4908 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
    17:53:15.0890 4908 RDSessMgr - ok
    17:53:15.0906 4908 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
    17:53:15.0906 4908 redbook - ok
    17:53:15.0953 4908 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
    17:53:15.0953 4908 RemoteAccess - ok
    17:53:16.0000 4908 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
    17:53:16.0000 4908 RemoteRegistry - ok
    17:53:16.0015 4908 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
    17:53:16.0015 4908 RpcLocator - ok
    17:53:16.0046 4908 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
    17:53:16.0062 4908 RpcSs - ok
    17:53:16.0109 4908 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
    17:53:16.0125 4908 RSVP - ok
    17:53:16.0140 4908 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
    17:53:16.0140 4908 SamSs - ok
    17:53:16.0140 4908 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
    17:53:16.0156 4908 SCardSvr - ok
    17:53:16.0187 4908 [ 50B724C9D03111245DF270BC3F49F04D ] ScFBPNT2 C:\WINDOWS\system32\drivers\ScFBPNT2.SYS
    17:53:16.0203 4908 ScFBPNT2 - ok
    17:53:16.0328 4908 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
    17:53:16.0390 4908 Schedule - ok
    17:53:16.0453 4908 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
    17:53:16.0453 4908 Secdrv - ok
    17:53:16.0515 4908 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
    17:53:16.0515 4908 seclogon - ok
    17:53:16.0562 4908 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
    17:53:16.0578 4908 SENS - ok
    17:53:16.0625 4908 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
    17:53:16.0625 4908 serenum - ok
    17:53:16.0703 4908 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
    17:53:16.0718 4908 Serial - ok
    17:53:16.0750 4908 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
    17:53:16.0765 4908 Sfloppy - ok
    17:53:16.0828 4908 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
    17:53:16.0843 4908 SharedAccess - ok
    17:53:16.0859 4908 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
    17:53:16.0859 4908 ShellHWDetection - ok
    17:53:16.0859 4908 Simbad - ok
    17:53:16.0937 4908 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
    17:53:16.0953 4908 SkypeUpdate - ok
    17:53:16.0984 4908 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
    17:53:16.0984 4908 SLIP - ok
    17:53:17.0000 4908 Sparrow - ok
    17:53:17.0015 4908 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
    17:53:17.0046 4908 splitter - ok
    17:53:17.0109 4908 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
    17:53:17.0125 4908 Spooler - ok
    17:53:17.0187 4908 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
    17:53:17.0187 4908 sr - ok
    17:53:17.0312 4908 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
    17:53:17.0375 4908 srservice - ok
    17:53:17.0578 4908 [ 83726CF02ECED69138948083E06B6EAC ] SRTSP C:\WINDOWS\System32\Drivers\NIS\1207020.003\SRTSP.SYS
    17:53:17.0671 4908 SRTSP - ok
    17:53:17.0703 4908 [ 4E7EAB2E5615D39CF1F1DF9C71E5E225 ] SRTSPX C:\WINDOWS\system32\drivers\NIS\1207020.003\SRTSPX.SYS
    17:53:17.0718 4908 SRTSPX - ok
    17:53:17.0796 4908 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
    17:53:17.0968 4908 Srv - ok
    17:53:18.0046 4908 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
    17:53:18.0046 4908 SSDPSRV - ok
    17:53:18.0171 4908 [ 6F855B5625A47F3AC731A262FDC379A6 ] STacSV C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe
    17:53:18.0187 4908 STacSV - ok
    17:53:18.0390 4908 [ 951801DFB54D86F611F0AF47825476F9 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
    17:53:18.0562 4908 STHDA - ok
    17:53:18.0609 4908 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
    17:53:18.0625 4908 StillCam - ok
    17:53:18.0703 4908 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
    17:53:18.0781 4908 stisvc - ok
    17:53:18.0812 4908 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    17:53:18.0828 4908 streamip - ok
    17:53:18.0859 4908 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
    17:53:18.0859 4908 swenum - ok
    17:53:18.0921 4908 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
    17:53:18.0937 4908 swmidi - ok
    17:53:18.0937 4908 SwPrv - ok
    17:53:18.0953 4908 symc810 - ok
    17:53:18.0968 4908 symc8xx - ok
    17:53:19.0046 4908 [ 9BBEB8C6258E72D62E7560E6667AAD39 ] SymDS C:\WINDOWS\system32\drivers\NIS\1207020.003\SYMDS.SYS
    17:53:19.0062 4908 SymDS - ok
    17:53:19.0484 4908 [ D5C02629C02A820A7E71BCA3D44294A3 ] SymEFA C:\WINDOWS\system32\drivers\NIS\1207020.003\SYMEFA.SYS
    17:53:19.0656 4908 SymEFA - ok
    17:53:19.0734 4908 [ AB33C3B196197CA467CBDDA717860DBA ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
    17:53:19.0734 4908 SymEvent - ok
    17:53:19.0765 4908 [ A73399804D5D4A8B20BA60FCF70C9F1F ] SymIRON C:\WINDOWS\system32\drivers\NIS\1207020.003\Ironx86.SYS
    17:53:19.0765 4908 SymIRON - ok
    17:53:19.0906 4908 [ 336CACE58F0359D5CBB1AE6B8A2FB205 ] SYMTDI C:\WINDOWS\System32\Drivers\NIS\1207020.003\SYMTDI.SYS
    17:53:19.0968 4908 SYMTDI - ok
    17:53:19.0984 4908 sym_hi - ok
    17:53:19.0984 4908 sym_u3 - ok
    17:53:20.0140 4908 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
    17:53:20.0140 4908 sysaudio - ok
    17:53:20.0203 4908 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
    17:53:20.0203 4908 SysmonLog - ok
    17:53:20.0250 4908 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
    17:53:20.0250 4908 TapiSrv - ok
    17:53:20.0296 4908 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
    17:53:20.0312 4908 Tcpip - ok
    17:53:20.0343 4908 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
    17:53:20.0343 4908 TDPIPE - ok
    17:53:20.0359 4908 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
    17:53:20.0359 4908 TDTCP - ok
    17:53:20.0390 4908 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
    17:53:20.0390 4908 TermDD - ok
    17:53:20.0437 4908 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
    17:53:20.0453 4908 TermService - ok
    17:53:20.0468 4908 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
    17:53:20.0468 4908 Themes - ok
    17:53:20.0515 4908 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
    17:53:20.0515 4908 TlntSvr - ok
    17:53:20.0531 4908 TosIde - ok
    17:53:20.0578 4908 [ 8D624D3BD1F2D78BD1C01A2D4E954B4E ] tosporte C:\WINDOWS\system32\DRIVERS\tosporte.sys
    17:53:20.0578 4908 tosporte - ok
    17:53:20.0625 4908 [ 8C3BFAF3FCA90502E6FA35503B8E979E ] tosrfbd C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
    17:53:20.0640 4908 tosrfbd - ok
    17:53:20.0687 4908 [ 90C8525BC578AAFFE87C2D0ED4379E9E ] tosrfbnp C:\WINDOWS\system32\Drivers\tosrfbnp.sys
    17:53:20.0687 4908 tosrfbnp - ok
    17:53:20.0734 4908 [ 4742F0BAD28268AB093ED6F4EA857997 ] Tosrfcom C:\WINDOWS\system32\Drivers\tosrfcom.sys
    17:53:20.0734 4908 Tosrfcom - ok
    17:53:20.0750 4908 [ 7C807BA9660E2995CC0217A14A24094C ] Tosrfhid C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
    17:53:20.0750 4908 Tosrfhid - ok
    17:53:20.0781 4908 [ C52FD27B9ADF3A1F22CB90E6BCF9B0CB ] tosrfnds C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
    17:53:20.0781 4908 tosrfnds - ok
    17:53:20.0828 4908 [ 01C90086CD37E7E8D9A827E24167FCB7 ] Tosrfusb C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
    17:53:20.0828 4908 Tosrfusb - ok
    17:53:20.0890 4908 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
    17:53:20.0890 4908 TrkWks - ok
    17:53:20.0906 4908 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
    17:53:20.0921 4908 Udfs - ok
    17:53:20.0937 4908 ultra - ok
    17:53:21.0000 4908 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
    17:53:21.0015 4908 Update - ok
    17:53:21.0046 4908 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
    17:53:21.0062 4908 upnphost - ok
    17:53:21.0093 4908 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
    17:53:21.0109 4908 UPS - ok
    17:53:21.0156 4908 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
    17:53:21.0156 4908 usbaudio - ok
    17:53:21.0218 4908 [ AF9388E736AF0C325067F05EDC350010 ] usbbus C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
    17:53:21.0218 4908 usbbus - ok
    17:53:21.0265 4908 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    17:53:21.0265 4908 usbccgp - ok
    17:53:21.0312 4908 [ AE30EA96E60E823C7B525DA356283AE8 ] UsbDiag C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
    17:53:21.0312 4908 UsbDiag - ok
    17:53:21.0343 4908 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
    17:53:21.0343 4908 usbehci - ok
    17:53:21.0359 4908 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
    17:53:21.0359 4908 usbhub - ok
    17:53:21.0406 4908 [ 46AC66DF3D6EFE81F69BEA823A53AAB5 ] USBModem C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
    17:53:21.0406 4908 USBModem - ok
    17:53:21.0437 4908 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
    17:53:21.0437 4908 usbprint - ok
    17:53:21.0468 4908 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    17:53:21.0468 4908 USBSTOR - ok
    17:53:21.0500 4908 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    17:53:21.0515 4908 usbuhci - ok
    17:53:21.0546 4908 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
    17:53:21.0546 4908 VgaSave - ok
    17:53:21.0546 4908 ViaIde - ok
    17:53:21.0609 4908 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
    17:53:21.0609 4908 VolSnap - ok
    17:53:21.0671 4908 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
    17:53:21.0687 4908 VSS - ok
    17:53:21.0718 4908 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
    17:53:21.0718 4908 W32Time - ok
    17:53:21.0734 4908 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
    17:53:21.0734 4908 Wanarp - ok
    17:53:21.0812 4908 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
    17:53:21.0828 4908 Wdf01000 - ok
    17:53:21.0843 4908 WDICA - ok
    17:53:21.0875 4908 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
    17:53:21.0875 4908 wdmaud - ok
    17:53:21.0937 4908 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
    17:53:21.0953 4908 WebClient - ok
    17:53:21.0984 4908 [ A8596CF86D445269A42ECC08B7066A4C ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
    17:53:22.0015 4908 winachsf - ok
    17:53:22.0140 4908 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
    17:53:22.0140 4908 winmgmt - ok
    17:53:22.0156 4908 wltrysvc - ok
    17:53:22.0203 4908 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
    17:53:22.0218 4908 WmdmPmSN - ok
    17:53:22.0265 4908 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
    17:53:22.0296 4908 Wmi - ok
    17:53:22.0312 4908 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
    17:53:22.0328 4908 WmiAcpi - ok
    17:53:22.0343 4908 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
    17:53:22.0343 4908 WmiApSrv - ok
    17:53:22.0468 4908 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
    17:53:22.0500 4908 WMPNetworkSvc - ok
    17:53:22.0562 4908 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
    17:53:22.0578 4908 wscsvc - ok
    17:53:22.0578 4908 WSearch - ok
    17:53:22.0625 4908 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    17:53:22.0625 4908 WSTCODEC - ok
    17:53:22.0671 4908 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
    17:53:22.0671 4908 wuauserv - ok
    17:53:22.0734 4908 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    17:53:22.0750 4908 WudfPf - ok
    17:53:22.0765 4908 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    17:53:22.0765 4908 WudfRd - ok
    17:53:22.0812 4908 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
    17:53:22.0812 4908 WudfSvc - ok
    17:53:22.0875 4908 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
    17:53:22.0906 4908 WZCSVC - ok
    17:53:22.0953 4908 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
    17:53:22.0953 4908 xmlprov - ok
    17:53:22.0968 4908 ================ Scan global ===============================
    17:53:23.0031 4908 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
    17:53:23.0078 4908 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
    17:53:23.0109 4908 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
    17:53:23.0125 4908 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
    17:53:23.0140 4908 [Global] - ok
    17:53:23.0140 4908 ================ Scan MBR ==================================
    17:53:23.0156 4908 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
    17:53:23.0437 4908 \Device\Harddisk0\DR0 - ok
    17:53:23.0437 4908 ================ Scan VBR ==================================
    17:53:23.0453 4908 [ 3D6A656C4F09990DF07BCE99AD6682FA ] \Device\Harddisk0\DR0\Partition1
    17:53:23.0453 4908 \Device\Harddisk0\DR0\Partition1 - ok
    17:53:23.0453 4908 ============================================================
    17:53:23.0453 4908 Scan finished
    17:53:23.0453 4908 ============================================================
    17:53:23.0468 5424 Detected object count: 0
    17:53:23.0468 5424 Actual detected object count: 0
  4. 2013-03-15, 23:36 #44
    Dakeyras
    Dakeyras is offline
    Security Expert-Emeritus Dakeyras's Avatar
    Join Date
    Sep 2008
    Location
    The Tundra
    Posts
    1,173

    Default

    The icons still lag for about 3 minutes before they come in. This might be the best we can do.
    Acknowledged/possibly...I will have a think about this/sleep on it so to speak and reply back in due course.

    In the meantime the requested OTL Log from the Custom Script is incomplete, could you repost it again please.
    Mammuthus Hibernian Scouserus, member of ASAP and UNITE.
  5. 2013-03-16, 05:01 #45
    Specba
    Specba is offline
    Member
    Join Date
    Apr 2009
    Location
    Pittsburgh, PA
    Posts
    74

    Default Complete OTL Log 3-15

    All processes killed
    ========== COMMANDS ==========
    Restore point Set: OTL Restore Point
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KernelFaultCheck\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SigmatelSysTrayApp\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe\ deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\APSDaemonl not found.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\hpqSRMon deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\HPUsageTrackingLEDM deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ITSecMng deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\LogitechCommunicationsManager deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\LogitechQuickCamRibbon deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\MaxMenuMgr deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\vProt deleted successfully.
    Registry key HKEY_USERS\S-1-5-21-1229272821-1500820517-682003330-1003\Run not found.
    ========== FILES ==========
    File\Folder C:\Program Files\AVG not found.
    File\Folder C:\Program Files\AVG Secure Search not found.
    File\Folder C:\Program Files\MediaGet2 not found.
    C:\WINDOWS\tasks\ROC_JAN2013_TB_rmv.job moved successfully.
    File\Folder C:\Documents and Settings\Dan Kamin\Local Settings\Application Data\MediaGet2 not found.
    ========== COMMANDS ==========
    C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYTEMP]

    User: All Users

    User: Dan Kamin
    ->Temp folder emptied: 1380223 bytes
    ->Temporary Internet Files folder emptied: 9295269 bytes
    ->FireFox cache emptied: 212029502 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 2402 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 66016 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 2113384 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 1042432 bytes

    Total Files Cleaned = 216.00 mb


    OTL by OldTimer - Version 3.2.69.0 log created on 03152013_173033

    Files\Folders moved on Reboot...
    File\Folder C:\WINDOWS\temp\Perflib_Perfdata_1480.dat not found!
    File\Folder C:\WINDOWS\temp\Perflib_Perfdata_814.dat not found!

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
  6. 2013-03-16, 11:46 #46
    Dakeyras
    Dakeyras is offline
    Security Expert-Emeritus Dakeyras's Avatar
    Join Date
    Sep 2008
    Location
    The Tundra
    Posts
    1,173

    Default

    Hi.

    Going back to this you mentioned:-

    HP printer software insisted on installing after OTL ran.
    Any further problems just consider uninstalling the software as no real need for it. I have a HP printer myself and do not have any of the associated software installed apart from the required driver etc. Though the downside of that is the scan feature does not work as should but I do not use that very often and still prefer to keep the HP software at bay so to speak.

    How long is left on the subscription for Norton Internet Security before it expires ?

    Re-scan with RogueKiller:

    Again as outlined here, then after the pre-scan has completed click on the ShortcutsFix button.

    Post the new log created in your next reply.

    System File Check:

    Close all open applications/windows etc.
    • Click on Start >> Run...
    • Type in SFC /Scannow <--- Make sure to leave a space between SFC and the forward slash.
    • Click on OK
    • System File Checker will now scan all protected files to verify their versions.

    Note: This will take some time. Also you may be prompted to place the XP installation CD-ROM in the CD-Drive if required.

    TFC(Temp File Cleaner):

    • Please download TFC to the desktop.
    • Save any unsaved work. TFC will close all open application windows.
    • Double-click TFC.exe to run the program.
    • Click the Start button in the bottom left of TFC
    • If prompted, click "Yes" to reboot.

    Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.

    I advice consider keeping TFC on the desktop after I give the all clear and run it say at least once per week as it is a very effective piece of software for cleaning out temp' files etc.

    Next:

    Let myself know when completed the above, if any further problems/issues encountered etc. Post the new RogueKiller log along with the answer to my NIS query and we will then go from there, thank you.
    Mammuthus Hibernian Scouserus, member of ASAP and UNITE.
  7. 2013-03-16, 14:22 #47
    Specba
    Specba is offline
    Member
    Join Date
    Apr 2009
    Location
    Pittsburgh, PA
    Posts
    74

    Default RogueKiller Log 3-16-13

    RogueKiller V8.5.3 [Mar 13 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files...3-roguekiller/
    Website : http://tigzy.geekstogo.com/roguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Started in : Normal mode
    User : Dan Kamin [Admin rights]
    Mode : Shortcuts HJfix -- Date : 03/16/2013 08:17:37
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Driver : [LOADED] ¤¤¤

    ¤¤¤ File attributes restored: ¤¤¤
    Desktop: Success 0 / Fail 0
    Quick launch: Success 0 / Fail 0
    Programs: Success 6 / Fail 0
    Start menu: Success 0 / Fail 0
    User folder: Success 74 / Fail 0
    My documents: Success 198 / Fail 198
    My favorites: Success 0 / Fail 0
    My pictures: Success 0 / Fail 0
    My music: Success 0 / Fail 0
    My videos: Success 0 / Fail 0
    Local drives: Success 97 / Fail 291
    Backup: [NOT FOUND]

    Drives:
    [C:] \Device\HarddiskVolume1 -- 0x3 --> Restored
    [D:] \Device\CdRom0 -- 0x5 --> Skipped

    Finished : << RKreport[3]_SC_03162013_02d0817.txt >>
    RKreport[1]_S_03122013_02d1300.txt ; RKreport[2]_S_03162013_02d0815.txt ; RKreport[3]_SC_03162013_02d0817.txt
  8. 2013-03-16, 14:24 #48
    Specba
    Specba is offline
    Member
    Join Date
    Apr 2009
    Location
    Pittsburgh, PA
    Posts
    74

    Default Norton

    His Norton expires in August. Personally I like Windows Defender. I've also used Avast! . Is there something you would recommend?
  9. 2013-03-16, 15:31 #49
    Dakeyras
    Dakeyras is offline
    Security Expert-Emeritus Dakeyras's Avatar
    Join Date
    Sep 2008
    Location
    The Tundra
    Posts
    1,173

    Default

    Hi.

    His Norton expires in August.
    Acknowledged...

    I am a great believer in if something is not broke do not fix and if the need we can address this. The problem with such bundled security related software is at times they can cause a myriad of system related problems that affect over performance.

    Personally I like Windows Defender. I've also used Avast!
    Both are fine applications. Windows Defender did get a somewhat bad reputation in it's early days as it was based up Giant AntiSpyware originally and called in turn Microsoft AntiSpyware if I recall but the more recent incarnations have improved considerably.

    Is there something you would recommend?
    Microsoft Security Essentials and I use that myself on all my machines, has a low system footprint and does the job so to speak.

    Though with Windows 8 it is actually incorporated into Windows Defender and uses the same virus database/definitions etc.
    Mammuthus Hibernian Scouserus, member of ASAP and UNITE.
  10. 2013-03-16, 15:41 #50
    Specba
    Specba is offline
    Member
    Join Date
    Apr 2009
    Location
    Pittsburgh, PA
    Posts
    74

    Default What's next?

    What would you like me to do next? Are we at the cleanup stage?

    Specba
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules