Solved a GrandPrix Hidden Windows and a sudden app windows pop up

May 2, 2013 at 04:25:31
Specs: Windows XP
So my lenovo (somehow) got a Windows genuine problems, which is (probably) an impossible things that my Windows isn't genuine, since my dad bought it at Lenovo dealer in here. There's no significant problem since that 'genuine issue' comes, but today, I suddenly got a new pop up windows named "GrandPrix Hidden Windows" that couldn't be close at all, even I'm using Windows Task Manager help.
Right then, a sudden strange pop up apps windows also appears. Like, Daemon Tools, AVG Scan, and any other apps that was active in my system tray. The problem is, I DIDN'T EVEN CLICK ON THEM at all...
And when I try to close it manually by clicking the 'x' button in each windows, my lenovo become slower. So I did close those 'pop up' with Task Manager, and there's only one 'pop up' that couldn't be close at all, it's the GrandPrix Hidden Windows Pop Up, and two other 'strange' pop up windows. And also, my Chrome suddenly opening 3 new tab, which I couldn't even open at all..

Is it a virus or malware that has infected my lenovo? and how can I solve this?

Please help me fix this. Any helping suggestion or instruction will be much appreciated!


See More: a GrandPrix Hidden Windows and a sudden app windows pop up

Report •

#1
May 2, 2013 at 05:17:16
✔ Best Answer
"Is it a virus or malware that has infected my lenovo?"

Lets find out.

1: Download & run Unhide
http://www.bleepingcomputer.com/for...
http://download.bleepingcomputer.co...
A introduction as to what this program does.
http://www.bleepingcomputer.com/for...
For those of you who no longer have the %Temp%\Smtmp folder, you will not be able to use Unhide to restore your Start Menu items. With this in mind, I have created some scripts to restore the default Start Menu for specific versions of Windows that I have access to. You can view the available versions below. I will be adding more as time goes on.
Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run, it does take some time, be patient. This program will remove the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run.
When Unhide is complete, it will create a logfile on the Windows Desktop called Unhide.txt. Let me know if it dosn't produce a log please.

2: Reboot

3: Run TDSSKiller & post the contents of the log.
http://www.softpedia.com/get/Antivi...
http://www.softpedia.com/progScreen...
http://support.kaspersky.com/faq/?q...
http://support.kaspersky.com/viruse...


Report •

#2
May 2, 2013 at 08:01:57
Thanks for your answer, I've run the Unhide and TDSS Killer. It says that it had found a suspicious objects :
Service type : Kernel driver (0x1)
File : C://WINDOWS/system32/Driver/sptd.sys
MD5 : D15DA1BA189770D93EEA2D7E18F95AF9


and also, here's the log files from Unhide :
Unhide by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Unhide.exe can be found at this link:
http://www.bleepingcomputer.com/for...

Program started at: 05/02/2013 09:43:06 PM
Windows Version: Windows XP

Please be patient while your files are made visible again.

Processing the C:\ drive
Finished processing the C:\ drive. 190547 files processed.

Processing the E:\ drive
Finished processing the E:\ drive. 7955 files processed.

Processing the G:\ drive
Finished processing the G:\ drive. 0 files processed.

The C:\DOCUME~1\user\LOCALS~1\Temp\smtmp\ folder does not exist!!
Unhide cannot restore your missing shortcuts!!
Please see this topic in order to learn how to restore default
Start Menu shortcuts: http://www.bleepingcomputer.com/for...

Searching for Windows Registry changes made by FakeHDD rogues.
- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
- Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
No registry changes detected.

Program finished at: 05/02/2013 09:50:23 PM
Execution time: 0 hours(s), 7 minute(s), and 17 seconds(s)


Report •

#3
May 2, 2013 at 15:00:18
Don't know what TDSSKiller has done, without the full log.
support.kaspersky.com/faq/?qid=208280684
Did you click on 3:

4: Run Malwarebytes' Anti-Malware ( MBAM ) Free Version. Use Quick scan. Copy and Paste the contents of the log please.
http://www.softpedia.com/get/Antivi...
http://www.softpedia.com/progScreen...
http://i.imgur.com/3DtG68Y.gif
http://www.malwarebytes.org/mbam.php
http://www.spywareinfoforum.com/ind...
http://www.bleepingcomputer.com/vir...
If your MBAM log indicates "No action taken." That's usually a result of NOT clicking the Remove Selected button after the scan.
Quick Scan versus Full Scan
http://forums.malwarebytes.org/inde...



Report •

Related Solutions

#4
May 2, 2013 at 17:16:38
Did you mean the full log with .txt file in the root folder? Sorry, I though you'd only need the log from unhide. I'll post the log file below this one, Also, I found the .sptd 'suspicious' from the first scan of TDSS and chose to delete it. Then I got something wrong with my Daemon.

Report •

#5
May 2, 2013 at 17:20:46
21:35:58.0750 2892 Current date / time: 2013/05/02 21:35:58.0750
21:35:58.0750 2892 SystemInfo:
21:35:58.0750 2892
21:35:58.0750 2892 OS Version: 5.1.2600 ServicePack: 2.0
21:35:58.0750 2892 Product type: Workstation
21:35:58.0750 2892 ComputerName: AGN
21:35:58.0750 2892 UserName: user
21:35:58.0750 2892 Windows directory: C:\WINDOWS
21:35:58.0750 2892 System windows directory: C:\WINDOWS
21:35:58.0750 2892 Processor architecture: Intel x86
21:35:58.0750 2892 Number of processors: 2
21:35:58.0750 2892 Page size: 0x1000
21:35:58.0750 2892 Boot type: Normal boot
21:35:58.0750 2892 ============================================================
21:36:00.0312 2892 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:36:00.0312 2892 ============================================================
21:36:00.0312 2892 \Device\Harddisk0\DR0:
21:36:00.0312 2892 MBR partitions:
21:36:00.0312 2892 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1387F72E
21:36:00.0312 2892 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1387F76D, BlocksNum 0x11BADF54
21:36:00.0312 2892 ============================================================
21:36:00.0343 2892 C: <-> \Device\Harddisk0\DR0\Partition1
21:36:00.0406 2892 E: <-> \Device\Harddisk0\DR0\Partition2
21:36:00.0406 2892 ============================================================
21:36:00.0406 2892 Initialize success
21:36:00.0406 2892 ============================================================
21:36:05.0046 6108 ============================================================
21:36:05.0046 6108 Scan started
21:36:05.0046 6108 Mode: Manual;
21:36:05.0046 6108 ============================================================
21:36:06.0812 6108 ================ Scan system memory ========================
21:36:06.0828 6108 System memory - ok
21:36:06.0828 6108 ================ Scan services =============================
21:36:06.0906 6108 Abiosdsk - ok
21:36:06.0906 6108 abp480n5 - ok
21:36:06.0953 6108 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:36:06.0968 6108 ACPI - ok
21:36:06.0984 6108 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
21:36:07.0015 6108 ACPIEC - ok
21:36:07.0046 6108 [ 5508E9F55799C6551D54DFBC4A068B68 ] ACPIVPC C:\WINDOWS\system32\DRIVERS\AcpiVpc.sys
21:36:07.0062 6108 ACPIVPC - ok
21:36:07.0156 6108 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:36:07.0156 6108 AdobeFlashPlayerUpdateSvc - ok
21:36:07.0171 6108 adpu160m - ok
21:36:07.0203 6108 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:36:07.0218 6108 aec - ok
21:36:07.0265 6108 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:36:07.0281 6108 AFD - ok
21:36:07.0296 6108 Aha154x - ok
21:36:07.0296 6108 aic78u2 - ok
21:36:07.0296 6108 aic78xx - ok
21:36:07.0328 6108 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:36:07.0328 6108 Alerter - ok
21:36:07.0359 6108 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
21:36:07.0359 6108 ALG - ok
21:36:07.0359 6108 AliIde - ok
21:36:07.0359 6108 amsint - ok
21:36:07.0406 6108 [ 9C3C12975C97119412802B181FBEEFFE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:36:07.0406 6108 AppMgmt - ok
21:36:07.0437 6108 [ 875F9079CABEE679D34B49E466B61701 ] Asapi C:\WINDOWS\system32\drivers\Asapi.sys
21:36:07.0453 6108 Asapi - ok
21:36:07.0453 6108 asc - ok
21:36:07.0468 6108 asc3350p - ok
21:36:07.0468 6108 asc3550 - ok
21:36:07.0578 6108 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:36:07.0593 6108 aspnet_state - ok
21:36:07.0625 6108 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:36:07.0640 6108 AsyncMac - ok
21:36:07.0687 6108 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:36:07.0703 6108 atapi - ok
21:36:07.0703 6108 Atdisk - ok
21:36:07.0703 6108 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:36:07.0718 6108 Atmarpc - ok
21:36:07.0765 6108 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:36:07.0765 6108 AudioSrv - ok
21:36:07.0812 6108 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:36:07.0828 6108 audstub - ok
21:36:07.0968 6108 [ D45B7995761253A92AB071D576114F28 ] AVG Security Toolbar Service C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
21:36:08.0062 6108 AVG Security Toolbar Service - ok
21:36:08.0109 6108 [ C4D15594DB5BE042D3346EA58DF87D89 ] avg9wd C:\Program Files\AVG\AVG9\avgwdsvc.exe
21:36:08.0109 6108 avg9wd - ok
21:36:08.0156 6108 [ FA6336F05695E39995884D0C959C9608 ] Avgfwdx C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
21:36:08.0187 6108 Avgfwdx - ok
21:36:08.0187 6108 [ FA6336F05695E39995884D0C959C9608 ] Avgfwfd C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
21:36:08.0187 6108 Avgfwfd - ok
21:36:08.0296 6108 [ 0F38E92D794DF187BA060939C552484F ] avgfws9 C:\Program Files\AVG\AVG9\avgfws9.exe
21:36:08.0328 6108 avgfws9 - ok
21:36:08.0546 6108 [ ABC81401A433F90414168E027AA6CC48 ] AVGIDSAgent C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
21:36:08.0609 6108 AVGIDSAgent - ok
21:36:08.0640 6108 [ 97670687F6C8F35E7B611F2CE1F94472 ] AVGIDSDriverxpx C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys
21:36:08.0671 6108 AVGIDSDriverxpx - ok
21:36:08.0703 6108 [ 277FC6B0F0BE23BAE7E63F184034B2FE ] AVGIDSErHrxpx C:\WINDOWS\system32\Drivers\AVGIDSxx.sys
21:36:08.0734 6108 AVGIDSErHrxpx - ok

Report •

#6
May 2, 2013 at 17:21:13
21:36:08.0734 6108 [ DBA65F23B686BDF043BBB54E55C72887 ] AVGIDSFilterxpx C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys
21:36:08.0765 6108 AVGIDSFilterxpx - ok
21:36:08.0781 6108 [ A552461AAB7A36C2465FF19E59AF08BF ] AVGIDSShimxpx C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys
21:36:08.0812 6108 AVGIDSShimxpx - ok
21:36:08.0859 6108 [ A9F4D19DE72C738759330D10D35C4398 ] AvgLdx86 C:\WINDOWS\System32\Drivers\avgldx86.sys
21:36:08.0890 6108 AvgLdx86 - ok
21:36:08.0906 6108 [ 80FF2B1B7EEDA966394F0BAA895BBF4B ] AvgMfx86 C:\WINDOWS\System32\Drivers\avgmfx86.sys
21:36:08.0921 6108 AvgMfx86 - ok
21:36:08.0953 6108 [ 5BBCD8646074A3AF4EE9B321D12C2B64 ] AvgRkx86 C:\WINDOWS\system32\Drivers\avgrkx86.sys
21:36:08.0984 6108 AvgRkx86 - ok
21:36:09.0031 6108 [ 9A7A93388F503A34E7339AE7F9997449 ] AvgTdiX C:\WINDOWS\System32\Drivers\avgtdix.sys
21:36:09.0078 6108 AvgTdiX - ok
21:36:09.0093 6108 [ CAE7B6E4D7EB17829C526153D19B9C95 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
21:36:09.0125 6108 avgtp - ok
21:36:09.0187 6108 [ E470738B601A7FBB1E1C34CEC8355F5D ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
21:36:09.0203 6108 b57w2k - ok
21:36:09.0265 6108 [ 164A0AC9EF86EF4B9C5BC6081F9ACBEB ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
21:36:09.0312 6108 BCM43XX - ok
21:36:09.0328 6108 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:36:09.0343 6108 Beep - ok
21:36:09.0390 6108 [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS C:\WINDOWS\system32\qmgr.dll
21:36:09.0421 6108 BITS - ok
21:36:09.0468 6108 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:36:09.0468 6108 Bonjour Service - ok
21:36:09.0500 6108 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser C:\WINDOWS\System32\browser.dll
21:36:09.0500 6108 Browser - ok
21:36:09.0546 6108 [ B6E16DA77EAFE84A8C5BC44784FEEAEA ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
21:36:09.0578 6108 btaudio - ok
21:36:09.0625 6108 [ 58A49BD10E08D3D4333A60DEDCB1CED8 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
21:36:09.0656 6108 BTDriver - ok
21:36:09.0687 6108 [ EF5E0DE0A7CA2977A9255F36F4D915AB ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
21:36:09.0734 6108 BTKRNL - ok
21:36:09.0781 6108 [ 68CB792CA9AA6EC7A6C0C6DB655BFE8B ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
21:36:09.0781 6108 btwdins - ok
21:36:09.0781 6108 [ 80F61DE965C116051614AC2F04222FF7 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
21:36:09.0812 6108 BTWDNDIS - ok
21:36:09.0812 6108 [ E48668B4A6A5CF68B33AECAD18EE8E1E ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
21:36:09.0843 6108 btwhid - ok
21:36:09.0859 6108 [ 053DC5BE74621B63BB48C2B86BAFC7B0 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
21:36:09.0875 6108 BTWUSB - ok
21:36:09.0984 6108 [ A60E0A5EDE7684A05927E8BB68D3E44A ] Cam5607 C:\WINDOWS\system32\Drivers\BisonC07.sys
21:36:10.0015 6108 Cam5607 - ok
21:36:10.0046 6108 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:36:10.0062 6108 cbidf2k - ok
21:36:10.0078 6108 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:36:10.0093 6108 CCDECODE - ok
21:36:10.0093 6108 cd20xrnt - ok
21:36:10.0125 6108 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:36:10.0140 6108 Cdaudio - ok
21:36:10.0187 6108 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:36:10.0203 6108 Cdfs - ok
21:36:10.0250 6108 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:36:10.0265 6108 Cdrom - ok
21:36:10.0281 6108 Changer - ok
21:36:10.0312 6108 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:36:10.0312 6108 CiSvc - ok
21:36:10.0328 6108 [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:36:10.0328 6108 ClipSrv - ok
21:36:10.0390 6108 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:36:10.0515 6108 clr_optimization_v2.0.50727_32 - ok
21:36:10.0546 6108 [ 4266BE808F85826AEDF3C64C1E240203 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
21:36:10.0562 6108 CmBatt - ok
21:36:10.0562 6108 CmdIde - ok
21:36:10.0578 6108 [ DF1B1A24BF52D0EBC01ED4ECE8979F50 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
21:36:10.0609 6108 Compbatt - ok
21:36:10.0609 6108 COMSysApp - ok
21:36:10.0625 6108 Cpqarray - ok
21:36:10.0640 6108 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:36:10.0656 6108 CryptSvc - ok
21:36:10.0656 6108 dac2w2k - ok
21:36:10.0656 6108 dac960nt - ok
21:36:10.0718 6108 [ 24B5D53B9ACCC1E2EDCF0A878D6659D4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:36:10.0734 6108 DcomLaunch - ok
21:36:10.0750 6108 [ CB6CA3E5261D65F6F809EED23BF167AA ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:36:10.0750 6108 Dhcp - ok
21:36:10.0765 6108 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:36:10.0781 6108 Disk - ok
21:36:10.0796 6108 dmadmin - ok
21:36:10.0843 6108 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:36:10.0875 6108 dmboot - ok
21:36:10.0890 6108 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:36:10.0906 6108 dmio - ok
21:36:10.0937 6108 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:36:10.0953 6108 dmload - ok
21:36:10.0953 6108 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
21:36:10.0953 6108 dmserver - ok
21:36:10.0984 6108 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:36:11.0000 6108 DMusic - ok
21:36:11.0015 6108 [ 7379DE06FD196E396A00AA97B990C00D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:36:11.0031 6108 Dnscache - ok
21:36:11.0031 6108 dpti2o - ok
21:36:11.0046 6108 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:36:11.0062 6108 drmkaud - ok
21:36:11.0062 6108 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:36:11.0062 6108 ERSvc - ok
21:36:11.0078 6108 [ 4712531AB7A01B7EE059853CA17D39BD ] Eventlog C:\WINDOWS\system32\services.exe
21:36:11.0078 6108 Eventlog - ok
21:36:11.0140 6108 [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem C:\WINDOWS\system32\es.dll
21:36:11.0140 6108 EventSystem - ok
21:36:11.0156 6108 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:36:11.0187 6108 Fastfat - ok
21:36:11.0203 6108 [ E7518DC542D3EBDCB80EDD98462C7821 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:36:11.0234 6108 FastUserSwitchingCompatibility - ok
21:36:11.0265 6108 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
21:36:11.0281 6108 Fdc - ok
21:36:11.0296 6108 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:36:11.0312 6108 Fips - ok
21:36:11.0421 6108 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:36:11.0468 6108 FLEXnet Licensing Service - ok
21:36:11.0484 6108 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
21:36:11.0500 6108 Flpydisk - ok
21:36:11.0515 6108 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:36:11.0546 6108 FltMgr - ok
21:36:11.0625 6108 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:36:11.0625 6108 FontCache3.0.0.0 - ok
21:36:11.0640 6108 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:36:11.0656 6108 Fs_Rec - ok
21:36:11.0703 6108 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:36:11.0718 6108 Ftdisk - ok
21:36:11.0734 6108 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:36:11.0750 6108 Gpc - ok
21:36:11.0828 6108 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:36:11.0828 6108 gupdate - ok
21:36:11.0843 6108 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:36:11.0843 6108 gupdatem - ok
21:36:11.0906 6108 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:36:11.0906 6108 HDAudBus - ok
21:36:12.0000 6108 [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:36:12.0000 6108 helpsvc - ok
21:36:12.0046 6108 [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ C:\WINDOWS\System32\hidserv.dll
21:36:12.0046 6108 HidServ - ok
21:36:12.0078 6108 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:36:12.0093 6108 HidUsb - ok
21:36:12.0093 6108 hpn - ok
21:36:12.0187 6108 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
21:36:12.0203 6108 hpqcxs08 - ok
21:36:12.0218 6108 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
21:36:12.0218 6108 hpqddsvc - ok

Report •

#7
May 2, 2013 at 17:21:51
21:36:12.0312 6108 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:36:12.0328 6108 HTTP - ok
21:36:12.0343 6108 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:36:12.0390 6108 HTTPFilter - ok
21:36:12.0390 6108 i2omgmt - ok
21:36:12.0390 6108 i2omp - ok
21:36:12.0421 6108 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:36:12.0437 6108 i8042prt - ok
21:36:12.0750 6108 [ B2768350BB50469AEB1AFE694372B613 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
21:36:13.0015 6108 ialm - ok
21:36:13.0125 6108 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:36:13.0156 6108 IDriverT - ok
21:36:13.0218 6108 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:36:13.0218 6108 idsvc - ok
21:36:13.0281 6108 [ A06EFD4965F8A3F97A8C9A291D032678 ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
21:36:13.0281 6108 IJPLMSVC - ok
21:36:13.0328 6108 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:36:13.0343 6108 Imapi - ok
21:36:13.0390 6108 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\system32\imapi.exe
21:36:13.0390 6108 ImapiService - ok
21:36:13.0390 6108 ini910u - ok
21:36:13.0578 6108 [ 9214948F697EA74203C4FBB23530E2B5 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:36:13.0718 6108 IntcAzAudAddService - ok
21:36:13.0734 6108 IntelIde - ok
21:36:13.0781 6108 [ 279FB78702454DFF2BB445F238C048D2 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:36:13.0781 6108 intelppm - ok
21:36:13.0796 6108 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:36:13.0812 6108 Ip6Fw - ok
21:36:13.0843 6108 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:36:13.0859 6108 IpFilterDriver - ok
21:36:13.0859 6108 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:36:13.0906 6108 IpInIp - ok
21:36:13.0921 6108 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:36:13.0921 6108 IpNat - ok
21:36:13.0937 6108 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:36:13.0953 6108 IPSec - ok
21:36:13.0984 6108 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:36:14.0000 6108 IRENUM - ok
21:36:14.0015 6108 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:36:14.0031 6108 isapnp - ok
21:36:14.0109 6108 [ 2F03CEB28307983F3B36216D35FFA5AA ] ISODrive C:\Program Files\UltraISO\drivers\ISODrive.sys
21:36:14.0140 6108 ISODrive - ok
21:36:14.0265 6108 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
21:36:14.0265 6108 JavaQuickStarterService - ok
21:36:14.0312 6108 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:36:14.0328 6108 Kbdclass - ok
21:36:14.0343 6108 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:36:14.0343 6108 kmixer - ok
21:36:14.0375 6108 [ 1BE7CC2535D760AE4D481576EB789F24 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:36:14.0390 6108 KSecDD - ok
21:36:14.0437 6108 [ 93D32468D34E000CB3407947D1D6E22A ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
21:36:14.0437 6108 lanmanserver - ok
21:36:14.0484 6108 [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:36:14.0484 6108 lanmanworkstation - ok
21:36:14.0500 6108 lbrtfdc - ok
21:36:14.0515 6108 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:36:14.0531 6108 LmHosts - ok
21:36:14.0578 6108 [ 8FD868E32459ECE2A1BB0169F513D31E ] mcdbus C:\WINDOWS\system32\DRIVERS\mcdbus.sys
21:36:14.0609 6108 mcdbus - ok
21:36:14.0671 6108 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
21:36:14.0687 6108 MDM - ok
21:36:14.0703 6108 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:36:14.0734 6108 Messenger - ok
21:36:14.0812 6108 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:36:14.0843 6108 Microsoft Office Groove Audit Service - ok
21:36:14.0890 6108 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:36:14.0906 6108 mnmdd - ok
21:36:14.0953 6108 [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
21:36:14.0968 6108 mnmsrvc - ok
21:36:15.0000 6108 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:36:15.0015 6108 Modem - ok
21:36:15.0015 6108 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:36:15.0031 6108 Mouclass - ok
21:36:15.0078 6108 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:36:15.0093 6108 mouhid - ok
21:36:15.0140 6108 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:36:15.0156 6108 MountMgr - ok
21:36:15.0265 6108 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:36:15.0312 6108 MozillaMaintenance - ok
21:36:15.0312 6108 mraid35x - ok
21:36:15.0312 6108 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:36:15.0328 6108 MRxDAV - ok
21:36:15.0375 6108 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:36:15.0468 6108 MRxSmb - ok
21:36:15.0500 6108 [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
21:36:15.0531 6108 MSDTC - ok
21:36:15.0578 6108 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:36:15.0593 6108 Msfs - ok
21:36:15.0593 6108 MSIServer - ok
21:36:15.0609 6108 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:36:15.0625 6108 MSKSSRV - ok
21:36:15.0656 6108 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:36:15.0671 6108 MSPCLOCK - ok
21:36:15.0687 6108 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:36:15.0703 6108 MSPQM - ok
21:36:15.0734 6108 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:36:15.0734 6108 mssmbios - ok
21:36:15.0765 6108 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:36:15.0781 6108 MSTEE - ok
21:36:16.0078 6108 [ 73FA09B84B23A1897809A84F976D5D99 ] msvsmon80 C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe
21:36:16.0171 6108 msvsmon80 - ok
21:36:16.0218 6108 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:36:16.0250 6108 Mup - ok
21:36:16.0265 6108 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:36:16.0281 6108 NABTSFEC - ok
21:36:16.0312 6108 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:36:16.0359 6108 NDIS - ok
21:36:16.0359 6108 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:36:16.0375 6108 NdisIP - ok
21:36:16.0421 6108 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:36:16.0437 6108 NdisTapi - ok
21:36:16.0484 6108 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:36:16.0500 6108 Ndisuio - ok
21:36:16.0500 6108 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:36:16.0515 6108 NdisWan - ok
21:36:16.0531 6108 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:36:16.0546 6108 NDProxy - ok
21:36:16.0593 6108 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
21:36:16.0593 6108 Net Driver HPZ12 - ok
21:36:16.0609 6108 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:36:16.0625 6108 NetBIOS - ok
21:36:16.0640 6108 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:36:16.0656 6108 NetBT - ok
21:36:16.0703 6108 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
21:36:16.0734 6108 NetDDE - ok
21:36:16.0734 6108 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:36:16.0734 6108 NetDDEdsdm - ok
21:36:16.0781 6108 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:36:16.0781 6108 Netlogon - ok

Report •

#8
May 2, 2013 at 17:22:44
21:36:16.0828 6108 [ DAB9E6C7105D2EF49876FE92C524F565 ] Netman C:\WINDOWS\System32\netman.dll
21:36:16.0843 6108 Netman - ok
21:36:16.0890 6108 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:36:16.0890 6108 NetTcpPortSharing - ok
21:36:16.0906 6108 [ 097722F235A1FB698BF9234E01B52637 ] Nla C:\WINDOWS\System32\mswsock.dll
21:36:16.0906 6108 Nla - ok
21:36:16.0921 6108 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:36:16.0937 6108 Npfs - ok
21:36:16.0968 6108 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:36:17.0000 6108 Ntfs - ok
21:36:17.0031 6108 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
21:36:17.0031 6108 NtLmSsp - ok
21:36:17.0062 6108 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:36:17.0125 6108 NtmsSvc - ok
21:36:17.0156 6108 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:36:17.0171 6108 Null - ok
21:36:17.0203 6108 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:36:17.0218 6108 NwlnkFlt - ok
21:36:17.0234 6108 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:36:17.0250 6108 NwlnkFwd - ok
21:36:17.0328 6108 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:36:17.0437 6108 odserv - ok
21:36:17.0500 6108 [ 29B143863AD781E18AD8C62E98AB665E ] OpcEnum C:\WINDOWS\system32\OpcEnum.exe
21:36:17.0546 6108 OpcEnum - ok
21:36:17.0546 6108 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:36:17.0593 6108 ose - ok
21:36:17.0625 6108 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
21:36:17.0640 6108 Parport - ok
21:36:17.0656 6108 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:36:17.0671 6108 PartMgr - ok
21:36:17.0703 6108 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:36:17.0703 6108 ParVdm - ok
21:36:17.0718 6108 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:36:17.0750 6108 PCI - ok
21:36:17.0750 6108 PCIDump - ok
21:36:17.0750 6108 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:36:17.0765 6108 PCIIde - ok
21:36:17.0796 6108 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:36:17.0828 6108 Pcmcia - ok
21:36:17.0828 6108 PDCOMP - ok
21:36:17.0828 6108 PDFRAME - ok
21:36:17.0843 6108 PDRELI - ok
21:36:17.0843 6108 PDRFRAME - ok
21:36:17.0843 6108 perc2 - ok
21:36:17.0859 6108 perc2hib - ok
21:36:17.0890 6108 [ 4712531AB7A01B7EE059853CA17D39BD ] PlugPlay C:\WINDOWS\system32\services.exe
21:36:17.0890 6108 PlugPlay - ok
21:36:17.0937 6108 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
21:36:17.0937 6108 Pml Driver HPZ12 - ok
21:36:17.0953 6108 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:36:17.0953 6108 PolicyAgent - ok
21:36:17.0968 6108 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:36:17.0984 6108 PptpMiniport - ok
21:36:17.0984 6108 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:36:17.0984 6108 ProtectedStorage - ok
21:36:18.0000 6108 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:36:18.0015 6108 PSched - ok
21:36:18.0015 6108 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:36:18.0031 6108 Ptilink - ok
21:36:18.0062 6108 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:36:18.0093 6108 PxHelp20 - ok
21:36:18.0125 6108 [ 562DCDD45902F1863B4B120F0633258B ] qcusbser C:\WINDOWS\system32\DRIVERS\cmusbser.sys
21:36:18.0140 6108 qcusbser - ok
21:36:18.0140 6108 ql1080 - ok
21:36:18.0156 6108 Ql10wnt - ok
21:36:18.0156 6108 ql12160 - ok
21:36:18.0156 6108 ql1240 - ok
21:36:18.0171 6108 ql1280 - ok
21:36:18.0187 6108 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:36:18.0203 6108 RasAcd - ok
21:36:18.0234 6108 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:36:18.0250 6108 RasAuto - ok
21:36:18.0281 6108 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:36:18.0296 6108 Rasl2tp - ok
21:36:18.0328 6108 [ 41A3C11E3517C962C9B44893BCEC3B34 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:36:18.0328 6108 RasMan - ok
21:36:18.0328 6108 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:36:18.0359 6108 RasPppoe - ok
21:36:18.0359 6108 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:36:18.0390 6108 Raspti - ok
21:36:18.0406 6108 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:36:18.0437 6108 Rdbss - ok
21:36:18.0453 6108 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:36:18.0468 6108 RDPCDD - ok
21:36:18.0500 6108 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:36:18.0515 6108 rdpdr - ok
21:36:18.0531 6108 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:36:18.0562 6108 RDPWD - ok
21:36:18.0609 6108 [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:36:18.0656 6108 RDSessMgr - ok
21:36:18.0671 6108 [ B31B4588E4086D8D84ADBF9845C2402B ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:36:18.0687 6108 redbook - ok
21:36:18.0718 6108 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:36:18.0734 6108 RemoteAccess - ok
21:36:18.0765 6108 [ 3151427DB7D87107D1C5BE58FAC53960 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:36:18.0765 6108 RemoteRegistry - ok
21:36:18.0812 6108 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
21:36:18.0843 6108 RimUsb - ok
21:36:18.0875 6108 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
21:36:18.0890 6108 RimVSerPort - ok
21:36:18.0937 6108 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
21:36:18.0953 6108 ROOTMODEM - ok
21:36:19.0015 6108 [ AFD61A7C48A3E15C86A6FADF0B69A2E4 ] Roxio UPnP Renderer 9 C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
21:36:19.0046 6108 Roxio UPnP Renderer 9 - ok
21:36:19.0093 6108 [ EFBB36E2BB02169D26E9980778FC20D3 ] Roxio Upnp Server 9 C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
21:36:19.0093 6108 Roxio Upnp Server 9 - ok
21:36:19.0156 6108 [ E06224CF971D33A680E852DFA212A8AB ] RoxLiveShare9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
21:36:19.0156 6108 RoxLiveShare9 - ok
21:36:19.0203 6108 [ FB68FD9505AB89416D70A0E8A5C49E45 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
21:36:19.0296 6108 RoxMediaDB9 - ok
21:36:19.0328 6108 [ D6BDB50D2A28FF70CE60B4D995F0143A ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
21:36:19.0328 6108 RoxWatch9 - ok
21:36:19.0390 6108 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\system32\locator.exe
21:36:19.0406 6108 RpcLocator - ok
21:36:19.0421 6108 [ 24B5D53B9ACCC1E2EDCF0A878D6659D4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:36:19.0437 6108 RpcSs - ok
21:36:19.0468 6108 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
21:36:19.0500 6108 RSVP - ok
21:36:19.0531 6108 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
21:36:19.0531 6108 SamSs - ok
21:36:19.0562 6108 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:36:19.0578 6108 SCardSvr - ok
21:36:19.0609 6108 [ 92360854316611F6CC471612213C3D92 ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:36:19.0625 6108 Schedule - ok
21:36:19.0640 6108 [ 07F7F501AD50DE2BA2D5842D9B6D6155 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:36:19.0656 6108 Secdrv - ok
21:36:19.0671 6108 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
21:36:19.0671 6108 seclogon - ok
21:36:19.0687 6108 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
21:36:19.0687 6108 SENS - ok

Report •

#9
May 2, 2013 at 17:23:12
21:36:19.0781 6108 [ 731D9B3DE4BC0A3E0830B9BF9DBCE2A5 ] SentinelKeysServer C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
21:36:19.0781 6108 SentinelKeysServer - ok
21:36:19.0796 6108 [ 925E88D7C5A51E25769D9CEB4F7F2E85 ] SentinelProtectionServer C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
21:36:19.0796 6108 SentinelProtectionServer - ok
21:36:19.0812 6108 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
21:36:19.0812 6108 Serial - ok
21:36:19.0828 6108 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:36:19.0843 6108 Sfloppy - ok
21:36:19.0890 6108 [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:36:19.0890 6108 SharedAccess - ok
21:36:19.0921 6108 [ E7518DC542D3EBDCB80EDD98462C7821 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:36:19.0921 6108 ShellHWDetection - ok
21:36:19.0921 6108 Simbad - ok
21:36:19.0921 6108 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:36:19.0937 6108 SLIP - ok
21:36:20.0031 6108 [ 5E62BA073C90E6C9D4EA199D6080F919 ] smserial C:\WINDOWS\system32\DRIVERS\smserial.sys
21:36:20.0093 6108 smserial - ok
21:36:20.0093 6108 Sparrow - ok
21:36:20.0109 6108 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:36:20.0125 6108 splitter - ok
21:36:20.0140 6108 [ 7435B108B935E42EA92CA94F59C8E717 ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:36:20.0156 6108 Spooler - ok
21:36:20.0218 6108 [ D15DA1BA189770D93EEA2D7E18F95AF9 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
21:36:20.0312 6108 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: D15DA1BA189770D93EEA2D7E18F95AF9
21:36:20.0312 6108 sptd ( LockedFile.Multi.Generic ) - warning
21:36:20.0312 6108 sptd - detected LockedFile.Multi.Generic (1)
21:36:20.0359 6108 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:36:20.0437 6108 sr - ok
21:36:20.0453 6108 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice C:\WINDOWS\system32\srsvc.dll
21:36:20.0453 6108 srservice - ok
21:36:20.0484 6108 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:36:20.0500 6108 Srv - ok
21:36:20.0531 6108 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:36:20.0531 6108 SSDPSRV - ok
21:36:20.0562 6108 [ D9F6C4F6B1E188ADAFC42B561D9BC2E6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:36:20.0578 6108 stisvc - ok
21:36:20.0578 6108 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:36:20.0593 6108 streamip - ok
21:36:20.0609 6108 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:36:20.0625 6108 swenum - ok
21:36:20.0671 6108 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:36:20.0671 6108 swmidi - ok
21:36:20.0671 6108 SwPrv - ok
21:36:20.0671 6108 symc810 - ok
21:36:20.0687 6108 symc8xx - ok
21:36:20.0687 6108 sym_hi - ok
21:36:20.0687 6108 sym_u3 - ok
21:36:20.0734 6108 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:36:20.0734 6108 sysaudio - ok
21:36:20.0750 6108 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:36:20.0781 6108 SysmonLog - ok
21:36:20.0812 6108 [ EB4A4187D74A8EFDCBEA3EA2CB1BDFBD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:36:20.0812 6108 TapiSrv - ok
21:36:20.0843 6108 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:36:20.0875 6108 Tcpip - ok
21:36:20.0890 6108 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:36:20.0906 6108 TDPIPE - ok
21:36:20.0921 6108 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:36:20.0937 6108 TDTCP - ok
21:36:20.0937 6108 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:36:20.0968 6108 TermDD - ok
21:36:20.0984 6108 [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService C:\WINDOWS\System32\termsrv.dll
21:36:20.0984 6108 TermService - ok
21:36:21.0015 6108 [ E7518DC542D3EBDCB80EDD98462C7821 ] Themes C:\WINDOWS\System32\shsvcs.dll
21:36:21.0015 6108 Themes - ok
21:36:21.0046 6108 [ 37DB0A7D097310E8B4DE803FC3119C78 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
21:36:21.0062 6108 TlntSvr - ok
21:36:21.0078 6108 TosIde - ok
21:36:21.0093 6108 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:36:21.0093 6108 TrkWks - ok
21:36:21.0125 6108 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:36:21.0140 6108 Udfs - ok
21:36:21.0156 6108 ultra - ok
21:36:21.0187 6108 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
21:36:21.0187 6108 UMWdf - ok
21:36:21.0218 6108 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:36:21.0234 6108 Update - ok
21:36:21.0265 6108 [ 0546477BDE979E33294FE97F6B3DE84A ] upnphost C:\WINDOWS\System32\upnphost.dll
21:36:21.0312 6108 upnphost - ok
21:36:21.0328 6108 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
21:36:21.0359 6108 UPS - ok
21:36:21.0406 6108 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:36:21.0421 6108 usbccgp - ok
21:36:21.0468 6108 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:36:21.0484 6108 usbehci - ok
21:36:21.0484 6108 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:36:21.0500 6108 usbhub - ok
21:36:21.0562 6108 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:36:21.0578 6108 usbprint - ok
21:36:21.0609 6108 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:36:21.0625 6108 usbscan - ok
21:36:21.0625 6108 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:36:21.0640 6108 usbstor - ok
21:36:21.0671 6108 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:36:21.0687 6108 usbuhci - ok
21:36:21.0718 6108 [ 8968FF3973A883C49E8B564200F565B9 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
21:36:21.0734 6108 usbvideo - ok
21:36:21.0750 6108 [ AE4DF3B7D1DB9373B08DB4ED224E26B6 ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
21:36:21.0765 6108 usb_rndisx - ok
21:36:21.0796 6108 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:36:21.0812 6108 VgaSave - ok
21:36:21.0812 6108 ViaIde - ok
21:36:21.0828 6108 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:36:21.0859 6108 VolSnap - ok
21:36:21.0906 6108 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
21:36:21.0937 6108 VSS - ok
21:36:22.0062 6108 [ 3AD1E72748978D8B0B3B674741E4C3E2 ] vToolbarUpdater14.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
21:36:22.0078 6108 vToolbarUpdater14.2.0 - ok
21:36:22.0125 6108 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time C:\WINDOWS\system32\w32time.dll
21:36:22.0125 6108 W32Time - ok
21:36:22.0140 6108 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:36:22.0156 6108 Wanarp - ok
21:36:22.0218 6108 [ 46A247F6617526AFE38B6F12F5512120 ] wceusbsh C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
21:36:22.0250 6108 wceusbsh - ok
21:36:22.0250 6108 WDICA - ok
21:36:22.0281 6108 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:36:22.0296 6108 wdmaud - ok
21:36:22.0312 6108 [ 5D0A442864BFBF3B19DCCA4CD29F6E99 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:36:22.0312 6108 WebClient - ok
21:36:22.0390 6108 [ F399242A80C4066FD155EFA4CF96658E ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:36:22.0390 6108 winmgmt - ok
21:36:22.0421 6108 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:36:22.0453 6108 WmdmPmSN - ok
21:36:22.0484 6108 [ E8E57B0F9EB03D1AABEC28D550C75116 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:36:22.0500 6108 Wmi - ok
21:36:22.0500 6108 [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
21:36:22.0500 6108 WmiAcpi - ok
21:36:22.0531 6108 [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:36:22.0578 6108 WmiApSrv - ok
21:36:22.0609 6108 [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:36:22.0609 6108 wscsvc - ok
21:36:22.0640 6108 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:36:22.0656 6108 WSTCODEC - ok
21:36:22.0687 6108 [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:36:22.0703 6108 wuauserv - ok
21:36:22.0734 6108 [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:36:22.0734 6108 WZCSVC - ok
21:36:22.0765 6108 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:36:22.0796 6108 xmlprov - ok
21:36:22.0906 6108 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
21:36:22.0921 6108 YahooAUService - ok
21:36:22.0937 6108 ================ Scan global ===============================
21:36:22.0984 6108 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
21:36:22.0984 6108 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
21:36:23.0000 6108 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
21:36:23.0015 6108 [ 4712531AB7A01B7EE059853CA17D39BD ] C:\WINDOWS\system32\services.exe
21:36:23.0015 6108 [Global] - ok
21:36:23.0015 6108 ================ Scan MBR ==================================
21:36:23.0031 6108 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
21:36:23.0328 6108 \Device\Harddisk0\DR0 - ok
21:36:23.0328 6108 ================ Scan VBR ==================================
21:36:23.0328 6108 [ CE122B17506CBB06F534F48399FA6371 ] \Device\Harddisk0\DR0\Partition1
21:36:23.0328 6108 \Device\Harddisk0\DR0\Partition1 - ok
21:36:23.0359 6108 [ 07C9CE68C49575B6346CD86EF32B73D5 ] \Device\Harddisk0\DR0\Partition2
21:36:23.0375 6108 \Device\Harddisk0\DR0\Partition2 - ok
21:36:23.0375 6108 ============================================================
21:36:23.0375 6108 Scan finished
21:36:23.0375 6108 ============================================================
21:36:23.0375 2576 Detected object count: 1
21:36:23.0375 2576 Actual detected object count: 1
21:53:37.0125 2576 C:\WINDOWS\system32\Drivers\sptd.sys - copied to quarantine
21:53:37.0125 2576 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
21:53:37.0125 2576 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
21:53:37.0125 2576 C:\WINDOWS\system32\Drivers\sptd.sys - will be deleted on reboot
21:53:37.0125 2576 sptd ( LockedFile.Multi.Generic ) - User select action: Delete
21:53:47.0187 1540 Deinitialize success

Report •

#10
May 2, 2013 at 17:38:38
"Did you mean the full log"
Yep, got what I wanted.

"will be deleted on reboot"
Have you?

"Then I got something wrong with my Daemon"
Run Defogger
http://majorgeeks.com/Defogger_d708...
This program can enable and disable CD emulation, often required in removing difficult malware. Some CD Emulation programs use a hidden driver that may be seen as a rootkit or that will interfere with the proper operation of the anti-rootkit scanner.

Run TDDSKiller again & post a new log please.


Report •

#11
May 2, 2013 at 18:05:01
here's the log files from Malwarebytes :
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.05.02.08

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
user :: AGN [administrator]

Protection: Enabled

03/05/2013 7:39:07
mbam-log-2013-05-03 (07-39-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 244976
Time elapsed: 11 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 41
HKCR\CLSID\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\TypeLib\{F244A744-534D-4A46-855F-C0C7E9F27DAA} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\Interface\{030C9927-10FC-4169-97A2-55BECD5D88D8} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\ShoppingReport2.RprtCtrl.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\ShoppingReport2.RprtCtrl (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\CLSID\{3E2DFD6A-4E20-4D4C-AA8B-E1F9DBEF3C80} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\ShoppingReport2.IEButton.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\ShoppingReport2.IEButton (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\CLSID\{46897C77-E7A6-4c33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Quarantined and deleted successfully.
HKCR\CLSID\{714E0876-FCEE-49CE-A429-B9AD8AEFCB56} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\ShoppingReport2.IEButtonA.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\ShoppingReport2.IEButtonA (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\CLSID\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\ShoppingReport2.HbInfoBand.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\ShoppingReport2.HbInfoBand (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\CLSID\{DD15BCC0-5FE9-4690-A957-99FA60ED9D26} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\ShoppingReport2.HbAx.1 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\ShoppingReport2.HbAx (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\Typelib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\Typelib\{D44FD6F0-9746-484E-B5C4-C66688393872} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649} (Adware.Zwangi) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKCR\CLSID\{A185BBC1-0A7C-6EF7-3093-185B3CADBA08} (Rootkit.ADS) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{A185BBC1-0A7C-6EF7-3093-185B3CADBA08} (Rootkit.ADS) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{A185BBC1-0A7C-6EF7-3093-185B3CADBA08} (Rootkit.ADS) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Mp3Tube (Adware.Mp3Tube) -> Quarantined and deleted successfully.
HKCU\Software\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Mp3Tube (Adware.Mp3Tube) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\BASICSCAN (Adware.Zwangi) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IspAssistant-Mp3Tube (Adware.Adware.MP3TubeToolBar) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2 (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Values Detected: 12
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Data: w|‰F¦ç3L¿ûéÂâq‰B -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping|{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Data: 8 -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping|{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Data: 7 -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{DB38E21A-0133-419d-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping|{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Data: 12 -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{46897C77-E7A6-4c33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|hqtray (Rootkit.ADS) -> Data: C:\WINDOWS\system32:hqtray.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\BasicScan|DllPath (Adware.Zwangi) -> Data: C:\Program Files\BasicScan\basicscan.dll -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bad: (http://mp3tubetoolbar.com/?tmp=toolbar_Mp3Tube_homepage&prt=pinballtbfour04ie&clid=319a76e9c69f4503af82175f8be9ea78) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 12
C:\Documents and Settings\user\Application Data\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\ShoppingReport2\cs (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\ShoppingReport2\cs\db (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\ShoppingReport2\cs\dwld (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\ShoppingReport2\cs\report (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\ShoppingReport2\cs\res2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport2\Bin (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport2\Bin\2.7.21 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
C:\Program Files\Mp3Tube Toolbar (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Mp3Tube Toolbar (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Mp3Tube Toolbar\images (Adware.Mp3Tube) -> Quarantined and deleted successfully.

Files Detected: 29
C:\Program Files\Mp3Tube Toolbar\mp3tubetb.dll (Adware.Mp3Tube) -> Quarantined and deleted successfully.
c:\windows\system32:hqtray.exe (Rootkit.ADS) -> Quarantined and deleted successfully.
c:\windows\system32:hqtray.exe (Rootkit.ADS) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\searchplugins\Mp3Tube.xml (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\ShoppingReport2\cs\Config.xml (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\ShoppingReport2\cs\db\Aliases.dbs (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\ShoppingReport2\cs\db\Sites.dbs (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\ShoppingReport2\cs\dwld\WhiteList.xip (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\ShoppingReport2\cs\report\aggr_storage.xml (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\ShoppingReport2\cs\report\send_storage.xml (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\ShoppingReport2\cs\res2\WhiteList.dbs (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
C:\Program Files\Mp3Tube Toolbar\ffmpeg.exe (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Program Files\Mp3Tube Toolbar\Mp3TubeSvc.exe (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Program Files\Mp3Tube Toolbar\Mp3TubeVideoToMp3.exe (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Program Files\Mp3Tube Toolbar\ShowMsg.exe (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Program Files\Mp3Tube Toolbar\uninstall.exe (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Mp3Tube Toolbar\pref.xml (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Mp3Tube Toolbar\tbconfig.xml (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Mp3Tube Toolbar\tbconfig.xml.bak (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Mp3Tube Toolbar\images\dailyhotdeals.png (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Mp3Tube Toolbar\images\divider.png (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Mp3Tube Toolbar\images\feeditem.png (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Mp3Tube Toolbar\images\games.png (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Mp3Tube Toolbar\images\savemp3.png (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Mp3Tube Toolbar\images\savemp3_disabled.png (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Mp3Tube Toolbar\images\screensaver.png (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Mp3Tube Toolbar\images\shopping.png (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Mp3Tube Toolbar\images\watermark.png (Adware.Mp3Tube) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Application Data\Mp3Tube Toolbar\images\weatherbug.png (Adware.Mp3Tube) -> Quarantined and deleted successfully.

(end)


Report •

#12
May 2, 2013 at 18:10:42
well, since I'm not using Daemon again, is it safe to just uninstalled it? I never knew that it could be a 'carrier' to those malware.
Also, I found all the 'malware' that had been removed with Malwarebytes are still in Quarantine, did I need to delete these all? or just, let it be there..

Report •

#13
May 2, 2013 at 18:11:44
You didn't download the FREE version of MBAM, you probably will get nags to buy.
This is a program to keep in your armory.

MBAM fixed a lot of stuff as well.

I shall just wait for a new TDSSKiller log.

As we dismantle the infection bit by bit, that may allow the repeat use of programs, which may in turn pick up more.
Removal of infected parts of the system, may cause other parts to stop working, such as your Internet connection or Services. These we then, have to repair later.

If any program won't run ( due to the infection ) let me know.

Copy and Paste the contents of the log/logs after running each program.


Report •

#14
May 2, 2013 at 18:16:37
"I never knew that it could be a 'carrier' to those malware"
It's not, it just conflicts with our Malware removal tools.

"well, since I'm not using Daemon again"
If you do, use Revo.

Revo Uninstaller
http://www.softpedia.com/get/Tweak/...
http://www.softpedia.com/progScreen...
http://www.revouninstaller.com/
Open Revo, double click on a program logo, click > Yes & then you get your options, with Advanced down the bottom.
If you have partially uninstalled your program, you get a message from Revo, that it can't find the uninstaller, hit Cancel & let Revo continue on, to search for the remnants.
If you get a reboot message, ignore it & do it after Revo has finished.
I use Advanced Mode. Screenshots of how to use.
http://i.imgur.com/dXJGX1q.gif
http://i.imgur.com/VonCA.gif
http://i.imgur.com/fGmmb.gif
http://i.imgur.com/pdhbV.gif
http://i.imgur.com/fIgy0.gif
http://i.imgur.com/tDH9Z.gif
http://i.imgur.com/DbfgN.gif
http://i.imgur.com/tDafK.gif
http://i.imgur.com/Bz5j9.gif
http://i.imgur.com/X5S5I.gif


Report •

#15
May 2, 2013 at 18:17:38
"did I need to delete these all?"
Yes.

Report •

#16
May 2, 2013 at 21:55:20
Here's the TDSS log :
11:52:28.0640 4260 Current date / time: 2013/05/03 11:52:28.0640
11:52:28.0640 4260 SystemInfo:
11:52:28.0640 4260
11:52:28.0640 4260 OS Version: 5.1.2600 ServicePack: 2.0
11:52:28.0640 4260 Product type: Workstation
11:52:28.0640 4260 ComputerName: AGN
11:52:28.0640 4260 UserName: user
11:52:28.0640 4260 Windows directory: C:\WINDOWS
11:52:28.0640 4260 System windows directory: C:\WINDOWS
11:52:28.0640 4260 Processor architecture: Intel x86
11:52:28.0640 4260 Number of processors: 2
11:52:28.0640 4260 Page size: 0x1000
11:52:28.0640 4260 Boot type: Normal boot
11:52:28.0640 4260 ============================================================
11:52:32.0671 4260 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:52:32.0703 4260 ============================================================
11:52:32.0703 4260 \Device\Harddisk0\DR0:
11:52:32.0703 4260 MBR partitions:
11:52:32.0703 4260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1387F72E
11:52:32.0703 4260 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1387F76D, BlocksNum 0x11BADF54
11:52:32.0703 4260 ============================================================
11:52:32.0781 4260 C: <-> \Device\Harddisk0\DR0\Partition1
11:52:32.0843 4260 E: <-> \Device\Harddisk0\DR0\Partition2
11:52:32.0843 4260 ============================================================
11:52:32.0843 4260 Initialize success
11:52:32.0843 4260 ============================================================
11:53:10.0281 4324 ============================================================
11:53:10.0281 4324 Scan started
11:53:10.0281 4324 Mode: Manual;
11:53:10.0281 4324 ============================================================
11:53:11.0687 4324 ================ Scan system memory ========================
11:53:11.0703 4324 System memory - ok
11:53:11.0703 4324 ================ Scan services =============================
11:53:11.0796 4324 Abiosdsk - ok
11:53:11.0796 4324 abp480n5 - ok
11:53:11.0843 4324 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:53:11.0843 4324 ACPI - ok
11:53:11.0875 4324 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
11:53:11.0875 4324 ACPIEC - ok
11:53:11.0906 4324 [ 5508E9F55799C6551D54DFBC4A068B68 ] ACPIVPC C:\WINDOWS\system32\DRIVERS\AcpiVpc.sys
11:53:11.0906 4324 ACPIVPC - ok
11:53:12.0000 4324 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:53:12.0000 4324 AdobeFlashPlayerUpdateSvc - ok
11:53:12.0000 4324 adpu160m - ok
11:53:12.0046 4324 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:53:12.0046 4324 aec - ok
11:53:12.0093 4324 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:53:12.0093 4324 AFD - ok
11:53:12.0109 4324 Aha154x - ok
11:53:12.0109 4324 aic78u2 - ok
11:53:12.0109 4324 aic78xx - ok
11:53:12.0156 4324 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:53:12.0156 4324 Alerter - ok
11:53:12.0171 4324 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
11:53:12.0171 4324 ALG - ok
11:53:12.0187 4324 AliIde - ok
11:53:12.0187 4324 amsint - ok
11:53:12.0218 4324 [ 9C3C12975C97119412802B181FBEEFFE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:53:12.0218 4324 AppMgmt - ok
11:53:12.0250 4324 [ 875F9079CABEE679D34B49E466B61701 ] Asapi C:\WINDOWS\system32\drivers\Asapi.sys
11:53:12.0250 4324 Asapi - ok
11:53:12.0265 4324 asc - ok
11:53:12.0265 4324 asc3350p - ok
11:53:12.0265 4324 asc3550 - ok
11:53:12.0375 4324 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:53:12.0375 4324 aspnet_state - ok
11:53:12.0390 4324 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:53:12.0390 4324 AsyncMac - ok
11:53:12.0437 4324 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:53:12.0437 4324 atapi - ok
11:53:12.0453 4324 Atdisk - ok
11:53:12.0453 4324 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:53:12.0453 4324 Atmarpc - ok
11:53:12.0500 4324 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:53:12.0500 4324 AudioSrv - ok
11:53:12.0531 4324 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:53:12.0531 4324 audstub - ok
11:53:12.0687 4324 [ D45B7995761253A92AB071D576114F28 ] AVG Security Toolbar Service C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
11:53:12.0687 4324 AVG Security Toolbar Service - ok
11:53:12.0734 4324 [ C4D15594DB5BE042D3346EA58DF87D89 ] avg9wd C:\Program Files\AVG\AVG9\avgwdsvc.exe
11:53:12.0750 4324 avg9wd - ok
11:53:12.0796 4324 [ FA6336F05695E39995884D0C959C9608 ] Avgfwdx C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
11:53:12.0796 4324 Avgfwdx - ok
11:53:12.0796 4324 [ FA6336F05695E39995884D0C959C9608 ] Avgfwfd C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
11:53:12.0796 4324 Avgfwfd - ok
11:53:12.0906 4324 [ 0F38E92D794DF187BA060939C552484F ] avgfws9 C:\Program Files\AVG\AVG9\avgfws9.exe
11:53:12.0968 4324 avgfws9 - ok
11:53:13.0187 4324 [ ABC81401A433F90414168E027AA6CC48 ] AVGIDSAgent C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
11:53:13.0453 4324 AVGIDSAgent - ok
11:53:13.0515 4324 [ 97670687F6C8F35E7B611F2CE1F94472 ] AVGIDSDriverxpx C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys
11:53:13.0515 4324 AVGIDSDriverxpx - ok
11:53:13.0531 4324 [ 277FC6B0F0BE23BAE7E63F184034B2FE ] AVGIDSErHrxpx C:\WINDOWS\system32\Drivers\AVGIDSxx.sys
11:53:13.0531 4324 AVGIDSErHrxpx - ok
11:53:13.0531 4324 [ DBA65F23B686BDF043BBB54E55C72887 ] AVGIDSFilterxpx C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys
11:53:13.0531 4324 AVGIDSFilterxpx - ok
11:53:13.0546 4324 [ A552461AAB7A36C2465FF19E59AF08BF ] AVGIDSShimxpx C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys
11:53:13.0546 4324 AVGIDSShimxpx - ok
11:53:13.0609 4324 [ A9F4D19DE72C738759330D10D35C4398 ] AvgLdx86 C:\WINDOWS\System32\Drivers\avgldx86.sys
11:53:13.0609 4324 AvgLdx86 - ok
11:53:13.0625 4324 [ 80FF2B1B7EEDA966394F0BAA895BBF4B ] AvgMfx86 C:\WINDOWS\System32\Drivers\avgmfx86.sys
11:53:13.0640 4324 AvgMfx86 - ok
11:53:13.0640 4324 [ 5BBCD8646074A3AF4EE9B321D12C2B64 ] AvgRkx86 C:\WINDOWS\system32\Drivers\avgrkx86.sys
11:53:13.0640 4324 AvgRkx86 - ok
11:53:13.0687 4324 [ 9A7A93388F503A34E7339AE7F9997449 ] AvgTdiX C:\WINDOWS\System32\Drivers\avgtdix.sys
11:53:13.0687 4324 AvgTdiX - ok
11:53:13.0734 4324 [ CAE7B6E4D7EB17829C526153D19B9C95 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
11:53:13.0734 4324 avgtp - ok
11:53:13.0781 4324 [ E470738B601A7FBB1E1C34CEC8355F5D ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
11:53:13.0781 4324 b57w2k - ok
11:53:13.0828 4324 [ 164A0AC9EF86EF4B9C5BC6081F9ACBEB ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
11:53:13.0843 4324 BCM43XX - ok
11:53:13.0859 4324 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:53:13.0859 4324 Beep - ok
11:53:13.0906 4324 [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS C:\WINDOWS\system32\qmgr.dll
11:53:13.0906 4324 BITS - ok
11:53:13.0953 4324 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:53:13.0953 4324 Bonjour Service - ok
11:53:13.0984 4324 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser C:\WINDOWS\System32\browser.dll
11:53:13.0984 4324 Browser - ok
11:53:14.0031 4324 [ B6E16DA77EAFE84A8C5BC44784FEEAEA ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
11:53:14.0031 4324 btaudio - ok
11:53:14.0078 4324 [ 58A49BD10E08D3D4333A60DEDCB1CED8 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
11:53:14.0078 4324 BTDriver - ok
11:53:14.0125 4324 [ EF5E0DE0A7CA2977A9255F36F4D915AB ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
11:53:14.0125 4324 BTKRNL - ok
11:53:14.0187 4324 [ 68CB792CA9AA6EC7A6C0C6DB655BFE8B ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
11:53:14.0187 4324 btwdins - ok
11:53:14.0203 4324 [ 80F61DE965C116051614AC2F04222FF7 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
11:53:14.0203 4324 BTWDNDIS - ok
11:53:14.0203 4324 [ E48668B4A6A5CF68B33AECAD18EE8E1E ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
11:53:14.0203 4324 btwhid - ok
11:53:14.0218 4324 [ 053DC5BE74621B63BB48C2B86BAFC7B0 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
11:53:14.0218 4324 BTWUSB - ok
11:53:14.0281 4324 [ A60E0A5EDE7684A05927E8BB68D3E44A ] Cam5607 C:\WINDOWS\system32\Drivers\BisonC07.sys
11:53:14.0281 4324 Cam5607 - ok
11:53:14.0328 4324 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:53:14.0328 4324 cbidf2k - ok
11:53:14.0328 4324 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:53:14.0328 4324 CCDECODE - ok
11:53:14.0343 4324 cd20xrnt - ok
11:53:14.0359 4324 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:53:14.0359 4324 Cdaudio - ok
11:53:14.0406 4324 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:53:14.0406 4324 Cdfs - ok
11:53:14.0453 4324 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:53:14.0453 4324 Cdrom - ok
11:53:14.0453 4324 Changer - ok
11:53:14.0484 4324 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:53:14.0484 4324 CiSvc - ok
11:53:14.0500 4324 [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:53:14.0515 4324 ClipSrv - ok
11:53:14.0546 4324 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:53:14.0562 4324 clr_optimization_v2.0.50727_32 - ok
11:53:14.0578 4324 [ 4266BE808F85826AEDF3C64C1E240203 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:53:14.0578 4324 CmBatt - ok
11:53:14.0578 4324 CmdIde - ok
11:53:14.0578 4324 [ DF1B1A24BF52D0EBC01ED4ECE8979F50 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:53:14.0578 4324 Compbatt - ok
11:53:14.0593 4324 COMSysApp - ok
11:53:14.0593 4324 Cpqarray - ok
11:53:14.0640 4324 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:53:14.0656 4324 CryptSvc - ok
11:53:14.0656 4324 dac2w2k - ok
11:53:14.0656 4324 dac960nt - ok
11:53:14.0718 4324 [ 24B5D53B9ACCC1E2EDCF0A878D6659D4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:53:14.0750 4324 DcomLaunch - ok
11:53:14.0765 4324 [ CB6CA3E5261D65F6F809EED23BF167AA ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:53:14.0765 4324 Dhcp - ok
11:53:14.0765 4324 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:53:14.0765 4324 Disk - ok
11:53:14.0765 4324 dmadmin - ok
11:53:14.0812 4324 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:53:14.0812 4324 dmboot - ok
11:53:14.0828 4324 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:53:14.0828 4324 dmio - ok
11:53:14.0859 4324 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:53:14.0859 4324 dmload - ok
11:53:14.0859 4324 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
11:53:14.0859 4324 dmserver - ok
11:53:14.0890 4324 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:53:14.0906 4324 DMusic - ok
11:53:14.0906 4324 [ 7379DE06FD196E396A00AA97B990C00D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:53:14.0906 4324 Dnscache - ok
11:53:14.0906 4324 dpti2o - ok
11:53:14.0921 4324 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:53:14.0921 4324 drmkaud - ok
11:53:14.0937 4324 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:53:14.0953 4324 ERSvc - ok
11:53:14.0984 4324 [ 4712531AB7A01B7EE059853CA17D39BD ] Eventlog C:\WINDOWS\system32\services.exe
11:53:14.0984 4324 Eventlog - ok
11:53:15.0031 4324 [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem C:\WINDOWS\system32\es.dll
11:53:15.0031 4324 EventSystem - ok
11:53:15.0078 4324 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:53:15.0078 4324 Fastfat - ok

Report •

#17
May 2, 2013 at 21:55:42
11:53:15.0109 4324 [ E7518DC542D3EBDCB80EDD98462C7821 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:53:15.0109 4324 FastUserSwitchingCompatibility - ok
11:53:15.0125 4324 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
11:53:15.0125 4324 Fdc - ok
11:53:15.0140 4324 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:53:15.0140 4324 Fips - ok
11:53:15.0234 4324 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:53:15.0250 4324 FLEXnet Licensing Service - ok
11:53:15.0265 4324 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
11:53:15.0265 4324 Flpydisk - ok
11:53:15.0312 4324 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:53:15.0312 4324 FltMgr - ok
11:53:15.0390 4324 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:53:15.0406 4324 FontCache3.0.0.0 - ok
11:53:15.0406 4324 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:53:15.0406 4324 Fs_Rec - ok
11:53:15.0421 4324 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:53:15.0421 4324 Ftdisk - ok
11:53:15.0468 4324 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:53:15.0468 4324 Gpc - ok
11:53:15.0546 4324 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:53:15.0546 4324 gupdate - ok
11:53:15.0546 4324 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:53:15.0562 4324 gupdatem - ok
11:53:15.0609 4324 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:53:15.0609 4324 HDAudBus - ok
11:53:15.0703 4324 [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:53:15.0703 4324 helpsvc - ok
11:53:15.0718 4324 [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ C:\WINDOWS\System32\hidserv.dll
11:53:15.0734 4324 HidServ - ok
11:53:15.0750 4324 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:53:15.0750 4324 HidUsb - ok
11:53:15.0750 4324 hpn - ok
11:53:15.0828 4324 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
11:53:15.0828 4324 hpqcxs08 - ok
11:53:15.0843 4324 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
11:53:15.0859 4324 hpqddsvc - ok
11:53:15.0906 4324 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:53:15.0906 4324 HTTP - ok
11:53:15.0937 4324 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:53:15.0937 4324 HTTPFilter - ok
11:53:15.0953 4324 i2omgmt - ok
11:53:15.0953 4324 i2omp - ok
11:53:15.0984 4324 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:53:15.0984 4324 i8042prt - ok
11:53:16.0203 4324 [ B2768350BB50469AEB1AFE694372B613 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
11:53:16.0250 4324 ialm - ok
11:53:16.0359 4324 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
11:53:16.0375 4324 IDriverT - ok
11:53:16.0437 4324 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:53:16.0468 4324 idsvc - ok
11:53:16.0546 4324 [ A06EFD4965F8A3F97A8C9A291D032678 ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
11:53:16.0546 4324 IJPLMSVC - ok
11:53:16.0578 4324 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:53:16.0593 4324 Imapi - ok
11:53:16.0625 4324 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:53:16.0625 4324 ImapiService - ok
11:53:16.0640 4324 ini910u - ok
11:53:16.0828 4324 [ 9214948F697EA74203C4FBB23530E2B5 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:53:16.0875 4324 IntcAzAudAddService - ok
11:53:16.0875 4324 IntelIde - ok
11:53:16.0906 4324 [ 279FB78702454DFF2BB445F238C048D2 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:53:16.0906 4324 intelppm - ok
11:53:16.0937 4324 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:53:16.0937 4324 Ip6Fw - ok
11:53:16.0968 4324 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:53:16.0968 4324 IpFilterDriver - ok
11:53:16.0968 4324 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:53:16.0968 4324 IpInIp - ok
11:53:16.0984 4324 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:53:16.0984 4324 IpNat - ok
11:53:17.0000 4324 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:53:17.0000 4324 IPSec - ok
11:53:17.0031 4324 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:53:17.0031 4324 IRENUM - ok
11:53:17.0062 4324 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:53:17.0062 4324 isapnp - ok
11:53:17.0125 4324 [ 2F03CEB28307983F3B36216D35FFA5AA ] ISODrive C:\Program Files\UltraISO\drivers\ISODrive.sys
11:53:17.0125 4324 ISODrive - ok
11:53:17.0234 4324 [ 5739F2821D49975CEDE6BF0153D0CF01 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
11:53:17.0234 4324 JavaQuickStarterService - ok
11:53:17.0281 4324 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:53:17.0281 4324 Kbdclass - ok
11:53:17.0296 4324 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:53:17.0296 4324 kmixer - ok
11:53:17.0328 4324 [ 1BE7CC2535D760AE4D481576EB789F24 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:53:17.0328 4324 KSecDD - ok
11:53:17.0359 4324 [ 93D32468D34E000CB3407947D1D6E22A ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:53:17.0375 4324 lanmanserver - ok
11:53:17.0421 4324 [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:53:17.0421 4324 lanmanworkstation - ok
11:53:17.0421 4324 lbrtfdc - ok
11:53:17.0453 4324 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:53:17.0453 4324 LmHosts - ok
11:53:17.0484 4324 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
11:53:17.0484 4324 MBAMProtector - ok
11:53:17.0515 4324 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:53:17.0531 4324 MBAMScheduler - ok
11:53:17.0578 4324 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:53:17.0593 4324 MBAMService - ok
11:53:17.0640 4324 [ 8FD868E32459ECE2A1BB0169F513D31E ] mcdbus C:\WINDOWS\system32\DRIVERS\mcdbus.sys
11:53:17.0640 4324 mcdbus - ok
11:53:17.0703 4324 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
11:53:17.0718 4324 MDM - ok
11:53:17.0750 4324 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:53:17.0750 4324 Messenger - ok
11:53:17.0812 4324 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
11:53:17.0828 4324 Microsoft Office Groove Audit Service - ok
11:53:17.0875 4324 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:53:17.0875 4324 mnmdd - ok
11:53:17.0921 4324 [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:53:17.0937 4324 mnmsrvc - ok
11:53:17.0984 4324 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:53:17.0984 4324 Modem - ok
11:53:18.0000 4324 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:53:18.0000 4324 Mouclass - ok
11:53:18.0046 4324 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:53:18.0046 4324 mouhid - ok
11:53:18.0062 4324 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:53:18.0062 4324 MountMgr - ok
11:53:18.0140 4324 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:53:18.0140 4324 MozillaMaintenance - ok
11:53:18.0140 4324 mraid35x - ok
11:53:18.0156 4324 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:53:18.0156 4324 MRxDAV - ok
11:53:18.0218 4324 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:53:18.0218 4324 MRxSmb - ok
11:53:18.0250 4324 [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:53:18.0250 4324 MSDTC - ok
11:53:18.0265 4324 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:53:18.0265 4324 Msfs - ok
11:53:18.0265 4324 MSIServer - ok
11:53:18.0281 4324 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:53:18.0281 4324 MSKSSRV - ok
11:53:18.0296 4324 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:53:18.0296 4324 MSPCLOCK - ok
11:53:18.0296 4324 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:53:18.0296 4324 MSPQM - ok
11:53:18.0328 4324 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:53:18.0328 4324 mssmbios - ok

Report •

#18
May 2, 2013 at 21:55:59
11:53:18.0359 4324 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
11:53:18.0359 4324 MSTEE - ok
11:53:18.0531 4324 [ 73FA09B84B23A1897809A84F976D5D99 ] msvsmon80 C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe
11:53:18.0609 4324 msvsmon80 - ok
11:53:18.0656 4324 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:53:18.0656 4324 Mup - ok
11:53:18.0687 4324 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:53:18.0687 4324 NABTSFEC - ok
11:53:18.0703 4324 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:53:18.0703 4324 NDIS - ok
11:53:18.0703 4324 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:53:18.0703 4324 NdisIP - ok
11:53:18.0750 4324 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:53:18.0750 4324 NdisTapi - ok
11:53:18.0796 4324 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:53:18.0796 4324 Ndisuio - ok
11:53:18.0812 4324 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:53:18.0812 4324 NdisWan - ok
11:53:18.0828 4324 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:53:18.0828 4324 NDProxy - ok
11:53:18.0843 4324 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
11:53:18.0843 4324 Net Driver HPZ12 - ok
11:53:18.0843 4324 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:53:18.0843 4324 NetBIOS - ok
11:53:18.0859 4324 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:53:18.0859 4324 NetBT - ok
11:53:18.0921 4324 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
11:53:18.0921 4324 NetDDE - ok
11:53:18.0937 4324 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:53:18.0937 4324 NetDDEdsdm - ok
11:53:18.0937 4324 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:53:18.0953 4324 Netlogon - ok
11:53:18.0968 4324 [ DAB9E6C7105D2EF49876FE92C524F565 ] Netman C:\WINDOWS\System32\netman.dll
11:53:18.0968 4324 Netman - ok
11:53:19.0031 4324 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:53:19.0031 4324 NetTcpPortSharing - ok
11:53:19.0046 4324 [ 097722F235A1FB698BF9234E01B52637 ] Nla C:\WINDOWS\System32\mswsock.dll
11:53:19.0062 4324 Nla - ok
11:53:19.0109 4324 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:53:19.0109 4324 Npfs - ok
11:53:19.0140 4324 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:53:19.0140 4324 Ntfs - ok
11:53:19.0156 4324 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:53:19.0156 4324 NtLmSsp - ok
11:53:19.0187 4324 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:53:19.0203 4324 NtmsSvc - ok
11:53:19.0218 4324 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:53:19.0218 4324 Null - ok
11:53:19.0265 4324 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:53:19.0265 4324 NwlnkFlt - ok
11:53:19.0265 4324 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:53:19.0265 4324 NwlnkFwd - ok
11:53:19.0359 4324 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:53:19.0390 4324 odserv - ok
11:53:19.0437 4324 [ 29B143863AD781E18AD8C62E98AB665E ] OpcEnum C:\WINDOWS\system32\OpcEnum.exe
11:53:19.0437 4324 OpcEnum - ok
11:53:19.0453 4324 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:53:19.0453 4324 ose - ok
11:53:19.0468 4324 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
11:53:19.0468 4324 Parport - ok
11:53:19.0468 4324 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:53:19.0468 4324 PartMgr - ok
11:53:19.0515 4324 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:53:19.0515 4324 ParVdm - ok
11:53:19.0546 4324 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:53:19.0546 4324 PCI - ok
11:53:19.0562 4324 PCIDump - ok
11:53:19.0562 4324 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:53:19.0562 4324 PCIIde - ok
11:53:19.0609 4324 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:53:19.0609 4324 Pcmcia - ok
11:53:19.0609 4324 PDCOMP - ok
11:53:19.0609 4324 PDFRAME - ok
11:53:19.0625 4324 PDRELI - ok
11:53:19.0625 4324 PDRFRAME - ok
11:53:19.0640 4324 perc2 - ok
11:53:19.0640 4324 perc2hib - ok
11:53:19.0671 4324 [ 4712531AB7A01B7EE059853CA17D39BD ] PlugPlay C:\WINDOWS\system32\services.exe
11:53:19.0687 4324 PlugPlay - ok
11:53:19.0718 4324 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
11:53:19.0718 4324 Pml Driver HPZ12 - ok
11:53:19.0718 4324 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:53:19.0734 4324 PolicyAgent - ok
11:53:19.0750 4324 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:53:19.0750 4324 PptpMiniport - ok
11:53:19.0750 4324 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:53:19.0750 4324 ProtectedStorage - ok
11:53:19.0750 4324 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:53:19.0750 4324 PSched - ok
11:53:19.0765 4324 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:53:19.0765 4324 Ptilink - ok
11:53:19.0781 4324 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:53:19.0781 4324 PxHelp20 - ok
11:53:19.0812 4324 [ 562DCDD45902F1863B4B120F0633258B ] qcusbser C:\WINDOWS\system32\DRIVERS\cmusbser.sys
11:53:19.0812 4324 qcusbser - ok
11:53:19.0828 4324 ql1080 - ok
11:53:19.0828 4324 Ql10wnt - ok
11:53:19.0843 4324 ql12160 - ok
11:53:19.0843 4324 ql1240 - ok
11:53:19.0843 4324 ql1280 - ok
11:53:19.0859 4324 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:53:19.0859 4324 RasAcd - ok
11:53:19.0890 4324 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:53:19.0890 4324 RasAuto - ok
11:53:19.0921 4324 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:53:19.0921 4324 Rasl2tp - ok
11:53:19.0953 4324 [ 41A3C11E3517C962C9B44893BCEC3B34 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:53:19.0953 4324 RasMan - ok
11:53:19.0953 4324 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:53:19.0953 4324 RasPppoe - ok
11:53:19.0968 4324 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:53:19.0968 4324 Raspti - ok
11:53:19.0984 4324 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:53:20.0000 4324 Rdbss - ok
11:53:20.0000 4324 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:53:20.0000 4324 RDPCDD - ok
11:53:20.0031 4324 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:53:20.0031 4324 rdpdr - ok
11:53:20.0046 4324 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:53:20.0062 4324 RDPWD - ok
11:53:20.0078 4324 [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:53:20.0093 4324 RDSessMgr - ok
11:53:20.0093 4324 [ B31B4588E4086D8D84ADBF9845C2402B ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:53:20.0093 4324 redbook - ok
11:53:20.0140 4324 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:53:20.0140 4324 RemoteAccess - ok
11:53:20.0171 4324 [ 3151427DB7D87107D1C5BE58FAC53960 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:53:20.0171 4324 RemoteRegistry - ok
11:53:20.0218 4324 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
11:53:20.0218 4324 RimUsb - ok
11:53:20.0234 4324 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
11:53:20.0234 4324 RimVSerPort - ok
11:53:20.0281 4324 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
11:53:20.0281 4324 ROOTMODEM - ok
11:53:20.0343 4324 [ AFD61A7C48A3E15C86A6FADF0B69A2E4 ] Roxio UPnP Renderer 9 C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
11:53:20.0343 4324 Roxio UPnP Renderer 9 - ok
11:53:20.0359 4324 [ EFBB36E2BB02169D26E9980778FC20D3 ] Roxio Upnp Server 9 C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
11:53:20.0375 4324 Roxio Upnp Server 9 - ok
11:53:20.0468 4324 [ E06224CF971D33A680E852DFA212A8AB ] RoxLiveShare9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
11:53:20.0468 4324 RoxLiveShare9 - ok
11:53:20.0515 4324 [ FB68FD9505AB89416D70A0E8A5C49E45 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
11:53:20.0562 4324 RoxMediaDB9 - ok
11:53:20.0609 4324 [ D6BDB50D2A28FF70CE60B4D995F0143A ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
11:53:20.0609 4324 RoxWatch9 - ok
11:53:20.0656 4324 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\system32\locator.exe
11:53:20.0671 4324 RpcLocator - ok
11:53:20.0687 4324 [ 24B5D53B9ACCC1E2EDCF0A878D6659D4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:53:20.0703 4324 RpcSs - ok
11:53:20.0734 4324 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:53:20.0750 4324 RSVP - ok
11:53:20.0750 4324 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
11:53:20.0765 4324 SamSs - ok
11:53:20.0781 4324 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:53:20.0796 4324 SCardSvr - ok
11:53:20.0828 4324 [ 92360854316611F6CC471612213C3D92 ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:53:20.0828 4324 Schedule - ok
11:53:20.0843 4324 [ 07F7F501AD50DE2BA2D5842D9B6D6155 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:53:20.0843 4324 Secdrv - ok
11:53:20.0875 4324 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
11:53:20.0875 4324 seclogon - ok
11:53:20.0875 4324 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
11:53:20.0890 4324 SENS - ok
11:53:20.0953 4324 [ 731D9B3DE4BC0A3E0830B9BF9DBCE2A5 ] SentinelKeysServer C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
11:53:20.0968 4324 SentinelKeysServer - ok
11:53:20.0968 4324 [ 925E88D7C5A51E25769D9CEB4F7F2E85 ] SentinelProtectionServer C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
11:53:20.0984 4324 SentinelProtectionServer - ok
11:53:20.0984 4324 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
11:53:20.0984 4324 Serial - ok
11:53:21.0015 4324 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:53:21.0015 4324 Sfloppy - ok
11:53:21.0046 4324 [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:53:21.0046 4324 SharedAccess - ok
11:53:21.0078 4324 [ E7518DC542D3EBDCB80EDD98462C7821 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:53:21.0078 4324 ShellHWDetection - ok
11:53:21.0078 4324 Simbad - ok
11:53:21.0078 4324 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:53:21.0078 4324 SLIP - ok
11:53:21.0156 4324 [ 5E62BA073C90E6C9D4EA199D6080F919 ] smserial C:\WINDOWS\system32\DRIVERS\smserial.sys
11:53:21.0156 4324 smserial - ok
11:53:21.0171 4324 Sparrow - ok
11:53:21.0187 4324 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:53:21.0187 4324 splitter - ok
11:53:21.0203 4324 [ 7435B108B935E42EA92CA94F59C8E717 ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:53:21.0203 4324 Spooler - ok
11:53:21.0250 4324 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:53:21.0250 4324 sr - ok

Report •

#19
May 2, 2013 at 21:56:19
11:53:21.0265 4324 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice C:\WINDOWS\system32\srsvc.dll
11:53:21.0281 4324 srservice - ok
11:53:21.0312 4324 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:53:21.0312 4324 Srv - ok
11:53:21.0343 4324 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:53:21.0359 4324 SSDPSRV - ok
11:53:21.0390 4324 [ D9F6C4F6B1E188ADAFC42B561D9BC2E6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:53:21.0406 4324 stisvc - ok
11:53:21.0421 4324 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:53:21.0421 4324 streamip - ok
11:53:21.0437 4324 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:53:21.0437 4324 swenum - ok
11:53:21.0453 4324 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:53:21.0453 4324 swmidi - ok
11:53:21.0453 4324 SwPrv - ok
11:53:21.0453 4324 symc810 - ok
11:53:21.0468 4324 symc8xx - ok
11:53:21.0468 4324 sym_hi - ok
11:53:21.0468 4324 sym_u3 - ok
11:53:21.0515 4324 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:53:21.0515 4324 sysaudio - ok
11:53:21.0531 4324 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:53:21.0531 4324 SysmonLog - ok
11:53:21.0562 4324 [ EB4A4187D74A8EFDCBEA3EA2CB1BDFBD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:53:21.0562 4324 TapiSrv - ok
11:53:21.0593 4324 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:53:21.0609 4324 Tcpip - ok
11:53:21.0640 4324 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:53:21.0640 4324 TDPIPE - ok
11:53:21.0656 4324 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:53:21.0656 4324 TDTCP - ok
11:53:21.0656 4324 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:53:21.0656 4324 TermDD - ok
11:53:21.0687 4324 [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService C:\WINDOWS\System32\termsrv.dll
11:53:21.0687 4324 TermService - ok
11:53:21.0718 4324 [ E7518DC542D3EBDCB80EDD98462C7821 ] Themes C:\WINDOWS\System32\shsvcs.dll
11:53:21.0718 4324 Themes - ok
11:53:21.0750 4324 [ 37DB0A7D097310E8B4DE803FC3119C78 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
11:53:21.0750 4324 TlntSvr - ok
11:53:21.0750 4324 TosIde - ok
11:53:21.0765 4324 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:53:21.0781 4324 TrkWks - ok
11:53:21.0796 4324 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:53:21.0796 4324 Udfs - ok
11:53:21.0812 4324 ultra - ok
11:53:21.0843 4324 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
11:53:21.0843 4324 UMWdf - ok
11:53:21.0875 4324 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:53:21.0875 4324 Update - ok
11:53:21.0906 4324 [ 0546477BDE979E33294FE97F6B3DE84A ] upnphost C:\WINDOWS\System32\upnphost.dll
11:53:21.0906 4324 upnphost - ok
11:53:21.0937 4324 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
11:53:21.0937 4324 UPS - ok
11:53:21.0984 4324 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:53:21.0984 4324 usbccgp - ok
11:53:22.0015 4324 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:53:22.0015 4324 usbehci - ok
11:53:22.0031 4324 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:53:22.0031 4324 usbhub - ok
11:53:22.0062 4324 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:53:22.0062 4324 usbprint - ok
11:53:22.0093 4324 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:53:22.0093 4324 usbscan - ok
11:53:22.0093 4324 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:53:22.0093 4324 usbstor - ok
11:53:22.0140 4324 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:53:22.0140 4324 usbuhci - ok
11:53:22.0171 4324 [ 8968FF3973A883C49E8B564200F565B9 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
11:53:22.0171 4324 usbvideo - ok
11:53:22.0187 4324 [ AE4DF3B7D1DB9373B08DB4ED224E26B6 ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
11:53:22.0187 4324 usb_rndisx - ok
11:53:22.0218 4324 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:53:22.0218 4324 VgaSave - ok
11:53:22.0218 4324 ViaIde - ok
11:53:22.0234 4324 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:53:22.0234 4324 VolSnap - ok
11:53:22.0281 4324 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
11:53:22.0281 4324 VSS - ok
11:53:22.0375 4324 [ 3AD1E72748978D8B0B3B674741E4C3E2 ] vToolbarUpdater14.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
11:53:22.0406 4324 vToolbarUpdater14.2.0 - ok
11:53:22.0468 4324 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time C:\WINDOWS\system32\w32time.dll
11:53:22.0468 4324 W32Time - ok
11:53:22.0484 4324 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:53:22.0484 4324 Wanarp - ok
11:53:22.0531 4324 [ 46A247F6617526AFE38B6F12F5512120 ] wceusbsh C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
11:53:22.0531 4324 wceusbsh - ok
11:53:22.0546 4324 WDICA - ok
11:53:22.0562 4324 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:53:22.0562 4324 wdmaud - ok
11:53:22.0578 4324 [ 5D0A442864BFBF3B19DCCA4CD29F6E99 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:53:22.0578 4324 WebClient - ok
11:53:22.0656 4324 [ F399242A80C4066FD155EFA4CF96658E ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:53:22.0656 4324 winmgmt - ok
11:53:22.0687 4324 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
11:53:22.0703 4324 WmdmPmSN - ok
11:53:22.0734 4324 [ E8E57B0F9EB03D1AABEC28D550C75116 ] Wmi C:\WINDOWS\System32\advapi32.dll
11:53:22.0734 4324 Wmi - ok
11:53:22.0750 4324 [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
11:53:22.0750 4324 WmiAcpi - ok
11:53:22.0781 4324 [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:53:22.0781 4324 WmiApSrv - ok
11:53:22.0812 4324 [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:53:22.0812 4324 wscsvc - ok
11:53:22.0812 4324 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:53:22.0812 4324 WSTCODEC - ok
11:53:22.0843 4324 [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:53:22.0843 4324 wuauserv - ok
11:53:22.0875 4324 [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:53:22.0875 4324 WZCSVC - ok
11:53:22.0906 4324 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:53:22.0906 4324 xmlprov - ok
11:53:22.0984 4324 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
11:53:23.0015 4324 YahooAUService - ok
11:53:23.0031 4324 ================ Scan global ===============================
11:53:23.0062 4324 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
11:53:23.0078 4324 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
11:53:23.0093 4324 [ 442D0EAD5534E4ADCF6D4469043C82C0 ] C:\WINDOWS\system32\winsrv.dll
11:53:23.0109 4324 [ 4712531AB7A01B7EE059853CA17D39BD ] C:\WINDOWS\system32\services.exe
11:53:23.0109 4324 [Global] - ok
11:53:23.0109 4324 ================ Scan MBR ==================================
11:53:23.0140 4324 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
11:53:23.0421 4324 \Device\Harddisk0\DR0 - ok
11:53:23.0421 4324 ================ Scan VBR ==================================
11:53:23.0421 4324 [ CE122B17506CBB06F534F48399FA6371 ] \Device\Harddisk0\DR0\Partition1
11:53:23.0421 4324 \Device\Harddisk0\DR0\Partition1 - ok
11:53:23.0437 4324 [ 07C9CE68C49575B6346CD86EF32B73D5 ] \Device\Harddisk0\DR0\Partition2
11:53:23.0437 4324 \Device\Harddisk0\DR0\Partition2 - ok
11:53:23.0437 4324 ============================================================
11:53:23.0437 4324 Scan finished
11:53:23.0437 4324 ============================================================
11:53:23.0453 5524 Detected object count: 0
11:53:23.0453 5524 Actual detected object count: 0
11:53:27.0156 2168 Deinitialize success

Report •

#20
May 2, 2013 at 21:59:43
Ok so now I got a new prob here..
I left my lenovo idle for about 2 hours, it does have an automatic sleep mode. But when I turn it on again, the internet connection was disconnected. I checked the wifi icon on system tray, and it has a red cross sign, which is (somehow) it has been disconnected.
When I double clicked it to turn my wifi on again, I got a blue screen, then it shut down itself. So what's definitely wrong here?
I mean, I did remove all the malware that has found, but suddenly it comes to blue screen, which I never experience before

Report •

#21
May 2, 2013 at 22:17:44
Refer my post #13
Removal of infected parts of the system, may cause other parts to stop working, such as your Internet connection or Services. These we then, have to repair later.

Run Tweaking.com - Windows Repair.
http://www.softpedia.com/get/Tweak/...
http://www.softpedia.com/progScreen...
http://www.tweaking.com/
http://www.tweaking.com/content/pag...

Check the following.

Reset Registry Permissions
Reset File Permissions
Register System Files
Repair WMI
Repair MDAC & MS Jet
Repair Hosts File
Remove Policies Set By Infections
Repair Winsock & DNS Cache


Report •

#22
May 2, 2013 at 22:26:17
ok but first, pardon me to ask, since I'm such a newbie for this one, should I back up my data first before run the registry check and repair? I really appreciate your help anyway..

Report •

#23
May 2, 2013 at 22:37:00
"should I back up my data first before run the registry check and repair?"
Yep, that is an absolute basic of computing, you should always have at least 2 copies of all your important stuff.

Report •

Ask Question