Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Mozilla Firefox locks up frequently and computer seems slow

Started by raven3 , Apr 09 2012 06:54 PM

  • Please log in to reply

#1
raven3
Posted 09 April 2012 - 06:54 PM

raven3

    New Member

  • Member
  • Pip
  • 3 posts
My laptop has worked great until recently. Firefox locks up and when I bring up the task manager it says program not responding. This happens usually within five minutes of going online. I have run virus scans and spybot with both of them not finding anything. I have run tuneup utilities 2012 and it cleared some registry errors but this did not seem to make much difference. Here is a copy of the OTL. Any help would be appreciated. Thanks

OTL logfile created on: 4/9/2012 8:31:32 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Christopher Frost\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.88 Gb Available Physical Memory | 44.28% Memory free
3.84 Gb Paging File | 3.18 Gb Available in Paging File | 82.75% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146.46 Gb Total Space | 126.72 Gb Free Space | 86.52% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: D2F7XZF1 | User Name: Christopher Frost | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/09 20:27:22 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Christopher Frost\Desktop\OTL.exe
PRC - [2012/02/09 14:13:28 | 001,220,928 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012/02/09 14:13:22 | 001,529,152 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012/02/01 09:00:16 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/08 21:00:12 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2007/11/08 21:00:06 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/11/08 21:00:06 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/11/08 21:00:06 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2006/09/27 20:33:44 | 000,125,168 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2006/09/27 20:33:32 | 001,813,232 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2006/09/27 20:33:22 | 000,031,472 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2006/07/19 19:26:12 | 000,169,632 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2006/07/19 19:26:06 | 000,192,160 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2006/07/19 19:26:04 | 000,052,896 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2006/04/11 17:13:38 | 001,160,848 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
PRC - [2006/01/09 13:56:04 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\LxrSII1s.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/01 09:00:15 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2007/12/11 15:21:52 | 000,753,664 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2006/01/09 13:56:04 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\LxrSII1s.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/02/09 14:13:22 | 001,529,152 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2006/09/27 20:33:38 | 000,116,464 | ---- | M] (symantec) [On_Demand | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2006/09/27 20:33:32 | 001,813,232 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2006/09/27 20:33:22 | 000,031,472 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2006/09/02 16:36:33 | 002,528,960 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE -- (LiveUpdate)
SRV - [2006/08/07 16:03:02 | 000,214,720 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2006/07/19 19:26:12 | 000,169,632 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2006/07/19 19:26:06 | 000,192,160 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2006/04/11 17:13:38 | 001,160,848 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2006/01/09 13:56:04 | 000,049,152 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/02/11 05:00:00 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/02/09 13:16:38 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012/01/20 20:27:34 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/01/16 12:48:06 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20120406.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/01/16 12:48:06 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20120406.002\NAVENG.SYS -- (NAVENG)
DRV - [2008/08/21 18:49:56 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2008/08/21 18:49:22 | 000,018,688 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2008/04/23 20:13:01 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2008/04/13 11:41:15 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2007/12/11 15:22:24 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/12/02 20:26:22 | 000,989,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/12/02 20:26:20 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/12/02 20:26:20 | 000,211,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/11/08 21:09:10 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2007/11/08 21:00:04 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/11/08 20:57:42 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/11/08 20:55:10 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/11/08 20:55:08 | 000,056,832 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/11/08 20:55:08 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/06/18 15:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motport.sys -- (motport)
DRV - [2007/06/18 15:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/12/14 09:37:40 | 000,072,672 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LxrSII1d.sys -- (LxrSII1d)
DRV - [2006/11/02 13:31:38 | 000,103,168 | ---- | M] (Knowles Acoustics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dxec02.sys -- (DXEC02)
DRV - [2006/09/18 17:55:28 | 000,109,744 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2006/09/06 14:41:20 | 000,337,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT)
DRV - [2006/09/06 14:41:20 | 000,054,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2006/08/07 16:02:26 | 000,195,776 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2006/08/07 16:02:22 | 000,024,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2006/04/11 17:13:34 | 000,389,776 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2005/08/12 18:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080401
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080401
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080401
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co...?channel=us-smb
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.07103010
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..network.proxy.type: 4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Documents and Settings\Christopher Frost\Application Data\nprhapengine.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/05/24 12:21:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/08/14 20:30:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/01 09:00:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/29 21:27:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/14 20:30:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/12/17 21:16:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/05/24 12:21:58 | 000,000,000 | ---D | M]

[2008/09/21 16:11:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Christopher Frost\Application Data\Mozilla\Extensions
[2012/01/09 21:22:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Christopher Frost\Application Data\Mozilla\Firefox\Profiles\z1csv7f7.default\extensions
[2008/09/24 18:28:19 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Documents and Settings\Christopher Frost\Application Data\Mozilla\Firefox\Profiles\z1csv7f7.default\extensions\[email protected]
[2012/02/03 17:53:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\CHRISTOPHER FROST\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z1CSV7F7.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/02/01 09:00:16 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/29 21:27:30 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/11 15:23:49 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/15 19:51:04 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========


O1 HOSTS File: ([2011/02/28 23:49:13 | 000,307,149 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10573 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (jZip Webmail plugin) - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\Program Files\jZip\WebmailPlugin.dll (Discordia Limited)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4885B45-9C56-4892-8CD1-747B062A37B4}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - (C:\WINDOWS\system32\NavLogon.dll) - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Christopher Frost\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Christopher Frost\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 15:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/09 20:27:16 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Christopher Frost\Desktop\OTL.exe
[2012/04/09 19:55:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2012/04/09 19:55:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2012/04/09 19:55:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2012/04/09 19:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Christopher Frost\Application Data\Windows Desktop Search
[2012/04/09 19:54:24 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2012/04/09 19:54:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2012/04/09 19:37:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[2012/04/04 21:09:39 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2012/04/04 21:09:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2012
[2012/04/04 21:08:58 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012
[2012/04/04 21:07:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/09 20:27:22 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Christopher Frost\Desktop\OTL.exe
[2012/04/09 20:06:00 | 000,000,908 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/09 20:04:15 | 000,467,714 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/04/09 20:04:15 | 000,080,764 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/04/09 19:59:54 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1420258269-3072462854-876425905-1006.job
[2012/04/09 19:59:52 | 000,000,904 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/09 19:59:51 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1420258269-3072462854-876425905-1009.job
[2012/04/09 19:59:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/04/09 19:56:33 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/04/09 19:54:34 | 000,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2012/04/09 19:45:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/04/09 13:35:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/04/05 21:40:00 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1420258269-3072462854-876425905-1006.job
[2012/04/05 21:02:21 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Christopher Frost\Ÿ9Ÿ9
[2012/04/05 11:24:31 | 000,001,870 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 3.0.lnk
[2012/04/04 21:09:35 | 000,001,759 | ---- | M] () -- C:\Documents and Settings\Christopher Frost\Application Data\Microsoft\Internet Explorer\Quick Launch\TuneUp Utilities 2012.lnk
[2012/04/04 21:09:35 | 000,001,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TuneUp 1-Click Maintenance.lnk
[2012/04/04 21:09:35 | 000,001,741 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012/03/21 15:43:03 | 000,147,608 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/11 07:05:23 | 000,870,128 | ---- | M] () -- C:\WINDOWS\System32\mcs.rma
[2012/03/11 07:05:23 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\26A054
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/09 19:54:34 | 000,001,803 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
[2012/04/09 19:54:34 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2012/04/09 19:54:03 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/04/09 19:51:57 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2012/04/05 11:24:31 | 000,001,870 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 3.0.lnk
[2012/04/04 21:09:35 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\Christopher Frost\Application Data\Microsoft\Internet Explorer\Quick Launch\TuneUp Utilities 2012.lnk
[2012/04/04 21:09:35 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TuneUp 1-Click Maintenance.lnk
[2012/04/04 21:09:35 | 000,001,741 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012/04/04 21:09:34 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2012.lnk

========== LOP Check ==========

[2008/04/27 11:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/04/23 20:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DataViz
[2008/04/23 20:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2008/04/01 11:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/04/30 19:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/04/04 21:09:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008/04/09 19:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2012/04/04 21:07:51 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2009/04/30 19:34:34 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/04/25 23:26:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher Frost\Application Data\HotSync
[2011/03/12 21:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher Frost\Application Data\PCDr
[2009/04/25 23:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher Frost\Application Data\Thunderbird
[2012/04/04 21:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher Frost\Application Data\TuneUp Software
[2012/04/09 19:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher Frost\Application Data\Windows Desktop Search

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >
  • 0

Advertisements

#2
Gammo
Posted 13 April 2012 - 06:35 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.
  • 0

#3
raven3
Posted 14 April 2012 - 04:54 AM

raven3

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Ii ran OTL again with the scan all users selected here are the results, thanks

OTL text,
OTL logfile created on: 4/14/2012 6:29:01 AM - Run 3
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Christopher Frost\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.81 Gb Available Physical Memory | 40.69% Memory free
3.84 Gb Paging File | 3.09 Gb Available in Paging File | 80.47% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146.46 Gb Total Space | 126.29 Gb Free Space | 86.23% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: D2F7XZF1 | User Name: Christopher Frost | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/09 20:27:22 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Christopher Frost\Desktop\OTL.exe
PRC - [2012/02/09 14:13:28 | 001,220,928 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012/02/09 14:13:22 | 001,529,152 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012/02/09 14:11:40 | 000,117,568 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TUAutoUpdateCheck.exe
PRC - [2012/02/01 09:00:16 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/13 20:12:40 | 000,196,608 | ---- | M] () -- \\?\C:\WINDOWS\System32\WBEM\WMIADAP.EXE
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/08 21:00:12 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2007/11/08 21:00:06 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/11/08 21:00:06 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/11/08 21:00:06 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2006/09/27 20:33:44 | 000,125,168 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2006/09/27 20:33:32 | 001,813,232 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2006/09/27 20:33:22 | 000,031,472 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2006/07/19 19:26:12 | 000,169,632 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2006/07/19 19:26:06 | 000,192,160 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2006/07/19 19:26:04 | 000,052,896 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2006/04/11 17:13:38 | 001,160,848 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
PRC - [2006/01/09 13:56:04 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\LxrSII1s.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/01 09:00:15 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2008/04/13 20:12:40 | 000,196,608 | ---- | M] () -- \\?\C:\WINDOWS\System32\WBEM\WMIADAP.EXE
MOD - [2008/04/13 20:12:08 | 000,214,528 | ---- | M] () -- \\?\C:\WINDOWS\System32\WBEM\wbemcomn.dll
MOD - [2007/12/11 15:21:52 | 000,753,664 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2006/01/09 13:56:04 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\LxrSII1s.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/02/09 14:13:22 | 001,529,152 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2006/09/27 20:33:38 | 000,116,464 | ---- | M] (symantec) [On_Demand | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2006/09/27 20:33:32 | 001,813,232 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2006/09/27 20:33:22 | 000,031,472 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2006/09/02 16:36:33 | 002,528,960 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE -- (LiveUpdate)
SRV - [2006/08/07 16:03:02 | 000,214,720 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2006/07/19 19:26:12 | 000,169,632 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2006/07/19 19:26:06 | 000,192,160 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2006/04/11 17:13:38 | 001,160,848 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2006/01/09 13:56:04 | 000,049,152 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/02/11 05:00:00 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/02/09 13:16:38 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012/01/20 20:27:34 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/01/16 12:48:06 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20120413.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/01/16 12:48:06 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20120413.002\NAVENG.SYS -- (NAVENG)
DRV - [2008/08/21 18:49:56 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2008/08/21 18:49:22 | 000,018,688 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2008/04/23 20:13:01 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2008/04/13 11:41:15 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2007/12/11 15:22:24 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/12/02 20:26:22 | 000,989,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/12/02 20:26:20 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/12/02 20:26:20 | 000,211,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/11/08 21:09:10 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2007/11/08 21:00:04 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/11/08 20:57:42 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/11/08 20:55:10 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/11/08 20:55:08 | 000,056,832 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/11/08 20:55:08 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/06/18 15:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motport.sys -- (motport)
DRV - [2007/06/18 15:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/12/14 09:37:40 | 000,072,672 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LxrSII1d.sys -- (LxrSII1d)
DRV - [2006/11/02 13:31:38 | 000,103,168 | ---- | M] (Knowles Acoustics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dxec02.sys -- (DXEC02)
DRV - [2006/09/18 17:55:28 | 000,109,744 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2006/09/06 14:41:20 | 000,337,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT)
DRV - [2006/09/06 14:41:20 | 000,054,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2006/08/07 16:02:26 | 000,195,776 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2006/08/07 16:02:22 | 000,024,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2006/04/11 17:13:34 | 000,389,776 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2005/08/12 18:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080401
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080401
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080401
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080401
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080401
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080401
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1420258269-3072462854-876425905-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=6080401
IE - HKU\S-1-5-21-1420258269-3072462854-876425905-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co...?channel=us-smb
IE - HKU\S-1-5-21-1420258269-3072462854-876425905-1006\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1420258269-3072462854-876425905-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-1420258269-3072462854-876425905-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.07103010
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..network.proxy.type: 4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Documents and Settings\Christopher Frost\Application Data\nprhapengine.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/05/24 12:21:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/08/14 20:30:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/01 09:00:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/29 21:27:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/14 20:30:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/12/17 21:16:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/05/24 12:21:58 | 000,000,000 | ---D | M]

[2008/09/21 16:11:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Christopher Frost\Application Data\Mozilla\Extensions
[2012/01/09 21:22:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Christopher Frost\Application Data\Mozilla\Firefox\Profiles\z1csv7f7.default\extensions
[2008/09/24 18:28:19 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Documents and Settings\Christopher Frost\Application Data\Mozilla\Firefox\Profiles\z1csv7f7.default\extensions\[email protected]
[2012/02/03 17:53:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\CHRISTOPHER FROST\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\Z1CSV7F7.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/02/01 09:00:16 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/29 21:27:30 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/11 15:23:49 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/15 19:51:04 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========


O1 HOSTS File: ([2011/02/28 23:49:13 | 000,307,149 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10573 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (jZip Webmail plugin) - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\Program Files\jZip\WebmailPlugin.dll (Discordia Limited)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKU\S-1-5-21-1420258269-3072462854-876425905-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKU\S-1-5-21-1420258269-3072462854-876425905-1006..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1420258269-3072462854-876425905-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4885B45-9C56-4892-8CD1-747B062A37B4}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - (C:\WINDOWS\system32\NavLogon.dll) - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Christopher Frost\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Christopher Frost\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 15:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/11 19:55:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/04/09 20:27:16 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Christopher Frost\Desktop\OTL.exe
[2012/04/09 19:55:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2012/04/09 19:55:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2012/04/09 19:55:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2012/04/09 19:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Christopher Frost\Application Data\Windows Desktop Search
[2012/04/09 19:54:24 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2012/04/09 19:54:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2012/04/09 19:37:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[2012/04/04 21:09:39 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2012/04/04 21:09:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2012
[2012/04/04 21:08:58 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012
[2012/04/04 21:07:51 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/14 06:21:07 | 000,467,714 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/04/14 06:21:07 | 000,080,764 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/04/14 06:16:14 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/04/11 20:06:01 | 000,000,908 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/11 19:52:15 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1420258269-3072462854-876425905-1006.job
[2012/04/11 19:52:12 | 000,000,904 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/11 19:52:06 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1420258269-3072462854-876425905-1009.job
[2012/04/11 19:51:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/04/11 19:51:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/04/09 20:27:22 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Christopher Frost\Desktop\OTL.exe
[2012/04/09 19:54:34 | 000,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2012/04/09 13:35:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/04/05 21:40:00 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1420258269-3072462854-876425905-1006.job
[2012/04/05 21:02:21 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Christopher Frost\Ÿ9Ÿ9
[2012/04/05 11:24:31 | 000,001,870 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 3.0.lnk
[2012/04/04 21:09:35 | 000,001,759 | ---- | M] () -- C:\Documents and Settings\Christopher Frost\Application Data\Microsoft\Internet Explorer\Quick Launch\TuneUp Utilities 2012.lnk
[2012/04/04 21:09:35 | 000,001,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TuneUp 1-Click Maintenance.lnk
[2012/04/04 21:09:35 | 000,001,741 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012/03/21 15:43:03 | 000,147,608 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/09 19:54:34 | 000,001,803 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
[2012/04/09 19:54:34 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2012/04/09 19:54:03 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/04/09 19:51:57 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2012/04/05 11:24:31 | 000,001,870 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 3.0.lnk
[2012/04/04 21:09:35 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\Christopher Frost\Application Data\Microsoft\Internet Explorer\Quick Launch\TuneUp Utilities 2012.lnk
[2012/04/04 21:09:35 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TuneUp 1-Click Maintenance.lnk
[2012/04/04 21:09:35 | 000,001,741 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012/04/04 21:09:34 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2012.lnk

========== LOP Check ==========

[2008/04/27 11:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008/04/23 20:14:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DataViz
[2008/04/23 20:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2008/04/01 11:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/04/30 19:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/04/04 21:09:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008/04/09 19:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2012/04/04 21:07:51 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2009/04/30 19:34:34 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2012/03/29 07:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Casey and Jaden\Application Data\KingsIsle Entertainment
[2010/02/27 13:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Casey and Jaden\Application Data\TuneUp Software
[2009/04/25 23:26:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher Frost\Application Data\HotSync
[2011/03/12 21:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher Frost\Application Data\PCDr
[2009/04/25 23:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher Frost\Application Data\Thunderbird
[2012/04/04 21:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher Frost\Application Data\TuneUp Software
[2012/04/09 19:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Christopher Frost\Application Data\Windows Desktop Search
[2012/04/09 19:37:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >


Extras,

OTL Extras logfile created on: 4/9/2012 8:31:32 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Christopher Frost\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.88 Gb Available Physical Memory | 44.28% Memory free
3.84 Gb Paging File | 3.18 Gb Available in Paging File | 82.75% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146.46 Gb Total Space | 126.72 Gb Free Space | 86.52% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: D2F7XZF1 | User Name: Christopher Frost | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{114AA4D3-A577-400E-A1B2-3CF75CF8D2E2}" = C5500_Help
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java™ 6 Update 29
"{26BEE28E-C285-4532-82D3-7CE3C5F805D4}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{33CFCF98-F8D6-4549-B469-6F4295676D83}" = Symantec AntiVirus
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter
"{5B8B9664-21C8-4A1C-AEE4-EF7B1EEB6BD3}" = PS_AIO_04_C5500_Software
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6CC1EE94-B426-478B-AE83-F83EBB4EF66A}" = HPPhotoSmartDiscLabel_PaperLabel
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75CDF2CA-5F89-4BC8-9556-CF70782CBD17}" = Motorola Phone Tools
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7ED180E1-ADE9-4C69-8845-BDF518D763B8}" = hpphotosmartdisclabelplugin
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A558B0C-541D-47e0-A177-8635CE723B07}" = HP Photosmart C5500 All-In-One Driver Software 11.0 Rel .4
"{8E37A0C8-C0E7-4E7A-8739-ACF20D02E70C}" = PS_AIO_04_C5500_Software_Min
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{91120000-0013-0000-0000-0000000FF1CE}" = Microsoft Office Basic 2007
"{922D9CCA-4317-425F-9AA5-94829DF8BA6D}" = Motorola Software Update
"{9A9310B0-FAD0-440E-97B1-5EE14568EF78}" = PS_AIO_04_C5500_ProductContext
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95A76C9-6F65-477E-83A0-9F884B6DC21B}" = TuneUp Utilities Language Pack (en-US)
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1
"{ADAED43C-BBD9-42C5-8B21-F4FBFA81E3C3}" = Palm
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B8EF780F-126C-4CF0-AAB2-1B68BF06BA1C}" = Motorola Driver Installation 3.7.0
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BCC09E9C-3340-473D-A4FE-8580992CA77A}" = HPPhotoSmartDiscLabelContent1
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C77A7F57-0BA5-4A17-B1C4-28E1D5F5A6EC}" = C5500
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D063F201-FAC4-4D5C-B10B-615058ADE5A7}" = HP Update
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D1B5E9C8-4CCF-44E3-87D6-7C00D7DA5370}" = IntelliSonic Speech Enhancement
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EB807EB6-5179-48B7-98D4-7B4934A57A81}" = Documents To Go
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"BASICR" = Microsoft Office Basic 2007
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Google Updater" = Google Updater
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"ie8" = Windows Internet Explorer 8
"jZip" = jZip
"LiveUpdate" = LiveUpdate 3.1 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 9.0.1 (x86 en-US)" = Mozilla Firefox 9.0.1 (x86 en-US)
"Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"RealPlayer 12.0" = RealPlayer
"Rhapsody" = Rhapsody
"SearchAssist" = SearchAssist
"Shop for HP Supplies" = Shop for HP Supplies
"SuperOthello1.0" = SuperOthello
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/5/2012 8:54:43 AM | Computer Name = D2F7XZF1 | Source = Application Hang | ID = 1002
Description = Hanging application TUMessages.exe, version 12.0.3010.5, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/5/2012 12:29:36 PM | Computer Name = D2F7XZF1 | Source = Application Hang | ID = 1002
Description = Hanging application integrator.exe, version 12.0.3010.5, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/5/2012 10:31:48 PM | Computer Name = D2F7XZF1 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 9.0.1.4371, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/5/2012 10:31:54 PM | Computer Name = D2F7XZF1 | Source = Application Hang | ID = 1001
Description = Fault bucket -1544775435.

Error - 4/7/2012 2:15:12 PM | Computer Name = D2F7XZF1 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 9.0.1.4371, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/7/2012 2:42:20 PM | Computer Name = D2F7XZF1 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 9.0.1.4371, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/7/2012 2:42:59 PM | Computer Name = D2F7XZF1 | Source = Application Hang | ID = 1001
Description = Fault bucket -1544775435.

Error - 4/9/2012 7:42:54 PM | Computer Name = D2F7XZF1 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 9.0.1.4371, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/9/2012 7:55:15 PM | Computer Name = D2F7XZF1 | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Windows Application,
SystemIndex Catalog

Error - 4/9/2012 8:18:42 PM | Computer Name = D2F7XZF1 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 9.0.1.4371, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 4/4/2012 8:37:50 PM | Computer Name = D2F7XZF1 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 4/4/2012 8:37:50 PM | Computer Name = D2F7XZF1 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 4/4/2012 8:37:50 PM | Computer Name = D2F7XZF1 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 4/4/2012 8:37:50 PM | Computer Name = D2F7XZF1 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 4/4/2012 8:37:50 PM | Computer Name = D2F7XZF1 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 4/5/2012 11:24:04 AM | Computer Name = D2F7XZF1 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 4/5/2012 9:02:02 PM | Computer Name = D2F7XZF1 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 4/6/2012 3:32:24 PM | Computer Name = D2F7XZF1 | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 001F3A82B589. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 4/9/2012 7:36:37 PM | Computer Name = D2F7XZF1 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 4/9/2012 8:01:07 PM | Computer Name = D2F7XZF1 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

[ TuneUp Events ]
Error - 3/6/2010 12:29:43 AM | Computer Name = D2F7XZF1 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 3/6/2010 12:30:58 AM | Computer Name = D2F7XZF1 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 3/6/2010 12:31:04 AM | Computer Name = D2F7XZF1 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 3/10/2010 4:22:18 PM | Computer Name = D2F7XZF1 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 5/20/2010 8:37:47 PM | Computer Name = D2F7XZF1 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 5/20/2010 8:38:34 PM | Computer Name = D2F7XZF1 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 5/20/2010 8:38:39 PM | Computer Name = D2F7XZF1 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 5/20/2010 8:39:34 PM | Computer Name = D2F7XZF1 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 11/19/2010 8:50:21 PM | Computer Name = D2F7XZF1 | Source = TuneUp Program Statistics | ID = 131840
Description =

Error - 11/19/2010 9:43:07 PM | Computer Name = D2F7XZF1 | Source = TuneUp Program Statistics | ID = 131840
Description =


< End of report >
  • 0

#4
Gammo
Posted 14 April 2012 - 05:47 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.





Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.



Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#5
raven3
Posted 14 April 2012 - 06:25 PM

raven3

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
I ran the TDSSKiller and the combofix. Mozilla is still hanging up, seems like more frequently. Here are the logs. Thanks again


11:59:46.0171 3532 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
11:59:46.0671 3532 ============================================================
11:59:46.0671 3532 Current date / time: 2012/04/14 11:59:46.0671
11:59:46.0671 3532 SystemInfo:
11:59:46.0671 3532
11:59:46.0671 3532 OS Version: 5.1.2600 ServicePack: 3.0
11:59:46.0671 3532 Product type: Workstation
11:59:46.0671 3532 ComputerName: D2F7XZF1
11:59:46.0671 3532 UserName: Christopher Frost
11:59:46.0671 3532 Windows directory: C:\WINDOWS
11:59:46.0671 3532 System windows directory: C:\WINDOWS
11:59:46.0671 3532 Processor architecture: Intel x86
11:59:46.0671 3532 Number of processors: 2
11:59:46.0671 3532 Page size: 0x1000
11:59:46.0671 3532 Boot type: Normal boot
11:59:46.0671 3532 ============================================================
11:59:48.0484 3532 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:59:48.0484 3532 \Device\Harddisk0\DR0:
11:59:48.0484 3532 MBR used
11:59:48.0484 3532 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2B24B, BlocksNum 0x124EAFEF
11:59:48.0562 3532 Initialize success
11:59:48.0562 3532 ============================================================
12:00:40.0453 4068 ============================================================
12:00:40.0453 4068 Scan started
12:00:40.0453 4068 Mode: Manual; SigCheck; TDLFS;
12:00:40.0453 4068 ============================================================
12:00:40.0671 4068 Abiosdsk - ok
12:00:40.0718 4068 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:00:42.0093 4068 abp480n5 - ok
12:00:42.0187 4068 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:00:42.0453 4068 ACPI - ok
12:00:42.0500 4068 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:00:42.0734 4068 ACPIEC - ok
12:00:42.0781 4068 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:00:43.0031 4068 adpu160m - ok
12:00:43.0125 4068 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:00:43.0343 4068 aec - ok
12:00:43.0406 4068 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:00:43.0484 4068 AFD - ok
12:00:43.0546 4068 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
12:00:43.0781 4068 agp440 - ok
12:00:43.0843 4068 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:00:44.0062 4068 agpCPQ - ok
12:00:44.0125 4068 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:00:44.0234 4068 Aha154x - ok
12:00:44.0281 4068 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:00:44.0515 4068 aic78u2 - ok
12:00:44.0562 4068 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:00:44.0796 4068 aic78xx - ok
12:00:44.0859 4068 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
12:00:45.0093 4068 Alerter - ok
12:00:45.0156 4068 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
12:00:45.0406 4068 ALG - ok
12:00:45.0468 4068 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
12:00:45.0703 4068 AliIde - ok
12:00:45.0765 4068 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:00:45.0984 4068 alim1541 - ok
12:00:46.0046 4068 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:00:46.0281 4068 amdagp - ok
12:00:46.0375 4068 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
12:00:46.0484 4068 amsint - ok
12:00:46.0546 4068 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
12:00:46.0718 4068 ApfiltrService - ok
12:00:46.0796 4068 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
12:00:46.0828 4068 APPDRV ( UnsignedFile.Multi.Generic ) - warning
12:00:46.0828 4068 APPDRV - detected UnsignedFile.Multi.Generic (1)
12:00:46.0843 4068 AppMgmt - ok
12:00:46.0906 4068 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:00:47.0156 4068 Arp1394 - ok
12:00:47.0218 4068 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
12:00:47.0453 4068 asc - ok
12:00:47.0515 4068 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:00:47.0609 4068 asc3350p - ok
12:00:47.0671 4068 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:00:47.0906 4068 asc3550 - ok
12:00:48.0015 4068 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:00:48.0046 4068 aspnet_state - ok
12:00:48.0109 4068 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:00:48.0328 4068 AsyncMac - ok
12:00:48.0375 4068 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:00:48.0593 4068 atapi - ok
12:00:48.0640 4068 Atdisk - ok
12:00:48.0671 4068 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:00:48.0906 4068 Atmarpc - ok
12:00:48.0953 4068 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
12:00:49.0203 4068 AudioSrv - ok
12:00:49.0265 4068 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:00:49.0484 4068 audstub - ok
12:00:49.0562 4068 BCM43XX (e9ea635b8432d68f0005b3f6cebab837) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
12:00:49.0703 4068 BCM43XX - ok
12:00:49.0750 4068 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
12:00:49.0781 4068 bcm4sbxp - ok
12:00:49.0828 4068 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:00:50.0062 4068 Beep - ok
12:00:50.0140 4068 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
12:00:50.0421 4068 BITS - ok
12:00:50.0484 4068 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
12:00:50.0718 4068 Browser - ok
12:00:50.0796 4068 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:00:51.0015 4068 cbidf - ok
12:00:51.0062 4068 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:00:51.0281 4068 cbidf2k - ok
12:00:51.0375 4068 ccEvtMgr (0a6786c95a6f8715aa4285e3c27f201f) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
12:00:51.0406 4068 ccEvtMgr - ok
12:00:51.0421 4068 ccSetMgr (3b4898cf051bb04fb76e94361e336a83) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
12:00:51.0437 4068 ccSetMgr - ok
12:00:51.0500 4068 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:00:51.0593 4068 cd20xrnt - ok
12:00:51.0656 4068 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:00:51.0890 4068 Cdaudio - ok
12:00:51.0968 4068 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:00:52.0203 4068 Cdfs - ok
12:00:52.0250 4068 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:00:52.0500 4068 Cdrom - ok
12:00:52.0531 4068 Changer - ok
12:00:52.0593 4068 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
12:00:52.0828 4068 CiSvc - ok
12:00:52.0890 4068 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
12:00:53.0109 4068 ClipSrv - ok
12:00:53.0234 4068 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:00:53.0265 4068 clr_optimization_v2.0.50727_32 - ok
12:00:53.0328 4068 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:00:53.0546 4068 CmBatt - ok
12:00:53.0609 4068 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:00:53.0843 4068 CmdIde - ok
12:00:53.0890 4068 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:00:54.0109 4068 Compbatt - ok
12:00:54.0156 4068 COMSysApp - ok
12:00:54.0203 4068 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:00:54.0437 4068 Cpqarray - ok
12:00:54.0500 4068 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
12:00:54.0718 4068 CryptSvc - ok
12:00:54.0796 4068 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:00:55.0046 4068 dac2w2k - ok
12:00:55.0125 4068 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:00:55.0359 4068 dac960nt - ok
12:00:55.0437 4068 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
12:00:55.0515 4068 DcomLaunch - ok
12:00:55.0578 4068 DefWatch (1f709c66d8aadff35530c56ee261c462) C:\Program Files\Symantec AntiVirus\DefWatch.exe
12:00:55.0593 4068 DefWatch - ok
12:00:55.0656 4068 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
12:00:55.0890 4068 Dhcp - ok
12:00:55.0968 4068 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:00:56.0187 4068 Disk - ok
12:00:56.0234 4068 dmadmin - ok
12:00:56.0296 4068 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:00:56.0578 4068 dmboot - ok
12:00:56.0640 4068 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:00:56.0890 4068 dmio - ok
12:00:56.0937 4068 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:00:57.0171 4068 dmload - ok
12:00:57.0250 4068 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
12:00:57.0468 4068 dmserver - ok
12:00:57.0546 4068 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:00:57.0781 4068 DMusic - ok
12:00:57.0843 4068 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
12:00:57.0937 4068 Dnscache - ok
12:00:58.0015 4068 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
12:00:58.0250 4068 Dot3svc - ok
12:00:58.0312 4068 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:00:58.0531 4068 dpti2o - ok
12:00:58.0593 4068 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:00:58.0812 4068 drmkaud - ok
12:00:58.0875 4068 DXEC02 (0c8762b91b967a91373e0e022b62acfc) C:\WINDOWS\system32\drivers\dxec02.sys
12:00:58.0890 4068 DXEC02 ( UnsignedFile.Multi.Generic ) - warning
12:00:58.0890 4068 DXEC02 - detected UnsignedFile.Multi.Generic (1)
12:00:58.0953 4068 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
12:00:59.0187 4068 E100B - ok
12:00:59.0250 4068 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
12:00:59.0468 4068 EapHost - ok
12:00:59.0578 4068 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:00:59.0656 4068 eeCtrl - ok
12:00:59.0687 4068 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:00:59.0703 4068 EraserUtilRebootDrv - ok
12:00:59.0796 4068 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
12:01:00.0031 4068 ERSvc - ok
12:01:00.0093 4068 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:01:00.0156 4068 Eventlog - ok
12:01:00.0218 4068 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
12:01:00.0265 4068 EventSystem - ok
12:01:00.0343 4068 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:01:00.0562 4068 Fastfat - ok
12:01:00.0640 4068 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:01:00.0703 4068 FastUserSwitchingCompatibility - ok
12:01:00.0765 4068 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
12:01:01.0000 4068 Fax - ok
12:01:01.0062 4068 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:01:01.0296 4068 Fdc - ok
12:01:01.0375 4068 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:01:01.0593 4068 Fips - ok
12:01:01.0656 4068 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:01:01.0875 4068 Flpydisk - ok
12:01:01.0937 4068 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:01:02.0156 4068 FltMgr - ok
12:01:02.0250 4068 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:01:02.0281 4068 FontCache3.0.0.0 - ok
12:01:02.0312 4068 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:01:02.0546 4068 Fs_Rec - ok
12:01:02.0609 4068 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:01:02.0843 4068 Ftdisk - ok
12:01:02.0921 4068 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:01:03.0140 4068 Gpc - ok
12:01:03.0250 4068 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
12:01:03.0281 4068 gupdate - ok
12:01:03.0281 4068 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
12:01:03.0312 4068 gupdatem - ok
12:01:03.0359 4068 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:01:03.0390 4068 gusvc - ok
12:01:03.0453 4068 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:01:03.0671 4068 HDAudBus - ok
12:01:03.0796 4068 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:01:04.0015 4068 helpsvc - ok
12:01:04.0062 4068 HidServ - ok
12:01:04.0109 4068 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:01:04.0343 4068 HidUsb - ok
12:01:04.0390 4068 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
12:01:04.0625 4068 hkmsvc - ok
12:01:04.0703 4068 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
12:01:04.0906 4068 hpn - ok
12:01:05.0031 4068 hpqcxs08 (ed377b3c83fdea8d906109a085d219ba) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
12:01:05.0046 4068 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
12:01:05.0046 4068 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
12:01:05.0078 4068 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
12:01:05.0109 4068 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
12:01:05.0109 4068 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
12:01:05.0281 4068 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
12:01:05.0640 4068 HPZid412 - ok
12:01:05.0703 4068 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
12:01:05.0781 4068 HPZipr12 - ok
12:01:05.0828 4068 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
12:01:05.0906 4068 HPZius12 - ok
12:01:05.0984 4068 HSFHWAZL (290cdbb05903742ea06b7203c5a662f5) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
12:01:06.0031 4068 HSFHWAZL - ok
12:01:06.0125 4068 HSF_DPV (7ab812355f98858b9ecdd46e6fcc221f) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
12:01:06.0234 4068 HSF_DPV - ok
12:01:06.0296 4068 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:01:06.0359 4068 HTTP - ok
12:01:06.0406 4068 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
12:01:06.0640 4068 HTTPFilter - ok
12:01:06.0718 4068 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
12:01:06.0953 4068 i2omgmt - ok
12:01:07.0000 4068 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:01:07.0218 4068 i2omp - ok
12:01:07.0281 4068 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:01:07.0500 4068 i8042prt - ok
12:01:07.0718 4068 ialm (bffa387180121df1e4646c4ced3e16ca) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
12:01:08.0093 4068 ialm - ok
12:01:08.0140 4068 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\WINDOWS\system32\drivers\iaStor.sys
12:01:08.0171 4068 iaStor - ok
12:01:08.0250 4068 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:01:08.0265 4068 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:01:08.0265 4068 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:01:08.0406 4068 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:01:08.0500 4068 idsvc - ok
12:01:08.0562 4068 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:01:08.0781 4068 Imapi - ok
12:01:08.0859 4068 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
12:01:09.0093 4068 ImapiService - ok
12:01:09.0156 4068 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:01:09.0390 4068 ini910u - ok
12:01:09.0453 4068 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
12:01:09.0671 4068 IntelIde - ok
12:01:09.0718 4068 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:01:09.0937 4068 intelppm - ok
12:01:10.0000 4068 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:01:10.0218 4068 Ip6Fw - ok
12:01:10.0281 4068 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:01:10.0500 4068 IpFilterDriver - ok
12:01:10.0562 4068 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:01:10.0781 4068 IpInIp - ok
12:01:10.0828 4068 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:01:11.0062 4068 IpNat - ok
12:01:11.0140 4068 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:01:11.0375 4068 IPSec - ok
12:01:11.0406 4068 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:01:11.0625 4068 IRENUM - ok
12:01:11.0671 4068 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:01:11.0890 4068 isapnp - ok
12:01:11.0953 4068 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
12:01:12.0031 4068 JavaQuickStarterService - ok
12:01:12.0062 4068 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:01:12.0296 4068 Kbdclass - ok
12:01:12.0343 4068 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:01:12.0578 4068 kmixer - ok
12:01:12.0640 4068 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:01:12.0718 4068 KSecDD - ok
12:01:12.0781 4068 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
12:01:12.0843 4068 lanmanserver - ok
12:01:12.0921 4068 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
12:01:12.0968 4068 lanmanworkstation - ok
12:01:13.0000 4068 lbrtfdc - ok
12:01:13.0171 4068 LiveUpdate (fb3a35318ca7f6a10fa3c3826a69affe) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
12:01:13.0406 4068 LiveUpdate - ok
12:01:13.0468 4068 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
12:01:13.0687 4068 LmHosts - ok
12:01:13.0781 4068 LxrSII1d (7c12f93c005021861a36c11df951891a) C:\WINDOWS\system32\Drivers\LxrSII1d.sys
12:01:13.0812 4068 LxrSII1d ( UnsignedFile.Multi.Generic ) - warning
12:01:13.0812 4068 LxrSII1d - detected UnsignedFile.Multi.Generic (1)
12:01:13.0812 4068 LxrSII1s - ok
12:01:13.0875 4068 MCSTRM (5bb01b9f582259d1fb7653c5c1da3653) C:\WINDOWS\system32\drivers\MCSTRM.sys
12:01:13.0890 4068 MCSTRM ( UnsignedFile.Multi.Generic ) - warning
12:01:13.0890 4068 MCSTRM - detected UnsignedFile.Multi.Generic (1)
12:01:13.0921 4068 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:01:13.0953 4068 mdmxsdk - ok
12:01:13.0984 4068 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
12:01:14.0203 4068 Messenger - ok
12:01:14.0250 4068 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:01:14.0484 4068 mnmdd - ok
12:01:14.0531 4068 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
12:01:14.0765 4068 mnmsrvc - ok
12:01:14.0875 4068 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:01:15.0093 4068 Modem - ok
12:01:15.0171 4068 motccgp (201bfc4ef8b33d02d133fbf6535e515b) C:\WINDOWS\system32\DRIVERS\motccgp.sys
12:01:15.0250 4068 motccgp - ok
12:01:15.0296 4068 motccgpfl (d0242a3832eb7c97801bb25889561e23) C:\WINDOWS\system32\DRIVERS\motccgpfl.sys
12:01:15.0359 4068 motccgpfl - ok
12:01:15.0421 4068 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys
12:01:15.0500 4068 motmodem - ok
12:01:15.0562 4068 motport (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motport.sys
12:01:15.0609 4068 motport - ok
12:01:15.0671 4068 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:01:15.0890 4068 Mouclass - ok
12:01:15.0968 4068 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:01:16.0203 4068 mouhid - ok
12:01:16.0234 4068 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:01:16.0437 4068 MountMgr - ok
12:01:16.0500 4068 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:01:16.0734 4068 mraid35x - ok
12:01:16.0812 4068 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:01:17.0265 4068 MRxDAV - ok
12:01:17.0328 4068 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:01:17.0421 4068 MRxSmb - ok
12:01:17.0468 4068 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
12:01:17.0687 4068 MSDTC - ok
12:01:17.0781 4068 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:01:18.0000 4068 Msfs - ok
12:01:18.0046 4068 MSIServer - ok
12:01:18.0093 4068 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:01:18.0296 4068 MSKSSRV - ok
12:01:18.0343 4068 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:01:18.0546 4068 MSPCLOCK - ok
12:01:18.0593 4068 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:01:18.0812 4068 MSPQM - ok
12:01:18.0890 4068 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:01:19.0109 4068 mssmbios - ok
12:01:19.0187 4068 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:01:19.0250 4068 Mup - ok
12:01:19.0312 4068 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
12:01:19.0531 4068 napagent - ok
12:01:19.0640 4068 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120413.002\naveng.sys
12:01:19.0671 4068 NAVENG - ok
12:01:19.0734 4068 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120413.002\navex15.sys
12:01:19.0843 4068 NAVEX15 - ok
12:01:19.0906 4068 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:01:20.0140 4068 NDIS - ok
12:01:20.0218 4068 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:01:20.0265 4068 NdisTapi - ok
12:01:20.0312 4068 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:01:20.0531 4068 Ndisuio - ok
12:01:20.0562 4068 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:01:20.0781 4068 NdisWan - ok
12:01:20.0859 4068 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:01:20.0906 4068 NDProxy - ok
12:01:20.0937 4068 Net Driver HPZ12 (949941e4de88df1faf49a4b3cffb756f) C:\WINDOWS\system32\HPZinw12.dll
12:01:20.0953 4068 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:01:20.0953 4068 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:01:21.0015 4068 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:01:21.0250 4068 NetBIOS - ok
12:01:21.0296 4068 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:01:21.0515 4068 NetBT - ok
12:01:21.0593 4068 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:01:21.0828 4068 NetDDE - ok
12:01:21.0828 4068 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:01:22.0046 4068 NetDDEdsdm - ok
12:01:22.0109 4068 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:01:22.0312 4068 Netlogon - ok
12:01:22.0343 4068 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
12:01:22.0578 4068 Netman - ok
12:01:22.0687 4068 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:01:22.0718 4068 NetTcpPortSharing - ok
12:01:22.0796 4068 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:01:23.0015 4068 NIC1394 - ok
12:01:23.0078 4068 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
12:01:23.0125 4068 Nla - ok
12:01:23.0156 4068 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:01:23.0375 4068 Npfs - ok
12:01:23.0437 4068 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:01:23.0703 4068 Ntfs - ok
12:01:23.0796 4068 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:01:24.0000 4068 NtLmSsp - ok
12:01:24.0093 4068 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
12:01:24.0328 4068 NtmsSvc - ok
12:01:24.0375 4068 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:01:24.0625 4068 Null - ok
12:01:24.0750 4068 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:01:25.0046 4068 nv - ok
12:01:25.0140 4068 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:01:25.0375 4068 NwlnkFlt - ok
12:01:25.0437 4068 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:01:25.0656 4068 NwlnkFwd - ok
12:01:25.0781 4068 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:01:25.0828 4068 odserv - ok
12:01:25.0906 4068 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:01:26.0125 4068 ohci1394 - ok
12:01:26.0171 4068 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:01:26.0187 4068 ose - ok
12:01:26.0265 4068 PalmUSBD (240c0d4049a833b16b63b636acf01672) C:\WINDOWS\system32\drivers\PalmUSBD.sys
12:01:26.0328 4068 PalmUSBD - ok
12:01:26.0375 4068 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
12:01:26.0593 4068 Parport - ok
12:01:26.0640 4068 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:01:26.0859 4068 PartMgr - ok
12:01:26.0921 4068 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:01:27.0156 4068 ParVdm - ok
12:01:27.0250 4068 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
12:01:27.0468 4068 PCI - ok
12:01:27.0468 4068 PCIDump - ok
12:01:27.0515 4068 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:01:27.0750 4068 PCIIde - ok
12:01:27.0781 4068 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:01:28.0000 4068 Pcmcia - ok
12:01:28.0000 4068 PDCOMP - ok
12:01:28.0015 4068 PDFRAME - ok
12:01:28.0031 4068 PDRELI - ok
12:01:28.0046 4068 PDRFRAME - ok
12:01:28.0093 4068 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
12:01:28.0328 4068 perc2 - ok
12:01:28.0359 4068 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:01:28.0593 4068 perc2hib - ok
12:01:28.0671 4068 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:01:28.0718 4068 PlugPlay - ok
12:01:28.0796 4068 Pml Driver HPZ12 (2f4ca141a609caf5c98f6e4760ef1b9b) C:\WINDOWS\system32\HPZipm12.dll
12:01:28.0828 4068 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:01:28.0828 4068 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:01:28.0890 4068 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:01:29.0093 4068 PolicyAgent - ok
12:01:29.0171 4068 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:01:29.0375 4068 PptpMiniport - ok
12:01:29.0406 4068 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:01:29.0609 4068 ProtectedStorage - ok
12:01:29.0640 4068 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:01:29.0875 4068 PSched - ok
12:01:29.0921 4068 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:01:30.0140 4068 Ptilink - ok
12:01:30.0171 4068 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:01:30.0421 4068 ql1080 - ok
12:01:30.0453 4068 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:01:30.0687 4068 Ql10wnt - ok
12:01:30.0734 4068 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:01:30.0953 4068 ql12160 - ok
12:01:30.0968 4068 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:01:31.0187 4068 ql1240 - ok
12:01:31.0234 4068 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:01:31.0453 4068 ql1280 - ok
12:01:31.0484 4068 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:01:31.0703 4068 RasAcd - ok
12:01:31.0750 4068 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
12:01:31.0953 4068 RasAuto - ok
12:01:32.0015 4068 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:01:32.0234 4068 Rasl2tp - ok
12:01:32.0328 4068 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
12:01:32.0531 4068 RasMan - ok
12:01:32.0578 4068 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:01:32.0781 4068 RasPppoe - ok
12:01:32.0843 4068 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:01:33.0046 4068 Raspti - ok
12:01:33.0109 4068 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:01:33.0343 4068 Rdbss - ok
12:01:33.0390 4068 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:01:33.0625 4068 RDPCDD - ok
12:01:33.0734 4068 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:01:33.0953 4068 rdpdr - ok
12:01:34.0031 4068 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
12:01:34.0078 4068 RDPWD - ok
12:01:34.0140 4068 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
12:01:34.0359 4068 RDSessMgr - ok
12:01:34.0406 4068 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:01:34.0625 4068 redbook - ok
12:01:34.0687 4068 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
12:01:34.0921 4068 RemoteAccess - ok
12:01:35.0015 4068 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
12:01:35.0062 4068 rimmptsk - ok
12:01:35.0093 4068 rimsptsk (03d6740e41e86476ef7d1e52ca0b947d) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
12:01:35.0140 4068 rimsptsk - ok
12:01:35.0171 4068 rismxdp (d231b577024aa324af13a42f3a807d10) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
12:01:35.0234 4068 rismxdp - ok
12:01:35.0312 4068 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
12:01:35.0531 4068 RpcLocator - ok
12:01:35.0593 4068 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
12:01:35.0640 4068 RpcSs - ok
12:01:35.0703 4068 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
12:01:35.0937 4068 RSVP - ok
12:01:36.0000 4068 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:01:36.0218 4068 SamSs - ok
12:01:36.0296 4068 SavRoam (3525fdcfc567e807a337c61aff366be8) C:\Program Files\Symantec AntiVirus\SavRoam.exe
12:01:36.0312 4068 SavRoam - ok
12:01:36.0343 4068 SAVRT (12b6e269ef8ac8ea36122544c8a1b6d8) C:\Program Files\Symantec AntiVirus\savrt.sys
12:01:36.0375 4068 SAVRT - ok
12:01:36.0390 4068 SAVRTPEL (97e5b6f3f95465e1f59360b59d8ec64e) C:\Program Files\Symantec AntiVirus\Savrtpel.sys
12:01:36.0406 4068 SAVRTPEL - ok
12:01:36.0484 4068 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
12:01:36.0703 4068 SCardSvr - ok
12:01:36.0765 4068 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
12:01:37.0015 4068 Schedule - ok
12:01:37.0109 4068 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
12:01:37.0328 4068 sdbus - ok
12:01:37.0406 4068 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:01:37.0609 4068 Secdrv - ok
12:01:37.0656 4068 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
12:01:37.0890 4068 seclogon - ok
12:01:37.0937 4068 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
12:01:38.0171 4068 SENS - ok
12:01:38.0250 4068 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:01:38.0484 4068 serenum - ok
12:01:38.0515 4068 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
12:01:38.0750 4068 Serial - ok
12:01:38.0812 4068 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
12:01:39.0031 4068 sffdisk - ok
12:01:39.0093 4068 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
12:01:39.0312 4068 sffp_sd - ok
12:01:39.0390 4068 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:01:39.0609 4068 Sfloppy - ok
12:01:39.0671 4068 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
12:01:39.0921 4068 SharedAccess - ok
12:01:40.0015 4068 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:01:40.0046 4068 ShellHWDetection - ok
12:01:40.0078 4068 Simbad - ok
12:01:40.0140 4068 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:01:40.0359 4068 sisagp - ok
12:01:40.0468 4068 SNDSrvc (0d411eea92751c1ecd8453892f41e726) C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
12:01:40.0500 4068 SNDSrvc - ok
12:01:40.0562 4068 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
12:01:40.0796 4068 SONYPVU1 - ok
12:01:40.0859 4068 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:01:40.0968 4068 Sparrow - ok
12:01:41.0000 4068 SPBBCDrv (677b10906838d3bfb1c07ac9087e4bf7) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
12:01:41.0031 4068 SPBBCDrv - ok
12:01:41.0093 4068 SPBBCSvc (c830007369e18a54aed23b5bb3afa2ba) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
12:01:41.0187 4068 SPBBCSvc - ok
12:01:41.0234 4068 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:01:41.0453 4068 splitter - ok
12:01:41.0500 4068 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
12:01:41.0546 4068 Spooler - ok
12:01:41.0593 4068 sprtsvc_dellsupportcenter - ok
12:01:41.0640 4068 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:01:41.0859 4068 sr - ok
12:01:41.0921 4068 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
12:01:42.0140 4068 srservice - ok
12:01:42.0203 4068 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:01:42.0281 4068 Srv - ok
12:01:42.0359 4068 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
12:01:42.0562 4068 SSDPSRV - ok
12:01:42.0687 4068 STHDA (58f855684e163466a5c565adf0865536) C:\WINDOWS\system32\drivers\sthda.sys
12:01:42.0812 4068 STHDA - ok
12:01:42.0890 4068 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
12:01:43.0125 4068 stisvc - ok
12:01:43.0187 4068 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:01:43.0406 4068 swenum - ok
12:01:43.0453 4068 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:01:43.0671 4068 swmidi - ok
12:01:43.0703 4068 SwPrv - ok
12:01:43.0859 4068 Symantec AntiVirus (8fdaadf204a4f29214da1b03342e2735) C:\Program Files\Symantec AntiVirus\Rtvscan.exe
12:01:43.0984 4068 Symantec AntiVirus - ok
12:01:44.0062 4068 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
12:01:44.0281 4068 symc810 - ok
12:01:44.0328 4068 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:01:44.0562 4068 symc8xx - ok
12:01:44.0593 4068 SymEvent (de6d1102d55926354171ae4e73936725) C:\Program Files\Symantec\SYMEVENT.SYS
12:01:44.0640 4068 SymEvent - ok
12:01:44.0703 4068 SYMREDRV (6c0a85982f4e0d672b85a2bfb50a24b5) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
12:01:44.0718 4068 SYMREDRV - ok
12:01:44.0765 4068 SYMTDI (cdda3ba3f7d5b63ff9f85cb478c11473) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
12:01:44.0796 4068 SYMTDI - ok
12:01:44.0859 4068 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:01:45.0078 4068 sym_hi - ok
12:01:45.0156 4068 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:01:45.0390 4068 sym_u3 - ok
12:01:45.0421 4068 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:01:45.0656 4068 sysaudio - ok
12:01:45.0703 4068 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
12:01:45.0937 4068 SysmonLog - ok
12:01:46.0015 4068 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
12:01:46.0234 4068 TapiSrv - ok
12:01:46.0328 4068 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:01:46.0390 4068 Tcpip - ok
12:01:46.0421 4068 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:01:46.0640 4068 TDPIPE - ok
12:01:46.0671 4068 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:01:46.0875 4068 TDTCP - ok
12:01:46.0906 4068 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:01:47.0109 4068 TermDD - ok
12:01:47.0171 4068 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
12:01:47.0390 4068 TermService - ok
12:01:47.0468 4068 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:01:47.0500 4068 Themes - ok
12:01:47.0562 4068 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
12:01:47.0812 4068 TosIde - ok
12:01:47.0875 4068 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
12:01:48.0093 4068 TrkWks - ok
12:01:48.0265 4068 TuneUp.UtilitiesSvc (747ae9d7c5489455e2e3ca9459419e17) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
12:01:48.0375 4068 TuneUp.UtilitiesSvc - ok
12:01:48.0406 4068 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
12:01:48.0421 4068 TuneUpUtilitiesDrv - ok
12:01:48.0500 4068 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:01:48.0734 4068 Udfs - ok
12:01:48.0796 4068 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
12:01:48.0890 4068 ultra - ok
12:01:48.0968 4068 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:01:49.0218 4068 Update - ok
12:01:49.0328 4068 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
12:01:49.0546 4068 upnphost - ok
12:01:49.0578 4068 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
12:01:49.0796 4068 UPS - ok
12:01:49.0843 4068 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
12:01:50.0062 4068 usbaudio - ok
12:01:50.0125 4068 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:01:50.0328 4068 usbccgp - ok
12:01:50.0375 4068 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:01:50.0593 4068 usbehci - ok
12:01:50.0703 4068 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:01:50.0937 4068 usbhub - ok
12:01:50.0984 4068 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:01:51.0218 4068 usbprint - ok
12:01:51.0281 4068 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:01:51.0500 4068 usbscan - ok
12:01:51.0562 4068 usbsermptxp (49106ee29074e6a3d3ac9e24c6d791d8) C:\WINDOWS\system32\DRIVERS\usbsermptxp.sys
12:01:51.0734 4068 usbsermptxp - ok
12:01:51.0843 4068 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:01:52.0062 4068 USBSTOR - ok
12:01:52.0093 4068 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:01:52.0312 4068 usbuhci - ok
12:01:52.0328 4068 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:01:52.0546 4068 VgaSave - ok
12:01:52.0578 4068 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:01:52.0796 4068 viaagp - ok
12:01:52.0843 4068 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
12:01:53.0062 4068 ViaIde - ok
12:01:53.0109 4068 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:01:53.0328 4068 VolSnap - ok
12:01:53.0421 4068 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
12:01:53.0640 4068 VSS - ok
12:01:53.0703 4068 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
12:01:53.0921 4068 w32time - ok
12:01:54.0000 4068 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:01:54.0218 4068 Wanarp - ok
12:01:54.0296 4068 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:01:54.0343 4068 Wdf01000 - ok
12:01:54.0406 4068 WDICA - ok
12:01:54.0437 4068 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:01:54.0656 4068 wdmaud - ok
12:01:54.0718 4068 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
12:01:54.0921 4068 WebClient - ok
12:01:55.0031 4068 winachsf (a8596cf86d445269a42ecc08b7066a4c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
12:01:55.0125 4068 winachsf - ok
12:01:55.0265 4068 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:01:55.0484 4068 winmgmt - ok
12:01:55.0562 4068 WinRM (18f347402da544a780949b8fdf83351b) C:\WINDOWS\system32\WsmSvc.dll
12:01:55.0734 4068 WinRM - ok
12:01:55.0750 4068 wltrysvc - ok
12:01:55.0796 4068 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
12:01:55.0875 4068 WmdmPmSN - ok
12:01:55.0968 4068 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
12:01:56.0171 4068 WmiAcpi - ok
12:01:56.0265 4068 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:01:56.0500 4068 WmiApSrv - ok
12:01:56.0609 4068 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
12:01:56.0703 4068 WMPNetworkSvc - ok
12:01:56.0781 4068 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:01:56.0828 4068 WpdUsb - ok
12:01:56.0875 4068 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
12:01:57.0093 4068 wscsvc - ok
12:01:57.0140 4068 WSearch - ok
12:01:57.0171 4068 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
12:01:57.0390 4068 wuauserv - ok
12:01:57.0468 4068 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:01:57.0515 4068 WudfPf - ok
12:01:57.0562 4068 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:01:57.0609 4068 WudfRd - ok
12:01:57.0656 4068 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
12:01:57.0703 4068 WudfSvc - ok
12:01:57.0781 4068 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
12:01:58.0046 4068 WZCSVC - ok
12:01:58.0125 4068 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
12:01:58.0359 4068 xmlprov - ok
12:01:58.0406 4068 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:01:58.0828 4068 \Device\Harddisk0\DR0 - ok
12:01:58.0828 4068 Boot (0x1200) (031a009de304005709b0b2813c606c63) \Device\Harddisk0\DR0\Partition0
12:01:58.0843 4068 \Device\Harddisk0\DR0\Partition0 - ok
12:01:58.0843 4068 ============================================================
12:01:58.0843 4068 Scan finished
12:01:58.0843 4068 ============================================================
12:01:58.0953 1916 Detected object count: 9
12:01:58.0953 1916 Actual detected object count: 9
12:12:11.0718 1916 APPDRV ( UnsignedFile.Multi.Generic ) - skipped by user
12:12:11.0718 1916 APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:12:11.0718 1916 DXEC02 ( UnsignedFile.Multi.Generic ) - skipped by user
12:12:11.0718 1916 DXEC02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:12:11.0718 1916 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
12:12:11.0718 1916 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:12:11.0718 1916 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:12:11.0718 1916 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:12:11.0718 1916 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:12:11.0718 1916 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:12:11.0734 1916 LxrSII1d ( UnsignedFile.Multi.Generic ) - skipped by user
12:12:11.0734 1916 LxrSII1d ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:12:11.0734 1916 MCSTRM ( UnsignedFile.Multi.Generic ) - skipped by user
12:12:11.0734 1916 MCSTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:12:11.0734 1916 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:12:11.0734 1916 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:12:11.0734 1916 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:12:11.0734 1916 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:13:22.0406 3152 ============================================================
12:13:22.0406 3152 Scan started
12:13:22.0406 3152 Mode: Manual; SigCheck; TDLFS;
12:13:22.0406 3152 ============================================================
12:13:22.0625 3152 Abiosdsk - ok
12:13:22.0671 3152 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:13:23.0046 3152 abp480n5 - ok
12:13:23.0125 3152 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:13:23.0375 3152 ACPI - ok
12:13:23.0468 3152 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:13:23.0718 3152 ACPIEC - ok
12:13:23.0796 3152 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:13:24.0031 3152 adpu160m - ok
12:13:24.0125 3152 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:13:24.0359 3152 aec - ok
12:13:24.0437 3152 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:13:24.0515 3152 AFD - ok
12:13:24.0593 3152 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
12:13:24.0828 3152 agp440 - ok
12:13:24.0875 3152 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:13:25.0109 3152 agpCPQ - ok
12:13:25.0156 3152 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:13:25.0296 3152 Aha154x - ok
12:13:25.0343 3152 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:13:25.0593 3152 aic78u2 - ok
12:13:25.0687 3152 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:13:25.0921 3152 aic78xx - ok
12:13:25.0984 3152 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
12:13:26.0218 3152 Alerter - ok
12:13:26.0265 3152 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
12:13:26.0515 3152 ALG - ok
12:13:26.0578 3152 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
12:13:26.0828 3152 AliIde - ok
12:13:26.0890 3152 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:13:27.0125 3152 alim1541 - ok
12:13:27.0156 3152 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:13:27.0390 3152 amdagp - ok
12:13:27.0437 3152 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
12:13:27.0562 3152 amsint - ok
12:13:27.0593 3152 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
12:13:27.0718 3152 ApfiltrService - ok
12:13:27.0750 3152 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
12:13:27.0765 3152 APPDRV ( UnsignedFile.Multi.Generic ) - warning
12:13:27.0765 3152 APPDRV - detected UnsignedFile.Multi.Generic (1)
12:13:27.0796 3152 AppMgmt - ok
12:13:27.0859 3152 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:13:28.0078 3152 Arp1394 - ok
12:13:28.0125 3152 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
12:13:28.0375 3152 asc - ok
12:13:28.0421 3152 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:13:28.0546 3152 asc3350p - ok
12:13:28.0578 3152 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:13:28.0828 3152 asc3550 - ok
12:13:28.0937 3152 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:13:29.0062 3152 aspnet_state - ok
12:13:29.0156 3152 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:13:29.0406 3152 AsyncMac - ok
12:13:29.0437 3152 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:13:29.0671 3152 atapi - ok
12:13:29.0687 3152 Atdisk - ok
12:13:29.0703 3152 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:13:29.0937 3152 Atmarpc - ok
12:13:29.0984 3152 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
12:13:30.0218 3152 AudioSrv - ok
12:13:30.0265 3152 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:13:30.0500 3152 audstub - ok
12:13:30.0578 3152 BCM43XX (e9ea635b8432d68f0005b3f6cebab837) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
12:13:30.0687 3152 BCM43XX - ok
12:13:30.0734 3152 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
12:13:30.0812 3152 bcm4sbxp - ok
12:13:30.0859 3152 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:13:31.0093 3152 Beep - ok
12:13:31.0171 3152 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
12:13:31.0421 3152 BITS - ok
12:13:31.0484 3152 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
12:13:31.0734 3152 Browser - ok
12:13:31.0781 3152 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:13:32.0015 3152 cbidf - ok
12:13:32.0093 3152 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:13:32.0312 3152 cbidf2k - ok
12:13:32.0406 3152 ccEvtMgr (0a6786c95a6f8715aa4285e3c27f201f) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
12:13:32.0468 3152 ccEvtMgr - ok
12:13:32.0484 3152 ccSetMgr (3b4898cf051bb04fb76e94361e336a83) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
12:13:32.0546 3152 ccSetMgr - ok
12:13:32.0593 3152 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:13:32.0734 3152 cd20xrnt - ok
12:13:32.0765 3152 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:13:33.0000 3152 Cdaudio - ok
12:13:33.0093 3152 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:13:33.0328 3152 Cdfs - ok
12:13:33.0328 3152 Scan interrupted by user!
12:13:33.0328 3152 Scan interrupted by user!
12:13:33.0328 3152 Scan interrupted by user!
12:13:33.0328 3152 ============================================================
12:13:33.0328 3152 Scan finished
12:13:33.0328 3152 ============================================================
12:13:33.0359 1348 Detected object count: 1
12:13:33.0359 1348 Actual detected object count: 1
12:13:38.0062 1348 APPDRV ( UnsignedFile.Multi.Generic ) - skipped by user
12:13:38.0062 1348 APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:13:43.0765 3124 ============================================================
12:13:43.0765 3124 Scan started
12:13:43.0765 3124 Mode: Manual; SigCheck; TDLFS;
12:13:43.0765 3124 ============================================================
12:13:44.0015 3124 Abiosdsk - ok
12:13:44.0062 3124 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:13:44.0171 3124 abp480n5 - ok
12:13:44.0218 3124 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:13:44.0421 3124 ACPI - ok
12:13:44.0500 3124 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:13:44.0718 3124 ACPIEC - ok
12:13:44.0781 3124 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:13:45.0000 3124 adpu160m - ok
12:13:45.0078 3124 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:13:45.0296 3124 aec - ok
12:13:45.0375 3124 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:13:45.0406 3124 AFD - ok
12:13:45.0453 3124 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
12:13:45.0671 3124 agp440 - ok
12:13:45.0718 3124 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:13:45.0937 3124 agpCPQ - ok
12:13:45.0984 3124 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:13:46.0093 3124 Aha154x - ok
12:13:46.0140 3124 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:13:46.0375 3124 aic78u2 - ok
12:13:46.0437 3124 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:13:46.0656 3124 aic78xx - ok
12:13:46.0718 3124 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
12:13:46.0921 3124 Alerter - ok
12:13:46.0953 3124 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
12:13:47.0171 3124 ALG - ok
12:13:47.0203 3124 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
12:13:47.0421 3124 AliIde - ok
12:13:47.0468 3124 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:13:47.0671 3124 alim1541 - ok
12:13:47.0703 3124 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:13:47.0906 3124 amdagp - ok
12:13:47.0937 3124 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
12:13:48.0031 3124 amsint - ok
12:13:48.0062 3124 ApfiltrService (350f19eb5fe4ec37a2414df56cde1aa8) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
12:13:48.0109 3124 ApfiltrService - ok
12:13:48.0171 3124 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
12:13:48.0171 3124 APPDRV ( UnsignedFile.Multi.Generic ) - warning
12:13:48.0171 3124 APPDRV - detected UnsignedFile.Multi.Generic (1)
12:13:48.0203 3124 AppMgmt - ok
12:13:48.0281 3124 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:13:48.0484 3124 Arp1394 - ok
12:13:48.0546 3124 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
12:13:48.0765 3124 asc - ok
12:13:48.0828 3124 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:13:48.0937 3124 asc3350p - ok
12:13:48.0984 3124 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:13:49.0203 3124 asc3550 - ok
12:13:49.0328 3124 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:13:49.0343 3124 aspnet_state - ok
12:13:49.0406 3124 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:13:49.0609 3124 AsyncMac - ok
12:13:49.0687 3124 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:13:49.0906 3124 atapi - ok
12:13:49.0921 3124 Atdisk - ok
12:13:49.0953 3124 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:13:50.0156 3124 Atmarpc - ok
12:13:50.0218 3124 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
12:13:50.0437 3124 AudioSrv - ok
12:13:50.0500 3124 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:13:50.0734 3124 audstub - ok
12:13:50.0828 3124 BCM43XX (e9ea635b8432d68f0005b3f6cebab837) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
12:13:50.0921 3124 BCM43XX - ok
12:13:50.0953 3124 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
12:13:50.0984 3124 bcm4sbxp - ok
12:13:51.0015 3124 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:13:51.0234 3124 Beep - ok
12:13:51.0281 3124 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
12:13:51.0531 3124 BITS - ok
12:13:51.0562 3124 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
12:13:51.0781 3124 Browser - ok
12:13:51.0796 3124 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:13:52.0015 3124 cbidf - ok
12:13:52.0062 3124 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:13:52.0296 3124 cbidf2k - ok
12:13:52.0390 3124 ccEvtMgr (0a6786c95a6f8715aa4285e3c27f201f) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
12:13:52.0421 3124 ccEvtMgr - ok
12:13:52.0437 3124 ccSetMgr (3b4898cf051bb04fb76e94361e336a83) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
12:13:52.0468 3124 ccSetMgr - ok
12:13:52.0515 3124 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:13:52.0625 3124 cd20xrnt - ok
12:13:52.0656 3124 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:13:52.0875 3124 Cdaudio - ok
12:13:52.0953 3124 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:13:53.0171 3124 Cdfs - ok
12:13:53.0234 3124 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:13:53.0484 3124 Cdrom - ok
12:13:53.0531 3124 Changer - ok
12:13:53.0578 3124 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
12:13:53.0828 3124 CiSvc - ok
12:13:53.0906 3124 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
12:13:54.0156 3124 ClipSrv - ok
12:13:54.0281 3124 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:13:54.0390 3124 clr_optimization_v2.0.50727_32 - ok
12:13:54.0468 3124 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:13:54.0703 3124 CmBatt - ok
12:13:54.0750 3124 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:13:55.0000 3124 CmdIde - ok
12:13:55.0078 3124 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:13:55.0312 3124 Compbatt - ok
12:13:55.0375 3124 COMSysApp - ok
12:13:55.0421 3124 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:13:55.0671 3124 Cpqarray - ok
12:13:55.0750 3124 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
12:13:55.0984 3124 CryptSvc - ok
12:13:56.0062 3124 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:13:56.0328 3124 dac2w2k - ok
12:13:56.0406 3124 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:13:56.0671 3124 dac960nt - ok
12:13:56.0750 3124 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
12:13:56.0812 3124 DcomLaunch - ok
12:13:56.0875 3124 DefWatch (1f709c66d8aadff35530c56ee261c462) C:\Program Files\Symantec AntiVirus\DefWatch.exe
12:13:56.0921 3124 DefWatch - ok
12:13:56.0968 3124 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
12:13:57.0250 3124 Dhcp - ok
12:13:57.0312 3124 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:13:57.0546 3124 Disk - ok
12:13:57.0546 3124 dmadmin - ok
12:13:57.0609 3124 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:13:57.0875 3124 dmboot - ok
12:13:57.0937 3124 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:13:58.0187 3124 dmio - ok
12:13:58.0250 3124 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:13:58.0500 3124 dmload - ok
12:13:58.0593 3124 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
12:13:58.0828 3124 dmserver - ok
12:13:58.0875 3124 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:13:59.0109 3124 DMusic - ok
12:13:59.0171 3124 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
12:13:59.0218 3124 Dnscache - ok
12:13:59.0281 3124 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
12:13:59.0515 3124 Dot3svc - ok
12:13:59.0562 3124 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:13:59.0812 3124 dpti2o - ok
12:13:59.0843 3124 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:14:00.0078 3124 drmkaud - ok
12:14:00.0171 3124 DXEC02 (0c8762b91b967a91373e0e022b62acfc) C:\WINDOWS\system32\drivers\dxec02.sys
12:14:00.0218 3124 DXEC02 ( UnsignedFile.Multi.Generic ) - warning
12:14:00.0218 3124 DXEC02 - detected UnsignedFile.Multi.Generic (1)
12:14:00.0234 3124 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
12:14:00.0484 3124 E100B - ok
12:14:00.0531 3124 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
12:14:00.0765 3124 EapHost - ok
12:14:00.0843 3124 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:14:00.0921 3124 eeCtrl - ok
12:14:00.0937 3124 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:14:00.0984 3124 EraserUtilRebootDrv - ok
12:14:01.0062 3124 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
12:14:01.0328 3124 ERSvc - ok
12:14:01.0375 3124 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:14:01.0437 3124 Eventlog - ok
12:14:01.0484 3124 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
12:14:01.0546 3124 EventSystem - ok
12:14:01.0593 3124 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:14:01.0828 3124 Fastfat - ok
12:14:01.0890 3124 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:14:01.0953 3124 FastUserSwitchingCompatibility - ok
12:14:02.0062 3124 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
12:14:02.0312 3124 Fax - ok
12:14:02.0375 3124 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:14:02.0593 3124 Fdc - ok
12:14:02.0625 3124 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:14:02.0875 3124 Fips - ok
12:14:02.0890 3124 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:14:03.0109 3124 Flpydisk - ok
12:14:03.0156 3124 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:14:03.0421 3124 FltMgr - ok
12:14:03.0515 3124 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:14:03.0562 3124 FontCache3.0.0.0 - ok
12:14:03.0609 3124 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:14:03.0859 3124 Fs_Rec - ok
12:14:03.0921 3124 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:14:04.0171 3124 Ftdisk - ok
12:14:04.0250 3124 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:14:04.0484 3124 Gpc - ok
12:14:04.0593 3124 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
12:14:04.0656 3124 gupdate - ok
12:14:04.0656 3124 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
12:14:04.0687 3124 gupdatem - ok
12:14:04.0734 3124 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:14:04.0812 3124 gusvc - ok
12:14:04.0890 3124 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:14:05.0140 3124 HDAudBus - ok
12:14:05.0234 3124 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:14:05.0468 3124 helpsvc - ok
12:14:05.0484 3124 HidServ - ok
12:14:05.0531 3124 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:14:05.0765 3124 HidUsb - ok
12:14:05.0859 3124 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
12:14:06.0093 3124 hkmsvc - ok
12:14:06.0140 3124 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
12:14:06.0390 3124 hpn - ok
12:14:06.0515 3124 hpqcxs08 (ed377b3c83fdea8d906109a085d219ba) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
12:14:06.0562 3124 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
12:14:06.0562 3124 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
12:14:06.0593 3124 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
12:14:06.0625 3124 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
12:14:06.0625 3124 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
12:14:06.0703 3124 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
12:14:06.0812 3124 HPZid412 - ok
12:14:06.0859 3124 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
12:14:06.0953 3124 HPZipr12 - ok
12:14:06.0984 3124 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
12:14:07.0078 3124 HPZius12 - ok
12:14:07.0156 3124 HSFHWAZL (290cdbb05903742ea06b7203c5a662f5) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
12:14:07.0203 3124 HSFHWAZL - ok
12:14:07.0265 3124 HSF_DPV (7ab812355f98858b9ecdd46e6fcc221f) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
12:14:07.0343 3124 HSF_DPV - ok
12:14:07.0421 3124 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:14:07.0468 3124 HTTP - ok
12:14:07.0531 3124 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
12:14:07.0781 3124 HTTPFilter - ok
12:14:07.0859 3124 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
12:14:08.0093 3124 i2omgmt - ok
12:14:08.0156 3124 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:14:08.0375 3124 i2omp - ok
12:14:08.0437 3124 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:14:08.0671 3124 i8042prt - ok
12:14:08.0921 3124 ialm (bffa387180121df1e4646c4ced3e16ca) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
12:14:09.0234 3124 ialm - ok
12:14:09.0281 3124 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\WINDOWS\system32\drivers\iaStor.sys
12:14:09.0328 3124 iaStor - ok
12:14:09.0406 3124 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:14:09.0437 3124 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:14:09.0437 3124 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:14:09.0578 3124 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:14:09.0703 3124 idsvc - ok
12:14:09.0781 3124 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:14:10.0031 3124 Imapi - ok
12:14:10.0093 3124 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
12:14:10.0343 3124 ImapiService - ok
12:14:10.0421 3124 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:14:10.0671 3124 ini910u - ok
12:14:10.0718 3124 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
12:14:10.0953 3124 IntelIde - ok
12:14:11.0031 3124 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:14:11.0265 3124 intelppm - ok
12:14:11.0312 3124 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:14:11.0562 3124 Ip6Fw - ok
12:14:11.0609 3124 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:14:11.0843 3124 IpFilterDriver - ok
12:14:11.0906 3124 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:14:12.0140 3124 IpInIp - ok
12:14:12.0203 3124 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:14:12.0453 3124 IpNat - ok
12:14:12.0531 3124 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:14:12.0781 3124 IPSec - ok
12:14:12.0828 3124 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:14:13.0078 3124 IRENUM - ok
12:14:13.0125 3124 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:14:13.0375 3124 isapnp - ok
12:14:13.0453 3124 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
12:14:13.0515 3124 JavaQuickStarterService - ok
12:14:13.0578 3124 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:14:13.0812 3124 Kbdclass - ok
12:14:13.0890 3124 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:14:14.0140 3124 kmixer - ok
12:14:14.0203 3124 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:14:14.0265 3124 KSecDD - ok
12:14:14.0328 3124 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
12:14:14.0375 3124 lanmanserver - ok
12:14:14.0437 3124 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
12:14:14.0500 3124 lanmanworkstation - ok
12:14:14.0546 3124 lbrtfdc - ok
12:14:14.0703 3124 LiveUpdate (fb3a35318ca7f6a10fa3c3826a69affe) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
12:14:14.0906 3124 LiveUpdate - ok
12:14:14.0968 3124 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
12:14:15.0203 3124 LmHosts - ok
12:14:15.0265 3124 LxrSII1d (7c12f93c005021861a36c11df951891a) C:\WINDOWS\system32\Drivers\LxrSII1d.sys
12:14:15.0296 3124 LxrSII1d ( UnsignedFile.Multi.Generic ) - warning
12:14:15.0296 3124 LxrSII1d - detected UnsignedFile.Multi.Generic (1)
12:14:15.0296 3124 LxrSII1s - ok
12:14:15.0375 3124 MCSTRM (5bb01b9f582259d1fb7653c5c1da3653) C:\WINDOWS\system32\drivers\MCSTRM.sys
12:14:15.0406 3124 MCSTRM ( UnsignedFile.Multi.Generic ) - warning
12:14:15.0406 3124 MCSTRM - detected UnsignedFile.Multi.Generic (1)
12:14:15.0421 3124 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:14:15.0484 3124 mdmxsdk - ok
12:14:15.0500 3124 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
12:14:15.0734 3124 Messenger - ok
12:14:15.0796 3124 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:14:16.0046 3124 mnmdd - ok
12:14:16.0109 3124 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
12:14:16.0359 3124 mnmsrvc - ok
12:14:16.0421 3124 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:14:16.0656 3124 Modem - ok
12:14:16.0734 3124 motccgp (201bfc4ef8b33d02d133fbf6535e515b) C:\WINDOWS\system32\DRIVERS\motccgp.sys
12:14:16.0812 3124 motccgp - ok
12:14:16.0859 3124 motccgpfl (d0242a3832eb7c97801bb25889561e23) C:\WINDOWS\system32\DRIVERS\motccgpfl.sys
12:14:16.0937 3124 motccgpfl - ok
12:14:17.0000 3124 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys
12:14:17.0078 3124 motmodem - ok
12:14:17.0125 3124 motport (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motport.sys
12:14:17.0187 3124 motport - ok
12:14:17.0265 3124 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:14:17.0500 3124 Mouclass - ok
12:14:17.0578 3124 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:14:17.0828 3124 mouhid - ok
12:14:17.0875 3124 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:14:18.0093 3124 MountMgr - ok
12:14:18.0156 3124 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:14:18.0406 3124 mraid35x - ok
12:14:18.0453 3124 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:14:18.0703 3124 MRxDAV - ok
12:14:18.0781 3124 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:14:18.0859 3124 MRxSmb - ok
12:14:18.0890 3124 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
12:14:19.0125 3124 MSDTC - ok
12:14:19.0171 3124 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:14:19.0421 3124 Msfs - ok
12:14:19.0437 3124 MSIServer - ok
12:14:19.0468 3124 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:14:19.0718 3124 MSKSSRV - ok
12:14:19.0765 3124 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:14:20.0000 3124 MSPCLOCK - ok
12:14:20.0062 3124 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:14:20.0296 3124 MSPQM - ok
12:14:20.0359 3124 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:14:20.0578 3124 mssmbios - ok
12:14:20.0609 3124 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:14:20.0687 3124 Mup - ok
12:14:20.0734 3124 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
12:14:20.0984 3124 napagent - ok
12:14:21.0093 3124 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120413.002\naveng.sys
12:14:21.0140 3124 NAVENG - ok
12:14:21.0203 3124 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120413.002\navex15.sys
12:14:21.0312 3124 NAVEX15 - ok
12:14:21.0406 3124 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:14:21.0656 3124 NDIS - ok
12:14:21.0718 3124 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:14:21.0781 3124 NdisTapi - ok
12:14:21.0828 3124 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:14:22.0062 3124 Ndisuio - ok
12:14:22.0093 3124 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:14:22.0328 3124 NdisWan - ok
12:14:22.0406 3124 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:14:22.0453 3124 NDProxy - ok
12:14:22.0531 3124 Net Driver HPZ12 (949941e4de88df1faf49a4b3cffb756f) C:\WINDOWS\system32\HPZinw12.dll
12:14:22.0562 3124 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:14:22.0562 3124 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:14:22.0625 3124 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:14:22.0875 3124 NetBIOS - ok
12:14:22.0906 3124 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:14:23.0171 3124 NetBT - ok
12:14:23.0234 3124 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:14:23.0500 3124 NetDDE - ok
12:14:23.0500 3124 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:14:23.0718 3124 NetDDEdsdm - ok
12:14:23.0812 3124 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:14:24.0062 3124 Netlogon - ok
12:14:24.0093 3124 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
12:14:24.0359 3124 Netman - ok
12:14:24.0453 3124 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:14:24.0500 3124 NetTcpPortSharing - ok
12:14:24.0562 3124 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:14:24.0812 3124 NIC1394 - ok
12:14:24.0906 3124 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
12:14:24.0984 3124 Nla - ok
12:14:25.0015 3124 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:14:25.0265 3124 Npfs - ok
12:14:25.0312 3124 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:14:25.0578 3124 Ntfs - ok
12:14:25.0656 3124 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:14:25.0859 3124 NtLmSsp - ok
12:14:25.0968 3124 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
12:14:26.0234 3124 NtmsSvc - ok
12:14:26.0281 3124 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:14:26.0515 3124 Null - ok
12:14:26.0625 3124 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:14:26.0921 3124 nv - ok
12:14:27.0000 3124 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:14:27.0234 3124 NwlnkFlt - ok
12:14:27.0265 3124 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:14:27.0515 3124 NwlnkFwd - ok
12:14:27.0640 3124 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:14:27.0750 3124 odserv - ok
12:14:27.0812 3124 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:14:28.0046 3124 ohci1394 - ok
12:14:28.0078 3124 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:14:28.0234 3124 ose - ok
12:14:28.0296 3124 PalmUSBD (240c0d4049a833b16b63b636acf01672) C:\WINDOWS\system32\drivers\PalmUSBD.sys
12:14:28.0343 3124 PalmUSBD - ok
12:14:28.0375 3124 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
12:14:28.0609 3124 Parport - ok
12:14:28.0625 3124 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:14:28.0875 3124 PartMgr - ok
12:14:28.0906 3124 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:14:29.0140 3124 ParVdm - ok
12:14:29.0156 3124 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
12:14:29.0406 3124 PCI - ok
12:14:29.0421 3124 PCIDump - ok
12:14:29.0453 3124 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:14:29.0703 3124 PCIIde - ok
12:14:29.0765 3124 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:14:29.0984 3124 Pcmcia - ok
12:14:30.0031 3124 PDCOMP - ok
12:14:30.0062 3124 PDFRAME - ok
12:14:30.0078 3124 PDRELI - ok
12:14:30.0093 3124 PDRFRAME - ok
12:14:30.0125 3124 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
12:14:30.0359 3124 perc2 - ok
12:14:30.0406 3124 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:14:30.0625 3124 perc2hib - ok
12:14:30.0687 3124 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:14:30.0718 3124 PlugPlay - ok
12:14:30.0750 3124 Pml Driver HPZ12 (2f4ca141a609caf5c98f6e4760ef1b9b) C:\WINDOWS\system32\HPZipm12.dll
12:14:30.0796 3124 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:14:30.0796 3124 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:14:30.0828 3124 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:14:31.0031 3124 PolicyAgent - ok
12:14:31.0078 3124 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:14:31.0328 3124 PptpMiniport - ok
12:14:31.0343 3124 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:14:31.0546 3124 ProtectedStorage - ok
12:14:31.0593 3124 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:14:31.0812 3124 PSched - ok
12:14:31.0875 3124 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:14:32.0109 3124 Ptilink - ok
12:14:32.0187 3124 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:14:32.0421 3124 ql1080 - ok
12:14:32.0484 3124 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:14:32.0734 3124 Ql10wnt - ok
12:14:32.0781 3124 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:14:33.0015 3124 ql12160 - ok
12:14:33.0046 3124 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:14:33.0296 3124 ql1240 - ok
12:14:33.0359 3124 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:14:33.0593 3124 ql1280 - ok
12:14:33.0640 3124 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:14:33.0875 3124 RasAcd - ok
12:14:33.0937 3124 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
12:14:34.0156 3124 RasAuto - ok
12:14:34.0203 3124 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:14:34.0437 3124 Rasl2tp - ok
12:14:34.0500 3124 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
12:14:34.0734 3124 RasMan - ok
12:14:34.0765 3124 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:14:35.0015 3124 RasPppoe - ok
12:14:35.0046 3124 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:14:35.0281 3124 Raspti - ok
12:14:35.0343 3124 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:14:35.0593 3124 Rdbss - ok
12:14:35.0656 3124 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:14:35.0890 3124 RDPCDD - ok
12:14:35.0953 3124 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:14:36.0203 3124 rdpdr - ok
12:14:36.0265 3124 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
12:14:36.0328 3124 RDPWD - ok
12:14:36.0390 3124 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
12:14:36.0640 3124 RDSessMgr - ok
12:14:36.0718 3124 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:14:36.0968 3124 redbook - ok
12:14:37.0015 3124 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
12:14:37.0250 3124 RemoteAccess - ok
12:14:37.0296 3124 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
12:14:37.0359 3124 rimmptsk - ok
12:14:37.0375 3124 rimsptsk (03d6740e41e86476ef7d1e52ca0b947d) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
12:14:37.0421 3124 rimsptsk - ok
12:14:37.0421 3124 rismxdp (d231b577024aa324af13a42f3a807d10) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
12:14:37.0468 3124 rismxdp - ok
12:14:37.0515 3124 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
12:14:37.0750 3124 RpcLocator - ok
12:14:37.0812 3124 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
12:14:37.0843 3124 RpcSs - ok
12:14:37.0921 3124 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
12:14:38.0187 3124 RSVP - ok
12:14:38.0250 3124 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:14:38.0468 3124 SamSs - ok
12:14:38.0546 3124 SavRoam (3525fdcfc567e807a337c61aff366be8) C:\Program Files\Symantec AntiVirus\SavRoam.exe
12:14:38.0609 3124 SavRoam - ok
12:14:38.0640 3124 SAVRT (12b6e269ef8ac8ea36122544c8a1b6d8) C:\Program Files\Symantec AntiVirus\savrt.sys
12:14:38.0687 3124 SAVRT - ok
12:14:38.0687 3124 SAVRTPEL (97e5b6f3f95465e1f59360b59d8ec64e) C:\Program Files\Symantec AntiVirus\Savrtpel.sys
12:14:38.0734 3124 SAVRTPEL - ok
12:14:38.0796 3124 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
12:14:39.0031 3124 SCardSvr - ok
12:14:39.0109 3124 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
12:14:39.0359 3124 Schedule - ok
12:14:39.0406 3124 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
12:14:39.0625 3124 sdbus - ok
12:14:39.0687 3124 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:14:39.0921 3124 Secdrv - ok
12:14:39.0968 3124 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
12:14:40.0218 3124 seclogon - ok
12:14:40.0265 3124 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
12:14:40.0515 3124 SENS - ok
12:14:40.0609 3124 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:14:40.0843 3124 serenum - ok
12:14:40.0890 3124 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
12:14:41.0140 3124 Serial - ok
12:14:41.0203 3124 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
12:14:41.0437 3124 sffdisk - ok
12:14:41.0484 3124 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
12:14:41.0734 3124 sffp_sd - ok
12:14:41.0828 3124 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:14:42.0078 3124 Sfloppy - ok
12:14:42.0140 3124 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
12:14:42.0406 3124 SharedAccess - ok
12:14:42.0484 3124 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:14:42.0515 3124 ShellHWDetection - ok
12:14:42.0531 3124 Simbad - ok
12:14:42.0593 3124 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:14:42.0812 3124 sisagp - ok
12:14:42.0906 3124 SNDSrvc (0d411eea92751c1ecd8453892f41e726) C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
12:14:42.0968 3124 SNDSrvc - ok
12:14:43.0046 3124 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
12:14:43.0296 3124 SONYPVU1 - ok
12:14:43.0359 3124 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:14:43.0468 3124 Sparrow - ok
12:14:43.0500 3124 SPBBCDrv (677b10906838d3bfb1c07ac9087e4bf7) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
12:14:43.0562 3124 SPBBCDrv - ok
12:14:43.0625 3124 SPBBCSvc (c830007369e18a54aed23b5bb3afa2ba) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
12:14:43.0750 3124 SPBBCSvc - ok
12:14:43.0812 3124 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:14:44.0046 3124 splitter - ok
12:14:44.0109 3124 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
12:14:44.0171 3124 Spooler - ok
12:14:44.0203 3124 sprtsvc_dellsupportcenter - ok
12:14:44.0250 3124 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:14:44.0500 3124 sr - ok
12:14:44.0578 3124 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
12:14:44.0828 3124 srservice - ok
12:14:44.0890 3124 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:14:44.0984 3124 Srv - ok
12:14:45.0046 3124 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
12:14:45.0296 3124 SSDPSRV - ok
12:14:45.0406 3124 STHDA (58f855684e163466a5c565adf0865536) C:\WINDOWS\system32\drivers\sthda.sys
12:14:45.0515 3124 STHDA - ok
12:14:45.0593 3124 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
12:14:45.0859 3124 stisvc - ok
12:14:45.0968 3124 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:14:46.0203 3124 swenum - ok
12:14:46.0250 3124 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:14:46.0500 3124 swmidi - ok
12:14:46.0531 3124 SwPrv - ok
12:14:46.0687 3124 Symantec AntiVirus (8fdaadf204a4f29214da1b03342e2735) C:\Program Files\Symantec AntiVirus\Rtvscan.exe
12:14:46.0843 3124 Symantec AntiVirus - ok
12:14:46.0921 3124 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
12:14:47.0156 3124 symc810 - ok
12:14:47.0218 3124 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:14:47.0468 3124 symc8xx - ok
12:14:47.0484 3124 SymEvent (de6d1102d55926354171ae4e73936725) C:\Program Files\Symantec\SYMEVENT.SYS
12:14:47.0531 3124 SymEvent - ok
12:14:47.0593 3124 SYMREDRV (6c0a85982f4e0d672b85a2bfb50a24b5) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
12:14:47.0625 3124 SYMREDRV - ok
12:14:47.0671 3124 SYMTDI (cdda3ba3f7d5b63ff9f85cb478c11473) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
12:14:47.0718 3124 SYMTDI - ok
12:14:47.0765 3124 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:14:48.0000 3124 sym_hi - ok
12:14:48.0078 3124 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:14:48.0312 3124 sym_u3 - ok
12:14:48.0375 3124 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:14:48.0609 3124 sysaudio - ok
12:14:48.0687 3124 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
12:14:48.0921 3124 SysmonLog - ok
12:14:49.0000 3124 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
12:14:49.0250 3124 TapiSrv - ok
12:14:49.0343 3124 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:14:49.0421 3124 Tcpip - ok
12:14:49.0484 3124 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:14:49.0718 3124 TDPIPE - ok
12:14:49.0781 3124 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:14:50.0000 3124 TDTCP - ok
12:14:50.0031 3124 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:14:50.0265 3124 TermDD - ok
12:14:50.0343 3124 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
12:14:50.0625 3124 TermService - ok
12:14:50.0671 3124 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:14:50.0703 3124 Themes - ok
12:14:50.0750 3124 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
12:14:50.0968 3124 TosIde - ok
12:14:51.0015 3124 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
12:14:51.0265 3124 TrkWks - ok
12:14:51.0406 3124 TuneUp.UtilitiesSvc (747ae9d7c5489455e2e3ca9459419e17) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
12:14:51.0546 3124 TuneUp.UtilitiesSvc - ok
12:14:51.0578 3124 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
12:14:51.0625 3124 TuneUpUtilitiesDrv - ok
12:14:51.0703 3124 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:14:51.0937 3124 Udfs - ok
12:14:52.0000 3124 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
12:14:52.0125 3124 ultra - ok
12:14:52.0203 3124 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:14:52.0468 3124 Update - ok
12:14:52.0578 3124 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
12:14:52.0828 3124 upnphost - ok
12:14:52.0859 3124 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
12:14:53.0109 3124 UPS - ok
12:14:53.0140 3124 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
12:14:53.0390 3124 usbaudio - ok
12:14:53.0437 3124 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:14:53.0671 3124 usbccgp - ok
12:14:53.0718 3124 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:14:53.0953 3124 usbehci - ok
12:14:54.0062 3124 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:14:54.0296 3124 usbhub - ok
12:14:54.0359 3124 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:14:54.0593 3124 usbprint - ok
12:14:54.0656 3124 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:14:54.0890 3124 usbscan - ok
12:14:54.0953 3124 usbsermptxp (49106ee29074e6a3d3ac9e24c6d791d8) C:\WINDOWS\system32\DRIVERS\usbsermptxp.sys
12:14:55.0156 3124 usbsermptxp - ok
12:14:55.0265 3124 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:14:55.0500 3124 USBSTOR - ok
12:14:55.0531 3124 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:14:55.0781 3124 usbuhci - ok
12:14:55.0828 3124 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:14:56.0062 3124 VgaSave - ok
12:14:56.0109 3124 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:14:56.0343 3124 viaagp - ok
12:14:56.0390 3124 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
12:14:56.0625 3124 ViaIde - ok
12:14:56.0718 3124 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:14:56.0968 3124 VolSnap - ok
12:14:57.0031 3124 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
12:14:57.0281 3124 VSS - ok
12:14:57.0343 3124 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
12:14:57.0609 3124 w32time - ok
12:14:57.0656 3124 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:14:57.0890 3124 Wanarp - ok
12:14:58.0000 3124 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:14:58.0062 3124 Wdf01000 - ok
12:14:58.0093 3124 WDICA - ok
12:14:58.0156 3124 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:14:58.0390 3124 wdmaud - ok
12:14:58.0453 3124 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
12:14:58.0687 3124 WebClient - ok
12:14:58.0781 3124 winachsf (a8596cf86d445269a42ecc08b7066a4c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
12:14:58.0890 3124 winachsf - ok
12:14:59.0000 3124 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:14:59.0234 3124 winmgmt - ok
12:14:59.0328 3124 WinRM (18f347402da544a780949b8fdf83351b) C:\WINDOWS\system32\WsmSvc.dll
12:14:59.0453 3124 WinRM - ok
12:14:59.0500 3124 wltrysvc - ok
12:14:59.0546 3124 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
12:14:59.0609 3124 WmdmPmSN - ok
12:14:59.0687 3124 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
12:14:59.0906 3124 WmiAcpi - ok
12:15:00.0000 3124 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:15:00.0281 3124 WmiApSrv - ok
12:15:00.0421 3124 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
12:15:00.0562 3124 WMPNetworkSvc - ok
12:15:00.0640 3124 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:15:00.0687 3124 WpdUsb - ok
12:15:00.0750 3124 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
12:15:01.0000 3124 wscsvc - ok
12:15:01.0031 3124 WSearch - ok
12:15:01.0078 3124 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
12:15:01.0312 3124 wuauserv - ok
12:15:01.0390 3124 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:15:01.0453 3124 WudfPf - ok
12:15:01.0500 3124 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:15:01.0546 3124 WudfRd - ok
12:15:01.0593 3124 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
12:15:01.0656 3124 WudfSvc - ok
12:15:01.0734 3124 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
12:15:01.0984 3124 WZCSVC - ok
12:15:02.0046 3124 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
12:15:02.0281 3124 xmlprov - ok
12:15:02.0343 3124 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:15:02.0734 3124 \Device\Harddisk0\DR0 - ok
12:15:02.0750 3124 Boot (0x1200) (031a009de304005709b0b2813c606c63) \Device\Harddisk0\DR0\Partition0
12:15:02.0750 3124 \Device\Harddisk0\DR0\Partition0 - ok
12:15:02.0750 3124 ============================================================
12:15:02.0750 3124 Scan finished
12:15:02.0750 3124 ============================================================
12:15:02.0765 3236 Detected object count: 9
12:15:02.0765 3236 Actual detected object count: 9
12:16:43.0750 3236 APPDRV ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:43.0750 3236 APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:43.0765 3236 DXEC02 ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:43.0765 3236 DXEC02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:43.0765 3236 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:43.0765 3236 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:43.0765 3236 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:43.0765 3236 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:43.0765 3236 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:43.0765 3236 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:43.0781 3236 LxrSII1d ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:43.0781 3236 LxrSII1d ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:43.0781 3236 MCSTRM ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:43.0781 3236 MCSTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:43.0781 3236 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:43.0781 3236 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:43.0781 3236 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:43.0781 3236 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:18:50.0437 4044 Deinitialize success


Combofix log

ComboFix 12-04-14.02 - Christopher Frost 04/14/2012 12:53:02.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1084 [GMT -4:00]
Running from: c:\documents and settings\Christopher Frost\Desktop\ComboFix.exe
AV: Symantec AntiVirus Corporate Edition *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Christopher Frost\Recent\Thumbs.db
c:\windows\system32\setb6.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-03-14 to 2012-04-14 )))))))))))))))))))))))))))))))
.
.
2012-04-14 10:58 . 2012-04-14 10:58 -------- d-----w- c:\documents and settings\Casey and Jaden\Local Settings\Application Data\Identities
2012-04-14 10:58 . 2012-04-14 10:58 -------- d-----w- c:\documents and settings\Casey and Jaden\Application Data\Windows Desktop Search
2012-04-09 23:55 . 2012-04-09 23:55 -------- d-----w- c:\windows\system32\winrm
2012-04-09 23:55 . 2012-04-09 23:55 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2012-04-09 23:55 . 2012-04-09 23:55 -------- d-----w- c:\documents and settings\Christopher Frost\Application Data\Windows Desktop Search
2012-04-09 23:54 . 2012-04-14 10:57 -------- d-----w- c:\program files\Windows Desktop Search
2012-04-09 23:54 . 2012-04-09 23:54 -------- d-----w- c:\windows\system32\GroupPolicy
2012-04-09 23:52 . 2008-03-07 17:02 98304 ------w- c:\windows\system32\dllcache\nlhtml.dll
2012-04-09 23:52 . 2008-03-07 17:02 29696 ------w- c:\windows\system32\dllcache\mimefilt.dll
2012-04-09 23:52 . 2008-03-07 17:02 192000 ------w- c:\windows\system32\dllcache\offfilt.dll
2012-04-09 23:52 . 2011-08-16 10:45 6144 ------w- c:\windows\system32\dllcache\iecompat.dll
2012-04-09 23:37 . 2012-04-09 23:37 -------- d-----w- c:\documents and settings\LocalService\Application Data\TuneUp Software
2012-04-05 01:09 . 2012-02-09 18:13 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2012-04-05 01:08 . 2012-04-05 01:10 -------- d-----w- c:\program files\TuneUp Utilities 2012
2012-04-05 01:07 . 2012-04-05 01:07 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-03-29 11:47 . 2012-03-29 11:47 -------- d-----w- c:\documents and settings\Casey and Jaden\Application Data\KingsIsle Entertainment
2012-03-29 11:47 . 2012-03-29 11:47 -------- d-----w- c:\documents and settings\Casey and Jaden\Application Data\InstallShield Installation Information
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-01 11:01 . 2004-08-10 18:51 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 11:01 . 2004-08-10 18:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 11:01 . 2004-08-10 18:51 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2004-08-10 18:51 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2004-08-10 18:51 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2004-08-10 18:51 385024 ----a-w- c:\windows\system32\html.iec
2012-02-03 09:22 . 2004-08-10 18:51 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-30 01:27 . 2012-01-30 01:27 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-01-30 01:27 . 2012-01-30 01:27 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-01 13:00 . 2011-05-06 00:57 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-09-28 125168]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-07-19 52896]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-11-09 159744]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
"ContentTransferWMDetector.exe"=c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe
"Dell QuickSet"=c:\program files\Dell\QuickSet\quickset.exe
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe"
"Broadcom Wireless Manager UI"=c:\windows\system32\WLTRAY.exe
"IgfxTray"=c:\windows\system32\igfxtray.exe
"HotKeysCmds"=c:\windows\system32\hkcmd.exe
"KADxMain"=c:\windows\system32\KADxMain.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"SigmatelSysTrayApp"=stsystra.exe
"hpqSRMon"=c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Persistence"=c:\windows\system32\igfxpers.exe
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" -osboot
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R2 LxrSII1d;Secure II Driver;c:\windows\system32\drivers\LxrSII1d.sys [4/14/2008 6:59 PM 72672]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2/9/2012 2:13 PM 1529152]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2/11/2012 10:51 PM 106104]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2/9/2012 1:16 PM 10064]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/23/2009 8:45 PM 133104]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/23/2009 8:45 PM 133104]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [12/24/2008 6:24 PM 18688]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [12/24/2008 6:24 PM 8320]
S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [1/18/2009 4:59 PM 23680]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [9/27/2006 8:33 PM 116464]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [8/10/2004 2:51 PM 14336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-15 20:50]
.
2012-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-24 00:45]
.
2012-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-24 00:45]
.
2012-04-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1420258269-3072462854-876425905-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2012-04-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1420258269-3072462854-876425905-1009.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2012-04-06 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1420258269-3072462854-876425905-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2012-01-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1420258269-3072462854-876425905-1009.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Christopher Frost\Application Data\Mozilla\Firefox\Profiles\z1csv7f7.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: network.proxy.type - 4
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-14 12:59
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(900)
c:\windows\System32\BCMLogon.dll
c:\windows\system32\igfxdev.dll
.
Completion time: 2012-04-14 13:02:28
ComboFix-quarantined-files.txt 2012-04-14 17:02
.
Pre-Run: 135,190,269,952 bytes free
Post-Run: 135,388,012,544 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - F6C92222775DAB38ABD194FAAC6220F2
  • 0

#6
Gammo
Posted 15 April 2012 - 05:49 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
None of your log files show any kind of malware, so I don't think your problems are being caused by malware. I suggest you start a new topic about your problem here. :thumbsup:

Remove Combofix now that we're done with it.
  • Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
  • Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
    Posted Image
  • Please follow the prompts to uninstall Combofix.
  • You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

  • Download OTC to your desktop and run it
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

Cheers,
Gammo :cool:
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP