BACK DOOR BOT OR TROJAN

Are all of these items safe and good for my computer?

Yes, that should suffice. How's your computer running now?

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Hi Super Dave:

I have tried five times to run the ESET scan. The firs three times I got an error message: Unexpected Error 2003.

The last two times I tried to run the scan I got the message: Can not get update. Is Proxy configured?

What should I do?

Thanks,

Karen

Ok. Let's try this one.

Scan your computer with Panda ActiveScan

* Once you are on the Panda site click the Scan your PC now button.
* A new window will open...click the Scan Now button.
* If it wants to install an ActiveX component allow it.
* It will start downloading the files it requires for the scan. (Note: It may take a couple of minutes)
* You may get a warning from Internet Explorer that Panda is ready to install, please allow it.
* The scan will begin. Please be patient as it can take an hour or more to complete.
* When the scan completes, if anything malicious is detected, click the Export to: button (looks like a little Notepad).
* Save the ActiveScan.txt to a convenient location like your desktop.
* Note: You do not need to select any of the Disinfect options. We will remove any threats manually.

* Post the contents of the ActiveScan report in your next reply.

Hi Super Dave:

I am sorry. I did not see the information about doing the Panda Scan until after I started the ESET scan. The ESET scan has been at 28% for some time now, but I think it might finish properly. I will post those results and then do the Panda scan for you.

Yesterday Comodo did a scan and declared that there were four threats to this computer. Comodo also said that all threats could not be removed. That is discouraging. I had marked the scan previously to scan for root kits. You will recall that you had me get rid of AVG and install Comodo. I will post the Comodo scan results for you now.

Rootkit.HiddenValue@0 HKEY_LOCAL_MACHINE\System\ControlSet002\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}\0000\MODES\1600,1200\

Rootkit.HiddenValue@0 HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}\0000\MODES\1600,1200\

Rootkit.HiddenValue@0 HKEY_LOCAL_MACHINE\System\ControlSet002\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}\0000\MODES\1600,1200\

Rootkit.HiddenValue@0 HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\load

---------
You asked how my computer is running and it is still odd. One thing that is new and is also odd is that most all internet activity now gets a "Not Responding." Even when signing into your website!

I wanted to ask you about deleting my son as a user on this computer. I am the main user and the administrator. My son has not used the computer for several months. He lives somewhere else most of the time now. Can I delete him as a user on this computer? Will that help the computer? Will that harm the computer? Would it save any space on the comptuer?

Thanks,
Karen

Can I delete him as a user on this computer? Will that help the computer? Will that harm the computer? Would it save any space on the comptuer?

If he doesn't use the computer, you can delete his account but I don't think it will make much difference but it could save some space if you uninstall the programs that he had installed, if any. I'll wait for the ESET scan results and we'll take it from there.

Hi Super Dave:

I was able to do the Padna Scan. It took a long, long time. Scan results say nothing was found. Posting this and then trying to do the ESET once again.
---------------
Today you are not infected.


We have detected that the COMODO Antivirus protection on your PC is enabled and up-to-date.

It is advisable to run a complete scan with ActiveScan 2.0 from time to time. This will minimize the chances of infection.
--------

Doing ESET now.

Thanks,
Karen

Hi Super Dave:

I didn't get a chance to push anything for the report. Here is what the results said:

No threats found.
Scanned Files: 68,541
Infected Files: 0
Cleaned Files: 0
Total Scanned Time: 4:35:49
Scan Status: Finished

During the scan process Comodo went crazy. Comodo says it found threats that could not be deleted. What is up with this? If Comodo found stuff why didn't ESET? Is Comodo doing false positives?

Thanks,
Karen

Ok. Let's do some cleanup and if Comodo keeps acting up, please let me know.

To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

• Click the CleanUp button.
  
• Select Yes when the "Begin cleanup Process?" prompt appears.
  
• If you are prompted to Reboot during the cleanup, select Yes.
  
• The tool will delete itself once it finishes.
  

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
***********************************************************
To turn off Windows XP System Restore:

NOTE: These instructions assume that you are using the default Windows XP Start Menu and have not changed to the Classic Start menu. To re-enable the default menu, right-click Start, click Properties, click Start menu (not Classic) and then click OK.

1. Click Start.
2. Right-click the My Computer icon, and then click Properties.
3. Click the System Restore tab.
4. Check "Turn off System Restore" or "Turn off System Restore on all drives"
5. Click Apply.
6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
7. Click OK.
8. Restart the computer and follow the instructions in the next section to turn on System Restore.

To turn on Windows XP System Restore:

1. Click Start.
2. Right-click My Computer, and then click Properties.
3. Click the System Restore tab.
4. Uncheck "Turn off System Restore" or "Turn off System Restore on all drives."
5. Click Apply, and then click OK.
**************************************************
Click Start> Computer> right click the C Drive and choose Properties> enter
Click Disk Cleanup from there.



Click OK on the Disk Cleanup Screen.
Click Yes on the Confirmation screen.



This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)
***************************************************
Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

Hi Super Dave:

Well the computer is running faster. That is good. Today I did the Comodo scan. Once again four threats were found and sadly Comodo reports that it can not clear all four threats. This is disturbing. I am pasting what was found here for your. What can be done to clear these items up? They appear to be root kits.

Rootkit.HiddenValue@0 HKEY_LOCAL_MACHINE\System\ControlSet002\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}\0000\MODES\1600,1200\

Rootkit.HiddenValue@0 HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}\0000\MODES\1600,1200\

Rootkit.HiddenValue@0 HKEY_LOCAL_MACHINE\System\ControlSet002\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}\0000\MODES\1600,1200\

Rootkit.HiddenValue@0 HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\load

-------------
Thanks,
Karen

All the scans we ran didn't detect any rootkits. Let's try a few more.

• Download TDSSKiller and save it to your Desktop.
  
• Extract its contents to your desktop.
  
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  
  
  
  
• If an infected file is detected, the default action will be Cure, click on Continue.
  
  
  
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
  
  
  
  
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
  
  
  
• Click the Report button and copy/paste the contents of it into your next reply
  

Note:It will also create a log in the C:\ directory..
**********************************************************************
Download GMER Rootkit Scanner from here.

•Double click the .exe file. If asked to allow gmer.sys driver to load, please consent
•If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO
•In the right panel, you will see several boxes that have been checked. Uncheck the following ...
*Sections
*IAT/EAT
*Drives/Partition other than Systemdrive (typically C:\)
*Show All (don't miss this one)
•Then click the Scan button & wait for it to finish
•Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file
•Save it where you can easily find it, such as your desktop, and post it in reply
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Hi Super Dave:

Nothing found here. I know that the Kaspersky is well respected. I don't understand why Comodo keeps saying that it finds things.

19:34:23.0906 4000 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:34:25.0171 4000 ============================================================
19:34:25.0171 4000 Current date / time: 2012/11/06 19:34:25.0171
19:34:25.0171 4000 SystemInfo:
19:34:25.0171 4000
19:34:25.0171 4000 OS Version: 5.1.2600 ServicePack: 3.0
19:34:25.0171 4000 Product type: Workstation
19:34:25.0171 4000 ComputerName: KURTCOMPUTER
19:34:25.0171 4000 UserName: Owner
19:34:25.0171 4000 Windows directory: C:\WINDOWS
19:34:25.0171 4000 System windows directory: C:\WINDOWS
19:34:25.0171 4000 Processor architecture: Intel x86
19:34:25.0171 4000 Number of processors: 1
19:34:25.0171 4000 Page size: 0x1000
19:34:25.0171 4000 Boot type: Normal boot
19:34:25.0171 4000 ============================================================
19:34:28.0500 4000 Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:34:28.0500 4000 ============================================================
19:34:28.0500 4000 \Device\Harddisk0\DR0:
19:34:28.0500 4000 MBR partitions:
19:34:28.0500 4000 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
19:34:28.0500 4000 ============================================================
19:34:28.0546 4000 C: <-> \Device\Harddisk0\DR0\Partition1
19:34:28.0546 4000 ============================================================
19:34:28.0546 4000 Initialize success
19:34:28.0546 4000 ============================================================
19:35:39.0953 0512 ============================================================
19:35:39.0953 0512 Scan started
19:35:39.0953 0512 Mode: Manual;
19:35:39.0953 0512 ============================================================
19:35:40.0421 0512 ================ Scan system memory ========================
19:35:40.0421 0512 System memory - ok
19:35:40.0437 0512 ================ Scan services =============================
19:35:40.0625 0512 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
19:35:40.0781 0512 !SASCORE - ok
19:35:40.0953 0512 Abiosdsk - ok
19:35:40.0984 0512 abp480n5 - ok
19:35:41.0062 0512 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:35:41.0078 0512 ACPI - ok
19:35:41.0156 0512 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:35:41.0156 0512 ACPIEC - ok
19:35:41.0187 0512 adpu160m - ok
19:35:41.0265 0512 [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
19:35:41.0265 0512 aeaudio - ok
19:35:41.0328 0512 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:35:41.0343 0512 aec - ok
19:35:41.0406 0512 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys
19:35:41.0406 0512 Afc - ok
19:35:41.0468 0512 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:35:41.0484 0512 AFD - ok
19:35:41.0500 0512 Aha154x - ok
19:35:41.0515 0512 aic78u2 - ok
19:35:41.0531 0512 aic78xx - ok
19:35:41.0593 0512 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:35:41.0625 0512 Alerter - ok
19:35:41.0671 0512 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
19:35:41.0671 0512 ALG - ok
19:35:41.0703 0512 AliIde - ok
19:35:41.0734 0512 amsint - ok
19:35:41.0750 0512 AppMgmt - ok
19:35:41.0781 0512 asc - ok
19:35:41.0812 0512 asc3350p - ok
19:35:41.0828 0512 asc3550 - ok
19:35:42.0015 0512 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:35:42.0046 0512 aspnet_state - ok
19:35:42.0093 0512 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:35:42.0093 0512 AsyncMac - ok
19:35:42.0156 0512 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:35:42.0171 0512 atapi - ok
19:35:42.0187 0512 Atdisk - ok
19:35:42.0250 0512 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:35:42.0265 0512 Atmarpc - ok
19:35:42.0328 0512 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:35:42.0343 0512 AudioSrv - ok
19:35:42.0406 0512 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:35:42.0406 0512 audstub - ok
19:35:42.0468 0512 [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt C:\WINDOWS\System32\Drivers\BANTExt.sys
19:35:42.0468 0512 BANTExt - ok
19:35:42.0593 0512 [ B60F57B4D9CDBC663CC03EB8AF7EC34E ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
19:35:42.0593 0512 bcm4sbxp - ok
19:35:42.0671 0512 [ 41347688046D49CDE0F6D138A534F73D ] BCMModem C:\WINDOWS\system32\DRIVERS\BCMSM.sys
19:35:42.0687 0512 BCMModem - ok
19:35:42.0765 0512 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:35:42.0781 0512 Beep - ok
19:35:42.0859 0512 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
19:35:43.0312 0512 BITS - ok
19:35:43.0390 0512 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
19:35:43.0500 0512 Browser - ok
19:35:43.0578 0512 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:35:43.0593 0512 cbidf2k - ok
19:35:43.0640 0512 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:35:43.0640 0512 CCDECODE - ok
19:35:43.0671 0512 cd20xrnt - ok
19:35:43.0734 0512 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:35:43.0734 0512 Cdaudio - ok
19:35:43.0828 0512 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:35:43.0828 0512 Cdfs - ok
19:35:43.0859 0512 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:35:43.0859 0512 Cdrom - ok
19:35:43.0937 0512 [ 8F9347656BEBDF8225D7B7A948CD043F ] ch7009 C:\WINDOWS\system32\DRIVERS\ch7009.sys
19:35:44.0046 0512 ch7009 - ok
19:35:44.0062 0512 [ 9B17BCD1F4FCD3798F0DAB8CA268EC93 ] ch7017 C:\WINDOWS\system32\DRIVERS\ch7017.sys
19:35:44.0171 0512 ch7017 - ok
19:35:44.0203 0512 Changer - ok
19:35:44.0265 0512 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:35:44.0265 0512 CiSvc - ok
19:35:44.0312 0512 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:35:44.0312 0512 ClipSrv - ok
19:35:44.0359 0512 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:35:44.0500 0512 clr_optimization_v2.0.50727_32 - ok
19:35:44.0750 0512 [ 33BB8CAE8C960454F8D9031FA11003EB ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
19:35:44.0781 0512 cmdAgent - ok
19:35:44.0859 0512 [ C6DAE39091BD55FE2F96A9E7D33BF2A8 ] cmderd C:\WINDOWS\system32\DRIVERS\cmderd.sys
19:35:44.0984 0512 cmderd - ok
19:35:45.0046 0512 [ D3ADE6B42AC9020BB24179770A284E10 ] cmdGuard C:\WINDOWS\system32\DRIVERS\cmdguard.sys
19:35:45.0234 0512 cmdGuard - ok
19:35:45.0296 0512 [ 3036D1C981573BCA1DE1F9D0AFB7CFD2 ] cmdHlp C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
19:35:45.0390 0512 cmdHlp - ok
19:35:45.0421 0512 CmdIde - ok
19:35:45.0484 0512 [ 7A0B457EEFEF8CBAA0CC44C8819113BD ] CoachUsb C:\WINDOWS\system32\DRIVERS\CoachUsb.sys
19:35:45.0593 0512 CoachUsb - ok
19:35:45.0609 0512 CoachVc - ok
19:35:45.0640 0512 COMSysApp - ok
19:35:45.0671 0512 Cpqarray - ok
19:35:45.0703 0512 Crypkey License - ok
19:35:45.0750 0512 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:35:45.0750 0512 CryptSvc - ok
19:35:45.0812 0512 [ EEA4EAB0CCB70A625055988976777CEB ] d3dUtil C:\WINDOWS\system32\DRIVERS\d3dutil.sys
19:35:45.0906 0512 d3dUtil - ok
19:35:45.0921 0512 dac2w2k - ok
19:35:45.0953 0512 dac960nt - ok
19:35:46.0046 0512 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:35:46.0140 0512 DcomLaunch - ok
19:35:46.0203 0512 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:35:46.0203 0512 Dhcp - ok
19:35:46.0281 0512 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:35:46.0281 0512 Disk - ok
19:35:46.0312 0512 dmadmin - ok
19:35:46.0406 0512 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:35:46.0437 0512 dmboot - ok
19:35:46.0484 0512 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:35:46.0500 0512 dmio - ok
19:35:46.0562 0512 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:35:46.0562 0512 dmload - ok
19:35:46.0625 0512 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:35:46.0625 0512 dmserver - ok
19:35:46.0687 0512 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:35:46.0703 0512 DMusic - ok
19:35:46.0781 0512 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:35:46.0781 0512 Dnscache - ok
19:35:46.0859 0512 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:35:46.0859 0512 Dot3svc - ok
19:35:46.0890 0512 dpti2o - ok
19:35:46.0953 0512 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:35:46.0953 0512 drmkaud - ok
19:35:46.0984 0512 DwProt - ok
19:35:47.0046 0512 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:35:47.0046 0512 EapHost - ok
19:35:47.0109 0512 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:35:47.0109 0512 ERSvc - ok
19:35:47.0171 0512 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
19:35:47.0234 0512 Eventlog - ok
19:35:47.0312 0512 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
19:35:47.0328 0512 EventSystem - ok
19:35:47.0375 0512 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:35:47.0375 0512 Fastfat - ok
19:35:47.0484 0512 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:35:47.0593 0512 FastUserSwitchingCompatibility - ok
19:35:47.0656 0512 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:35:47.0671 0512 Fdc - ok
19:35:47.0718 0512 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:35:47.0718 0512 Fips - ok
19:35:47.0750 0512 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:35:47.0750 0512 Flpydisk - ok
19:35:47.0828 0512 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:35:47.0828 0512 FltMgr - ok
19:35:48.0000 0512 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:35:48.0000 0512 FontCache3.0.0.0 - ok
19:35:48.0078 0512 [ 32C98379A90968103D01B256A9BAEA28 ] fs454 C:\WINDOWS\system32\DRIVERS\fs454.sys
19:35:48.0156 0512 fs454 - ok
19:35:48.0234 0512 [ E0087225B137E57239FF40F8AE82059B ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
19:35:48.0343 0512 fssfltr - ok
19:35:48.0500 0512 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
19:35:48.0687 0512 fsssvc - ok
19:35:48.0765 0512 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:35:48.0765 0512 Fs_Rec - ok
19:35:48.0843 0512 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:35:48.0843 0512 Ftdisk - ok
19:35:48.0921 0512 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:35:48.0937 0512 Gpc - ok
19:35:49.0031 0512 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:35:49.0046 0512 gupdate - ok
19:35:49.0062 0512 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:35:49.0062 0512 gupdatem - ok
19:35:49.0140 0512 helpsvc - ok
19:35:49.0171 0512 HidServ - ok
19:35:49.0265 0512 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:35:49.0265 0512 hkmsvc - ok
19:35:49.0296 0512 hpn - ok
19:35:49.0390 0512 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:35:49.0390 0512 HTTP - ok
19:35:49.0453 0512 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:35:49.0562 0512 HTTPFilter - ok
19:35:49.0593 0512 i2omgmt - ok
19:35:49.0625 0512 i2omp - ok
19:35:49.0671 0512 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:35:49.0671 0512 i8042prt - ok
19:35:49.0781 0512 [ 44B7D5A4F2BD9FE21AEA0BB0BACE38C4 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
19:35:49.0828 0512 ialm - ok
19:35:49.0984 0512 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:35:50.0031 0512 idsvc - ok
19:35:50.0125 0512 [ 31B9783E002B67A623EB04AE8638AD93 ] igdmini C:\WINDOWS\system32\DRIVERS\igdmini.sys
19:35:50.0250 0512 igdmini - ok
19:35:50.0328 0512 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:35:50.0328 0512 Imapi - ok
19:35:50.0437 0512 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:35:50.0437 0512 ImapiService - ok
19:35:50.0468 0512 ini910u - ok
19:35:50.0546 0512 [ BB916E9A279D1B35D895405DAF162F35 ] Inspect C:\WINDOWS\system32\DRIVERS\inspect.sys
19:35:50.0656 0512 Inspect - ok
19:35:50.0703 0512 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
19:35:50.0703 0512 IntelIde - ok
19:35:50.0765 0512 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:35:50.0781 0512 intelppm - ok
19:35:50.0828 0512 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:35:50.0828 0512 ip6fw - ok
19:35:50.0890 0512 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:35:50.0890 0512 IpFilterDriver - ok
19:35:50.0937 0512 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:35:50.0937 0512 IpInIp - ok
19:35:51.0015 0512 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:35:51.0015 0512 IpNat - ok
19:35:51.0062 0512 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:35:51.0062 0512 IPSec - ok
19:35:51.0109 0512 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:35:51.0109 0512 IRENUM - ok
19:35:51.0171 0512 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:35:51.0187 0512 isapnp - ok
19:35:51.0234 0512 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:35:51.0234 0512 Kbdclass - ok
19:35:51.0296 0512 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:35:51.0296 0512 kmixer - ok
19:35:51.0359 0512 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:35:51.0359 0512 KSecDD - ok
19:35:51.0453 0512 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:35:51.0593 0512 lanmanserver - ok
19:35:51.0671 0512 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:35:51.0734 0512 lanmanworkstation - ok
19:35:51.0765 0512 lbrtfdc - ok
19:35:51.0859 0512 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:35:51.0875 0512 LmHosts - ok
19:35:51.0906 0512 [ E6BA9E361BD6513EF800DD6E1AA389EF ] lvds C:\WINDOWS\system32\DRIVERS\lvds.sys
19:35:52.0015 0512 lvds - ok
19:35:52.0218 0512 [ F8B823414A22DBF3BEC10DCAA5F93CD8 ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
19:35:52.0421 0512 McciCMService - ok
19:35:52.0484 0512 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:35:52.0484 0512 Messenger - ok
19:35:52.0531 0512 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:35:52.0546 0512 mnmdd - ok
19:35:52.0609 0512 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
19:35:52.0609 0512 mnmsrvc - ok
19:35:52.0671 0512 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:35:52.0671 0512 Modem - ok
19:35:52.0734 0512 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
19:35:52.0734 0512 MODEMCSA - ok
19:35:52.0765 0512 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:35:52.0765 0512 Mouclass - ok
19:35:52.0812 0512 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:35:52.0812 0512 MountMgr - ok
19:35:52.0859 0512 mraid35x - ok
19:35:52.0921 0512 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
19:35:53.0031 0512 MREMP50 - ok
19:35:53.0093 0512 [ 2BC9E43F55DE8C30FC817ED56D0EE907 ] MREMPR5 C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
19:35:53.0203 0512 MREMPR5 - ok
19:35:53.0218 0512 [ 594B9D8194E3F4ECBF0325BD10BBEB05 ] MRENDIS5 C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
19:35:53.0328 0512 MRENDIS5 - ok
19:35:53.0359 0512 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
19:35:53.0468 0512 MRESP50 - ok
19:35:53.0515 0512 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:35:53.0531 0512 MRxDAV - ok
19:35:53.0640 0512 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:35:53.0656 0512 MRxSmb - ok
19:35:53.0718 0512 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:35:53.0734 0512 MSDTC - ok
19:35:53.0765 0512 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:35:53.0781 0512 Msfs - ok
19:35:53.0796 0512 MSIServer - ok
19:35:53.0843 0512 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:35:53.0843 0512 MSKSSRV - ok
19:35:53.0875 0512 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:35:53.0890 0512 MSPCLOCK - ok
19:35:53.0921 0512 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:35:53.0921 0512 MSPQM - ok
19:35:53.0984 0512 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:35:53.0984 0512 mssmbios - ok
19:35:54.0062 0512 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:35:54.0062 0512 MSTEE - ok
19:35:54.0156 0512 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:35:54.0296 0512 Mup - ok
19:35:54.0343 0512 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:35:54.0359 0512 NABTSFEC - ok
19:35:54.0421 0512 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:35:54.0468 0512 napagent - ok
19:35:54.0531 0512 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:35:54.0546 0512 NDIS - ok
19:35:54.0625 0512 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:35:54.0625 0512 NdisIP - ok
19:35:54.0687 0512 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:35:54.0687 0512 NdisTapi - ok
19:35:54.0750 0512 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:35:54.0750 0512 Ndisuio - ok
19:35:54.0812 0512 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:35:54.0812 0512 NdisWan - ok
19:35:54.0890 0512 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:35:55.0000 0512 NDProxy - ok
19:35:55.0031 0512 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:35:55.0031 0512 NetBIOS - ok
19:35:55.0078 0512 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:35:55.0109 0512 NetBT - ok
19:35:55.0171 0512 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
19:35:55.0171 0512 NetDDE - ok
19:35:55.0203 0512 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:35:55.0218 0512 NetDDEdsdm - ok
19:35:55.0296 0512 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:35:55.0296 0512 Netlogon - ok
19:35:55.0343 0512 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
19:35:55.0359 0512 Netman - ok
19:35:55.0421 0512 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:35:55.0421 0512 NetTcpPortSharing - ok
19:35:55.0484 0512 [ 5EF7DD401771693245D46F4B0B69FE2B ] NetworkX C:\WINDOWS\system32\ckldrv.sys
19:35:55.0500 0512 NetworkX - ok
19:35:55.0593 0512 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
19:35:55.0609 0512 Nla - ok
19:35:55.0671 0512 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:35:55.0671 0512 Npfs - ok
19:35:55.0734 0512 [ DC23BF0190ACAA6FE49579B99474C931 ] ns2501 C:\WINDOWS\system32\DRIVERS\ns2501.sys
19:35:55.0843 0512 ns2501 - ok
19:35:55.0875 0512 [ 1D35A6DAD47330B8DA57130F9A924D98 ] ns387 C:\WINDOWS\system32\DRIVERS\ns387.sys
19:35:55.0984 0512 ns387 - ok
19:35:56.0093 0512 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:35:56.0125 0512 Ntfs - ok
19:35:56.0171 0512 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
19:35:56.0171 0512 NtLmSsp - ok
19:35:56.0281 0512 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:35:56.0359 0512 NtmsSvc - ok
19:35:56.0421 0512 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:35:56.0437 0512 Null - ok
19:35:56.0500 0512 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:35:56.0515 0512 NwlnkFlt - ok
19:35:56.0562 0512 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:35:56.0578 0512 NwlnkFwd - ok
19:35:56.0625 0512 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
19:35:56.0625 0512 NwlnkIpx - ok
19:35:56.0734 0512 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
19:35:56.0750 0512 NwlnkNb - ok
19:35:56.0781 0512 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
19:35:56.0796 0512 NwlnkSpx - ok
19:35:56.0875 0512 [ 4B83FCBBE72AF5F99D109798653E8B78 ] NwSapAgent C:\WINDOWS\System32\ipxsap.dll
19:35:56.0890 0512 NwSapAgent - ok
19:35:56.0937 0512 [ CEC7E2C6C1FA00C7AB2F5434F848AE51 ] OMCI C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS
19:35:57.0062 0512 OMCI - ok
19:35:57.0125 0512 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:35:57.0140 0512 Parport - ok
19:35:57.0187 0512 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:35:57.0187 0512 PartMgr - ok
19:35:57.0250 0512 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:35:57.0265 0512 ParVdm - ok
19:35:57.0359 0512 [ 2DD9D5A9150C7015AC7F215EFA59E44F ] PCDSRVC{E9D79540-57D5953E-06020200}_0 c:\program files\dell support center\pcdsrvc.pkms
19:35:57.0531 0512 PCDSRVC{E9D79540-57D5953E-06020200}_0 - ok
19:35:57.0562 0512 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:35:57.0562 0512 PCI - ok
19:35:57.0593 0512 PCIDump - ok
19:35:57.0656 0512 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys
19:35:57.0671 0512 PCIIde - ok
19:35:57.0734 0512 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:35:57.0750 0512 Pcmcia - ok
19:35:57.0781 0512 PDCOMP - ok
19:35:57.0812 0512 PDFRAME - ok
19:35:57.0828 0512 PDRELI - ok
19:35:57.0859 0512 PDRFRAME - ok
19:35:57.0890 0512 perc2 - ok
19:35:57.0937 0512 perc2hib - ok
19:35:58.0046 0512 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
19:35:58.0062 0512 PlugPlay - ok
19:35:58.0234 0512 [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
19:35:58.0562 0512 PMBDeviceInfoProvider - ok
19:35:58.0625 0512 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:35:58.0625 0512 PolicyAgent - ok
19:35:58.0703 0512 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:35:58.0718 0512 PptpMiniport - ok
19:35:58.0750 0512 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:35:58.0765 0512 Processor - ok
19:35:58.0796 0512 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:35:58.0796 0512 ProtectedStorage - ok
19:35:58.0828 0512 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:35:58.0828 0512 PSched - ok
19:35:58.0906 0512 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:35:58.0906 0512 Ptilink - ok
19:35:59.0000 0512 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:35:59.0000 0512 PxHelp20 - ok
19:35:59.0031 0512 ql1080 - ok
19:35:59.0062 0512 Ql10wnt - ok
19:35:59.0093 0512 ql12160 - ok
19:35:59.0125 0512 ql1240 - ok
19:35:59.0156 0512 ql1280 - ok
19:35:59.0218 0512 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:35:59.0218 0512 RasAcd - ok
19:35:59.0296 0512 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:35:59.0312 0512 RasAuto - ok
19:35:59.0343 0512 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:35:59.0343 0512 Rasl2tp - ok
19:35:59.0437 0512 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:35:59.0453 0512 RasMan - ok
19:35:59.0500 0512 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:35:59.0515 0512 RasPppoe - ok
19:35:59.0562 0512 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:35:59.0562 0512 Raspti - ok
19:35:59.0640 0512 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:35:59.0640 0512 Rdbss - ok
19:35:59.0687 0512 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:35:59.0687 0512 RDPCDD - ok
19:35:59.0812 0512 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:35:59.0921 0512 RDPWD - ok
19:36:00.0000 0512 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:36:00.0015 0512 RDSessMgr - ok
19:36:00.0078 0512 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:36:00.0078 0512 redbook - ok
19:36:00.0140 0512 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:36:00.0156 0512 RemoteAccess - ok
19:36:00.0234 0512 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
19:36:00.0250 0512 RpcLocator - ok
19:36:00.0328 0512 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
19:36:00.0343 0512 RpcSs - ok
19:36:00.0421 0512 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
19:36:00.0453 0512 RSVP - ok
19:36:00.0531 0512 SABProcEnum - ok
19:36:00.0578 0512 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
19:36:00.0578 0512 SamSs - ok
19:36:00.0656 0512 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:36:00.0671 0512 SASDIFSV - ok
19:36:00.0718 0512 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
19:36:00.0718 0512 SASKUTIL - ok
19:36:00.0781 0512 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:36:00.0796 0512 SCardSvr - ok
19:36:00.0890 0512 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:36:00.0906 0512 Schedule - ok
19:36:00.0984 0512 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:36:01.0000 0512 Secdrv - ok
19:36:01.0046 0512 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:36:01.0062 0512 seclogon - ok
19:36:01.0125 0512 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
19:36:01.0125 0512 SENS - ok
19:36:01.0203 0512 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:36:01.0218 0512 serenum - ok
19:36:01.0281 0512 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:36:01.0281 0512 Serial - ok
19:36:01.0390 0512 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:36:01.0406 0512 Sfloppy - ok
19:36:01.0500 0512 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:36:01.0531 0512 SharedAccess - ok
19:36:01.0578 0512 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:36:01.0593 0512 ShellHWDetection - ok
19:36:01.0625 0512 [ 2327F5FFA223EC9B415F4A0CDBDF4EE1 ] sii164 C:\WINDOWS\system32\DRIVERS\sii164.sys
19:36:01.0734 0512 sii164 - ok
19:36:01.0765 0512 Simbad - ok
19:36:01.0843 0512 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:36:01.0859 0512 SLIP - ok
19:36:01.0921 0512 [ 14BB60A4F1C5291217A05D5728C403E6 ] SmartDefragDriver C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
19:36:02.0046 0512 SmartDefragDriver - ok
19:36:02.0187 0512 [ 31FD0707C7DBE715234F2823B27214FE ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
19:36:02.0187 0512 smwdm - ok
19:36:02.0234 0512 Sparrow - ok
19:36:02.0296 0512 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:36:02.0296 0512 splitter - ok
19:36:02.0375 0512 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:36:02.0390 0512 Spooler - ok
19:36:02.0453 0512 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:36:02.0468 0512 sr - ok
19:36:02.0546 0512 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
19:36:02.0562 0512 srservice - ok
19:36:02.0671 0512 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:36:02.0687 0512 Srv - ok
19:36:02.0781 0512 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:36:02.0781 0512 SSDPSRV - ok
19:36:02.0875 0512 [ EE74E3B1B521CEF8E8C9D008E4BDB45C ] STAC97 C:\WINDOWS\system32\drivers\STAC97.sys
19:36:03.0062 0512 STAC97 - ok
19:36:03.0203 0512 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:36:03.0265 0512 stisvc - ok
19:36:03.0328 0512 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:36:03.0328 0512 streamip - ok
19:36:03.0359 0512 SVKP - ok
19:36:03.0421 0512 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:36:03.0437 0512 swenum - ok
19:36:03.0484 0512 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:36:03.0484 0512 swmidi - ok
19:36:03.0515 0512 SwPrv - ok
19:36:03.0562 0512 symc810 - ok
19:36:03.0593 0512 symc8xx - ok
19:36:03.0625 0512 sym_hi - ok
19:36:03.0656 0512 sym_u3 - ok
19:36:03.0703 0512 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:36:03.0718 0512 sysaudio - ok
19:36:03.0765 0512 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:36:03.0781 0512 SysmonLog - ok
19:36:04.0015 0512 SysProtDrv.sys - ok
19:36:04.0093 0512 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:36:04.0109 0512 TapiSrv - ok
19:36:04.0218 0512 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:36:04.0234 0512 Tcpip - ok
19:36:04.0296 0512 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:36:04.0296 0512 TDPIPE - ok
19:36:04.0375 0512 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:36:04.0375 0512 TDTCP - ok
19:36:04.0437 0512 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:36:04.0468 0512 TermDD - ok
19:36:04.0546 0512 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
19:36:04.0593 0512 TermService - ok
19:36:04.0656 0512 [ 201BE1C73FA333A8872AD738AC49B9B4 ] th164 C:\WINDOWS\system32\DRIVERS\th164.sys
19:36:04.0781 0512 th164 - ok
19:36:04.0828 0512 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
19:36:04.0843 0512 Themes - ok
19:36:04.0875 0512 [ AB9720ADBE304893516521D2E440BD45 ] ti410 C:\WINDOWS\system32\DRIVERS\ti410.sys
19:36:04.0984 0512 ti410 - ok
19:36:05.0015 0512 TICalc - ok
19:36:05.0109 0512 [ DF8444A8FA8FD38D8848BDD40A8403B3 ] tmcomm C:\WINDOWS\system32\drivers\tmcomm.sys
19:36:05.0218 0512 tmcomm - ok
19:36:05.0250 0512 TosIde - ok
19:36:05.0343 0512 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:36:05.0359 0512 TrkWks - ok
19:36:05.0421 0512 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:36:05.0437 0512 Udfs - ok
19:36:05.0515 0512 ultra - ok
19:36:05.0609 0512 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:36:05.0640 0512 Update - ok
19:36:05.0718 0512 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:36:05.0734 0512 upnphost - ok
19:36:05.0796 0512 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
19:36:05.0796 0512 UPS - ok
19:36:05.0859 0512 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:36:05.0859 0512 usbehci - ok
19:36:05.0937 0512 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:36:05.0937 0512 usbhub - ok
19:36:06.0015 0512 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:36:06.0015 0512 usbscan - ok
19:36:06.0062 0512 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:36:06.0078 0512 USBSTOR - ok
19:36:06.0109 0512 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:36:06.0125 0512 usbuhci - ok
19:36:06.0156 0512 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:36:06.0187 0512 VgaSave - ok
19:36:06.0234 0512 ViaIde - ok
19:36:06.0296 0512 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:36:06.0312 0512 VolSnap - ok
19:36:06.0406 0512 [ 699FD04EC634BB3681F11B427F852187 ] vsdatant C:\WINDOWS\System32\vsdatant.sys
19:36:06.0562 0512 vsdatant - ok
19:36:06.0640 0512 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
19:36:06.0687 0512 VSS - ok
19:36:06.0765 0512 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
19:36:06.0781 0512 W32Time - ok
19:36:06.0843 0512 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:36:06.0843 0512 Wanarp - ok
19:36:06.0890 0512 WDICA - ok
19:36:06.0968 0512 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:36:06.0968 0512 wdmaud - ok
19:36:07.0031 0512 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:36:07.0046 0512 WebClient - ok
19:36:07.0218 0512 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:36:07.0265 0512 winmgmt - ok
19:36:07.0406 0512 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:36:07.0515 0512 WmdmPmSN - ok
19:36:07.0609 0512 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
19:36:07.0609 0512 WmiApSrv - ok
19:36:07.0656 0512 [ C60DC16D4E406810FAD54B98DC92D5EC ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
19:36:07.0781 0512 WpdUsb - ok
19:36:07.0859 0512 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:36:07.0859 0512 WS2IFSL - ok
19:36:07.0953 0512 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:36:08.0015 0512 wscsvc - ok
19:36:08.0046 0512 WSearch - ok
19:36:08.0125 0512 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:36:08.0125 0512 WSTCODEC - ok
19:36:08.0234 0512 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:36:08.0281 0512 wuauserv - ok
19:36:08.0343 0512 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:36:08.0343 0512 WudfPf - ok
19:36:08.0437 0512 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:36:08.0437 0512 WudfRd - ok
19:36:08.0515 0512 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:36:08.0531 0512 WudfSvc - ok
19:36:08.0609 0512 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:36:08.0640 0512 xmlprov - ok
19:36:08.0671 0512 zntport - ok
19:36:08.0765 0512 [ FD1F4E9CF06C71C8D73A24ACF18D8296 ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\WINDOWS\system32\drivers\ialmsbw.sys
19:36:08.0875 0512 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
19:36:08.0968 0512 [ D4D7331D33D1FA73E588E5CE0D90A4C1 ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\WINDOWS\system32\drivers\ialmkchw.sys
19:36:09.0093 0512 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
19:36:09.0109 0512 ================ Scan global ===============================
19:36:09.0187 0512 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
19:36:09.0281 0512 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
19:36:09.0328 0512 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
19:36:09.0406 0512 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
19:36:09.0421 0512 [Global] - ok
19:36:09.0437 0512 ================ Scan MBR ==================================
19:36:09.0453 0512 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:36:09.0687 0512 \Device\Harddisk0\DR0 - ok
19:36:09.0703 0512 ================ Scan VBR ==================================
19:36:09.0718 0512 [ D1DAFF5B33FC746EBC58ADAEC37E6BBC ] \Device\Harddisk0\DR0\Partition1
19:36:09.0718 0512 \Device\Harddisk0\DR0\Partition1 - ok
19:36:09.0718 0512 ============================================================
19:36:09.0718 0512 Scan finished
19:36:09.0718 0512 ============================================================
19:36:09.0750 0752 Detected object count: 0
19:36:09.0765 0752 Actual detected object count: 0
19:36:48.0781 2864 ============================================================
19:36:48.0781 2864 Scan started
19:36:48.0781 2864 Mode: Manual;
19:36:48.0781 2864 ============================================================
19:36:49.0015 2864 ================ Scan system memory ========================
19:36:49.0031 2864 System memory - ok
19:36:49.0031 2864 ================ Scan services =============================
19:36:49.0171 2864 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
19:36:49.0171 2864 !SASCORE - ok
19:36:49.0390 2864 Abiosdsk - ok
19:36:49.0406 2864 abp480n5 - ok
19:36:49.0484 2864 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:36:49.0484 2864 ACPI - ok
19:36:49.0578 2864 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:36:49.0578 2864 ACPIEC - ok
19:36:49.0609 2864 adpu160m - ok
19:36:49.0687 2864 [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
19:36:49.0687 2864 aeaudio - ok
19:36:49.0734 2864 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:36:49.0734 2864 aec - ok
19:36:49.0796 2864 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys
19:36:49.0796 2864 Afc - ok
19:36:49.0875 2864 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:36:49.0875 2864 AFD - ok
19:36:49.0906 2864 Aha154x - ok
19:36:49.0921 2864 aic78u2 - ok
19:36:49.0953 2864 aic78xx - ok
19:36:50.0000 2864 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:36:50.0000 2864 Alerter - ok
19:36:50.0078 2864 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
19:36:50.0078 2864 ALG - ok
19:36:50.0109 2864 AliIde - ok
19:36:50.0125 2864 amsint - ok
19:36:50.0156 2864 AppMgmt - ok
19:36:50.0171 2864 asc - ok
19:36:50.0203 2864 asc3350p - ok
19:36:50.0234 2864 asc3550 - ok
19:36:50.0390 2864 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:36:50.0390 2864 aspnet_state - ok
19:36:50.0437 2864 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:36:50.0453 2864 AsyncMac - ok
19:36:50.0484 2864 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:36:50.0500 2864 atapi - ok
19:36:50.0515 2864 Atdisk - ok
19:36:50.0578 2864 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:36:50.0578 2864 Atmarpc - ok
19:36:50.0640 2864 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:36:50.0640 2864 AudioSrv - ok
19:36:50.0703 2864 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:36:50.0703 2864 audstub - ok
19:36:50.0765 2864 [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt C:\WINDOWS\System32\Drivers\BANTExt.sys
19:36:50.0765 2864 BANTExt - ok
19:36:50.0875 2864 [ B60F57B4D9CDBC663CC03EB8AF7EC34E ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
19:36:50.0890 2864 bcm4sbxp - ok
19:36:50.0984 2864 [ 41347688046D49CDE0F6D138A534F73D ] BCMModem C:\WINDOWS\system32\DRIVERS\BCMSM.sys
19:36:51.0000 2864 BCMModem - ok
19:36:51.0078 2864 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:36:51.0078 2864 Beep - ok
19:36:51.0187 2864 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
19:36:51.0203 2864 BITS - ok
19:36:51.0265 2864 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
19:36:51.0281 2864 Browser - ok
19:36:51.0359 2864 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:36:51.0375 2864 cbidf2k - ok
19:36:51.0421 2864 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:36:51.0421 2864 CCDECODE - ok
19:36:51.0453 2864 cd20xrnt - ok
19:36:51.0515 2864 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:36:51.0515 2864 Cdaudio - ok
19:36:51.0609 2864 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:36:51.0609 2864 Cdfs - ok
19:36:51.0640 2864 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:36:51.0640 2864 Cdrom - ok
19:36:51.0703 2864 [ 8F9347656BEBDF8225D7B7A948CD043F ] ch7009 C:\WINDOWS\system32\DRIVERS\ch7009.sys
19:36:51.0703 2864 ch7009 - ok
19:36:51.0734 2864 [ 9B17BCD1F4FCD3798F0DAB8CA268EC93 ] ch7017 C:\WINDOWS\system32\DRIVERS\ch7017.sys
19:36:51.0734 2864 ch7017 - ok
19:36:51.0765 2864 Changer - ok
19:36:51.0828 2864 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:36:51.0828 2864 CiSvc - ok
19:36:51.0859 2864 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:36:51.0859 2864 ClipSrv - ok
19:36:51.0906 2864 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:36:51.0921 2864 clr_optimization_v2.0.50727_32 - ok
19:36:52.0140 2864 [ 33BB8CAE8C960454F8D9031FA11003EB ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
19:36:52.0171 2864 cmdAgent - ok
19:36:52.0250 2864 [ C6DAE39091BD55FE2F96A9E7D33BF2A8 ] cmderd C:\WINDOWS\system32\DRIVERS\cmderd.sys
19:36:52.0250 2864 cmderd - ok
19:36:52.0375 2864 [ D3ADE6B42AC9020BB24179770A284E10 ] cmdGuard C:\WINDOWS\system32\DRIVERS\cmdguard.sys
19:36:52.0390 2864 cmdGuard - ok
19:36:52.0437 2864 [ 3036D1C981573BCA1DE1F9D0AFB7CFD2 ] cmdHlp C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
19:36:52.0453 2864 cmdHlp - ok
19:36:52.0468 2864 CmdIde - ok
19:36:52.0531 2864 [ 7A0B457EEFEF8CBAA0CC44C8819113BD ] CoachUsb C:\WINDOWS\system32\DRIVERS\CoachUsb.sys
19:36:52.0546 2864 CoachUsb - ok
19:36:52.0578 2864 CoachVc - ok
19:36:52.0593 2864 COMSysApp - ok
19:36:52.0640 2864 Cpqarray - ok
19:36:52.0671 2864 Crypkey License - ok
19:36:52.0718 2864 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:36:52.0718 2864 CryptSvc - ok
19:36:52.0765 2864 [ EEA4EAB0CCB70A625055988976777CEB ] d3dUtil C:\WINDOWS\system32\DRIVERS\d3dutil.sys
19:36:52.0765 2864 d3dUtil - ok
19:36:52.0796 2864 dac2w2k - ok
19:36:52.0828 2864 dac960nt - ok
19:36:52.0921 2864 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:36:52.0937 2864 DcomLaunch - ok
19:36:53.0000 2864 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:36:53.0000 2864 Dhcp - ok
19:36:53.0062 2864 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:36:53.0062 2864 Disk - ok
19:36:53.0093 2864 dmadmin - ok
19:36:53.0187 2864 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:36:53.0203 2864 dmboot - ok
19:36:53.0265 2864 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:36:53.0265 2864 dmio - ok
19:36:53.0312 2864 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:36:53.0312 2864 dmload - ok
19:36:53.0375 2864 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:36:53.0375 2864 dmserver - ok
19:36:53.0453 2864 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:36:53.0453 2864 DMusic - ok
19:36:53.0531 2864 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:36:53.0531 2864 Dnscache - ok
19:36:53.0609 2864 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:36:53.0609 2864 Dot3svc - ok
19:36:53.0640 2864 dpti2o - ok
19:36:53.0703 2864 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:36:53.0703 2864 drmkaud - ok
19:36:53.0734 2864 DwProt - ok
19:36:53.0781 2864 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:36:53.0781 2864 EapHost - ok
19:36:53.0875 2864 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:36:53.0875 2864 ERSvc - ok
19:36:53.0953 2864 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
19:36:53.0953 2864 Eventlog - ok
19:36:54.0031 2864 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
19:36:54.0046 2864 EventSystem - ok
19:36:54.0093 2864 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:36:54.0093 2864 Fastfat - ok
19:36:54.0187 2864 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:36:54.0203 2864 FastUserSwitchingCompatibility - ok
19:36:54.0296 2864 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:36:54.0312 2864 Fdc - ok
19:36:54.0359 2864 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:36:54.0359 2864 Fips - ok
19:36:54.0406 2864 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:36:54.0406 2864 Flpydisk - ok
19:36:54.0468 2864 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:36:54.0468 2864 FltMgr - ok
19:36:54.0609 2864 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:36:54.0609 2864 FontCache3.0.0.0 - ok
19:36:54.0687 2864 [ 32C98379A90968103D01B256A9BAEA28 ] fs454 C:\WINDOWS\system32\DRIVERS\fs454.sys
19:36:54.0687 2864 fs454 - ok
19:36:54.0750 2864 [ E0087225B137E57239FF40F8AE82059B ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
19:36:54.0750 2864 fssfltr - ok
19:36:54.0921 2864 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
19:36:54.0937 2864 fsssvc - ok
19:36:55.0000 2864 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:36:55.0000 2864 Fs_Rec - ok
19:36:55.0078 2864 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:36:55.0078 2864 Ftdisk - ok
19:36:55.0156 2864 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:36:55.0156 2864 Gpc - ok
19:36:55.0265 2864 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:36:55.0265 2864 gupdate - ok
19:36:55.0281 2864 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:36:55.0296 2864 gupdatem - ok
19:36:55.0359 2864 helpsvc - ok
19:36:55.0390 2864 HidServ - ok
19:36:55.0468 2864 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:36:55.0484 2864 hkmsvc - ok
19:36:55.0500 2864 hpn - ok
19:36:55.0578 2864 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:36:55.0578 2864 HTTP - ok
19:36:55.0640 2864 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:36:55.0656 2864 HTTPFilter - ok
19:36:55.0687 2864 i2omgmt - ok
19:36:55.0718 2864 i2omp - ok
19:36:55.0765 2864 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:36:55.0765 2864 i8042prt - ok
19:36:55.0890 2864 [ 44B7D5A4F2BD9FE21AEA0BB0BACE38C4 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
19:36:55.0890 2864 ialm - ok
19:36:56.0046 2864 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:36:56.0062 2864 idsvc - ok
19:36:56.0140 2864 [ 31B9783E002B67A623EB04AE8638AD93 ] igdmini C:\WINDOWS\system32\DRIVERS\igdmini.sys
19:36:56.0140 2864 igdmini - ok
19:36:56.0218 2864 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:36:56.0218 2864 Imapi - ok
19:36:56.0312 2864 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:36:56.0328 2864 ImapiService - ok
19:36:56.0359 2864 ini910u - ok
19:36:56.0453 2864 [ BB916E9A279D1B35D895405DAF162F35 ] Inspect C:\WINDOWS\system32\DRIVERS\inspect.sys
19:36:56.0453 2864 Inspect - ok
19:36:56.0484 2864 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
19:36:56.0484 2864 IntelIde - ok
19:36:56.0546 2864 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:36:56.0546 2864 intelppm - ok
19:36:56.0593 2864 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:36:56.0609 2864 ip6fw - ok
19:36:56.0671 2864 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:36:56.0671 2864 IpFilterDriver - ok
19:36:56.0718 2864 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:36:56.0718 2864 IpInIp - ok
19:36:56.0796 2864 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:36:56.0796 2864 IpNat - ok
19:36:56.0843 2864 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:36:56.0843 2864 IPSec - ok
19:36:56.0890 2864 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:36:56.0906 2864 IRENUM - ok
19:36:56.0953 2864 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:36:56.0953 2864 isapnp - ok
19:36:56.0968 2864 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:36:56.0984 2864 Kbdclass - ok
19:36:57.0031 2864 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:36:57.0031 2864 kmixer - ok
19:36:57.0078 2864 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:36:57.0078 2864 KSecDD - ok
19:36:57.0171 2864 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:36:57.0187 2864 lanmanserver - ok
19:36:57.0296 2864 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:36:57.0312 2864 lanmanworkstation - ok
19:36:57.0328 2864 lbrtfdc - ok
19:36:57.0421 2864 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:36:57.0421 2864 LmHosts - ok
19:36:57.0468 2864 [ E6BA9E361BD6513EF800DD6E1AA389EF ] lvds C:\WINDOWS\system32\DRIVERS\lvds.sys
19:36:57.0468 2864 lvds - ok
19:36:57.0703 2864 [ F8B823414A22DBF3BEC10DCAA5F93CD8 ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
19:36:57.0703 2864 McciCMService - ok
19:36:57.0750 2864 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:36:57.0765 2864 Messenger - ok
19:36:57.0812 2864 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:36:57.0812 2864 mnmdd - ok
19:36:57.0875 2864 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
19:36:57.0875 2864 mnmsrvc - ok
19:36:57.0937 2864 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:36:57.0937 2864 Modem - ok
19:36:58.0000 2864 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
19:36:58.0015 2864 MODEMCSA - ok
19:36:58.0031 2864 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:36:58.0031 2864 Mouclass - ok
19:36:58.0093 2864 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:36:58.0093 2864 MountMgr - ok
19:36:58.0125 2864 mraid35x - ok
19:36:58.0203 2864 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
19:36:58.0203 2864 MREMP50 - ok
19:36:58.0265 2864 [ 2BC9E43F55DE8C30FC817ED56D0EE907 ] MREMPR5 C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
19:36:58.0265 2864 MREMPR5 - ok
19:36:58.0312 2864 [ 594B9D8194E3F4ECBF0325BD10BBEB05 ] MRENDIS5 C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
19:36:58.0312 2864 MRENDIS5 - ok
19:36:58.0343 2864 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
19:36:58.0343 2864 MRESP50 - ok
19:36:58.0390 2864 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:36:58.0390 2864 MRxDAV - ok
19:36:58.0500 2864 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:36:58.0515 2864 MRxSmb - ok
19:36:58.0578 2864 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:36:58.0578 2864 MSDTC - ok
19:36:58.0640 2864 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:36:58.0640 2864 Msfs - ok
19:36:58.0671 2864 MSIServer - ok
19:36:58.0718 2864 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:36:58.0718 2864 MSKSSRV - ok
19:36:58.0765 2864 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:36:58.0765 2864 MSPCLOCK - ok
19:36:58.0796 2864 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:36:58.0796 2864 MSPQM - ok
19:36:58.0875 2864 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:36:58.0875 2864 mssmbios - ok
19:36:58.0937 2864 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:36:58.0937 2864 MSTEE - ok
19:36:59.0015 2864 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:36:59.0015 2864 Mup - ok
19:36:59.0093 2864 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:36:59.0093 2864 NABTSFEC - ok
19:36:59.0187 2864 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:36:59.0203 2864 napagent - ok
19:36:59.0281 2864 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:36:59.0281 2864 NDIS - ok
19:36:59.0375 2864 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:36:59.0375 2864 NdisIP - ok
19:36:59.0437 2864 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:36:59.0437 2864 NdisTapi - ok
19:36:59.0468 2864 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:36:59.0484 2864 Ndisuio - ok
19:36:59.0687 2864 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:36:59.0703 2864 NdisWan - ok
19:36:59.0875 2864 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:36:59.0875 2864 NDProxy - ok
19:36:59.0984 2864 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:37:00.0000 2864 NetBIOS - ok
19:37:00.0062 2864 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:37:00.0078 2864 NetBT - ok
19:37:00.0140 2864 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
19:37:00.0171 2864 NetDDE - ok
19:37:00.0187 2864 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:37:00.0203 2864 NetDDEdsdm - ok
19:37:00.0281 2864 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:37:00.0281 2864 Netlogon - ok
19:37:00.0328 2864 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
19:37:00.0328 2864 Netman - ok
19:37:00.0390 2864 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:37:00.0390 2864 NetTcpPortSharing - ok
19:37:00.0453 2864 [ 5EF7DD401771693245D46F4B0B69FE2B ] NetworkX C:\WINDOWS\system32\ckldrv.sys
19:37:00.0453 2864 NetworkX - ok
19:37:00.0593 2864 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
19:37:00.0687 2864 Nla - ok
19:37:01.0000 2864 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:37:01.0000 2864 Npfs - ok
19:37:01.0062 2864 [ DC23BF0190ACAA6FE49579B99474C931 ] ns2501 C:\WINDOWS\system32\DRIVERS\ns2501.sys
19:37:01.0062 2864 ns2501 - ok
19:37:01.0093 2864 [ 1D35A6DAD47330B8DA57130F9A924D98 ] ns387 C:\WINDOWS\system32\DRIVERS\ns387.sys
19:37:01.0093 2864 ns387 - ok
19:37:01.0187 2864 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:37:01.0187 2864 Ntfs - ok
19:37:01.0250 2864 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
19:37:01.0265 2864 NtLmSsp - ok
19:37:01.0359 2864 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:37:01.0375 2864 NtmsSvc - ok
19:37:01.0421 2864 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:37:01.0421 2864 Null - ok
19:37:01.0484 2864 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:37:01.0484 2864 NwlnkFlt - ok
19:37:01.0531 2864 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:37:01.0531 2864 NwlnkFwd - ok
19:37:01.0578 2864 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
19:37:01.0578 2864 NwlnkIpx - ok
19:37:01.0671 2864 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
19:37:01.0687 2864 NwlnkNb - ok
19:37:01.0718 2864 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
19:37:01.0718 2864 NwlnkSpx - ok
19:37:01.0796 2864 [ 4B83FCBBE72AF5F99D109798653E8B78 ] NwSapAgent C:\WINDOWS\System32\ipxsap.dll
19:37:01.0812 2864 NwSapAgent - ok
19:37:01.0843 2864 [ CEC7E2C6C1FA00C7AB2F5434F848AE51 ] OMCI

Thanks,
Karen

What did the GMER Rootkit scanner find?

Hi Dave:

It took all night to do the scan. Here are the results.

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-11-07 12:03:17
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD400EB-75CPF0 rev.06.04G06
Running: izp4gifk.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\pxdyypow.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0xB173D7E4]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0xB173CD90]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0xB173D44A]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateKey [0xB173E040]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0xB173FC20]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0xB173FF9E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThread [0xB173C77C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDeleteKey [0xB173D9D0]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDeleteValueKey [0xB173DBE8]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDuplicateObject [0xB173C582]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwEnumerateKey [0xB173E82A]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwEnumerateValueKey [0xB173EA80]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0xB173F652]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0xB173D058]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0xB173D626]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenKey [0xB173E030]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenProcess [0xB173C1B0]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0xB173D2F2]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenThread [0xB173C3B4]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryKey [0xB173EC8E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryMultipleValueKey [0xB173F0E2]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryValueKey [0xB173EEA0]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRenameKey [0xB173E5B2]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSecurityObject [0xB173DE54]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0xB173F93E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetValueKey [0xB173E30A]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0xB173CFC2]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0xB173D1DE]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateProcess [0xB173CB92]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0xB173C980]

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\temp\aulauncher.exe 1

---- Files - GMER 1.0.15 ----

File C:\Program Files\Comodo\COMODO Internet Security\Quarantine\19AFEFF1-1141-4C9E-95DA-857FD675F4F7.data 3355933 bytes executable
File C:\Program Files\Comodo\COMODO Internet Security\Quarantine\19AFEFF1-1141-4C9E-95DA-857FD675F4F7.data.info 250 bytes
File C:\Program Files\Comodo\COMODO Internet Security\Quarantine\1D2A5CCB-361A-41AC-AC2A-1D827D1C811C.data 1294 bytes
File C:\Program Files\Comodo\COMODO Internet Security\Quarantine\1D2A5CCB-361A-41AC-AC2A-1D827D1C811C.data.info 276 bytes
File C:\Program Files\Comodo\COMODO Internet Security\Quarantine\2D73C69D-6F90-4D4D-9E56-0D40DB872FB5.data 624784 bytes
File C:\Program Files\Comodo\COMODO Internet Security\Quarantine\2D73C69D-6F90-4D4D-9E56-0D40DB872FB5.data.info 248 bytes
File C:\Program Files\Comodo\COMODO Internet Security\Quarantine\431CFA03-8191-419B-80DB-B6614769FA3E.data 1294 bytes
File C:\Program Files\Comodo\COMODO Internet Security\Quarantine\431CFA03-8191-419B-80DB-B6614769FA3E.data.info 276 bytes
File C:\Program Files\Comodo\COMODO Internet Security\Quarantine\4A883479-C55C-41EE-8D02-EE9CDEC9BD49.data 624784 bytes
File C:\Program Files\Comodo\COMODO Internet Security\Quarantine\4A883479-C55C-41EE-8D02-EE9CDEC9BD49.data.info 248 bytes
File C:\Program Files\Comodo\COMODO Internet Security\Quarantine\76EA4343-6C05-4DAA-B14B-356CDADBE4BF.data 1584640 bytes executable
File C:\Program Files\Comodo\COMODO Internet Security\Quarantine\76EA4343-6C05-4DAA-B14B-356CDADBE4BF.data.info 280 bytes
File C:\Program Files\Comodo\COMODO Internet Security\Quarantine\83F64329-2EAA-4F17-8EE5-35060D81B672.data 607017 bytes executable
File C:\Program Files\Comodo\COMODO Internet Security\Quarantine\83F64329-2EAA-4F17-8EE5-35060D81B672.data.info 250 bytes
File C:\Program Files\Comodo\COMODO Internet Security\Quarantine\Temp 0 bytes
File C:\Program Files\Comodo\COMODO Internet Security\Quarantine\Temp\baseupd 0 bytes

---- EOF - GMER 1.0.15 ----


Thanks,
Karen

I don't know what's happening with Comodo. Those HKEY codes that Comodo is coming up with are for your monitor. Is everything ok there?

Hi Super Dave:

Computer seems afaster since we did the restore set point. Just worried about Comodo. Are those false positives? I am now using Comodo for my firewall and my antivirus as you suggesetd. AVG is totally gone now. Just wonder about Comodo if I do a scan and get a garbage/false positive result. As Comodo indicated in the last two scans there were four things that Comodo considered to be threats. Then Comodo says not all of the threats were removed. Should I plan on using GMER now and then to check for root kits? I just don't know what to think.

Thanks,
Karen