Trojan-Dropper.win32.zaccess.gh on winxp pro sp3

[computer_is_dave]

[ Application Events ]
Error - 05/08/2013 09:28:57 | Computer Name = DAVE | Source = MsiInstaller | ID = 11406
Description = Application: Kaspersky Security Scan -- Error 1406. Could not write
 value EnableSelfProtection to key \SOFTWARE\KasperskyLab\KSS2\settings.  System
 error . Verify that you have sufficient access to that key, or contact Technical
 Support.
 
Error - 05/08/2013 09:28:58 | Computer Name = DAVE | Source = MsiInstaller | ID = 11406
Description = Application: Kaspersky Security Scan -- Error 1406. Could not write
 value EnableSelfProtection to key \SOFTWARE\KasperskyLab\KSS2\settings.  System
 error . Verify that you have sufficient access to that key, or contact Technical
 Support.
 
Error - 05/08/2013 09:28:58 | Computer Name = DAVE | Source = MsiInstaller | ID = 11406
Description = Application: Kaspersky Security Scan -- Error 1406. Could not write
 value EnableSelfProtection to key \SOFTWARE\KasperskyLab\KSS2\settings.  System
 error . Verify that you have sufficient access to that key, or contact Technical
 Support.
 
Error - 05/08/2013 09:28:58 | Computer Name = DAVE | Source = MsiInstaller | ID = 11406
Description = Application: Kaspersky Security Scan -- Error 1406. Could not write
 value EnableSelfProtection to key \SOFTWARE\KasperskyLab\KSS2\settings.  System
 error . Verify that you have sufficient access to that key, or contact Technical
 Support.
 
Error - 05/08/2013 09:28:59 | Computer Name = DAVE | Source = MsiInstaller | ID = 11406
Description = Application: Kaspersky Security Scan -- Error 1406. Could not write
 value EnableSelfProtection to key \SOFTWARE\KasperskyLab\KSS2\settings.  System
 error . Verify that you have sufficient access to that key, or contact Technical
 Support.
 
Error - 05/08/2013 09:29:11 | Computer Name = DAVE | Source = MsiInstaller | ID = 11406
Description = Application: Kaspersky Security Scan -- Error 1406. Could not write
 value EnableSelfProtection to key \SOFTWARE\KasperskyLab\KSS2\settings.  System
 error . Verify that you have sufficient access to that key, or contact Technical
 Support.
 
Error - 05/08/2013 11:53:58 | Computer Name = DAVE | Source = MsiInstaller | ID = 11406
Description = Application: Kaspersky Security Scan -- Error 1406. Could not write
 value EnableSelfProtection to key \SOFTWARE\KasperskyLab\KSS2\settings.  System
 error . Verify that you have sufficient access to that key, or contact Technical
 Support.
 
Error - 06/08/2013 12:56:44 | Computer Name = DAVE | Source = MsiInstaller | ID = 11406
Description = Application: Kaspersky Security Scan -- Error 1406. Could not write
 value EnableSelfProtection to key \SOFTWARE\KasperskyLab\KSS2\settings.  System
 error . Verify that you have sufficient access to that key, or contact Technical
 Support.
 
Error - 06/08/2013 12:56:45 | Computer Name = DAVE | Source = MsiInstaller | ID = 11406
Description = Application: Kaspersky Security Scan -- Error 1406. Could not write
 value  to key \SOFTWARE\KasperskyLab\KSS2\settings.  System error . Verify that
 you have sufficient access to that key, or contact Technical Support.
 
Error - 06/08/2013 12:56:47 | Computer Name = DAVE | Source = MsiInstaller | ID = 11406
Description = Application: Kaspersky Security Scan -- Error 1406. Could not write
 value Ins_ActivationCode to key \SOFTWARE\KasperskyLab\KSS2\settings.  System error
 . Verify that you have sufficient access to that key, or contact Technical Support.
 
[ System Events ]
Error - 06/08/2013 11:50:55 | Computer Name = DAVE | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service wuauserv with
 arguments ""  in order to run the server:  {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error - 06/08/2013 11:50:56 | Computer Name = DAVE | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service wuauserv with
 arguments ""  in order to run the server:  {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error - 06/08/2013 11:51:33 | Computer Name = DAVE | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service wuauserv with
 arguments ""  in order to run the server:  {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error - 06/08/2013 11:51:34 | Computer Name = DAVE | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service wuauserv with
 arguments ""  in order to run the server:  {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error - 06/08/2013 11:57:22 | Computer Name = DAVE | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service wuauserv with
 arguments ""  in order to run the server:  {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error - 06/08/2013 12:01:15 | Computer Name = DAVE | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
 with arguments ""  in order to run the server:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 06/08/2013 12:13:31 | Computer Name = DAVE | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
 with arguments ""  in order to run the server:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 06/08/2013 12:14:42 | Computer Name = DAVE | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   Fips  intelppm  KLIF
 
Error - 06/08/2013 12:33:45 | Computer Name = DAVE | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
 with arguments ""  in order to run the server:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 06/08/2013 12:52:06 | Computer Name = DAVE | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
 times on transport \Device\NetBT_Tcpip_{13FE834C-51FC-48EE-87FB-3DC39793A822}.  The
 backup browser is stopping.
 
 
< End of report >

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3c04cbbb5c0cf445b1904cda19e718f5
# engine=14680
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-07 01:38:02
# local_time=2013-08-07 02:38:02 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=9217 16776893 100 13 31895 4161394 0 0
# scanned=38523
# found=0
# cleaned=0
# scan_time=2175

[D-FRED-BROWN]

Please Launch Malwarebytes' Anti-Malware.

• Please click Check for Updates to see if any updates are found. If so, please allow MBAM to download and install them.
• Once the program has loaded, select Perform full scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected.
• When completed, a log will open in Notepad. Please save it to a location you will remember.
• Copy and Paste that log into your next reply.

Note:

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.

Click OK for either of the prompts and let MBAM proceed with the disinfection process.

If asked to restart the computer, please do so immediately.

[computer_is_dave]

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.07.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jane Doe :: DAVE [administrator]

Protection: Disabled

07/08/2013 04:23:26
mbam-log-2013-08-07 (04-23-26).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 228633
Time elapsed: 30 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

[computer_is_dave]

Sorry DFB, I've run out of time again and will have to check back tomorrow. Before I forget though.. I backed up some documents with nero prior to the format, a bunch of photos, avis, bookmarks and utilities (all of which were on my comuter before the trojan).

 

Will whatever I had, have written anything to the discs they were saved to?..How can I check that the discs are safe?.. Please could you recommend something that I can scan them with?.. I assume I would need a heavy duty scanner that checks for more than just malware.

 

Thanks again for your help today.

JD (and Dave)

[D-FRED-BROWN]

 

Sorry DFB, I've run out of time again and will have to check back tomorrow. Before I forget though.. I backed up some documents with nero prior to the format, a bunch of photos, avis, bookmarks and utilities (all of which were on my comuter before the trojan).

 

Will whatever I had, have written anything to the discs they were saved to?..How can I check that the discs are safe?.. Please could you recommend something that I can scan them with?.. I assume I would need a heavy duty scanner that checks for more than just malware.

I think you're probably not at risk of having documents etc. getting infected, but any virus scanner should do- I personally use Avast Free edition + Malwarebytes PRO. Just to be safe I would scan with at least one.

 

--------

 

We're nearly in the clear.

 

----------Step 1----------------

We need to run an OTL Fix

• Please reopen on your desktop.
• Copy and Paste the following code into the textbox.

   

  :OTL

  [2013/08/04 20:52:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

   

  [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

   

  [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

   

  [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

  "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)

  "ThreadingModel" = Apartment

   

  [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

  "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)

  "ThreadingModel" = Free

   

  [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

  "" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)

  "ThreadingModel" = Both

  [33 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

  [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

  :Commands

  [purity]

  [emptytemp]

  [emptyjava]

  [emptyflash]

  [Reboot]

• Push
• OTL may ask to reboot the machine. Please do so if asked.
• Click the OK button.
• A report will open. Copy and Paste that report in your next reply.

----------Step 2----------------

Instructions for DELETE:

• Close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
• Click on Delete.
• Confirm each time with Ok.
• You will be prompted to restart your computer. A text file will open after the restart.
• Please post the contents of that logfile with your next reply.
• You can find the logfile at C:\AdwCleaner[s1].txt as well.

Afterwards, please reboot the computer.

----------Step 3----------------

Please post the OTL and AdwCleaner reports in your next reply. How are things running now?

[computer_is_dave]

All processes killed
========== OTL ==========
C:\WINDOWS\assembly\Desktop.ini moved successfully.
File EY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
File EY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] not found.
File EY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]\ not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]\ not found.
C:\WINDOWS\003145_.tmp deleted successfully.
C:\WINDOWS\SET29.tmp deleted successfully.
C:\WINDOWS\SET2A.tmp deleted successfully.
C:\WINDOWS\SET2B.tmp deleted successfully.
C:\WINDOWS\SET2C.tmp deleted successfully.
C:\WINDOWS\SET2D.tmp deleted successfully.
C:\WINDOWS\SET2E.tmp deleted successfully.
C:\WINDOWS\SET2F.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET30.tmp deleted successfully.
C:\WINDOWS\SET31.tmp deleted successfully.
C:\WINDOWS\SET32.tmp deleted successfully.
C:\WINDOWS\SET33.tmp deleted successfully.
C:\WINDOWS\SET34.tmp deleted successfully.
C:\WINDOWS\SET35.tmp deleted successfully.
C:\WINDOWS\SET36.tmp deleted successfully.
C:\WINDOWS\SET37.tmp deleted successfully.
C:\WINDOWS\SET38.tmp deleted successfully.
C:\WINDOWS\SET39.tmp deleted successfully.
C:\WINDOWS\SET3A.tmp deleted successfully.
C:\WINDOWS\SET3B.tmp deleted successfully.
C:\WINDOWS\SET3C.tmp deleted successfully.
C:\WINDOWS\SET3D.tmp deleted successfully.
C:\WINDOWS\SET3E.tmp deleted successfully.
C:\WINDOWS\SET3F.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET40.tmp deleted successfully.
C:\WINDOWS\SET41.tmp deleted successfully.
C:\WINDOWS\SET42.tmp deleted successfully.
C:\WINDOWS\SET43.tmp deleted successfully.
C:\WINDOWS\SET44.tmp deleted successfully.
C:\WINDOWS\SET45.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Jane Doe
->Temp folder emptied: 27908571 bytes
->Temporary Internet Files folder emptied: 60269291 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 18773093 bytes
->Flash cache emptied: 750 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 26821677 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 12979472 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1597859 bytes
 
Total Files Cleaned = 142.00 mb
 
 
[EMPTYJAVA]
 
User: All Users
 
User: Default User
 
User: Jane Doe
->Java cache emptied: 0 bytes
 
User: LocalService
 
User: NetworkService
 
Total Java Files Cleaned = 0.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default User
 
User: Jane Doe
->Flash cache emptied: 0 bytes
 
User: LocalService
 
User: NetworkService
 
Total Flash Files Cleaned = 0.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 08072013_115911

Files\Folders moved on Reboot...
C:\Documents and Settings\Jane Doe\Local Settings\Temp\~DFB2BA.tmp moved successfully.
C:\WINDOWS\temp\Perflib_Perfdata_9f0.dat moved successfully.
File\Folder C:\WINDOWS\temp\ZLT00be5.TMP not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

[computer_is_dave]

# AdwCleaner v2.306 - Logfile created 08/07/2013 at 12:03:11
# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Jane Doe - DAVE
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Jane Doe\Desktop\AdwCleaner.exe
# Option [Delete]


***** [services] *****


***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\Jane Doe\Application Data\Mozilla\Firefox\Profiles\bfezthlf.default\searchplugins\zonealarm.xml

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Documents and Settings\Jane Doe\Application Data\Mozilla\Firefox\Profiles\bfezthlf.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2826 octets] - [07/08/2013 01:37:21]
AdwCleaner[s1].txt - [1756 octets] - [07/08/2013 12:03:11]

########## EOF - C:\AdwCleaner[s1].txt - [1816 octets] ##########
 

[computer_is_dave]

Hi again. I've noticed I'm getting the same result with tdsskiller for the malicious object "PhysicalDrive:\ Device\ HardDisk0\DR0' , and same error/abort (cannot change value for key) installing Kaspersky..

Is this something that should cause concern?..

I'm unsure of whether I needed all of the previous scans for this issue or whether you saw something else in the logs.

[D-FRED-BROWN]

Go ahead and run TDSSKiller again and post the new log it creates.

[computer_is_dave]

17:39:38.0765 3012  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
17:39:40.0218 3012  ============================================================
17:39:40.0218 3012  Current date / time: 2013/08/07 17:39:40.0218
17:39:40.0218 3012  SystemInfo:
17:39:40.0218 3012  
17:39:40.0218 3012  OS Version: 5.1.2600 ServicePack: 3.0
17:39:40.0218 3012  Product type: Workstation
17:39:40.0218 3012  ComputerName: DAVE
17:39:40.0218 3012  UserName: Jane Doe
17:39:40.0218 3012  Windows directory: C:\WINDOWS
17:39:40.0218 3012  System windows directory: C:\WINDOWS
17:39:40.0218 3012  Processor architecture: Intel x86
17:39:40.0218 3012  Number of processors: 2
17:39:40.0218 3012  Page size: 0x1000
17:39:40.0218 3012  Boot type: Normal boot
17:39:40.0218 3012  ============================================================
17:39:41.0625 3012  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:39:41.0625 3012  ============================================================
17:39:41.0625 3012  \Device\Harddisk0\DR0:
17:39:41.0625 3012  MBR partitions:
17:39:41.0625 3012  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
17:39:41.0625 3012  ============================================================
17:39:41.0656 3012  C: <-> \Device\Harddisk0\DR0\Partition1
17:39:41.0656 3012  ============================================================
17:39:41.0656 3012  Initialize success
17:39:41.0656 3012  ============================================================
17:39:51.0968 0800  ============================================================
17:39:51.0968 0800  Scan started
17:39:51.0968 0800  Mode: Manual; TDLFS;
17:39:51.0968 0800  ============================================================
17:39:52.0515 0800  ================ Scan system memory ========================
17:39:52.0515 0800  System memory - ok
17:39:52.0515 0800  ================ Scan services =============================
17:39:52.0812 0800  Abiosdsk - ok
17:39:52.0812 0800  abp480n5 - ok
17:39:52.0875 0800  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:39:52.0875 0800  ACPI - ok
17:39:52.0921 0800  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
17:39:52.0921 0800  ACPIEC - ok
17:39:52.0984 0800  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:39:52.0984 0800  AdobeFlashPlayerUpdateSvc - ok
17:39:53.0000 0800  adpu160m - ok
17:39:53.0015 0800  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
17:39:53.0015 0800  aec - ok
17:39:53.0046 0800  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
17:39:53.0062 0800  AFD - ok
17:39:53.0062 0800  Aha154x - ok
17:39:53.0062 0800  aic78u2 - ok
17:39:53.0062 0800  aic78xx - ok
17:39:53.0109 0800  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
17:39:53.0109 0800  Alerter - ok
17:39:53.0125 0800  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
17:39:53.0125 0800  ALG - ok
17:39:53.0140 0800  AliIde - ok
17:39:53.0140 0800  amsint - ok
17:39:53.0171 0800  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
17:39:53.0171 0800  AppMgmt - ok
17:39:53.0171 0800  asc - ok
17:39:53.0187 0800  asc3350p - ok
17:39:53.0187 0800  asc3550 - ok
17:39:53.0359 0800  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:39:53.0375 0800  aspnet_state - ok
17:39:53.0406 0800  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:39:53.0421 0800  AsyncMac - ok
17:39:53.0437 0800  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
17:39:53.0437 0800  atapi - ok
17:39:53.0437 0800  Atdisk - ok
17:39:53.0468 0800  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:39:53.0468 0800  Atmarpc - ok
17:39:53.0500 0800  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
17:39:53.0500 0800  AudioSrv - ok
17:39:53.0546 0800  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
17:39:53.0546 0800  audstub - ok
17:39:53.0593 0800  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:39:53.0593 0800  Beep - ok
17:39:53.0656 0800  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
17:39:53.0687 0800  BITS - ok
17:39:53.0718 0800  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
17:39:53.0718 0800  Browser - ok
17:39:53.0890 0800  catchme - ok
17:39:53.0906 0800  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
17:39:53.0906 0800  cbidf2k - ok
17:39:53.0906 0800  cd20xrnt - ok
17:39:53.0921 0800  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
17:39:53.0921 0800  Cdaudio - ok
17:39:53.0968 0800  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
17:39:53.0968 0800  Cdfs - ok
17:39:53.0984 0800  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:39:53.0984 0800  Cdrom - ok
17:39:53.0984 0800  Changer - ok
17:39:54.0031 0800  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
17:39:54.0031 0800  CiSvc - ok
17:39:54.0031 0800  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
17:39:54.0031 0800  ClipSrv - ok
17:39:54.0078 0800  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:39:54.0109 0800  clr_optimization_v2.0.50727_32 - ok
17:39:54.0125 0800  CmdIde - ok
17:39:54.0125 0800  COMSysApp - ok
17:39:54.0125 0800  Cpqarray - ok
17:39:54.0156 0800  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
17:39:54.0156 0800  CryptSvc - ok
17:39:54.0156 0800  dac2w2k - ok
17:39:54.0156 0800  dac960nt - ok
17:39:54.0203 0800  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:39:54.0218 0800  DcomLaunch - ok
17:39:54.0265 0800  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
17:39:54.0265 0800  Dhcp - ok
17:39:54.0265 0800  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
17:39:54.0265 0800  Disk - ok
17:39:54.0281 0800  dmadmin - ok
17:39:54.0328 0800  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
17:39:54.0343 0800  dmboot - ok
17:39:54.0359 0800  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
17:39:54.0359 0800  dmio - ok
17:39:54.0390 0800  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
17:39:54.0390 0800  dmload - ok
17:39:54.0437 0800  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
17:39:54.0437 0800  dmserver - ok
17:39:54.0437 0800  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
17:39:54.0437 0800  DMusic - ok
17:39:54.0468 0800  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:39:54.0484 0800  Dnscache - ok
17:39:54.0515 0800  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:39:54.0515 0800  Dot3svc - ok
17:39:54.0515 0800  dpti2o - ok
17:39:54.0531 0800  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:39:54.0531 0800  drmkaud - ok
17:39:54.0593 0800  [ 994D42A1C15F0A64662D9C06B3345964 ] DualCoreCenter  C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys
17:39:54.0593 0800  DualCoreCenter - ok
17:39:54.0625 0800  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
17:39:54.0625 0800  EapHost - ok
17:39:54.0656 0800  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
17:39:54.0656 0800  ERSvc - ok
17:39:54.0687 0800  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
17:39:54.0703 0800  Eventlog - ok
17:39:54.0718 0800  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
17:39:54.0718 0800  EventSystem - ok
17:39:54.0750 0800  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
17:39:54.0750 0800  Fastfat - ok
17:39:54.0781 0800  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:39:54.0781 0800  FastUserSwitchingCompatibility - ok
17:39:54.0812 0800  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
17:39:54.0812 0800  Fdc - ok
17:39:54.0843 0800  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
17:39:54.0843 0800  Fips - ok
17:39:54.0859 0800  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
17:39:54.0875 0800  Flpydisk - ok
17:39:54.0890 0800  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:39:54.0890 0800  FltMgr - ok
17:39:54.0968 0800  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:39:54.0968 0800  FontCache3.0.0.0 - ok
17:39:54.0984 0800  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:39:54.0984 0800  Fs_Rec - ok
17:39:55.0000 0800  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:39:55.0000 0800  Ftdisk - ok
17:39:55.0000 0800  GMSIPCI - ok
17:39:55.0000 0800  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:39:55.0000 0800  Gpc - ok
17:39:55.0015 0800  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:39:55.0015 0800  HDAudBus - ok
17:39:55.0093 0800  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:39:55.0093 0800  helpsvc - ok
17:39:55.0109 0800  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
17:39:55.0125 0800  HidServ - ok
17:39:55.0140 0800  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:39:55.0140 0800  hidusb - ok
17:39:55.0187 0800  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
17:39:55.0187 0800  hkmsvc - ok
17:39:55.0187 0800  hpn - ok
17:39:55.0218 0800  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
17:39:55.0218 0800  HTTP - ok
17:39:55.0234 0800  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
17:39:55.0250 0800  HTTPFilter - ok
17:39:55.0250 0800  i2omgmt - ok
17:39:55.0250 0800  i2omp - ok
17:39:55.0265 0800  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
17:39:55.0265 0800  i8042prt - ok
17:39:55.0328 0800  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:39:55.0343 0800  idsvc - ok
17:39:55.0375 0800  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
17:39:55.0375 0800  Imapi - ok
17:39:55.0421 0800  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
17:39:55.0421 0800  ImapiService - ok
17:39:55.0421 0800  ini910u - ok
17:39:55.0546 0800  [ 574C9B2F9406D28F8F7E5C7B46B470E6 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:39:55.0578 0800  IntcAzAudAddService - ok
17:39:55.0578 0800  IntelIde - ok
17:39:55.0593 0800  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:39:55.0593 0800  intelppm - ok
17:39:55.0609 0800  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
17:39:55.0625 0800  Ip6Fw - ok
17:39:55.0656 0800  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:39:55.0656 0800  IpFilterDriver - ok
17:39:55.0671 0800  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:39:55.0671 0800  IpInIp - ok
17:39:55.0703 0800  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:39:55.0703 0800  IpNat - ok
17:39:55.0734 0800  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:39:55.0734 0800  IPSec - ok
17:39:55.0765 0800  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
17:39:55.0765 0800  IRENUM - ok
17:39:55.0781 0800  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:39:55.0781 0800  isapnp - ok
17:39:55.0796 0800  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:39:55.0796 0800  Kbdclass - ok
17:39:55.0796 0800  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:39:55.0796 0800  kbdhid - ok
17:39:55.0890 0800  [ 2503B1AAAC2840A4708EC3578CC67928 ] KL1             C:\WINDOWS\system32\DRIVERS\kl1.sys
17:39:55.0890 0800  KL1 - ok
17:39:55.0921 0800  [ DC091A2571EE1CB9FEDD7C67BB46C2D2 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
17:39:55.0937 0800  KLIF - ok
17:39:55.0953 0800  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
17:39:55.0953 0800  kmixer - ok
17:39:55.0984 0800  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
17:39:55.0984 0800  KSecDD - ok
17:39:56.0015 0800  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
17:39:56.0015 0800  lanmanserver - ok
17:39:56.0031 0800  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:39:56.0046 0800  lanmanworkstation - ok
17:39:56.0046 0800  lbrtfdc - ok
17:39:56.0078 0800  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
17:39:56.0078 0800  LmHosts - ok
17:39:56.0109 0800  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
17:39:56.0109 0800  MBAMProtector - ok
17:39:56.0171 0800  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:39:56.0187 0800  MBAMScheduler - ok
17:39:56.0203 0800  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:39:56.0203 0800  MBAMService - ok
17:39:56.0218 0800  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
17:39:56.0234 0800  Messenger - ok
17:39:56.0265 0800  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
17:39:56.0265 0800  mnmdd - ok
17:39:56.0296 0800  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
17:39:56.0312 0800  mnmsrvc - ok
17:39:56.0328 0800  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
17:39:56.0328 0800  Modem - ok
17:39:56.0343 0800  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:39:56.0343 0800  Mouclass - ok
17:39:56.0375 0800  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:39:56.0375 0800  mouhid - ok
17:39:56.0390 0800  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
17:39:56.0390 0800  MountMgr - ok
17:39:56.0437 0800  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:39:56.0453 0800  MozillaMaintenance - ok
17:39:56.0453 0800  mraid35x - ok
17:39:56.0500 0800  [ B50B607B3A5CF4B069C6C4AB81C8B9DE ] MRV6X32U        C:\WINDOWS\system32\DRIVERS\MRVW23B.sys
17:39:56.0500 0800  MRV6X32U - ok
17:39:56.0531 0800  [ 5D235DAA0A9FEED8D880DF7277D6CCC8 ] MRVW225         C:\WINDOWS\system32\DRIVERS\MRVW225.sys
17:39:56.0531 0800  MRVW225 - ok
17:39:56.0531 0800  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:39:56.0546 0800  MRxDAV - ok
17:39:56.0578 0800  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:39:56.0578 0800  MRxSmb - ok
17:39:56.0593 0800  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
17:39:56.0593 0800  MSDTC - ok
17:39:56.0625 0800  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:39:56.0625 0800  Msfs - ok
17:39:56.0625 0800  MSICPL - ok
17:39:56.0625 0800  MSIServer - ok
17:39:56.0656 0800  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:39:56.0671 0800  MSKSSRV - ok
17:39:56.0671 0800  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:39:56.0671 0800  MSPCLOCK - ok
17:39:56.0687 0800  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:39:56.0687 0800  MSPQM - ok
17:39:56.0703 0800  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:39:56.0703 0800  mssmbios - ok
17:39:56.0734 0800  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
17:39:56.0734 0800  Mup - ok
17:39:56.0796 0800  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
17:39:56.0812 0800  napagent - ok
17:39:56.0843 0800  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
17:39:56.0843 0800  NDIS - ok
17:39:56.0875 0800  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:39:56.0875 0800  NdisTapi - ok
17:39:56.0890 0800  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:39:56.0906 0800  Ndisuio - ok
17:39:56.0906 0800  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:39:56.0906 0800  NdisWan - ok
17:39:56.0937 0800  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:39:56.0937 0800  NDProxy - ok
17:39:57.0078 0800  [ 0FF3C6AA3E0FE0EB316DF5449B569463 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
17:39:57.0093 0800  Nero BackItUp Scheduler 4.0 - ok
17:39:57.0125 0800  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:39:57.0125 0800  NetBIOS - ok
17:39:57.0140 0800  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:39:57.0140 0800  NetBT - ok
17:39:57.0171 0800  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
17:39:57.0171 0800  NetDDE - ok
17:39:57.0187 0800  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
17:39:57.0187 0800  NetDDEdsdm - ok
17:39:57.0218 0800  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:39:57.0218 0800  Netlogon - ok
17:39:57.0250 0800  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
17:39:57.0250 0800  Netman - ok
17:39:57.0312 0800  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:39:57.0312 0800  NetTcpPortSharing - ok
17:39:57.0343 0800  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
17:39:57.0343 0800  Nla - ok
17:39:57.0375 0800  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:39:57.0375 0800  Npfs - ok
17:39:57.0375 0800  NTACCESS - ok
17:39:57.0390 0800  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:39:57.0390 0800  Ntfs - ok
17:39:57.0437 0800  [ CD2166C9511D336A058CDE91778AAA69 ] NTIOLib_1_0_4   C:\Program Files\MSI\Live Update 5\NTIOLib.sys
17:39:57.0437 0800  NTIOLib_1_0_4 - ok
17:39:57.0453 0800  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
17:39:57.0453 0800  NtLmSsp - ok
17:39:57.0500 0800  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
17:39:57.0515 0800  NtmsSvc - ok
17:39:57.0531 0800  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:39:57.0531 0800  Null - ok
17:39:57.0703 0800  [ 8E72E452B9CC1E455D19E3C9FA964D37 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:39:57.0765 0800  nv - ok
17:39:57.0812 0800  [ 934833B3CD462A6F8A96F64D024C8B20 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
17:39:57.0812 0800  NVSvc - ok
17:39:57.0843 0800  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:39:57.0843 0800  NwlnkFlt - ok
17:39:57.0843 0800  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:39:57.0859 0800  NwlnkFwd - ok
17:39:57.0875 0800  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
17:39:57.0875 0800  Parport - ok
17:39:57.0890 0800  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
17:39:57.0890 0800  PartMgr - ok
17:39:57.0921 0800  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
17:39:57.0921 0800  ParVdm - ok
17:39:57.0937 0800  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
17:39:57.0937 0800  PCI - ok
17:39:57.0937 0800  PCIDump - ok
17:39:57.0968 0800  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
17:39:57.0968 0800  PCIIde - ok
17:39:58.0015 0800  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
17:39:58.0015 0800  Pcmcia - ok
17:39:58.0031 0800  PDCOMP - ok
17:39:58.0031 0800  PDFRAME - ok
17:39:58.0031 0800  PDRELI - ok
17:39:58.0031 0800  PDRFRAME - ok
17:39:58.0046 0800  perc2 - ok
17:39:58.0046 0800  perc2hib - ok
17:39:58.0062 0800  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
17:39:58.0078 0800  PlugPlay - ok
17:39:58.0093 0800  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
17:39:58.0093 0800  PolicyAgent - ok
17:39:58.0125 0800  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:39:58.0125 0800  PptpMiniport - ok
17:39:58.0140 0800  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:39:58.0140 0800  ProtectedStorage - ok
17:39:58.0156 0800  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
17:39:58.0156 0800  PSched - ok
17:39:58.0171 0800  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:39:58.0171 0800  Ptilink - ok
17:39:58.0187 0800  ql1080 - ok
17:39:58.0187 0800  Ql10wnt - ok
17:39:58.0187 0800  ql12160 - ok
17:39:58.0187 0800  ql1240 - ok
17:39:58.0203 0800  ql1280 - ok
17:39:58.0203 0800  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:39:58.0203 0800  RasAcd - ok
17:39:58.0234 0800  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:39:58.0250 0800  RasAuto - ok
17:39:58.0281 0800  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:39:58.0281 0800  Rasl2tp - ok
17:39:58.0328 0800  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:39:58.0328 0800  RasMan - ok
17:39:58.0328 0800  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:39:58.0328 0800  RasPppoe - ok
17:39:58.0343 0800  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
17:39:58.0343 0800  Raspti - ok
17:39:58.0359 0800  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:39:58.0359 0800  Rdbss - ok
17:39:58.0359 0800  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:39:58.0359 0800  RDPCDD - ok
17:39:58.0375 0800  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:39:58.0375 0800  rdpdr - ok
17:39:58.0421 0800  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
17:39:58.0421 0800  RDPWD - ok
17:39:58.0453 0800  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
17:39:58.0468 0800  RDSessMgr - ok
17:39:58.0468 0800  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
17:39:58.0468 0800  redbook - ok
17:39:58.0515 0800  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:39:58.0515 0800  RemoteAccess - ok
17:39:58.0546 0800  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:39:58.0546 0800  RemoteRegistry - ok
17:39:58.0546 0800  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:39:58.0562 0800  RpcLocator - ok
17:39:58.0578 0800  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
17:39:58.0578 0800  RpcSs - ok
17:39:58.0609 0800  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
17:39:58.0609 0800  RSVP - ok
17:39:58.0671 0800  [ 9555F0CCC6DB8EE2A9854B7853748379 ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:39:58.0671 0800  RTLE8023xp - ok
17:39:58.0687 0800  [ C7DC8C440C45FAD6F064689190DC1C6F ] RushTopDevice2  C:\Program Files\MSI\DualCoreCenter\RushTop.sys
17:39:58.0687 0800  RushTopDevice2 - ok
17:39:58.0703 0800  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
17:39:58.0703 0800  SamSs - ok
17:39:58.0718 0800  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
17:39:58.0734 0800  SCardSvr - ok
17:39:58.0750 0800  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:39:58.0765 0800  Schedule - ok
17:39:58.0781 0800  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:39:58.0781 0800  Secdrv - ok
17:39:58.0796 0800  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
17:39:58.0796 0800  seclogon - ok
17:39:58.0812 0800  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
17:39:58.0812 0800  SENS - ok
17:39:58.0828 0800  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
17:39:58.0828 0800  serenum - ok
17:39:58.0828 0800  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
17:39:58.0828 0800  Serial - ok
17:39:58.0843 0800  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
17:39:58.0843 0800  Sfloppy - ok
17:39:58.0890 0800  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:39:58.0906 0800  SharedAccess - ok
17:39:58.0921 0800  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:39:58.0921 0800  ShellHWDetection - ok
17:39:58.0937 0800  Simbad - ok
17:39:58.0937 0800  Sparrow - ok
17:39:58.0953 0800  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
17:39:58.0953 0800  splitter - ok
17:39:58.0984 0800  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
17:39:58.0984 0800  Spooler - ok
17:39:59.0015 0800  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
17:39:59.0015 0800  sr - ok
17:39:59.0046 0800  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
17:39:59.0062 0800  srservice - ok
17:39:59.0093 0800  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:39:59.0109 0800  Srv - ok
17:39:59.0125 0800  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:39:59.0125 0800  SSDPSRV - ok
17:39:59.0171 0800  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
17:39:59.0171 0800  stisvc - ok
17:39:59.0203 0800  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
17:39:59.0203 0800  swenum - ok
17:39:59.0218 0800  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
17:39:59.0218 0800  swmidi - ok
17:39:59.0234 0800  SwPrv - ok
17:39:59.0234 0800  symc810 - ok
17:39:59.0234 0800  symc8xx - ok
17:39:59.0234 0800  sym_hi - ok
17:39:59.0250 0800  sym_u3 - ok
17:39:59.0265 0800  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
17:39:59.0281 0800  sysaudio - ok
17:39:59.0312 0800  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
17:39:59.0312 0800  SysmonLog - ok
17:39:59.0328 0800  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:39:59.0343 0800  TapiSrv - ok
17:39:59.0375 0800  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:39:59.0390 0800  Tcpip - ok
17:39:59.0406 0800  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
17:39:59.0406 0800  TDPIPE - ok
17:39:59.0421 0800  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
17:39:59.0421 0800  TDTCP - ok
17:39:59.0437 0800  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
17:39:59.0437 0800  TermDD - ok
17:39:59.0484 0800  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
17:39:59.0484 0800  TermService - ok
17:39:59.0515 0800  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
17:39:59.0515 0800  Themes - ok
17:39:59.0546 0800  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
17:39:59.0562 0800  TlntSvr - ok
17:39:59.0562 0800  TosIde - ok
17:39:59.0578 0800  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
17:39:59.0578 0800  TrkWks - ok
17:39:59.0609 0800  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
17:39:59.0625 0800  Udfs - ok
17:39:59.0625 0800  ultra - ok
17:39:59.0656 0800  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
17:39:59.0671 0800  Update - ok
17:39:59.0703 0800  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:39:59.0703 0800  upnphost - ok
17:39:59.0703 0800  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
17:39:59.0718 0800  UPS - ok
17:39:59.0734 0800  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:39:59.0734 0800  usbccgp - ok
17:39:59.0750 0800  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:39:59.0750 0800  usbehci - ok
17:39:59.0765 0800  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:39:59.0765 0800  usbhub - ok
17:39:59.0781 0800  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:39:59.0781 0800  usbuhci - ok
17:39:59.0796 0800  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
17:39:59.0796 0800  VgaSave - ok
17:39:59.0796 0800  ViaIde - ok
17:39:59.0812 0800  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
17:39:59.0812 0800  VolSnap - ok
17:39:59.0875 0800  [ D8350E1DEF14602FAAFB849005287368 ] Vsdatant        C:\WINDOWS\system32\vsdatant.sys
17:39:59.0890 0800  Vsdatant - ok
17:39:59.0953 0800  vsmon - ok
17:40:00.0015 0800  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
17:40:00.0015 0800  VSS - ok
17:40:00.0046 0800  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
17:40:00.0046 0800  W32Time - ok
17:40:00.0062 0800  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:40:00.0062 0800  Wanarp - ok
17:40:00.0062 0800  WDICA - ok
17:40:00.0078 0800  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
17:40:00.0078 0800  wdmaud - ok
17:40:00.0093 0800  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:40:00.0093 0800  WebClient - ok
17:40:00.0171 0800  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:40:00.0171 0800  winmgmt - ok
17:40:00.0218 0800  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
17:40:00.0218 0800  WmdmPmSN - ok
17:40:00.0250 0800  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
17:40:00.0265 0800  Wmi - ok
17:40:00.0296 0800  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:40:00.0296 0800  WmiApSrv - ok
17:40:00.0390 0800  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
17:40:00.0578 0800  WMPNetworkSvc - ok
17:40:00.0609 0800  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:40:00.0609 0800  WS2IFSL - ok
17:40:00.0640 0800  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
17:40:00.0640 0800  wscsvc - ok
17:40:00.0687 0800  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
17:40:00.0687 0800  wuauserv - ok
17:40:00.0718 0800  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:40:00.0718 0800  WudfPf - ok
17:40:00.0750 0800  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:40:00.0750 0800  WudfRd - ok
17:40:00.0781 0800  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
17:40:00.0781 0800  WudfSvc - ok
17:40:00.0828 0800  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
17:40:00.0843 0800  WZCSVC - ok
17:40:00.0875 0800  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
17:40:00.0890 0800  xmlprov - ok
17:40:00.0921 0800  [ EBD35BDCE49B94EB247213610094F399 ] ZAPrivacyService C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
17:40:00.0937 0800  ZAPrivacyService - ok
17:40:00.0937 0800  ================ Scan global ===============================
17:40:00.0968 0800  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
17:40:01.0015 0800  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
17:40:01.0031 0800  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
17:40:01.0046 0800  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
17:40:01.0046 0800  [Global] - ok
17:40:01.0046 0800  ================ Scan MBR ==================================
17:40:01.0062 0800  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
17:40:01.0265 0800  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:40:01.0265 0800  \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:40:01.0265 0800  ================ Scan VBR ==================================
17:40:01.0265 0800  [ 0965FA5F1460F05A939FB7D921A9A254 ] \Device\Harddisk0\DR0\Partition1
17:40:01.0281 0800  \Device\Harddisk0\DR0\Partition1 - ok
17:40:01.0281 0800  ============================================================
17:40:01.0281 0800  Scan finished
17:40:01.0281 0800  ============================================================
17:40:01.0281 3464  Detected object count: 1
17:40:01.0281 3464  Actual detected object count: 1
17:40:27.0859 3464  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:40:27.0859 3464  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
 

[D-FRED-BROWN]

Go ahead and allow TDSSKiller to remove/quaratine it. After that, please reboot the system and run another scan. Please post that new log here.

[computer_is_dave]

18:02:29.0921 3036  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
18:02:30.0078 3036  ============================================================
18:02:30.0078 3036  Current date / time: 2013/08/07 18:02:30.0078
18:02:30.0078 3036  SystemInfo:
18:02:30.0078 3036  
18:02:30.0078 3036  OS Version: 5.1.2600 ServicePack: 3.0
18:02:30.0078 3036  Product type: Workstation
18:02:30.0078 3036  ComputerName: DAVE
18:02:30.0078 3036  UserName: Jane Doe
18:02:30.0078 3036  Windows directory: C:\WINDOWS
18:02:30.0078 3036  System windows directory: C:\WINDOWS
18:02:30.0078 3036  Processor architecture: Intel x86
18:02:30.0078 3036  Number of processors: 2
18:02:30.0078 3036  Page size: 0x1000
18:02:30.0078 3036  Boot type: Normal boot
18:02:30.0078 3036  ============================================================
18:02:31.0671 3036  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:02:31.0750 3036  ============================================================
18:02:31.0750 3036  \Device\Harddisk0\DR0:
18:02:31.0750 3036  MBR partitions:
18:02:31.0750 3036  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
18:02:31.0750 3036  ============================================================
18:02:31.0796 3036  C: <-> \Device\Harddisk0\DR0\Partition1
18:02:31.0796 3036  ============================================================
18:02:31.0796 3036  Initialize success
18:02:31.0796 3036  ============================================================
18:02:44.0328 1368  ============================================================
18:02:44.0328 1368  Scan started
18:02:44.0328 1368  Mode: Manual; TDLFS;
18:02:44.0328 1368  ============================================================
18:02:44.0625 1368  ================ Scan system memory ========================
18:02:44.0625 1368  System memory - ok
18:02:44.0625 1368  ================ Scan services =============================
18:02:45.0843 1368  Abiosdsk - ok
18:02:45.0843 1368  abp480n5 - ok
18:02:45.0921 1368  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:02:46.0015 1368  ACPI - ok
18:02:46.0078 1368  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
18:02:46.0093 1368  ACPIEC - ok
18:02:46.0234 1368  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:02:46.0281 1368  AdobeFlashPlayerUpdateSvc - ok
18:02:46.0281 1368  adpu160m - ok
18:02:46.0312 1368  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
18:02:46.0328 1368  aec - ok
18:02:46.0375 1368  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
18:02:46.0390 1368  AFD - ok
18:02:46.0390 1368  Aha154x - ok
18:02:46.0406 1368  aic78u2 - ok
18:02:46.0406 1368  aic78xx - ok
18:02:46.0421 1368  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
18:02:46.0437 1368  Alerter - ok
18:02:46.0468 1368  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
18:02:46.0468 1368  ALG - ok
18:02:46.0484 1368  AliIde - ok
18:02:46.0484 1368  amsint - ok
18:02:46.0515 1368  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
18:02:46.0546 1368  AppMgmt - ok
18:02:46.0546 1368  asc - ok
18:02:46.0562 1368  asc3350p - ok
18:02:46.0562 1368  asc3550 - ok
18:02:47.0078 1368  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:02:47.0296 1368  aspnet_state - ok
18:02:47.0343 1368  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:02:47.0343 1368  AsyncMac - ok
18:02:47.0359 1368  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
18:02:47.0359 1368  atapi - ok
18:02:47.0375 1368  Atdisk - ok
18:02:47.0406 1368  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:02:47.0406 1368  Atmarpc - ok
18:02:47.0437 1368  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
18:02:47.0437 1368  AudioSrv - ok
18:02:47.0484 1368  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
18:02:47.0500 1368  audstub - ok
18:02:47.0546 1368  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:02:47.0578 1368  Beep - ok
18:02:47.0640 1368  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
18:02:47.0703 1368  BITS - ok
18:02:47.0750 1368  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
18:02:47.0765 1368  Browser - ok
18:02:47.0968 1368  catchme - ok
18:02:48.0000 1368  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
18:02:48.0015 1368  cbidf2k - ok
18:02:48.0015 1368  cd20xrnt - ok
18:02:48.0031 1368  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
18:02:48.0046 1368  Cdaudio - ok
18:02:48.0093 1368  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
18:02:48.0093 1368  Cdfs - ok
18:02:48.0109 1368  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:02:48.0109 1368  Cdrom - ok
18:02:48.0109 1368  Changer - ok
18:02:48.0156 1368  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
18:02:48.0171 1368  CiSvc - ok
18:02:48.0187 1368  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
18:02:48.0203 1368  ClipSrv - ok
18:02:48.0265 1368  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:02:48.0375 1368  clr_optimization_v2.0.50727_32 - ok
18:02:48.0390 1368  CmdIde - ok
18:02:48.0390 1368  COMSysApp - ok
18:02:48.0406 1368  Cpqarray - ok
18:02:48.0437 1368  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
18:02:48.0437 1368  CryptSvc - ok
18:02:48.0453 1368  dac2w2k - ok
18:02:48.0453 1368  dac960nt - ok
18:02:48.0500 1368  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:02:48.0515 1368  DcomLaunch - ok
18:02:48.0546 1368  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
18:02:48.0546 1368  Dhcp - ok
18:02:48.0562 1368  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
18:02:48.0562 1368  Disk - ok
18:02:48.0578 1368  dmadmin - ok
18:02:48.0703 1368  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
18:02:48.0765 1368  dmboot - ok
18:02:48.0828 1368  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
18:02:48.0921 1368  dmio - ok
18:02:48.0953 1368  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
18:02:48.0953 1368  dmload - ok
18:02:48.0984 1368  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
18:02:48.0984 1368  dmserver - ok
18:02:49.0015 1368  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
18:02:49.0015 1368  DMusic - ok
18:02:49.0046 1368  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:02:49.0046 1368  Dnscache - ok
18:02:49.0125 1368  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:02:49.0125 1368  Dot3svc - ok
18:02:49.0125 1368  dpti2o - ok
18:02:49.0156 1368  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:02:49.0156 1368  drmkaud - ok
18:02:49.0328 1368  [ 994D42A1C15F0A64662D9C06B3345964 ] DualCoreCenter  C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys
18:02:49.0328 1368  DualCoreCenter - ok
18:02:49.0375 1368  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
18:02:49.0390 1368  EapHost - ok
18:02:49.0437 1368  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
18:02:49.0453 1368  ERSvc - ok
18:02:49.0484 1368  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
18:02:49.0484 1368  Eventlog - ok
18:02:49.0562 1368  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
18:02:49.0578 1368  EventSystem - ok
18:02:49.0656 1368  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
18:02:49.0671 1368  Fastfat - ok
18:02:49.0703 1368  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:02:49.0703 1368  FastUserSwitchingCompatibility - ok
18:02:49.0718 1368  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
18:02:49.0718 1368  Fdc - ok
18:02:49.0765 1368  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
18:02:49.0765 1368  Fips - ok
18:02:49.0781 1368  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
18:02:49.0781 1368  Flpydisk - ok
18:02:49.0828 1368  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:02:49.0875 1368  FltMgr - ok
18:02:49.0953 1368  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:02:49.0953 1368  FontCache3.0.0.0 - ok
18:02:49.0984 1368  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:02:49.0984 1368  Fs_Rec - ok
18:02:50.0031 1368  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:02:50.0046 1368  Ftdisk - ok
18:02:50.0046 1368  GMSIPCI - ok
18:02:50.0078 1368  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:02:50.0078 1368  Gpc - ok
18:02:50.0093 1368  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:02:50.0093 1368  HDAudBus - ok
18:02:50.0171 1368  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:02:50.0187 1368  helpsvc - ok
18:02:50.0203 1368  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
18:02:50.0218 1368  HidServ - ok
18:02:50.0234 1368  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:02:50.0250 1368  hidusb - ok
18:02:50.0296 1368  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
18:02:50.0312 1368  hkmsvc - ok
18:02:50.0312 1368  hpn - ok
18:02:50.0343 1368  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
18:02:50.0359 1368  HTTP - ok
18:02:50.0390 1368  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
18:02:50.0390 1368  HTTPFilter - ok
18:02:50.0390 1368  i2omgmt - ok
18:02:50.0406 1368  i2omp - ok
18:02:50.0406 1368  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
18:02:50.0453 1368  i8042prt - ok
18:02:50.0687 1368  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:02:50.0953 1368  idsvc - ok
18:02:50.0968 1368  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
18:02:50.0984 1368  Imapi - ok
18:02:51.0062 1368  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
18:02:51.0062 1368  ImapiService - ok
18:02:51.0078 1368  ini910u - ok
18:02:51.0312 1368  [ 574C9B2F9406D28F8F7E5C7B46B470E6 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:02:51.0343 1368  IntcAzAudAddService - ok
18:02:51.0343 1368  IntelIde - ok
18:02:51.0390 1368  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:02:51.0390 1368  intelppm - ok
18:02:51.0421 1368  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
18:02:51.0421 1368  Ip6Fw - ok
18:02:51.0453 1368  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:02:51.0453 1368  IpFilterDriver - ok
18:02:51.0484 1368  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:02:51.0515 1368  IpInIp - ok
18:02:51.0531 1368  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:02:51.0562 1368  IpNat - ok
18:02:51.0609 1368  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:02:51.0625 1368  IPSec - ok
18:02:51.0640 1368  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
18:02:51.0656 1368  IRENUM - ok
18:02:51.0687 1368  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:02:51.0703 1368  isapnp - ok
18:02:51.0718 1368  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:02:51.0750 1368  Kbdclass - ok
18:02:51.0765 1368  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:02:51.0781 1368  kbdhid - ok
18:02:51.0890 1368  [ 2503B1AAAC2840A4708EC3578CC67928 ] KL1             C:\WINDOWS\system32\DRIVERS\kl1.sys
18:02:51.0906 1368  KL1 - ok
18:02:52.0046 1368  [ DC091A2571EE1CB9FEDD7C67BB46C2D2 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
18:02:52.0062 1368  KLIF - ok
18:02:52.0109 1368  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
18:02:52.0156 1368  kmixer - ok
18:02:52.0187 1368  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
18:02:52.0187 1368  KSecDD - ok
18:02:52.0203 1368  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
18:02:52.0218 1368  lanmanserver - ok
18:02:52.0234 1368  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:02:52.0250 1368  lanmanworkstation - ok
18:02:52.0250 1368  lbrtfdc - ok
18:02:52.0296 1368  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
18:02:52.0312 1368  LmHosts - ok
18:02:52.0328 1368  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
18:02:52.0328 1368  MBAMProtector - ok
18:02:52.0406 1368  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:02:52.0421 1368  MBAMScheduler - ok
18:02:52.0437 1368  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:02:52.0437 1368  MBAMService - ok
18:02:52.0453 1368  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
18:02:52.0453 1368  Messenger - ok
18:02:52.0484 1368  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
18:02:52.0484 1368  mnmdd - ok
18:02:52.0531 1368  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
18:02:52.0546 1368  mnmsrvc - ok
18:02:52.0562 1368  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
18:02:52.0562 1368  Modem - ok
18:02:52.0578 1368  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:02:52.0593 1368  Mouclass - ok
18:02:52.0625 1368  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:02:52.0640 1368  mouhid - ok
18:02:52.0656 1368  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
18:02:52.0656 1368  MountMgr - ok
18:02:52.0703 1368  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:02:52.0718 1368  MozillaMaintenance - ok
18:02:52.0718 1368  mraid35x - ok
18:02:52.0750 1368  [ B50B607B3A5CF4B069C6C4AB81C8B9DE ] MRV6X32U        C:\WINDOWS\system32\DRIVERS\MRVW23B.sys
18:02:52.0765 1368  MRV6X32U - ok
18:02:52.0781 1368  [ 5D235DAA0A9FEED8D880DF7277D6CCC8 ] MRVW225         C:\WINDOWS\system32\DRIVERS\MRVW225.sys
18:02:52.0781 1368  MRVW225 - ok
18:02:52.0796 1368  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:02:52.0796 1368  MRxDAV - ok
18:02:52.0843 1368  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:02:52.0859 1368  MRxSmb - ok
18:02:52.0875 1368  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
18:02:52.0875 1368  MSDTC - ok
18:02:52.0906 1368  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:02:52.0906 1368  Msfs - ok
18:02:52.0906 1368  MSICPL - ok
18:02:52.0921 1368  MSIServer - ok
18:02:52.0968 1368  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:02:52.0968 1368  MSKSSRV - ok
18:02:52.0968 1368  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:02:52.0968 1368  MSPCLOCK - ok
18:02:52.0984 1368  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:02:52.0984 1368  MSPQM - ok
18:02:53.0046 1368  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:02:53.0046 1368  mssmbios - ok
18:02:53.0078 1368  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
18:02:53.0093 1368  Mup - ok
18:02:53.0140 1368  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
18:02:53.0156 1368  napagent - ok
18:02:53.0187 1368  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
18:02:53.0187 1368  NDIS - ok
18:02:53.0203 1368  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:02:53.0218 1368  NdisTapi - ok
18:02:53.0234 1368  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:02:53.0234 1368  Ndisuio - ok
18:02:53.0250 1368  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:02:53.0250 1368  NdisWan - ok
18:02:53.0281 1368  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:02:53.0281 1368  NDProxy - ok
18:02:53.0437 1368  [ 0FF3C6AA3E0FE0EB316DF5449B569463 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
18:02:53.0437 1368  Nero BackItUp Scheduler 4.0 - ok
18:02:53.0484 1368  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:02:53.0484 1368  NetBIOS - ok
18:02:53.0500 1368  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:02:53.0500 1368  NetBT - ok
18:02:53.0546 1368  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
18:02:53.0546 1368  NetDDE - ok
18:02:53.0578 1368  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
18:02:53.0578 1368  NetDDEdsdm - ok
18:02:53.0640 1368  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:02:53.0640 1368  Netlogon - ok
18:02:53.0656 1368  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
18:02:53.0656 1368  Netman - ok
18:02:53.0718 1368  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:02:53.0718 1368  NetTcpPortSharing - ok
18:02:53.0750 1368  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
18:02:53.0750 1368  Nla - ok
18:02:53.0781 1368  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:02:53.0796 1368  Npfs - ok
18:02:53.0796 1368  NTACCESS - ok
18:02:53.0812 1368  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:02:53.0812 1368  Ntfs - ok
18:02:53.0859 1368  [ CD2166C9511D336A058CDE91778AAA69 ] NTIOLib_1_0_4   C:\Program Files\MSI\Live Update 5\NTIOLib.sys
18:02:53.0859 1368  NTIOLib_1_0_4 - ok
18:02:53.0859 1368  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
18:02:53.0859 1368  NtLmSsp - ok
18:02:53.0906 1368  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
18:02:53.0921 1368  NtmsSvc - ok
18:02:53.0953 1368  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:02:53.0968 1368  Null - ok
18:02:54.0125 1368  [ 8E72E452B9CC1E455D19E3C9FA964D37 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:02:54.0265 1368  nv - ok
18:02:54.0281 1368  [ 934833B3CD462A6F8A96F64D024C8B20 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
18:02:54.0281 1368  NVSvc - ok
18:02:54.0328 1368  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:02:54.0328 1368  NwlnkFlt - ok
18:02:54.0328 1368  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:02:54.0328 1368  NwlnkFwd - ok
18:02:54.0343 1368  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
18:02:54.0359 1368  Parport - ok
18:02:54.0359 1368  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
18:02:54.0359 1368  PartMgr - ok
18:02:54.0390 1368  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
18:02:54.0421 1368  ParVdm - ok
18:02:54.0437 1368  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
18:02:54.0437 1368  PCI - ok
18:02:54.0453 1368  PCIDump - ok
18:02:54.0468 1368  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
18:02:54.0468 1368  PCIIde - ok
18:02:54.0515 1368  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
18:02:54.0546 1368  Pcmcia - ok
18:02:54.0546 1368  PDCOMP - ok
18:02:54.0562 1368  PDFRAME - ok
18:02:54.0562 1368  PDRELI - ok
18:02:54.0562 1368  PDRFRAME - ok
18:02:54.0562 1368  perc2 - ok
18:02:54.0578 1368  perc2hib - ok
18:02:54.0609 1368  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
18:02:54.0609 1368  PlugPlay - ok
18:02:54.0640 1368  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
18:02:54.0640 1368  PolicyAgent - ok
18:02:54.0671 1368  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:02:54.0671 1368  PptpMiniport - ok
18:02:54.0687 1368  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:02:54.0687 1368  ProtectedStorage - ok
18:02:54.0687 1368  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
18:02:54.0703 1368  PSched - ok
18:02:54.0718 1368  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:02:54.0718 1368  Ptilink - ok
18:02:54.0718 1368  ql1080 - ok
18:02:54.0734 1368  Ql10wnt - ok
18:02:54.0734 1368  ql12160 - ok
18:02:54.0734 1368  ql1240 - ok
18:02:54.0734 1368  ql1280 - ok
18:02:54.0750 1368  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:02:54.0750 1368  RasAcd - ok
18:02:54.0781 1368  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:02:54.0781 1368  RasAuto - ok
18:02:54.0812 1368  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:02:54.0812 1368  Rasl2tp - ok
18:02:54.0859 1368  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:02:54.0875 1368  RasMan - ok
18:02:54.0875 1368  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:02:54.0875 1368  RasPppoe - ok
18:02:54.0875 1368  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
18:02:54.0890 1368  Raspti - ok
18:02:54.0890 1368  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:02:54.0906 1368  Rdbss - ok
18:02:54.0906 1368  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:02:54.0921 1368  RDPCDD - ok
18:02:54.0921 1368  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:02:54.0921 1368  rdpdr - ok
18:02:54.0968 1368  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
18:02:54.0968 1368  RDPWD - ok
18:02:55.0000 1368  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
18:02:55.0000 1368  RDSessMgr - ok
18:02:55.0015 1368  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
18:02:55.0015 1368  redbook - ok
18:02:55.0062 1368  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:02:55.0062 1368  RemoteAccess - ok
18:02:55.0078 1368  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:02:55.0093 1368  RemoteRegistry - ok
18:02:55.0093 1368  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:02:55.0093 1368  RpcLocator - ok
18:02:55.0125 1368  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
18:02:55.0125 1368  RpcSs - ok
18:02:55.0140 1368  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
18:02:55.0156 1368  RSVP - ok
18:02:55.0218 1368  [ 9555F0CCC6DB8EE2A9854B7853748379 ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
18:02:55.0218 1368  RTLE8023xp - ok
18:02:55.0234 1368  [ C7DC8C440C45FAD6F064689190DC1C6F ] RushTopDevice2  C:\Program Files\MSI\DualCoreCenter\RushTop.sys
18:02:55.0234 1368  RushTopDevice2 - ok
18:02:55.0234 1368  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:02:55.0234 1368  SamSs - ok
18:02:55.0265 1368  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
18:02:55.0265 1368  SCardSvr - ok
18:02:55.0281 1368  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:02:55.0296 1368  Schedule - ok
18:02:55.0312 1368  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:02:55.0312 1368  Secdrv - ok
18:02:55.0328 1368  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
18:02:55.0343 1368  seclogon - ok
18:02:55.0343 1368  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
18:02:55.0343 1368  SENS - ok
18:02:55.0359 1368  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
18:02:55.0359 1368  serenum - ok
18:02:55.0359 1368  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
18:02:55.0359 1368  Serial - ok
18:02:55.0375 1368  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
18:02:55.0390 1368  Sfloppy - ok
18:02:55.0437 1368  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:02:55.0437 1368  SharedAccess - ok
18:02:55.0453 1368  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:02:55.0468 1368  ShellHWDetection - ok
18:02:55.0468 1368  Simbad - ok
18:02:55.0468 1368  Sparrow - ok
18:02:55.0500 1368  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
18:02:55.0515 1368  splitter - ok
18:02:55.0546 1368  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
18:02:55.0546 1368  Spooler - ok
18:02:55.0562 1368  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
18:02:55.0562 1368  sr - ok
18:02:55.0625 1368  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
18:02:55.0625 1368  srservice - ok
18:02:55.0671 1368  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:02:55.0671 1368  Srv - ok
18:02:55.0687 1368  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:02:55.0687 1368  SSDPSRV - ok
18:02:55.0734 1368  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
18:02:55.0750 1368  stisvc - ok
18:02:55.0765 1368  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
18:02:55.0765 1368  swenum - ok
18:02:55.0781 1368  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
18:02:55.0781 1368  swmidi - ok
18:02:55.0781 1368  SwPrv - ok
18:02:55.0781 1368  symc810 - ok
18:02:55.0781 1368  symc8xx - ok
18:02:55.0796 1368  sym_hi - ok
18:02:55.0796 1368  sym_u3 - ok
18:02:55.0812 1368  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
18:02:55.0812 1368  sysaudio - ok
18:02:55.0828 1368  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
18:02:55.0828 1368  SysmonLog - ok
18:02:55.0843 1368  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:02:55.0843 1368  TapiSrv - ok
18:02:55.0890 1368  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:02:55.0890 1368  Tcpip - ok
18:02:55.0906 1368  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
18:02:55.0906 1368  TDPIPE - ok
18:02:55.0921 1368  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
18:02:55.0921 1368  TDTCP - ok
18:02:55.0953 1368  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
18:02:55.0953 1368  TermDD - ok
18:02:55.0968 1368  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
18:02:55.0968 1368  TermService - ok
18:02:55.0984 1368  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
18:02:56.0000 1368  Themes - ok
18:02:56.0031 1368  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
18:02:56.0031 1368  TlntSvr - ok
18:02:56.0031 1368  TosIde - ok
18:02:56.0046 1368  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
18:02:56.0046 1368  TrkWks - ok
18:02:56.0093 1368  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
18:02:56.0093 1368  Udfs - ok
18:02:56.0093 1368  ultra - ok
18:02:56.0140 1368  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
18:02:56.0140 1368  Update - ok
18:02:56.0187 1368  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:02:56.0203 1368  upnphost - ok
18:02:56.0203 1368  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
18:02:56.0203 1368  UPS - ok
18:02:56.0218 1368  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:02:56.0218 1368  usbccgp - ok
18:02:56.0234 1368  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:02:56.0234 1368  usbehci - ok
18:02:56.0250 1368  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:02:56.0250 1368  usbhub - ok
18:02:56.0265 1368  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:02:56.0265 1368  usbuhci - ok
18:02:56.0265 1368  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
18:02:56.0265 1368  VgaSave - ok
18:02:56.0281 1368  ViaIde - ok
18:02:56.0281 1368  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
18:02:56.0281 1368  VolSnap - ok
18:02:56.0359 1368  [ D8350E1DEF14602FAAFB849005287368 ] Vsdatant        C:\WINDOWS\system32\vsdatant.sys
18:02:56.0359 1368  Vsdatant - ok
18:02:56.0437 1368  vsmon - ok
18:02:56.0484 1368  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
18:02:56.0500 1368  VSS - ok
18:02:56.0531 1368  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
18:02:56.0531 1368  W32Time - ok
18:02:56.0562 1368  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:02:56.0578 1368  Wanarp - ok
18:02:56.0578 1368  WDICA - ok
18:02:56.0609 1368  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
18:02:56.0609 1368  wdmaud - ok
18:02:56.0656 1368  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:02:56.0656 1368  WebClient - ok
18:02:56.0734 1368  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:02:56.0750 1368  winmgmt - ok
18:02:56.0781 1368  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
18:02:56.0781 1368  WmdmPmSN - ok
18:02:56.0812 1368  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
18:02:56.0828 1368  Wmi - ok
18:02:56.0843 1368  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:02:56.0843 1368  WmiApSrv - ok
18:02:56.0937 1368  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
18:02:56.0968 1368  WMPNetworkSvc - ok
18:02:56.0984 1368  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:02:56.0984 1368  WS2IFSL - ok
18:02:57.0015 1368  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
18:02:57.0031 1368  wscsvc - ok
18:02:57.0062 1368  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
18:02:57.0078 1368  wuauserv - ok
18:02:57.0109 1368  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:02:57.0109 1368  WudfPf - ok
18:02:57.0125 1368  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:02:57.0125 1368  WudfRd - ok
18:02:57.0156 1368  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
18:02:57.0156 1368  WudfSvc - ok
18:02:57.0203 1368  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
18:02:57.0203 1368  WZCSVC - ok
18:02:57.0250 1368  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
18:02:57.0250 1368  xmlprov - ok
18:02:57.0296 1368  [ EBD35BDCE49B94EB247213610094F399 ] ZAPrivacyService C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
18:02:57.0296 1368  ZAPrivacyService - ok
18:02:57.0296 1368  ================ Scan global ===============================
18:02:57.0343 1368  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
18:02:57.0375 1368  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
18:02:57.0390 1368  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
18:02:57.0406 1368  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
18:02:57.0406 1368  [Global] - ok
18:02:57.0406 1368  ================ Scan MBR ==================================
18:02:57.0421 1368  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
18:02:57.0625 1368  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:02:57.0625 1368  \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:02:57.0625 1368  ================ Scan VBR ==================================
18:02:57.0625 1368  [ 0965FA5F1460F05A939FB7D921A9A254 ] \Device\Harddisk0\DR0\Partition1
18:02:57.0640 1368  \Device\Harddisk0\DR0\Partition1 - ok
18:02:57.0640 1368  ============================================================
18:02:57.0640 1368  Scan finished
18:02:57.0640 1368  ============================================================
18:02:57.0640 1300  Detected object count: 1
18:02:57.0640 1300  Actual detected object count: 1
18:03:11.0781 1300  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
18:03:11.0781 1300  \Device\Harddisk0\DR0\TDLFS\tdl - copied to quarantine
18:03:11.0781 1300  \Device\Harddisk0\DR0\TDLFS\rsrc.dat - copied to quarantine
18:03:11.0796 1300  \Device\Harddisk0\DR0\TDLFS\tdlcmd.dll - copied to quarantine
18:03:11.0796 1300  \Device\Harddisk0\DR0\TDLFS\tdlwsp.dll - copied to quarantine
18:03:11.0796 1300  \Device\Harddisk0\DR0\TDLFS - deleted
18:03:11.0796 1300  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
18:04:42.0875 2128  ============================================================
18:04:42.0875 2128  Scan started
18:04:42.0875 2128  Mode: Manual; TDLFS;
18:04:42.0875 2128  ============================================================
18:04:43.0015 2128  ================ Scan system memory ========================
18:04:43.0015 2128  System memory - ok
18:04:43.0015 2128  ================ Scan services =============================
18:04:43.0343 2128  Abiosdsk - ok
18:04:43.0343 2128  abp480n5 - ok
18:04:43.0390 2128  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:04:43.0390 2128  ACPI - ok
18:04:43.0421 2128  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
18:04:43.0421 2128  ACPIEC - ok
18:04:43.0500 2128  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:04:43.0500 2128  AdobeFlashPlayerUpdateSvc - ok
18:04:43.0500 2128  adpu160m - ok
18:04:43.0515 2128  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
18:04:43.0515 2128  aec - ok
18:04:43.0546 2128  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
18:04:43.0546 2128  AFD - ok
18:04:43.0562 2128  Aha154x - ok
18:04:43.0562 2128  aic78u2 - ok
18:04:43.0562 2128  aic78xx - ok
18:04:43.0593 2128  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
18:04:43.0593 2128  Alerter - ok
18:04:43.0609 2128  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
18:04:43.0609 2128  ALG - ok
18:04:43.0609 2128  AliIde - ok
18:04:43.0609 2128  amsint - ok
18:04:43.0656 2128  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
18:04:43.0656 2128  AppMgmt - ok
18:04:43.0656 2128  asc - ok
18:04:43.0656 2128  asc3350p - ok
18:04:43.0671 2128  asc3550 - ok
18:04:43.0765 2128  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:04:43.0781 2128  aspnet_state - ok
18:04:43.0796 2128  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:04:43.0796 2128  AsyncMac - ok
18:04:43.0828 2128  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
18:04:43.0828 2128  atapi - ok
18:04:43.0828 2128  Atdisk - ok
18:04:43.0843 2128  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:04:43.0843 2128  Atmarpc - ok
18:04:43.0890 2128  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
18:04:43.0890 2128  AudioSrv - ok
18:04:43.0921 2128  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
18:04:43.0921 2128  audstub - ok
18:04:43.0968 2128  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:04:43.0968 2128  Beep - ok
18:04:44.0031 2128  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
18:04:44.0031 2128  BITS - ok
18:04:44.0062 2128  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
18:04:44.0062 2128  Browser - ok
18:04:44.0234 2128  catchme - ok
18:04:44.0250 2128  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
18:04:44.0250 2128  cbidf2k - ok
18:04:44.0250 2128  cd20xrnt - ok
18:04:44.0281 2128  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
18:04:44.0281 2128  Cdaudio - ok
18:04:44.0312 2128  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
18:04:44.0312 2128  Cdfs - ok
18:04:44.0328 2128  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:04:44.0328 2128  Cdrom - ok
18:04:44.0343 2128  Changer - ok
18:04:44.0375 2128  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
18:04:44.0375 2128  CiSvc - ok
18:04:44.0375 2128  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
18:04:44.0375 2128  ClipSrv - ok
18:04:44.0421 2128  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:04:44.0421 2128  clr_optimization_v2.0.50727_32 - ok
18:04:44.0437 2128  CmdIde - ok
18:04:44.0437 2128  COMSysApp - ok
18:04:44.0437 2128  Cpqarray - ok
18:04:44.0453 2128  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
18:04:44.0468 2128  CryptSvc - ok
18:04:44.0468 2128  dac2w2k - ok
18:04:44.0468 2128  dac960nt - ok
18:04:44.0562 2128  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:04:44.0562 2128  DcomLaunch - ok
18:04:44.0593 2128  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
18:04:44.0593 2128  Dhcp - ok
18:04:44.0640 2128  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
18:04:44.0640 2128  Disk - ok
18:04:44.0640 2128  dmadmin - ok
18:04:44.0703 2128  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
18:04:44.0718 2128  dmboot - ok
18:04:44.0734 2128  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
18:04:44.0734 2128  dmio - ok
18:04:44.0765 2128  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
18:04:44.0765 2128  dmload - ok
18:04:44.0781 2128  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
18:04:44.0781 2128  dmserver - ok
18:04:44.0796 2128  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
18:04:44.0796 2128  DMusic - ok
18:04:44.0812 2128  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:04:44.0812 2128  Dnscache - ok
18:04:44.0843 2128  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:04:44.0843 2128  Dot3svc - ok
18:04:44.0843 2128  dpti2o - ok
18:04:44.0859 2128  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:04:44.0859 2128  drmkaud - ok
18:04:44.0921 2128  [ 994D42A1C15F0A64662D9C06B3345964 ] DualCoreCenter  C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys
18:04:44.0921 2128  DualCoreCenter - ok
18:04:44.0953 2128  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
18:04:44.0968 2128  EapHost - ok
18:04:45.0000 2128  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
18:04:45.0000 2128  ERSvc - ok
18:04:45.0031 2128  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
18:04:45.0031 2128  Eventlog - ok
18:04:45.0046 2128  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
18:04:45.0062 2128  EventSystem - ok
18:04:45.0093 2128  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
18:04:45.0093 2128  Fastfat - ok
18:04:45.0125 2128  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:04:45.0125 2128  FastUserSwitchingCompatibility - ok
18:04:45.0140 2128  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
18:04:45.0140 2128  Fdc - ok
18:04:45.0187 2128  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
18:04:45.0187 2128  Fips - ok
18:04:45.0203 2128  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
18:04:45.0203 2128  Flpydisk - ok
18:04:45.0234 2128  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:04:45.0234 2128  FltMgr - ok
18:04:45.0296 2128  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:04:45.0296 2128  FontCache3.0.0.0 - ok
18:04:45.0312 2128  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:04:45.0312 2128  Fs_Rec - ok
18:04:45.0328 2128  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:04:45.0328 2128  Ftdisk - ok
18:04:45.0328 2128  GMSIPCI - ok
18:04:45.0343 2128  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:04:45.0343 2128  Gpc - ok
18:04:45.0359 2128  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:04:45.0375 2128  HDAudBus - ok
18:04:45.0437 2128  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:04:45.0437 2128  helpsvc - ok
18:04:45.0468 2128  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
18:04:45.0468 2128  HidServ - ok
18:04:45.0500 2128  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:04:45.0500 2128  hidusb - ok
18:04:45.0531 2128  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
18:04:45.0531 2128  hkmsvc - ok
18:04:45.0546 2128  hpn - ok
18:04:45.0578 2128  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
18:04:45.0578 2128  HTTP - ok
18:04:45.0609 2128  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
18:04:45.0625 2128  HTTPFilter - ok
18:04:45.0625 2128  i2omgmt - ok
18:04:45.0625 2128  i2omp - ok
18:04:45.0640 2128  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
18:04:45.0640 2128  i8042prt - ok
18:04:45.0718 2128  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:04:45.0718 2128  idsvc - ok
18:04:45.0734 2128  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
18:04:45.0734 2128  Imapi - ok
18:04:45.0781 2128  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
18:04:45.0781 2128  ImapiService - ok
18:04:45.0781 2128  ini910u - ok
18:04:45.0906 2128  [ 574C9B2F9406D28F8F7E5C7B46B470E6 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:04:45.0937 2128  IntcAzAudAddService - ok
18:04:45.0937 2128  IntelIde - ok
18:04:45.0984 2128  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:04:45.0984 2128  intelppm - ok
18:04:46.0000 2128  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
18:04:46.0000 2128  Ip6Fw - ok
18:04:46.0046 2128  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:04:46.0046 2128  IpFilterDriver - ok
18:04:46.0062 2128  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:04:46.0062 2128  IpInIp - ok
18:04:46.0078 2128  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:04:46.0093 2128  IpNat - ok
18:04:46.0093 2128  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:04:46.0093 2128  IPSec - ok
18:04:46.0109 2128  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
18:04:46.0109 2128  IRENUM - ok
18:04:46.0125 2128  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:04:46.0125 2128  isapnp - ok
18:04:46.0140 2128  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:04:46.0140 2128  Kbdclass - ok
18:04:46.0171 2128  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:04:46.0171 2128  kbdhid - ok
18:04:46.0218 2128  [ 2503B1AAAC2840A4708EC3578CC67928 ] KL1             C:\WINDOWS\system32\DRIVERS\kl1.sys
18:04:46.0218 2128  KL1 - ok
18:04:46.0250 2128  [ DC091A2571EE1CB9FEDD7C67BB46C2D2 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
18:04:46.0250 2128  KLIF - ok
18:04:46.0281 2128  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
18:04:46.0281 2128  kmixer - ok
18:04:46.0312 2128  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
18:04:46.0312 2128  KSecDD - ok
18:04:46.0343 2128  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
18:04:46.0343 2128  lanmanserver - ok
18:04:46.0359 2128  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:04:46.0359 2128  lanmanworkstation - ok
18:04:46.0359 2128  lbrtfdc - ok
18:04:46.0390 2128  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
18:04:46.0390 2128  LmHosts - ok
18:04:46.0437 2128  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
18:04:46.0437 2128  MBAMProtector - ok
18:04:46.0500 2128  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:04:46.0500 2128  MBAMScheduler - ok
18:04:46.0656 2128  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:04:46.0671 2128  MBAMService - ok
18:04:46.0734 2128  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
18:04:46.0750 2128  Messenger - ok
18:04:46.0796 2128  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
18:04:46.0796 2128  mnmdd - ok
18:04:46.0843 2128  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
18:04:46.0843 2128  mnmsrvc - ok
18:04:46.0859 2128  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
18:04:46.0859 2128  Modem - ok
18:04:46.0890 2128  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:04:46.0890 2128  Mouclass - ok
18:04:46.0937 2128  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:04:46.0937 2128  mouhid - ok
18:04:46.0968 2128  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
18:04:46.0968 2128  MountMgr - ok
18:04:47.0046 2128  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:04:47.0046 2128  MozillaMaintenance - ok
18:04:47.0046 2128  mraid35x - ok
18:04:47.0343 2128  [ B50B607B3A5CF4B069C6C4AB81C8B9DE ] MRV6X32U        C:\WINDOWS\system32\DRIVERS\MRVW23B.sys
18:04:47.0359 2128  MRV6X32U - ok
18:04:47.0375 2128  [ 5D235DAA0A9FEED8D880DF7277D6CCC8 ] MRVW225         C:\WINDOWS\system32\DRIVERS\MRVW225.sys
18:04:47.0375 2128  MRVW225 - ok
18:04:47.0421 2128  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:04:47.0421 2128  MRxDAV - ok
18:04:47.0546 2128  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:04:47.0546 2128  MRxSmb - ok
18:04:47.0578 2128  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
18:04:47.0578 2128  MSDTC - ok
18:04:47.0593 2128  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:04:47.0593 2128  Msfs - ok
18:04:47.0593 2128  MSICPL - ok
18:04:47.0593 2128  MSIServer - ok
18:04:47.0640 2128  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:04:47.0640 2128  MSKSSRV - ok
18:04:47.0671 2128  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:04:47.0671 2128  MSPCLOCK - ok
18:04:47.0703 2128  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:04:47.0703 2128  MSPQM - ok
18:04:47.0765 2128  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:04:47.0765 2128  mssmbios - ok
18:04:47.0812 2128  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
18:04:47.0828 2128  Mup - ok
18:04:47.0937 2128  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
18:04:47.0937 2128  napagent - ok
18:04:47.0953 2128  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
18:04:47.0968 2128  NDIS - ok
18:04:47.0984 2128  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:04:47.0984 2128  NdisTapi - ok
18:04:48.0015 2128  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:04:48.0015 2128  Ndisuio - ok
18:04:48.0031 2128  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:04:48.0031 2128  NdisWan - ok
18:04:48.0062 2128  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:04:48.0062 2128  NDProxy - ok
18:04:48.0343 2128  [ 0FF3C6AA3E0FE0EB316DF5449B569463 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
18:04:48.0359 2128  Nero BackItUp Scheduler 4.0 - ok
18:04:48.0406 2128  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:04:48.0406 2128  NetBIOS - ok
18:04:48.0421 2128  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:04:48.0421 2128  NetBT - ok
18:04:48.0484 2128  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
18:04:48.0484 2128  NetDDE - ok
18:04:48.0484 2128  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
18:04:48.0484 2128  NetDDEdsdm - ok
18:04:48.0546 2128  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:04:48.0546 2128  Netlogon - ok
18:04:48.0562 2128  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
18:04:48.0562 2128  Netman - ok
18:04:48.0687 2128  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:04:48.0687 2128  NetTcpPortSharing - ok
18:04:48.0765 2128  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
18:04:48.0765 2128  Nla - ok
18:04:48.0812 2128  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:04:48.0812 2128  Npfs - ok
18:04:48.0812 2128  NTACCESS - ok
18:04:48.0859 2128  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:04:48.0859 2128  Ntfs - ok
18:04:48.0921 2128  [ CD2166C9511D336A058CDE91778AAA69 ] NTIOLib_1_0_4   C:\Program Files\MSI\Live Update 5\NTIOLib.sys
18:04:48.0921 2128  NTIOLib_1_0_4 - ok
18:04:48.0921 2128  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
18:04:48.0921 2128  NtLmSsp - ok
18:04:49.0093 2128  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
18:04:49.0093 2128  NtmsSvc - ok
18:04:49.0109 2128  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:04:49.0109 2128  Null - ok
18:04:50.0000 2128  [ 8E72E452B9CC1E455D19E3C9FA964D37 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:04:50.0046 2128  nv - ok
18:04:50.0078 2128  [ 934833B3CD462A6F8A96F64D024C8B20 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
18:04:50.0078 2128  NVSvc - ok
18:04:50.0140 2128  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:04:50.0140 2128  NwlnkFlt - ok
18:04:50.0171 2128  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:04:50.0171 2128  NwlnkFwd - ok
18:04:50.0187 2128  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
18:04:50.0187 2128  Parport - ok
18:04:50.0203 2128  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
18:04:50.0203 2128  PartMgr - ok
18:04:50.0265 2128  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
18:04:50.0265 2128  ParVdm - ok
18:04:50.0328 2128  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
18:04:50.0328 2128  PCI - ok
18:04:50.0328 2128  PCIDump - ok
18:04:50.0359 2128  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
18:04:50.0359 2128  PCIIde - ok
18:04:50.0453 2128  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
18:04:50.0453 2128  Pcmcia - ok
18:04:50.0468 2128  PDCOMP - ok
18:04:50.0468 2128  PDFRAME - ok
18:04:50.0468 2128  PDRELI - ok
18:04:50.0468 2128  PDRFRAME - ok
18:04:50.0484 2128  perc2 - ok
18:04:50.0484 2128  perc2hib - ok
18:04:50.0515 2128  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
18:04:50.0515 2128  PlugPlay - ok
18:04:50.0546 2128  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
18:04:50.0546 2128  PolicyAgent - ok
18:04:50.0562 2128  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:04:50.0562 2128  PptpMiniport - ok
18:04:50.0578 2128  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:04:50.0578 2128  ProtectedStorage - ok
18:04:50.0593 2128  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
18:04:50.0593 2128  PSched - ok
18:04:50.0640 2128  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:04:50.0640 2128  Ptilink - ok
18:04:50.0640 2128  ql1080 - ok
18:04:50.0656 2128  Ql10wnt - ok
18:04:50.0656 2128  ql12160 - ok
18:04:50.0656 2128  ql1240 - ok
18:04:50.0671 2128  ql1280 - ok
18:04:50.0687 2128  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:04:50.0687 2128  RasAcd - ok
18:04:50.0781 2128  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:04:50.0781 2128  RasAuto - ok
18:04:50.0796 2128  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:04:50.0796 2128  Rasl2tp - ok
18:04:50.0843 2128  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:04:50.0843 2128  RasMan - ok
18:04:50.0843 2128  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:04:50.0843 2128  RasPppoe - ok
18:04:50.0859 2128  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
18:04:50.0859 2128  Raspti - ok
18:04:50.0906 2128  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:04:50.0906 2128  Rdbss - ok
18:04:50.0921 2128  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:04:50.0921 2128  RDPCDD - ok
18:04:50.0953 2128  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:04:50.0953 2128  rdpdr - ok
18:04:51.0000 2128  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
18:04:51.0000 2128  RDPWD - ok
18:04:51.0062 2128  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
18:04:51.0062 2128  RDSessMgr - ok
18:04:51.0078 2128  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
18:04:51.0078 2128  redbook - ok
18:04:51.0140 2128  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:04:51.0140 2128  RemoteAccess - ok
18:04:51.0156 2128  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:04:51.0156 2128  RemoteRegistry - ok
18:04:51.0203 2128  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:04:51.0203 2128  RpcLocator - ok
18:04:51.0312 2128  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
18:04:51.0312 2128  RpcSs - ok
18:04:51.0343 2128  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
18:04:51.0343 2128  RSVP - ok
18:04:51.0406 2128  [ 9555F0CCC6DB8EE2A9854B7853748379 ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
18:04:51.0421 2128  RTLE8023xp - ok
18:04:51.0421 2128  [ C7DC8C440C45FAD6F064689190DC1C6F ] RushTopDevice2  C:\Program Files\MSI\DualCoreCenter\RushTop.sys
18:04:51.0421 2128  RushTopDevice2 - ok
18:04:51.0437 2128  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:04:51.0437 2128  SamSs - ok
18:04:51.0500 2128  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
18:04:51.0500 2128  SCardSvr - ok
18:04:51.0562 2128  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:04:51.0562 2128  Schedule - ok
18:04:51.0578 2128  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:04:51.0578 2128  Secdrv - ok
18:04:51.0609 2128  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
18:04:51.0609 2128  seclogon - ok
18:04:51.0625 2128  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
18:04:51.0625 2128  SENS - ok
18:04:51.0640 2128  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
18:04:51.0640 2128  serenum - ok
18:04:51.0640 2128  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
18:04:51.0640 2128  Serial - ok
18:04:51.0656 2128  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
18:04:51.0656 2128  Sfloppy - ok
18:04:51.0718 2128  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:04:51.0734 2128  SharedAccess - ok
18:04:51.0765 2128  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:04:51.0765 2128  ShellHWDetection - ok
18:04:51.0781 2128  Simbad - ok
18:04:51.0781 2128  Sparrow - ok
18:04:51.0828 2128  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
18:04:51.0828 2128  splitter - ok
18:04:51.0890 2128  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
18:04:51.0890 2128  Spooler - ok
18:04:51.0906 2128  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
18:04:51.0906 2128  sr - ok
18:04:51.0921 2128  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
18:04:51.0921 2128  srservice - ok
18:04:52.0062 2128  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:04:52.0062 2128  Srv - ok
18:04:52.0218 2128  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:04:52.0218 2128  SSDPSRV - ok
18:04:52.0328 2128  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
18:04:52.0328 2128  stisvc - ok
18:04:52.0375 2128  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
18:04:52.0375 2128  swenum - ok
18:04:52.0390 2128  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
18:04:52.0390 2128  swmidi - ok
18:04:52.0390 2128  SwPrv - ok
18:04:52.0390 2128  symc810 - ok
18:04:52.0406 2128  symc8xx - ok
18:04:52.0406 2128  sym_hi - ok
18:04:52.0406 2128  sym_u3 - ok
18:04:52.0421 2128  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
18:04:52.0421 2128  sysaudio - ok
18:04:52.0437 2128  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
18:04:52.0453 2128  SysmonLog - ok
18:04:52.0453 2128  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:04:52.0468 2128  TapiSrv - ok
18:04:52.0593 2128  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:04:52.0593 2128  Tcpip - ok
18:04:52.0671 2128  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
18:04:52.0671 2128  TDPIPE - ok
18:04:52.0703 2128  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
18:04:52.0703 2128  TDTCP - ok
18:04:52.0718 2128  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
18:04:52.0718 2128  TermDD - ok
18:04:52.0750 2128  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
18:04:52.0750 2128  TermService - ok
18:04:52.0781 2128  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
18:04:52.0781 2128  Themes - ok
18:04:52.0828 2128  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
18:04:52.0843 2128  TlntSvr - ok
18:04:52.0843 2128  TosIde - ok
18:04:52.0843 2128  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
18:04:52.0859 2128  TrkWks - ok
18:04:52.0890 2128  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
18:04:52.0890 2128  Udfs - ok
18:04:52.0906 2128  ultra - ok
18:04:52.0937 2128  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
18:04:52.0953 2128  Update - ok
18:04:53.0015 2128  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:04:53.0031 2128  upnphost - ok
18:04:53.0046 2128  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
18:04:53.0046 2128  UPS - ok
18:04:53.0046 2128  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:04:53.0062 2128  usbccgp - ok
18:04:53.0062 2128  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:04:53.0062 2128  usbehci - ok
18:04:53.0078 2128  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:04:53.0078 2128  usbhub - ok
18:04:53.0093 2128  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:04:53.0093 2128  usbuhci - ok
18:04:53.0109 2128  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
18:04:53.0109 2128  VgaSave - ok
18:04:53.0109 2128  ViaIde - ok
18:04:53.0125 2128  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
18:04:53.0125 2128  VolSnap - ok
18:04:53.0328 2128  [ D8350E1DEF14602FAAFB849005287368 ] Vsdatant        C:\WINDOWS\system32\vsdatant.sys
18:04:53.0328 2128  Vsdatant - ok
18:04:53.0718 2128  vsmon - ok
18:04:53.0921 2128  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
18:04:53.0921 2128  VSS - ok
18:04:53.0984 2128  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
18:04:53.0984 2128  W32Time - ok
18:04:54.0046 2128  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:04:54.0046 2128  Wanarp - ok
18:04:54.0046 2128  WDICA - ok
18:04:54.0109 2128  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
18:04:54.0109 2128  wdmaud - ok
18:04:54.0203 2128  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:04:54.0203 2128  WebClient - ok
18:04:54.0390 2128  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:04:54.0390 2128  winmgmt - ok
18:04:54.0437 2128  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
18:04:54.0437 2128  WmdmPmSN - ok
18:04:54.0500 2128  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
18:04:54.0500 2128  Wmi - ok
18:04:54.0531 2128  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:04:54.0531 2128  WmiApSrv - ok
18:04:54.0734 2128  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
18:04:54.0750 2128  WMPNetworkSvc - ok
18:04:54.0781 2128  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:04:54.0781 2128  WS2IFSL - ok
18:04:54.0828 2128  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
18:04:54.0843 2128  wscsvc - ok
18:04:54.0843 2128  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
18:04:54.0843 2128  wuauserv - ok
18:04:54.0906 2128  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:04:54.0906 2128  WudfPf - ok
18:04:54.0953 2128  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:04:54.0953 2128  WudfRd - ok
18:04:54.0984 2128  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
18:04:54.0984 2128  WudfSvc - ok
18:04:55.0078 2128  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
18:04:55.0093 2128  WZCSVC - ok
18:04:55.0125 2128  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
18:04:55.0140 2128  xmlprov - ok
18:04:55.0187 2128  [ EBD35BDCE49B94EB247213610094F399 ] ZAPrivacyService C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
18:04:55.0187 2128  ZAPrivacyService - ok
18:04:55.0187 2128  ================ Scan global ===============================
18:04:55.0234 2128  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
18:04:55.0328 2128  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
18:04:55.0343 2128  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
18:04:55.0375 2128  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
18:04:55.0375 2128  [Global] - ok
18:04:55.0375 2128  ================ Scan MBR ==================================
18:04:55.0390 2128  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
18:04:56.0265 2128  \Device\Harddisk0\DR0 - ok
18:04:56.0265 2128  ================ Scan VBR ==================================
18:04:56.0281 2128  [ 0965FA5F1460F05A939FB7D921A9A254 ] \Device\Harddisk0\DR0\Partition1
18:04:56.0281 2128  \Device\Harddisk0\DR0\Partition1 - ok
18:04:56.0281 2128  ============================================================
18:04:56.0281 2128  Scan finished
18:04:56.0281 2128  ============================================================
18:04:56.0296 3752  Detected object count: 0
18:04:56.0296 3752  Actual detected object count: 0
 

[D-FRED-BROWN]

I think that got the last of it. I just want to run this last scan to be sure:

 

1.Please download HitmanPro.

• For 64-bit Operating System -
• For 32-bit

2.Launch the program by double clicking on the icon. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).

3.Click on the next button. You must agree with the terms of EULA.

4.Check the box beside "No, I only want to perform a one-time scan to check this computer".

5.Click on the next button.

6.The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.

7.When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!

8.Click on the next button.

9.Click on the "Export scan results to XML file".

10.Save that file to your desktop and zip and attach it in your next reply.

[D-FRED-BROWN]

I edited my post to include the 32-bit Hitman link.

[computer_is_dave]

HitmanPro 3.7.7.203www.hitmanpro.com   Computer name . . . . : DAVE   Windows . . . . . . . : 5.1.3.2600.X86/2   User name . . . . . . : DAVE\Jane Doe   License . . . . . . . : Free   Scan date . . . . . . : 2013-08-07 19:44:16   Scan mode . . . . . . : Normal   Scan duration . . . . : 2m 46s   Disk access mode  . . : Direct disk access (SRB)   Cloud . . . . . . . . : Internet   Reboot  . . . . . . . : No   Threats . . . . . . . : 0   Traces  . . . . . . . : 95   Objects scanned . . . : 315,242   Files scanned . . . . : 6,694   Remnants scanned  . . : 45,067 files / 263,481 keysSuspicious files ____________________________________________________________   C:\WINDOWS\system32\DivX.dll      Size . . . . . . . : 720,384 bytes      Age  . . . . . . . : 2.7 days (2013-08-05 03:33:41)      Entropy  . . . . . : 8.0      SHA-256  . . . . . : 690C0BE983BF27EB62428C93A534B66F3D11A8D6B30CB629425BD5A6F7232762      Product  . . . . . : DivX®      Publisher  . . . . : DivX, Inc.      Description  . . . : DivX      Version  . . . . . : 6.9.2.26      Copyright  . . . . : Copyright © 2000-2009 DivX, Inc. All rights reserved.      Fuzzy  . . . . . . : 23.0         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.         The Entry Point of this file lies in a resource section. This is an indication of malware infection.         The .rsrc (resources) section in this program is set to executable. This is an indication of malware infection.         Program contains PE structure anomalies. This is not typical for most programs.         Time indicates that the file appeared recently on this computer.         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.      Forensic Cluster         -2.7s C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\         -2.7s C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll         -2.7s C:\WINDOWS\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.6195.policy         -2.6s C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86.cat         -2.6s C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll         -2.6s C:\WINDOWS\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.6195.cat         -2.6s C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86.manifest         -2.6s C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll         -2.4s C:\WINDOWS\Installer\1371cc.msi         -2.1s C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\         -2.1s C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe         -1.7s C:\Program Files\DivX\DivX OVS Helper\         -1.7s C:\Program Files\DivX\DivX OVS Helper\divx_libeay32.dll         -1.5s C:\Program Files\DivX\DivX OVS Helper\divx_ssleay32.dll         -1.5s C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll         -0.6s C:\Program Files\DivX\DivX OVS Helper\OVSHelperBroker.exe         -0.4s C:\Documents and Settings\All Users\Application Data\DivX\OVSHelper\         -0.4s C:\Documents and Settings\All Users\Application Data\DivX\OVSHelper\Uninstaller.exe          0.0s C:\WINDOWS\system32\DivX.dll          0.2s C:\WINDOWS\system32\divx_xx0c.dll          0.2s C:\WINDOWS\system32\divx_xx07.dll          0.3s C:\WINDOWS\system32\divx_xx11.dll          0.3s C:\WINDOWS\system32\divx_xx0a.dll          0.4s C:\WINDOWS\system32\divx_xx16.dll          0.4s C:\WINDOWS\system32\dpl100.dll          0.6s C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\          0.6s C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe          1.8s C:\Program Files\Common Files\DivX Shared\Qt4.8\          1.8s C:\Program Files\Common Files\DivX Shared\Qt4.8\QtCore4.dll          2.1s C:\Program Files\Common Files\DivX Shared\Qt4.8\QtGui4.dll          3.0s C:\Program Files\Common Files\DivX Shared\Qt4.8\QtNetwork4.dll          3.4s C:\Program Files\Common Files\DivX Shared\Qt4.8\QtSql4.dll          3.4s C:\Program Files\Common Files\DivX Shared\Qt4.8\QtWebKit4.dll          5.5s C:\Program Files\Common Files\DivX Shared\Qt4.8\QtXml4.dll          5.5s C:\Program Files\Common Files\DivX Shared\Qt4.8\QtScript4.dll          5.7s C:\Program Files\Common Files\DivX Shared\Qt4.8\QtSvg4.dll          5.7s C:\Program Files\Common Files\DivX Shared\Qt4.8\QtXmlPatterns4.dll          6.0s C:\Program Files\Common Files\DivX Shared\Qt4.8\libeay32.dll          6.1s C:\Program Files\Common Files\DivX Shared\Qt4.8\ssleay32.dll          6.3s C:\Program Files\Common Files\DivX Shared\Qt4.8\Plugins\          6.3s C:\Program Files\Common Files\DivX Shared\Qt4.8\Plugins\accessible\          6.3s C:\Program Files\Common Files\DivX Shared\Qt4.8\Plugins\accessible\qtaccessiblewidgets4.dll          6.3s C:\Program Files\Common Files\DivX Shared\Qt4.8\Plugins\codecs\          6.3s C:\Program Files\Common Files\DivX Shared\Qt4.8\Plugins\codecs\qcncodecs4.dll          6.3s C:\Program Files\Common Files\DivX Shared\Qt4.8\Plugins\codecs\qjpcodecs4.dll          6.4s C:\Program Files\Common Files\DivX Shared\Qt4.8\Plugins\codecs\qkrcodecs4.dll          6.4s C:\Program Files\Common Files\DivX Shared\Qt4.8\Plugins\codecs\qtwcodecs4.dll          6.4s C:\Program Files\Common Files\DivX Shared\Qt4.8\Plugins\imageformats\          6.5s C:\Program Files\Common Files\DivX Shared\Qt4.8\Plugins\imageformats\qgif4.dll          6.5s C:\Program Files\Common Files\DivX Shared\Qt4.8\Plugins\imageformats\qico4.dll          6.5s C:\Program Files\Common Files\DivX Shared\Qt4.8\Plugins\imageformats\qjpeg4.dll          6.5s C:\Program Files\Common Files\DivX Shared\Qt4.8\Plugins\imageformats\qsvg4.dll          6.5s C:\Program Files\Common Files\DivX Shared\Qt4.8\Plugins\imageformats\qtiff4.dll          6.5s C:\Program Files\Common Files\DivX Shared\Qt4.8\Plugins\sqldrivers\          6.5s C:\Program Files\Common Files\DivX Shared\Qt4.8\Plugins\sqldrivers\qsqlite4.dll          6.6s C:\Documents and Settings\All Users\Application Data\DivX\Qt4.8\          6.6s C:\Documents and Settings\All Users\Application Data\DivX\Qt4.8\Uninstaller.exe          7.0s C:\Program Files\DivX\DivX Control Panel\          7.0s C:\Program Files\DivX\DivX Control Panel\plugins\          7.0s C:\Program Files\DivX\DivX Control Panel\plugins\DivXControlPanelPlugin_Decoder.dll          7.1s C:\Program Files\DivX\DivX Control Panel\plugins\DivXControlPanelPlugin_Registration.dll          7.1s C:\Program Files\DivX\DivX Control Panel\plugins\DivXControlPanelPlugin_Update.dll          7.1s C:\Program Files\DivX\DivX Control Panel\dpl100.dll          7.1s C:\Program Files\DivX\DivX Control Panel\dplreg.exe          7.1s C:\Program Files\DivX\DivX Control Panel\DivXControlPanelLauncher.dll          7.1s C:\Program Files\DivX\DivX Control Panel\DivXControlPanelLauncher.exe          7.3s C:\Program Files\DivX\DivX Control Panel\lang-de.qm          7.3s C:\Program Files\DivX\DivX Control Panel\lang-es.qm          7.3s C:\Program Files\DivX\DivX Control Panel\lang-fr.qm          7.3s C:\Program Files\DivX\DivX Control Panel\lang-ja.qm          7.3s C:\Program Files\DivX\DivX Control Panel\lang-pt-br.qm          7.4s C:\Program Files\DivX\DivX Control Panel\lang-zh-cn.qm          7.4s C:\Program Files\DivX\DivX Control Panel\lang-zh-tw.qm          7.4s C:\Program Files\DivX\DivX Control Panel\qt-de.qm          7.4s C:\Program Files\DivX\DivX Control Panel\qt-es.qm          7.4s C:\Program Files\DivX\DivX Control Panel\qt-fr.qm          7.4s C:\Program Files\DivX\DivX Control Panel\qt-ja.qm          7.4s C:\Program Files\DivX\DivX Control Panel\qt-pt-br.qm          7.4s C:\Program Files\DivX\DivX Control Panel\qt-zh-cn.qm          7.4s C:\Program Files\DivX\DivX Control Panel\qt-zh-tw.qm          7.4s C:\WINDOWS\system32\DivXControlPanelApplet.cpl          7.5s C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus\          7.5s C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus\Register.lnk          7.5s C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus\Check for Updates.lnk          7.5s C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\          7.5s C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe          8.0s C:\Program Files\DivX\DivX Transcode Engine\          8.0s C:\Program Files\DivX\DivX Transcode Engine\CEhcnr.ddc          8.0s C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\          8.0s C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe          9.4s C:\Program Files\DivX\DivX Transcode Engine\DivXTranscodeDll.dll          9.4s C:\Program Files\DivX\DivX Transcode Engine\DivXEngine.exe          9.9s C:\Program Files\DivX\DivX Transcode Engine\dpl100.dll          9.9s C:\Program Files\DivX\DivX Transcode Engine\dtu100.dll          9.9s C:\Program Files\DivX\DivX Transcode Engine\mcplugcore.dll         10.5s C:\Program Files\DivX\DivX Transcode Engine\msvcr100.dll         10.6s C:\Program Files\DivX\DivX Transcode Engine\msvcp100.dll         10.6s C:\Program Files\DivX\DivX Transcode Engine\plugins\         10.6s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_asf.dll         10.7s C:\Program Files\DivX\DivX Transcode Engine\plugins\mcdv100_plugin.dll         10.7s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_dec_dv100.dll         10.7s C:\Program Files\DivX\DivX Transcode Engine\plugins\mcdv100dec_plugin.dll         10.7s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_dec_j2k.dll         10.8s C:\Program Files\DivX\DivX Transcode Engine\plugins\mcmj2kdecode_plugin.dll         10.8s C:\Program Files\DivX\DivX Transcode Engine\plugins\mcmpegdecode_plugin.dll         10.8s C:\Program Files\DivX\DivX Transcode Engine\plugins\mcmpeg12_plugin.dll         10.8s C:\Program Files\DivX\DivX Transcode Engine\plugins\mcmxfdvdecode_plugin.dll         10.8s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mxf.dll         10.9s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_dec_amr.dll         10.9s C:\Program Files\DivX\DivX Transcode Engine\plugins\divx_dec_avc.dll         11.1s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_config_avc.dll         11.1s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_dec_avc.dll         11.2s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_enc_avcsr.dll         11.2s C:\Program Files\DivX\DivX Transcode Engine\plugins\divx_enc_avc.dll         11.6s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_enc_avc.dll         11.8s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_enc_avc_mfx.dll         11.8s C:\Program Files\DivX\DivX Transcode Engine\plugins\demoddpro_plugin.dll         11.8s C:\Program Files\DivX\DivX Transcode Engine\plugins\demo_dec_dd.dll         11.8s C:\Program Files\DivX\DivX Transcode Engine\plugins\demo_enc_ddp.dll         11.8s C:\Program Files\DivX\DivX Transcode Engine\plugins\demo_pt_audio.dll         11.8s C:\Program Files\DivX\DivX Transcode Engine\plugins\divx_dec_aac.dll         11.9s C:\Program Files\DivX\DivX Transcode Engine\plugins\divx_dec_divx.dll         12.0s C:\Program Files\DivX\DivX Transcode Engine\plugins\divx_dec_mp3.dll         12.0s C:\Program Files\DivX\DivX Transcode Engine\plugins\divx_demux_dmf.dll         12.4s C:\Program Files\DivX\DivX Transcode Engine\plugins\divx_enc_aac.dll         12.4s C:\Program Files\DivX\DivX Transcode Engine\plugins\divx_enc_divx.dll         12.5s C:\Program Files\DivX\DivX Transcode Engine\plugins\divx_enc_mp3.dll         12.6s C:\Program Files\DivX\DivX Transcode Engine\plugins\divx_mfimport.dll         12.6s C:\Program Files\DivX\DivX Transcode Engine\plugins\divx_mux_dmf.dll         12.8s C:\Program Files\DivX\DivX Transcode Engine\plugins\divx_mux_mp4.dll         12.9s C:\Program Files\DivX\DivX Transcode Engine\plugins\iDShow.dll         12.9s C:\Program Files\DivX\DivX Transcode Engine\plugins\iQT.dll         12.9s C:\Program Files\DivX\DivX Transcode Engine\plugins\libmfxsw32.dll         14.2s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_config_mp2m.dll         14.2s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_config_mp2v.dll         14.2s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_config_mp4v.dll         14.2s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_config_mpa.dll         14.3s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_config_pcm.dll         14.3s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_dec_aac.dll         14.4s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_dec_dv.dll         14.4s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_dec_dv50.dll         14.5s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_dec_mp2v.dll         14.6s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_dec_mp4v.dll         14.7s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_dec_mpa.dll         14.7s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_dv.dll         14.8s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2.dll         14.8s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax         17.0s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp4.dll         17.1s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_enc_aac.dll         17.1s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_mfimport.dll         17.2s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_mux_mp4.dll         17.4s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_pt_audio.dll         17.4s C:\Program Files\DivX\DivX Transcode Engine\plugins\mcaac_plugin.dll         17.4s C:\Program Files\DivX\DivX Transcode Engine\plugins\mcdivx_plugin.dll         17.5s C:\Program Files\DivX\DivX Transcode Engine\plugins\mcdivxdecode_plugin.dll         17.5s C:\Program Files\DivX\DivX Transcode Engine\plugins\mch264_plugin.dll         17.5s C:\Program Files\DivX\DivX Transcode Engine\plugins\mch264mfx_plugin.dll         17.5s C:\Program Files\DivX\DivX Transcode Engine\plugins\mcmcmimp_plugin.dll         17.5s C:\Program Files\DivX\DivX Transcode Engine\plugins\mcmp4mux_plugin.dll         17.6s C:\Program Files\DivX\DivX Transcode Engine\plugins\mcmpeg4video_plugin.dll         17.6s C:\Program Files\DivX\DivX Transcode Engine\plugins\mcxdcamdecode_plugin.dll         17.6s C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_dec_spic.dll         17.8s C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\         17.8s C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe         18.6s C:\Program Files\DivX\DivX Plus Converter\         18.6s C:\Program Files\DivX\DivX Plus Converter\dpl100.dll         18.6s C:\Program Files\DivX\DivX Plus Converter\DivXConverterLauncher.dll         19.0s C:\Program Files\DivX\DivX Plus Converter\DivXConverterLauncher.exe         19.1s C:\Program Files\DivX\DivX Plus Converter\lang-de.qm         19.1s C:\Program Files\DivX\DivX Plus Converter\lang-es.qm         19.1s C:\Program Files\DivX\DivX Plus Converter\lang-fr.qm         19.1s C:\Program Files\DivX\DivX Plus Converter\lang-ja.qm         19.1s C:\Program Files\DivX\DivX Plus Converter\lang-pt-br.qm         19.1s C:\Program Files\DivX\DivX Plus Converter\lang-zh-cn.qm         19.1s C:\Program Files\DivX\DivX Plus Converter\lang-zh-tw.qm         19.1s C:\Program Files\DivX\DivX Plus Converter\qt-de.qm         19.1s C:\Program Files\DivX\DivX Plus Converter\qt-es.qm         19.1s C:\Program Files\DivX\DivX Plus Converter\qt-fr.qm         19.2s C:\Program Files\DivX\DivX Plus Converter\qt-ja.qm         19.2s C:\Program Files\DivX\DivX Plus Converter\qt-pt-br.qm         19.2s C:\Program Files\DivX\DivX Plus Converter\qt-zh-cn.qm         19.2s C:\Program Files\DivX\DivX Plus Converter\qt-zh-tw.qm         19.2s C:\Documents and Settings\All Users\Application Data\DivX\Converter\         19.2s C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe         19.2s C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus\DivX Plus Converter.lnk         19.3s C:\System Volume Information\_restore{B311D3EE-37E7-4785-ADEC-06D5350F5662}\RP20\A0007200.lnk         19.8s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\         19.8s C:\Program Files\DivX\DivX Plus Player\         19.8s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll         19.9s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.xml         19.9s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\         19.9s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DFXAudioTransform.dll         19.9s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DFXAudioTransform.xml         19.9s C:\Program Files\DivX\DivX Plus Player\DFX for DivX Player.chm         20.0s C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\         20.0s C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe         20.3s C:\Program Files\DivX\DivX Plus DirectShow Filters\         20.3s C:\Program Files\DivX\DivX Plus DirectShow Filters\divx_dec_aac.dll         20.4s C:\Program Files\DivX\DivX Plus DirectShow Filters\daac.ax         20.6s C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\         20.6s C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe         21.1s C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus\Codec Settings.lnk         21.1s C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\         21.1s C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe         21.4s C:\Program Files\DivX\DivX Codec\         21.5s C:\Program Files\DivX\DivX Codec\DivXDec.ax         21.8s C:\Program Files\DivX\DivX Codec\DivXASP6_10ReleaseNotes.txt         21.8s C:\Program Files\DivX\DivX Codec\DivXWMPExtType.dll         21.8s C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\         21.8s C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe         22.2s C:\Program Files\DivX\DivX Plus DirectShow Filters\DivXDecH264.ax         22.6s C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\         22.6s C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe         23.3s C:\Program Files\DivX\DivX Plus DirectShow Filters\DirectShowDemuxFilter.dll         23.8s C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\         23.8s C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe         24.9s C:\Program Files\Common Files\DivX Shared\DesktopService\         24.9s C:\Program Files\Common Files\DivX Shared\DesktopService\DivXDownloadManager.dll         24.9s C:\Program Files\Common Files\DivX Shared\DesktopService\DDMService.exe         25.0s C:\Documents and Settings\All Users\Application Data\DivX\DesktopService\         25.0s C:\Documents and Settings\All Users\Application Data\DivX\DesktopService\Uninstaller.exe         25.9s C:\Program Files\DivX\DivX Media Server\         25.9s C:\Program Files\DivX\DivX Media Server\DivXDLNATranscoder.dll         26.1s C:\Program Files\DivX\DivX Media Server\DivXMediaServer.dll         26.2s C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe         26.2s C:\Program Files\DivX\DivX Media Server\mc_net_tools.dll         26.3s C:\Program Files\DivX\DivX Media Server\mc_net_source.dll         26.3s C:\Program Files\DivX\DivX Media Server\mc_parser_sdp.dll         26.4s C:\Program Files\DivX\DivX Media Server\mc_upnp_dlna_stack.dll         26.5s C:\Program Files\DivX\DivX Media Server\mc_dec_aac.dll         26.5s C:\Program Files\DivX\DivX Media Server\mc_dec_avc.dll         26.7s C:\Program Files\DivX\DivX Media Server\mc_demux_mp4.dll         26.7s C:\Program Files\DivX\DivX Media Server\mc_enc_mp2v.dll         26.8s C:\Program Files\DivX\DivX Media Server\mc_enc_mpa.dll         26.8s C:\Program Files\DivX\DivX Media Server\mc_mux_mp2.dll         26.9s C:\Program Files\DivX\DivX Media Server\i18n\         26.9s C:\Program Files\DivX\DivX Media Server\i18n\lang-de.qm         26.9s C:\Program Files\DivX\DivX Media Server\i18n\lang-es.qm         26.9s C:\Program Files\DivX\DivX Media Server\i18n\lang-fr.qm         26.9s C:\Program Files\DivX\DivX Media Server\i18n\lang-ja.qm         26.9s C:\Program Files\DivX\DivX Media Server\i18n\lang-pt.qm         26.9s C:\Program Files\DivX\DivX Media Server\i18n\lang-zh_cn.qm         26.9s C:\Program Files\DivX\DivX Media Server\i18n\lang-zh_tw.qm         26.9s C:\Program Files\DivX\DivX Media Server\i18n\qt-de.qm         26.9s C:\Program Files\DivX\DivX Media Server\i18n\qt-es.qm         27.0s C:\Program Files\DivX\DivX Media Server\i18n\qt-fr.qm         27.0s C:\Program Files\DivX\DivX Media Server\i18n\qt-ja.qm         27.0s C:\Program Files\DivX\DivX Media Server\i18n\qt-pt-br.qm         27.0s C:\Program Files\DivX\DivX Media Server\i18n\qt-zh-cn.qm         27.0s C:\Program Files\DivX\DivX Media Server\i18n\qt-zh-tw.qm         27.0s C:\Program Files\DivX\DivX Media Server\data\         27.0s C:\Program Files\DivX\DivX Media Server\data\device_description.xbox360.xml         27.0s C:\Program Files\DivX\DivX Media Server\data\device_description.xml         27.0s C:\Program Files\DivX\DivX Media Server\data\service_description.xml         27.0s C:\Program Files\DivX\DivX Media Server\data\thumbnails\         27.3s C:\Program Files\DivX\DivX Media Server\data\webroot\         27.3s C:\Program Files\DivX\DivX Media Server\data\webroot\avtransport.xml         27.3s C:\Program Files\DivX\DivX Media Server\data\webroot\connectionmanager.xml         27.3s C:\Program Files\DivX\DivX Media Server\data\webroot\contentdirectory.xml         27.3s C:\Program Files\DivX\DivX Media Server\data\webroot\index.html         27.3s C:\Program Files\DivX\DivX Media Server\data\webroot\logo.jpg         27.3s C:\Program Files\DivX\DivX Media Server\data\webroot\logo.png         27.3s C:\Program Files\DivX\DivX Media Server\data\webroot\mediareceiverregistrar.xml         27.3s C:\Program Files\DivX\DivX Media Server\data\webroot\renderingcontrol.xml         27.3s C:\Documents and Settings\All Users\Application Data\DivX\DivXMediaServer\         27.4s C:\Documents and Settings\All Users\Application Data\DivX\DivXMediaServer\Uninstaller.exe         28.1s C:\Program Files\DivX\DivX To Go\         28.1s C:\Program Files\DivX\DivX To Go\DivXToGoLauncher.dll         28.5s C:\Program Files\DivX\DivX To Go\DivXToGoLauncher.exe         28.5s C:\Program Files\DivX\DivX To Go\AS_Storage_w32.dll         29.0s C:\Program Files\DivX\DivX To Go\i18n\         29.0s C:\Program Files\DivX\DivX To Go\i18n\qt-de.qm         29.0s C:\Program Files\DivX\DivX To Go\i18n\qt-es.qm         29.1s C:\Program Files\DivX\DivX To Go\i18n\qt-fr.qm         29.1s C:\Program Files\DivX\DivX To Go\i18n\qt-ja.qm         29.1s C:\Program Files\DivX\DivX To Go\i18n\qt-pt-br.qm         29.1s C:\Program Files\DivX\DivX To Go\i18n\qt-zh-cn.qm         29.1s C:\Program Files\DivX\DivX To Go\i18n\qt-zh-tw.qm         29.1s C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\         29.1s C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe         30.4s C:\Program Files\DivX\DivX Plus Player\DivX Plus Player.exe         30.5s C:\Program Files\DivX\DivX Plus Player\DivX Plus Player.dll         30.8s C:\Program Files\DivX\DivX Plus Player\dpl100.dll         30.8s C:\Program Files\DivX\DivX Plus Player\DPXLibrary.dll         31.0s C:\Program Files\DivX\DivX Plus Player\divx_icuuc40.dll         31.1s C:\Program Files\DivX\DivX Plus Player\icudt40.dll         32.7s C:\Program Files\DivX\DivX Plus Player\i18n\         32.7s C:\Program Files\DivX\DivX Plus Player\X.avi         32.7s C:\Program Files\DivX\DivX Plus Player\i18n\lang-de.qm         32.7s C:\Program Files\DivX\DivX Plus Player\i18n\lang-es.qm         32.8s C:\Program Files\DivX\DivX Plus Player\i18n\lang-fr.qm         32.8s C:\Program Files\DivX\DivX Plus Player\i18n\lang-ja.qm         32.8s C:\Program Files\DivX\DivX Plus Player\i18n\lang-pt.qm         32.8s C:\Program Files\DivX\DivX Plus Player\i18n\lang-zh_cn.qm         32.8s C:\Program Files\DivX\DivX Plus Player\i18n\lang-zh_tw.qm         32.8s C:\Program Files\DivX\DivX Plus Player\i18n\qt-de.qm         32.9s C:\Program Files\DivX\DivX Plus Player\i18n\qt-es.qm         32.9s C:\Program Files\DivX\DivX Plus Player\i18n\qt-fr.qm         32.9s C:\Program Files\DivX\DivX Plus Player\i18n\qt-ja.qm         32.9s C:\Program Files\DivX\DivX Plus Player\i18n\qt-pt.qm         32.9s C:\Program Files\DivX\DivX Plus Player\i18n\qt-zh_cn.qm         32.9s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.xml         32.9s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll         32.9s C:\Program Files\DivX\DivX Plus Player\i18n\qt-zh_tw.qm         33.3s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectShowAudioDecode.xml         33.3s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectShowAudioDecode.dll         33.5s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.xml         33.5s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll         33.6s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXAACDecode.xml         33.6s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXAACDecode.dll         33.8s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXASPDecode.xml         33.8s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXASPDecode.dll         34.0s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXAVCDecode.xml         34.0s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXAVCDecode.dll         34.2s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXSubDecode.xml         34.2s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXSubDecode.dll         34.3s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\GDIVideoOutput.xml         34.3s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\GDIVideoOutput.dll         34.5s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DMFContainer.xml         34.5s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DMFContainer.dll         34.9s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectShowContainer.xml         34.9s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectShowContainer.dll         35.1s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\QuickTimeContainer.xml         35.1s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\QuickTimeContainer.dll         35.3s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\SRTParser.xml         35.4s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\SRTParser.dll         35.6s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\SSAParser.xml         35.7s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\SSAParser.dll         36.0s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\SUBParser.xml         36.0s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\SUBParser.dll         36.3s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\SAMIParser.xml         36.3s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\SAMIParser.dll         36.5s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\MicroDVDParser.xml         36.5s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\MicroDVDParser.dll         36.8s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\OpenGLVideoOutput.xml         36.8s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\OpenGLVideoOutput.dll         37.3s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\SSADecode.xml         37.3s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\SSADecode.dll         37.4s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\XSRTRasterizer.xml         37.4s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\XSRTRasterizer.dll         37.6s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\XiphVorbisDecode.xml         37.7s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\XiphVorbisDecode.dll         37.8s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\XA2AudioOutput.xml         37.8s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\XA2AudioOutput.dll         37.9s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXMP3Decode.xml         37.9s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXMP3Decode.dll         38.0s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXMPADecode.xml         38.0s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXMPADecode.dll         38.1s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DSE_Control.xml         38.1s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DSE_Control.dll         38.7s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.xml         38.7s C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll         38.8s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll         39.0s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDeviceManagerPlugin.dll         39.1s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll         39.3s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXFileInfoPlugin.dll         39.4s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll         39.5s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll         39.7s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPreferencesPlugin.dll         39.9s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlaybackServicesPlugin.dll         40.2s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDevicePanePlugin.dll         40.3s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXLibraryPanePlugin.dll         40.6s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.xml         40.6s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDeviceManagerPlugin.xml         40.6s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDevicePanePlugin.xml         40.6s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.xml         40.6s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXFileInfoPlugin.xml         40.7s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXLibraryPanePlugin.xml         40.7s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.xml         40.7s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlaybackServicesPlugin.xml         40.7s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.xml         40.7s C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPreferencesPlugin.xml         40.7s C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus\DivX Plus Player.lnk         40.8s C:\System Volume Information\_restore{B311D3EE-37E7-4785-ADEC-06D5350F5662}\RP20\A0007199.lnk         42.3s C:\Documents and Settings\Jane Doe\My Documents\DivX Movies\         46.8s C:\Documents and Settings\All Users\Application Data\DivX\Player\         46.8s C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe         47.1s C:\Program Files\DivX\DivX Update\         47.1s C:\Program Files\DivX\DivX Update\DivXUpdate.exe         47.2s C:\Documents and Settings\All Users\Application Data\DivX\Update\         47.2s C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe         47.2s C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll         49.2s C:\Program Files\Mozilla Firefox\plugins\         49.3s C:\Program Files\DivX\DivX Plus Web Player\         49.3s C:\Program Files\DivX\DivX Plus Web Player\dwpBroker.exe         49.4s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\         49.4s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\Direct3DVideoOutput.dll         49.5s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\Direct3DVideoOutput.xml         49.5s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DirectSoundAudioOutput.dll         49.5s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DirectSoundAudioOutput.xml         49.5s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\X.avi         49.5s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\GDIVideoOutput.dll         49.5s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\GDIVideoOutput.xml         49.5s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DivXAACDecode.dll         49.6s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DivXAACDecode.xml         49.6s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DivXAVCDecode.dll         49.9s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DivXAVCDecode.xml         49.9s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DivXASPDecode.dll         50.0s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DivXASPDecode.xml         50.0s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\SSADecode.dll         50.0s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\SSADecode.xml         50.0s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DivXSubDecode.dll         50.0s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DivXSubDecode.xml         50.0s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\XSRTRasterizer.dll         50.2s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\XSRTRasterizer.xml         50.2s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\MP3SurroundDecode.dll         50.3s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\MP3SurroundDecode.xml         50.3s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\MPGLibDecode.dll         50.3s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\MPGLibDecode.xml         50.3s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DirectShowAudioDecode.dll         50.3s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DirectShowAudioDecode.xml         50.3s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DSE_Control.dll         50.4s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DSE_Control.xml         50.4s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\OSDContainer.dll         50.4s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\OSDContainer.xml         50.4s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\XA2AudioOutput.dll         50.4s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\XA2AudioOutput.xml         50.4s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DivXStreamingSplitter.dll         53.5s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DivXStreamingSplitter.xml         53.5s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DMFContainer.dll         53.8s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\DMFContainer.xml         53.8s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\divx_ssleay32.dll         53.8s C:\Program Files\DivX\DivX Plus Web Player\StreamEngine\divx_libeay32.dll         53.9s C:\Program Files\DivX\DivX Plus Web Player\libxml2.dll         54.0s C:\Program Files\DivX\DivX Plus Web Player\npdivx32.tlb         54.0s C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll         55.7s C:\WINDOWS\Fonts\MyriadPro-Regular.otf         55.8s C:\WINDOWS\Fonts\MyriadPro-Semibold.otf         55.8s C:\Program Files\DivX\DivX Plus Web Player\ie\         55.8s C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\         55.8s C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll         56.0s C:\Program Files\DivX\DivX Plus Web Player\firefox\         56.0s C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5\         56.0s C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5\chrome\content\         56.0s C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5\chrome\content\DivXHTML5.32.png         56.0s C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5\chrome\content\DivXHTML5.xul         56.0s C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5\chrome\         56.0s C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5\chrome.manifest         56.0s C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5\install.rdf         56.0s C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5\chrome\content\style.css         56.0s C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5\chrome\content\script.js         56.0s C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5\chrome\content\images\         56.0s C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5\chrome\content\images\dummy.png         56.0s C:\Program Files\DivX\DivX Plus Web Player\chrome\         56.0s C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\         56.0s C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx         56.1s C:\Documents and Settings\Jane Doe\My Documents\My Videos\         56.1s C:\Documents and Settings\Jane Doe\My Documents\My Videos\Desktop.ini         56.1s C:\Program Files\DivX\DivX Plus Web Player\Skins\         56.1s C:\Program Files\DivX\DivX Plus Web Player\Skins\DivX9.wps         56.2s C:\Program Files\DivX\DivX Plus Web Player\Skins\Dixons.wps         56.2s C:\Program Files\DivX\DivX Plus Web Player\Skins\Orange.wps         56.2s C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\         56.2s C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe         56.8s C:\Documents and Settings\All Users\Start Menu\Programs\DivX Plus\DivX Support.lnk         56.9s C:\Documents and Settings\Jane Doe\My Documents\My Videos\DivX Movies\         56.9s C:\Program Files\DivX\dfx.ico         56.9s C:\Program Files\DivX\divxFolder.ico         57.0s C:\Program Files\DivX\divxdotcom.ico         57.0s C:\Documents and Settings\Jane Doe\Desktop\DivX Movies.lnk         57.0s C:\Documents and Settings\Jane Doe\My Documents\My Videos\DivX Movies\Enhance your video soundtracks.lnk         57.0s C:\Documents and Settings\Jane Doe\My Documents\My Videos\DivX Movies\DivX.com.lnk         57.1s C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\         57.1s C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe         62.7s C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe         62.7s C:\Documents and Settings\All Users\Application Data\DivX\Setup\Resource.dll         62.7s C:\Documents and Settings\All Users\Application Data\DivX\Setup\finishPlugin.dllCookies _____________________________________________________________________   C:\Documents and Settings\Jane Doe\Cookies\jane doe@advertising[1].txt   C:\Documents and Settings\Jane Doe\Cookies\jane doe@apmebf[1].txt   C:\Documents and Settings\Jane Doe\Cookies\jane doe@atdmt[1].txt   C:\Documents and Settings\Jane Doe\Cookies\jane doe@c.atdmt[2].txt   C:\Documents and Settings\Jane Doe\Cookies\jane doe@c1.atdmt[1].txt   C:\Documents and Settings\Jane Doe\Cookies\jane doe@doubleclick[1].txt   C:\Documents and Settings\Jane Doe\Cookies\jane doe@invitemedia[2].txt   C:\Documents and Settings\Jane Doe\Cookies\jane doe@mediaplex[2].txt   C:\Documents and Settings\Jane Doe\Cookies\jane doe@microsoftsto.112.2o7[2].txt   C:\Documents and Settings\Jane Doe\Cookies\jane doe@tribalfusion[1].txt   C:\Documents and Settings\Jane Doe\Cookies\jane_doe@microsoftinternetexplorer.112.2o7[1].txt

 

[D-FRED-BROWN]

Looks like it's all gone. Your logs appear to be clean .

 

 

Unless there are any other issues, I will now provide you with some steps to better protect your computer.

First, we need to remove ComboFix.

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /Uninstall

-------------------

Let's remove OTL and the other tools we used as well:

• Reopen on your desktop.
• Click on
• You will be prompted to reboot your system. Please do so.
  

-------------------

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

-------------------

It is really dangerous to go online without an antivirus. Without one, you are extremely likely to get infected and the consequences could be even worse next time. All of the following are excellent free antiviruses. Be sure to only install one.

avast!.
AntiVir
AVG
Microsoft Security Essentials

-------------------

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Spybot-Search & Destroy
A tutorial on using Spybot to remove spyware from your computer may be found here. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features if you don't have the resident part of another anti-spyware program running.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

SpywareGuard
A tutorial on using SpywareGuard for real-time protection against spyware and hijackers may be found here.

-------------------

Please, consider maintaining a firewall with HIPS (Host Intrusion Prevention Systems). Firewalls are extremely important and are the first part of your computer's defense. HIPS stops malware by monitoring its behavior and it's very important, too.
A firewall is a software program or piece of hardware that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet.
If you are using the Windows Firewall please note that it doesn't monitor or block outbound traffic and is therefore less effective than other free alternatives.

These firewalls are good and do have free versions available

• Outpost Firewall Free
  Online Armor Firewall
  

A tutorial on understanding and using firewalls may be found here.

-------------------

Please keep your security programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time.

-------------------

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:

http://www.spywarewa...nti-spyware.htm

A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

-------------------

Please consider using an alternate browser. Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScripts, can make it even more secure. Opera is another good option.
If you are interested, Firefox may be downloaded from here
Opera is available here: http://www.opera.com/download/

-------------------

For more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.

-------------------

I would grateful if you could reply to this post so that I know you have read it and, if you have no other questions, the thread can then be closed.

I will leave the thread open for a few more days. If you need anything, just come back here and let me know. After that time you will have to send me a PM.

---------------------------------------------------------

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against malware, then click here:
Every little bit helps.

-DFB
 

[computer_is_dave]

Everything seems great.. Kaspersky is still refusing to install but if you say it's all clear, I assume it's something else up on my side of things. I've followed the final steps uninstalling the programs.

Will take note regarding your advice about protection..consider me learnt!

Thank you so much for your help and your patience.. you've been an excellent instructor. (I'd donate more if I had it )

Best wishes,

JD (and Dave)

 

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!