Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

rootkit.boot.Harbinger.a and 99% cpu usage by svchost.exe


  • Please log in to reply
34 replies to this topic

#1 jephph

jephph

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 20 October 2013 - 04:02 PM

Hey guys.  I've got a Windows XP laptop.  I "fixed" it a couple of weeks ago.  It wouldn't start up.  I did the "Repair" from the Windows XP CD.  When I was able to log back in, I noticed it was running really slowly.  I checked Task Manager, and noticed that svchost.exe was at 99% cpu usage.  

I ran TDSSKiller, and it found rootkit.boot.Harbinger.a, and cured it.  The computer was no longer running slowly, so I returned it to the customer.  

They called again, saying that it's running really slowly.  So, I've got it back, and I did a TDSSKiller scan again, and it found that same rootkit again.  I "cured" it once again, and rebooted.  I did another scan after rebooting, and nothing else came up, but svchost.exe is back to 99% cpu usage again.  

I can't say for sure that the issues are related, but I know that it was running smoothly for at least a short time after TDSSKiller got rid of the rootkit the first time.  Any help would be greatly appreciated.



BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:36 AM

Posted 20 October 2013 - 04:03 PM

Can you post the TDSS Log, and perform the following:

Hello,

And welcome to BleepingComputer.com, before we can assist you with your question of: Am I infected? You will need to perform the following tasks and post the logs of each if you can.

Malwarebytes Anti-Malware
 

Please download Malwarebytes Anti-Malware
and save it to your desktop.

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.



SUPERAntiSpyware:
 
 

Please download and scan with SUPERAntiSpyware Free

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen and exit the program.
  • Do not run a scan just yet.

Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Scan with SUPERAntiSpyware as follows:
  • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.

Instructions:

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.

Now GMER
 
 

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    gmer_zip.gif
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


ADW Cleaner


Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Please download MiniToolBox, and save it to your desktop and run it, and checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

#3 jephph

jephph
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 20 October 2013 - 04:31 PM

Here is the TDSS log.  I'll run those scans and post later.  The computer's running pretty slowly as you can imagine.

 

17:13:05.0578 0x0950 TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38

17:13:20.0468 0x0950 ============================================================

17:13:20.0468 0x0950 Current date / time: 2013/10/20 17:13:20.0468

17:13:20.0468 0x0950 SystemInfo:

17:13:20.0468 0x0950

17:13:20.0468 0x0950 OS Version: 5.1.2600 ServicePack: 3.0

17:13:20.0468 0x0950 Product type: Workstation

17:13:20.0468 0x0950 ComputerName: JAKE

17:13:20.0468 0x0950 UserName: Admin

17:13:20.0468 0x0950 Windows directory: C:\WINDOWS

17:13:20.0468 0x0950 System windows directory: C:\WINDOWS

17:13:20.0468 0x0950 Processor architecture: Intel x86

17:13:20.0500 0x0950 Number of processors: 1

17:13:20.0500 0x0950 Page size: 0x1000

17:13:20.0500 0x0950 Boot type: Normal boot

17:13:20.0500 0x0950 ============================================================

17:13:36.0656 0x0950 System UUID: {9B797127-18FB-1021-7904-6F65E37DC564}

17:13:40.0140 0x0950 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

17:13:40.0187 0x0950 ============================================================

17:13:40.0218 0x0950 \Device\Harddisk0\DR0:

17:13:40.0218 0x0950 MBR partitions:

17:13:40.0218 0x0950 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x6F4A421

17:13:40.0218 0x0950 ============================================================

17:13:40.0250 0x0950 C: <-> \Device\Harddisk0\DR0\Partition1

17:13:40.0250 0x0950 ============================================================

17:13:40.0250 0x0950 Initialize success

17:13:40.0250 0x0950 ============================================================

17:13:45.0906 0x12ac ============================================================

17:13:45.0906 0x12ac Scan started

17:13:45.0906 0x12ac Mode: Manual;

17:13:45.0906 0x12ac ============================================================

17:13:45.0906 0x12ac KSN ping started

17:13:50.0656 0x12ac KSN ping finished: true

17:13:53.0703 0x12ac ================ Scan system memory ========================

17:13:53.0734 0x12ac System memory - ok

17:13:53.0734 0x12ac ================ Scan services =============================

17:13:54.0390 0x12ac Abiosdsk - ok

17:13:54.0406 0x12ac abp480n5 - ok

17:13:54.0500 0x12ac [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

17:13:54.0515 0x12ac ACPI - ok

17:13:54.0640 0x12ac [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

17:13:54.0640 0x12ac ACPIEC - ok

17:13:54.0718 0x12ac [ 24A0876D07EF356DCBC1D7A7929354AB, 765653E856EC5841DB851363E7C7CFC332D3605789ECD0998762F60ADD56A0D8 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

17:13:54.0765 0x12ac AdobeFlashPlayerUpdateSvc - ok

17:13:54.0812 0x12ac adpu160m - ok

17:13:54.0859 0x12ac [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys

17:13:55.0171 0x12ac aec - ok

17:13:55.0265 0x12ac [ 12DAFD934641DCF61E446313BC261EC2, 1731C21DE26B8898531CFF37EFDD362D4B854CE2441C98EC8084BE03EBB19DB1 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys

17:13:55.0453 0x12ac AegisP - ok

17:13:55.0500 0x12ac [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys

17:13:55.0734 0x12ac AFD - ok

17:13:55.0906 0x12ac [ B3192376C7A3814B5341EFC2202022F8, A853C279CF31A45E2B59D6B2B15EABE7DEF46B0E2A78F969BCAEE8052452C721 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys

17:13:56.0015 0x12ac AgereSoftModem - ok

17:13:56.0046 0x12ac Aha154x - ok

17:13:56.0062 0x12ac aic78u2 - ok

17:13:56.0093 0x12ac aic78xx - ok

17:13:56.0156 0x12ac [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

17:13:56.0265 0x12ac Alerter - ok

17:13:56.0296 0x12ac [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe

17:13:56.0765 0x12ac ALG - ok

17:13:56.0781 0x12ac AliIde - ok

17:13:56.0828 0x12ac amsint - ok

17:13:56.0828 0x12ac AppMgmt - ok

17:13:56.0890 0x12ac [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys

17:13:57.0031 0x12ac Arp1394 - ok

17:13:57.0046 0x12ac asc - ok

17:13:57.0046 0x12ac asc3350p - ok

17:13:57.0062 0x12ac asc3550 - ok

17:13:57.0156 0x12ac [ D880831279ED91F9A4190A2DB9539EA9, EAF7D48E026C99EE9C4BC838A3004966517F948051B39DA5B5072F6DE81165AB ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys

17:13:57.0468 0x12ac ASCTRM - ok

17:13:57.0734 0x12ac [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

17:13:57.0796 0x12ac aspnet_state - ok

17:13:57.0843 0x12ac [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

17:13:57.0921 0x12ac AsyncMac - ok

17:13:57.0953 0x12ac [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

17:13:58.0000 0x12ac atapi - ok

17:13:58.0015 0x12ac Atdisk - ok

17:13:58.0062 0x12ac [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

17:13:58.0250 0x12ac Atmarpc - ok

17:13:58.0312 0x12ac [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

17:13:58.0500 0x12ac AudioSrv - ok

17:13:58.0562 0x12ac [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

17:13:58.0578 0x12ac audstub - ok

17:13:58.0656 0x12ac [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys

17:13:58.0796 0x12ac Beep - ok

17:13:58.0921 0x12ac [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\System32\qmgr.dll

17:13:59.0515 0x12ac BITS - ok

17:13:59.0562 0x12ac [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll

17:13:59.0828 0x12ac Browser - ok

17:13:59.0843 0x12ac BVRPMPR5 - ok

17:13:59.0906 0x12ac [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

17:13:59.0984 0x12ac cbidf2k - ok

17:14:00.0000 0x12ac cd20xrnt - ok

17:14:00.0062 0x12ac [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

17:14:00.0218 0x12ac Cdaudio - ok

17:14:00.0312 0x12ac [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

17:14:00.0328 0x12ac Cdfs - ok

17:14:00.0390 0x12ac [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

17:14:00.0578 0x12ac Cdrom - ok

17:14:00.0578 0x12ac Changer - ok

17:14:00.0625 0x12ac [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe

17:14:00.0812 0x12ac CiSvc - ok

17:14:00.0859 0x12ac [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

17:14:01.0093 0x12ac ClipSrv - ok

17:14:01.0265 0x12ac [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

17:14:01.0375 0x12ac clr_optimization_v2.0.50727_32 - ok

17:14:01.0406 0x12ac [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys

17:14:01.0546 0x12ac CmBatt - ok

17:14:01.0578 0x12ac CmdIde - ok

17:14:01.0593 0x12ac [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys

17:14:01.0625 0x12ac Compbatt - ok

17:14:01.0625 0x12ac COMSysApp - ok

17:14:01.0687 0x12ac Cpqarray - ok

17:14:01.0718 0x12ac [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

17:14:01.0921 0x12ac CryptSvc - ok

17:14:01.0937 0x12ac dac2w2k - ok

17:14:01.0968 0x12ac dac960nt - ok

17:14:02.0031 0x12ac [ 4B64F8D199B5DCC7CB828ACA8C7626D5, 29B3A3269F24EB81A24F8749785FD5EC65F24B29D92D414621D1E9147AA30E48 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

17:14:02.0062 0x12ac DcomLaunch - ok

17:14:02.0156 0x12ac [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

17:14:02.0171 0x12ac Dhcp - ok

17:14:02.0203 0x12ac [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

17:14:02.0250 0x12ac Disk - ok

17:14:02.0359 0x12ac [ EE4325BECEF51B8C32B4329097E4F301, 5873A6373AC55756B0FD9B2262D68BB4ABF03A2963C39B1B59368A04B4AFF01B ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS

17:14:02.0500 0x12ac DLABOIOM - ok

17:14:02.0531 0x12ac [ D979BEBCF7EDCC9C9EE1857D1A68C67B, 936450704E4F2ADA6FB87F827C042FEC67F67C83D361F858F5F41AA6E8B7256D ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

17:14:02.0531 0x12ac DLACDBHM - ok

17:14:02.0531 0x12ac [ 1E6C6597833A04C2157BE7B39EA92CE1, C4808527160882DF12D743CFCC86E3989DF4DEBC9376515346986C9D1C18ED95 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS

17:14:02.0640 0x12ac DLADResN - ok

17:14:02.0656 0x12ac [ 752376E109A090970BFA9722F0F40B03, 749CF9E8BA96779C93163FDB4A66348A72674515CB24EFE9CA4C62834BB11131 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS

17:14:02.0859 0x12ac DLAIFS_M - ok

17:14:02.0906 0x12ac [ 62EE7902E74B90BF1CCC4643FC6C07A7, 2BEA5F54E4050EBD811C4291DB99842C401C11D74787A1B41A0CDFB7DDCE6705 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS

17:14:03.0031 0x12ac DLAOPIOM - ok

17:14:03.0078 0x12ac [ 5C220124C5AFEAEE84A9BB89D685C17B, B1B0F7FC7342026859113DFFD4DE8891C64F2623C23B347A665917A709A23D31 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS

17:14:03.0187 0x12ac DLAPoolM - ok

17:14:03.0187 0x12ac [ 7EE0852AE8907689DF25049DCD2342E8, A5F08D78200F5CB02539C87EA574EB34F0C330C290D7BE5D21ED42B0E04E5CF4 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS

17:14:03.0218 0x12ac DLARTL_N - ok

17:14:03.0265 0x12ac [ 4EBB78D9BBF072119363B35B9B3E518F, D8CEF470451E883329B6AF0A4907A96454DF4ABF27271EE891D604D418BB0A69 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS

17:14:03.0421 0x12ac DLAUDFAM - ok

17:14:03.0453 0x12ac [ 333B770E52D2CEA7BD86391120466E43, DE21CC096B64B491A8DA3BBC3EF095C00A53D5EA0CC4B6440F5DE1E0BDB7C40A ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS

17:14:03.0718 0x12ac DLAUDF_M - ok

17:14:03.0718 0x12ac dmadmin - ok

17:14:03.0890 0x12ac [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

17:14:04.0406 0x12ac dmboot - ok

17:14:04.0484 0x12ac [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys

17:14:04.0734 0x12ac dmio - ok

17:14:04.0796 0x12ac [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys

17:14:04.0968 0x12ac dmload - ok

17:14:05.0000 0x12ac [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll

17:14:05.0125 0x12ac dmserver - ok

17:14:05.0156 0x12ac [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

17:14:05.0281 0x12ac DMusic - ok

17:14:05.0343 0x12ac [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

17:14:05.0531 0x12ac Dnscache - ok

17:14:05.0671 0x12ac [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

17:14:06.0359 0x12ac Dot3svc - ok

17:14:06.0359 0x12ac dpti2o - ok

17:14:06.0406 0x12ac [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

17:14:06.0453 0x12ac drmkaud - ok

17:14:06.0531 0x12ac [ FD0F95981FEF9073659D8EC58E40AA3C, 9EF2D538A90276DFF72BCE0E9A3AF50E607F2FD17B9EE46506156FBF3FC9E970 ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

17:14:06.0546 0x12ac DRVMCDB - ok

17:14:06.0609 0x12ac [ B4869D320428CDC5EC4D7F5E808E99B5, A84D1D65E84C0B17CE48188AD95DF52E1FEF785E6C6415E028CB5F7F4F31C466 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

17:14:06.0625 0x12ac DRVNDDM - ok

17:14:06.0718 0x12ac [ C9FFBD6B8EDC46CD3D13E3C6DB914FB7, E57ADB1A14086EA264526E5AFD85A1EAA5BC2395A282F58250627911E9F00A8C ] DVD-RAM_Service C:\WINDOWS\system32\DVDRAMSV.exe

17:14:07.0593 0x12ac DVD-RAM_Service - ok

17:14:07.0656 0x12ac [ 2646883E6DD867CD872D5B51B6036710, BED2BC63B2C2822D9D08F25A1E57D4DE0B039CC6ABA8B8159C86D05A6EC371D2 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys

17:14:07.0671 0x12ac E100B - ok

17:14:07.0750 0x12ac [ E1FA10ED8F9F700C1BE1EAE05A80EF57, F3A7CA45F495723260B25E383206275471B31BFABADB6BDB802BA06359577DF0 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys

17:14:07.0765 0x12ac e1express - ok

17:14:07.0843 0x12ac [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll

17:14:08.0140 0x12ac EapHost - ok

17:14:08.0218 0x12ac [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll

17:14:08.0328 0x12ac ERSvc - ok

17:14:08.0390 0x12ac [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe

17:14:08.0671 0x12ac Eventlog - ok

17:14:08.0781 0x12ac [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\System32\es.dll

17:14:09.0328 0x12ac EventSystem - ok

17:14:09.0484 0x12ac [ 56DED3ADE453272E6A0AD582D945D1A4, 771D895D82564A8518567D1745122CB8A1F4520F46A6716933D310E1AC36A150 ] EvtEng C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

17:14:09.0765 0x12ac EvtEng - ok

17:14:09.0859 0x12ac [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

17:14:10.0078 0x12ac Fastfat - ok

17:14:10.0218 0x12ac [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

17:14:10.0437 0x12ac FastUserSwitchingCompatibility - ok

17:14:10.0515 0x12ac [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax C:\WINDOWS\system32\fxssvc.exe

17:14:10.0781 0x12ac Fax - ok

17:14:10.0843 0x12ac [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys

17:14:10.0984 0x12ac Fdc - ok

17:14:11.0000 0x12ac [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys

17:14:11.0140 0x12ac Fips - ok

17:14:11.0156 0x12ac [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys

17:14:11.0359 0x12ac Flpydisk - ok

17:14:11.0421 0x12ac [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

17:14:11.0421 0x12ac FltMgr - ok

17:14:11.0546 0x12ac [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

17:14:11.0656 0x12ac FontCache3.0.0.0 - ok

17:14:11.0718 0x12ac [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

17:14:11.0812 0x12ac Fs_Rec - ok

17:14:11.0843 0x12ac [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

17:14:11.0843 0x12ac Ftdisk - ok

17:14:11.0937 0x12ac [ 9D28B83E5830C143C37D6678C7409304, D363BA57728CEA4203E6D5EC38FB9A4F83754CA7772513D1FAEBB75A00EDD7F0 ] GoToAssist C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe

17:14:12.0000 0x12ac GoToAssist - ok

17:14:12.0046 0x12ac [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

17:14:12.0218 0x12ac Gpc - ok

17:14:12.0468 0x12ac [ D956358054E99E6FFAC69CD87E893A89, 91CDDEDBAB9E0E4DED1465DA2364F4281E54A7E4645B61CC19B26053A4047314 ] grmnusb C:\WINDOWS\system32\drivers\grmnusb.sys

17:14:12.0578 0x12ac grmnusb - ok

17:14:12.0687 0x12ac [ CC839E8D766CC31A7710C9F38CF3E375, 327D57F18B4A2D1CB06C5682D3364097ECD3CF40C2719AA1F41D0B49A26003E4 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

17:14:12.0703 0x12ac gusvc - ok

17:14:12.0765 0x12ac [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

17:14:12.0765 0x12ac HDAudBus - ok

17:14:12.0890 0x12ac [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

17:14:13.0046 0x12ac helpsvc - ok

17:14:13.0078 0x12ac HidServ - ok

17:14:13.0156 0x12ac [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys

17:14:13.0265 0x12ac HidUsb - ok

17:14:13.0312 0x12ac [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

17:14:13.0578 0x12ac hkmsvc - ok

17:14:13.0593 0x12ac hpn - ok

17:14:13.0687 0x12ac [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys

17:14:13.0718 0x12ac HPZid412 - ok

17:14:13.0750 0x12ac [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

17:14:13.0765 0x12ac HPZipr12 - ok

17:14:13.0796 0x12ac [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys

17:14:13.0859 0x12ac HPZius12 - ok

17:14:13.0906 0x12ac [ 937031C085718C1C04A9C0864625EC6B, B812A70063750090202D646F466BD7F0377413F74AD109F8097CB2A1FB42466B ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

17:14:13.0921 0x12ac HTTP - ok

17:14:13.0968 0x12ac [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

17:14:14.0078 0x12ac HTTPFilter - ok

17:14:14.0078 0x12ac i2omgmt - ok

17:14:14.0093 0x12ac i2omp - ok

17:14:14.0171 0x12ac [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

17:14:14.0375 0x12ac i8042prt - ok

17:14:14.0578 0x12ac [ BC1F1FF8D5800398937966CDB0A97FDC, 3525AA809E23252A1CED4A5BE09184C21D007F0C0E762450E0A2CC3EC55CAA5D ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

17:14:14.0734 0x12ac ialm - ok

17:14:15.0000 0x12ac [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

17:14:15.0109 0x12ac idsvc - ok

17:14:15.0703 0x12ac [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

17:14:15.0906 0x12ac Imapi - ok

17:14:16.0406 0x12ac [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\System32\imapi.exe

17:14:16.0703 0x12ac ImapiService - ok

17:14:16.0765 0x12ac ini910u - ok

17:14:17.0187 0x12ac [ B12A9FC49CD2765A43829D834F518AED, 3D465807766A79483881E00E1BC01E5565FED8D716C529889FB00CEE341B80C7 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

17:14:18.0171 0x12ac IntcAzAudAddService - ok

17:14:18.0250 0x12ac IntelIde - ok

17:14:18.0390 0x12ac [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

17:14:18.0609 0x12ac intelppm - ok

17:14:18.0718 0x12ac [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys

17:14:19.0125 0x12ac Ip6Fw - ok

17:14:19.0562 0x12ac [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

17:14:19.0734 0x12ac IpFilterDriver - ok

17:14:19.0796 0x12ac [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

17:14:20.0109 0x12ac IpInIp - ok

17:14:20.0281 0x12ac [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

17:14:20.0296 0x12ac IpNat - ok

17:14:20.0359 0x12ac [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

17:14:20.0609 0x12ac IPSec - ok

17:14:20.0687 0x12ac [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

17:14:20.0828 0x12ac IRENUM - ok

17:14:20.0859 0x12ac [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

17:14:20.0859 0x12ac isapnp - ok

17:14:20.0968 0x12ac [ F59C3569A2F2C464BB78CB1BDCDCA55E, 7E24D866510DD2AE158E9C3B84133BF2B6A7202DEE23A4154C996ADBBEDA72FF ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys

17:14:20.0984 0x12ac Iviaspi - ok

17:14:21.0046 0x12ac [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

17:14:21.0203 0x12ac Kbdclass - ok

17:14:21.0250 0x12ac [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

17:14:21.0375 0x12ac kmixer - ok

17:14:21.0421 0x12ac [ 00C1EA8DECF810B8ECCB5C5A8186A96E, D1F5EDB6EE609EE73EAEFBD52714911E4CCC72E7C09095383A9C638BB3AAF35B ] KR10N C:\WINDOWS\system32\drivers\KR10N.sys

17:14:21.0468 0x12ac KR10N - ok

17:14:21.0531 0x12ac [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

17:14:21.0593 0x12ac KSecDD - ok

17:14:21.0640 0x12ac [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

17:14:22.0031 0x12ac lanmanserver - ok

17:14:22.0093 0x12ac [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

17:14:22.0390 0x12ac lanmanworkstation - ok

17:14:22.0390 0x12ac lbrtfdc - ok

17:14:22.0515 0x12ac [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

17:14:22.0718 0x12ac LmHosts - ok

17:14:22.0734 0x12ac lmimirr - ok

17:14:22.0734 0x12ac lxcg_device - ok

17:14:22.0937 0x12ac [ 7EFAC183A25B30FB5D64CC9D484B1EB6, F0CD7A980E0241AF8E97008BF65D2FEDD191A9023AD4948806DFB571B2836DA6 ] meiudf C:\WINDOWS\system32\Drivers\meiudf.sys

17:14:22.0953 0x12ac meiudf - ok

17:14:22.0968 0x12ac [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll

17:14:23.0234 0x12ac Messenger - ok

17:14:23.0406 0x12ac [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

17:14:23.0546 0x12ac mnmdd - ok

17:14:23.0578 0x12ac [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

17:14:23.0906 0x12ac mnmsrvc - ok

17:14:23.0937 0x12ac [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys

17:14:23.0937 0x12ac Modem - ok

17:14:23.0953 0x12ac [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

17:14:24.0000 0x12ac Mouclass - ok

17:14:24.0062 0x12ac [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

17:14:24.0218 0x12ac mouhid - ok

17:14:24.0390 0x12ac [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

17:14:24.0453 0x12ac MountMgr - ok

17:14:24.0640 0x12ac [ 24406D75B40F0F6B3C1AC7031D734565, B58AA80E9C3738CFD826D7C8129D5467166A4397CCFEEEF7F14542DEBB659A51 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys

17:14:24.0640 0x12ac MpFilter - ok

17:14:24.0656 0x12ac mraid35x - ok

17:14:24.0796 0x12ac [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

17:14:24.0859 0x12ac MRxDAV - ok

17:14:25.0000 0x12ac [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

17:14:25.0125 0x12ac MRxSmb - ok

17:14:25.0187 0x12ac [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe

17:14:25.0406 0x12ac MSDTC - ok

17:14:25.0515 0x12ac [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

17:14:25.0515 0x12ac Msfs - ok

17:14:25.0515 0x12ac MSIServer - ok

17:14:25.0546 0x12ac [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

17:14:25.0765 0x12ac MSKSSRV - ok

17:14:25.0859 0x12ac [ 0A7F86657755ADA92C57E597BF5151F7, E226DFF12C4930DF1D0F1D2E7CE7BFFDF62F6DC402200EEFE196D14172A59B63 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

17:14:25.0890 0x12ac MsMpSvc - ok

17:14:25.0984 0x12ac [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

17:14:26.0093 0x12ac MSPCLOCK - ok

17:14:26.0156 0x12ac [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

17:14:26.0281 0x12ac MSPQM - ok

17:14:26.0359 0x12ac [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

17:14:26.0359 0x12ac mssmbios - ok

17:14:26.0406 0x12ac [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

17:14:26.0421 0x12ac Mup - ok

17:14:26.0593 0x12ac [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll

17:14:27.0328 0x12ac napagent - ok

17:14:27.0421 0x12ac [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

17:14:27.0468 0x12ac NDIS - ok

17:14:27.0546 0x12ac [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

17:14:27.0687 0x12ac NdisTapi - ok

17:14:27.0734 0x12ac [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

17:14:27.0828 0x12ac Ndisuio - ok

17:14:27.0828 0x12ac [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

17:14:28.0046 0x12ac NdisWan - ok

17:14:28.0093 0x12ac [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

17:14:28.0328 0x12ac NDProxy - ok

17:14:28.0359 0x12ac Net Driver HPZ12 - ok

17:14:28.0390 0x12ac [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

17:14:28.0390 0x12ac NetBIOS - ok

17:14:28.0421 0x12ac [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

17:14:28.0953 0x12ac NetBT - ok

17:14:29.0000 0x12ac [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe

17:14:31.0484 0x12ac NetDDE - ok

17:14:31.0484 0x12ac [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

17:14:31.0500 0x12ac NetDDEdsdm - ok

17:14:31.0562 0x12ac [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\System32\lsass.exe

17:14:31.0781 0x12ac Netlogon - ok

17:14:31.0843 0x12ac [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll

17:14:31.0859 0x12ac Netman - ok

17:14:31.0984 0x12ac [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

17:14:32.0062 0x12ac NetTcpPortSharing - ok

17:14:32.0140 0x12ac [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys

17:14:32.0156 0x12ac NIC1394 - ok

17:14:32.0296 0x12ac [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll

17:14:32.0312 0x12ac Nla - ok

17:14:32.0328 0x12ac [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

17:14:32.0359 0x12ac Npfs - ok

17:14:32.0484 0x12ac [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

17:14:32.0515 0x12ac Ntfs - ok

17:14:32.0562 0x12ac [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\System32\lsass.exe

17:14:32.0578 0x12ac NtLmSsp - ok

17:14:32.0796 0x12ac [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

17:14:33.0125 0x12ac NtmsSvc - ok

17:14:33.0156 0x12ac [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys

17:14:33.0359 0x12ac Null - ok

17:14:33.0421 0x12ac [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

17:14:33.0546 0x12ac NwlnkFlt - ok

17:14:33.0625 0x12ac [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

17:14:33.0750 0x12ac NwlnkFwd - ok

17:14:33.0812 0x12ac [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys

17:14:33.0812 0x12ac ohci1394 - ok

17:14:33.0921 0x12ac [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

17:14:33.0953 0x12ac ose - ok

17:14:34.0015 0x12ac [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\drivers\Parport.sys

17:14:34.0187 0x12ac Parport - ok

17:14:34.0203 0x12ac [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

17:14:34.0203 0x12ac PartMgr - ok

17:14:34.0281 0x12ac [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

17:14:34.0375 0x12ac ParVdm - ok

17:14:34.0390 0x12ac [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

17:14:34.0421 0x12ac PCI - ok

17:14:34.0437 0x12ac PCIDump - ok

17:14:34.0453 0x12ac [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

17:14:34.0453 0x12ac PCIIde - ok

17:14:34.0500 0x12ac [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys

17:14:34.0500 0x12ac Pcmcia - ok

17:14:34.0500 0x12ac PDCOMP - ok

17:14:34.0515 0x12ac PDFRAME - ok

17:14:34.0546 0x12ac PDRELI - ok

17:14:34.0546 0x12ac PDRFRAME - ok

17:14:34.0562 0x12ac perc2 - ok

17:14:34.0562 0x12ac perc2hib - ok

17:14:34.0656 0x12ac [ 6C1618A07B49E3873582B6449E744088, 4C56C042830E0E3A7EE15E6C074D788AE2D6EF2D0901DC1497DA8C4E5D867839 ] Pfc C:\WINDOWS\system32\drivers\pfc.sys

17:14:34.0812 0x12ac Pfc - ok

17:14:34.0843 0x12ac [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe

17:14:34.0859 0x12ac PlugPlay - ok

17:14:34.0875 0x12ac Pml Driver HPZ12 - ok

17:14:34.0906 0x12ac [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\System32\lsass.exe

17:14:34.0906 0x12ac PolicyAgent - ok

17:14:34.0921 0x12ac [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

17:14:35.0046 0x12ac PptpMiniport - ok

17:14:35.0078 0x12ac [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys

17:14:35.0078 0x12ac Processor - ok

17:14:35.0140 0x12ac [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

17:14:35.0140 0x12ac ProtectedStorage - ok

17:14:35.0156 0x12ac [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

17:14:35.0515 0x12ac PSched - ok

17:14:35.0531 0x12ac [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

17:14:35.0687 0x12ac Ptilink - ok

17:14:35.0765 0x12ac [ 86724469CD077901706854974CD13C3E, 23C6B45928E43AC2893033DFC4265C2C87B3D185CB20553B9EAB818A46FB8C18 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys

17:14:35.0765 0x12ac PxHelp20 - ok

17:14:35.0781 0x12ac ql1080 - ok

17:14:35.0781 0x12ac Ql10wnt - ok

17:14:35.0812 0x12ac ql12160 - ok

17:14:35.0812 0x12ac ql1240 - ok

17:14:35.0843 0x12ac ql1280 - ok

17:14:35.0890 0x12ac [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

17:14:35.0906 0x12ac RasAcd - ok

17:14:36.0000 0x12ac [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll

17:14:36.0203 0x12ac RasAuto - ok

17:14:36.0250 0x12ac [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

17:14:36.0328 0x12ac Rasl2tp - ok

17:14:36.0390 0x12ac [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll

17:14:36.0875 0x12ac RasMan - ok

17:14:36.0906 0x12ac [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

17:14:37.0078 0x12ac RasPppoe - ok

17:14:37.0093 0x12ac [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

17:14:37.0218 0x12ac Raspti - ok

17:14:37.0250 0x12ac [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

17:14:37.0265 0x12ac Rdbss - ok

17:14:37.0265 0x12ac [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

17:14:37.0375 0x12ac RDPCDD - ok

17:14:37.0500 0x12ac [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

17:14:37.0531 0x12ac RDPWD - ok

17:14:37.0640 0x12ac [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

17:14:38.0250 0x12ac RDSessMgr - ok

17:14:38.0328 0x12ac [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

17:14:38.0546 0x12ac redbook - ok

17:14:38.0593 0x12ac [ 1B2857EF12D79A9F9ADBA14B0637CBF8, A4F825F955B03F555D87E9583AF07786724777BC6EBB4315181019FF20847AA3 ] RegSrvc C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

17:14:39.0171 0x12ac RegSrvc - ok

17:14:39.0281 0x12ac [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

17:14:39.0687 0x12ac RemoteAccess - ok

17:14:39.0750 0x12ac [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\System32\locator.exe

17:14:39.0953 0x12ac RpcLocator - ok

17:14:40.0015 0x12ac [ 4B64F8D199B5DCC7CB828ACA8C7626D5, 29B3A3269F24EB81A24F8749785FD5EC65F24B29D92D414621D1E9147AA30E48 ] RpcSs C:\WINDOWS\system32\rpcss.dll

17:14:40.0062 0x12ac RpcSs - ok

17:14:40.0093 0x12ac [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\System32\rsvp.exe

17:14:40.0359 0x12ac RSVP - ok

17:14:40.0468 0x12ac [ 6C5155CC0E805C7BE6028BFF7AC14524, 089AB4DB0B499F768631A16654BA10229100A28822A348807318C37FE689D2DC ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

17:14:41.0578 0x12ac S24EventMonitor - ok

17:14:41.0609 0x12ac [ 1CC074E0D48383D4E9BFFC6A26C2A58A, 8311DC2601DC5CBE90774822D05D00BDF2A169C2A1ACB8CCE7B8D93743374E9B ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys

17:14:41.0718 0x12ac s24trans - ok

17:14:41.0734 0x12ac [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe

17:14:41.0734 0x12ac SamSs - ok

17:14:41.0796 0x12ac [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

17:14:41.0984 0x12ac SCardSvr - ok

17:14:42.0078 0x12ac [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll

17:14:42.0343 0x12ac Schedule - ok

17:14:42.0406 0x12ac [ 8D04819A3CE51B9EB47E5689B44D43C4, B0588AF967A7611F05BC8A8AD0C945DBB7BF995D7DA5C28FD0D007E33BF1F502 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys

17:14:42.0593 0x12ac sdbus - ok

17:14:42.0625 0x12ac [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

17:14:42.0828 0x12ac Secdrv - ok

17:14:42.0906 0x12ac [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll

17:14:43.0171 0x12ac seclogon - ok

17:14:43.0250 0x12ac [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll

17:14:43.0312 0x12ac SENS - ok

17:14:43.0343 0x12ac [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\drivers\Serial.sys

17:14:43.0796 0x12ac Serial - ok

17:14:43.0875 0x12ac [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

17:14:43.0968 0x12ac Sfloppy - ok

17:14:44.0078 0x12ac [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

17:14:44.0578 0x12ac SharedAccess - ok

17:14:44.0625 0x12ac [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

17:14:44.0625 0x12ac ShellHWDetection - ok

17:14:44.0640 0x12ac Simbad - ok

17:14:44.0671 0x12ac Sparrow - ok

17:14:44.0687 0x12ac [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys

17:14:44.0796 0x12ac splitter - ok

17:14:44.0859 0x12ac [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe

17:14:46.0640 0x12ac Spooler - ok

17:14:46.0671 0x12ac [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

17:14:46.0687 0x12ac sr - ok

17:14:46.0781 0x12ac [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\System32\srsvc.dll

17:14:47.0265 0x12ac srservice - ok

17:14:47.0421 0x12ac [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

17:14:47.0437 0x12ac Srv - ok

17:14:47.0500 0x12ac [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

17:14:48.0062 0x12ac SSDPSRV - ok

17:14:48.0187 0x12ac [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll

17:14:49.0218 0x12ac stisvc - ok

17:14:49.0281 0x12ac [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

17:14:49.0421 0x12ac swenum - ok

17:14:49.0453 0x12ac [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

17:14:49.0781 0x12ac swmidi - ok

17:14:49.0859 0x12ac SwPrv - ok

17:14:49.0921 0x12ac [ 486A64AABD88E4E174681E89E9736BC9, 7B969ECF80592DD7D593CCAA3B1BB1601C3C3790C435E0B4E562529A718F36B8 ] Swupdtmr c:\TOSHIBA\IVP\swupdate\swupdtmr.exe

17:14:51.0328 0x12ac Swupdtmr - ok

17:14:51.0343 0x12ac symc810 - ok

17:14:51.0359 0x12ac symc8xx - ok

17:14:51.0375 0x12ac sym_hi - ok

17:14:51.0406 0x12ac sym_u3 - ok

17:14:51.0515 0x12ac [ E295FFFFF3AAF9A6A40B29497901908F, 4C613B9FD2EB42BE8A408F54003AB7870763C9706E653768CCB06E5DDC122D26 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys

17:14:51.0546 0x12ac SynTP - ok

17:14:51.0671 0x12ac [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

17:14:51.0796 0x12ac sysaudio - ok

17:14:51.0875 0x12ac [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

17:14:52.0421 0x12ac SysmonLog - ok

17:14:52.0593 0x12ac [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

17:14:52.0812 0x12ac TapiSrv - ok

17:14:52.0921 0x12ac [ 90861642FD6D8FAFB1408EE26FA93CB4, 1B0E25BE3B49927D4D06C6EE8D6A59E28FA4496E88BC747343A52C4E0595E233 ] TAPPSRV C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

17:14:53.0437 0x12ac TAPPSRV - ok

17:14:53.0484 0x12ac [ 7147B0575BCC93A6AB7D5C90F47C0B9F, 28B598F434705C2FAFE7E767254B05F9A8693F41FD666C155283DBE53D8A0357 ] tbiosdrv C:\WINDOWS\system32\DRIVERS\tbiosdrv.sys

17:14:53.0515 0x12ac tbiosdrv - ok

17:14:53.0593 0x12ac [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

17:14:53.0875 0x12ac Tcpip - ok

17:14:53.0921 0x12ac [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

17:14:53.0953 0x12ac TDPIPE - ok

17:14:53.0984 0x12ac [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

17:14:54.0046 0x12ac TDTCP - ok

17:14:54.0078 0x12ac [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

17:14:54.0140 0x12ac TermDD - ok

17:14:54.0312 0x12ac [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll

17:14:54.0812 0x12ac TermService - ok

17:14:54.0843 0x12ac [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll

17:14:54.0859 0x12ac Themes - ok

17:14:54.0953 0x12ac [ 244CFBFFDEFB77F3DF571A8CD108FC06, AE231555FF65CBE89EE7441E447162DAD942A8E7EA82B4BC2BE773C8F4D77C5B ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys

17:14:55.0031 0x12ac tifm21 - ok

17:14:55.0078 0x12ac TosIde - ok

17:14:55.0156 0x12ac [ CC069342EE0EAE55B32A0AE99CF6185C, B9015E22AEDE8447719BB6D8E173C491E64459D25F320138F1BFE521609220F8 ] tosrfec C:\WINDOWS\system32\DRIVERS\tosrfec.sys

17:14:55.0343 0x12ac tosrfec - ok

17:14:55.0375 0x12ac [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll

17:14:55.0515 0x12ac TrkWks - ok

17:14:55.0531 0x12ac [ 676DB15DDF2E0FF6EC03068DEA428B8B, B12DF330085C1E56B774D023C4DDDDDC774321F82BC26CCF36A92E825482533A ] TVALD C:\WINDOWS\system32\DRIVERS\NBSMI.sys

17:14:55.0734 0x12ac TVALD - ok

17:14:55.0765 0x12ac [ CC6763889198EF975B143D49789BCFA9, 555B8441DBDFC424C3EE95292225260AB419C66214C81CA43A77DB187CA139E1 ] Tvs C:\WINDOWS\system32\DRIVERS\Tvs.sys

17:14:56.0031 0x12ac Tvs - ok

17:14:56.0093 0x12ac [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

17:14:56.0156 0x12ac Udfs - ok

17:14:56.0203 0x12ac ultra - ok

17:14:56.0343 0x12ac [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf C:\WINDOWS\System32\wdfmgr.exe

17:14:56.0546 0x12ac UMWdf - ok

17:14:56.0640 0x12ac [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

17:14:56.0890 0x12ac Update - ok

17:14:56.0968 0x12ac [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll

17:14:57.0578 0x12ac upnphost - ok

17:14:57.0609 0x12ac [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe

17:14:57.0859 0x12ac UPS - ok

17:14:57.0906 0x12ac [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

17:14:58.0046 0x12ac usbccgp - ok

17:14:58.0093 0x12ac [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

17:14:58.0187 0x12ac usbehci - ok

17:14:58.0296 0x12ac [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

17:14:58.0515 0x12ac usbhub - ok

17:14:58.0546 0x12ac [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

17:14:58.0843 0x12ac usbprint - ok

17:14:58.0906 0x12ac [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

17:14:59.0031 0x12ac usbscan - ok

17:14:59.0062 0x12ac [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

17:14:59.0281 0x12ac USBSTOR - ok

17:14:59.0312 0x12ac [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys

17:14:59.0531 0x12ac usbuhci - ok

17:14:59.0562 0x12ac [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

17:14:59.0656 0x12ac VgaSave - ok

17:14:59.0671 0x12ac ViaIde - ok

17:14:59.0843 0x12ac [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

17:14:59.0843 0x12ac VolSnap - ok

17:15:00.0015 0x12ac [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe

17:15:00.0921 0x12ac VSS - ok

17:15:00.0953 0x12ac [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\System32\w32time.dll

17:15:01.0312 0x12ac W32Time - ok

17:15:01.0578 0x12ac [ B1F126E7E28877106D60E6FF3998D033, 1F59798DF18994AA720522CC5FBA5B79F9BD167DBBC2B9D670F796E1DFD10C0C ] w39n51 C:\WINDOWS\system32\DRIVERS\w39n51.sys

17:15:02.0046 0x12ac w39n51 - ok

17:15:02.0500 0x12ac [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

17:15:02.0812 0x12ac Wanarp - ok

17:15:02.0953 0x12ac [ 0A716C08CB13C3A8F4F51E882DBF7416, 66FFDC9151CB3676B5DF073431DE055E7F2CDA5722F7EAAC6EC45F2CF9910882 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys

17:15:03.0015 0x12ac wanatw - ok

17:15:03.0015 0x12ac WDICA - ok

17:15:03.0187 0x12ac [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

17:15:03.0562 0x12ac wdmaud - ok

17:15:03.0609 0x12ac [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll

17:15:03.0937 0x12ac WebClient - ok

17:15:04.0171 0x12ac [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

17:15:04.0562 0x12ac winmgmt - ok

17:15:04.0640 0x12ac [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll

17:15:04.0796 0x12ac WmdmPmSN - ok

17:15:04.0812 0x12ac WmdmPmSp - ok

17:15:04.0875 0x12ac [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe

17:15:05.0343 0x12ac WmiApSrv - ok

17:15:05.0406 0x12ac [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll

17:15:05.0703 0x12ac wscsvc - ok

17:15:05.0765 0x12ac [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll

17:15:05.0765 0x12ac wuauserv - ok

17:15:05.0906 0x12ac [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

17:15:05.0953 0x12ac WZCSVC - ok

17:15:06.0078 0x12ac [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll

17:15:06.0390 0x12ac xmlprov - ok

17:15:06.0437 0x12ac ================ Scan global ===============================

17:15:06.0500 0x12ac [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll

17:15:06.0734 0x12ac [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

17:15:07.0281 0x12ac [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

17:15:07.0328 0x12ac [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe

17:15:07.0328 0x12ac [ Global ] - ok

17:15:07.0343 0x12ac ================ Scan MBR ==================================

17:15:07.0375 0x12ac [ 09CE7397AF23D4C0B331B89D0297CC7E ] \Device\Harddisk0\DR0

17:15:08.0781 0x12ac \Device\Harddisk0\DR0 - ok

17:15:08.0781 0x12ac ================ Scan VBR ==================================

17:15:08.0812 0x12ac [ DD23D64304156E66B6EC5B3083482A2A ] \Device\Harddisk0\DR0\Partition1

17:15:08.0812 0x12ac \Device\Harddisk0\DR0\Partition1 - ok

17:15:08.0812 0x12ac Waiting for KSN requests completion. In queue: 220

17:15:09.0859 0x12ac Waiting for KSN requests completion. In queue: 220

17:15:10.0859 0x12ac Waiting for KSN requests completion. In queue: 220

17:15:11.0859 0x12ac Waiting for KSN requests completion. In queue: 220

17:15:12.0875 0x12ac Waiting for KSN requests completion. In queue: 47

17:15:14.0968 0x12ac AV detected via SS1: Microsoft Security Essentials, 4.3.0219.0, enabled, updated

17:15:15.0437 0x12ac Win FW state via NFM: enabled

17:15:18.0062 0x12ac ============================================================

17:15:18.0062 0x12ac Scan finished

17:15:18.0062 0x12ac ============================================================

17:15:18.0093 0x114c Detected object count: 0

17:15:18.0093 0x114c Actual detected object count: 0



#4 jephph

jephph
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 21 October 2013 - 08:10 PM

Having some trouble getting an MBAM scan to finish.  I set it to run while I went to work.  Got back, and the program had closed.  I started it again, and about half an hour in, the computer restarted by itself, saying "

DCOM Server Process Launcher terminated unexpectedly" I couldn't stop it from restarting.  I tried to run MBAM again, and this time it "quit unexpectedly".  I'll keep trying, and let you know.  Do you think I'd be better off trying to run a scan in safe mode?

#5 jephph

jephph
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 22 October 2013 - 05:13 AM

MBAM Log:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.21.03

Windows XP Service Pack 3 x86 NTFS (Safe Mode)
Internet Explorer 8.0.6001.18702
Admin :: JAKE [administrator]

10/21/2013 9:46:02 PM
mbam-log-2013-10-21 (21-46-02).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 365998
Time elapsed: 3 hour(s), 17 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:36 AM

Posted 22 October 2013 - 05:43 AM

Please perform the others please.

#7 jephph

jephph
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 22 October 2013 - 02:53 PM

Working on it.  I think the same thing happened again today.  I started a SUPERAntiSpyware scan before leaving for work.  Now, the program isn't open.  It probably restarted again.  I'll try to run it in safe mode also.



#8 jephph

jephph
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 22 October 2013 - 07:59 PM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/22/2013 at 07:28 PM

Application Version : 5.6.1040

Core Rules Database Version : 10848
Trace Rules Database Version: 8660

Scan type       : Complete Scan
Total Scan Time : 03:14:31

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned      : 223
Memory threats detected   : 0
Registry items scanned    : 34883
Registry threats detected : 0
File items scanned        : 59745
File threats detected     : 148

Adware.Tracking Cookie
 C:\Documents and Settings\Admin\Cookies\[email protected][1].txt [ /ad.yieldmanager ]
 C:\Documents and Settings\Admin\Cookies\[email protected][2].txt [ /ad.yieldmanager ]
 C:\Documents and Settings\Admin\Cookies\admin@questionmarket[2].txt [ /questionmarket ]
 C:\Documents and Settings\Admin\Cookies\admin@ru4[1].txt [ /ru4 ]
 C:\DOCUMENTS AND SETTINGS\ADMIN\Cookies\admin@windows-xp[2].txt [ Cookie:[email protected]/find-solutions/windows/windows-xp/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@1sadx[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@ru4[2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\TGXB12RI.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@fastclick[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@saymedia[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@media6degrees[2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@teen[3].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@revsci[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\QC8SWDJJ.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@doubleclick[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@eyeviewads[3].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@lucidmedia[3].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@findyouraccountingjob[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@clickshieldfilter[2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@collective-media[2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@amazon-adsystem[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@realmedia[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@lfstmedia[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@burstnet[2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@toppagefinder[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@apmebf[2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@pro-market[2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@elitedaily[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@latininsight[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\C90O7TBH.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@questionmarket[2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@roadandtrack[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@statcounter[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@tribalfusion[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@247realmedia[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@smartadserver[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][3].txt [ Cookie:[email protected]/zedo/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@adform[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][4].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@adsonar[1].txt [ Cookie:[email protected]/adserving ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@sharedcount[1].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@mediaforge[2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\system@entrepreneur[2].txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\0M07IAYN.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\3FLYX6FJ.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\4D5CZJWR.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\XTYE9U3O.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\7U796443.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\C39ZI9Z9.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\A3BPNPBG.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\3WNW2KW7.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\3ED1H73T.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\V0UNN8D5.txt [ Cookie:system@media6degrees.[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\0DZAKAH3.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\ST2HLKPS.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\DFW7IBIF.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\T108HG72.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\L3PVJEPY.txt [ Cookie:[email protected]/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\BQX0BGHO.txt [ Cookie:system@doubleclick.net/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\I80EP4SR.txt [ Cookie:system@www.findaset.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\F7ZOCX40.txt [ Cookie:system@eyeviewads.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\1FAQ9BSN.txt [ Cookie:system@lucidmedia.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\1A0ELC45.txt [ Cookie:system@clickshieldfilter.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\9M23MO00.txt [ Cookie:system@ads.pointroll.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\OM091M6Y.txt [ Cookie:system@realmedia.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\ENP002OD.txt [ Cookie:system@lfstmedia.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\O8V3B7TS.txt [ Cookie:system@www.burstbeacon.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\PQS4BUD7.txt [ Cookie:system@burstnet.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\LETDE2JF.txt [ Cookie:system@mediaforge.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\00I0N66J.txt [ Cookie:system@bs.serving-sys.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\YJ672E7H.txt [ Cookie:system@pro-market.net/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\92GEJ1TW.txt [ Cookie:system@t.pointroll.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\CY1T7JG3.txt [ Cookie:system@casalemedia.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\6LQN3Z6Q.txt [ Cookie:system@imrworldwide.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\73YOTRXK.txt [ Cookie:system@questionmarket.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\73X08VVG.txt [ Cookie:system@chitika.net/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\0IDAKARH.txt [ Cookie:system@network.realmedia.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\R8V0F3M7.txt [ Cookie:system@tribalfusion.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\MLR26M24.txt [ Cookie:system@247realmedia.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\4EDLVE67.txt [ Cookie:system@smartadserver.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\7FDGTOJO.txt [ Cookie:system@mm.chitika.net/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\01CWVMCM.txt [ Cookie:system@advertising.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\TFLPZNZY.txt [ Cookie:system@mshakers.rotator.hadj7.adjuggler.net/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\1FUKVNB9.txt [ Cookie:system@adform.net/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\0XL3QM04.txt [ Cookie:system@delivery.bluefinmediaads.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\HY39TVU2.txt [ Cookie:system@xertivemedia.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\YBVI6UUY.txt [ Cookie:system@collective-media.net/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\ZBIK69A2.txt [ Cookie:system@burstbeacon.com/ ]
 C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\143C21BK.txt [ Cookie:system@kontera.com/ ]
 cdn.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CYH5HNRS ]
 elitetv.elitedaily.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CYH5HNRS ]
 objects.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CYH5HNRS ]
 video-vcdn.fastclick.net [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CYH5HNRS ]
 www.entrepreneur.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CYH5HNRS ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\COOKIES\SYSTEM@AD.AUDITUDE[1].TXT [ /AD.AUDITUDE ]
 C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\COOKIES\SYSTEM@ADS.FEATURELINK[1].TXT [ /ADS.FEATURELINK ]
 cdn.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\QQCQCMY3 ]
 cdn2.baronsmedia.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\QQCQCMY3 ]
 core.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\QQCQCMY3 ]
 crackle.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\QQCQCMY3 ]
 elitetv.elitedaily.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\QQCQCMY3 ]
 objects.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\QQCQCMY3 ]
 tag.mediashakers.hiro.tv [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\QQCQCMY3 ]
 video-vcdn.fastclick.net [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\QQCQCMY3 ]
 www.crackle.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\QQCQCMY3 ]
 account.goodgamestudios.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 cdn.complexmedianetwork.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 cdn.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 cdn2.baronsmedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 click.searchnation.net [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 convoad.technoratimedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 core.insightexpressai.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 crackle.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 elitetv.elitedaily.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 media.outdoorchannel.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 media.spinmediavideo.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 media1.break.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 media5.break.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 mediagotylo.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 objects.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 s0.2mdn.net [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 secure-us.imrworldwide.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 tag.mediashakers.hiro.tv [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 video.unrulymedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 www.crackle.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 www.entrepreneur.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XWHBWLZU ]
 C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\COOKIES\SYSTEM@ADS.POINTROLL[4].TXT [ /ADS.POINTROLL ]


Edited by jephph, 22 October 2013 - 08:09 PM.


#9 jephph

jephph
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 23 October 2013 - 05:09 AM

GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-10-23 05:54:48
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 HTS541060G9SA00 rev.MB3OC60R 55.89GB
Running: x9wqzxs9.exe; Driver: C:\DOCUME~1\Admin\LOCALS~1\Temp\fgldypow.sys

---- System - GMER 2.1 ----

SSDT            \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS                                        ZwTerminateProcess [0xA9CD1640]

---- Kernel code sections - GMER 2.1 ----

init            C:\WINDOWS\system32\drivers\tifm21.sys                                                    entry point in "init" section [0xF6AD9EBF]

---- User code sections - GMER 2.1 ----

.text           C:\WINDOWS\system32\svchost.exe[1080] USER32.dll!DialogBoxParamW                          7E4247AB 5 Bytes  JMP 02373DA8
.text           C:\WINDOWS\system32\svchost.exe[1080] USER32.dll!DialogBoxIndirectParamW                  7E432072 5 Bytes  JMP 02373DA8
.text           C:\WINDOWS\system32\svchost.exe[1080] USER32.dll!MessageBoxIndirectW                      7E4664D5 5 Bytes  JMP 02372346
.text           C:\WINDOWS\system32\svchost.exe[1080] USER32.dll!MessageBoxW                              7E466534 5 Bytes  JMP 023723E5
.text           C:\WINDOWS\system32\svchost.exe[1080] ole32.dll!CoCreateInstance                          774FF1D4 1 Byte  [E9]
.text           C:\WINDOWS\system32\svchost.exe[1080] ole32.dll!CoCreateInstance                          774FF1D4 5 Bytes  JMP 023741D8
.text           C:\WINDOWS\system32\svchost.exe[1080] ole32.dll!CoGetClassObject                          7751522D 5 Bytes  JMP 02374202
.text           C:\WINDOWS\system32\svchost.exe[1080] WS2_32.dll!GetAddrInfoW                             71AB2899 5 Bytes  JMP 02373CE8
.text           C:\WINDOWS\system32\svchost.exe[1080] wininet.dll!HttpSendRequestA                        3D947021 5 Bytes  JMP 02373DB2
.text           C:\WINDOWS\system32\svchost.exe[1080] wininet.dll!HttpSendRequestW                        3D958B5E 5 Bytes  JMP 02373E3F
.text           C:\Program Files\Internet Explorer\iexplore.exe[1708] USER32.dll!DialogBoxParamW          7E4247AB 5 Bytes  JMP 3E215561 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[1708] USER32.dll!SetWindowsHookExW        7E42820F 5 Bytes  JMP 3E2E9B5D C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[1708] USER32.dll!CallNextHookEx           7E42B3C6 5 Bytes  JMP 3E2DD1CD C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[1708] USER32.dll!CreateWindowExW          7E42D0A3 5 Bytes  JMP 3E2EDBEC C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[1708] USER32.dll!UnhookWindowsHookEx      7E42D5F3 5 Bytes  JMP 3E2546CA C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[1708] USER32.dll!DialogBoxIndirectParamW  7E432072 5 Bytes  JMP 3E3E7997 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[1708] USER32.dll!MessageBoxIndirectA      7E43A082 5 Bytes  JMP 3E3E78C9 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[1708] USER32.dll!DialogBoxParamA          7E43B144 5 Bytes  JMP 3E3E7934 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[1708] USER32.dll!MessageBoxExW            7E450838 5 Bytes  JMP 3E3E779A C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[1708] USER32.dll!MessageBoxExA            7E45085C 5 Bytes  JMP 3E3E77FC C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[1708] USER32.dll!DialogBoxIndirectParamA  7E456D7D 5 Bytes  JMP 3E3E79FA C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[1708] USER32.dll!MessageBoxIndirectW      7E4664D5 5 Bytes  JMP 3E3E785E C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[1708] ole32.dll!CoCreateInstance          774FF1D4 5 Bytes  JMP 3E2EDC48 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[1708] ole32.dll!OleLoadFromStream         7752988B 5 Bytes  JMP 3E3E7CFF C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!DialogBoxParamW          7E4247AB 5 Bytes  JMP 3E215561 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!SetWindowsHookExW        7E42820F 5 Bytes  JMP 3E2E9B5D C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!CallNextHookEx           7E42B3C6 5 Bytes  JMP 3E2DD1CD C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!CreateWindowExW          7E42D0A3 5 Bytes  JMP 3E2EDBEC C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!UnhookWindowsHookEx      7E42D5F3 5 Bytes  JMP 3E2546CA C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!DialogBoxIndirectParamW  7E432072 5 Bytes  JMP 3E3E7997 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!MessageBoxIndirectA      7E43A082 5 Bytes  JMP 3E3E78C9 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!DialogBoxParamA          7E43B144 5 Bytes  JMP 3E3E7934 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!MessageBoxExW            7E450838 5 Bytes  JMP 3E3E779A C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!MessageBoxExA            7E45085C 5 Bytes  JMP 3E3E77FC C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!DialogBoxIndirectParamA  7E456D7D 5 Bytes  JMP 3E3E79FA C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!MessageBoxIndirectW      7E4664D5 5 Bytes  JMP 3E3E785E C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[3752] ole32.dll!CoCreateInstance          774FF1D4 5 Bytes  JMP 3E2EDC48 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[3752] ole32.dll!OleLoadFromStream         7752988B 5 Bytes  JMP 3E3E7CFF C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!DialogBoxParamW          7E4247AB 5 Bytes  JMP 3E215561 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!CreateWindowExW          7E42D0A3 5 Bytes  JMP 3E2EDBEC C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!DialogBoxIndirectParamW  7E432072 5 Bytes  JMP 3E3E7997 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!MessageBoxIndirectA      7E43A082 5 Bytes  JMP 3E3E78C9 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!DialogBoxParamA          7E43B144 5 Bytes  JMP 3E3E7934 C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!MessageBoxExW            7E450838 5 Bytes  JMP 3E3E779A C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!MessageBoxExA            7E45085C 5 Bytes  JMP 3E3E77FC C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!DialogBoxIndirectParamA  7E456D7D 5 Bytes  JMP 3E3E79FA C:\WINDOWS\system32\IEFRAME.dll
.text           C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!MessageBoxIndirectW      7E4664D5 5 Bytes  JMP 3E3E785E C:\WINDOWS\system32\IEFRAME.dll

---- Devices - GMER 2.1 ----

Device          \FileSystem\Udfs \UdfsCdRom                                                               DLAIFS_M.SYS
Device          \FileSystem\meiudf \MeiUDF_Disk                                                           DLAIFS_M.SYS
Device          \FileSystem\meiudf \MeiUDF_CdRom                                                          DLAIFS_M.SYS
Device          \FileSystem\Udfs \UdfsDisk                                                                DLAIFS_M.SYS

AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass0                                                   SynTP.sys
AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass1                                                   SynTP.sys

Device          \FileSystem\Cdfs \Cdfs                                                                    DLAIFS_M.SYS

---- Threads - GMER 2.1 ----

Thread          svchost.exe [1080:1152]                                                                   014E7120
Thread          iexplore.exe [1708:3464]                                                                  009D7120
Thread          iexplore.exe [3752:1984]                                                                  009D7120
Thread          iexplore.exe [4036:2784]                                                                  009D7120

---- EOF - GMER 2.1 ----



#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:36 AM

Posted 23 October 2013 - 05:23 AM

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


#11 jephph

jephph
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 23 October 2013 - 03:02 PM

# AdwCleaner v3.010 - Report created 23/10/2013 at 15:45:26
# Updated 20/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Admin - JAKE
# Running from : C:\Documents and Settings\Admin\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Documents and Settings\Admin\Application Data\Viewpoint

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

*************************

AdwCleaner[R0].txt - [3293 octets] - [23/10/2013 06:17:55]
AdwCleaner[S0].txt - [3282 octets] - [23/10/2013 15:45:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3342 octets] ##########



#12 jephph

jephph
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 23 October 2013 - 03:09 PM

Running JRT now.  Do you still want the MIniToolBox Log?



#13 jephph

jephph
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 23 October 2013 - 04:38 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Microsoft Windows XP x86
Ran by Admin on Wed 10/23/2013 at 16:10:47.90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 10/23/2013 at 17:33:24.42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#14 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:36 AM

Posted 23 October 2013 - 04:51 PM

Post the minitoolbox log, and how is the computer doing?

#15 jephph

jephph
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 23 October 2013 - 09:30 PM

Computer is still slow.  CPU usage still 99% by svchost.exe.  It's also using about 200MB of RAM.

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Admin (administrator) on 23-10-2013 at 17:51:56
Running from "C:\Documents and Settings\Admin\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
Windows IP ConfigurationCould not flush the DNS Resolver Cache: Function failed during execution.
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
1394 Net Adapter = 1394 Connection (Connected)
Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Connected)
Intel® PRO/100 VE Network Connection = Local Area Connection (Media disconnected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Wireless Network Connection"
 
set address name="Wireless Network Connection" source=dhcp 
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
Windows IP Configuration        Host Name . . . . . . . . . . . . : Jake        Primary Dns Suffix  . . . . . . . :         Node Type . . . . . . . . . . . . : Hybrid        IP Routing Enabled. . . . . . . . : No        WINS Proxy Enabled. . . . . . . . : No        DNS Suffix Search List. . . . . . : netgear.comEthernet adapter Wireless Network Connection:        Connection-specific DNS Suffix  . : netgear.com        Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection        Physical Address. . . . . . . . . : 00-13-02-5C-A9-61        Dhcp Enabled. . . . . . . . . . . : Yes        Autoconfiguration Enabled . . . . : Yes        IP Address. . . . . . . . . . . . : 192.168.254.36        Subnet Mask . . . . . . . . . . . : 255.255.255.0        Default Gateway . . . . . . . . . : 192.168.254.254        DHCP Server . . . . . . . . . . . : 192.168.254.254        DNS Servers . . . . . . . . . . . : 192.168.254.254        Lease Obtained. . . . . . . . . . : Wednesday, October 23, 2013 3:52:44 PM        Lease Expires . . . . . . . . . . : Thursday, October 24, 2013 3:52:44 PMEthernet adapter Local Area Connection:        Media State . . . . . . . . . . . : Media disconnected        Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection        Physical Address. . . . . . . . . : 00-A0-D1-44-76-E6DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.254.254
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Ping request could not find host google.com. Please check the name and try again.DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.254.254
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Ping request could not find host yahoo.com. Please check the name and try again.Pinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 02 5c a9 61 ...... Intel® PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport
0x3 ...00 a0 d1 44 76 e6 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.254.254  192.168.254.36  25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
    192.168.254.0    255.255.255.0   192.168.254.36  192.168.254.36  25
   192.168.254.36  255.255.255.255        127.0.0.1       127.0.0.1  25
  192.168.254.255  255.255.255.255   192.168.254.36  192.168.254.36  25
        224.0.0.0        240.0.0.0   192.168.254.36  192.168.254.36  25
  255.255.255.255  255.255.255.255   192.168.254.36               3  1
  255.255.255.255  255.255.255.255   192.168.254.36  192.168.254.36  1
Default Gateway:   192.168.254.254
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/23/2013 04:03:41 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.3.219.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
 
Error: (10/22/2013 07:28:14 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 4.3.219.0, P3 timeout, P4 1.1.10003.0, P5 fixed, P6 1 _ 1024, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
 
Error: (10/22/2013 06:19:56 AM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.75.0.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (10/22/2013 06:06:00 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 4.3.219.0, P3 timeout, P4 1.1.10003.0, P5 fixed, P6 1 _ 1024, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
 
Error: (10/21/2013 08:11:47 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.75.0.1, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00010f1e.
Processing media-specific event for [mbam.exe!ws!]
 
Error: (10/20/2013 02:29:47 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (10/20/2013 02:29:47 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (10/20/2013 00:35:52 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 -- Error 1704. An installation for Microsoft .NET Framework 2.0 Service Pack 2 is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?
 
Error: (10/20/2013 00:35:23 PM) (Source: HotFixInstaller) (User: )
Description: EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2729450, P2 1033, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 visualstudio8setup0, P10 visualstudio8setup1.
 
Error: (10/20/2013 00:35:22 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update 'KB2729450' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\Microsoft .NET Framework 2.0-KB2729450_20131020_163509156-Msi0.txt.
 
 
System errors:
=============
Error: (10/23/2013 06:06:49 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverKATIE-YERDONS-CNetBT_Tcpip_{58A0BD73-A3C
 
Error: (10/23/2013 03:53:39 PM) (Source: DCOM) (User: JAKE)
Description: DCOM got error "%%1058" attempting to start the service lxcg_device with arguments ""
in order to run the server:
{323CE21C-A448-40AA-BA74-7FCF1E44106E}
 
Error: (10/23/2013 03:53:37 PM) (Source: DCOM) (User: JAKE)
Description: DCOM got error "%%1058" attempting to start the service lxcg_device with arguments ""
in order to run the server:
{323CE21C-A448-40AA-BA74-7FCF1E44106E}
 
Error: (10/23/2013 03:53:35 PM) (Source: DCOM) (User: JAKE)
Description: DCOM got error "%%1058" attempting to start the service lxcg_device with arguments ""
in order to run the server:
{323CE21C-A448-40AA-BA74-7FCF1E44106E}
 
Error: (10/23/2013 03:52:55 PM) (Source: Service Control Manager) (User: )
Description: The Portable Media Serial Number service terminated with the following error: 
%%126
 
Error: (10/23/2013 03:52:55 PM) (Source: Service Control Manager) (User: )
Description: The Pml Driver HPZ12 service terminated with the following error: 
%%126
 
Error: (10/23/2013 03:52:55 PM) (Source: Service Control Manager) (User: )
Description: The Net Driver HPZ12 service terminated with the following error: 
%%126
 
Error: (10/23/2013 03:52:55 PM) (Source: Service Control Manager) (User: )
Description: The DNS Client service failed to start due to the following error: 
%%1053
 
Error: (10/23/2013 03:52:55 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the DNS Client service to connect.
 
Error: (10/22/2013 10:36:49 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0
 
 
Microsoft Office Sessions:
=========================
Error: (10/23/2013 04:03:41 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetryunspecifiedhardeningtelemetryhardeningtelemetrydisablertp4.3.219.0unspecifiedunspecifiedunspecifiedNILNILNIL
 
Error: (10/22/2013 07:28:14 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetrymicrosoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)4.3.219.0timeout1.1.10003.0fixed1 _ 10245 _ not bootNILNILNIL
 
Error: (10/22/2013 06:19:56 AM) (Source: Application Hang)(User: )
Description: mbam.exe1.75.0.1hungapp0.0.0.000000000
 
Error: (10/22/2013 06:06:00 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetrymicrosoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)4.3.219.0timeout1.1.10003.0fixed1 _ 10245 _ not bootNILNILNIL
 
Error: (10/21/2013 08:11:47 PM) (Source: Application Error)(User: )
Description: mbam.exe1.75.0.1ntdll.dll5.1.2600.605500010f1e
 
Error: (10/20/2013 02:29:47 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (10/20/2013 02:29:47 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (10/20/2013 00:35:52 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 -- Error 1704. An installation for Microsoft .NET Framework 2.0 Service Pack 2 is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?(NULL)(NULL)(NULL)
 
Error: (10/20/2013 00:35:23 PM) (Source: HotFixInstaller)(User: )
Description: visualstudio8setupmicrosoft .net framework 2.0-kb272945010331603msif9.0.40215.0installx86xp2711
 
Error: (10/20/2013 00:35:22 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft .NET Framework 2.0 Service Pack 2KB27294501603C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\Microsoft .NET Framework 2.0-KB2729450_20131020_163509156-Msi0.txt
 
 
=========================== Installed Programs ============================
 
ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.41612)
Ad-Aware SE Personal (Version: 1.06)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.175)
Adobe Reader 7.0 (Version: 7.0.0)
ArcSoft Software Suite
Bluetooth Stack for Windows by Toshiba (Version: v4.00.23(T))
CD/DVD Drive Acoustic Silencer (Version: 1.00.008)
DiskMax 4.56 (Version: 4.56)
DVD-RAM Driver (Version: 5.0.2.5)
Expired Cookies Cleaner v.1.03 (Version: 1.03)
GoToAssist 8.0.0.480
HPSSupply (Version: 100.0.170.000)
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.4436)
Intel® PRO Network Connections Drivers
Intel® PROSet/Wireless Software (Version: 10.01.0000)
InterVideo WinDVD Creator 2 (Version: 2.0.14.376)
InterVideo WinDVD for TOSHIBA (Version: 5.0-B11.533)
J2SE Runtime Environment 5.0 Update 4 (Version: 1.5.0.40)
Lexmark 2300 Series
Lexmark Fax Solutions
LiveUpdate 2.0 (Symantec Corporation) (Version: 2.0.39.0)
Macromedia Flash Player 8 (Version: 8.0.22.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
mCore (Version: 5.40.0000)
mDrWiFi (Version: 5.40.0000)
Metamail (Toshiba Registration Utility) (Version: 4.5)
mHelp (Version: 5.40.0000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office OneNote 2003 (Version: 11.0.8173.0)
Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.3.0219.0)
Microsoft Security Essentials (Version: 4.3.219.0)
Microsoft Works (Version: 08.05.0818)
mIWA (Version: 5.40.0000)
mLogView (Version: 5.40.0000)
mMHouse (Version: 5.40.0000)
mPfMgr (Version: 5.40.0000)
mPfWiz (Version: 5.40.0000)
mProSafe (Version: 9.00.0000)
MSN
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
mWlsSafe (Version: 9.00.0000)
mXML (Version: 5.40.0000)
MyConnect Special Offer (Version: 1.1.0)
mZConfig (Version: 5.40.0000)
Office 2003 Trial Assistant (Version: 1.0.0)
Quicken 2006 (Version: 15.1.4.5)
QuickTime
RealPlayer Basic
Realtek High Definition Audio Driver (Version: 2.02)
RoadRunner (Version: 9)
sat_screensaver_30mb
SD Secure Module (Version: 1.0.3)
Shop for HP Supplies (Version: 10.0)
Sonic DLA (Version: 5.2.0)
Sonic RecordNow! (Version: 7.31)
SUPERAntiSpyware (Version: 5.6.1040)
Synaptics Pointing Device Driver (Version: 8.2.9.0)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 1.16.0000)
TIPCI (Version: 1.16.0000)
TOSHIBA Assist
TOSHIBA Controls
TOSHIBA Hotkey Utility (Version: 1.00.01ST)
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver (Version: 7.03.07.I)
TOSHIBA SD Memory Card Format
TOSHIBA Software Modem (Version: 2.1.62 (SM2162ALD04))
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA TouchPad ON/Off Utility (Version: 1.00.01ST)
TOSHIBA Utilities (Version: 1.00.08ST)
TOSHIBA Virtual Sound
TOSHIBA Zooming Utility
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3 (Version: 20080414.031525)
Yahoo! Toolbar
 
========================= Memory info: ===================================
 
Percentage of memory in use: 46%
Total physical RAM: 1013.98 MB
Available physical RAM: 540.12 MB
Total Pagefile: 2444.14 MB
Available Pagefile: 1244.34 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.28 MB
 
========================= Partitions: =====================================
 
1 Drive c: (SQ004082P03) (Fixed) (Total:55.65 GB) (Free:33.48 GB) NTFS
3 Drive e: (GRTMPVOL_EN) (Removable) (Total:3.73 GB) (Free:3.1 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\JAKE
 
Admin                    Administrator            ASPNET                   
Guest                    HelpAssistant            LogMeInRemoteUser        
SUPPORT_388945a0         
 
 
**** End of log ****





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users